[tz] tzcode: uninitialized sp->charcnt gives clang analyzer warning
Paul Eggert
eggert at cs.ucla.edu
Wed Aug 11 09:43:33 UTC 2021
On 8/11/21 1:47 AM, Jan Engelhardt wrote:
> But I have a platform where malloc does set errno on failure, hence I
> am looking (only) at the -DHAVE_MALLOC_ERRNO=1 configuration and
> what clang outputs there.
Although the platform's malloc sets errno on failure, the static
analyzer incorrectly assumes otherwise. You can work around this problem
by compiling with -DHAVE_MALLOC_ERRNO=1 (the default) for the platform,
and by running the static analyzer with -DHAVE_MALLOC_ERRNO=0. Or, if
it's an absolute requirement to do static analysis and compilation with
the same flags and to get 100% clean reports, then use
-DHAVE_MALLOC_ERRNO=0 for both compilation and static analysis: although
this might lose some errno information at runtime, that's less important
than an absolute requirement and it's better than propagating junk errno
values. Alternatively, you can write a script to remove the incorrect
static-analyzer diagnostic, or simply ignore the diagnostic; this is a
very common thing to do in such situations.
Of course it would be better if the static analyzer didn't make
incorrect assumptions about the underlying platform. A bug report to the
Clang maintainers would be in order, if this problem is sufficiently
annoying.
There's nothing unusual about this sort of thing. I've run many static
analyses using Coverity, GCC, Clang, etc. and there are almost
invariably glitches where static analysis issues false alarms. And
although I've sent in my fair share of bug reports, this area continues
to be buggy. The thing to remember in cases like these is that static
analysis should be one's servant, not one's master.
More information about the tz
mailing list