[cfe-users] Running 'scan-build' in SRD's test cases (NIST)
Jordan Rose
jordan_rose at apple.com
Mon Feb 17 09:43:55 PST 2014
Hi, Lucas. The analyzer currently runs a per-translation-unit analysis, so it misses some bugs that whole-program analysis may be able to catch. I'm guessing that's the reason it's unable to catch this particular issue.
In general, the analyzer is set for reasonably fast turnaround (depending on the size of the project, of course), so it also might not do a fully precise interprocedural analysis if the state space gets too big. I'd have to see the particular test case to tell what's going on here.
I did see that Edward (CC'd) wanted to try bringing in the Juliet Test Suite for the analyzer, but neither I nor Ted (the lead on the analyzer) have gotten the chance to sit down and look at what this would actually entail. It's possible he's encountered similar issues, however.
Jordan
On Feb 15, 2014, at 5:58 , Lucas Kanashiro <kanashiro.duarte at gmail.com> wrote:
> I am trying to running 'scan-build' in Juliet suite testcase v1.2 (NIST
> indication) to catch some bugs of 'Division by zero' (CWE 369) and I
> can't do it, the scan-build can't show me the existing bugs. Did someone
> try to do it yet?
>
> I have a doubt that scan-build can identify a bug of division by zero in
> this case (when parameter denominator is zero):
>
> int divide (int denominator) {
> return 10/denominator;
> }
>
> Can someone help me? Is this a deficiency of scan-build? Can scan-build
> identify the bugs in Juliet suite?
>
> Thanks in advance!
>
> --
> Lucas Kanashiro Duarte
> Engenharia de Software - FGA/UnB
> kanashiro.duarte at gmail.com
>
> _______________________________________________
> cfe-users mailing list
> cfe-users at cs.uiuc.edu
> http://lists.cs.uiuc.edu/mailman/listinfo/cfe-users
More information about the cfe-users
mailing list