Xazax-hun wrote:
> this requires dataflow analysis to get a low false-positive rate
I think it might be possible to have low false positive rates without dataflow
analysis. Currently, it looks like the check is looking for syntactically
identical subexpressions. Those tend to overlap in most cases. That being
said, I can imagine some cases where it is not really the case, like:
```
sprintf(st1.buf, return_format_string_and_modify_buf("%s", &st1.buf), st1.buf);
```
To filter these, the check would need to ensure that the pointer cannot be
modified while the arguments are evaluated.
Are there any other false positives you anticipate?
That being said, we'd absolutely need dataflow analysis to reduce the number of
false negatives when the arguments are not syntactically equivalent.
I think it would be OK to have a fast, syntactic check in `-Wall` and have a
smarted dataflow-based check as opt-in somewhere else (can be compiler, tidy,
or the clang static analyzer). I think implementing this check in the clang
static analyzer would be relatively straightforward.
> I think this check should be generalized a bit more
Huge +1. I like the generalization ideas. No matter in what form we land this,
I think people would benefit a lot from that.
https://github.com/llvm/llvm-project/pull/114244
_______________________________________________
cfe-commits mailing list
cfe-commits@lists.llvm.org
https://lists.llvm.org/cgi-bin/mailman/listinfo/cfe-commits
