-
Non-Transparent Memory Safety
[This paper contains more detail about the work described in this post.] Instrumenting C/C++ programs to trap memory safety bugs is a popular and important research topic. In general, a memory safety solution has three goals: efficiency, transparency, and compatibility. Efficiency is obvious. Transparency means that we can turn on memory safety with a switch,…
-
Reviewing Research Papers Efficiently
The conference system that we use in computer science guarantees that several times a year, each of us will need to review a lot of papers, sometimes more than 20, in a fairly short amount of time. In order to focus reviewing energy where it matters most, it helps to review efficiently. Here are some…
-
ALIVe: Automatic LLVM InstCombine Verifier
[This post was jointly written by Nuno Lopes, David Menendez, Santosh Nagarakatte, and John Regehr.] A modern compiler is a big, complex machine that contains a lot of moving parts, including many different kinds of optimizations. One important class of optimization is peephole optimizations, each of which translates a short sequence of instructions into a…
-
Broads Fork
After moving to Utah I decided that regularly spending time in the mountains was one of the best ways to stay sane and healthy. Since I usually can’t make time for an all-day hike, I developed a habit getting up around 5, hiking hard for a couple of hours, and then getting into the office…
-
Finding Compiler Bugs by Removing Dead Code
I was pretty bummed to miss PLDI this year, it has been my favorite conference recently. One of the talks I was most interested in seeing was Compiler Validation via Equivalence Modulo Inputs by some folks at UC Davis. Although I had been aware of this paper (which I’ll call “the EMI paper” from now…
-
We Need Hardware Traps for Integer Overflow
Processors should support integer math instructions that optionally trap on overflow. Because popular architectures lack this feature, otherwise excellent modern systems programming languages, such as Rust, Go, and D, have default integer types that wrap. This is bad because unexpected wrapping causes programs to produce incorrect results, although of course integer overflow in a safe…
-
A Guide to Better Scripty Code for Academics
[Suresh suggested that I write a piece about unit testing for scripty academic software, but the focus changed somewhat while I was writing it.] Several kinds of software are produced at universities. At one extreme we have systems like Racket and ACL2 and HotCRP that are higher quality than most commercial software. Also see the…
-
Early Superoptimizer Results
[Here’s a shortcut to the results. But it would be best to read the post first.] Following my previous superoptimizer post, my student Jubi and I were getting up to speed on the prerequisites — SMT solvers, LLVM internals, etc. — when Googler Peter Collingbourne contacted me saying that he had recently gotten a superoptimizer…
-
This Is Not a Defect
In several previous blog entries I’ve mentioned that in some recent versions of C and C++, left-shifting a 1 bit into the high-order bit of a signed integer is an undefined behavior. In other words, if you have code that computes INT_MIN by evaluating 1
-
Cedar Mesa
For years I’d heard people talk about Cedar Mesa, a remote part of southern Utah containing so many Anazazi ruins that it’s basically a huge outdoor museum. Recently my family spent a few days exploring this area. Despite the fact that Cedar Mesa is well-known — it was popularized, in large part, by a book…