-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On 04/12/11 13:33, Hargett, Matt wrote:
> Hey Sarah,
>
> Many array bounds and format string problems can already be found, especially
> with LTO, ClooG, loop-unrolling, and -O3 enabled. Seeing across object-file
> boundaries, understanding loop bou
Hey Sarah,
Many array bounds and format string problems can already be found, especially
with LTO, ClooG, loop-unrolling, and -O3 enabled. Seeing across object-file
boundaries, understanding loop boundaries, and aggressive inlining allows GCC
to warn about a lot of real-world vulnerabilities. W
On Tue, Apr 12, 2011 at 10:00 AM, sa...@hederstierna.com
wrote:
> Hi
>
> Richard, I've implemented a simple nop-pass as you described and are now
> investigating a path forward for static code analysis.
> I'm trying to modify eg. cp-pass to be able to call these workers from my
> analysis pass.
milar?
Thanks and Best Regards
/Fredrik
From: Richard Guenther [richard.guent...@gmail.com]
Sent: Wednesday, February 16, 2011 11:17
To: sa...@hederstierna.com
Cc: gcc@gcc.gnu.org
Subject: Re: Question about static code analysis features in GCC
On Wed, Feb 16, 2011 at 8:54 AM, sa...@
o be able to be called from
the static analysis pass directly instead of trying to make them
"passes without code-gen".
Richard.
>
> Thanks and Best Regards
> /Fredrik
>
> From: Richard Guenther [richard.guent...@gmail.com]
> Sen
r [richard.guent...@gmail.com]
Sent: Sunday, February 13, 2011 10:54
To: sa...@hederstierna.com
Cc: gcc@gcc.gnu.org
Subject: Re: Question about static code analysis features in GCC
On Sun, Feb 13, 2011 at 2:34 AM, sa...@hederstierna.com
wrote:
> Hi
>
> I would like to have some advice regardin
On Sun, Feb 13, 2011 at 2:34 AM, sa...@hederstierna.com
wrote:
> Hi
>
> I would like to have some advice regarding static code analysis and GCC.
> I've just reviewed several tools like Klocwork, Coverity, CodeSonar and
> PolySpace.
> These tools offer alot of features and all tools seems to find
