[LLVMdev] summer of code idea — checking bounds overflow bugs
John Criswell
criswell at uiuc.edu
Tue Mar 30 07:42:40 PDT 2010
John Regehr wrote:
> Qiuping,
>
> Have you looked at what has already been done? I would expect that taking
> previous work such as this:
>
> http://llvm.org/pubs/2006-05-24-SAFECode-BoundsCheck.html
>
> and integrating into current LLVM would be a better idea than starting
> over.
>
This code is publicly available from the SAFECode project (see
http://safecode.cs.illinois.edu to see how to get it). However, it has
not been maintained well over the years and is currently disabled.
Getting it to work again with LLVM 2.6 or replacing it with something
better would be nice.
I'm writing up a response to this project idea as I'm willing to mentor
it; I'll send it out shortly.
-- John T.
> John
>
>
> On Tue, 30 Mar 2010, ??? wrote:
>
>
>> Hi,
>>
>> Some days ago I am interested in detecting undefined behaviors
>>
>> in C programs based on Clang. After several days? investigation, I think
>>
>> checking bounds overflow bugs is more interesting, because bounds
>>
>> overflow is one of the most frequently encountered errors in C programs.
>>
>> For example, performing pointer arithmetic without checking bounds
>>
>> can cause bounds overflow. To increase the accuracy of finding bugs,
>>
>> I want to write several passes, based on slicing, inline and summary
>> function
>>
>> / (partial) transition function, to implement intre-procedural analysis.
>>
>> Does some person have interest in the project? I need a mentor,
>>
>> and wait for your reply.
>>
>>
>>
>> Best Reagards!
>>
>>
>>
>> Qiuping Yi
>>
>>
>>
> >
More information about the llvm-dev
mailing list