Bug 89863 (cppcheck) - [meta-bug] Issues in gcc that other static analyzers (cppcheck, clang-static-analyzer, PVS-studio) find that gcc misses
Summary: [meta-bug] Issues in gcc that other static analyzers (cppcheck, clang-static-...
Status: UNCONFIRMED
Alias: cppcheck
Product: gcc
Classification: Unclassified
Component: other (show other bugs)
Version: 9.0
: P3 normal
Target Milestone: ---
Assignee: Not yet assigned to anyone
URL:
Keywords: diagnostic, meta-bug
Depends on: 33715 46476 47170 49564 52124 53871 56370 60548 63854 64524 65446 67729 69285 69286 70800 71175 71176 79950 81271 81670 81674 82100 82648 88057 89788 91022 97894 98963 99615 99669 99674 102078 102082 102083 103920 103939 104643 104680 107204 108126 108136 111684 112373 113528 113786 114680 114721 50355 54582 58237 59205 66469 71324 71327 77936 79022 79364 80047 80049 80051 80672 81669 83033 83822 88056 88810 89259 89860 90297 90298 90874 90970 90973 90974 90975 90976 90978 91016 91017 92472 92563 92565 92575 92671 94317 94319 94433 94629 94669 98951 99553 99614 99616 99617 99866 99917 99933 100143 100147 100913 102073 102074 102085 102327 102896 106184 106370 106778 106906 106907 107203 107510 109056 114689
Blocks:
  Show dependency treegraph
 
Reported: 2019-03-28 05:01 UTC by Eric Gallager
Modified: 2024-04-16 17:00 UTC (History)
4 users (show)

See Also:
Host:
Target:
Build:
Known to work:
Known to fail:
Last reconfirmed:


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description Eric Gallager 2019-03-28 05:01:11 UTC
David Binderman often files bugs he finds with cppcheck, so making a meta-bug to group them all. Some of these checks might also be inspiration for new gcc warnings. 
(Dave, let me know if I missed any)
Comment 1 Eric Gallager 2019-06-26 17:43:23 UTC
I see Martin Liska added a bunch of bugs found by the clang static analyzer as blocking this... Martin, did you verify that cppcheck catches them, too, or are we using this bug for static analyzers in general now? It's ok if it's the latter, we'll just need to update the title...
Comment 2 Martin Liška 2019-06-27 10:35:23 UTC
(In reply to Eric Gallager from comment #1)
> I see Martin Liska added a bunch of bugs found by the clang static analyzer
> as blocking this... Martin, did you verify that cppcheck catches them, too,
> or are we using this bug for static analyzers in general now? It's ok if
> it's the latter, we'll just need to update the title...

Yes, I would like to extend usage of this meta bug. I've just updated the title.
About the cppcheck, I'm running that with:

$ cppcheck --enable=all --project=compile_commands.json -j16
and my impression is that it does not work for C++ files:
https://pastebin.com/ZK320Ebt
?
Comment 3 David Binderman 2019-06-27 17:16:22 UTC
--language=c++ seems to be required for C++ code.

--force helps cppcheck to avoid a too-early finish.

I use the current development cppcheck code, although it's fair to say that
new features rarely work 100% perfectly first time and usually take a week
or two before they mature on real code. 

But that's development code for you ;->
Comment 4 Martin Liška 2019-07-01 09:19:32 UTC
(In reply to David Binderman from comment #3)
> --language=c++ seems to be required for C++ code.

That works for me, thank you!

> 
> --force helps cppcheck to avoid a too-early finish.
> 
> I use the current development cppcheck code, although it's fair to say that
> new features rarely work 100% perfectly first time and usually take a week
> or two before they mature on real code. 

Yep, I've just bumped openSUSE package to the latest release that was released few days ago.

> 
> But that's development code for you ;->
Comment 5 Eric Gallager 2019-12-02 03:17:09 UTC
Some of the bugs that this one depends upon might be useful inspiration for the new analyzer that David Malcolm is working on.
Comment 6 David Binderman 2020-02-10 12:41:50 UTC
For this C++ code:

// reading 8 bytes from a 5 byte field

# include <stdint.h>
# include <cstring>

struct S
{
	char a[ 5];
	short b;
};

void f( const S * ps)
{
	uint64_t n;

	memcpy( &n, ps->a, sizeof( uint64_t));
}

derived from recent Linux kernel, gcc has nothing to say:

$ /home/dcb/gcc/results/bin/gcc -c -g -O2 -Wall -Wextra feb10a.cc
$ 

Interestingly, clang++ doesn't say much either:

$ clang++ -c -O2 -Wall -Wextra feb10a.cc
$ 

Adding _FORTIFY_SOURCE=2 doesn't help. Here is cppcheck in action:

$ /home/dcb/cppcheck/trunk/cppcheck  feb10a.cc
feb10a.cc:17:16: error: Buffer is accessed out of bounds: ps->a [bufferAccessOutOfBounds]
 memcpy( &n, ps->a, sizeof( uint64_t));
               ^
$
Comment 7 David Binderman 2020-02-10 13:30:34 UTC
For this C++ code:

// Division by zero.

extern void g();

void f()
{
    unsigned int vsync_rate_hz = 0;
    unsigned int frame_time_microsec = 1000000 / vsync_rate_hz;

    g();
}

gcc and clang have nothing to say, even with -g -O2 -Wall -Wextra 
but cppcheck finds the problem.
Comment 8 Eric Gallager 2020-04-17 09:23:38 UTC
updating title to include PVS studio bugs
Comment 9 Eric Gallager 2020-04-17 09:28:23 UTC
(In reply to Eric Gallager from comment #8)
> updating title to include PVS studio bugs

actually it looks like there was already a previous meta-bug for PVS-Studio, bug 77421, but it's closed already... do we want to reopen that one, or use this one for PVS-Studio bugs as well?