Date: Wed, 5 Jan 2011 15:11:50 +0100 From: Erik Cederstrand <erik@cederstrand.dk> To: =?iso-8859-1?Q?Ulrich_Sp=F6rlein?= <uqs@FreeBSD.ORG> Cc: current@FreeBSD.org Subject: Re: FYI: clang static analyzer page has moved to http://scan.freebsd.your.org/freebsd-head/ Message-ID: <AD2AEFFB-37A4-4DAB-9094-7289C1C8B0DD@cederstrand.dk> In-Reply-To: <4184C8F2-3C6D-46FB-8F10-DDEBA6DB1C35@cederstrand.dk> References: <20110105131439.GN23329@acme.spoerlein.net> <4184C8F2-3C6D-46FB-8F10-DDEBA6DB1C35@cederstrand.dk>
next in thread | previous in thread | raw e-mail | index | archive | help
--Apple-Mail-108-249414753 Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset=us-ascii Den 05/01/2011 kl. 14.56 skrev Erik Cederstrand: > Ignoring contrib code for the moment, I decided to look at usr.sbin.pw = from 2011-01-05. There's one report = (http://scan.freebsd.your.org/freebsd-head/usr.sbin.pw/2011-01-05-amd64/re= port-KkilQ3.html#EndPath) which turns out to be a false positive: >=20 > * Step 6 calls cmdhelp() on line 168; > * cmdhelp() ends with "exit(EXIT_FAILURE);" on line 432 which I assume = is exit(3) from libc > * The analyzer doesn't know that this function never returns and = continues to flag a null dereference in step 8 The same is true of err(), verr(), errc(), verrc(), errx(), and verrx() = which is also causing false positive reports. They ultimately call = exit(3). Erik= --Apple-Mail-108-249414753--
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?AD2AEFFB-37A4-4DAB-9094-7289C1C8B0DD>