When I use it to detect the problem of out-of-bounds memory overflow in the array, it cannot be found #27
-
|
When I write I use the largest ts file; |
Beta Was this translation helpful? Give feedback.
Replies: 1 comment
-
|
Hi @DylanSang - Thanks for looking into ControlFlag (CF) and exploring its capabilities. Currently, CF only considers control expressions (e.g., if statement conditionals). This is because in many of the programming language defect surveys we had read, we observed that many of the coding defects came from ill-formed conditional expressions (i.e., incorrectly expressed Boolean logic). That said, we do plan to add support for "learned" instruction-level static analysis in the coming months. It's our hope that CF will be able to detect these instruction-level defects (like the one you describe, which is clearly an "out of bounds" array access error) in the coming months. Does all of this make sense? Thank you again for looking into ControlFlag! Best, |
Beta Was this translation helpful? Give feedback.
Hi @DylanSang -
Thanks for looking into ControlFlag (CF) and exploring its capabilities.
Currently, CF only considers control expressions (e.g., if statement conditionals). This is because in many of the programming language defect surveys we had read, we observed that many of the coding defects came from ill-formed conditional expressions (i.e., incorrectly expressed Boolean logic).
That said, we do plan to add support for "learned" instruction-level static analysis in the coming months. It's our hope that CF will be able to detect these instruction-level defects (like the one you describe, which is clearly an "out of bounds" array access error) in the coming months.
Does all of this mak…