Does clang static analyzer UndefResultChecker.cpp has false positive?

Jean_Lee · October 20, 2013, 7:35am

#include <stdio.h>
void FunctionFread(const char* szFile)
{
FILE *fp = fopen(szFile, “rb”);
if (fp == NULL)
{
return;
}

int ofs[2], len;
int nReadNum = fread( ofs, sizeof(int), 2, fp );

if ( nReadNum != 2 )
{
fclose(fp);
return;
}

// warning: The left operand of ‘-’ is a garbage value
len = ofs[1] - ofs[0];
printf(“length=%d\n”, len);
fclose(fp);
}

Jean_Lee · October 20, 2013, 7:57am

My environment:
LLVM 3.3 + CLANG 3.3

Build command:

CHECKER="-enable-checker alpha.unix.Stream -enable-checker alpha.unix.SimpleStream -enable-checker alpha.core.SizeofPtr -enable-checker alpha.unix.cstring.BufferOverlap -enable-checker alpha.security.ArrayBoundV2 -enable-checker alpha.unix.PthreadLock"

scan-build-3.3 ${CHECKER} g++ static_analyzer.cpp -pthread

AnnaZaks · October 21, 2013, 3:45pm

I cannot reproduce this on latest clang (TOT) with or without the alpha checkers.

Also, most of the alpha checkers will have false positives and bugs.

Cheers,
Anna.

Jean_Lee · October 25, 2013, 1:16am

Thank you. I will try to compile clang to see the problem when I have spare time.

Cheers,
Jean.