[cfe-dev] Clang Analysis of several open source projects.

[John Smith]

On Thu, May 12, 2011 at 6:37 PM, David Blaikie <dblaikie at gmail.com> wrote:
>
> Interesting to look at -
>
Thanks. Im thinking about running ccc-analyzer on some more reasonably
widely used projects, but I dont really know which one to take on
next. I tried apache-httpd, but the results were so few I really didnt
think it was worthwhile to post them. ;) I also tried samba, but
couldnt even get ./confgiure to run properly on my system; and neither
did the people on the mailinglist and irc channel that I contacted.

>
> though no doubt it'll take a while to work through them all.
>
Yeah, that would take an immense amount of time. I think it may be the
most worthwhile if people that are interested, perhaps take a look at
the project they are most familiar with or have the most affinity
with, or a bug class they have the most knowledge of. For example, the
issue 'Dereference of null pointer' seems to score pretty high on all
projects so far, so either this is *the* most common mistake made by C
developers, or this is an area where a lot of false positives are
generated.


>
> I just started having a glance at the results for GCC (where it
> lists the "null passed as a nonnull argument" first) & the first one doesn't
> entirely make sense to me, the second one is passing null to strncmp but
> with a length of 0. So perhaps the annotation is incorrect and it should be
> nonnull only when the length is non-zero. I don't know what annotations are
> used to markup these properties & whether they are sufficiently expressive
> to handle such a feature.
>
Well, if you put it like that, it does indeed sound a little weird. It
makes sense that it should be nonnull only when the length is
non-zero... But then agian, im not an expert on this subject.
;)




Regards,


John Smith.