[cfe-dev] C++ analysis vs C analysis

Jean-Daniel Dupas devlists at shadowlab.org
Mon Feb 21 14:15:27 PST 2011 

OK. So fill free to ignore my 2 reports (#9282 and #9283) until you finish internal testing ;-)

Le 21 févr. 2011 à 22:57, Ted Kremenek a écrit :

> By "internally", I mean those actively working on the analyzer.  There's no use getting a flood of bug reports from casual users for the 90% cases that would trigger just by the analyzer developers running the analyzer over a handful of C++ codebases.
> 
> On Feb 21, 2011, at 1:54 PM, Ted Kremenek wrote:
> 
>> It's not worth filing C++-specific bugs against the analyzer at this point.  We should internally vet it first by running it over a ton of code, catching crashes, etc.
>> 
>> On Feb 21, 2011, at 1:30 PM, Jean-Daniel Dupas wrote:
>> 
>>> I was waiting that the C++ analyzer be a little more mature, but if you tell it is worth filling bugs now, be sure I will do it.
>>> 
>>> Le 21 févr. 2011 à 20:11, Argyrios Kyrtzidis a écrit :
>>> 
>>>> It'd be a good idea to file bugs for the false positives when analyzing C++ code so we can keep track of them.
>>>> 
>>>> -Argiris
>>>> 
>>>> On Feb 21, 2011, at 8:14 AM, Jean Baptiste LE STANG wrote:
>>>> 
>>>>> OK, thanks. At least a result with false positive is better than no
>>>>> result at all. I'm going to try with a recent SVN version.
>>>>> 
>>>>> On Mon, Feb 21, 2011 at 5:06 PM, Jean-Daniel Dupas
>>>>> <devlists at shadowlab.org> wrote:
>>>>>> 
>>>>>> Le 21 févr. 2011 à 16:57, Jean Baptiste LE STANG a écrit :
>>>>>> 
>>>>>>> Hello,
>>>>>>> 
>>>>>>> I'm trying to use LLVM & scan-build (clang 2.8, checker-255) to
>>>>>>> achieve a static analysis of  a C++ program to detect potential bugs.
>>>>>>> Before doing it on my real program, I've been trying to make it work
>>>>>>> on a simple program :
>>>>>>> 
>>>>>>> int main(int argc, char * argv[] , char * arge[]){
>>>>>>>   int i;
>>>>>>>   if (i<5){
>>>>>>>           i = 50;
>>>>>>>   }
>>>>>>>   return i;
>>>>>>> }
>>>>>>> 
>>>>>>> First case as a C program : scan-build -k -V -v gcc main.c
>>>>>>> 
>>>>>>> ANALYZE: main.c main
>>>>>>> main.c:4:14: warning: The left operand of '<' is a garbage value
>>>>>>>   if (i<5){
>>>>>>> 
>>>>>>> Second case as a C++ program :  scan-build -k -V -v g++ main.cpp and
>>>>>>> i'm missing the previous error detected in scenario 1
>>>>>> 
>>>>>> The static analyzer does not support C++ yet.
>>>>>> The svn version starts to support it but it is not ready to use AFAIK.
>>>>>> I tried it last week, and it reported a lot of false positives.
>>>>>> 
>>>>>> -- Jean-Daniel
>>>>>> 
>>>>>> 
>>>>>> 
>>>>>> 
>>>>>> 
>>>>> 
>>>>> _______________________________________________
>>>>> cfe-dev mailing list
>>>>> cfe-dev at cs.uiuc.edu
>>>>> http://lists.cs.uiuc.edu/mailman/listinfo/cfe-dev
>>>> 
>>> 
>>> -- Jean-Daniel
>>> 
>>> 
>>> 
>>> 
>>> 
>>> _______________________________________________
>>> cfe-dev mailing list
>>> cfe-dev at cs.uiuc.edu
>>> http://lists.cs.uiuc.edu/mailman/listinfo/cfe-dev
>> 
> 

-- Jean-Daniel

More information about the cfe-dev mailing list