Emilie  Okumu

Emilie Okumu


UB Canaries: A Collection Of C/C++ Programs That Detect Undefined

UB Canaries: A collection of C/C++ programs that detect undefined
behavior exploitation by compilers.


To run all tests, type:


For a complete list of command line options:

 run-canaries --help


Each directory documents and tests an expectation: something a developer might
-- perhaps unreasonably! -- expect the compiler to do when faced with undefined
behavior. For example, the "uninitialized-variable" directory tests the
expectation that an uninitialized scalar variable will consistently return some
value that is legal for the variable's type.

If any test program in a directory does not display the expected behavior (for a
given compiler version + flags), then that compiler is considered to violate
that expectation.

The toplevel script run-canaries tests the expectations for a
specified collection of compilers and compiler flags. For now, you
need to edit that file to change the set of compilers and flags.

The output of run-canaries is, for each compiler / flag / canary
combination, a bit that tells us whether that compiler has been
observed to exploit that particular UB (in other words, whether it has
been observed violating the expectation). So here, for example, clang
has been seen to exploit signed integer overflows and uninitialized
variables, but not signed left shifts:

clang -O3 signed-left-shift 0
clang -O3 signed-integer-overflow 1
clang -O3 uninitialized-variable 1


Guidelines for writing tests:

- Each test program should be entirely contained (except for standard header
 files) in a single compilation unit.

- An expectation should only be tested by looking at a program's stdout, never
 by looking at its assembly code or observing its memory usage or execution

- A test program foo.c may have one or more outputs corresponding to the
 "expected" case where the compiler does not exploit that UB. If there is one
 such file it should be called foo.output. If there are multiple files they
 should be called foo.output1, foo.output2, etc. If the actual output does not
 match any of these files, the compiler is assumed to have exploited the UB.

- Every test program must test only a single UB. In other words, each test
 program is written in a dialect of C that is completely standard except that a
 single behavior (signed integer overflow or whatever) is actually defined
 instead of undefined.

- Reliance on implementation-defined behavior is unavoidable, but please avoid
 gratuitous reliance such as assuming a particular size for int or long. It is
 OK to use the fixed-width types such as int32_t.

- A tricky issue to how much to expose to the optimizer and how much to hide.
 There are no particular good rules of thumb that I am aware of, you just have
 to try different things.

- An easier issue is *how* to hide from the optimizer. I suggest introducing a
 dependency on argc or on the value loaded from a volatile. Tests may assume
 that argc == 1.


Author: regehr
Source Code:  https://github.com/regehr/ub-canaries
License: MIT License

#cpluplus #c 

What is GEEK

Buddha Community

UB Canaries: A Collection Of C/C++ Programs That Detect Undefined
Abdullah  Kozey

Abdullah Kozey


Learning C: Input and Output and Two Program Templates

Before I get too deep into C, I need to show you how to get data into and out of your programs. Using assignment for data gets old after a while and you want to be able to have users enter their own data. And you definitely need to be able to see what happens to your data in a program so learning how to display data to the screen is important and necessary.

Besides demonstrating how to perform input and output in C, I will also be demonstrating two templates that are related to those topics — Prompt, Then Read and Input, Process, Output (IPO). The IPO template, in particular, is important because practically every C program you write will use this template.

When I talk about input and output in C, I’ll use the terms standard input and standard output. These terms refer to the default input and output devices on your computer. The standard input device is the keyboard. The standard output device is the computer’s monitor or screen. I will only use the terms input and output and when I use those terms I’m referring to standard input and standard output. If I want to refer to a different device for input and/or output, I’ll use the specific term for that device.

#c-programming-language #c-programming #c-program #c-programming-help

Ari  Bogisich

Ari Bogisich


WASI Development Toolchain for C/C++

We realized that compiling already existing C/C++ projects to WASI was much more challenging than we expected. This is because of two main reasons:

  1. It’s not trivial to install and use the WASI SDK
  2. It’s quite hard to port existing projects to WASI as it requires a tighter integration with all configuration and make tools

Inspired by these challenges we have been working non-stop on improving the tooling so it’s easier for anyone to use and adopt WebAssembly and WASI!

#programming #c-programming #c #c# #c++

Anil  Sakhiya

Anil Sakhiya


C programming for Beginners | Learn C Programming | C Language

C Language is an evergreen language and is used widely across different industries, This C programming is a must for students and working professionals to become a great Software Engineer especially when they are working in Software Development Domain. Great Learning brings you this live session on “Introduction to C”. In this live session, we will be covering major concepts in C Programming such as Different Variables, Different Data Types that are being used, its Operators, Flow control statements, Structure, and lot more.

#c #programming #developer #c-programming #c-language

Shaylee  Lemke

Shaylee Lemke


Object Oriented Programming in C++ | C++ OOPs Concepts | Learn Object Oriented C++

C++ is general purpose, compiled, object-oriented programming language and its concepts served as the basis for several other languages such as Java, Python, Ruby, Perl etc.

The goal of this course is to provide you with a working knowledge of C++. We’ll start with the basics, including syntax, operators, loops, and functions. This Course will explain you how to use data structures and create your own Functions. This Course will show you the details of the powerful object and template systems so you can create useful classes and objects.

Youtube channel: ProgrammingKnowledge - https://www.youtube.com/watch?v=_SH1T3y_D7o

#c #c# #c++ #programming-c

Ari  Bogisich

Ari Bogisich


Source Generators Will Enable Compile-Time Metaprogramming in C#

Source generators are a new feature of the C# compiler that enables inspecting user code using compiler-generated metadata and generating additional source files to be compiled along with the rest of program.

Loosely inspired by F# type providers, C# source generators respond to the same aim of enabling metaprogramming but in a completely different way. Indeed, while F# type providers emit types, properties, and methods in-memory, source generators emit C# code back into the compilation process.

#c# #c #c++ #programming #programming c