NagyDonat wrote:

I re-ran the open source evaluation, and here is the clean diff that I promised 
(italicized notes are just copied from the old table):

| Project | New Reports | Resolved Reports | Notes 
|---------|-------------|------------------|----------|
| memcached | No reports | No reports | –
| tmux | No reports | [23 resolved 
reports](https://codechecker-demo.eastus.cloudapp.azure.com/Default/reports?run=tmux_2.6_old_sizeofexpressions_with_new_messages&newcheck=tmux_2.6_new_sizeofexpressions_rerun&diff-type=Resolved)
 | _reports seem to be FPs, including several ones that [use `qsort` in a clear 
and straightforward 
way](https://codechecker-demo.eastus.cloudapp.azure.com/Default/report-detail?run=tmux_2.6_old_sizeofexpressions&newcheck=tmux_2.6_new_sizeofexpressions&diff-type=Resolved&report-id=5493278&report-hash=e1dd82bffcf68169ff8fe7181ca44f16&report-filepath=%2Flocal%2Fpersistent_docker%2FCSA-measurements-driver-2894%2Fmeasurements_workspace%2Ftmux%2Fwindow-buffer.c)_
| curl | [3 new 
reports](https://codechecker-demo.eastus.cloudapp.azure.com/Default/reports?run=curl_curl-7_66_0_old_sizeofexpressions_with_new_messages&newcheck=curl_curl-7_66_0_new_sizeofexpressions_rerun&diff-type=New)
 | [1 resolved 
reports](https://codechecker-demo.eastus.cloudapp.azure.com/Default/reports?run=curl_curl-7_66_0_old_sizeofexpressions_with_new_messages&newcheck=curl_curl-7_66_0_new_sizeofexpressions_rerun&diff-type=Resolved)
 | _new reports are TPs (all reporting incorrect use of the same data 
structure), resolved one is FP_
| twin | No reports | No reports | – 
| vim | [1 new 
reports](https://codechecker-demo.eastus.cloudapp.azure.com/Default/reports?run=vim_v8.2.1920_old_sizeofexpressions_with_new_messages&newcheck=vim_v8.2.1920_new_sizeofexpressions_rerun&diff-type=New)
 | No reports | _true positive_
| openssl | [23 new 
reports](https://codechecker-demo.eastus.cloudapp.azure.com/Default/reports?run=openssl_openssl-3.0.0-alpha7_old_sizeofexpressions_with_new_messages_openssl_ffmpeg&newcheck=openssl_openssl-3.0.0-alpha7_new_sizeofexpressions_rerun_openssl_ffmpeg&diff-type=New)
 | [22 resolved 
reports](https://codechecker-demo.eastus.cloudapp.azure.com/Default/reports?run=openssl_openssl-3.0.0-alpha7_old_sizeofexpressions_with_new_messages_openssl_ffmpeg&newcheck=openssl_openssl-3.0.0-alpha7_new_sizeofexpressions_rerun_openssl_ffmpeg&diff-type=Resolved)
 | resolved reports are FPs, new reports are mostly TPs or "works, but ugly and 
dodgy" code with a few FPs that look like `generic_function(&arg, sizeof(arg))` 
or `get_memory(length*sizeof(array[0]))`
| sqlite | [11 new 
reports](https://codechecker-demo.eastus.cloudapp.azure.com/Default/reports?run=sqlite_version-3.33.0_old_sizeofexpressions_with_new_messages&newcheck=sqlite_version-3.33.0_new_sizeofexpressions_rerun&diff-type=New)
 | No reports | _among the new results there are many FPs 
([(1)](https://codechecker-demo.eastus.cloudapp.azure.com/Default/report-detail?run=sqlite_version-3.33.0_old_sizeofexpressions&newcheck=sqlite_version-3.33.0_new_sizeofexpressions&diff-type=New&report-id=5493379&report-hash=f411835e93b1711c2889d4bef2889db9&report-filepath=%2Flocal%2Fpersistent_docker%2FCSA-measurements-driver-2894%2Fmeasurements_workspace%2Fsqlite%2Fshell.c),
 
[(2)](https://codechecker-demo.eastus.cloudapp.azure.com/Default/report-detail?run=sqlite_version-3.33.0_old_sizeofexpressions&newcheck=sqlite_version-3.33.0_new_sizeofexpressions&diff-type=New&report-id=5493385&report-hash=d9e3d0a984913130c821b7c18c2cc8d2&report-filepath=%2Flocal%2Fpersistent_docker%2FCSA-measurements-driver-2894%2Fmeasurements_workspace%2Fsqlite%2Fsqlite3.c))
 that do things like `char **mem; realloc(mem, numElements*sizeof(mem[0]))`_
| ffmpeg | [22 new 
reports](https://codechecker-demo.eastus.cloudapp.azure.com/Default/reports?run=ffmpeg_n4.3.1_old_sizeofexpressions_with_new_messages_openssl_ffmpeg&newcheck=ffmpeg_n4.3.1_new_sizeofexpressions_rerun_openssl_ffmpeg&diff-type=New)
 | [109 resolved 
reports](https://codechecker-demo.eastus.cloudapp.azure.com/Default/reports?run=ffmpeg_n4.3.1_old_sizeofexpressions_with_new_messages_openssl_ffmpeg&newcheck=ffmpeg_n4.3.1_new_sizeofexpressions_rerun_openssl_ffmpeg&diff-type=Resolved)
 
| postgres | No reports | [5 resolved 
reports](https://codechecker-demo.eastus.cloudapp.azure.com/Default/reports?run=postgres_REL_13_0_old_sizeofexpressions_with_new_messages&newcheck=postgres_REL_13_0_new_sizeofexpressions_rerun&diff-type=Resolved)
 | _resolved reports are FPs_
| tinyxml2 | No reports | No reports  | –
| libwebm | No reports | No reports  | –
| xerces | [1 new 
reports](https://codechecker-demo.eastus.cloudapp.azure.com/Default/reports?run=xerces_v3.2.3_old_sizeofexpressions_with_new_messages&newcheck=xerces_v3.2.3_new_sizeofexpressions_rerun&diff-type=New)
 | No reports | true positive, seems to be an ugly bug
| bitcoin | [1 new 
reports](https://codechecker-demo.eastus.cloudapp.azure.com/Default/reports?run=bitcoin_v0.20.1_old_sizeofexpressions_with_new_messages&newcheck=bitcoin_v0.20.1_new_sizeofexpressions_rerun&diff-type=New)
 | No reports | false positive `hasher.Write((const unsigned char*)&ptr, 
sizeof(ptr));`
| protobuf | [5 new 
reports](https://codechecker-demo.eastus.cloudapp.azure.com/Default/reports?run=protobuf_v3.13.0_old_sizeofexpressions_with_new_messages&newcheck=protobuf_v3.13.0_new_sizeofexpressions_rerun&diff-type=New)
 | [1 resolved 
reports](https://codechecker-demo.eastus.cloudapp.azure.com/Default/reports?run=protobuf_v3.13.0_old_sizeofexpressions_with_new_messages&newcheck=protobuf_v3.13.0_new_sizeofexpressions_rerun&diff-type=Resolved)
 | resolved report is FP, new reports are mostly `sizeof(array[0])` FPs + one 
confusing trickery
| qtbase | [10 new 
reports](https://codechecker-demo.eastus.cloudapp.azure.com/Default/reports?run=qtbase_v6.2.0_old_sizeofexpressions_with_new_messages&newcheck=qtbase_v6.2.0_new_sizeofexpressions_rerun&diff-type=New)
 | No reports | most of them are FPs, including a few `sizeof(array[0])` issues
| contour | No reports | No reports  | –
| openrct2 | [1 new 
reports](https://codechecker-demo.eastus.cloudapp.azure.com/Default/reports?run=openrct2_v0.4.8_old_sizeofexpressions_with_new_messages&newcheck=openrct2_v0.4.8_new_sizeofexpressions_rerun&diff-type=New)
 | No reports | arguably a false positive, but the highlighted code is 
suspicious
| llvm-project | No reports | [1 resolved 
reports](https://codechecker-demo.eastus.cloudapp.azure.com/Default/reports?run=llvm-project_llvmorg-12.0.0_old_sizeofexpressions_with_new_messages&newcheck=llvm-project_llvmorg-12.0.0_new_sizeofexpressions_rerun&diff-type=Resolved)
 | false positive


https://github.com/llvm/llvm-project/pull/94356
_______________________________________________
cfe-commits mailing list
cfe-commits@lists.llvm.org
https://lists.llvm.org/cgi-bin/mailman/listinfo/cfe-commits

Reply via email to