Le 7 juil. 2010 à 20:35, Bill Bumgarner a écrit :
>> Is that generally true? I mean, first of all, false positives are a
>> well-known phenomenon with this static analyzer (the Web page at llvm.org
>> talks about this). Second, they do no harm. I get a false positive in *any*
>> of my apps that uses NSURLConnection, for example:
>
> Yup. That is really true. False positives are taken very seriously.
At the end, as I wrote, it turns out it was not really a false positive, but
the message was somewhat unclear (sibylline, is that English?). The warning has
gone away when I put the test before, so I assume this is normal and desired
behavior. However it does raise the question to know if the static analyzer can
figure out twisted initialization with functions such as memcpy.
The response as far I can fathom it out of a few simple tests is yes in most
cases but sometimes no.
The following code:
int main (int argc, const char * argv[]) {
NSAutoreleasePool * pool = [[NSAutoreleasePool alloc] init];
int foo;
int fee;
// insert code here...
NSLog(@"Hello, World!");
// memcpy (& fee, & foo, sizeof (foo));
Logit (fee);
[pool drain];
return 0;
}
correctly produces a warning about 'foo' not be used and the famous message
"Pass-by-value argument in function call is undefined" that should best be
written as "passED-by-value argument in function call is undefined" (as far as
my understanding of the English grammar goes).
Now, this code:
int main (int argc, const char * argv[]) {
NSAutoreleasePool * pool = [[NSAutoreleasePool alloc] init];
int foo;
int fee;
// insert code here...
NSLog(@"Hello, World!");
fee = foo;
// memcpy (& fee, & foo, sizeof (foo));
Logit (fee);
[pool drain];
return 0;
}
itches the analyzer with an "Assigned value is garbage or undefined" message on
the line fee = foo, which is nice. Was it right to cancel the warning about the
undefined parameter? That's questionable but admissible.
Now this version :
int main (int argc, const char * argv[]) {
NSAutoreleasePool * pool = [[NSAutoreleasePool alloc] init];
int foo;
int fee;
// insert code here...
NSLog(@"Hello, World!");
memcpy (& fee, & foo, sizeof (foo));
Logit (fee);
[pool drain];
return 0;
}
does not make the static analyzer protest, so I assume its default behavior is
to assume that any variable used as a destination of memcpy is initialized,
regardless of the source. But, IMO, we have already encroached on a semantic
realm beyond the reach of any decent general purpose code analyzer.
Vincent (with my excuses to the moderator for being also borderline as to the
contents. I swear I will post further responses off
list)._______________________________________________
Cocoa-dev mailing list ([email protected])
Please do not post admin requests or moderator comments to the list.
Contact the moderators at cocoa-dev-admins(at)lists.apple.com
Help/Unsubscribe/Update your Subscription:
http://lists.apple.com/mailman/options/cocoa-dev/archive%40mail-archive.com
This email sent to [email protected]
