Re: Enabling AddressSanitizer from Xcode
Re: Enabling AddressSanitizer from Xcode
- Subject: Re: Enabling AddressSanitizer from Xcode
- From: Jeffrey Walton <email@hidden>
- Date: Thu, 14 Mar 2013 16:43:24 -0400
On Thu, Mar 14, 2013 at 4:35 PM, Sean McBride <email@hidden> wrote:
> On Thu, 14 Mar 2013 16:28:12 -0400, Jeffrey Walton said:
>
>>Related: some of the other -fsanitize=xxx looks *absolutely* bad ass
>>(http://clang.llvm.org/docs/UsersManual.html#controlling-code-generation).
>>I can't wait to get my grubby pawls on them. I see Peng Li and John
>>Regehr's IOC made it in via -fsanitize=shift and
>>-fsanitize=signed-integer-overflow.
>
> Yes, they are great. I've been running them for a few months now, slowly fixing the hundreds of bugs they have found in my code and open source code I use.
>
You might like this too:
https://www.owasp.org/index.php/C-Based_Toolchain_Hardening. Its an
aggressive treatment, but I know it pays off. The code can't fart or
sneeze without a developer knowing what went wrong where. I'm aware of
a few projects that take bug reports that are literally years apart.
The article lacks a concise treatment of Clang/LLVM at the moment, but
Clang should be a first class citizen in the article. I'm still
working through -Weverything and what to back off in a safe manner.
Jeff
_______________________________________________
Do not post admin requests to the list. They will be ignored.
Xcode-users mailing list (email@hidden)
Help/Unsubscribe/Update your Subscription:
This email sent to email@hidden