Frama-C Comparing static analysis tools is (still) difficult Earlier this year of 2012, some of my colleagues and I took the opportunity to point out that, as a research community, we are not doing a satisfactory job of comparing static analysis tools. This article and blog post were concerned with independent...
Read MoreOctober is National Cyber Security Awareness Month (if you are in the United States; otherwise it is Another Country's Cyber Security Awareness Month). In celebration here is a short list of recent cyber-security failures: An iPhone user navigating to a malicious webpage can see eir personal information (address book browsing...
Read MoreOne thing leading to another, I recently ended up wondering why, according to an individual close to the situation, the C snippet below is considered defined in C99. struct X { int a[5]; } f(); int *p = f().a; printf(\%p" p); The programming Q&A website StackOverflow had never failed me...
Read MorePreviously on this blog Although it was so brief that you may have missed it, I previously mentioned here the 2012 RERS Grey Box Challenge an interesting competition where the questions involve programs in C syntax. I pointed out that some questions were about the reachability of assertions in the...
Read MoreIf you liked my earlier proposal for a finer-grained restrict (1 2 3 4) you might like this slightly more serious proposal for named constants in C on Jens Gustedt's blog. Or not. Here is a simple test to tell if you are likely to be interested: if you can...
Read More