[cfe-dev] RFC clang analyzer false positives (for loop)
Artem Dergachev via cfe-dev
cfe-dev at lists.llvm.org
Fri Aug 26 08:28:09 PDT 2016
On 8/26/16 3:19 PM, Joerg Sonnenberger via cfe-dev wrote:
> If they don't want to see any false positives, they shouldn't even ask
> the compiler for warnings. It is a completely absurd constraint to put
> on any analysis system. The trick for tools like Coverity and where the
> majority of the research budget goes is to develop heuristics on what
> false positives should be silently dropped.
While false positives are obviously inevitable (there are various
well-known reasons for the clang static analyzer's technique to have
false positives; even outside the reach of halting problem), there are
reasons why false positives are destructive:
(1) If a new user takes the tool, picks 3-4 positives and finds that
they're all false, she may never give the tool another chance.
(2) If you have 1% false positives on your codebase, it means that
there's a pattern that the tool fails upon; but there might be another
codebase on which that pattern is popular and you'd get thousands of
warnings with 100% false positive rate.
So yeah, we inevitably have to treat every false positive as carefully
as possible, much more carefully than false negatives. That said, ugly
heuristics are rarely the best choice, yeah.
Sorry if this sounded trivial :)
More information about the cfe-dev