[cfe-dev] Clang Analysis of several open source projects.
David Blaikie
dblaikie at gmail.com
Thu May 12 09:37:48 PDT 2011
Interesting to look at - though no doubt it'll take a while to work through
them all. I just started having a glance at the results for GCC (where it
lists the "null passed as a nonnull argument" first) & the first one doesn't
entirely make sense to me, the second one is passing null to strncmp but
with a length of 0. So perhaps the annotation is incorrect and it should be
nonnull only when the length is non-zero. I don't know what annotations are
used to markup these properties & whether they are sufficiently expressive
to handle such a feature.
On Thu, May 12, 2011 at 9:24 AM, John Smith <lbalbalba at gmail.com> wrote:
> Hi.
>
>
> In case anyone is interested, I ran the clang analyzer on several open
> source projects. (gcc, gdb, glib, ntp, openldap, openssl, postfix).
>
> However, there are many issues found on most of those projects, which
> are reasonably well known and widely used pieces of software. Which
> makes me wonder if there arent just a lot of false positives here ?
>
>
> The resulting reports can be found here :
>
> http://lbalbalba.freezoka.net/ccc-analyzer/
>
>
>
> Regards,
>
>
>
> John Smith
> _______________________________________________
> cfe-dev mailing list
> cfe-dev at cs.uiuc.edu
> http://lists.cs.uiuc.edu/mailman/listinfo/cfe-dev
>
--
-----BEGIN GEEK CODE BLOCK-----
Version: 3.1
GCS d+@ s++: a-- C++++ ULS++ P L++ !E W++ N+ o? K? w(+) O? M@ V? PS+ PE@
Y+ PGP- t(+) 5 X+ R tv+ b+ DI++ D++ G+ e++ h- r y?
------END GEEK CODE BLOCK------
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.llvm.org/pipermail/cfe-dev/attachments/20110512/3b7f9b57/attachment.html>
More information about the cfe-dev
mailing list