[cfe-dev] Clang Static Analyzer: False Positive Suppression Support

p23 power via cfe-dev cfe-dev at lists.llvm.org
Wed Aug 24 16:56:47 PDT 2016

Hi Anna,

The main in-source suppression mechanism that the clang static analyzer
> supports is the ‘__clang_analyzer__’ macro. I am not sure if you tried
> using it or not...  so I am curious what are the main limitations of it
> that you are seeing.

The doc page you refer to says: "use this macro to selectively exclude code
the analyzer examines" ... so wouldn't this potentially create false
positives later in the code path? For example, by excluding code that
initializes variables that is required later in the path, the analyzer may
then warn about a garbage values.

Additionally, our customers do not want to, and some times are not allow
to, add such annotations into the code, especially when it's maintained by
another team or company.

> The static analyzer already has support for suppression hashes in tree.
> The CodeChecker tool (https://github.com/Ericsson/codechecker) is using
> them to provide user workflows such as baselining and issue suppression.

Where I like this tool, it imposes on the developer that all warnings need
to viewed through that interface and it also requires the company to setup
the tool in the first place.  Many developers just want to run the analyzer
locally and either view the stdout or html reports.

Lastly, you didn't comment on the idea of feeding a yaml/json file
containing the issue hashes back into the analyzer for suppression the
output.  What are your thoughts on this solution?

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.llvm.org/pipermail/cfe-dev/attachments/20160825/2666d865/attachment.html>

More information about the cfe-dev mailing list