Runtime security/memory checks for gcc/gdb
Oleg Goldshmidt
pub at goldshmidt.org
Tue Jan 12 00:29:56 IST 2010
Elazar Leibovich <elazarl at gmail.com> writes:
> Just a remark, as some people asked me about it privately.
>
> I'm not interested in static analysis (which gcc gives for
> uninitialized variables). But with runtime analysis of where the
> uninitialized variable have been actually used when the code was
> run. This is useful in many situations (for instance, when having
> 3000 (literally) static warnings, some of similar spirit, and no
> time to check them all)
>
> I didn't find anything parallel to that for gcc.
Do you insist on gcc (or FOSS)? If you are willing to try a commercial
product definitely try Insure++ from ParaSoft. I have not touched it
for a while, but I have *very* fond memories. The only drawback I
recall was that applications ran slower than with gcc due to all the
instrumentation it inserts. But man, does it find bugs!...
http://www.parasoft.com (no, I don't own the stock). I have not
checked, but they used to have evaluation.
--
Oleg Goldshmidt | pub at goldshmidt.org
More information about the Linux-il
mailing list