Re: [patch] libbounds an extension of libmudflap with referent object tracking

[fche at redhat dot com (Frank Ch. Eigler)]

"Sebastian Pop" <sebpop@gmail.com> writes:

> As Alex has obtained his copyright assignment, I have committed his
> work to the graphite branch such that others can review and try the
> bounds checker.  This bounds checker is an extension of the existing
> mudflap code.  [...]

Thanks for working on this area.


>From a brief reading of the MEng report paper, it seems to me that:

- the old mudflap bug that breaks c++ has a fix that fell between the
  cracks: please repost it (cc: me for most reliable attention), and
  many thanks!

- it may be wortwhile to investigate an extension of the stack/global
  allocator code to optionally add small gaps between adjacent
  objects.  This would give plain mudflap a small bit of extra
  protection against pointers that cross into neighbours.  It would
  not be as thorough as the effort of the new code (checking each
  pointer *arithmetic* operation too like the old Jones work did), but
  it may be enough to catch a large subset of such bugs.

- to assess the performance effect of the lookup cache by itself,
  which is missing from the new work, the "lc-*" set of
  MUDFLAP_OPTIONS could be used to disable it.  Or more accurately, a
  compiler option could force an out-of-line __mf_check() call for
  each dereference.

- the libmudflap runtime could learn the same heuristic used by this
  new code to guess that pointers suspected as foreign (coming from
  uninstrumented library functions, via unhooked memory allocation)
  are valid as opposed to invalid.  It is probably not possible to
  guess their bounds....  Hmm (just thinking out loud), when the
  compiler sees a call to an extern function returning a pointer, it
  could make a tentative __mf_register() call on that value with the
  declared struct size.


- FChE