Wireshark-dev: Re: [Wireshark-dev] Microsoft vs. clang static analysis

From: Guy Harris <guy@xxxxxxxxxxxx>
Date: Thu, 17 Feb 2011 15:52:52 -0800
On Feb 17, 2011, at 3:36 PM, Stephen Fisher wrote:

> Now that we're doing static analysis compilation with both Microsoft 
> Visual C++ and clang, I see a lot of effort going into working around 
> shortcomings in the Microsoft static analysis.

The only real shortcomings I see here are the mishandling of pointer checks in short-circuit Boolean operations and, if it's not just a consequence of the previous bug, the warnings generated by code in Microsoft headers.  We weren't tagging no-return functions as such in a way Microsoft's tools recognized, but that's more of a shortcoming in the C language, in that it allowed the GCC people and the MSVC people to come up with different syntaxes for saying "this never returns" (unless the GCC guys did it first and you're criticizing the Microsoft guys for not just doing it with __attribute__((noreturn))).