[llvm-dev] Need help with code generation

Rafael EspĂ­ndola via llvm-dev llvm-dev at lists.llvm.org
Tue Mar 22 11:43:54 PDT 2016


>
> This is a completely inappropriate comparison. LibreSSL is a cryptographic library. Creating a high-quality cryptographic library requires much more than eliminating buffer overruns (etc.).

What I don't get this what is the point of a "somewhat secure". Does
it make a difference if takes 5 minutes of 5 hours to find a buffer
overflow?

>> What allocator would you start with?
>>
>
> We recently had a bunch of patches fixing issues found when fuzz testing LLVM with ASAN, and I thought that was a very positive development.
>

And today it is still way easier to crash llvm than lld. I posted two
crashes with just what I noticed going on the list.  No one even
posted an ELF that would crash lld.

It is really annoying how much people care about "security" to
criticize my work, but never enough to send a patch. llvm.org/pr21466
is open since Nov 2014. That is on the side of the project that should
be handling broken files.

Would it end this thread if I went that way? Just say that there are
bugs in lld and just not fix them for over a year?

Cheers,
Rafael


More information about the llvm-dev mailing list