[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Using Clang's static analyzer on bash

From: Chet Ramey
Subject: Re: Using Clang's static analyzer on bash
Date: Mon, 24 Apr 2017 11:13:37 -0400
User-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.12; rv:45.0) Gecko/20100101 Thunderbird/45.8.0

On 4/23/17 9:02 PM, Eduardo Bustamante wrote:
> I built bash using scan-build
> (https://clang-analyzer.llvm.org/scan-build.html) and I noticed that
> it was able to detect the null pointer dereference reported earlier by
> Jaren (https://lists.gnu.org/archive/html/bug-bash/2017-04/msg00100.html).
> address@hidden:~/src/gnu/bash$ scan-build-3.9 make
> scan-build: Using '/usr/lib/llvm-3.9/bin/clang' for static analysis

I'd be interested in seeing the results.  In my experience with similar
tools, the false positive ratio is very high.

``The lyf so short, the craft so long to lerne.'' - Chaucer
                 ``Ars longa, vita brevis'' - Hippocrates
Chet Ramey, UTech, CWRU    address@hidden    http://cnswww.cns.cwru.edu/~chet/

reply via email to

[Prev in Thread] Current Thread [Next in Thread]