[cfe-dev] Summer of Code idea -- detecting undefined behavior (fwd)

Chris Hacking chacking at cs.washington.edu
Tue Mar 23 22:20:34 PDT 2010 

I suspect some of these tests might incur a significant performance penalty
if run as part of compilation. Simple and easy tests are good, but anything
that is too expensive might make more sense to move into the Clang Static
Analyzer instead.

That said, some work from the CSA might be usable here. For example, I
believe that the CSA already detects divide-by-zero. While a full analysis
of the source code would be overkill for the compiler to do every time,
adding the ability to detect divide-by-zero from literals:

int a = 5; int b = 5/0;

or using constant propagation:

int a = 5; int b = 0; int c = a/b;

would certainly be useful and probably relatively easy.

Chris Hacking


-----Original Message-----
From: cfe-dev-bounces at cs.uiuc.edu [mailto:cfe-dev-bounces at cs.uiuc.edu] On
Behalf Of John Regehr
Sent: Tuesday, March 23, 2010 10:13 PM
To: cfe-dev at cs.uiuc.edu
Subject: Re: [cfe-dev] Summer of Code idea -- detecting undefined behavior
(fwd)

Leo, my guess would be that the easy undefined behaviors can be tackled 
with only a basic knowledge of compilers.  Some of these will have large 
payoff.

The hard undefined behaviors will require a great deal of intimacy with 
the C standard and with Clang/LLVM.  My favorite example is that a program 
is undefined if "Between two sequence points, an object is modified more 
than once, or is modified and the prior value is read other than to 
determine the value to be stored."  Yuck.

John


On Tue, 23 Mar 2010, Leopold Walkling wrote:

> Hi,
> like Conrado I also wonder about the requirements one would have to meet
to
> make this project a success.
> Is a basic understanding of compilers sufficient?
> I imagine such detection mechanisms would be difficult to isolate from
other
> code generation behavior, so I think it would be quite a challenge to
avoid
> degrading the design of the current code generation module, or even
breaking
> working behavior, wouldn't it?
>
> Leopold Walkling
>
> On Tuesday 23 March 2010 01:47:13 John Regehr wrote:
>> Oops-- just sent the message below to the main LLVM list, it probably
>> would have been better sent to this list in the first place.
>>
>> --------------------
>>
>> Is anyone interested in a SoC project to further develop Clang's support
>> for detecting undefined behaviors in C/C++?
>>
>> This is actually a collection of many smaller projects ranging from very
>> easy (detecting divide by zero) to rather nasty (detecting references to
>> out-of-scope automatic variables).
>>
>> If someone does this, I'm happy to help mentor, provide test cases, etc.
>>
>> If done well, this would be a relatively high-impact project.  It would
>> catch more errors than valgrind, be faster, and provide much better error
>> messages.
>>
>> John Regehr
>> _______________________________________________
>> cfe-dev mailing list
>> cfe-dev at cs.uiuc.edu
>> http://lists.cs.uiuc.edu/mailman/listinfo/cfe-dev
> _______________________________________________
> cfe-dev mailing list
> cfe-dev at cs.uiuc.edu
> http://lists.cs.uiuc.edu/mailman/listinfo/cfe-dev
>
_______________________________________________
cfe-dev mailing list
cfe-dev at cs.uiuc.edu
http://lists.cs.uiuc.edu/mailman/listinfo/cfe-dev

More information about the cfe-dev mailing list