the first bounds checker for C? cc @kayseeseehttps://twitter.com/afd_icl/status/940687132502515713 …
Doing actual dynamic checks for the pointed-to object is hard and probably was not done until tools like tis-interpreter or (maybe? not sure it's complete) asan.
-
-
I think that looking up the bound by using a fast lookup structure (trie or whatever) keyed on address definitely should count: https://www.doc.ic.ac.uk/~phjk/BoundsChecking.html …
-
if all the arrays are implicitly heap allocated, and the allocator uses a cell-bitmap strategy (rather than linked lists of mem-objects), ... it is possible to get nearly* O(1) (* can predict and do a binary lookup for the heap-region, but this is usually negligible).
-
but, yeah, lookup array by address, and check relative bounds. a prior script VM of mine had implemented both its arrays and type-checks this way, and supported array offsetting via pointers into the middle of an array. similar could probably be used with C w/o too much issue.
End of conversation
New conversation -
-
-
kcc (part of RV-Match: https://runtimeverification.com/match/ ) also detects UB dynamically and is used by NASA. Boeing, Toyota and DENSO. See https://runtimeverification.com/blog/?p=307 for a comparison with tis-interpreter and https://runtimeverification.com/match/1.0/docs/benchmark/ … … for comparisons with other tools.
Thanks. Twitter will use this to make your timeline better. UndoUndo
-
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.