[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [csmith-dev] feature request: generate memory unsafe code
No it doesn't require you to do anything. <N> is an integer between 0 and
100, thus 50% is 50. If you have built Csmith correctly, "Csmith -hh" should
give you this at the end:
--null-ptr-deref-prob <N>: allow null pointers to be dereferenced with
lity N% (0 by default).
--dangling-ptr-deref-prob <N>: allow dangling pointers to be dereferenced
probability N% (0 by default).
I just verified the latest Csmith is correct by doing:
git clone firstname.lastname@example.org:csmith-project/csmith.git csmith-tmp
> Is there something I have to do to enable this option?
> $ csmith --null-ptr-deref-prob 50 # side question: is <N> a
> percentage? should i use 0.5 or 50 for 50%?
> invalid option --null-ptr-deref-prob at: 1
> I `git clone`ed the most recent version from
> I think this is my current local version, although I am not a git user
> so I'm not really sure (I found the command on the web):
> $ git rev-parse HEAD
> After I checked it out, I just `./configured`, `make`ed, and `make
> On Sat, Jun 18, 2011 at 11:47 AM, Xuejun Yang <email@example.com> wrote:
> > Pointer unsafe behaviors are allowed in Csmith (git commit 7e3325). I am
> > adding array OOB soon. The two command line options are exactly what you
> > requested:
> > --null-ptr-deref-prob <N> and
> > --dangling-ptr-deref-prob <N>
> > N is 0 by default, which means no null/dangling pointer dereferences are
> > allowed.
> > -Xuejun
> >> -----Original Message-----
> >> From: firstname.lastname@example.org
> >> [mailto:email@example.com] On Behalf Of John Regehr
> >> Sent: Wednesday, June 08, 2011 3:20 PM
> >> To: firstname.lastname@example.org
> >> Subject: [csmith-dev] feature request: generate memory unsafe code
> >> This is a feature request I received, and also it's something I've
> >> wanted myself.
> >> The new feature is for Csmith to optionally ignore its safety analyses
> >> sometimes, in order to generate memory unsafety. Obviously these
> >> features are turned off by default. Probably there are three flags:
> >> - probability of ignoring possibly-null pointer when generating a
> >> dereference
> >> - probability of ignoring possibly-expired pointer when generating a
> >> dereference
> >> - probability of letting an array index go OOB
> >> The purpose of these features is to test static and dynamic memory
> >> safety checking tools.
> >> John