[cfe-dev] Clang Analysis of several open source projects.
John Smith
lbalbalba at gmail.com
Thu May 12 09:51:43 PDT 2011
On Thu, May 12, 2011 at 6:47 PM, Ben Laurie <benl at google.com> wrote:
>
> Experience with static analysis says that almost all the issues will be
> false positives (at least in openssl).
>
This is indeed the argument against static analysis that I hear from
developers. But if this is universally known to be true, then why
bother with static analysis in the first place ? Isnt this part of the
project just a waste of time then ?
Regards,
John Smith.
More information about the cfe-dev
mailing list