Static analysis question

Hot Topic

Error 28906. WiDbLoc: Failed to localize a field in the database.
Team Server and Project 2003
Get associated work items when a shelveset is done.
SQL Server SP1 and hotfixes
How to clean TSF install
source control server events
Backup Utility not working after TFS installed on Windows Server 2003 Std Edition SP1
WorkItem Field enabling/disabling based on current user
Can't view reports from Team Explorer - "403 Forbidden"
EndToEndIteration target

VS Team System

VSTS Version Control and Phantom Items
New System definition using SDM SDK
"Auto" alerts is possible?
VB6 mssci provider
Class Name column in the Test Results?
Install guide for Beta3 Refresh
[WebTests] App.config in Testproject can not be referenced
Error You are not a valid account when accessing a team project
Do I have to have TFS while using Team suite Or Team Edition?
System life cycle versus development project versus Team Project versus source control branch etc

Static analysis question

I want to help a coworker in tracking down a spurious crash by using the Statically Analyze commmand in Visual Studio 2005, but I decided to give it a test drive first.

On this test, I expected it to report a use of an uninitialized variable.  Is this correct expectation of the /analyze switch   I'm using VS 2005 B2.

void foo( int& x )
{
   printf( "%d", x );
}

int main()
{
   int uninitialized;
   foo( uninitialized );
   return 0;
}

Answer this question

Static analysis question

  • Learner.example

    I seen your question on the other forum; a bit repeating here: code analysis is done per function.
    In case of passing parameter by-value it is reasonable to expect initialized variable as an argument on the caller side. This is not true in case of reference. So in this example code analysis gives a warning with a better confidence that it's not noisy.

    Thanks, 
    Natalia   



  • Mario Esposito - MSFT

    In order to minimize noise, code analysis doesn't make any assumptions about whether the callee requires an initialized variable. If the callee handled this, you can imagine the consternation to receive a warning on every call site to it.

    Try the following:



    #include <CodeAnalysis/SourceAnnotations.h>
    using namespace vc_attributes;

    void foo([Pre ( Valid = Yes )] int& x )
    {
       printf( "%d", x );
    }

    int main()
    {
       int uninitialized;
       foo( uninitialized );
       return 0;
    }

     



    See the following for more info on this topic:

    http://msdn2.microsoft.com/en-us/library/ms182032(en-US,VS.80).aspx



  • MEindert

    Then why does changing the call to pass by-value rather than by-ref give you a prefast diagnostic (Ayman pointed this out).

    #include <stdio.h>
    void foo( int x )
    {
       printf( "%d", x );
    }
    int main()
    {
       int uninitialized;
       foo( uninitialized );
       return 0;
    }

    If code analysis can detect the use of an uninitialized variable, it should report it.   Both versions are the same in that there is a use of an unintialized variable.

    Brian
  • Static analysis question
Answer this question