[llvm-dev] Need help with code generation

Lang Hames via llvm-dev llvm-dev at lists.llvm.org
Tue Mar 22 08:33:27 PDT 2016 

Hi Rafael,

Why do you care about policy that is not followed? A policy saying
> llvm should not crash on any input is as relevant as one that says
> that clang should keep bootstrapping in under one second.


Policy is never adhered to perfectly. We don't follow coding conventions
uniformly either, but that doesn't mean we shouldn't have them. The policy
should be to that LLVM libraries are robust in the face of broken user
input (or provide verifiers so that users can sanity-check inputs before
passing them to the library). If that policy were made explicit, nobody
would expect you or any other LLD developer to drop everything and work on
security, but it'd be clear that if people contribute patches to make LLD
more robust they should be accepted like any other patch.

- Lang.


On Tue, Mar 22, 2016 at 8:22 AM, Lang Hames <lhames at gmail.com> wrote:

> Hi Rafael,
>
> One week ago I pointed out that your patch (r263521) introduces a crash.
>> It still hasn't been reverted or even
>> acknowledge yet.
>
>
> My apologies - your reply slipped through my filters, but that should
> absolutely be fixed. I've responded to your mail and will have a fix for
> this shortly.
>
> - Lang.
>
> On Tue, Mar 22, 2016 at 4:27 AM, Rafael EspĂ­ndola <
> rafael.espindola at gmail.com> wrote:
>
>> > Maybe not, but it's not impossible either - browsers manage to harden
>> themselves against malicious input and they operate in a far hostile
>> environment with many more input formats than we do.
>>
>> It is important to note how different they are. Both Firefox and
>> Chromium have people working just to try to make them more secure.
>> Compare that with LLVM: One week ago I pointed out that your patch
>> (r263521) introduces a crash. It still hasn't been reverted or even
>> acknowledge yet.
>>
>>
>> > I'm not trying to shift your personal goal, or to direct the features
>> that you choose to put your time into, but I am interested in project
>> policy.
>>
>> Why do you care about policy that is not followed? A policy saying
>> llvm should not crash on any input is as relevant as one that says
>> that clang should keep bootstrapping in under one second.
>>
>> So, if we stick to reality, what we have is that lld (ELF and COFF)
>> are already the most reliable parts of the toolchain. If not for Rui
>> and I being upfront about it most people would not even know that you
>> could crash it. So please, just let us keep working on the most
>> reliable part of the toolchain.
>>
>> Cheers,
>> Rafael
>>
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.llvm.org/pipermail/llvm-dev/attachments/20160322/1feddbd1/attachment.html>

More information about the llvm-dev mailing list