Clang: Suppress static analysis of system header files

Hi,

Is there any flag or option which suppresses static analyzer warnings for system or specified header files.

Regards,

Sujit Kamthe

image001.jpg

Productivity & FE | Automotive and Engineering SBU | KPITCummins Infosystems Ltd|Board: +91 20 66525000 | Extn:3102 |Mobile:7709076120

Hi Sujit,

Currently there is no such option. Since the static analyzer performs path sensitive checking, the underlining reason for an analyzer warning may not be at the line/file where the error is reported.

What is your use case for suppressing warnings in system/specified headers? Is there a particular warning you are trying to suppress?

Thanks,
Anna.

Hi Anna,

I want to suppress warnings for all the system header files which are referred e.g. stdio.h

It will be better if we have a flag to specify system header files in include path and all the files specified by this flag should be ignored.

e.g. clang –-analyze –systemIncludes “C:\Program Files\Microsoft Visual Studio 10.0\VC\include” –I “” test.c

Here include files specified by SystemIncludes flag can be ignored from generating static analysis warnings if it is being referred in some source file but warnings will be generated for files which are specified using –I flag

Sujit,

Can you provide us with an example that requires this option? Often warnings reported in the system headers are due to errors in user code.

Anna.

Hi Anna,

Let’s say I have implemented a static analysis check “FunctionNameChecker” which checks for the length of the function name and reports a violation if it is less than 3.

e.g. int do() will report a violation.

If there are any such functions in system headers like ‘stdio.h’ ‘conio.h’ etc, they should not be reported as violation just because the header files are being referred in source code, Otherwise it created long list of diagnostics which is not very useful.

On the other side if I have written my own header files and if I am referring those header files in my source code then any such violation should be reported.

That’s the reason I think there should be two options to specify header files (includes).

One for user written includes and another for system header includes.

Is adding a new flag required ? Clang already suppress some warnings in system headers.

Isn't possible to use the same information to skip such headers in your "FunctionNameChecker" analyze ?

By default, the analyzer does not analyze code in ANY headers, system or otherwise, with the idea that you don't want to see warnings in every file that includes the header. The exception to this rule is inlined functions that come from headers, and in that case you definitely do not want to ignore the header!

Yes, this could lead to the analyzer reporting issues that really are the headers' fault, but as Anna said it's just as likely that it's the caller's fault. Consider this hypothetical addition to string.h:

int isempty(const char *str) {
  return str[0] == '\0';
}

If you call this function with a null pointer, the analyzer will warn about it as a null dereference, but the problem is really the caller. And if you compiled and ran the program, it would indeed crash! So there is definitely value from warning here.

If you have an existing, concrete example (as in, you can attach the HTML file or an Xcode screenshot), then please file a bug at http://llvm.org/bugs/, but otherwise it seems difficult to have a meaningful discussion here.

Best,
Jordan

Hi Jordan,

I have written a ShortFunctionNameChecker.
Find the code below.

You should probably special case unnammed parameters in your analysis.
Though it's not the core of the problem, I agree.

-- Matthieu

Ah, thanks for catching this, Sujit! It turns out we were indeed forgetting to suppress analysis of /decls/ from system headers, even though we were not running path-sensitive checks on them. This should be fixed in r165635, with the following rules:

- Main source file: run both path-sensitive and non-path-sensitive checks.
- Header files: run non-path-sensitive checks only.
- System headers: don't run any checks.

Best,
Jordan