[cfe-dev] Static analysis and Adium
Ted Kremenek
kremenek at apple.com
Thu Jul 3 11:28:48 PDT 2008
On Jul 3, 2008, at 10:40 AM, David Smith wrote:
> After seeing the earlier email about static analysis being run on
> Adium I emailed our development list about making use of it. The
> result so far has been http://trac.adiumx.com/wiki/StaticAnalysis,
> which we'll be updating as we go through the reports. Augie is also
> doing another run using checker-55 since that report is from -47. So
> far this is pretty awesome :) I've fixed on leak and confirmed two in
> almost no time. This evening I'm going to go down the updated list in
> detail. Hopefully once we get comments on the false positives it'll be
> useful for improving the heuristics.
>
> David Smith
Hi David,
This is great news. It really gladdens me that people are finding the
tool to be useful.
Right now I'm looking at a few of the false positives in the list of
warnings flagged for Adium. Some of them look like they are due to
things that we are not tracking (and will hopefully eventually track),
while others look like things we should handle right now. It's really
helpful for me to see what reports are classified as false positives,
as it gives me a systematic way to find bugs and shortcomings in the
analyzer and eliminate them.
It's also clear that the diagnostics still need significant
improvement, especially with respect to null pointer dereferences.
Beyond improving the precision of the analyzer, improving its output
is also high on the todo list. (so any suggestions are welcome!)
Finally, if you have feature requests for other bugs to check for,
please email cfe-dev or file a bugzilla report.
Ted
More information about the cfe-dev
mailing list