llvm/clang static analyzer reports

Stephan Bergmann sbergman at redhat.com
Thu Oct 29 13:32:44 UTC 2020


On 01/10/2020 08:59, Stephan Bergmann wrote:
> * For example, "Use-after-free" 
> 2020-09-30-155842-506845-1/report-366f11.html#EndPath (presumably along 
> with many, many other of the 827 Use-after-free) is clearly a false 
> positive:  While VclPtr::disposeAndClear holds
> 
>    ::rtl::Reference<reference_type> aTmp(m_rInnerRef);
> 
> the call to
> 
>    m_rInnerRef.clear();
> 
> cannot decrement m_rInnerRef's ref count to zero, so the following
> 
>    if (aTmp.get()) {
> 
> will /not/ access freed memory.  We would need some mechanism to filter 
> out such identified false positives, with whatever mechanism would be 
> suitable: an annotation in the source code, a modification of the 
> -analyzer-... command line options passed to clang, etc.  However, that 
> filtering should be done in an auditable way, so that we can later 
> discover that we are filtering false positives relating to a certain 
> location in the code, and can learn the rationale why those were 
> considered false positives.  (Something that can be a pain with the way 
> we use Coverity Scan, see below.)

For the record:  There is ongoing discussion on the Clang mailing list 
how to provide annotations for the static analyzer in the source code; 
thread starting at 
<http://lists.llvm.org/pipermail/cfe-dev/2020-October/067074.html> 
"[cfe-dev] [analyzer][RFC] Attribute(s) to enhance/configure the analysis".



More information about the LibreOffice mailing list