[SystemSafety] A small taste of what we're up against
Derek M Jones
derek at knosof.co.uk
Wed Oct 24 14:16:06 CEST 2018
Martyn,
> Yes, people make mistakes and inspections and testing find too few of
> them. That's why you need languages with semantics for which tools can
> be written that detect many such mistakes.
Given the large number of static checkers for C, this language
obvious contains lots of semantics ;-)
> For example, if your tools can tell you "this program can generate a
> value for that array index that will be out of bounds", you have the
> opportunity to eliminate the error before it kills someone.
Array index checking tools have been available for C since around 1983:
https://shape-of-code.coding-guidelines.com/2017/04/28/array-bound-checking-in-c-the-early-products/
The issue is not tools, it is getting developers to use them.
> Martyn
>
>
> On 24/10/2018 12:11, Derek M Jones wrote:
>> I practice most developers don't read the language standard
>> and most coding mistakes are unrelated to developer knowledge
>> of language semantics, e.g., they are oversights, off
>> by one errors or cut-and-paste slip-ups.
>
>
>
>
> _______________________________________________
> The System Safety Mailing List
> systemsafety at TechFak.Uni-Bielefeld.DE
>
--
Derek M. Jones Software analysis
tel: +44 (0)1252 520667 blog:shape-of-code.coding-guidelines.com
More information about the systemsafety
mailing list