On Thu, Oct 03, 2013 at 03:11:51PM +0200, Paul Menzel wrote: > using the Clang static analyzer scan-build from Debian Clang version > 3.4-1, the following warnings are printed.
> /usr/share/clang/scan-build/ccc-analyzer -O2 -g -c regress.c > regress.c:197:22: warning: The left operand of '<' is a garbage value > if (((resid[i-1] < 0.0) && (resid[i] < 0.0)) || > ~~~~~~~~~~ ^ > regress.c:197:42: warning: The left operand of '<' is a garbage value > if (((resid[i-1] < 0.0) && (resid[i] < 0.0)) || > ~~~~~~~~ ^ > regress.c:198:42: warning: The left operand of '>' is a garbage value > ((resid[i-1] > 0.0) && (resid[i] > 0.0))) { > ~~~~~~~~ ^ > regress.c:396:21: warning: The left operand of '>' is a garbage value > while (x[r] > piv) r--; > ~~~~ ^ Do you have more information about these? They look like false positives to me and I think Coverity scan was tripping on them too, possibly because there are values at negative index with the resid array. > /usr/share/clang/scan-build/ccc-analyzer -O2 -g -c cmdmon.c > cmdmon.c:1940:5: warning: Value stored to 'allowed' is never read > allowed = 0; Fixed. > /usr/share/clang/scan-build/ccc-analyzer -O2 -g -c keys.c > keys.c:263:7: warning: Function call argument is an uninitialized > value > LOG(LOGS_WARN, LOGF_Keys, "Detected duplicate key %lu", key_id); > ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ This is a real bug. Fixed. > /usr/share/clang/scan-build/ccc-analyzer -O2 -g -c manual.c > manual.c:176:54: warning: The left operand of '*' is a garbage value > samples[i].residual = offsets[i] - (b0 + agos[i] * b1); > ~~~~~~~ ^ Not sure about this one. > /usr/share/clang/scan-build/ccc-analyzer -O2 -g -c cmdparse.c > acquire.c:623:9: warning: Call to 'malloc' has an allocation size of > 0 bytes > eps = MallocArray(Endpoint, 2*n_sane_sources); > ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ I don't see a problem here. > acquire.c:689:54: warning: The left operand of '+' is a garbage value > estimated_offset = 0.5 * (intervals[index1].lo + > intervals[index2].hi); > ~~~~~~~~~~~~~~~~~~~~ ^ Not sure what's wrong here. > /usr/share/clang/scan-build/ccc-analyzer -O2 -g -c wrap_adjtimex.c > sys_linux.c:1164:14: warning: Access to field 'pw_gid' results in a > dereference of a null pointer (loaded from variable 'pw') > if (setgid(pw->pw_gid)) { > ^~~~~~~~~~ False positive. > /usr/share/clang/scan-build/ccc-analyzer -O2 -g -c rtc_linux.c > rtc_linux.c:675:7: warning: Branch condition evaluates to a garbage > value > if (valid) { > ^~~~~ Another real bug. Fixed. > /usr/share/clang/scan-build/ccc-analyzer -O2 -g -c getdate.c > getdate.c:1265:5: warning: Value stored to 'yymsg' is never read > yymsg = "Deleting"; > ^ ~~~~~~~~~~ This is a file generated by bison. > scan-build: 16 bugs found. > scan-build: Run 'scan-view > /srv/filme/src/chrony/scan-build/2013-10-03-130043-31884-1' to examine bug > reports. Does that command print more details? > I suggest to install it on your system yourself, as it also gives nice > Web pages where the steps are shown how to reach certain conditions. Unfortunately, Fedora doesn't have llvm-3.4 yet and with 3.3 I get no warnings. > Unfortunately, I do not know the code well enough to fix certain things, > so I just posted patches for the easy ones and hope somebody else finds > the time to address the other warnings. Thanks for the report! -- Miroslav Lichvar -- To unsubscribe email chrony-dev-requ...@chrony.tuxfamily.org with "unsubscribe" in the subject. For help email chrony-dev-requ...@chrony.tuxfamily.org with "help" in the subject. Trouble? Email listmas...@chrony.tuxfamily.org.