can infer find out all suspecious bugs?

facebook / infer

A static analyzer for Java, C, C++, and Objective-C

http://fbinfer.com/

MIT License

14.8k stars 2k forks source link

can infer find out all suspecious bugs? #1782

Open JiandongLu opened 11 months ago

JiandongLu commented 11 months ago

currently I's using infer 1.1.0. but i am curious the question : can infer find out all suspecious bugs epsecially mem leak bugs? if not, is there an open source tool can do ?

thanks

SolomonSun2010 commented 11 months ago

任何工具都不能找出所有的可疑bugs。例如，你如何定义C++、或Java/Android中的内存泄露问题，并让工具完全理解？同时，工具也要跟语言版本与时俱进。除非你使用内存安全的语言，例如像Rust。

hajduakos commented 3 months ago

No, Infer is underapproximate by nature, which means that it tries to minimize false positives, while potentially having false negatives (missing bugs). Software model checkers aim to not have false negatives, however they often suffer from performance issues in practice.