Questions tagged [static-analysis]
"Static Analysis" refers to the software tools (or their use) to analyze application code for arbitrary properties, such as errors (uninitialized variables, possible SQL injection-attack, is this code-dead, can an argument be null,...) or structure (what is the call graph for this code? is there duplicate code? what information is passed between components?).
static-analysis
2,222
questions
0
votes
1
answer
52
views
What are the differences between using mutiple or'ed typehints vs abc and an inheritance hierachy in Python?
Python is a dynamic language. This means that types are dynamic at runtime and Python makes use of the concept of Ducktyping.
What this means is that for any object x was can do
x.some_function()
x....
-2
votes
1
answer
85
views
Warning to discover unnamed variable
Recently I've met a bug in C++ project related to an unnamed scope guard, like in this question:
LockGuard(mutex);
See simple demo.
This kind of bug is really hard to find by reviwing changes, and ...
-3
votes
1
answer
87
views
New messsage "Active checkers" in cppcheck after upgrade
I integrate cppcheck analysis with CMake by specifying this command line:
cmake .. -DCMAKE_BUILD_TYPE=Release -DCMAKE_CXX_CPPCHECK="cppcheck;--enable=all;--suppress=missingIncludeSystem;--inline-...
0
votes
0
answers
22
views
How can I make a Call Graph where it only shows the function calls and related control flows for static analysis for Java Code / Android?
Currenlty I am using Sootup Framework - 1.3.0 (https://github.com/soot-oss/SootUp/tree/develop). Through the examples provided in documentation, I was able to create a complete Control Flow Graph (CFG)...
0
votes
0
answers
32
views
PC-Lint unknown type name __size_t, __wchar_t
I am setting up PC-Lint in TASKING IDE. I keep running into an issue where the C standard libraries are throwing errors for unknown type names of __size_t and __wchar_t.
errors
The path to these ...
1
vote
0
answers
72
views
Can fopen return stdout and require it to be closed?
Some old C code I wrote implemented an output file option, which I reduced to a
minimal example:
#define _XOPEN_SOURCE
#include <stdio.h>
#include <string.h>
static void output(const char ...
1
vote
1
answer
28
views
Type assignment error in implementing Dart's ZoneSpecification
I'm getting a static analysis error while implementing Dart's Zone.
Code:
void main() {
Zone.current.fork(specification: ZoneSpecification(scheduleMicrotask: (self, parent, zone, f) => parent....
0
votes
0
answers
9
views
How to have runtime visualization of code symbols
Is there a way to generate a graph view of a run, similar to stacktrace but just have it as a graph view.
Stack traces could be visualized as graphs by having the file source as the node and then ...
0
votes
0
answers
9
views
How to prove that the dependent variable is explained by the two independent variables (which are correlated)? [migrated]
I would like to show that the dependent variable Y is mainly explained by the two independent variables (A1 and A2). Theoretically, an increase in A1 increases Y, and an increase in A2 decreases Y. ...
0
votes
0
answers
41
views
Why go-staticcheck reports "unused method" when implementing interface
I have written a fairly simple code. It simply "implements" the factory interface in a stateless way. It works as expected, however I got a warning from Golang linter that both make() and ...
0
votes
1
answer
29
views
readelf -R (--relocated-dump) option
Can anyone explain how the contents of a section are relocated using the -R option for readelf?
I would like to see an example of this so I can understand how it works.
When I build an executable ...
0
votes
1
answer
92
views
Can I Prove Monotonicity of Allocations to the Rust Borrow Checker
I have the following code which does not compile:
// TODO: Return Result, remove `.expect`s
fn to_blender_subfile<'a>(
filepath: &str,
transform: Transform,
visited_file_cache: &...
1
vote
0
answers
31
views
What is causing LuaLS to give this bogus cast-local-type warning?
Being fairly new to the wonderful language of lua, I still don't fully
understand how all the bits and pieces fit together in the lua eco-system.
If editing the following perfectly valid code:
require ...
0
votes
0
answers
52
views
Using findbugs To Scan A Specific Java Class File And Get "Unable to get XClass for java/lang/Object" Exception
I added spotbugs as dependency in my pom.xml.
<dependency>
<groupId>com.github.spotbugs</groupId>
<artifactId>spotbugs</artifactId>
<...
2
votes
1
answer
46
views
WP Plugin: Why does the following simplified code fail to verify
I am a new Frama-C User and I am trying to prove certain properties for a large project. I was seeing a particular proof fail, and tried reducing the problem to a minimum reproducible example, and the ...