[cfe-dev] Reporting false positives detected by Clang staticanalyzer
Artem Dergachev via cfe-dev
cfe-dev at lists.llvm.org
Fri Apr 8 03:04:48 PDT 2016
You should probably have a look at
https://github.com/Ericsson/codechecker - a web interface for the
analyzer that provides a database for storing positives.
> I remember seeing something about the static analyzer checking asserts in the docs, how well does that actually work?
It needs you to compile with asserts enabled for analysis, and the
assertion mechanism should be supported by the core checkers (eg.
__assert(), __assert2(), _wassert(), __assert_fail(), exit(), etc., or a
macro that expands to one of those - the complete list is in
lib/StaticAnalyzer/Checkers/NoReturnFunctionChecker.cpp , you can
probably add your custom implementation of assert here).
As long as it realizes that a no-return function is called, the analyzer
should stop analysis along the respective path.
More information about the cfe-dev