<html>
<head>
<meta content="text/html; charset=ISO-8859-1"
http-equiv="Content-Type">
</head>
<body bgcolor="#FFFFFF" text="#000000">
On 5/14/12 8:11 PM, John McCall wrote:
<blockquote
cite="mid:531B8BAE-F72D-467C-9B97-0FBFD15A0AE6@apple.com"
type="cite">
<meta http-equiv="Content-Type" content="text/html;
charset=ISO-8859-1">
<div>
<div>On May 14, 2012, at 5:59 PM, Sai Charan wrote:</div>
<blockquote type="cite">
<div><font face="tahoma,sans-serif">I am looking at using
LLVM/Clang to automatically convert pointer declarations
to fat pointers & the corresponding dereferences to
something appropriate. I am looking for guidance on doing
this. Will an LLVM pass be better suited to this or would
this be better handled using Clang. Any guidance on
getting started would be helpful.</font></div>
</blockquote>
<br>
</div>
<div>It would be best handled by modifying Clang, both in semantic
analysis (to change the size of a pointer) and IR generation (to
generate, propagate, and consume your fat pointer values). I'm
afraid that clang's IR generation widely assumes that pointers
are represented as a single llvm::Value, though, and you might
be in for a lot of work.</div>
</blockquote>
<br>
Converting to fat pointers can also be done at the LLVM IR level
and, in fact, there's a modern implementation of fat pointers at the
LLVM IR level in the SAFECode project (<a class="moz-txt-link-freetext" href="http://sva.cs.illinois.edu">http://sva.cs.illinois.edu</a>).
The implementation is SoftBound from University of Pennsylvania, and
it implements what is essentially a fat pointer approach that does
not modify data structure layout. You can read about SoftBound at
<a class="moz-txt-link-freetext" href="http://www.cis.upenn.edu/acg/papers/pldi09_softbound.pdf">http://www.cis.upenn.edu/acg/papers/pldi09_softbound.pdf</a>.<br>
<br>
One of the problems with implementing fat pointers within clang is
that clang does not have the entire program, and so you cannot use
whole program analysis to determine if parts of the program are
aware of the data structure layout. An LLVM IR analysis that is
part of the link-time optimization framework can, and so a transform
at the LLVM IR level could determine when it is safe to modify a
data structure layout and when it is not.<br>
<br>
All that said, if you're using a fat pointer method that doesn't
modify data structure layout (SoftBound has this feature; Xu et.
al.'s work at <a class="moz-txt-link-freetext" href="http://seclab.cs.sunysb.edu/seclab/pubs/fse04.pdf">http://seclab.cs.sunysb.edu/seclab/pubs/fse04.pdf</a>
doesn't either, IIRC), implementing it in Clang would also work.<br>
<br>
As an FYI, I'm advocating for a common infrastructure in LLVM for
adding and optimizing memory safety run-time checks; the idea is to
have common infrastructure that will work both for fat pointer
approaches, object metadata approaches, and other approaches. You
can find my proposal at
<a class="moz-txt-link-freetext" href="http://lists.cs.uiuc.edu/pipermail/llvm-commits/Week-of-Mon-20120507/142532.html">http://lists.cs.uiuc.edu/pipermail/llvm-commits/Week-of-Mon-20120507/142532.html</a>.
I'd welcome any feedback or comments you may have on it.<br>
<br>
-- John T.<br>
<br>
<blockquote
cite="mid:531B8BAE-F72D-467C-9B97-0FBFD15A0AE6@apple.com"
type="cite">
<div><br>
</div>
<div>John.</div>
<br>
<br>
<fieldset class="mimeAttachmentHeader"></fieldset>
<br>
<pre wrap="">_______________________________________________
cfe-dev mailing list
<a class="moz-txt-link-abbreviated" href="mailto:cfe-dev@cs.uiuc.edu">cfe-dev@cs.uiuc.edu</a>
<a class="moz-txt-link-freetext" href="http://lists.cs.uiuc.edu/mailman/listinfo/cfe-dev">http://lists.cs.uiuc.edu/mailman/listinfo/cfe-dev</a>
</pre>
</blockquote>
<br>
</body>
</html>