<html>
<head>
<meta content="text/html; charset=ISO-8859-1"
http-equiv="Content-Type">
</head>
<body bgcolor="#FFFFFF" text="#000000">
<div class="moz-cite-prefix">On 5/29/14, 12:04 PM, Saeed, Ahmed
wrote:<br>
</div>
<blockquote
cite="mid:B98EF0EDF1F99B489A3A9A32E8D53BA829464F6B41@ITSEMBXCLUS.enterprise.gcal.ac.uk"
type="cite">
<meta http-equiv="Content-Type" content="text/html;
charset=ISO-8859-1">
<meta name="Generator" content="Microsoft Word 14 (filtered
medium)">
<style><!--
/* Font Definitions */
@font-face
{font-family:Calibri;
panose-1:2 15 5 2 2 2 4 3 2 4;}
@font-face
{font-family:Consolas;
panose-1:2 11 6 9 2 2 4 3 2 4;}
/* Style Definitions */
p.MsoNormal, li.MsoNormal, div.MsoNormal
{margin:0cm;
margin-bottom:.0001pt;
font-size:11.0pt;
font-family:"Calibri","sans-serif";
mso-fareast-language:EN-US;}
a:link, span.MsoHyperlink
{mso-style-priority:99;
color:blue;
text-decoration:underline;}
a:visited, span.MsoHyperlinkFollowed
{mso-style-priority:99;
color:purple;
text-decoration:underline;}
p
{mso-style-priority:99;
mso-margin-top-alt:auto;
margin-right:0cm;
mso-margin-bottom-alt:auto;
margin-left:0cm;
font-size:12.0pt;
font-family:"Times New Roman","serif";}
code
{mso-style-priority:99;
font-family:"Courier New";}
pre
{mso-style-priority:99;
mso-style-link:"HTML Preformatted Char";
margin:0cm;
margin-bottom:.0001pt;
font-size:10.0pt;
font-family:"Courier New";}
span.EmailStyle17
{mso-style-type:personal-compose;
font-family:"Calibri","sans-serif";
color:windowtext;}
span.apple-converted-space
{mso-style-name:apple-converted-space;}
span.HTMLPreformattedChar
{mso-style-name:"HTML Preformatted Char";
mso-style-priority:99;
mso-style-link:"HTML Preformatted";
font-family:"Courier New";
mso-fareast-language:EN-GB;}
.MsoChpDefault
{mso-style-type:export-only;
font-family:"Calibri","sans-serif";
mso-fareast-language:EN-US;}
@page WordSection1
{size:612.0pt 792.0pt;
margin:72.0pt 72.0pt 72.0pt 72.0pt;}
div.WordSection1
{page:WordSection1;}
--></style><!--[if gte mso 9]><xml>
<o:shapedefaults v:ext="edit" spidmax="1026" />
</xml><![endif]--><!--[if gte mso 9]><xml>
<o:shapelayout v:ext="edit">
<o:idmap v:ext="edit" data="1" />
</o:shapelayout></xml><![endif]-->
<div class="WordSection1">
<p class="MsoNormal">Dear All,<o:p></o:p></p>
<p class="MsoNormal"><o:p> </o:p></p>
<p
style="margin:0cm;margin-bottom:.0001pt;line-height:13.35pt;background:white;vertical-align:baseline"><span
style="font-size:10.5pt;font-family:"Arial","sans-serif";color:black">I
am new to LLVM and using it create a simple pass for array
bounds checking.</span></p>
</div>
</blockquote>
<br>
Are you performing static array bounds checking within the compiler,
or are you adding code to the program to check array bounds when the
program is executed?<br>
<br>
<blockquote
cite="mid:B98EF0EDF1F99B489A3A9A32E8D53BA829464F6B41@ITSEMBXCLUS.enterprise.gcal.ac.uk"
type="cite">
<div class="WordSection1">
<p
style="margin:0cm;margin-bottom:.0001pt;line-height:13.35pt;background:white;vertical-align:baseline"><o:p></o:p></p>
<p
style="margin:0cm;margin-bottom:.0001pt;line-height:13.35pt;background:white;vertical-align:baseline"><span
style="font-size:10.5pt;font-family:"Arial","sans-serif";color:black">How
can i retrieve pointer to a memory area that is accessed by
a function call . I have written a Pass that can intercept
function calls and detect whether it is writing to a memory
on not using </span><span
style="font-size:10.5pt;font-family:Consolas;color:black;border:none
windowtext 1.0pt;padding:0cm;background:#EEEEEE">Instruction::mayWriteToMemory()</span><span
style="font-size:10.5pt;font-family:"Arial","sans-serif";color:black">.
Whether a function accessing memory or not can be checked
by </span><span
style="font-size:10.5pt;font-family:Consolas;color:black;border:none
windowtext 1.0pt;padding:0cm;background:#EEEEEE">Instruction::mayReadFromMemory()</span><span
style="font-size:10.5pt;font-family:"Arial","sans-serif";color:black"> and </span><span
style="font-size:10.5pt;font-family:Consolas;color:black;border:none
windowtext 1.0pt;padding:0cm;background:#EEEEEE">Instruction::mayWriteToMemory()</span><span
style="font-size:10.5pt;font-family:"Arial","sans-serif";color:black"> but
how can i get staring address of those memory areas (program
variables) that are being written by.</span></p>
</div>
</blockquote>
<br>
For static array bounds checking, you'll need to use a points-to
analysis (e.g., DSA from the poolalloc project) to get an
approximation of the memory objects accessed by a pointer.<br>
<br>
For dynamic array bounds checking, you'll need to instrument the
program so that the bounds of all memory objects are recorded in
side data structures and then add code before strcpy() to find the
bounds information associated with a given pointer using those side
data structures.<br>
<br>
The SAFECode compiler (<a class="moz-txt-link-freetext" href="http://sva.cs.illinois.edu">http://sva.cs.illinois.edu</a>) instruments code
to do dynamic array bounds checking. If you want to check for
dynamic array bounds violations, SAFECode already does that (as does
SoftBound, which is included in the SAFECode source code). Address
Sanitizer pretty much does this, too, although its design can permit
out-of-bounds array indexing violations if the pointer arithmetic
uses very large strides.<br>
<br>
Regards,<br>
<br>
John Criswell<br>
<br>
<blockquote
cite="mid:B98EF0EDF1F99B489A3A9A32E8D53BA829464F6B41@ITSEMBXCLUS.enterprise.gcal.ac.uk"
type="cite">
<div class="WordSection1">
<p
style="margin:0cm;margin-bottom:.0001pt;line-height:13.35pt;background:white;vertical-align:baseline"><span
style="font-size:10.5pt;font-family:"Arial","sans-serif";color:black"><o:p></o:p></span></p>
<p class="MsoNormal"
style="margin-bottom:12.0pt;line-height:13.35pt;background:white;vertical-align:baseline"><span
style="font-size:10.5pt;font-family:"Arial","sans-serif";color:black;mso-fareast-language:EN-GB"><o:p> </o:p></span></p>
<p class="MsoNormal"
style="margin-bottom:12.0pt;line-height:13.35pt;background:white;vertical-align:baseline"><span
style="font-size:10.5pt;font-family:"Arial","sans-serif";color:black;mso-fareast-language:EN-GB">For
example, for the c code<o:p></o:p></span></p>
<p class="MsoNormal"
style="line-height:13.35pt;background:#EEEEEE;vertical-align:baseline">
<span
style="font-size:10.5pt;font-family:Consolas;color:black;border:none
windowtext
1.0pt;padding:0cm;background:#EEEEEE;mso-fareast-language:EN-GB">int
main(){<o:p></o:p></span></p>
<p class="MsoNormal"
style="line-height:13.35pt;background:#EEEEEE;vertical-align:baseline">
<span
style="font-size:10.5pt;font-family:Consolas;color:black;border:none
windowtext
1.0pt;padding:0cm;background:#EEEEEE;mso-fareast-language:EN-GB">char
arrd[]="This is destination ";<o:p></o:p></span></p>
<p class="MsoNormal"
style="line-height:13.35pt;background:#EEEEEE;vertical-align:baseline">
<span
style="font-size:10.5pt;font-family:Consolas;color:black;border:none
windowtext
1.0pt;padding:0cm;background:#EEEEEE;mso-fareast-language:EN-GB">char
arrs[]="COPIED STRING";<o:p></o:p></span></p>
<p class="MsoNormal"
style="line-height:13.35pt;background:#EEEEEE;vertical-align:baseline">
<span
style="font-size:10.5pt;font-family:Consolas;color:black;border:none
windowtext
1.0pt;padding:0cm;background:#EEEEEE;mso-fareast-language:EN-GB">strcpy(arrd,
arrs);<o:p></o:p></span></p>
<p class="MsoNormal"
style="line-height:13.35pt;background:#EEEEEE;vertical-align:baseline">
<span
style="font-size:10.5pt;font-family:Consolas;color:black;border:none
windowtext
1.0pt;padding:0cm;background:#EEEEEE;mso-fareast-language:EN-GB">printf("Final
copied string : %s\n", arrd);<o:p></o:p></span></p>
<p class="MsoNormal"
style="line-height:13.35pt;background:#EEEEEE;vertical-align:baseline">
<span
style="font-size:10.5pt;font-family:Consolas;color:black;border:none
windowtext
1.0pt;padding:0cm;background:#EEEEEE;mso-fareast-language:EN-GB">return
0;<o:p></o:p></span></p>
<p class="MsoNormal"
style="line-height:13.35pt;background:#EEEEEE;vertical-align:baseline">
<span
style="font-size:10.5pt;font-family:Consolas;color:black;border:none
windowtext
1.0pt;padding:0cm;background:#EEEEEE;mso-fareast-language:EN-GB">}</span><span
style="font-size:10.5pt;font-family:Consolas;color:black;mso-fareast-language:EN-GB"><o:p></o:p></span></p>
<p class="MsoNormal"><o:p></o:p></p>
<p class="MsoNormal">Does LLVM at IR level provide such
functionality to intercept call to “strcpy” and provide
starting and end address of any data variables being written
by it?<o:p></o:p></p>
<p class="MsoNormal"><o:p> </o:p></p>
<p class="MsoNormal">Regards,<o:p></o:p></p>
<p class="MsoNormal"><o:p> </o:p></p>
<p class="MsoNormal">Ahmed Saeed,<o:p></o:p></p>
<p class="MsoNormal">Research Student,<o:p></o:p></p>
<p class="MsoNormal">Glasgow Caledonian University, UK.<o:p></o:p></p>
<p class="MsoNormal"><o:p> </o:p></p>
</div>
<br>
<font color="Gray" face="Arial" size="2">Glasgow Caledonian
University is a registered Scottish charity, number SC021474<br>
</font>
<br>
<fieldset class="mimeAttachmentHeader"></fieldset>
<br>
<pre wrap="">_______________________________________________
LLVM Developers mailing list
<a class="moz-txt-link-abbreviated" href="mailto:LLVMdev@cs.uiuc.edu">LLVMdev@cs.uiuc.edu</a> <a class="moz-txt-link-freetext" href="http://llvm.cs.uiuc.edu">http://llvm.cs.uiuc.edu</a>
<a class="moz-txt-link-freetext" href="http://lists.cs.uiuc.edu/mailman/listinfo/llvmdev">http://lists.cs.uiuc.edu/mailman/listinfo/llvmdev</a>
</pre>
</blockquote>
<br>
</body>
</html>