[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [csmith-dev] feature request: generate memory unsafe code

To: Chucky Ellison <celliso2@illinois.edu>
Subject: Re: [csmith-dev] feature request: generate memory unsafe code
From: Pascal Cuoq <pascal.cuoq@gmail.com>
Date: Thu, 9 Jun 2011 00:00:09 +0200
Cc: csmith-dev@flux.utah.edu
In-reply-to: <BANLkTimZnJLGmaWmva4-8nRCZSQhNOgePw@mail.gmail.com>
List-archive: </listarchives/csmith-dev>
List-help: <mailto:csmith-dev-request@flux.utah.edu?subject=help>
List-id: Csmith Development Mailing List <csmith-dev.flux.utah.edu>
List-post: <mailto:csmith-dev@flux.utah.edu>
List-subscribe: <http://www.flux.utah.edu/mailman/listinfo/csmith-dev>, <mailto:csmith-dev-request@flux.utah.edu?subject=subscribe>
List-unsubscribe: <http://www.flux.utah.edu/mailman/listinfo/csmith-dev>, <mailto:csmith-dev-request@flux.utah.edu?subject=unsubscribe>
References: <4DEFE792.8040807@cs.utah.edu> <BANLkTikoiT2rCTbEQGsFbAzF3igKxn_m3g@mail.gmail.com> <4DEFEAB3.6040709@cs.utah.edu> <BANLkTimZnJLGmaWmva4-8nRCZSQhNOgePw@mail.gmail.com>

On Wed, Jun 8, 2011 at 11:37 PM, Chucky Ellison <celliso2@illinois.edu> wrote:
> Perhaps for things like overflow, but not for memory safety.  I consider
> valgrind a dynamic tool, but it makes no guarantees about catching bugs.  I
> believe you've shown some examples where it misses certain cases.

Valgrind is handicapped because it works at the level of object code.
There is simply no excuse for a dynamic tool based on source-level
instrumentation not to be complete (i.e. to identify all bugs within
the tool's scope that lie on a trace it is executed on).
Examples of such tools (among many) are CCured
(http://hal.cs.berkeley.edu/ccured/ ), Fail-safe C
(https://staff.aist.go.jp/y.oiwa/FailSafeC/index-en.html ) and MSCC
(http://www.seclab.cs.sunysb.edu/mscc/ ).
Some approaches are more resilient than others with respect to
low-level code that makes assumption about the memory layout, but we
are talking about the kind of code that KCC does not always handle
either.

Pascal

References:
- [csmith-dev] feature request: generate memory unsafe code
  - From: John Regehr <regehr@cs.utah.edu>
- Re: [csmith-dev] feature request: generate memory unsafe code
  - From: Chucky Ellison <celliso2@illinois.edu>
- Re: [csmith-dev] feature request: generate memory unsafe code
  - From: John Regehr <regehr@cs.utah.edu>
- Re: [csmith-dev] feature request: generate memory unsafe code
  - From: Chucky Ellison <celliso2@illinois.edu>

Prev by Date: Re: [csmith-dev] feature request: generate memory unsafe code
Next by Date: Re: [csmith-dev] feature request: generate memory unsafe code
Previous by thread: Re: [csmith-dev] feature request: generate memory unsafe code
Next by thread: Re: [csmith-dev] feature request: generate memory unsafe code
Index(es):
- Date
- Thread