Re: Postgresql and Clang Static Analyzer

For the record, I added --enable-cassert, which reduced the hints by 59.

PYTHON=/usr/local/bin/python3 scan-build ./configure --prefix=/usr/local
--with-perl --with-tcl --with-gssapi --with-ldap --with-openssl
--with-libxml --with-libxslt --with-systemd --with-python --enable-cassert

scan-build make

and the output is at
https://mail.aegee.org/dpa/scan-build-pg-628462bda9/

On 05/06/2017 10:31 PM, Дилян Палаузов wrote:
> Hello,
>
> I provided the analysis for your information, without stating whether
> there are bugs.
>
> I think most reported stuff is justified, e.g. in
> src/backend/storage/smgr/md.c:875 the initialization seems to be indeed
> superflous. Likewise for the assignment on
> src/interfaces/libpq/fe-print.c:347.
>
> It is not hard to click through the links and verify, whether they are
> false positives, when you know how the code is structured.
>
> You can use lynx if you want to exclude any danger.
>
> I wouldn't have a problem if you ignore the analysis.
>
> Regards
> Дилян
>
> On 05/05/2017 11:41 PM, Bill Parker wrote:
>> This by itself doesn't prove the existence of a bug, while it's a useful
>> tool to find pieces of code which MIGHT be a problem, it doesn't prove
>> that every instance is an actual bug :)
>>
>> Clang-Analyzer and other static analysis tools are useful when used with
>> actually reading the code in question (I've found bugs which
>> clang-analyzer has actually missed in other software projects)
>>
>> On Fri, May 5, 2017 at 2:36 PM, Дилян Палаузов <dpa-postgres(at)aegee(dot)org
>> <mailto:dpa-postgres(at)aegee(dot)org>> wrote:
>>
>> Hello,
>>
>> I compiled postgresql with
>>
>> PYTHON=/usr/local/bin/python3 scan-build ./configure --with-perl
>> --with-tcl --with-gssapi --with-ldap --with-openssl --with-libxml
>> --with-libxslt --with-systemd --with-python
>>
>> scan-build make
>>
>> and here are the results:
>> https://mail.aegee.org/dpa/scan-build-pg-b3a47cdfd6/
>> <https://mail.aegee.org/dpa/scan-build-pg-b3a47cdfd6/>
>>
>>
>> Please note, that the information is only about what gets actually
>> compiled, code disabled by #if .. #endif is not considered (e.g.
>> when determining whether a variable assignment is useless). There
>> are probably some false-positives.
>>
>> I used scan-build/clang 4.0.
>>
>> Enjoy
>> Дилян
>>
>>
>> --
>> Sent via pgsql-bugs mailing list (pgsql-bugs(at)postgresql(dot)org
>> <mailto:pgsql-bugs(at)postgresql(dot)org>)
>> To make changes to your subscription:
>> http://www.postgresql.org/mailpref/pgsql-bugs
>> <http://www.postgresql.org/mailpref/pgsql-bugs>
>>
>>