[C-safe-secure-studygroup] Adoption by GCC and LLVM
Aaron Ballman
aaron at aaronballman.com
Fri Jan 6 18:05:42 UTC 2017
I authored many of the CERT checks that are present in Clang, and
while I cannot speak in any official capacity for the project, I can
say "patches welcome" with the best of them. ;-) The community is
likely to accept any contributions that strive towards TS 17961
conformance so long as they meet the usual quality bar for new feature
contributions.
As for whether a paid TS/IS is a problem for the community to adopt
the standard -- I'm not aware of any concrete issues. We implemented C
and C++, which are not free standards. Oftentimes, a public draft
preceding publication is sufficient to answer most questions.
~Aaron
On Fri, Jan 6, 2017 at 12:22 PM, Robert Seacord via
C-safe-secure-studygroup <c-safe-secure-studygroup at lists.trustable.io>
wrote:
> Jim,
>
> Thanks. You might want to feel them out to see what the think about
> implementing support for the existing TS 17961. That should be another goal
> of the study group, is to get adoption, and getting adoption of the work
> that has already finished means that we can get started now.
>
> As for the Clang checkers, there is someone lurking on the list who was
> probably responsible for writing most of them. I'll let him/her self
> incriminate.
>
> Thanks,
> rCs
>
> On Fri, Jan 6, 2017 at 12:16 PM, Jim MacArthur via C-safe-secure-studygroup
> <c-safe-secure-studygroup at lists.trustable.io> wrote:
>>
>> We spoke on Wednesday about trying to get GCC and Clang (LLVM's C front
>> end) to perform checks of whatever parts of the standard are testable by
>> static analysis. I was able to find one post asking for MISRA C checking,
>> about 11 years ago: https://gcc.gnu.org/ml/gcc/2005-11/msg00993.html. The
>> responses are generally against incorporating MISRA C at that time, although
>> most of the arguments are about the content of the standard itself rather
>> than the general question of testing for standards other than C11/C99/ANSI
>> C.
>>
>> http://clang-analyzer.llvm.org/available_checks.html states that the C
>> static analyser for LLVM has tests based on CERT-C, although they are not
>> exactly or entirely CERT-C.
>>
>> The context was whether or not charging for the standard would be a
>> problem for the adoption by GCC or LLVM; in short, I don't think it would be
>> a big problem as it's likely neither would explicitly implement the
>> standard. There don't seem to be any philosophical problems with
>> implementing individual rules from a non-free standard in either project.
>>
>> I'll make a post on the GCC mailing list and see if anything has changed.
>>
>> Jim
>>
>> _______________________________________________
>> C-safe-secure-studygroup mailing list
>> C-safe-secure-studygroup at lists.trustable.io
>>
>> https://lists.trustable.io/cgi-bin/mailman/listinfo/c-safe-secure-studygroup
>
>
>
> _______________________________________________
> C-safe-secure-studygroup mailing list
> C-safe-secure-studygroup at lists.trustable.io
> https://lists.trustable.io/cgi-bin/mailman/listinfo/c-safe-secure-studygroup
>
More information about the C-safe-secure-studygroup
mailing list