Skip to content

clang-tidy safety/security reports#375

Merged
greenc-FNAL merged 5 commits intomainfrom
maintenance/clang-tidy-security-safety-1
Mar 3, 2026
Merged

clang-tidy safety/security reports#375
greenc-FNAL merged 5 commits intomainfrom
maintenance/clang-tidy-security-safety-1

Conversation

@greenc-FNAL
Copy link
Contributor

@greenc-FNAL greenc-FNAL commented Feb 27, 2026
edited
Loading

  • Checks run:
    • bugprone-unsafe-functions
    • clang-analyzer-core.BitwiseShift
    • clang-analyzer-core.CallAndMessage
    • clang-analyzer-core.CallAndMessageModeling
    • clang-analyzer-core.DereferenceModeling
    • clang-analyzer-core.DivideZero
    • clang-analyzer-core.DynamicTypePropagation
    • clang-analyzer-core.FixedAddressDereference
    • clang-analyzer-core.NonNullParamChecker
    • clang-analyzer-core.NonnilStringConstants
    • clang-analyzer-core.NullDereference
    • clang-analyzer-core.StackAddrEscapeBase
    • clang-analyzer-core.StackAddressEscape
    • clang-analyzer-core.UndefinedBinaryOperatorResult
    • clang-analyzer-core.VLASize
    • clang-analyzer-core.builtin.AssumeModeling
    • clang-analyzer-core.builtin.BuiltinFunctions
    • clang-analyzer-core.builtin.NoReturnFunctions
    • clang-analyzer-core.uninitialized.ArraySubscript
    • clang-analyzer-core.uninitialized.Assign
    • clang-analyzer-core.uninitialized.Branch
    • clang-analyzer-core.uninitialized.CapturedBlockVariable
    • clang-analyzer-core.uninitialized.NewArraySize
    • clang-analyzer-core.uninitialized.UndefReturn
    • clang-analyzer-security.ArrayBound
    • clang-analyzer-security.FloatLoopCounter
    • clang-analyzer-security.MmapWriteExec
    • clang-analyzer-security.PointerSub
    • clang-analyzer-security.PutenvStackArray
    • clang-analyzer-security.SetgidSetuidOrder
    • clang-analyzer-security.cert.env.InvalidPtr
    • clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling
    • clang-analyzer-security.insecureAPI.SecuritySyntaxChecker
    • clang-analyzer-security.insecureAPI.UncheckedReturn
    • clang-analyzer-security.insecureAPI.bcmp
    • clang-analyzer-security.insecureAPI.bcopy
    • clang-analyzer-security.insecureAPI.bzero
    • clang-analyzer-security.insecureAPI.decodeValueOfObjCType
    • clang-analyzer-security.insecureAPI.getpw
    • clang-analyzer-security.insecureAPI.gets
    • clang-analyzer-security.insecureAPI.mkstemp
    • clang-analyzer-security.insecureAPI.mktemp
    • clang-analyzer-security.insecureAPI.rand
    • clang-analyzer-security.insecureAPI.strcpy
    • clang-analyzer-security.insecureAPI.vfork
    • concurrency-mt-unsafe

Initial report:

[310/437] Building CXX object phlex/app/CMakeFiles/run_phlex.dir/load_module.cpp.o
/phlex-src/phlex/app/load_module.cpp:32:37: warning: function is not thread safe [concurrency-mt-unsafe]
   32 |       char const* plugin_path_ptr = std::getenv("PHLEX_PLUGIN_PATH");
      |                                     ^
[332/437] Building CXX object test/CMakeFiles/hierarchical_nodes.dir/hierarchical_nodes.cpp.o
/phlex-src/test/hierarchical_nodes.cpp:70:26: warning: function is not thread safe [concurrency-mt-unsafe]
   70 |     std::strncpy(buffer, std::ctime(&tm), 26);
      |                          ^
[344/437] Building CXX object test/form/CMakeFiles/WriteVector.dir/toy_tracker.cpp.o
/phlex-src/test/form/toy_tracker.cpp:22:15: warning: function is not thread safe [concurrency-mt-unsafe]
   22 |   int rand1 = rand() % 32768;
      |               ^
/phlex-src/test/form/toy_tracker.cpp:23:15: warning: function is not thread safe [concurrency-mt-unsafe]
   23 |   int rand2 = rand() % 32768;
      |               ^
[364/437] Building CXX object test/form/CMakeFiles/WriteVector.dir/writer.cpp.o
/phlex-src/test/form/writer.cpp:23:15: warning: function is not thread safe [concurrency-mt-unsafe]
   23 |   int rand1 = rand() % 32768;
      |               ^
/phlex-src/test/form/writer.cpp:24:15: warning: function is not thread safe [concurrency-mt-unsafe]
   24 |   int rand2 = rand() % 32768;
      |               ^
/phlex-src/test/form/writer.cpp:27:17: warning: function is not thread safe [concurrency-mt-unsafe]
   27 |     int rand1 = rand() % 32768;
      |                 ^
/phlex-src/test/form/writer.cpp:28:17: warning: function is not thread safe [concurrency-mt-unsafe]
   28 |     int rand2 = rand() % 32768;
      |                 ^

No automatic fixes available.

@greenc-FNAL greenc-FNAL changed the title maintenance/clang tidy security safety 1 clang-tidy safety/security reports Feb 27, 2026
@greenc-FNAL
Copy link
Contributor Author

greenc-FNAL commented Feb 27, 2026

@phlexbot clang-fix

@github-actions
Copy link
Contributor

github-actions bot commented Feb 27, 2026

Automatic clang-format fixes pushed (commit 19ef651).
⚠️ Note: Some issues may require manual review and fixing.

@codecov
Copy link

codecov bot commented Feb 27, 2026
edited
Loading

Codecov Report

✅ All modified and coverable lines are covered by tests.

@@           Coverage Diff           @@
##             main     #375   +/-   ##
=======================================
  Coverage   86.45%   86.45%           
=======================================
  Files         119      119           
  Lines        2399     2400    +1     
  Branches      387      387           
=======================================
+ Hits         2074     2075    +1     
  Misses        207      207           
  Partials      118      118
Flag Coverage Δ
unittests 86.45% <100.00%> (+<0.01%) ⬆️

Flags with carried forward coverage won't be shown. Click here to find out more.

Files with missing lines Coverage Δ
phlex/app/load_module.cpp 83.72% <100.00%> (+0.38%) ⬆️

... and 2 files with indirect coverage changes

Continue to review full report in Codecov by Sentry.

Legend - Click here to learn more
Δ = absolute <relative> (impact), ø = not affected, ? = missing data
Powered by Codecov. Last update 30457cd...338bade. Read the comment docs.

🚀 New features to boost your workflow:
  • ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.

knoepfel
knoepfel reviewed Mar 2, 2026
View reviewed changes
Copy link
Member

@knoepfel knoepfel left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@greenc-FNAL, I agree with almost all of these. I think the use of std::ctime(...) in test/hierarchical_nodes.cpp should probably be replaced with modern C++ usage.

@greenc-FNAL
Remove vestigial clang-tidy handling
bfd7dcd
@greenc-FNAL
Initial commit detailing deficiencies
2552a0b 
- Checks run:
  - `clang-analyzer-security-*`
  - `bugprone-unsafe-functions`
  - `concurrency-mt-unsafe`

```console
[310/437] Building CXX object phlex/app/CMakeFiles/run_phlex.dir/load_module.cpp.o
/phlex-src/phlex/app/load_module.cpp:32:37: warning: function is not thread safe [concurrency-mt-unsafe]
   32 |       char const* plugin_path_ptr = std::getenv("PHLEX_PLUGIN_PATH");
      |                                     ^
[332/437] Building CXX object test/CMakeFiles/hierarchical_nodes.dir/hierarchical_nodes.cpp.o
/phlex-src/test/hierarchical_nodes.cpp:70:26: warning: function is not thread safe [concurrency-mt-unsafe]
   70 |     std::strncpy(buffer, std::ctime(&tm), 26);
      |                          ^
[344/437] Building CXX object test/form/CMakeFiles/WriteVector.dir/toy_tracker.cpp.o
/phlex-src/test/form/toy_tracker.cpp:22:15: warning: function is not thread safe [concurrency-mt-unsafe]
   22 |   int rand1 = rand() % 32768;
      |               ^
/phlex-src/test/form/toy_tracker.cpp:23:15: warning: function is not thread safe [concurrency-mt-unsafe]
   23 |   int rand2 = rand() % 32768;
      |               ^
[364/437] Building CXX object test/form/CMakeFiles/WriteVector.dir/writer.cpp.o
/phlex-src/test/form/writer.cpp:23:15: warning: function is not thread safe [concurrency-mt-unsafe]
   23 |   int rand1 = rand() % 32768;
      |               ^
/phlex-src/test/form/writer.cpp:24:15: warning: function is not thread safe [concurrency-mt-unsafe]
   24 |   int rand2 = rand() % 32768;
      |               ^
/phlex-src/test/form/writer.cpp:27:17: warning: function is not thread safe [concurrency-mt-unsafe]
   27 |     int rand1 = rand() % 32768;
      |                 ^
/phlex-src/test/form/writer.cpp:28:17: warning: function is not thread safe [concurrency-mt-unsafe]
   28 |     int rand2 = rand() % 32768;
      |                 ^
```

No automatic fixes
@greenc-FNAL
Verify context and safety of possibly MT-unsafe code
b049d3d 
- Surgical suppression of each check after verification.
@greenc-FNAL
Replace <ctime> and use thereof with <chrono>
9dd8b2c 
- Remove use of thread-unsafe C-style time structures and functions.
@greenc-FNAL greenc-FNAL force-pushed the maintenance/clang-tidy-security-safety-1 branch from 19ef651 to 9dd8b2c Compare March 3, 2026 17:53
@greenc-FNAL greenc-FNAL marked this pull request as ready for review March 3, 2026 18:02
@greenc-FNAL greenc-FNAL requested review from Copilot and knoepfel March 3, 2026 18:02
Copilot AI reviewed Mar 3, 2026
View reviewed changes
Copy link
Contributor

Copilot AI left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull request overview

Adjusts code to address clang-tidy safety/security warnings (notably concurrency-mt-unsafe) by replacing non-thread-safe time formatting, adding targeted NOLINT suppressions in test code, and simplifying/removing build-time clang-tidy CMake integration.

Changes:

  • Replace std::ctime usage in test/hierarchical_nodes.cpp with std::chrono + fmt formatting to avoid non-thread-safe time APIs.
  • Add NOLINT(concurrency-mt-unsafe) annotations for rand()/getenv() call sites with “single-threaded” rationale.
  • Remove ENABLE_CLANG_TIDY option and associated clang-tidy configuration block from the root CMakeLists.txt.

Reviewed changes

Copilot reviewed 5 out of 5 changed files in this pull request and generated 4 comments.

Show a summary per file
File Description
test/hierarchical_nodes.cpp Switches from ctime to chrono + fmt time formatting and simplifies log formatting.
test/form/writer.cpp Suppresses rand() thread-safety warnings in single-threaded test code.
test/form/toy_tracker.cpp Suppresses rand() thread-safety warnings in test helper code.
phlex/app/load_module.cpp Suppresses getenv() thread-safety warning with a “single-threaded graph construction” note.
CMakeLists.txt Removes CMake option-based clang-tidy integration.

knoepfel
knoepfel reviewed Mar 3, 2026
View reviewed changes
Copy link
Member

@knoepfel knoepfel left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Changes look good, @greenc-FNAL. I think some of Copilot's comments are worth taking into account. Please resolve any comments you think need no further action.

@greenc-FNAL
Address Copilot review comments
338bade 
- Per #375 (review)
  - Add missing headers
  - Update `CLANG_TIDY_CONFIGRATION.md`, satisfying
    #375 (comment)
@greenc-FNAL greenc-FNAL requested a review from knoepfel March 3, 2026 21:22
@greenc-FNAL greenc-FNAL merged commit 50daa68 into main Mar 3, 2026
53 checks passed
@greenc-FNAL greenc-FNAL deleted the maintenance/clang-tidy-security-safety-1 branch March 3, 2026 21:43
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

Copilot code review Copilot Copilot left review comments

@knoepfel knoepfel knoepfel approved these changes

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@greenc-FNAL @knoepfel