Extend Bug Finder Checkers to Find Defects from Specific System Input Values
This topic shows how to find possible defects from specific values of system inputs. Unlike Code Prover, Bug Finder does not exhaustively check for run-time errors for all combinations of system inputs. However, you can extend some Bug Finder checkers and find if there are specific system input values that can lead to run-time errors.
Identify Need for Extending Checker
First identify if an existing checker is sufficient for your requirements.
For instance, the Bug Finder checker Integer division
by zero detects if a division operation can have a zero
denominator. Suppose, a library function has the possibility of a division by zero
following several numerical operations. For instance, consider the function
speed here:
#include <assert.h>
int speed(int k) {
int i,j,v;
i=2;
j=k+5;
while (i <10) {
i++;
j+=3;
}
v = 1 / (i-j);
return v+k;
}
Note that even after extending the checkers, Bug Finder does not provide the sound and exhaustive analysis of Code Prover. For instance, if Bug Finder does not detect errors after extending the checkers, this absence of detected errors does not have the same guarantees as green checks in Code Prover.
Extend Checker
To extend the checker and detect the above issue, use these options:
Run stricter checks considering all values of system inputs (-checks-using-system-input-values): Enable this option. Checkers that rely on numerical values can now consider all input values for functions with at least one callee. You can change which functions are considered with the next option.Consider inputs to these functions (-system-inputs-from): Use the valuecustomand enter the name of the function whose inputs must be considered, in this case,speed. At the command line, use the option argumentcustom=speed.
When you run a Bug Finder analysis, you see a possible integer
division by zero on the division operation. The result shows an example of an input
value to the function speed that eventually leads to the current
defect (zero value of the denominator).
The tooltips on the defect show how the input value propagates through the code to eventually lead to one set of values that cause the defect.
Checkers That Can Be Extended
The following checkers are affected by numerical values of inputs and can be extended using the preceding options:
Bug Finder defects:
AUTOSAR C++14 coding rule:
CERT C rules and recommendations:
CERT C++ rules:
MISRA C:2012 rules:
MISRA C++:2008 rules:
ISO/IEC TS 17961 rules:
JSF AV C++ coding rules: JSF AV C++ coding rule 142
CWE rules:
Related Topics
You can also select a web site from the following list
Americas
- América Latina (Español)
- Canada (English)
- United States (English)
Europe
- Belgium (English)
- Denmark (English)
- Deutschland (Deutsch)
- España (Español)
- Finland (English)
- France (Français)
- Ireland (English)
- Italia (Italiano)
- Luxembourg (English)
- Netherlands (English)
- Norway (English)
- Österreich (Deutsch)
- Portugal (English)
- Sweden (English)
- Switzerland
- United Kingdom (English)
Asia Pacific
- Australia (English)
- India (English)
- New Zealand (English)
- 中国
- 日本Japanese (日本語)
- 한국Korean (한국어)