cpp:S836 - Rule incorrectly indicating a garbage value

wesleyw102 · February 10, 2023, 10:16am

I’ve slightly redacted/simplified the code, but it effectively looks like the following:

typedef int64_t T_Id;

T_Id GetId() {
  // Some code that generates an ID.
  return id;
}

void Func() {
  const T_Id kFirstId = GetId();
  const T_Id kSecondId = kFirstId + 1;
}

SonarQube Developer Edition Version 9.8 (build 63668)
Language: C++

The rule is flagging kFirstId as not having an initial value, despite it being initialized. This then triggers rule S836 as it believes the left hand operand when setting kSecondId is garbage.

This is a valid form of initialization so I think the rule is incorrectly flagging this.

balazs.benics · February 10, 2023, 1:28pm

Hi @wesleyw102!

The rule S836 is a Symbolic Execution rule, so it’s highly sensitive to the details of your code.
Without the original case in the form of a reproducer we cannot investigate the issue.
Note that a screenshot / a hand-redacted example is not going to reproduce the issue in most cases.

To generate the proper reproducer file:

Search in the analysis log for the full path of the source file for which you want to create a reproducer (the issue in this post). You will have to use exactly this name (same case, / or \…)
Add the reproducer option to the scanner configuration:
sonar.cfamily.reproducer="Full path to the .cpp"
Re-run the scanner to generate a file named sonar-cfamily.reproducer in the project folder.
Please share this file. If you think this file contains private information, let us know, and we’ll send you a private message that will allow you to send it privately.