[cfe-dev] Clang Analysis of several open source projects.
Erik Cederstrand
erik at cederstrand.dk
Fri May 13 00:24:50 PDT 2011
Hi Ted,
Den 12/05/2011 kl. 22.08 skrev Ted Kremenek:
> On May 12, 2011, at 11:19 AM, John Smith wrote:
>
>> But my main point wasnt really finding bugs in the projects
>> themselves, but finding & fixing bugs in the analyzer (by decreasing
>> the potential for false positives).
>
> Thanks John. That's what I am hopeful for as well.
>
> To make this exercise the most constructive, we need actual bug reports against the analyzer. Diagnosing a sea of reports, and complaining that there are too many false positives just really isn't constructive or helpful on its own.
FreeBSD is continually running the analyzer on our code, which has already uncovered a lot of bugs. I have previously sifted through a lot of the bug reports, and a very large part of the false positives fall in the category of the analyzer not detecting that a function never returns, i.e. the IPA not being smart enough.
I created a bug report some time ago http://llvm.org/bugs/show_bug.cgi?id=8914 I realize that fixing this is non-trivial, but it would be nice if the analyzer could at least handle the following:
if foo():
x = 5
else:
exit()
bar(x)
without complaining that x might be uninitialized.
Kind regards,
Erik
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 1928 bytes
Desc: not available
URL: <http://lists.llvm.org/pipermail/cfe-dev/attachments/20110513/2bbc2918/attachment.bin>
More information about the cfe-dev
mailing list