A few invalid error test cases

[David Brady]

Just FYI, I've just checked a recent version of cppcheck on our substantial UnrealEngine-based codebase, and found a few false positives you might not be aware of, as detailed below (note that this code won't compile though, it's just for testing cppcheck).

struct TestStruct
{
    int m;
};

void SomeInitFunc(TestStruct& Test)
{
    Test.m = 0;
}

//cppcheck erroneously flags this as returning local memory
int* GetAddressOfStatic()
{
    struct StaticStruct {int m;};
    static StaticStruct Test{0};
    return &Test.m;
}

int main()
{
    //StreamReader uses << to read objects
    //I modified isLikelyStreamRead in astutils.cpp to check for << as well as the matching code in checkclass.cpp.  Is there a better way of doing this?
    StreamReader Ar;
    std::vector<int> test_vec;
    Ar << test_vec; 
    printf("%d\n", test_vec[0])

    //SomeInitFunc uses a reference to initialise the struct (does not happen in 1.88)
    TestStruct* Test = new TestStruct();
    SomeInitFunc(*Test); 

    //passing constants as container size parameters does not work
    static const int kMax = 4;
    std::array<int, kMax> test_array;
    test_array[0] = 0;

    //you get a syntax error if you comment out the macro definition  (does not happen in 1.88)
    //#define SOME_MACRO_CPPCHECK_DOESNT_KNOW_ABOUT(a,b,c) int a = b
    SOME_MACRO_CPPCHECK_DOESNT_KNOW_ABOUT(x, 0,);
}

[versat]

Thanks! Such feedback from real world code is always great :)
I am not sure about the syntax error for the macro. If Cppcheck does not know this macro there really is a syntax error. So it could be correct to report it.
You can tell Cppcheck about such a macro with a config file, for example:

<?xml version="1.0"?>
<def format="2">
  <define name="SOME_MACRO_CPPCHECK_DOESNT_KNOW_ABOUT(a,b,c)" value="int a = b"/>
</def>

Then Cppcheck does not throw a syntax error and i see some of the issues you describe:

$ ./cppcheck --enable=style --library=false_positives --template=gcc false_positives.cpp
Checking false_positives.cpp ...
false_positives.cpp:16:12: warning: Returning pointer to local variable 'm' that will be invalid when returning. [returnDanglingLifetime]
    return &Test.m;
           ^
false_positives.cpp:16:12: note: Address of variable taken here.
    return &Test.m;
           ^
false_positives.cpp:14:30: note: Variable created here.
    struct StaticStruct {int m;};
                             ^
false_positives.cpp:16:12: note: Returning pointer to local variable 'm' that will be invalid when returning.
    return &Test.m;
           ^
false_positives.cpp:26:28: warning: Out of bounds access in expression 'test_vec[0]' because 'test_vec' is empty. [containerOutOfBounds]
    printf("%d\n", test_vec[0])
                           ^
false_positives.cpp:35:15: warning: Out of bounds access in expression 'test_array[0]' because 'test_array' is empty. [containerOutOfBounds]
    test_array[0] = 0;
              ^
false_positives.cpp:35:19: warning: Variable 'test_array[0]' is assigned a value that is never used. [unreadVariable]
    test_array[0] = 0;
                  ^
false_positives.cpp:39:0: warning: Variable 'x' is assigned a value that is never used. [unreadVariable]
    SOME_MACRO_CPPCHECK_DOESNT_KNOW_ABOUT(x, 0,);
^

[versat]

I created a ticket for the false positive of returning pointer to local memory: https://trac.cppcheck.net/ticket/9201

I am not sure about the other issues. Can someone else have a look please?

[Daniel Marjamäki]

//I modified isLikelyStreamRead in astutils.cpp to check for << as well as the matching code in checkclass.cpp.  Is there a better way of doing this?

That is more or less the proper approach. The special handling of StreamReader should be configured with --library configuration.

[Daniel Marjamäki]

I created https://trac.cppcheck.net/ticket/9202 for the std::array false positive.

[Daniel Marjamäki]

//SomeInitFunc uses a reference to initialise the struct (does not happen in 1.88)

I don't see the problem. I see no warning and as far as I can see there should not be a warning.