Re: Results of static analysis with clang static analyser

[Jens Gustedt <jens.gustedt@inria.fr>]

[-- Attachment #1: Type: text/plain, Size: 1687 bytes --]

Hello,

Am Freitag, den 25.09.2015, 11:35 -0400 schrieb Matt Avery:
> I'm not sure how keen you are to use asserts, but adding them helps
> the static analyzer not evaluate impossible paths.

I don't think that adding asserts is an option for musl. But for this
case at least which were discussing in particular, this really isn't
needed.

> From the docs:
> ALWAYS analyze a project in its "debug" configuration
> Most projects can be built in a "debug" mode that enables assertions.
> Assertions are picked up by the static analyzer to prune infeasible paths, which
> in some cases can greatly reduce the number of false positives (bogus error
> reports) emitted by the tool.
> 
> Adding an assert(tsd != 0) after the arithmetic operation,

No, here this is really not the right way to do. The test for tsd in
that code is just a check for a particular state of the algorithm,
nothing else. The easiest would really to avoid that completely, for
example the way that I did in the patch that I sent afterwards. There
is exactly one point were that state can be met, and we can just jump
from there. By that we'd avoid a conditional branch all along, making
static analysis even easier :)

> or even better,  assert(stack > __pthread_tsd_size) before should be enough?  

Hm, IIRC stack is a pointer and __pthread_tsd_size is an
integer?

Jens

-- 
:: INRIA Nancy Grand Est ::: Camus ::::::: ICube/ICPS :::
:: ::::::::::::::: office Strasbourg : +33 368854536   ::
:: :::::::::::::::::::::: gsm France : +33 651400183   ::
:: ::::::::::::::: gsm international : +49 15737185122 ::
:: http://icube-icps.unistra.fr/index.php/Jens_Gustedt ::





[-- Attachment #2: This is a digitally signed message part --]
[-- Type: application/pgp-signature, Size: 181 bytes --]