[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [csmith-dev] feature request: generate memory unsafe code

To: Chucky Ellison <celliso2@illinois.edu>
Subject: Re: [csmith-dev] feature request: generate memory unsafe code
From: John Regehr <regehr@cs.utah.edu>
Date: Wed, 08 Jun 2011 14:33:39 -0700
Cc: csmith-dev@flux.utah.edu
In-reply-to: <BANLkTikoiT2rCTbEQGsFbAzF3igKxn_m3g@mail.gmail.com>
List-archive: </listarchives/csmith-dev>
List-help: <mailto:csmith-dev-request@flux.utah.edu?subject=help>
List-id: Csmith Development Mailing List <csmith-dev.flux.utah.edu>
List-post: <mailto:csmith-dev@flux.utah.edu>
List-subscribe: <http://www.flux.utah.edu/mailman/listinfo/csmith-dev>, <mailto:csmith-dev-request@flux.utah.edu?subject=subscribe>
List-unsubscribe: <http://www.flux.utah.edu/mailman/listinfo/csmith-dev>, <mailto:csmith-dev-request@flux.utah.edu?subject=unsubscribe>
References: <4DEFE792.8040807@cs.utah.edu> <BANLkTikoiT2rCTbEQGsFbAzF3igKxn_m3g@mail.gmail.com>
User-agent: Mozilla/5.0 (Macintosh; U; Intel Mac OS X 10.6; en-US; rv:1.9.2.17) Gecko/20110414 Thunderbird/3.1.10

Hi Chucky, I agree with your comment with respect to static analysistools, but shouldn't all dynamic tools like yours find the same bugs?


John


On 6/8/11 2:31 PM, Chucky Ellison wrote:

I imagine you should be able to do the same kind of differential testing
you do for compilers.  Sadly, most analysis tools don't offer the kinds
of guarantees that compilers do, so it will be less "finding bugs" and
more "finding opportunities for growth".  Sign kcc up :)

-Chucky

On Wed, Jun 8, 2011 at 4:20 PM, John Regehr <regehr@cs.utah.edu
<mailto:regehr@cs.utah.edu>> wrote:

    This is a feature request I received, and also it's something I've
    wanted myself.

    The new feature is for Csmith to optionally ignore its safety
    analyses sometimes, in order to generate memory unsafety.  Obviously
    these features are turned off by default.  Probably there are three
    flags:

    - probability of ignoring possibly-null pointer when generating a
    dereference

    - probability of ignoring possibly-expired pointer when generating a
    dereference

    - probability of letting an array index go OOB

    The purpose of these features is to test static and dynamic memory
    safety checking tools.

    John

Follow-Ups:
- Re: [csmith-dev] feature request: generate memory unsafe code
  - From: Chucky Ellison <celliso2@illinois.edu>

References:
- [csmith-dev] feature request: generate memory unsafe code
  - From: John Regehr <regehr@cs.utah.edu>
- Re: [csmith-dev] feature request: generate memory unsafe code
  - From: Chucky Ellison <celliso2@illinois.edu>

Prev by Date: Re: [csmith-dev] feature request: generate memory unsafe code
Next by Date: Re: [csmith-dev] feature request: generate memory unsafe code
Previous by thread: Re: [csmith-dev] feature request: generate memory unsafe code
Next by thread: Re: [csmith-dev] feature request: generate memory unsafe code
Index(es):
- Date
- Thread