dcoughlin added a comment.

I evaluated this checker on three internal codebases that make large use of 
virtual functions.

Project 1: ~190,000 lines of C++. 16 alarms. I triaged all of them. There were 
2 definite false positives (FPs) and 14 likely FPs.
Project 2: ~320,000 lines of C++. 116 alarms. I triaged 45. All likely FPs.
Project 3: ~23,000 lines of C++. 43 alarms. I triaged 13. 3 definite FPs and 10 
likely FPs.

The definite false positives were cases where the programmer seemed aware of 
the semantics of virtual calls during construction/destruction and had each 
subclass explicitly call its own version of the virtual method in question. The 
likely false positives were cases where there was no subclass of the 
constructed class that overrode the method in question.

I think there is value in this checker: virtual calls in constructors are a 
definite code smell and are hard to get right. But I don't think we can turn it 
on by default given the sheer number of alarms. I think this needs to stay in 
alpha until we can reduce the number of false positives


cfe-commits mailing list

Reply via email to