[LLVMdev] summer of code idea — checking bounds overflow bugs
John Regehr
regehr at cs.utah.edu
Tue Mar 30 09:33:29 PDT 2010
John-- a couple questions:
Can you explain the SAFECode model in a bit more detail? I am getting
conflicting information. On one hand, some of the papers describe a
system that is primarily designed to hide safety violations. On the other
hand, the 2006 ICSE paper that I cited earlier today seems to be talking
about catching violations. These are very different goals! What does the
code in the SAFECode repository actually do?
Can you comment on the speed of LLVM when shelling out to Omega? My guess
would be that this will result in unacceptable compile times for large
software, and that something fast and relatively simple like ABCD is a
better choice for general usage.
Finally a comment: it's a clear that a comprehensive system for trapping
undefined behavior in Clang is a multi-year project. Some parts of this
must live in Clang. Some parts, such as bounds check optimizations,
should go into LLVM passes. Anyway I'm just saying that the project you
outlines seems to fit very well into the overall vision of detecting
undefined behavior in C programs.
John
More information about the llvm-dev
mailing list