Quuxplusone added a comment. FWIW, all three of @nathanchance's detected lines look like good true positives to me: even if they're not //bugs//, they all look like places the programmer //meant// to write `&&` and only wrote `&` by accident. The third one might even be a bug bug, since it's doing essentially `(bounds-check offset_1) & (pointer-math-on offset_1)`. https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/tree/drivers/net/wireless/intel/iwlwifi/mvm/scan.c#n830 https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/tree/drivers/staging/rtl8192u/r8192U_core.c#n4268 https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/tree/lib/zstd/compress.c#n1294
Data point: I've run this patch over my employer's medium-sized mostly-modern codebase and found no (true or false) positives at all. CHANGES SINCE LAST ACTION https://reviews.llvm.org/D108003/new/ https://reviews.llvm.org/D108003 _______________________________________________ cfe-commits mailing list cfe-commits@lists.llvm.org https://lists.llvm.org/cgi-bin/mailman/listinfo/cfe-commits
