[llvm-dev] Noob question from friend of cybersecu guy
Victor Campos via llvm-dev
llvm-dev at lists.llvm.org
Wed Apr 21 01:21:15 PDT 2021
clang -fsanitize=undefined might be what you're looking for.
https://clang.llvm.org/docs/UndefinedBehaviorSanitizer.html
Cheers,
Victor.
On Wed, 21 Apr 2021, at 03:55, pawel k. via llvm-dev wrote:
> Hello,
> In previous life i knew one cybersecu bounty hunter. As a leftover from
> then, i was wondering whether it would be useful and feasible to have
> in clang or clang static analyzer the checks for two classes of awkward
> types of code. Namely c++'ses 191 undefined behaviours and 52
> unspecified behaviours. That could possibly help to automatically
> pinpoint the nonportable or randomly code working only because of
> coincidence. Whether wed warn or err on such shall be up for discussion.
>
> Sorry if that is super obvious and already implemented or np hard or useless.
>
> If interested author of csmith might know something about full list of
> these as he is author of randome code generator that avoids genning
> code with such artifacts.
>
> Best regards,
> Pawel Kunio
>
>
> _______________________________________________
> LLVM Developers mailing list
> llvm-dev at lists.llvm.org <mailto:llvm-dev%40lists.llvm.org>
> https://lists.llvm.org/cgi-bin/mailman/listinfo/llvm-dev
>
More information about the llvm-dev
mailing list