I would like to ask for an advice from clang developers about suppressing warnings from the static analyzer.
I am calling the analyzer directly from clang c++ compiler, with
clang++ --analyze. I am compiling a unit-test project that is using Google’s Gmock. I am getting a well known and described false positive:
So, I am trying to manually disable it by putting
// NOLINT in gmocks code. As a result, I still get the analyzer warning:
gtest/googlemock/include/gmock/gmock-spec-builders.h:1274:5: warning: Use of memory after it is freed
return function_mocker_->AddNewExpectation( // NOLINT
which I find quite surprising, because even in the warning message I get the text
// NOLINT but the bug is still not disabled.
Maybe someone could help me figure out what is going on. Can you not suppress warnings when running analyzer directly from clang c++ compiler? Or is there a different way for suppressing the analyzer warnings?
Unfortunately, the static analyzer do not support such methods for suppression at the moment.
But you can use 3rd party tools to achieve that. For example CodeChecker (https://github.com/Ericsson/codechecker/).
To add to what Gabor has mentioned:
The first two links you have posted refer to clang-tidy.
This is a different tool from clang static analyzer, and is maintained in a separate repository.
The main difference is that clang-tidy pattern-matches on AST,
while clang static analyzer performs symbolic execution.
Clang static analyzer does not parse “// NOLINT” comments, nor comments in general.
While this is a limitation, it can be also seen as a good thing, as it forces the actual executable code
to be a single canonical source of analysis results.
Strategies for dealing with false positives are described at the clang static analyzer webpage: http://clang-analyzer.llvm.org/faq.html,
without looking at the whole code it is hard to tell which one is the most applicable.