[cfe-dev] Clang Static Analyzer: False Positive Suppression Support

Craig, Ben via cfe-dev cfe-dev at lists.llvm.org
Thu Aug 18 07:20:35 PDT 2016 

My company has an implementation of comment suppression that we haven't 
tried to upstream yet.  It doesn't address all the issues you mentioned 
though.

The general comment format is something like: // clang_sa_ignore 
[deadcode.DeadStores, cplusplus] plus whatever other text the user wants

The comment must be on the same line as the last element in the path.  
The line offset that you proposed seems like a reasonable extension.

The comment only suppresses the diagnostic.  This happens well after all 
the path sensitive nodes have been created.  Stated differently, the 
comment suppression does not help the analyzer uncover new problems.

One thing to note is that it isn't necessarily obvious which checker 
generated a warning, particularly when you only have the console output 
to work with.  So we changed our analyzer to also emit the category of 
any static analyzer warnings.

I'll start some internal conversations and see if we can start getting 
some of those patches upstreamed.

On 8/18/2016 3:17 AM, Gábor Horváth via cfe-dev wrote:
> Hi!
>
> In the CodeChecker tool (https://github.com/Ericsson/codechecker) we 
> support suppressing false positive bugs as a post processing step. 
> After all the issues were reported, CodeChecker filters out the 
> suppressed ones, and those will not be displayed to the user.
>
> In our experience, however, and external tool only suppression 
> suppport is not sufficient for certian reasons:
> * When a checker generates a sink node during analysis, the rest of 
> the path will not be covered by the Static Analyzer. Unfortunately, if 
> the user suppress the bug in an external tool, the coverage will not 
> get better. This way false positive results can hide true positive 
> results regardless of suppression.
> * The compiler could do better job diagnosing ill formed suppressions 
> (invalid source range, typo in checker name etc).
> * Tools that are developed on top of the compiler need not to 
> introduce their own customized solution for suppression.
>
> It is beneficial to have a suppression format that is standard across 
> all clang tools. So the same format could be used to:
> * Suppress clang warnings
> * Suppress clang static analyzer warnings
> * Suppress clang tidy warnings
>
> There are two main approaches to suppress warnings that I can think of 
> right now:
>
> Suppress using comments (or pragma):
> * This is a good solution for code evolution. The comments are moving 
> together with the code. Edits are less likely to invalidate comments.
> * This is an intrusive solution, the source code needs to be changed 
> to suppress an issue. This is both good, because the suppressions are 
> version controlled and bad, because suppressing in 3rd party libraries 
> might be problematic.
> * For path sensitive checks, it is not always self evident at which 
> point of the path should a suppression comment be added.
>
>
> Suppress using hashes:
> * It is hard to come up with a reliable hash to identify bugs. There 
> always might be corner cases when the hashes of different bugs collide 
> or the hash of a bug changes due to an edit that in fact should not 
> affect the bug.
> * It is non intrusive.
> * The user do not need to think about at which point should the 
> suppression comment be inserted.
>
>
> I would suggest the suppress comment road.
> The syntax could be something like:
> // clang suppress warning-or-checker-name [optional line 
> offset][optional column range] [comment]
>
> The warning-or-checker-name could be a regex, so multiple checks can 
> be suppressed at the same time.
> Column ranges are useful when multiple errors are reported for the 
> same line.
> Line offsets are useful when one do not want to break the flow of a 
> multi line code snippet with a comment, so this way warnings could be 
> suppressed without too much negative effects on the readability.
> Comment is for documentation purposes, the user can document why does 
> she think that this is a false positive.
>
> What do you think?
>
> Regards,
> Gábor
>
>
>
>
>
>
> _______________________________________________
> cfe-dev mailing list
> cfe-dev at lists.llvm.org
> http://lists.llvm.org/cgi-bin/mailman/listinfo/cfe-dev

-- 
Employee of Qualcomm Innovation Center, Inc.
Qualcomm Innovation Center, Inc. is a member of Code Aurora Forum, a Linux Foundation Collaborative Project

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.llvm.org/pipermail/cfe-dev/attachments/20160818/e98823d3/attachment.html>

More information about the cfe-dev mailing list