clang static analyzer questions

Question

I'm confused about making a decision.

For example, when I wrote a code 'test.c' like this.


int main(void){

        int b = 2;
        int c = 0;

        int d = b/c;
        printf("d: %d\n", d);
        return 0;
}

And then, I typed the command clang --analyze test.c then the statement warning: Division by zero [core.DivideZero]" appeared

After that, I typed the command clang test.c. Then no warning comes out. However, when I run this program, error Floating point exception(core dumped) comes out.

In this case, which is the right one? is it a true-positive or false positive? Can someone explain it to me?

The analyzer succesfully predicted that the code will fail at runtime. Looks like an obvious true positive to me? — HolyBlackCat, Dec 20 '22 at 09:54
You have the code in front of you where you do a division by zero. And you get an exception telling you something is broken. What makes you think it could be a false positive, then? The compiler just doesn't do all the static analyzis if you don't ask it to. — Gerhardh, Dec 20 '22 at 10:49
Executing `clang test.c` with the source code shown in the problem does not result in no warning. it results in a warning about `printf` not being declared, since `` was not included. The source code in the question is not the code you compiled. When asking questions like this, always include a **correct** [mre] that includes code that is just enough to demonstrate the problem but that is **complete**, meaning a reader should be able to paste exactly the source code you show into a file and compile it to reproduce the problem, with no changes or additions. — Eric Postpischil, Dec 20 '22 at 11:42
Compilers aren't obliged to do static analysis. They might do it as a bonus if you've been nice. Both clang and gcc warns for `b/0` so at least they check integer constant expressions. They don't have to do that either. — Lundin, Dec 20 '22 at 15:47

score 1 · Accepted Answer · answered Dec 20 '22 at 11:41

And then, I typed the command clang --analyze test.c then the statement warning: Division by zero [core.DivideZero]" appeared

The Clang static analyzer correctly determined there is a division by zero in the program.

After that, I typed the command clang test.c. Then no warning comes out.

Clang compiled the program in conformance with the C standard. The C standard does not require a compiler to warn you that there is a division by zero in the program.

However, when I run this program, error Floating point exception(core dumped) comes out.

The program was executed in conformance with the C standard. For division, the C standard says “if the value of the second operand is zero, the behavior is undefined.” Since the behavior is undefined, aborting the program with an error message (even a misleading one about “Floating point exception”) is permitted by the C standard.

In this case, which is the right one? is it a true-positive or false positive?

All three behaviors are correct.

clang static analyzer questions

1 Answers1