c - 静态分析警告误报了吗？我不能让它安静下来-6ren

c - 静态分析警告误报了吗？我不能让它安静下来

转载作者：行者123 更新时间：2023-12-02 00:55:47

我的代码有问题。

clang 8.0.0 的扫描构建抛出此警告:

main.c:188:12: Out of bound memory access (access exceeds upper limit of memory block)
               putchar(tab[i][p]);
                       ^~~~~~~~~

这是感兴趣的功能:

void rysuj_glowny(int n)
{
    int nabs = abs(n);
    int size = 2 * nabs;

    if(size <= 0) return;

    char tab[size][size];

    rysowando(size, tab, nabs, n);

    for(int i = 0; i < size; i++)
    {
        for(int p = 0; p < size; p++)
        {
            putchar(tab[i][p]);
        }
        putchar('\n');
    }
}

This是整个代码，如果需要的话。

此函数获取值“n”，创建维度为 [2*n,2*n] 的二维数组，使用另一个函数(称为“rysowando”)填充数组，然后打印数组。

我尝试使用各种条件表达式(例如检查各种限制值的“大小”和“n”)来平息警告，但警告仍然存在。当我的代码中断时是否有值“n”？感谢您的意见!

最佳答案

我认为在这种情况下，静态分析器是错误的。我用 clang 9.0 试了一下，得到了一组不同的结果，但它们看起来也不对。如果您按照步骤列表进行操作，您会发现缺少某些内容:

/Users/realdarrin/Development/CodeReviewTester/CodeReviewTester/main.c:202:13: warning: 1st function call argument is an uninitialized value
       putchar(tab[i][p]);
        ^~~~~~~~~~~~~~~~~~
1 warning generated.

如果你按照这些步骤操作，它会给出:

main.c:213:20: Entering loop body
main.c:217:12: Assuming 'x' is equal to 1
main.c:217:22: Assuming the condition is false
main.c:217:35: Assuming the condition is false
main.c:222:12: Assuming the condition is false
main.c:213:5: Looping back to the head of the loop
main.c:213:20: Entering loop body
main.c:217:12: Assuming 'x' is equal to 1
main.c:217:22: Assuming the condition is false
main.c:217:35: Assuming the condition is false
main.c:222:12: Assuming the condition is false
main.c:213:5: Looping back to the head of the loop
main.c:213:20: Entering loop body
main.c:217:12: Assuming 'x' is equal to 1
main.c:217:22: Assuming the condition is false
main.c:217:35: Assuming the condition is false
main.c:222:12: Assuming the condition is false
main.c:213:5: Looping back to the head of the loop
main.c:213:20: Entering loop body
main.c:217:12: Assuming 'x' is equal to 1
main.c:217:22: Assuming the condition is false
main.c:217:35: Assuming the condition is false
main.c:222:12: Assuming the condition is true
main.c:226:20: Entering loop body
main.c:228:9: Calling 'rysuj_glowny'
main.c:187:1: Entered call from 'main'
main.c:192:8: Assuming 'size' is > 0
main.c:196:5: Calling 'rysowando'
main.c:20:1: Entered call from 'rysuj_glowny'
main.c:23:8: Assuming 'n' is not equal to 1
main.c:36:5: Calling 'rysowando'
main.c:20:1: Entered call from 'rysowando'
main.c:23:8: Assuming 'n' is not equal to 1
main.c:36:5: Calling 'rysowando'
main.c:20:1: Entered call from 'rysowando'
*main.c:23:8: Assuming 'n' is not equal to 1
main.c:45:8: Assuming 'startn' is <= 0
main.c:116:8: Assuming 'startn' is >= 0
main.c:36:5: Returning from 'rysowando'
main.c:36:5: Returning from 'rysowando'
main.c:196:5: Returning from 'rysowando'
main.c:198:20: Entering loop body
main.c:200:24: Entering loop body
main.c:200:9: Looping back to the head of the loop
main.c:200:24: Assuming 'p' is >= 'size'
main.c:198:5: Looping back to the head of the loop
main.c:206:1: Storing uninitialized value
main.c:228:9: Returning from 'rysuj_glowny'
main.c:226:5: Looping back to the head of the loop
main.c:226:20: Entering loop body
main.c:228:9: Calling 'rysuj_glowny'
main.c:187:1: Entered call from 'main'
main.c:192:8: Assuming 'size' is > 0
main.c:196:5: Calling 'rysowando'
main.c:20:1: Entered call from 'rysuj_glowny'
main.c:23:8: Assuming 'n' is not equal to 1
main.c:36:5: Calling 'rysowando'
main.c:20:1: Entered call from 'rysowando'
main.c:23:8: Assuming 'n' is not equal to 1
main.c:36:5: Calling 'rysowando'
main.c:20:1: Entered call from 'rysowando'
main.c:23:8: Assuming 'n' is equal to 1
main.c:26:29: Loop body executed 0 times
main.c:36:5: Returning from 'rysowando'
main.c:45:8: Assuming 'startn' is <= 0
main.c:116:8: Assuming 'startn' is >= 0
main.c:36:5: Returning from 'rysowando'
main.c:196:5: Returning from 'rysowando'
main.c:198:20: Entering loop body
main.c:200:24: Entering loop body
main.c:202:13: 1st function call argument is an uninitialized value