[PATCH] D30593: Add correct "-isystem"/"-isysroot" warning handling to static analysis' BugReporter.
Devin Coughlin via Phabricator via cfe-commits
cfe-commits at lists.llvm.org
Fri Mar 3 18:01:13 PST 2017
dcoughlin added reviewers: zaks.anna, NoQ.
dcoughlin added a comment.
The analyzer has two different kinds of diagnostics: AST-based and path-sensitive. AST-based diagnostics are similar to the diagnostics that clang performs in Sema in that they can usually be localized to a single program point. For AST-based checks, we follow clang's policy and never report a diagnostic in system headers.
In contrast, path-sensitive diagnostics describe errors that occur along a particular path through the program and so they involve multiple program points. Even when these paths *end* in system headers, they may start in application code and ultimately be the application code's fault. For example, if the application passes NULL to an inline function in a C++ header that then dereferences that pointer, we do want to emit a diagnostic even though the location of the diagnostic is in a system header. In this case the application programmer can do something about it: they should not pass NULL to the function.
By design the analyzer doesn't ever *start* a path-sensitive check in a header (either user or system) -- but if a path starts in an application source file and eventually calls into a header and does something bad, we do report it under the assumption that the application code is violating a header precondition.
This can lead to false positives when the analyzer doesn't understand the system headers properly. In those cases we have custom heuristics to suppress to known patterns the analyzer doesn't handle.
What specific diagnostics in headers are you seeing? Are these in libcxx? We know we have at least one issue in <regex> that isn't being properly suppressed. But if there are others we'd love to hear about them.
Repository:
rL LLVM
https://reviews.llvm.org/D30593
More information about the cfe-commits
mailing list