[LLVMdev] Clang + SAFECode Release Announcement

Kostya Serebryany kcc at google.com
Thu Aug 18 09:27:34 PDT 2011 

On Thu, Aug 18, 2011 at 7:56 AM, John Criswell <criswell at illinois.edu>wrote:

> Dear All,
>
> We have a new release of Clang with SAFECode technology for detecting
> memory safety errors. Memory safety checking (SAFECode for short) can be
> turned on with a single command line switch to clang/clang++. The
> SAFECode techniques do not change the behavior of the clang/clang++
> compilers in any way when the switch is turned off, so this can be used
> as a drop-in replacement for clang/clang++.
>
> Clang with SAFECode has the following advantages over tools such as
> Valgrind:
>
> o) It is faster since it does not use dynamic binary translation and can
> optimize away some run-time checks.
>


John,

Do you have performance figures for SAFECode, e.g. on Spec CPU2006 or
similar benchmarks?

Valgrind shows 20x on CPU2006, DrMemory shows 10x (
http://groups.csail.mit.edu/commit/papers/2011/bruening-cgo11-drmemory.pdf).
AddressSanitizer (which finds a different set of bugs compared to
Valgrind/DrMemory, but very similar to SAFECode) has less than 2x overhead (
http://code.google.com/p/address-sanitizer/wiki/PerformanceNumbers).


Thanks,

--kcc





> o) It is more accurate since it knows the boundaries of individual stack
> and global objects (Valgrind's ptrcheck tool needs to use heuristics to
> find these boundaries).
> o) It provides better error diagnostics that give more useful
> information about each memory safety violation.
>
> The current release primarily detects dereferences of pointers that are
> generated from buffer overflows.  There are many features from the LLVM
> 2.7 version of SAFECode that we are updating to work with LLVM mainline
> and will be incorporating into our version of Clang soon.  These
> features include:
>
> o) Detecting invalid memory accesses (e.g., dangling pointer dereferences)
> o) Detecting invalid calls to free()
> o) Detecting uses of uninitialized pointers
> o) Detecting memory errors caused by misuse of C standard library functions
> o) Several optimizations, including type-safe load/store check removal
> and a loop hoisting optimization
>
> Clang with SAFECode is available for download either in source form for
> Linux and Mac OS X or as a pre-built Mac OS X binary at
> http://sva.cs.illinois.edu/downloads.html.  The source code is also
> available directly from our SAFECode Subversion repository; download
> directions are given on the web page above.
>
> We're very interested in feedback (positive, negative, or otherwise).
>
> Regards,
>
> John Criswell
>
>
> _______________________________________________
> LLVM Developers mailing list
> LLVMdev at cs.uiuc.edu         http://llvm.cs.uiuc.edu
> http://lists.cs.uiuc.edu/mailman/listinfo/llvmdev
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.llvm.org/pipermail/llvm-dev/attachments/20110818/bdc2b25b/attachment.html>

More information about the llvm-dev mailing list