The -fbounds-safety extension for C adds bounds annotations and compiler-enforced bounds checking to prevent buffer overflow vulnerabilities. Developed by Apple and maintained in a downstream fork, the extension is being incrementally upstreamed to mainline Clang. See the RFC and documentation for details.
The student will contribute to upstreaming by:
Taking a subset of features identified by the mentor
Extracting a relevant downstream feature and refactoring to meet upstream LLVM standards, writing tests and documentation
Backporting to the downstream fork to validate correctness in the full -fbounds-safety context
Expected results: Upstreamed patches with tests and documentation; validated backports to downstream.
I’m really excited about this project! I’ve recently been working directly inside the Clang source code in LLVM, specifically modifying AST nodes and the type system.
I saw you linked the clang:bounds-safety label above, and I’m excited about contributing. I’ve also started reviewing those issues. Is there a specific issue from that list or a particular downstream patch you’d recommend I try to tackle first to help shape my GSoC proposal?
hello everybody,
thanks in advance .
I’ve just discovered the project, and it really into my mind to contribute to it.
I worked on different projects in C++, to embedded systems, Ros2_control, and computer vision in for edge devices. in addition to that, I competed, and solved programming problems at icpc, ieeextereme, and on platforms like codeforces and leetcode.
Lately, I’ve been working on Llvm/Clang.
Sorry for my late….I wanna know the last updates being done to the project, and the plan proposed till now .
Hi
I am Dhruv , a B.tech student I am interested in this project I have tried to solve #166454 issues regarding the clang:bounds-safety tag , if you can suggest me more issues to solve that will help me get familiar with this then that will be of great help
I’m Uzair, a CS student at Ohio State. Interested in this project for GSoC 2026.
Some background: I contributed a bootstrap helper to QuantLib (C++ quant finance library) for fixed-vs-floating cross-currency swaps. Went through a few weeks of code review with the maintainer and a core contributor before it got merged into release 1.41. That workflow of understanding an existing codebase, building something that fits its patterns, writing tests, and iterating on feedback is pretty much what this project involves.
Beyond that, I’m doing HPC research at Ohio State on low-latency C/C++ multi-threaded pipelines, I built a C++17 event-driven trading engine, and I’ve interned at JPMorgan and Snap working on distributed systems. I’m taking a programming languages course covering formal grammars, recursive descent parsing, interpreters, and memory management.
I’ve been reading through the RFC and the BoundsSafety docs. A couple questions:
Are there specific features you’d recommend scoping a proposal around? I want to propose something concrete rather than generic.
Are there any features that are particularly self-contained and would make a good first upstreaming target for someone ramping up on the codebase?