Hey all, just a few questions about the fantastic GCC Static Analyzer: - It's stated that support for C++ vs C is very limited. Does this apply if you're writing C++ that is very similar-looking to C and uses few of C++'s advanced features?
- I noticed that in C++, the "gnu::malloc" attributes don't seem to report "warning: leak of 'xxx_alloc()' [CWE-401] [-Wanalyzer-malloc-leak]", is this normal? - Is it worthwhile to spend time annotating your method signatures with attributes like "malloc" and "access"? Do these aid the -fanalyzer passes? For instance: [[gnu::malloc]] [[gnu::malloc(HeapPage_free, 1)]] [[gnu::returns_nonnull]] struct HeapPage* HeapPage_alloc(); [[gnu::access(read_write, 1, 3)]] struct RecordID HeapPage_insert_record(struct HeapPage* page, const char* record, uint32_t record_length); That's quite a significant bit of annotation-noise tacked on to the function, so I wanted to be sure it's worth the investment! Thank you =) Gavin Ray