> Hi Nuno, > > Sorry for the late response to this email. As I promised in my personal > communication, I wanted to take a look at what you did in some detail > after the holidays so that I could share it with the list. I think it is > exciting what you were able to do with clang in such a short time. > Comments inline.
Thank you for your throughout answer (as usual)! I really appreciate it and I've really learned a lot with your answers. A few little comments: > The checking of the parameters for PHP is also really nice. With not > that much code you were able to write a custom check for a code base that > in practice can be really useful. Yes, I agree. It is quite simple and really useful (it can save a few crashes and potential security bugs). I now need to port it to the liveness analyzer to get info about unititalized variables. My initial idea was to extend this to user-space (I even sent a proposal to the gcc mailing list some time ago). This would require some mechanism to allow arbitrary functions to be passed to the gcc's __attribute__((__format__(my_function, 1, 2))). Not sure how the user-space program would specify the my_function, but if someone has an idea about it, I would love to ear/read it :) I wouldn't mind to implement it in clang. > Regarding your implementation of the buffer overrun checker, one thing > that I wasn't certain about was whether or not your analysis did any > backtracking when it encountered an infeasible state. For example: > > if (x == 1) // do something > ... > if (x == 1) // do something Yes, it is able to skip some infeasible paths. However, in this case it wouldn't work, as I didn't implemented support for != restrictions (in this case, x != 1). If using e.g. 'x > 1' instead, it would crop the infeasible paths. Anyway the memory usage was really excessive. I had to limit the memory at 700 MBs (in the CC script), because before linux was freezing (linux is really bad at swapping..). This was not clang fault, though (I had major memory leakages). Nuno _______________________________________________ cfe-dev mailing list [email protected] http://lists.cs.uiuc.edu/mailman/listinfo/cfe-dev
