[PATCH] D57858: [analyzer] Add a new frontend flag to display all checker options
Daniel Krupp via Phabricator via cfe-commits
cfe-commits at lists.llvm.org
Tue May 14 04:42:24 PDT 2019
dkrupp added a comment.
In D57858#1500635 <https://reviews.llvm.org/D57858#1500635>, @NoQ wrote:
> In D57858#1499996 <https://reviews.llvm.org/D57858#1499996>, @dkrupp wrote:
>
> > Some alpha checkers are considerably more mature than others and are quite usable. In our experience, there are some users who are keen to run these checkers on their code and report back any false positives to us. So in this sense these are not "developer only" checkers. So I think we should let the users list them, read their descriptions and try them out. Some of them will come back with useful feedback as to how to improve them further.
>
>
> What are such checkers currently? Like, the ones that aren't clearly "missing limbs" and that have somebody happy to //address// feedback sent against them?
>
> Do you have a chance to call out to your users for testing the checker and actively request feedback, as @Szelethus did on the mailing list?
>
> I feel that we could do some sort of "early access checkers" programme, but i believe this would require a more careful PR than just dumping a list of alpha checkers on our users' heads.
>
> In D57858#1499996 <https://reviews.llvm.org/D57858#1499996>, @dkrupp wrote:
>
> > Some users would not care if the checker gives some more false positives than the "mature" checkers if they can catch some true positives with them.
>
>
> Yeah, and these are pretty much the users we're trying to protect from themselves :)
These are the alpha checkers that we are testing in Ericsson:
alpha.core.BoolAssignment
alpha.core.CastSize
alpha.core.Conversion
alpha.core.DynamicTypeChecker
alpha.core.SizeofPtr
alpha.core.TestAfterDivZero
alpha.cplusplus.DeleteWithNonVirtualDtor
alpha.cplusplus.MisusedMovedObject
alpha.cplusplus.UninitializedObject
alpha.security.MallocOverflow
alpha.security.MmapWriteExec
alpha.security.ReturnPtrRange
alpha.security.taint.TaintPropagation
alpha.unix.BlockInCriticalSection
alpha.unix.Chroot
alpha.unix.PthreadLock
alpha.unix.SimpleStream
alpha.unix.Stream
alpha.unix.cstring.NotNullTerminated
alpha.unix.cstring.OutOfBounds
This 2 have just been moved out of alpha lately:
alpha.cplusplus.MisusedMovedObject
alpha.cplusplus.UninitializedObject
According to our tests these checkers do not crash and do not give a large number of reports (<~50) even on large code base.
So we can check for false positives in them one by one.
Probably these are the closest to come out from alpha.
We could maybe try to test these checkers one-by-one on large open source code bases and move them out from alpha when we are confident enough.
CHANGES SINCE LAST ACTION
https://reviews.llvm.org/D57858/new/
https://reviews.llvm.org/D57858
More information about the cfe-commits
mailing list