Re: Clang 3.3 Analyzer Results

Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us> wrote:

> quite a lot of people have looked at Postgres with Coverity
> already.  If Clang is throwing up lots and lots of warnings, the
> odds are *very* high that most of them are false positives.
> Running through such a list to see if there's anything real isn't
> all that exciting a prospect.

Here is the summary of what was reported:

All Bugs:  313

API
  Argument with 'nonnull' attribute passed null:  13
Dead store
  Dead assignment:  65
  Dead increment:  11
Logic error
  Assigned value is garbage or undefined:  19
  Branch condition evaluates to a garbage value:  2
  Dereference of null pointer:  98
  Division by zero:  15
  Out-of-bound array access:  1
  Result of operation is garbage or undefined:  9
  Stack address stored into global variable:  1
  Uninitialized argument value:  74
Memory Error
  Double free:  1
  Memory leak:  1
Unix API
  Allocator sizeof operand mismatch:  3

Does anything stand out as something that is particularly worth
looking into?  Does anything here seem worth assuming is completely
bogus because of the Coverity and Valgrind passes?

--
Kevin Grittner
EDB: http://www.enterprisedb.com
The Enterprise PostgreSQL Company