[cfe-dev] my experience with clang
Nuno Lopes
nunoplopes at sapo.pt
Wed Jan 9 06:57:00 PST 2008
>>>> The checking of the parameters for PHP is also really nice. With
>>>> not
>>>> that much code you were able to write a custom check for a code
>>>> base that
>>>> in practice can be really useful.
>>>
>>> Yes, I agree. It is quite simple and really useful (it can save a few
>>> crashes and potential security bugs). I now need to port it to the
>>> liveness
>>> analyzer to get info about unititalized variables.
>>> My initial idea was to extend this to user-space (I even sent a
>>> proposal to
>>> the gcc mailing list some time ago).
>>
>> One random and maybe interesting thought: the linux kernel people are
>> marking pointers as user or kernel and using their 'sparse' tool to
>> flag semantic violations. Instead of adding special support to clang
>> to handle something like this, I wonder if Christopher's alternate
>> address space work could be used to handle this...
>
> Interesting possibility! If this is something you're interested in
> I'll try to get my address spaces clang work committed sooner rather
> than later.
>
> Another use of these types of pointer attributes is Microsoft's
> __ptr32/__ptr64, though I don't think that's so much for analysis as
> pure pointer hackery.
Uhm I wonder how this relates with the varargs function checks I was talking
about.. As you probably know gcc supports the printf checks through an
__attribute__, and I don't know how the address spaces thing could be used
to parse the format string and so on. (please enlighten me if I'm wrong!).
Nuno
More information about the cfe-dev
mailing list