I'm confused about making a decision.

For example, when I wrote a code 'test.c' like this.

int main(void){

        int b = 2;
        int c = 0;

        int d = b/c;
        printf("d: %d\n", d);
        return 0;
}

And then, I typed the command clang --analyze test.c then the statement warning: Division by zero [core.DivideZero]" appeared

After that, I typed the command clang test.c. Then no warning comes out. However, when I run this program, error Floating point exception(core dumped) comes out.

In this case, which is the right one? is it a true-positive or false positive? Can someone explain it to me?

CodePudding user response：

And then, I typed the command clang --analyze test.c then the statement warning: Division by zero [core.DivideZero]" appeared

The Clang static analyzer correctly determined there is a division by zero in the program.

After that, I typed the command clang test.c. Then no warning comes out.

Clang compiled the program in conformance with the C standard. The C standard does not require a compiler to warn you that there is a division by zero in the program.

However, when I run this program, error Floating point exception(core dumped) comes out.

The program was executed in conformance with the C standard. For division, the C standard says “if the value of the second operand is zero, the behavior is undefined.” Since the behavior is undefined, aborting the program with an error message (even a misleading one about “Floating point exception”) is permitted by the C standard.

In this case, which is the right one? is it a true-positive or false positive?

All three behaviors are correct.