c++-analyzer warning question

Hi, I have some code that generates a warning when passed through c++analyzer and I am wondering if someone can help me understand it.

I have put the code for a toy example here https://github.com/dflogeras/analyzer

It uses CMake, I am building on (Gentoo) Linux using clang/LLVM 3.7.1 with GCC-4.9.3 headers. You can build it by doing the following:

  • Install CMake if needed, I’m using 3.5.2

  • Clone the repo

  • Inside the repo make a build dir for out of tree building, ie. path/to/analyzer/build

  • from within build/ run “CXX=c+±analyzer cmake … -DCMAKE_BUILD_TYPE=Release”

  • once finished, run make

You’ll (hopefully) see it generate the warning like

/usr/lib/gcc/x86_64-pc-linux-gnu/4.9.3/include/g+±v4/bits/unique_ptr.h:273:4: warning: Potential memory leak
return *this;

My question is, is this a proper warning? Are you not allowed to implicitly upcast a smart_ptr from the return of operator= ?

Thanks for any help, and sorry for any ignorance.


First of all, you shouldn't be calling the "c++-analyzer" executable directly. It shouldn't ideally be in your PATH. This script is intended to be run by a tool called "scan-build", which essentially does the "CXX=c++-analyzer" thing you're doing, just passing a lot of options to this script through its own environment variables.

Then scan-build provides html-reports in its output directory (as in http://clang-analyzer.llvm.org/ - second screenshot). You see that the report is not just a single warning - it consists of multiple diagnostic notes or "pieces". Without seeing these pieces, the warning message is essentially useless; because the analyzer is designed to find problems that occur on specific execution paths.

Once you have the detailed report, the warning should make much more sense to you (or maybe it'd disappear for some reason - at least for me your code produces no warnings) (or in the worst case at least you'd know that it was a false alarm by understanding what kind of mistake the analyzer makes).

There are other output modes apart from html, namely text (which dumps extra path notes as if there were clang note: diagnostics) and plist (which is machine-readable and only used for importing diagnostics into IDEs such as Xcode or Qt Creator which provide a graphical interface for the clang analyzer).

Ahh, OK sorry. If I re-try with a clean build dir:

scan-build cmake -DCMAKE_BUILD_TYPE=Release ..
scan-build make

I still see the aforementioned "Potential memory leak" on the console, but
at the end of the run scan-build says there are no reports, and removes the
output html directory.

Hello Dave,

CSA usually does not emit HTML diagnostics in headers. So, you will not get HTML report for this.

21.09.2016 15:34, Dave Flogeras via cfe-dev пишет:

More details: there is no cross-HTML diagnostics in clang now. Since the execution starts from the function in the source file (if no special option was set), we need to generate cross-file report for this. So, this warning is filtered out.

21.09.2016 15:40, Aleksei Sidorin via cfe-dev пишет:

Hi Aleksei