Message256370
> Is analyze something that can be used from the command line only, or does it require the GUI?
You can do it from the command line - Chrome/chromium makes use of it as such.
See: https://code.google.com/p/chromium/issues/detail?id=427616
The /analyze option is documented here:
https://msdn.microsoft.com/en-us/library/ms173498.aspx
/analyze:WX- Prevents compilation failure when compiling with /WX (warn as errors) and /analyze warnings are disabled the same way that normal warnings are.
For example, /analyze an extremely large number of variable shadowing issues, which I think should be suppressed (as CPython's code base tolerates them?), to get to the more important issues.
> Also, we aren't likely to make the code more complex in order to deal with shortcomings in analyze's algorithms
I assume you're referring to the out-of-bounds in complex conditions? I can't imagine how making the code *more* complex would help :)
> I'm surprised it is catching things that coverity doesn't.
Every tool has its strengths and weaknesses; I am, however surprised that coverity didn't catch these issues, as they're common, and platform agnostic.
/analyze can pick up many issues that coverity doesn't, simply because /analyze understands SAL, so it understands how the Windows API is supposed to be used.
Also: Of the three issues that I opened, one is already fix, and two are in the pipeline. Impressive! |
|
Date |
User |
Action |
Args |
2015-12-14 06:32:39 | Alexander Riccio | set | recipients:
+ Alexander Riccio, loewis, paul.moore, christian.heimes, tim.golden, r.david.murray, zach.ware, steve.dower |
2015-12-14 06:32:39 | Alexander Riccio | set | messageid: <1450074759.36.0.749217937059.issue25847@psf.upfronthosting.co.za> |
2015-12-14 06:32:39 | Alexander Riccio | link | issue25847 messages |
2015-12-14 06:32:38 | Alexander Riccio | create | |
|