[llvm-dev] Noob question from friend of cybersecu guy

pawel k. via llvm-dev llvm-dev at lists.llvm.org
Tue Apr 20 19:55:25 PDT 2021


Hello,
In previous life i knew one cybersecu bounty hunter. As a leftover from
then, i was wondering whether it would be useful and feasible to have in
clang or clang static analyzer the checks for two classes of awkward types
of code. Namely c++'ses 191 undefined behaviours and 52 unspecified
behaviours. That could possibly help to automatically pinpoint the
nonportable or randomly code working only because of coincidence. Whether
wed warn or err on such shall be up for discussion.

Sorry if that is super obvious and already implemented or np hard or
useless.

If interested author of csmith might know something about full list of
these as he is author of randome code generator that avoids genning code
with such artifacts.

Best regards,
Pawel Kunio
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.llvm.org/pipermail/llvm-dev/attachments/20210421/a483f25e/attachment.html>


More information about the llvm-dev mailing list