What does Coverity/clang static analysis actually do?
BCS
none at anon.com
Thu Oct 1 15:00:58 PDT 2009
Hello Nick,
> "Walter Bright" <newshound1 at digitalmars.com> wrote in message
> news:ha2run$275r$1 at digitalmars.com...
>
>> 2. possible dereference of NULL pointers (some reaching definitions
>> of a
>> pointer are NULL)
>> 2. Optimizer collects the info, but ignores this, because people are
>> annoyed by false positives.
> If you mean something like this:
>
> Foo f;
> if(cond)
> f = new Foo();
> f.bar();
> Then I *want* the compiler to tell me. C# does this and I've never
> been annoyed by it, in fact I've always appreciated it. I'm not aware
> of any other C# user that has a problem with that either. If that's
> not what you mean though, then could you elaborate?
I think it is important to note that the check DMD is not using checks for
null where as C# checks for uninitialized
legal in c# but flagged by this test:
Foo f = null;
if(cond) f = new Foo();
f.bar();
>> 6. array overflows
>> 6. Arrays are solidly covered by a runtime check. There is code in
>> the
>> optimizer to detect many cases of overflows at compile time, but the
>> code
>> is currently disabled because the runtime check covers 100% of the
>> cases.
>
> I'm puzzled by why you would prefer to leave this entirely runtime
> when some of it can be detected at compile-time. Normally you agree
> that catching something at compile-time is better whenever possible.
> So shouldn't the array overflows that can be detected at compile-time
> be detected at compile-time? I would certainly prefer that.
>
Ditto on this; Walter, what is your rational on this?
More information about the Digitalmars-d
mailing list