There are many additions and improvements from which SAFECode could benefit. If you're looking for a memory-safety related project, the ideas below may be helpful. If you have ideas for other projects, feel free to email firstname.lastname@example.org to get feedback.
Potential SAFECode projects include:
- Compile your favorite program with SAFECode: A good way of testing SAFECode and generating attention for the project is to compile programs with it and see what happens. Did SAFECode help locate bugs you didn't know were in your program? Did it make fixing those bugs easier? Did it break in some way on your program? Feedback on SAFECode, whether positive or negative, is invaluable.
- Improve static array bounds checking: SAFECode used to have an inter-procedural static array bounds checking pass, but it suffered serious scalability issues and was eventually disabled. Improving the old code or writing a new pass would be extremely beneficial.
Improve existing SAFECode optimizations:
There are a number of optimizations that could benefit SAFECode.
Some are implemented but are disabled due to code quality issues;
others need to be written from scratch. Examples of optimizations
- Type-safe load/store check elimination
- Hoisting run-time checks out of loops
- Redundant check elimination
- Unnecessary object registration elimination
Create a simpler CompleteChecks pass:
By default, SAFECode inserts weaker checks called incomplete
checks; these checks assume that the pointer can point to a memory
object that is manipulated by external code. SAFECode currently has
a transform called CompleteChecks that will convert some of these
checks into more stringent complete checks when it can prove
that the memory object is always manipulated by internal code.
The current CompleteChecks pass uses DSA and only works within libLTO. There should be a simpler CompleteChecks pass that can be used within the Clang compiler to mark some of the checks complete.
- Port SAFECode to another operating system/architecture: While most of SAFECode is portable across platforms, some features e.g., dangling pointer detection and uninitialized pointer use, use operating system specific features. Getting these features to work on other platforms should be relatively easy but still needs to be done.