clang-tidy: disable clang-analyzer UndefinedBinaryOperatorResult warning #33281

pull ryanofsky wants to merge 1 commits into bitcoin:master from ryanofsky:pr/garbage changing 1 files +1 −0
  1. ryanofsky commented at 1:21 pm on September 2, 2025: contributor

    Disable clang-analyzer-core.UndefinedBinaryOperatorResult warning because it produces a false positive in a Cap’n Proto header:

    0/usr/include/kj/async-inl.h:609:37: warning: The left operand of '+' is a garbage value [clang-analyzer-core.UndefinedBinaryOperatorResult]
1  609 |       return *(void**)(*(char**)obj + voff);

    This was reported by fanquake in #33256 and was previously addressed in https://github.com/bitcoin-core/libmultiprocess/pull/184/commits/76313450c2c4aa70cf5c443dc2b33c621a565fb5 which changed the analyzer result to be a warning instead of an error. PR https://github.com/capnproto/capnproto/pull/2334 was also merged upstream to prevent this in future versions of Cap’n Proto.

    Unfortunately it does not seem possible suppress the false-positive warning from this header without turning off the check for bitcoin code as well. The header is included with -isystem so it is treated as a third party header, but clang-tidy has a longstanding issue discussed in https://reviews.llvm.org/D26418 where it ignores -isystem and ignores HeaderFilterRegex and ExcludeHeaderFilterRegex directives if it decides that errors are associated with the “main file” of the translation unit, which is the case here. (See isInMainFile in https://github.com/llvm/llvm-project/pull/91400/files)

    The tidy error is a false positive from clang-analyzer (https://clang-analyzer.llvm.org/) warning that the vtable pointer *(char**)obj is a garbage value rather than a valid memory address. The analyzer has no way of knowing it could be a valid address since it’s only valid due to assumptions about the ABI.

    The purpose of the code is to get a starting function address that can be passed to addr2line from a lambda or function object. The function GetFunctorStartAddress calls a helper PtmfHelper::apply to get the starting function address from a pointer-to-member-function value pointing at the operator() method. The helper needs to handle virtual methods, so it checks if the pointer is virtual by testing its low-order bit, and if set, assumes the first bytes of the object are a vtable pointer, and does pointer arithmetic with the vtable address. Clang-tidy complains about this because it does not know the vtable address is valid, assuming incorrectly it is a “garbage value”.

    This PR is part of the process separation project.

  2. clang-tidy: disable clang-analyzer UndefinedBinaryOperatorResult warning 
    Disable `clang-analyzer-core.UndefinedBinaryOperatorResult` warning because it
produces a false positive in a Cap'n Proto header:

/usr/include/kj/async-inl.h:609:37: warning: The left operand of '+' is a garbage value [clang-analyzer-core.UndefinedBinaryOperatorResult]
  609 |       return *(void**)(*(char**)obj + voff);

This was reported by fanquake in
https://github.com/bitcoin/bitcoin/issues/33256 and was previously addressed in
https://github.com/bitcoin-core/libmultiprocess/pull/184/commits/76313450c2c4aa70cf5c443dc2b33c621a565fb5
which changed the analyzer result to be a warning instead of an error. PR
https://github.com/capnproto/capnproto/pull/2334 was also merged upstream to
prevent this in future versions of Cap'n Proto.

Unfortunately it does not seem possible suppress the false-positive warning
from this header without turning off the check for bitcoin code as well. The
header included with -isystem so it is treated as a third party header, but
clang-tidy has a longstanding issue discussed in
https://reviews.llvm.org/D26418 where it ignores -isystem and ignores
HeaderFilterRegex and ExcludeHeaderFilterRegex directives if it decides that
errors are associated with the "main file" of the translation unit, which is
the case here. (See "isInMainFile" in
https://github.com/llvm/llvm-project/pull/91400/files)

The tidy error is a false positive from clang-analzyer
(https://clang-analyzer.llvm.org/) warning that the vtable pointer
`*(char**)obj` is a garbage value rather than a valid memory address. The
analyzer has no way of knowing it could be a valid address since it's only
valid due to assumptions about the ABI.

The purpose of the code is to get a starting function address that can be
passed to addr2line from a lambda or function object. The function
`GetFunctorStartAddress` calls a helper `PtmfHelper::apply` to get the starting
function address from a pointer-to-member-function value pointing at the
operator() method. The helper needs to handle virtual methods, so it checks if
the pointer is virtual by testing its low-order bit, and if set, assumes the
first bytes of the object are a vtable pointer, and does pointer arithmetic
with the vtable address. Clang-tidy complains about this because it does not
know the vtable address is valid, assuming incorrectly it is a "garbage value".
    c157a1bc83
  3. DrahtBot commented at 1:21 pm on September 2, 2025: contributor

    The following sections might be updated with supplementary metadata relevant to reviewers and maintainers.

    Code Coverage & Benchmarks

    For details see: https://corecheck.dev/bitcoin/bitcoin/pulls/33281.

    Reviews

    See the guideline for information on the review process. A summary of reviews will appear here.

  4. hebasto commented at 2:43 pm on September 2, 2025: member
    Can it be localized into the src/ipc/capnp/.clang-tidy file?
  5. ryanofsky commented at 3:06 pm on September 2, 2025: contributor

    Can it be localized into the src/ipc/capnp/.clang-tidy file?

    That seems like a good idea. But even the current version of this PR (c157a1bc8388fecec85f61286ae928721aa8d78a) doesn’t seem to be working right now. I wonder if it is because the files are generated files not inside the source directory? I’m not sure what change might make sense to fix this.

    Current tidy job output is:

     0[09:27:25.132] [156/716][166.7s] clang-tidy-20 -p=/ci_container_base/ci/scratch/build-x86_64-pc-linux-gnu -quiet -load=/tidy-build/libbitcoin-tidy.so /ci_container_base/ci/scratch/build-x86_64-pc-linux-gnu/src/ipc/libmultiprocess/test/mp/test/foo.capnp.proxy-server.c++
 1[09:27:48.990] /usr/include/kj/async-inl.h:609:37: warning: The left operand of '+' is a garbage value [clang-analyzer-core.UndefinedBinaryOperatorResult]
 2...
 3[09:34:20.319] [422/716][151.6s] clang-tidy-20 -p=/ci_container_base/ci/scratch/build-x86_64-pc-linux-gnu -quiet -load=/tidy-build/libbitcoin-tidy.so /ci_container_base/ci/scratch/build-x86_64-pc-linux-gnu/src/ipc/capnp/mining.capnp.proxy-server.c++
 4[09:34:20.319] /usr/include/kj/async-inl.h:609:37: warning: The left operand of '+' is a garbage value [clang-analyzer-core.UndefinedBinaryOperatorResult]
 5...
 6[09:36:06.736] [500/716][35.1s] clang-tidy-20 -p=/ci_container_base/ci/scratch/build-x86_64-pc-linux-gnu -quiet -load=/tidy-build/libbitcoin-tidy.so /ci_container_base/ci/scratch/build-x86_64-pc-linux-gnu/src/ipc/capnp/init.capnp.proxy-server.c++
 7[09:36:26.830] /usr/include/kj/async-inl.h:609:37: warning: The left operand of '+' is a garbage value [clang-analyzer-core.UndefinedBinaryOperatorResult]
 8...
 9[09:37:08.964] [540/716][25.6s] clang-tidy-20 -p=/ci_container_base/ci/scratch/build-x86_64-pc-linux-gnu -quiet -load=/tidy-build/libbitcoin-tidy.so /ci_container_base/ci/scratch/build-x86_64-pc-linux-gnu/src/ipc/capnp/echo.capnp.proxy-server.c++
10[09:37:24.901] /usr/include/kj/async-inl.h:609:37: warning: The left operand of '+' is a garbage value [clang-analyzer-core.UndefinedBinaryOperatorResult]
  6. ryanofsky marked this as a draft on Sep 2, 2025
  7. ryanofsky commented at 3:06 pm on September 2, 2025: contributor
    Marking as draft because the change does not seem to have any effect right now.
  8. ryanofsky commented at 3:39 am on September 3, 2025: contributor
    Maybe it would make sense to have cmake symlink .clang-tidy files from the source directory to the build directory the same way it seems to symlink functional test files
  9. ryanofsky commented at 4:28 pm on September 8, 2025: contributor
    Closing in favor of #33312, which actually fixes the the error output, unlike this PR
  10. ryanofsky closed this on Sep 8, 2025


ryanofsky DrahtBot hebasto

github-metadata-mirror

This is a metadata mirror of the GitHub repository bitcoin/bitcoin. This site is not affiliated with GitHub. Content is generated from a GitHub metadata backup.
generated: 2025-10-10 18:13 UTC
This site is hosted by @0xB10C
More mirrored repositories can be found on mirror.b10c.me