What does Coverity/clang static analysis actually do?
BCS
none at anon.com
Thu Oct 1 12:19:29 PDT 2009
Hello Walter,
> Frankly, this is not an impressive list. These issues are discoverable
> using standard data flow analysis, and in fact are part of Digital
> Mars' optimizer. Here is the current state of it for dmd:
>
> 1. Optimizer discovers it, but ignores the information. Due to the
> recent thread on it, I added a report for it for D (still ignored for
> C). The downside is I can no longer use *cast(char*)0=0 to drop me
> into the debugger, but I can live with that as assert(0) will do the
> same thing.
nice
> 4. Dead assignments are automatically detected and removed. I'm not
> convinced this should be reported, as it can legitimately happen when
> generating source code. Generating false positives annoy the heck out
> of users.
vote++ on silent
> 6. Arrays are solidly covered by a runtime check. There is code in the
> optimizer to detect many cases of overflows at compile time, but the
> code is currently disabled because the runtime check covers 100% of
> the cases.
I'd advocate for any compile time checks that never generate false positives
running even if the runtime checks would get it also. I'd rather known sooner
than later.
More information about the Digitalmars-d
mailing list