Skip to content
This repository has been archived by the owner on Aug 8, 2023. It is now read-only.

Static analyzer warnings in mbgl-core #7669

Closed
1ec5 opened this issue Jan 11, 2017 · 3 comments
Closed

Static analyzer warnings in mbgl-core #7669

1ec5 opened this issue Jan 11, 2017 · 3 comments
Labels
archived Archived because of inactivity build Core The cross-platform C++ core, aka mbgl offline

Comments

@1ec5
Copy link
Contributor

1ec5 commented Jan 11, 2017

Running the static analyzer on the CI scheme of macos.xcworkspace on the release-ios-v3.4.0 branch (dea1a30) turns up several warnings in the mbgl-core target, specifically offline.cpp, geojson_source_impl.cpp, and parser.cpp. (I’m ignoring the known warnings in Reachability and libclipper.) As with #7668, some of the warnings result from variant usage.

Memory Error Group
/Users/mxn/hub/mapbox-gl-native-2/platform/default/mbgl/storage/offline.cpp:90:5: Potential memory leak (within a call to 'AddMember')
/Users/mxn/hub/mapbox-gl-native-2/platform/default/mbgl/storage/offline.cpp:90:5: Calling 'GenericValue::AddMember'
/Users/mxn/hub/mapbox-gl-native-2/mason_packages/headers/rapidjson/1.1.0/include/rapidjson/document.h:1327:5: Entered call from 'encodeOfflineRegionDefinition'
/Users/mxn/hub/mapbox-gl-native-2/mason_packages/headers/rapidjson/1.1.0/include/rapidjson/document.h:1330:16: Calling 'GenericValue::AddMember'
/Users/mxn/hub/mapbox-gl-native-2/mason_packages/headers/rapidjson/1.1.0/include/rapidjson/document.h:1257:5: Entered call from 'GenericValue::AddMember'
/Users/mxn/hub/mapbox-gl-native-2/mason_packages/headers/rapidjson/1.1.0/include/rapidjson/document.h:1260:16: Calling 'GenericValue::AddMember'
/Users/mxn/hub/mapbox-gl-native-2/mason_packages/headers/rapidjson/1.1.0/include/rapidjson/document.h:1186:5: Entered call from 'GenericValue::AddMember'
/Users/mxn/hub/mapbox-gl-native-2/mason_packages/headers/rapidjson/1.1.0/include/rapidjson/document.h:1199:61: Calling 'CrtAllocator::Realloc'
/Users/mxn/hub/mapbox-gl-native-2/mason_packages/headers/rapidjson/1.1.0/include/rapidjson/allocators.h:71:5: Entered call from 'GenericValue::AddMember'
/Users/mxn/hub/mapbox-gl-native-2/mason_packages/headers/rapidjson/1.1.0/include/rapidjson/allocators.h:73:13: Assuming 'newSize' is not equal to 0
/Users/mxn/hub/mapbox-gl-native-2/mason_packages/headers/rapidjson/1.1.0/include/rapidjson/allocators.h:77:16: Memory is allocated
/Users/mxn/hub/mapbox-gl-native-2/mason_packages/headers/rapidjson/1.1.0/include/rapidjson/document.h:1199:61: Returned allocated memory
/Users/mxn/hub/mapbox-gl-native-2/mason_packages/headers/rapidjson/1.1.0/include/rapidjson/document.h:1202:27: Potential memory leak
Logic error Group
/Users/mxn/hub/mapbox-gl-native-2/platform/default/mbgl/storage/offline.cpp:94:5: Dereference of null pointer (within a call to 'Accept')
/Users/mxn/hub/mapbox-gl-native-2/platform/default/mbgl/storage/offline.cpp:94:5: Null pointer argument in call to memory copy function (within a call to 'Accept')
/Users/mxn/hub/mapbox-gl-native-2/src/mbgl/style/sources/geojson_source_impl.cpp:152:9: Function call argument is an uninitialized value (within a call to '~Result')
/Users/mxn/hub/mapbox-gl-native-2/src/mbgl/style/parser.cpp:120:13: Passed-by-value struct argument contains uninitialized data (e.g., field: 'maxzoom') (within a call to 'convert')
/Users/mxn/hub/mapbox-gl-native-2/src/mbgl/style/parser.cpp:123:13: Assigned value is garbage or undefined (within a call to '~Result')
/Users/mxn/hub/mapbox-gl-native-2/src/mbgl/style/parser.cpp:126:32: Undefined or garbage value returned to caller (within a call to 'get')
/Users/mxn/hub/mapbox-gl-native-2/src/mbgl/style/parser.cpp:228:13: Assigned value is garbage or undefined (within a call to '~Result')
/Users/mxn/hub/mapbox-gl-native-2/src/mbgl/style/parser.cpp:230:9: Assigned value is garbage or undefined (within a call to 'operator=')

/cc @jfirebaugh @kkaefer
@1ec5 1ec5 added build Core The cross-platform C++ core, aka mbgl offline labels Jan 11, 2017
@1ec5 1ec5 added this to the ios-v3.5.0 milestone Jan 11, 2017
@jfirebaugh
Copy link
Contributor

The rapidjson memory leak is a false positive; ~GenericValue() deallocates this memory.

The rapidjson null pointer dereferences are both false positives. It's unclear why the analyzer thinks this pointer is null; the trace doesn't appear to analyze the point where it's initialized.

The remaining variant-related issues in geojson_source_impl.cpp and parser.cpp are all false positives. The analyzer doesn't appear to be able to track static constraints on the possible types held in a variant.

This isn't listed in your output because it's ifdef'ed-out on iOS, but I believe there's a valid positive in Context::drawPixels, and the call to glDrawPixels should pass format as the third argument. Otherwise it's assigned but never used.

@1ec5
Copy link
Contributor Author

1ec5 commented Jan 11, 2017

If these are false positives, we should find a way to silence or work around them (or file bugs upstream) so they don’t make us less likely to spot legitimate issues in the future.

@jfirebaugh jfirebaugh removed this from the ios-v3.5.0 milestone Mar 9, 2017
@1ec5 1ec5 mentioned this issue Nov 18, 2017
Closed
@stale stale bot added the archived Archived because of inactivity label Nov 11, 2018
@stale
Copy link

stale bot commented Nov 25, 2018

This issue has been automatically detected as stale because it has not had recent activity and will be archived. Thank you for your contributions.

@stale stale bot closed this as completed Nov 25, 2018
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Assignees
No one assigned
Labels
archived Archived because of inactivity build Core The cross-platform C++ core, aka mbgl offline
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@jfirebaugh @1ec5