Misra 10.1 false positive on stringstream shift operators

[Ronny Soak]

Trying with --clang wasn't easy. Other than with cppcheck alone, the code actually needs to compile with clang to do the check.

So I fixed all the includes just to see that some of my libraries (which, just as my main code, target gcc) fail with clang.

So I tried to fix the clang compiler issues with my code and generated a minmal, dependency-free example. I fixed all the issues and got code that compiled in both gcc and clang. Clang could also produce the ast-dump of the file.

Now testing the same with cppcheck (version 2.1) and the --clang option, gives me just a segmentation fault.

Here is the code of my example:

#define MyFloat MyVar<float>
#define MyInt MyVar<int>
// more defines here

template <class VAR_TYPE> class BaseArr
{
    public:
    VAR_TYPE internal;
    BaseArr(VAR_TYPE init): internal(init){}
};

template <class VAR_TYPE> class BaseCustom : public BaseArr<VAR_TYPE>
{
    public:
    BaseCustom(VAR_TYPE init) : BaseArr<VAR_TYPE>(init)
    {};
};

template <class VAR_TYPE> class MyVar : public BaseCustom<VAR_TYPE>
{
    public:
    MyVar(const char *nm = nullptr, bool f_val = false, bool f_ref = false) : BaseCustom<VAR_TYPE>(0)
    {};
    MyVar(VAR_TYPE init) : BaseCustom<VAR_TYPE>(init)
    {};
};


template <class VAR_TYPE, class VAR_TYPE_2>
class RET_TYPE;

#define MK_RET_TYPE(a, b, c)            \
    template<> class RET_TYPE<a, b>     \
    {   public:                         \
                                        \
        typedef c RetType;              \
    };                                  \
                                        \
    template<> class RET_TYPE<b, a>     \
    {   public:                         \
                                        \
        typedef c RetType;              \
    };                              \


MK_RET_TYPE(float, int,            float);
// defines for many more types here


#define RET_VAR_TYPE typename RET_TYPE<VAR_TYPE, VAR_TYPE_2>::RetType

template <typename VAR_TYPE, typename VAR_TYPE_2>
MyVar<RET_VAR_TYPE> operator * (const MyVar<VAR_TYPE> &a, const VAR_TYPE_2 &x)
{   MyVar<RET_VAR_TYPE> ret("dummy", false);

    ret = a.internal * x; // this replaces a more complicated operation
    return(ret);
}


int main(int argc, char **argv) 
{
    MyInt setCode = MyInt(5);
    MyFloat measResult = setCode * 7.5f;
}

nobody@iamge:/demo/Tests$ cppcheck --clang --dump  test.cpp 
Checking test.cpp...
Segmentation fault

[Daniel Marjamäki]

hmm.. I do not get a segmentation fault. But I don't get a dump file neither. With --debug I get debug output that looks ok. Here is the debug output for main:

61: int main ( int argc , char ** argv ) { MyVar<int> setCode = ?CXXFunctionalCastExpr? ; MyVar<float> measResult = setCode . operator* ( 7.500000e+00 ) ;
2:
|
60:
61: }

[Daniel Marjamäki]

Ronny.. can you please run this command: clang -cc1 -ast-dump test.cpp save the output in a file.. and then can you try to share that file with me somehow.

[Daniel Marjamäki]

I see the ?CXXFunctionalCastExpr? now in the debug output .. that is something that probably should be fixed.

[Daniel Marjamäki]

After 1f8896e51c45356b7bbd1c47c0ee9671ff3e6d65 , I get a dump. So I can't reproduce any bad behavior as far as I see right now. :-(

If you still get the segfault.. I hope the clang -cc1 -ast-dump test.cpp output will help me reproduce it.

[Ronny Soak]

I've checked with a cppcheck build of todays main branch.
cppcheck --version just says Cppcheck 2.2 dev

clang version 10.0.0-4ubuntu1

I'm still getting the segmentation fault.

The output of clang -cc1 -ast-dump simple.cpp you can find here: https://hastebin.com/tomalocaki.rb

[Daniel Marjamäki]

Thanks! I will look at that file.
How did you compile Cppcheck? Maybe this is related with https://trac.cppcheck.net/ticket/9820 ... apparently there can be crashes if you compile with optimisations.

[Ronny Soak]

I build cppcheck in a docker container with these commands:

RUN wget https://github.com/danmar/cppcheck/archive/main.zip \
    && unzip main.zip \
    && rm main.zip

WORKDIR /cppcheck-main

RUN make install MATCHCOMPILER=yes FILESDIR=/usr/share/cppcheck CXXFLAGS="-O2 -DNDEBUG -Wall -Wno-sign-compare -Wno-unused-function --static"

The container is based on unbuntu:20:04 with clang and clang-tools installed via apt.

I can try with -O0 instead.

I just noticed that additionally to the self-compiled version, I also have a line about installing cppcheck via apt in there. I'll remove that too and see if it makes a difference. But cppcheck --version showed 2.2 dev, so I'm pretty sure the self-compiled version is used.

[Ronny Soak]

I've checked wit -O0 and indeed there is no longer a segmentation fault.

Unfortunatley, there is also no output with --dump.