[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Using Clang's static analyzer on bash
From: |
Chet Ramey |
Subject: |
Re: Using Clang's static analyzer on bash |
Date: |
Mon, 24 Apr 2017 11:13:37 -0400 |
User-agent: |
Mozilla/5.0 (Macintosh; Intel Mac OS X 10.12; rv:45.0) Gecko/20100101 Thunderbird/45.8.0 |
On 4/23/17 9:02 PM, Eduardo Bustamante wrote:
> I built bash using scan-build
> (https://clang-analyzer.llvm.org/scan-build.html) and I noticed that
> it was able to detect the null pointer dereference reported earlier by
> Jaren (https://lists.gnu.org/archive/html/bug-bash/2017-04/msg00100.html).
>
> dualbus@debian:~/src/gnu/bash$ scan-build-3.9 make
> scan-build: Using '/usr/lib/llvm-3.9/bin/clang' for static analysis
I'd be interested in seeing the results. In my experience with similar
tools, the false positive ratio is very high.
--
``The lyf so short, the craft so long to lerne.'' - Chaucer
``Ars longa, vita brevis'' - Hippocrates
Chet Ramey, UTech, CWRU chet@case.edu http://cnswww.cns.cwru.edu/~chet/