philosphy.md: Remove section about bughunting it has been moved to Cppcheck Premium

This commit is contained in:
Daniel Marjamäki 2023-06-09 09:40:58 +02:00
parent b086873599
commit 2beb46194f
1 changed files with 0 additions and 14 deletions

View File

@ -27,20 +27,6 @@ Reporting issues in Trac:
Inconclusive messages will be created if cppcheck cannot be sure there is an issue to warn but 50-50 probability. User shall enable inconclusive messages if they are willing to spend substantially more time on message verification in order to find more issues within a high false positive rate. Inconclusive messages will be created if cppcheck cannot be sure there is an issue to warn but 50-50 probability. User shall enable inconclusive messages if they are willing to spend substantially more time on message verification in order to find more issues within a high false positive rate.
Inconclusive messages shall not be used for new checks which are just being developed. There `settings.experimental` can be used. Inconclusive messages shall not be used for new checks which are just being developed. There `settings.experimental` can be used.
## Bug hunting - Soundy analysis
The goal is to detect nearly all bugs. It will not be possible to detect ALL bugs. For instance if the code is garbage or if the bug happens in a inline assembler code block.
It will not be possible to avoid false alarms completely but we can not be sloppy about false alarms. There are tools that are too noisy. A handful of false alarms for a project is totally fine in this analysis. But 1000's of false alarms for the average project would not be ok.
We want to detect UB. But we will not add checkers that are too noisy.
Reporting issues in Trac:
- If you see a false negative; report that as a defect.
- If you see a false positive; report it as an enhancement.
We should try hard to fix false positives however we can't have heuristics that we know will cause important false negatives.
## No configuration ## No configuration