LLVM in the 2020 FOSS Contributor Survey

Hi, Everyone,

Looking through the Linux Foundation’s 2020 FOSS Contributor Survey report:

I see at least two places where LLVM projects are called out:

Pg 64, Q 22, “For each of the following security practices, please indicate which specific tools do you use:”

  • “Dynamic Analysis Tools”
  • “Tools like Google’s OSS-Fuzz, syzkaller, and LLVM’s libFuzzer topped the list of text responses for this question. Valgrind, american fuzzy lop, and the Go Toolchain were also mentioned frequently, along with various sanitizers like ASan, UBSan, MSan, KASAN, and clang sanitizers.”- “Static Analysis Tools”
  • “Text responses to this question overwhelmingly cited Coverity Scan and clang security checkers, like Clang Static Analyzer, clang-tidy, and clang-analyze. SonarQube and SonarCloud appeared several times as well…”

Pg 87, Q 64, “Which compiler(s) do you typically use?”

  • “LLVM Compiler Suite” was selected by 29% of respondents.

Graphic for Q         64

I think that this is a compliment to, and speaks to the tremendous value of, our entire community.

-Hal

That's really great to see. I am somewhat skeptical of the marketing that they say that they did to raise visibility of this survey, given that your posting of the results is the first time I heard about it, so I wonder a bit how representative their responses were.

I'd be really curious about the proportion of those LLVM / GCC responses are because they're using a platform such as Android, macOS/iOS, *BSD where Clang is the default toolchain or GNU/Linux where GCC is the default or if they actively chose a non-default toolchain. The non-default toolchain users are particularly interesting because that indicates (in either direction) that the default choice wasn't adequate for the person's needs or preference. For example, we favour clang on GNU/Linux on one project because even with -mcx16, std::atomic with a 128-bit value results in a libcall with G++ and libstdc++ but a single instruction with clang++ (and libstdc++ or libc++). I'd be really interested in examples in the opposite direction of where people are using gcc on platforms where LLVM is the default and why.

I'm also curious about how many of the 'interpreted or scripting languages' have LLVM-based JITs.

David