static-analysis

问题 what kind of errors static analysis (e.g. compiler) can detect and symbolic execution can not detect? and what kind of errors that symbolic execution can detect and static analysis can not detect? for example can symbolic execution detect syntax errors? 回答1: In short, static analysis is capable of spotting coding issues, such as bad practices. For example, if you declare (unnecessarily) a class field as public, a static analysis tool may warn you that such field should be declared as private.

问题 I'm using coverity (5.5.1) (among others) to harden my code. I stumbled over a problem and now I have doubts that my setup of coverity is not complete. Have a look at this example: class A { int _a,_b; public: A(int b) : _a(_b), _b(b) { } }; int main(void) { A *a1 = new A(5); delete a1; A a2(5); return 0; } As can be seen I'm using _b to initialize _a before it is initialized with b . In this question I learned that it would be "nice to have" such a warning issued by the compiler or any other

问题 I'm interested in learning the main factors which affect PC-lint-ing time. I'm aware of a few such as -passes(#) which will increase the time PC-Lint takes (increase linearly?) or that reducing the messages which are output does not affect the linting time. I'm hoping to verify my understanding of lint's performance by having one of you who is more experienced with lint list the main factors they've encountered that affect linting time. Also, do any of you have experience using .lob files

问题 I'm trying to encourage a best practice of not catching general exceptions in Java code. eg: try { ... } catch (Exception e) { // bad! ... } Is there a way to flag this as an error/warning in Eclipse? I know PMD picks this up, but I'd rather avoid integrating it into everyone's build environment at the moment. 回答1: You can use Checkstyle eclipse plugin to do the same. Check 'IllegalCatch' section at documentation 回答2: FindBugs can report this: REC : Exception is caught when Exception is not

问题 I want to be able to specify the Code AnalysisRules in commandline MSBuild (for Code Analysis / FXCOP). The project file would have something like this in it: <CodeAnalysisRules>-Microsoft.Globalization#CA1301;-Microsoft.Globalization#CA1302</CodeAnalysisRules> So I would assume that I use something like this: MSBuild.exe /property:RunCodeAnalysis=true /property:CodeAnalysisRules=-Microsoft.Globalization#CA1301 Which works fine, but when I want to add another rule, it does not like the semi

问题 Eclipse (Juno) gives the following warning: Potential resource leak: 'os' may not be closed at the first line of the try body in this code: static void saveDetails(byte[] detailsData) { OutputStream os = null; try { os = sContext.openFileOutput(DETAILS_FILE_NAME, Context.MODE_PRIVATE); os.write(detailsData); } catch (IOException e) { Log.w(LOG_TAG, "Unable to save details", e); } finally { if (os != null) { try { os.close(); } catch (IOException ignored) { } } } } The method openFileOutput is

问题 There are many times when as I am debugging, or reusing some code, the file starts to acquire lines that don't do anything, though they may have done something at one point. Things like vectors and getting filled, and then go unused, classes/structs that are defined but never used, and functions that are declared, but never used. I understand that in many cases, some of these things are not superfluous, as they might be visible from other files, but in my case, there are no other files, just

问题 A lot of what I have learned about VB I learned from using Static Code Analysis (Particularly Aivosto's Project Analyzer). And one one of things it checks for is whether or not you cleared all objects and arrays. I used to just do this blindly because PA said so. But now that I know a little bit more about the way VB releases resources, it seems to me that these things should be happening automatically. Is this a legacy feature from pre VB6, or is there a reason why you should explicitly set

问题 A lot of what I have learned about VB I learned from using Static Code Analysis (Particularly Aivosto's Project Analyzer). And one one of things it checks for is whether or not you cleared all objects and arrays. I used to just do this blindly because PA said so. But now that I know a little bit more about the way VB releases resources, it seems to me that these things should be happening automatically. Is this a legacy feature from pre VB6, or is there a reason why you should explicitly set

问题 Given a C++ source code, I want to find the class fields that every function writes and reads. What is the best way of doing this using the Clang frontend? (I'm not asking for a detailed explanation of all the steps; however a starting point for an efficient solution would be great.) So far I tried parsing statements using the RecursiveASTVisitor, but keeping track of node connections is difficult. Also, I cannot figure out how to keep track of something like below: int& x = m_int_field; x++;