You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: philosophy.md
+12-3Lines changed: 12 additions & 3 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -5,16 +5,22 @@ It is important that everybody in the Cppcheck team has a consistent idea about
5
5
6
6
This is a static analyzer tool.
7
7
8
+
## Usability
9
+
10
+
Usability is very important. It's more important that Cppcheck is usable than finding all bugs.
11
+
- We don't want to have tons of configurations options.
12
+
- It's very important that warning messages are well written and with enough details.
13
+
- Speed is very important. --check-level=exhaustive can be used when user accept slow analysis.
8
14
9
15
## Normal analysis - No false positives
10
16
11
17
A fundamental goal is "no false positives".
12
18
13
19
It is not possible to achieve "no false positives" completely. One case where false positives are OK is when the code is garbage.
14
20
15
-
If the code is written as it is by design, then our goal is to not warn.
21
+
If the code is written as it is by design, then our goal is to not show any false positives.
16
22
17
-
If it is not known if there is a problem, then in general we need to bailout. We can only warn when we see that there is a problem.
23
+
If it is not known if there is a problem, then in general we need to bailout to avoid false positives. We can only warn when we see that there is a problem.
18
24
19
25
Stylistic checks are much more prone to false positives and therefore we should avoid writing stylistic checks mostly.
20
26
@@ -24,7 +30,10 @@ Reporting issues in Trac:
24
30
25
31
### Inconclusive messages
26
32
27
-
Inconclusive messages will be created if cppcheck cannot be sure there is an issue to warn but 50-50 probability. User shall enable inconclusive messages if they are willing to spend substantially more time on message verification in order to find more issues within a high false positive rate.
33
+
If cppcheck can't determine that there is a problem or not, then the analysis is inconclusive.
34
+
35
+
If the user enables inconclusive warnings and we guess that the probability there is a real problem is at least 50-50 then it's OK to write a inconclusive warning.
36
+
28
37
Inconclusive messages shall not be used for new checks which are just being developed. There `settings.experimental` can be used.
0 commit comments