[cfe-dev] Clang Analysis of several open source projects.
Ben Laurie
benl at google.com
Thu May 12 10:12:10 PDT 2011
On 12 May 2011 12:51, John Smith <lbalbalba at gmail.com> wrote:
> On Thu, May 12, 2011 at 6:47 PM, Ben Laurie <benl at google.com> wrote:
> >
> > Experience with static analysis says that almost all the issues will be
> > false positives (at least in openssl).
> >
> This is indeed the argument against static analysis that I hear from
> developers. But if this is universally known to be true, then why
> bother with static analysis in the first place ? Isnt this part of the
> project just a waste of time then ?
>
Static analysis should be used during development not after debugging is
complete. That's where the real value is.
>
>
> Regards,
>
>
> John Smith.
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.llvm.org/pipermail/cfe-dev/attachments/20110512/61f0981a/attachment.html>
More information about the cfe-dev
mailing list