Knowledge Base > Troubleshooting > Working with code R011

Working with code R011

If you receive the output code R011, this means the method tested performs operations that violate Diffblue Cover’s sandboxing policy, e.g. connects to an external API or deletes a file.

While our policy is not to test methods that execute such operations, we suggest checking if the method also contains business logic that needs to be verified. If that’s the case, in order to have tests for the business logic, and consequently increase line coverage, refactor your code so that any logic that can be executed within the sandbox is contained in a separate, unit-testable method.

Examples of operations violating our sandboxing policy include:

  • Setting the security manager
  • Creating an access control context and possibly gaining permissions
  • Getting network information
  • Posting/deleting access to <URL>
  • Writing/executing/deleting access to files that are not in a temporary directory
  • Accessing the network
  • Accessing JMX APIs
  • Accessing Kerberos authentication
  • Calling to sun.misc.Unsafe
  • Calling to System.exit
  • Loading a JNI library
  • Accessing the printer
  • Displaying GUI forms.

Allowing JNI

If the policy is blocking access to a JNI library that you beleive to be safe to use, then you can add it to the list of allowed JNI libraries to load.

Disabling The Sandbox

When using the CLI there is an option to disable this security policy and permit these operations, but it should be used with caution! This option allows execution of potentially unsafe code during test generation, which may change the file system. Existing files will not be changed or deleted, but new files may be created.