You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: philosophy.md
+26-14Lines changed: 26 additions & 14 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -1,14 +1,12 @@
1
1
2
-
Cppcheck Philosophy
3
-
===================
2
+
# Cppcheck Philosophy
4
3
5
4
It is important that everybody in the Cppcheck team has a consistent idea about how this tool should work.
6
5
7
-
This is a static analyser tool. When it comes to writing warnings, quality is much more important than quantity.
6
+
This is a static analyser tool.
8
7
9
8
10
-
No false positives
11
-
------------------
9
+
## Normal analysis - No false positives
12
10
13
11
A fundamental goal is "no false positives".
14
12
@@ -20,34 +18,48 @@ If it is not known if there is a problem, then in general we need to bailout. We
20
18
21
19
Stylistic checks are much more prone to false positives and therefore we should avoid writing stylistic checks mostly.
22
20
21
+
Reporting issues in Trac:
22
+
- If you see a false negative; report that as an enhancement.
23
+
- If you see a false positive; report that as a defect.
23
24
24
-
No configuration
25
-
----------------
25
+
26
+
## Bug hunting - Soundy analysis
27
+
28
+
The goal is to detect nearly all bugs. It will not be possible to detect ALL bugs. For instance if the code is garbage or if the bug happens in a inline assembler code block.
29
+
30
+
It will not be possible to avoid false alarms completely but we can not be sloppy about false alarms. There are tools that are too noisy. A handful of false alarms for a project is totally fine in this analysis. But 1000's of false alarms for the average project would not be ok.
31
+
32
+
We want to detect UB. But we will not add checkers that are too noisy.
33
+
34
+
Reporting issues in Trac:
35
+
- If you see a false negative; report that as a defect.
36
+
- If you see a false positive; report it as an enhancement.
37
+
38
+
We should try hard to fix false positives however we can't have heuristics that we know will cause important false negatives.
39
+
40
+
41
+
## No configuration
26
42
27
43
We want that a user can run Cppcheck without explicit -D and -I configuration.
28
44
29
45
When this happens the false positives should be avoided. The user can reduce false negatives with configuration.
30
46
31
47
32
-
Allow compiler extensions
33
-
-------------------------
48
+
## Allow compiler extensions
34
49
35
50
This is not just a tool for mainstream gcc/msvc c/c++ developers. If you can compile the code with a C/C++ compiler then our goal is that Cppcheck can check it.
36
51
37
52
38
-
C++ language
39
-
------------
53
+
## C++ language
40
54
41
55
Our goal is to be highly portable. Users must be able to compile Cppcheck with GCC 4.6 or MSVS 2013.
42
56
43
57
No C++14 is allowed. A subset of the C++11 is allowed.
0 commit comments