Hi Pedro, I agree that compiler and static analysis absolutely do get false positive results.
When we see these, we have a choice to make * Document for all consumers that a specific tool has a false positive and we can all safely ignore the report. This is challenging to communicate these to all downstream consumers. * Disable warnings/errors if the report is from a compiler. * Do a small source code change to address the false positive. We have a history of doing the last 2. I would also point out that when these false positives are generated, they tend to be in larger, more complex functions. Another option to consider is to refactor the code into smaller parts so the code is both easier to maintain/support and improve the static analysis results with fewer false positives. Each report needs to be handled on a case by case basis. Mike > -----Original Message----- > From: Pedro Falcato <pedro.falc...@gmail.com> > Sent: Thursday, August 17, 2023 1:18 PM > To: devel@edk2.groups.io; Kinney, Michael D <michael.d.kin...@intel.com> > Cc: Andrew (EFI) Fish <af...@apple.com>; wang...@iscas.ac.cn > Subject: Re: [edk2-devel] Can RELEASE target disable -Werror CC_FLAG? > > On Thu, Aug 17, 2023 at 9:00 PM Michael D Kinney > <michael.d.kin...@intel.com> wrote: > > > > I am surprised this same GCC error is not being seen for other CPU > archs. > > > > > > > > The simple fix is to this specific issue is to initialize CommandLine > to NULL at the beginning of the function. > > The correct fix here is to -Wno-error=maybe-uninitialized. This > warning is error prone and IIRC already disabled in the Linux kernel. > Heck, Wno-error=uninitialized wouldn't be a bad idea either, we > recently uncovered a GCC bug on it > (https://lore.kernel.org/all/20230719190045.4007391-1-a...@kernel.org/). > > > > We have observed that compilers continue to add more and more static > analysis like features over time. Code that compiled without > warnings/errors with an earlier compiler may generate warnings/errors on > a newer compiler. This looks like an example of this case. > Well, in this case the static analysis is wrong :) > > -- > Pedro -=-=-=-=-=-=-=-=-=-=-=- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#107840): https://edk2.groups.io/g/devel/message/107840 Mute This Topic: https://groups.io/mt/100663199/21656 Group Owner: devel+ow...@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/leave/9847357/21656/1706620634/xyzzy [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
