On Sat, Mar 20, 2010 at 07:35:47PM +0000, David Holland wrote: > On Sat, Mar 20, 2010 at 12:40:12PM -0400, Thor Lancelot Simon wrote: > >> As a part of my work I would like to write a translator for C > >> language and a small library. Their goal would be to detect > >> integer overflows, stack overflows, problems with static array > >> indexing, etc (when such occur during the program execution). It > >> will enable me to uncover more bugs in the software. > > > > What is the benefit of this when compared to existing static-analysis > > tools such as Coverity Scan, splint, or the Clang static analyzer? Will > > this cover any cases they don't? If so, which ones? > > AIUI from chat, the idea is to increase the probability that if the > testing causes something bogus to happen, the bogus behavior will > result in an easily identifiable abort.
Again, I would like to understand why such an abort would be more "easily identifiable" by some newly written tool than by one of the ones I listed above, which have been around for a long time.