enabling gcc's -fanalyzer option
Werner Koch
wk at gnupg.org
Wed Mar 6 15:55:03 CET 2024
Hi!
and thanks for the report.
On Wed, 6 Mar 2024 11:46, Falko Strenzke said:
> I enabled -fanalyzer for GnuPG in my project. It reports quite a few findings.
> Some of them (or even the majority) might be false positives. I haven't
That is the reasons why we don't run this or other static analyzers
regulary.
Your case is pretty obvious. It is only in master due to
gpg: Add parallelized filter for hashing.
https://dev.gnupg.org/rG1ddd69935da629188dcf9215cd9e7a8f68b34a97
> Just as a suggestion from me to add a flag to the configure script to enable
> this gcc feature. I am still looking for a way to inform the static analyzer
make CFLAGS="-fanalyzet"
is what I would do.
Shalom-Salam,
Werner
--
The pioneers of a warless world are the youth that
refuse military service. - A. Einstein
-------------- next part --------------
A non-text attachment was scrubbed...
Name: openpgp-digital-signature.asc
Type: application/pgp-signature
Size: 247 bytes
Desc: not available
URL: <https://lists.gnupg.org/pipermail/gnupg-devel/attachments/20240306/f3ad0970/attachment.sig>
More information about the Gnupg-devel
mailing list