[cfe-dev] C++ analysis vs C analysis

Ted Kremenek kremenek at apple.com
Mon Feb 21 14:32:57 PST 2011 

A few bug reports are useful.  Thanks for filing them.  What I don't want at this point is a deluge of duplicates.

On Feb 21, 2011, at 2:15 PM, Jean-Daniel Dupas wrote:

> OK. So fill free to ignore my 2 reports (#9282 and #9283) until you finish internal testing ;-)
> 
> Le 21 févr. 2011 à 22:57, Ted Kremenek a écrit :
> 
>> By "internally", I mean those actively working on the analyzer.  There's no use getting a flood of bug reports from casual users for the 90% cases that would trigger just by the analyzer developers running the analyzer over a handful of C++ codebases.
>> 
>> On Feb 21, 2011, at 1:54 PM, Ted Kremenek wrote:
>> 
>>> It's not worth filing C++-specific bugs against the analyzer at this point.  We should internally vet it first by running it over a ton of code, catching crashes, etc.
>>> 
>>> On Feb 21, 2011, at 1:30 PM, Jean-Daniel Dupas wrote:
>>> 
>>>> I was waiting that the C++ analyzer be a little more mature, but if you tell it is worth filling bugs now, be sure I will do it.
>>>> 
>>>> Le 21 févr. 2011 à 20:11, Argyrios Kyrtzidis a écrit :
>>>> 
>>>>> It'd be a good idea to file bugs for the false positives when analyzing C++ code so we can keep track of them.
>>>>> 
>>>>> -Argiris
>>>>> 
>>>>> On Feb 21, 2011, at 8:14 AM, Jean Baptiste LE STANG wrote:
>>>>> 
>>>>>> OK, thanks. At least a result with false positive is better than no
>>>>>> result at all. I'm going to try with a recent SVN version.
>>>>>> 
>>>>>> On Mon, Feb 21, 2011 at 5:06 PM, Jean-Daniel Dupas
>>>>>> <devlists at shadowlab.org> wrote:
>>>>>>> 
>>>>>>> Le 21 févr. 2011 à 16:57, Jean Baptiste LE STANG a écrit :
>>>>>>> 
>>>>>>>> Hello,
>>>>>>>> 
>>>>>>>> I'm trying to use LLVM & scan-build (clang 2.8, checker-255) to
>>>>>>>> achieve a static analysis of  a C++ program to detect potential bugs.
>>>>>>>> Before doing it on my real program, I've been trying to make it work
>>>>>>>> on a simple program :
>>>>>>>> 
>>>>>>>> int main(int argc, char * argv[] , char * arge[]){
>>>>>>>>  int i;
>>>>>>>>  if (i<5){
>>>>>>>>          i = 50;
>>>>>>>>  }
>>>>>>>>  return i;
>>>>>>>> }
>>>>>>>> 
>>>>>>>> First case as a C program : scan-build -k -V -v gcc main.c
>>>>>>>> 
>>>>>>>> ANALYZE: main.c main
>>>>>>>> main.c:4:14: warning: The left operand of '<' is a garbage value
>>>>>>>>  if (i<5){
>>>>>>>> 
>>>>>>>> Second case as a C++ program :  scan-build -k -V -v g++ main.cpp and
>>>>>>>> i'm missing the previous error detected in scenario 1
>>>>>>> 
>>>>>>> The static analyzer does not support C++ yet.
>>>>>>> The svn version starts to support it but it is not ready to use AFAIK.
>>>>>>> I tried it last week, and it reported a lot of false positives.
>>>>>>> 
>>>>>>> -- Jean-Daniel
>>>>>>> 
>>>>>>> 
>>>>>>> 
>>>>>>> 
>>>>>>> 
>>>>>> 
>>>>>> _______________________________________________
>>>>>> cfe-dev mailing list
>>>>>> cfe-dev at cs.uiuc.edu
>>>>>> http://lists.cs.uiuc.edu/mailman/listinfo/cfe-dev
>>>>> 
>>>> 
>>>> -- Jean-Daniel
>>>> 
>>>> 
>>>> 
>>>> 
>>>> 
>>>> _______________________________________________
>>>> cfe-dev mailing list
>>>> cfe-dev at cs.uiuc.edu
>>>> http://lists.cs.uiuc.edu/mailman/listinfo/cfe-dev
>>> 
>> 
> 
> -- Jean-Daniel
> 
> 
> 
>

More information about the cfe-dev mailing list