[cfe-dev] Static taint analysis
Muhui Jiang via cfe-dev
cfe-dev at lists.llvm.org
Tue Jan 3 18:21:44 PST 2017
Hi Mads
Thanks. I made the decision to develop the tool in Clang. I never used
Clang before. The only thing I know is that clang is the frontend of llvm.
I also watched the tutorial for write a checker in 24hours in clang and had
a basic understanding now. Do you have any suggestions to me. Do I need to
understand llvm IR or other thing related to llvm before using clang. Many
Thanks
Regards
Muhui
2017-01-02 3:12 GMT+08:00 Mads Ravn <madsravn at gmail.com>:
> Hi Muhui,
>
> I am not sure how much of these static analysis are already present in
> Clang, but I'm sure you can develop them here. I would look into the files
> and directories I mentioned in my previous mail. I can't say how hard it
> will be to implement. There is also a IRC channel, if you want a more
> flowing conversation about the subject.
>
> Best regards,
> Mads Ravn
>
> On Sun, Jan 1, 2017 at 9:06 AM Muhui Jiang <jiangmuhui at gmail.com> wrote:
>
>> Hi Mads
>>
>> Thanks for your reply. Actually, I am completely new to clang. I know the
>> theory of program analysis and I tried to find a powerful tool to carry out
>> static analysis for my research. I need taint propagation,field sensitive,
>> context sensitive,flow sensitive with implicit and explicit flows and
>> pointer analysis. I think Clang should be available to develop such a tool.
>> I am familiar with C, C++ linux programming. There are about one month left
>> for me. Do you have any suggestions and do you have any comments on the
>> difficulty of implementation. Many Thanks
>>
>> Regards
>> Muhui
>>
>> 2016-12-31 6:48 GMT+08:00 Mads Ravn <madsravn at gmail.com>:
>>
>> Hi Muhui,
>>
>> It looks like clang has some kind of taint analysis already. I don't know
>> if it fits your purpose. But have a look at DivZeroChecker.cpp and
>> GenericTaintChecker.cpp in clang. There are also other files.
>>
>> If these do not fit your purpose, I think you should be able to construct
>> your own. If you have any questions about how to do this, please also
>> elaborate on your experience with clang. It's much easier to guide you in
>> the right direction, if we know your current level.
>>
>> Best regards,
>> Mads Ravn
>>
>> On Fri, Dec 30, 2016 at 9:46 PM Muhui Jiang via cfe-dev <
>> cfe-dev at lists.llvm.org> wrote:
>>
>> Hi
>>
>> I am trying to use clang analyzer to conduct static taint analysis on the
>> Linux kernel. I am wondering whether clang has a static taint analysis
>> framework or do I have to write a new one. If so, any suggestions or hints
>> to write the static taint analysis tool. Many thanks
>>
>> Regards
>> Muhui
>> _______________________________________________
>> cfe-dev mailing list
>> cfe-dev at lists.llvm.org
>> http://lists.llvm.org/cgi-bin/mailman/listinfo/cfe-dev
>>
>>
>>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.llvm.org/pipermail/cfe-dev/attachments/20170104/41bbcdfa/attachment.html>
More information about the cfe-dev
mailing list