<div dir="ltr"><div>Hi John,<br></div><div class="gmail_extra"><br><div class="gmail_quote">On 25 May 2016 at 16:11, John Criswell <span dir="ltr"><<a href="mailto:jtcriswel@gmail.com" target="_blank">jtcriswel@gmail.com</a>></span> wrote:<br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">
<div bgcolor="#FFFFFF" text="#000000">
<div>Dear Pierre,<br>
<br>
Stepping up a level, what is your goal in replacing calls to
malloc() and free()? Is it any different than what SAFECode,
SoftBound, or ASan do?<br></div></div></blockquote><div><br></div><div>That's a good question. I didn't knew about SoftBound until now, so thank you for the name =). Anyway here is what I know:<br></div><div> - ASan is a shadow-based memory protection, which allows accesses to an addressable field<br></div><div> - I don't know every aspects of SAFECode. What I looked at was BaggyBoundsCheck which is an object based memory protection. In this way it still allows wild accesses inside an allocation<br></div><div> - I quickly looked at SoftBound and it does protect the memory at a precise level. However metadata is separately stored which involve higher overhead<br><br></div><div>My point is BoundsChecking has been designed (by Nuno Lopes) to be a very low overhead checking tool. For the moment no runtime have been implemented and I wanted to do a lightweight one on it (I am just a student so even for the personal experience I'm interested). The runtime would be necessary to solve the actual problem of inter-procedural checks.<br><br></div><div>As said I haven't strong basis on the topic so any suggestion is welcome. However I know there are several criteria a program can't all match together like effectiveness, memory use, compatibility...<br></div><div> <br></div><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><div bgcolor="#FFFFFF" text="#000000"><div>
<br>
Regards,<br>
<br>
John Criswell</div></div></blockquote><div><br></div><div>Thanks John,<br></div><div>Pierre <br></div><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><div bgcolor="#FFFFFF" text="#000000"><span class="HOEnZb"><font color="#888888"><pre cols="72">--
John Criswell
Assistant Professor
Department of Computer Science, University of Rochester
<a href="http://www.cs.rochester.edu/u/criswell" target="_blank">http://www.cs.rochester.edu/u/criswell</a></pre>
</font></span></div>
</blockquote></div><br></div></div>