[cfe-dev] RFC clang analyzer false positives (for loop)

Joerg Sonnenberger via cfe-dev cfe-dev at lists.llvm.org
Fri Aug 26 05:19:05 PDT 2016

On Fri, Aug 26, 2016 at 09:50:42AM +0000, Daniel Marjamäki via cfe-dev wrote:
> I am trying to introduce Clang analyzer on an existing large code base
> and they don't want to see any false positives. I would ideally like to
> have very restrictive checking for uninitialized variables right now.

If they don't want to see any false positives, they shouldn't even ask
the compiler for warnings. It is a completely absurd constraint to put
on any analysis system. The trick for tools like Coverity and where the
majority of the research budget goes is to develop heuristics on what
false positives should be silently dropped.

> It is acceptable to add _some_ assertions and annotations to achieve
> no false positives. But I'm afraid it looks bad that most of the
> warnings are wrong right now.

But the example you have given is *not* wrong. It is completely correct.
It might be wrong for an internal function where you can reason about
all possible call sites and the restrictions of the argument ranges.
But that's not the case in the example you gave.


More information about the cfe-dev mailing list