[LLVMdev] [GSoC 2014] Using LLVM as a code-generation backend for Valgrind

[John Criswell]

On 2/24/14 12:51 PM, Denis Steckelmacher wrote:
> Hi,
>
> I've seen on the LLVM's Open Projet Page [1] an idea about using LLVM 
> to generate native code in Valgrind. For what I know, Valgrind uses 
> libVEX to translate native instructions into a bitcode, used to add 
> the instrumentation and then translated back to native code for 
> execution.

I think a more interesting idea would be to use LLVM to perform 
instrumentation and then to use Valgrind to instrument third-party 
libraries linked into the program.

What I'm imagining is this: Let's say you instrument a program with 
SAFECode or Asan to find memory safety errors.  When you run the program 
under Valgrind, the portion of the code instrumented by SAFECode or Asan 
runs natively without dynamic binary instrumentation because it's 
already been instrumented.  When the program calls uninstrumented code 
(e.g., code in a dynamic library), Valgrind starts dynamic binary 
instrumentation to do instrumentation.

A really neat thing you could do with this is to share run-time data 
structures between the LLVM and Valgrind instrumentation.  For example, 
Valgrind could use SAFECode's meta-data on object allocations and 
vice-versa.

If you're really clever, the LLVM instrumentation could be added in a 
way where it's off by default by enabled when the program is run under 
Valgrind.

The net effect is that most of the instrumentation works faster because 
it was added at compile-time, but code compiled with another compiler 
can still be instrumented by Valgrind with a performance penalty.

-- John T.