[cfe-dev] RFC clang analyzer false positives (for loop)

Artem Dergachev via cfe-dev cfe-dev at lists.llvm.org
Fri Aug 26 08:28:09 PDT 2016


On 8/26/16 3:19 PM, Joerg Sonnenberger via cfe-dev wrote:
> If they don't want to see any false positives, they shouldn't even ask
> the compiler for warnings. It is a completely absurd constraint to put
> on any analysis system. The trick for tools like Coverity and where the
> majority of the research budget goes is to develop heuristics on what
> false positives should be silently dropped.

While false positives are obviously inevitable (there are various 
well-known reasons for the clang static analyzer's technique to have 
false positives; even outside the reach of halting problem), there are 
reasons why false positives are destructive:

(1) If a new user takes the tool, picks 3-4 positives and finds that 
they're all false, she may never give the tool another chance.
(2) If you have 1% false positives on your codebase, it means that 
there's a pattern that the tool fails upon; but there might be another 
codebase on which that pattern is popular and you'd get thousands of 
warnings with 100% false positive rate.

So yeah, we inevitably have to treat every false positive as carefully 
as possible, much more carefully than false negatives. That said, ugly 
heuristics are rarely the best choice, yeah.

Sorry if this sounded trivial :)


More information about the cfe-dev mailing list