[cfe-dev] Checking Model Used by 'ArrayBoundV2'
Benjamin Schulz
bjs428 at mail.missouri.edu
Fri Dec 2 21:16:46 PST 2011
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Hi all,
I was wondering if anyone could tell me what model of array bounds
checking the static analyzer uses in
'-analyzer-checker=experimental.security.ArrayBoundV2' ? Is the
implementation based on a checking algorithm or a type system that's
been documented (formally or informally) elsewhere?
In particular, I'm trying to figure out which kinds of false negatives
(e.g. http://llvm.org/bugs/show_bug.cgi?id=11114) should be viewed as
bugs in the implementation, and which are necessary consequences of the
checking procedure that's applied.
Thanks,
- --Benjamin Schulz
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.10 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/
iQEcBAEBAgAGBQJO2bC+AAoJECT8Sbi31ptplJcIAM57sWzIXcOLp8KQxSMXKfpS
coYWDN4fRxz+EcqXUgugs79fEepOto033aFOvZ3Oyt0PSs6IPExQAtNkWOro8Dcm
tqGzJJydJW25WdtBQH911QhelJ5i26I4lj2Z0nl9FvSBjPkOqaU0phuAc3ATwbRx
HiVajE1RGtlVJ553OLIvjymnZPFdlbYoHMhVw1nJ/iooMWGnGrrKjYnrZ1hxQ7O4
ZLwc1LKJGzX/dGueubiqYo+WWE/rnWpw3xkG9U/oZ9IMQ9iY9zyadytjlv3vINcR
kiJGGJYgSTnJoaXqxQ+WaJ5cMImlqko3u3/115cCkJSimlG0J3UVwCgqxFSlEXQ=
=MMkC
-----END PGP SIGNATURE-----
More information about the cfe-dev
mailing list