<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<meta content="text/html; charset=UTF-8" http-equiv="Content-Type">
<body bgcolor="#ffffff" text="#000000">
On 22.04.2009 23:26 Uhr, Peter Stuge wrote:
<blockquote cite="mid:email@example.com" type="cite">
<pre wrap="">Joseph Smith wrote:
<pre wrap="">Wow looks like there are alot of bugs in romcc.c !
I only looked at the very first ones:
API Argument with 'nonnull' attribute passed null romcc.c:10780
The thing to note here is that there are conditions to the error.
Code can very well be making sure that those conditions are in fact
never met, and I don't think scanbuild does a complex enough analysis
to know for sure. (Quite understandably!)
I agree it would be nice to have perfect analysis, and/or code more
suitable for analysis, but just want to point out that there can be
false positives depending on the coding style.
Absolutely agreed. Not all findings by scan-build make sense (for us).
There are cases where it will find an access to memory which is not
backed by a C variable to be undefined.<br>
(something like *(u8 *)0xdeadbeef) ... Makes a lot of sense in (most)
user space applications, but we need to be careful. I tried to fix a
couple of findings, even if they were not strictly required (such as
attribute((noreturn)) in a userspace function calling exit() ... the
attribute is not inherited in scan-build as they don't do
interprocedural checks yet) to improve the overall results. <br>
There are far better ways of doing static code analysis, most of them
involve a lot of time and money. That said, if someone with a PolySpace
license (Carl-Daniel?) and a few couple of days of time reads this,
please help us verify our code! Same for QA-C et al.<br>
<pre class="moz-signature" cols="72">--
coresystems GmbH • Brahmsstr. 16 • D-79104 Freiburg i. Br.
Tel.: +49 761 7668825 • Fax: +49 761 7664613
Email: <a class="moz-txt-link-abbreviated" href="mailto:firstname.lastname@example.org">email@example.com</a> • <a class="moz-txt-link-freetext" href="http://www.coresystems.de/">http://www.coresystems.de/</a>
Registergericht: Amtsgericht Freiburg • HRB 7656
Geschäftsführer: Stefan Reinauer • Ust-IdNr.: DE245674866