- User Since
- Dec 6 2016, 10:52 AM (94 w, 13 h)
I have checked the results, thank you for uploading them, they look solid to me, although I'm not exactly a developer for these projects, without full understanding of what and where allocates and true path-sensitive analysis and memory modelling, they look good. (E.g. one thing this check misses I think is when the allocator returns an explicitly zero-filled memory, because that way the write without the good size is still NUL-terminated... but this requires modelling we might just not be capable of, especially not in Clang-Tidy.)
Tue, Sep 11
Will this properly synergise across compilers with user-specified warning options, such as -Wall -Werror?
Fri, Sep 7
D50353 has landed, so after a rebase this patch will not compile.
Thu, Sep 6
Wed, Sep 5
Make sure you use only the C++ projects like BitCoin, LLVM/Clang, ProtoBuf and such from the Xazax CSA Test suite because this checker is not really applicable to C projects.
Tue, Sep 4
Shouldn't let this thing go to waste.
@Szelethus clang-query seems to sometimes not include matcher functions that are perfectly available in the code... I recently had some issue with using isUserDefined(), it was available in my code, but clang-query always rejected it. Seems there isn't an automatic 1:1 mapping between the two.
Minor comments in-line, looking good on first glance.
Generally grammar / phrasing things that have caught my eye.
Whew, this is a big one. Generally looks good, although I would separate implementation detail functions a bit better, with perhaps more comments to move them apart a bit, it is really harsh to scroll through.
Aug 10 2018
The basics of the heuristics look okay as comparing pointers from non-continuous block of memory is undefined, it would be worthy to check if no compiler warning (perhaps by specifying -W -Wall -Wextra -Weverything and various others of these enable-all flags!) is emitted if std::sort is instantiated for such a use case.
Aug 3 2018
Jul 31 2018
Jul 26 2018
Jul 25 2018
Softly pinging this. Perhaps we could discuss this and get it in before Clang7 rides off into the sunset?
Akin to D45094, pinging this too. 🙂
Jul 5 2018
Jul 2 2018
Pinging this as the talk has stalled.
Jun 16 2018
Ah, and the function names in the test files have been made more logical.
Jun 3 2018
In general, make sure the documentation page renders well in a browser.
May 16 2018
Apr 29 2018
Two minor comments.
Apr 26 2018
While I understand extending the analyzer to cover more is a good approach, there is -Wconversion which seemingly covers this -- or at least the trivial case(?):
Apr 23 2018
@george.karpenkov @NoQ bugprone. as a category sounds nice. It also nicely corresponds to the Clang-Tidy bugprone- category. It would not be nice to further fragment the "top levels" of checker categories.
Apr 19 2018
Apr 17 2018
There is something that came up in my mind:
Apr 16 2018
@NoQ The problem with emitting notes as events is that we lose the information that the node was a note. How does Xcode behave with these notes? Does it ignore them, or can read them from the command-line output of the analyser?
Apr 12 2018
Sorry, one comment has gone missing meanwhile, I'm still getting used to this interface and hit Submit early.
@NoQ Do you reckon these tests files are too long? Perhaps the one about this inheritance, that inheritance, diamond inheritance, etc. could be split into multiple files.
Apr 9 2018
Apr 6 2018
Added comments on what nullptr means at call sites.
It is also std-out (llvm::outs()) in case of nullptr and not std-err.
Apr 5 2018
Update to be in line with contents in dependency patch.
Simplify the patch.
- Use an even more explicit way with the documentation requiring that the file system should be an overlay.
- Add a method to easily overlay a FileSystem above the real one.
@alexfh I have updated the patch. I don't have commit rights, so if you think this is good to go, could you please commit for me?
- Overload removed, now only one CreateASTDumper function remains.
- Updated the call sites of this function to use this call.
Mar 30 2018
Feb 28 2018
Feb 9 2018
Works for me but I haven't any sayings in these. 😇
Nov 24 2017
Aug 31 2017
The Python code here still uses mangled name in their wording. Does this mean this patch is yet to be updated with the USR management in the parent patch?
Aug 10 2017
Aug 9 2017
Apart from those in the in-line comments, I have a question: how safe is this library to Release builds? I know this is only a submodule dependency for the "real deal" in D30691, but I have seen some asserts that "imported function should already have a body" and such.
Jul 31 2017
Jul 24 2017
Jul 20 2017
Jul 14 2017
Jul 12 2017
Considering the results published in the opening description: