<div dir="ltr"><div>Hi again,<br><br>I'm looking at your reports (which are quite nice) and an obvious way of reducing false positives is to do an interprocedural analysis. Do you know if it's possible to set that up with the clang-analyzer?<br>
<br></div>Regards,<br>Marcelo<br></div><div class="gmail_extra"><br><br><div class="gmail_quote">On Mon, Jun 17, 2013 at 2:43 PM, Marcelo Sousa <span dir="ltr"><<a href="mailto:marceloabsousa@gmail.com" target="_blank">marceloabsousa@gmail.com</a>></span> wrote:<br>
<blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><div dir="ltr"><div><div><div><div>Hey Eduard,<br><br></div>Awesome! Can you share a script or a build process where I can start plug-in checks?<br>
<br></div>~750 of nullptrs is very good! If we can come up with a good way of handling false positives and find say ~20/30 real bugs with the infrastructure and the already default checks, it would be quite valuable. Is there a meeting to discuss your findings? I would like very much to collaborate with you guys in this project.<br>
<br></div>Regards,<br></div>Marcelo<br><br></div><div class="HOEnZb"><div class="h5"><div class="gmail_extra"><br><br><div class="gmail_quote">On Mon, Jun 17, 2013 at 2:33 PM, Eduard Bachmakov <span dir="ltr"><<a href="mailto:e.bachmakov@gmail.com" target="_blank">e.bachmakov@gmail.com</a>></span> wrote:<br>
<blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">Hey guys, let's get this party started ;-).<br>
<br>
First off, you will be able to get the current status in the wiki at<br>
<a href="http://llvm.linuxfoundation.org/index.php/Static_Analyzer" target="_blank">http://llvm.linuxfoundation.org/index.php/Static_Analyzer</a><br>
<br>
Demo.<br>
After some tweaking I was able to run the analyzer (default settings).<br>
I didn't time the build but subjectively it took 3+ times as long. If<br>
you want to take a look, the results are at<br>
<a href="https://dl.dropboxusercontent.com/u/9902213/2013-06-17-1.tar.xz" target="_blank">https://dl.dropboxusercontent.com/u/9902213/2013-06-17-1.tar.xz</a><br>
(careful, 50M compressed, 1.9G uncompressed). Open index.html in your<br>
favorite browser.<br>
<br>
Stats (on demo).<br>
For x64 the analyzer finds ~4500 issues, more than half being dead<br>
assignments such as "Value stored to 'retval' is never read".<br>
Next are nullptrs (~750). Having glanced at a few of those, I have to<br>
say that some do look pretty real to me (e.g. report-LbUOdn.html ) but<br>
I'm not sure just how different the rules are for the kernel.<br>
Quite a few issues (400-600) are related to garbage value assignment<br>
and propagation. How does that happen? Like this: "unsigned int<br>
uninitialized_var(msecs);" -- so no surprise there.<br>
For the rest, feel free to check out the tarball.<br>
<br>
Goals.<br>
Primary goal for now: integrate checking methods into llvmlinux's build system.<br>
<br>
Comments, concerns?<br>
<br>
Eduard<br>
_______________________________________________<br>
LLVMLinux mailing list<br>
<a href="mailto:LLVMLinux@lists.linuxfoundation.org" target="_blank">LLVMLinux@lists.linuxfoundation.org</a><br>
<a href="https://lists.linuxfoundation.org/mailman/listinfo/llvmlinux" target="_blank">https://lists.linuxfoundation.org/mailman/listinfo/llvmlinux</a><br>
</blockquote></div><br></div>
</div></div></blockquote></div><br></div>