ArrayBoundChecks in SafeCode-llvm37

Hi,

I am wondering if anyone could run ArrayBoundChecks located in
SafeCode-llvm37 (https://github.com/jtcriswell/safecode-llvm37) on
llvm-3.8?

Thanks.
Syed

Hi,

I am wondering if anyone could run ArrayBoundChecks located in
SafeCode-llvm37 (https://github.com/jtcriswell/safecode-llvm37) on
llvm-3.8?

As the 3.7 port isn't complete, I would guess that the answer is no.
:slight_smile:

Within that directory, which pass do you need? The BreakConstantGEPs.cpp pass would be easy to get working with LLVM 3.8 (note: in general, I don't recommend using this pass, but there are rare situations for which it is needed).

ArrayBoundsCheckLocal would probably be easy. ArrayBoundsCheckStruct should be easy if you have DSA updated to LLVM 3.8.

The omega-based static array bounds checking code has long bitroted, and it's design could use significant improvement. That code executed the omega program for every array it checked. A more efficient implementation would link the constraint solver in as a library and query it via a function call.

If you can explain in more detail what you need, I can provide advice on what I think your best path forward will be.

Regards,

John Criswell

Thanks Professor Criswell for your reply.

You're welcome. Please keep replies on the list so that others can track and add to the conversation.

I just need the constraintGeneration pass (i.e., interprocedural
constraint generation pass) of ArrayBoundChecks.

The constraint generation code is really old. It will need some significant work to get it working again. There is also the question of whether it is better to generate constraints for Omega (the linear solver from Bill Pugh's group, IIRC) or whether generating constraints for CVC4 or Z3 would be better (I suspect Omega uses a better algorithm, but CVC4 and Z3 are better maintained; one could also adapt Omega to CVC4 if desired).

  I have the DSA
updated to LLVM 3.8 already.

Cool. Can you put that into a Github repo somewhere? Other people are wanting DSA for LLVM 3.8.

  More specifically, I want to find out the
post dominance frontier (pdf) for a particular basic block. I can find
the pdf for a function. But, I need the pdf up to the main.entry.

Constraint generation is not needed for computing the post-dominance frontier. You simply need to use the call graph from either DSA or the LLVM Call Graph pass and compute the post dominance frontier on your own. It shouldn't be too difficult to implement, though call graph precision for code with function pointers could be an issue.

The old constraint generation code generates constraints for values that are stored in memory. It won't help compute an inter-procedural dominance frontier.

Regards,

John Criswell

I have fixed the BottomUpCallGrap pass (in ArrayBoundChecks) for
LLVM-3.8 to make the call graph.

I will clean up my mess in the DSA and upload it to somewhere soon.

Thanks,
Syed