Review static analysis report

vtereshkov commented 2 months ago

I ran a static analyzer on tophat sources. For me, nothing criminal was found, but I wasn't very careful, so you can also take a look at the report.

I see a lot of malloc() results not checked for NULL (not a severe crime on modern PCs), floating-point values compared to an exact 0.0 (not a severe crime either if you know what you do), a lot of false positives where the analyzer fails to see a longjmp() in Umka.

Besides that, I found two suspicious places in the report, maybe due to copy-pasting:

void
umth_image_get_dims(UmkaStackSlot *p, UmkaStackSlot *r)
{
    th_image *img = p[0].ptrVal;
    if (!img)
        return;
    th_vf2 *out = (th_vf2 *)p[1].ptrVal;

    if (!img)
        return;  // <-- Why again?

    *out = img->dm;
}

uu
th_quad_to_quad(th_quad *q1, th_quad *q2, th_vf2 *ic)
{
    th_rect r1 = th_quad_bounding_box(*q1);
    th_rect r2 = th_quad_bounding_box(*q2);
    if (!th_rect_to_rect(&r1, &r2) && !th_rect_to_rect(&r1, &r2))  // <-- Why again?
        return 0;
// ...
    return 0;
}

See the detailed report here: Analysis_Report.json

skejeton commented 2 months ago

@marekmaskarinec there's a lot of warnings related to floating point in nav.c, you should review it.

skejeton commented 2 months ago

Found more weird floating point comparisons:

https://github.com/marekmaskarinec/tophat/blob/main/src/particles.c#L88

https://github.com/marekmaskarinec/tophat/blob/main/src/particles.c#L77

https://github.com/marekmaskarinec/tophat/blob/main/src/particles.c#L52

(why are we subtracting p->angle.x and adding it back?)

skejeton commented 2 months ago

I'll stop for now; I'll try to run the analyzer again myself later, and probably use a better tool to sort through the warnings than just looking at the raw JSON output.

marekmaskarinec / tophat

Review static analysis report #177