[GSoC 2026] Participating in Upstreaming -fbounds-safety

Description:

The -fbounds-safety extension for C adds bounds annotations and compiler-enforced bounds checking to prevent buffer overflow vulnerabilities. Developed by Apple and maintained in a downstream fork, the extension is being incrementally upstreamed to mainline Clang. See the RFC and documentation for details.

The student will contribute to upstreaming by:

  • Taking a subset of features identified by the mentor
  • Extracting a relevant downstream feature and refactoring to meet upstream LLVM standards, writing tests and documentation
  • Backporting to the downstream fork to validate correctness in the full -fbounds-safety context

Expected results: Upstreamed patches with tests and documentation; validated backports to downstream.

Confirmed Mentor: Yeoul Na, [co-mentors TBD]

Desired skills: C/C++, compiler concepts, managing patches across branches. Clang/LLVM experience and memory safety knowledge are a plus.

Project size: Medium or Large (features can be scoped to match the participant’s skill level)

Difficulty: Medium or Hard (features can be scoped to match the participant’s skill level)

4 Likes

Hi, after successfully completing last year’s GSOC project on gcc, I’m very interested in the memory safety feature in clang.

Can you provide more details on the subset of features? I would like to investigate them in the downstream forks.

Hi, thanks for the interest!

You can check clang:bounds-safety label to see what the subset of features might look like: GitHub · Where software is built

1 Like

Hi @rapidsna,

I’m really excited about this project! I’ve recently been working directly inside the Clang source code in LLVM, specifically modifying AST nodes and the type system.

I saw you linked the clang:bounds-safety label above, and I’m excited about contributing. I’ve also started reviewing those issues. Is there a specific issue from that list or a particular downstream patch you’d recommend I try to tackle first to help shape my GSoC proposal?

hello everybody,
thanks in advance .
I’ve just discovered the project, and it really into my mind to contribute to it.
I worked on different projects in C++, to embedded systems, Ros2_control, and computer vision in for edge devices. in addition to that, I competed, and solved programming problems at icpc, ieeextereme, and on platforms like codeforces and leetcode.
Lately, I’ve been working on Llvm/Clang.

Sorry for my late….I wanna know the last updates being done to the project, and the plan proposed till now .

Hi
I am Dhruv , a B.tech student I am interested in this project I have tried to solve #166454 issues regarding the clang:bounds-safety tag , if you can suggest me more issues to solve that will help me get familiar with this then that will be of great help

Regards

Hi @rapidsna,

I’m Uzair, a CS student at Ohio State. Interested in this project for GSoC 2026.

Some background: I contributed a bootstrap helper to QuantLib (C++ quant finance library) for fixed-vs-floating cross-currency swaps. Went through a few weeks of code review with the maintainer and a core contributor before it got merged into release 1.41. That workflow of understanding an existing codebase, building something that fits its patterns, writing tests, and iterating on feedback is pretty much what this project involves.

Beyond that, I’m doing HPC research at Ohio State on low-latency C/C++ multi-threaded pipelines, I built a C++17 event-driven trading engine, and I’ve interned at JPMorgan and Snap working on distributed systems. I’m taking a programming languages course covering formal grammars, recursive descent parsing, interpreters, and memory management.

I’ve been reading through the RFC and the BoundsSafety docs. A couple questions:

  1. Are there specific features you’d recommend scoping a proposal around? I want to propose something concrete rather than generic.

  2. Are there any features that are particularly self-contained and would make a good first upstreaming target for someone ramping up on the codebase?

Happy to share a draft proposal as I work on it!

https://github.com/lballabio/QuantLib/pull/2367