[llvm-dev] [GSoC16] Seeking Guidance for a project regarding SAFECode
John Criswell via llvm-dev
llvm-dev at lists.llvm.org
Wed Mar 16 08:56:49 PDT 2016
On 3/3/16 12:25 PM, Abhinav Tripathi via llvm-dev wrote:
> Hello,
> I am Abhinav Tripathi, B.Tech 3rd Year student from IIT Indore, India.
> I was looking on the projects ideas page of llvm and saw that I could
> also propose to work on the SAFECode Open projects. As I found no
> mailing list on their site, I am sending this message here. Please
> redirect me to some other list, if required.
The most useful project for SAFECode right now is to update its code to
work with either LLVM 3.7 or LLVM 3.8. I had a student work on this
last summer (code is at https://github.com/jtcriswell/safecode-llvm37),
but it needs to be completed and tested. On my end, I'm interested in
getting SAFECode dusted off because I'd like to use it for research
projects that need to attach metadata to memory objects.
Until SAFECode is updated to a newer version of LLVM, its utility is
pretty limited, and any projects to enhance it will basically require
that it be updated to a newer version of LLVM.
> .
> I found most of the projects quite alluring as I have been working on
> a similar project (in terms of tasks) since the last GSoC. It is
> CPPSharp (https://github.com/genuinelucifer/CppSharp).
> .
> The ones that I found most interesting were:
> 1 - Improve Static Array Bounds Checking -- Because I have done a lot
> of array related tasks while writing marshalling code for CppSharp. I
> think I can really contribute into this project.
Static Array Bounds Checking requires that you understand static
analysis. Multiple static analysis methods are applicable: range
analysis, integer linear programming, SMT solvers, etc. For a
successful proposal for static array bounds checking, you should know
which algorithm you will implement and be able to explain why you think
it will work well. For SAFECode, the algorithm must be sound with
respect to two's complement arithmetic (i.e., the algorithm must take
into account that integers in C can experience underflow or overflow
when used in arithmetic).
> .
> 2 - Create a simpler CompleteChecks pass -- Although I admit, I didn't
> quite understand what simpler would mean here. But it seems fairly
> challenging (if it's regarding optimisation) or involving
> understanding of a large part of codebase (in which case too it
> intrigues me). I would love to work on this one too.
The CompleteChecks pass currently uses the DSA points-to analysis (which
is large and complicated). There are simpler analyses that one could do
to determine whether a memory object is read or written by external
code. For example, a simple intra-procedural analysis could determine
if a memory object is allocated and only used by the current function,
and a simple inter-procedural analysis could create a very simple heap
abstraction and perform data-flow analysis on the pointers contained
within heap objects to determine if they are influenced by external
library code. Basically, there are some simple quick analyses that
would be imprecise but could probably find memory objects that are not
manipulated by external code.
> .
> If the mentor(s) or anyone else would like to state a few proficiency
> tests to prove my aptness for the projects, I would love to submit a
> couple of patches before applying for GSoC.
I think the only proficiency test is whether you can show in your
proposal that you have the necessary programming skills and background
information to be able to do what you propose. In both of these
projects, if you're not familiar with static analysis (e.g., Kam/Ulman
data-flow analysis), then you're likely not ready for these projects.
For the two projects you mentioned, I would also expect existing
familiarity with LLVM.
Again, though, the best project is probably to update SAFECode to a
modern version of LLVM.
Regards,
John Criswell
> .
> Regards,
> Abhinav
>
>
> _______________________________________________
> LLVM Developers mailing list
> llvm-dev at lists.llvm.org
> http://lists.llvm.org/cgi-bin/mailman/listinfo/llvm-dev
--
John Criswell
Assistant Professor
Department of Computer Science, University of Rochester
http://www.cs.rochester.edu/u/criswell
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.llvm.org/pipermail/llvm-dev/attachments/20160316/bc27e6c5/attachment.html>
More information about the llvm-dev
mailing list