[cfe-dev] GSOC Static Analyzer Proposal

Adam Schnitzer adamschn at umich.edu
Wed Apr 10 15:05:44 PDT 2013 

I agree, it would be nice to have diagnostics for implementation defined
behavior as well.

However, it seems like there would be some degree of overlap. For example,
we already
have -fsanitize=shift, which, I believe, technically checks implementation
defined,
rather than undefined behavior (language lawyers feel free to correct me).

I think it could be very interesting to check some behaviors not covered
in the sanitizers statically. Do you have thoughts about static versus
dynamic
checking?

Adam

On Wed, Apr 10, 2013 at 5:40 PM, Jeffrey Walton <noloader at gmail.com> wrote:

> On Wed, Apr 10, 2013 at 5:07 PM, Adam Schnitzer <adamschn at umich.edu>
> wrote:
> > John and Sean,
> >
> > Thank you very much for the feedback. I have a better idea of scope and
> > where to focus.
> >
> > John, I think you're absolutely right, with -fsanitize=undefined and
> others,
> > more behavior is being caught at runtime/compile time. I will start
> working
> > on a list of behaviors for which no diagnostics currently exist, and
> select
> > a subset to focus on.
> My apologies for stepping in and bike shedding: I would really enjoy
> something for 'implementation defined' behaviors also. Its not always
> portable, and I find it to be a key indicator of code quality.
>
> Perhaps another switch would be in order(-fsanitzie=implementation)?
>
> Jeff
>
> > On Wed, Apr 10, 2013 at 1:54 PM, John Regehr <regehr at cs.utah.edu> wrote:
> >>>
> >>> I would like to work on improving support for C++ in the static
> analyzer.
> >>> Specifically, I think it
> >>> would be valuable to improve the checkers for undefined behavior
> >>> including those already suggested.
> >>
> >>
> >> I'd be happy to provide feedback on a more specific version of this part
> >> of the proposal.
> >>
> >> In particular, a useful starting point (maybe this already exists?)
> would
> >> be a list of all C/C++ undefined behaviors broken down by whether
> >> Clang/LLVM...
> >>
> >> - can reliably provide a compile-time diagnostic
> >>
> >> - can reliably provide a runtime diagnostic
> >>
> >> - cannot provide any diagnostic, but implements a predictable behavior
> >>
> >> - cannot provide any diagnostic and also implements unpredictable
> behavior
> >>
> >> Obviously the last category is the interesting place for future work.
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.llvm.org/pipermail/cfe-dev/attachments/20130410/8def6741/attachment.html>

More information about the cfe-dev mailing list