DOCSLIB.ORG

Dead Store Elimination

Total Page:16

File Type:pdf, Size:1020Kb

Download full-text PDF Read full-text
Dead Store Elimination Dead Store Elimination (Still) Considered Harmful Zhaomo Yang and Brian Johannesmeyer, University of California, San Diego; Anders Trier Olesen, Aalborg University; Sorin Lerner and Kirill Levchenko, University of California, San Diego https://www.usenix.org/conference/usenixsecurity17/technical-sessions/presentation/yang This paper is included in the Proceedings of the 26th USENIX Security Symposium August 16–18, 2017 • Vancouver, BC, Canada ISBN 978-1-931971-40-9 Open access to the Proceedings of the 26th USENIX Security Symposium is sponsored by USENIX Dead Store Elimination (Still) Considered Harmful Zhaomo Yang1 Brian Johannesmeyer1 Anders Trier Olesen2 Sorin Lerner1 Kirill Levchenko1 1 UC San Diego 2 Aalborg University Abstract being cleared, the compiler determines that the memory Dead store elimination is a widely used compiler op- scrubbing memset has no effect and eliminates it. timization that reduces code size and improves perfor- Removing buffer scrubbing code is an example of mance. However, it can also remove seemingly useless what D’Silva et al. [30] call a “correctness-security gap.” memory writes that the programmer intended to clear From the perspective of the C standard, removing the sensitive data after its last use. Security-savvy develop- memset above is allowed because the contents of un- ers have long been aware of this phenomenon and have reachable memory are not considered part of the seman- devised ways to prevent the compiler from eliminating tics of the C program. However, leaving sensitive data in these data scrubbing operations. memory increases the damage posed by memory disclo- In this paper, we survey the set of techniques found sure vulnerabilities and direct attacks on physical mem- in the wild that are intended to prevent data-scrubbing ory. This leaves gap between what the standard considers operations from being removed during dead store elim- correct and what a security developer might deem cor- ination. We evaluated the effectiveness and availabil- rect. Unfortunately, the C language does not provide a ity of each technique and found that some fail to pro- guaranteed way to achieve what the developer intends, tect data-scrubbing writes. We also examined eleven and attempts to add a memory scrubbing function to the open source security projects to determine whether their C standard library have not seen mainstream adoption. specific memory scrubbing function was effective and Security-conscious developers have been left to devise whether it was used consistently. We found four of the their own means to keep the compiler from optimizing eleven projects using flawed scrubbing techniques that away their scrubbing functions, and this has led to a pro- may fail to scrub sensitive data and an additional four liferation of “secure memset” implementations of vary- projects not using their scrubbing function consistently. ing quality. We address the problem of dead store elimination remov- The aim of this paper is to understand the current state ing scrubbing operations with a compiler-based approach of the dead store elimination problem and developers’ by adding a new option to an LLVM-based compiler attempts to circumvent it. We begin with a survey of ex- that retains scrubbing operations. We also synthesized isting techniques used to scrub memory found in open existing techniques to develop a best-of-breed scrubbing source security projects. Among more than half a dozen function and are making it available to developers. techniques, we found that several are flawed and that 1 Introduction none are both universally available and effective. Next, using a specially instrumented version of the Clang com- Concerns over memory disclosure vulnerabilities in C piler, we analyzed eleven high-profile security projects to and C++ programs have long led security application determine whether their implementation of a scrubbing developers to explicitly scrub sensitive data from mem- function is effective and whether it is used consistently ory. A typical case might look like the following: within the project. We found that only three of the eleven char * password = malloc(PASSWORD_SIZE); projects did so. // ... read and check password To aid the current state of affairs, we developed a memset(password, 0, PASSWORD_SIZE); single best-of-breed scrubbing function that combines free(password); the effective techniques we found in our survey. We The memset is intended to clear the sensitive password have shared our implementation with developers of the buffer after its last use so that a memory disclosure vul- projects we surveyed that lacked a reliable scrubbing nerability could not reveal the password. Unfortunately, function and have made it available to the public. While compilers perform an optimization—called dead store not a perfect solution, we believe ours combines the best elimination (DSE)—that removes stores that have no techniques available today and offers developers a ready- effect on the program result, either because the stored to-use solution for their own projects. value is overwritten or because it is never read again. We also developed a scrubbing aware C compiler In this case, because the buffer is passed to free after based on Clang. Our compiler protects scrubbing oper- USENIX Association 26th USENIX Security Symposium 1025 ations by inhibiting dead store elimination in case where may remain uninitialized and thus leak data if sent to the a store operation may have been intended as a scrubbing outside world. By looking for such data leakage, they operation by the developer. Our solution does not com- found previously undiscovered bugs in the Linux and pletely disable DSE, minimizing the performance impact Android kernels. Wang et al. [38] explore another in- of our mechanism. Our performance evaluation shows stance of the correctness-security gap: compilers some- that our modified compiler introduces virtually no per- times remove code that has undefined behavior that, in formance penalty. some cases, includes security checks. They developed a In total, our contributions are as follows: static checker called STACK that identifies such code in C/C++ programs and they used it to uncover 160 new v We survey scrubbing techniques currently found in the wild, scoring each in terms of its availabil- bugs in commonly deployed systems. ity and reliability. In particular, we identify several Our work examines how developers handle the flawed techniques, which we reported to developers correctness-security gap introduced by aggressive dead of projects relying on them. We also report on the per- store elimination. While the soundness and security of formance of each technique, where we found an order dead store elimination has been studied formally [28, 31, of magnitude difference between the best and worst 29], the aim of our work is to study the phenomenon em- performing techniques. pirically. Bug reports are littered with reports of DSE negatively v We present a case study of eleven security projects affecting program security, as far back as 2002 from Bug that have implemented their own scrubbing function. 8537 in GCC titled “Optimizer Removes Code Neces- We found that no two projects’ scrubbing functions sary for Security” [3], to January 2016 when OpenSSH use the same set of techniques. We also identify com- patched CVE-2016-0777, which allowed a malicious mon pitfalls encountered in real projects. server to read private SSH keys by combining a memory v We develop and make publicly available a best-of- disclosure vulnerability with errant memset and bzero breed scrubbing function that combines the most reli- memory scrubs [10]; or February 2016 when OpenSSL able techniques found in use today. changed its memory scrubbing technique after discussion v We develop a scrubbing-safe dead store elimination in Issue 445 [22]; or Bug 751 in OpenVPN from October optimization pass that protects memory writes in- 2016 about secret data scrubs being optimized away [26]. tended to scrub sensitive data from being eliminated. Despite developers’ awareness of such problems, there Our mechanism has negligible performance overhead is no uniformly-used solution. The CERT C Secure Cod- and can be used without any source code changes. ing Standard [37] recommends SecureZeroMemory as The rest of the paper is organized as follows. Section 2 a Windows solution, memset_s as a C11 solution, and provides background for the rest of the paper and de- the volatile data pointer technique as a C99 solution. Un- scribes the related work. Section 3 surveys the existing fortunately, each of these solutions has problems. The techniques that are used to implement reliable scrubbing Windows solution is not cross-platform. For the rec- functions and then Section 4 evaluates their performance. ommended C11 memset_s solution, to the best of our Section 5 examines the reliability and usage of scrub- knowledge, there is no standard-compliant implemen- bing functions of eleven popular open source applica- tation. Furthermore, while the CERT solution for C99 tions. Section 6 describes our secure_memzero imple- solution may prevent most compilers from removing mentation. Section 7 describes our secure DSE imple- scrubbing operations, the standard does not guarantee mentation and evaluates its performance. Section 8 dis- its correctness [36]. Furthermore, another common tech- cusses our results. Section 9 concludes the paper. nique, using a volatile function pointer, is not guaran- teed to work according to the standard because although 2
Load more

Recommended publications
  • An Analysis of Data Corruption in the Storage Stack
    An Analysis of Data Corruption in the Storage Stack Lakshmi N. Bairavasundaram∗, Garth R. Goodson†, Bianca Schroeder‡ Andrea C. Arpaci-Dusseau∗, Remzi H. Arpaci-Dusseau∗ ∗University of Wisconsin-Madison †Network Appliance, Inc. ‡University of Toronto {laksh, dusseau, remzi}@cs.wisc.edu, [email protected], [email protected] Abstract latent sector errors, within disk drives [18]. Latent sector errors are detected by a drive’s internal error-correcting An important threat to reliable storage of data is silent codes (ECC) and are reported to the storage system. data corruption. In order to develop suitable protection Less well-known, however, is that current hard drives mechanisms against data corruption, it is essential to un- and controllers consist of hundreds-of-thousandsof lines derstand its characteristics. In this paper, we present the of low-level firmware code. This firmware code, along first large-scale study of data corruption. We analyze cor- with higher-level system software, has the potential for ruption instances recorded in production storage systems harboring bugs that can cause a more insidious type of containing a total of 1.53 million disk drives, over a pe- disk error – silent data corruption, where the data is riod of 41 months. We study three classes of corruption: silently corrupted with no indication from the drive that checksum mismatches, identity discrepancies, and par- an error has occurred. ity inconsistencies. We focus on checksum mismatches since they occur the most. Silent data corruptionscould lead to data loss more of- We find more than 400,000 instances of checksum ten than latent sector errors, since, unlike latent sector er- mismatches over the 41-month period.
    [Show full text]
  • What Is LLVM? and a Status Update
    What is LLVM? And a Status Update. Approved for public release Hal Finkel Leadership Computing Facility Argonne National Laboratory Clang, LLVM, etc. ✔ LLVM is a liberally-licensed(*) infrastructure for creating compilers, other toolchain components, and JIT compilation engines. ✔ Clang is a modern C++ frontend for LLVM ✔ LLVM and Clang will play significant roles in exascale computing systems! (*) Now under the Apache 2 license with the LLVM Exception LLVM/Clang is both a research platform and a production-quality compiler. 2 A role in exascale? Current/Future HPC vendors are already involved (plus many others)... Apple + Google Intel (Many millions invested annually) + many others (Qualcomm, Sony, Microsoft, Facebook, Ericcson, etc.) ARM LLVM IBM Cray NVIDIA (and PGI) Academia, Labs, etc. AMD 3 What is LLVM: LLVM is a multi-architecture infrastructure for constructing compilers and other toolchain components. LLVM is not a “low-level virtual machine”! LLVM IR Architecture-independent simplification Architecture-aware optimization (e.g. vectorization) Assembly printing, binary generation, or JIT execution Backends (Type legalization, instruction selection, register allocation, etc.) 4 What is Clang: LLVM IR Clang is a C++ frontend for LLVM... Code generation Parsing and C++ Source semantic analysis (C++14, C11, etc.) Static analysis ● For basic compilation, Clang works just like gcc – using clang instead of gcc, or clang++ instead of g++, in your makefile will likely “just work.” ● Clang has a scalable LTO, check out: https://clang.llvm.org/docs/ThinLTO.html 5 The core LLVM compiler-infrastructure components are one of the subprojects in the LLVM project. These components are also referred to as “LLVM.” 6 What About Flang? ● Started as a collaboration between DOE and NVIDIA/PGI.
    [Show full text]
  • A DSL for Resource Checking Using Finite State Automaton-Driven Symbolic Execution Code
    Open Comput. Sci. 2021; 11:107–115 Research Article Endre Fülöp and Norbert Pataki* A DSL for Resource Checking Using Finite State Automaton-Driven Symbolic Execution https://doi.org/10.1515/comp-2020-0120 code. Compilers validate the syntactic elements, referred Received Mar 31, 2020; accepted May 28, 2020 variables, called functions to name a few. However, many problems may remain undiscovered. Abstract: Static analysis is an essential way to find code Static analysis is a widely-used method which is by smells and bugs. It checks the source code without exe- definition the act of uncovering properties and reasoning cution and no test cases are required, therefore its cost is about software without observing its runtime behaviour, lower than testing. Moreover, static analysis can help in restricting the scope of tools to those which operate on the software engineering comprehensively, since static anal- source representation, the code written in a single or mul- ysis can be used for the validation of code conventions, tiple programming languages. While most static analysis for measuring software complexity and for executing code methods are designed to detect anomalies (called bugs) in refactorings as well. Symbolic execution is a static analy- software code, the methods they employ are varied [1]. One sis method where the variables (e.g. input data) are inter- major difference is the level of abstraction at which the preted with symbolic values. code is represented [2]. Because static analysis is closely Clang Static Analyzer is a powerful symbolic execution related to the compilation of the code, the formats used engine based on the Clang compiler infrastructure that to represent the different abstractions are not unique to can be used with C, C++ and Objective-C.
    [Show full text]
  • SMT-Based Refutation of Spurious Bug Reports in the Clang Static Analyzer
    SMT-Based Refutation of Spurious Bug Reports in the Clang Static Analyzer Mikhail R. Gadelha∗, Enrico Steffinlongo∗, Lucas C. Cordeiroy, Bernd Fischerz, and Denis A. Nicole∗ ∗University of Southampton, UK. yUniversity of Manchester, UK. zStellenbosch University, South Africa. Abstract—We describe and evaluate a bug refutation extension bit in a is one, and (a & 1) ˆ 1 inverts the last bit in a. for the Clang Static Analyzer (CSA) that addresses the limi- The analyzer, however, produces the following (spurious) bug tations of the existing built-in constraint solver. In particular, report when analyzing the program: we complement CSA’s existing heuristics that remove spurious bug reports. We encode the path constraints produced by CSA as Satisfiability Modulo Theories (SMT) problems, use SMT main.c:4:12: warning: Dereference of null solvers to precisely check them for satisfiability, and remove pointer (loaded from variable ’z’) bug reports whose associated path constraints are unsatisfi- return *z; able. Our refutation extension refutes spurious bug reports in ˆ˜ 8 out of 12 widely used open-source applications; on aver- age, it refutes ca. 7% of all bug reports, and never refutes 1 warning generated. any true bug report. It incurs only negligible performance overheads, and on average adds 1.2% to the runtime of the The null pointer dereference reported here means that CSA full Clang/LLVM toolchain. A demonstration is available at claims to nevertheless have found a path where the dereference https://www.youtube.com/watch?v=ylW5iRYNsGA. of z is reachable. Such spurious bug reports are in practice common; in our I.
    [Show full text]
  • Active Storage Activeraid ES Data Sheet
    RAID Storage Evolved Welcome to RAID Storage Evolved Key Features Introducing the ActiveRAID ES — the affordable high performance RAID storage solution Optimized RAID performance in Apple Mac for Apple® users. The ActiveRAID ES was designed using the same principles of the OS X® Applications original ActiveRAID, but represents a previously unobtainable level of value by providing the capabilities of the ActiveRAID in a lower cost configuration that does not sacrifice Modern Linux RAID kernel and RAID the performance, reliability or ease of management of the original ActiveRAID. The controller design ActiveRAID ES was carefully designed for use in business critical applications where Proprietary self-optimizing architecture organizations require a high level of data integrity with ease of installation and management, but not the 24/7 365 day duty cycles of a large enterprise or Post-Production or Broadcast facility. Native Mac OS X Storage management suite The ActiveRAID ES provides redundant power, redundant cooling and redundant Fibre Dashboard Widget monitoring Channel connections, and the same powerful, yet easy to use management suite of the original ActiveRAID. The ES differs from the original ActiveRAID in that it has a single high Enterprise performance and reliability performance RAID controller and uses business class hard drives with a smaller cache size. without Enterprise complexity This results in a very robust RAID solution ideal for business class applications. Performance No long Quick Start guides to memorize of the ActiveRAID ES is impressive at up to 774 MB/s*† throughput and will easily handle Performance profiling and statistical most Mac OS X Server applications. The ActiveRAID ES is the ideal storage for business planning tools class applications such as File serving, database services, web hosting, calendar, Wiki, Mail, iChat and much more.
    [Show full text]
  • Compiling and Makefiles
    Compiling C Programs Makefiles Compiling and Makefiles 2501ICT/7421ICTNathan René Hexel School of Information and Communication Technology Griffith University Semester 1, 2012 René Hexel Compiling and Makefiles Compiling C Programs Makefiles Outline 1 Compiling C Programs 2 Makefiles Using the make Utility Makefiles for Objective-C Code Makefiles for C++ Code René Hexel Compiling and Makefiles Compiling C Programs Makefiles Compiling C Programs Integrated Development Environment (IDE) Eclipse, XCode, Visual C++, Project Center, . Compiles programs at the press of a button (like BlueJ) Often difficult to customise Very rarely support multiple platforms and languages Command Line Requires manual invocation Requires knowledge of command line parameters Can be tedious for large projects Cross-platform and -language compilers (e.g. clang) Makefiles Combine the best of both worlds Recompile a complex project with a simple make command René Hexel Compiling and Makefiles Compiling C Programs Makefiles Getting a Command Line Interface Via Dwarf ssh dwarf.ict.griffith.edu.au using putty (Windows) Via a local Terminal Mac OS X: e.g. Applications / Utilities / Terminal.app Linux: e.g. through the Gnome program menu Windows: e.g. Start / Programs / Programming Tools / GNUstep / Shell ) Enter commands to compile your program Hit Return (or Enter) after every command! René Hexel Compiling and Makefiles Compiling C Programs Makefiles Compiling a C program using clang or gcc Once on the command line change to the directory (folder) your program is in cd /my/example/directory
    [Show full text]
  • ENCM 335 Fall 2018: Command-Line C Programming on Macos
    page 1 of 4 ENCM 335 Fall 2018: Command-line C programming on macOS Steve Norman Department of Electrical & Computer Engineering University of Calgary September 2018 Introduction This document is intended to help students who would like to do ENCM 335 C pro- gramming on an Apple Mac laptop or desktop computer. A note about software versions The information in this document was prepared using the latest versions of macOS Sierra version 10.12.6 and Xcode 9.2, the latest version of Xcode available for that version of macOS. Things should work for you if you have other but fairly recent versions of macOS and Xcode. If you have versions that are several years old, though you may experience difficulties that I'm not able to help with. Essential Software There are several key applications needed to do command-line C programming on a Mac. Web browser I assume you all know how to use a web browser to find course documents, so I won't say anything more about web browsers here. Finder Finder is the tool built in to macOS for browsing folders and files. It really helps if you're fluent with its features. Terminal You'll need Terminal to enter commands and look at output of commands. To start it up, look in Utilities, which is a folder within the Applications folder. It probably makes sense to drag the icon for Terminal to the macOS Dock, so that you can launch it quickly. macOS Terminal runs the same bash shell that runs in Cygwin Terminal, so commands like cd, ls, mkdir, and so on, are all available on your Mac.
    [Show full text]
  • Algorithms for Data Cleaning in Knowledge Bases
    View metadata, citation and similar papers at core.ac.uk brought to you by CORE provided by VFAST - Virtual Foundation for Advancement of Science and Technology (Pakistan) VFAST Transactions on Software Engineering http://vfast.org/journals/index.php/VTSE@ 2018, ISSN(e): 2309-6519; ISSN(p): 2411-6327 Volume 15, Number 2, May-August, 2018 pp. 78-83 ALGORITHMS FOR DATA CLEANING IN KNOWLEDGE BASES 1 1 1 ADEEL ASHRAF , SARAH ILYAS , KHAWAJA UBAID UR REHMAN AND SHAKEEL AHMAD2 ` 1Department of Computer Science, University of Management and Technology, Punjab, Pakistan 2Department of Computer Sciences, Faculty of Computing and Information Technology in rabigh, King Abdulaziz University Jeddah Email: [email protected] ABSTRACT. Data cleaning is an action which includes a process of correcting and identifying the inconsistencies and errors in data warehouse. Different terms are uses in these papers like data cleaning also called data scrubbing. Using data scrubbing to get high quality data and this is one the data ETL (extraction transformation and loading tools). Now a day there is a need of authentic information for better decision-making. So we conduct a review paper in which six papers are reviewed related to data cleaning. Relating papers discussed different algorithms, methods, problems, their solutions and approaches etc. Each paper has their own methods to solve a problem in efficient way, but all the paper have common problem of data cleaning and inconsistencies. In these papers data inconsistencies, identification of the errors, conflicting, duplicates records etc problems are discussed in detail and also provided the solutions. These algorithms increase the quality of data.
    [Show full text]
  • A Study Over Importance of Data Cleansing in Data Warehouse Shivangi Rana Er
    Volume 6, Issue 4, April 2016 ISSN: 2277 128X International Journal of Advanced Research in Computer Science and Software Engineering Research Paper Available online at: www.ijarcsse.com A Study over Importance of Data Cleansing in Data Warehouse Shivangi Rana Er. Gagan Prakesh Negi Kapil Kapoor Research Scholar Assistant Professor Associate Professor CSE Department CSE Department ECE Department Abhilashi Group of Institutions Abhilashi Group of Institutions Abhilashi Group of Institutions (School of Engg.) (School of Engg.) (School of Engg.) Chail Chowk, Mandi, India Chail Chowk, Mandi, India Chail Chowk Mandi, India Abstract: Cleansing data from impurities is an integral part of data processing and maintenance. This has lead to the development of a broad range of methods intending to enhance the accuracy and thereby the usability of existing data. In these days, many organizations tend to use a Data Warehouse to meet the requirements to develop decision-making processes and achieve their goals better and satisfy their customers. It enables Executives to access the information they need in a timely manner for making the right decision for any work. Decision Support System (DSS) is one of the means that applied in data mining. Its robust and better decision depends on an important and conclusive factor called Data Quality (DQ), to obtain a high data quality using Data Scrubbing (DS) which is one of data Extraction Transformation and Loading (ETL) tools. Data Scrubbing is very important and necessary in the Data Warehouse (DW). This paper presents a survey of sources of error in data, data quality challenges and approaches, data cleaning types and techniques and an overview of ETL Process.
    [Show full text]
  • Design Tradeoffs for SSD Reliability Bryan S
    Design Tradeoffs for SSD Reliability Bryan S. Kim, Seoul National University; Jongmoo Choi, Dankook University; Sang Lyul Min, Seoul National University https://www.usenix.org/conference/fast19/presentation/kim-bryan This paper is included in the Proceedings of the 17th USENIX Conference on File and Storage Technologies (FAST ’19). February 25–28, 2019 • Boston, MA, USA 978-1-939133-09-0 Open access to the Proceedings of the 17th USENIX Conference on File and Storage Technologies (FAST ’19) is sponsored by Design Tradeoffs for SSD Reliability Bryan S. Kim Jongmoo Choi Sang Lyul Min Seoul National University Dankook University Seoul National University Abstract SSD Redun- Data dancy mgmt. Flash memory-based SSDs are popular across a wide range scheme of data storage markets, while the underlying storage medium—flash memory—is becoming increasingly unreli- SSD reliability Flash Data Data Host enhancement able. As a result, modern SSDs employ a number of in- memory re-read scrubbing system techniques device reliability enhancement techniques, but none of them RBER of UBER offers a one size fits all solution when considering the multi- Thres. Error underlying requirement for voltage correction dimensional requirements for SSDs: performance, reliabil- memories: SSDs: tuning code ity, and lifetime. 10-4 ~ 10-2 10-17 ~ 10-15 In this paper, we examine the design tradeoffs of exist- Figure 1: SSD reliability enhancement techniques. ing reliability enhancement techniques such as data re-read, intra-SSD redundancy, and data scrubbing. We observe that an uncoordinated use of these techniques adversely affects ory [10]. The high error rates in today’s flash memory are the performance of the SSD, and careful management of the caused by various reasons, from wear-and-tear [11,19,27], to techniques is necessary for a graceful performance degrada- gradual charge leakage [11,14,51] and data disturbance [13, tion while maintaining a high reliability standard.
    [Show full text]
  • What Is Data Preparation?
    Analytics Canvas Tutorial: What is Data Preparation? nModal Solutions Inc. All Rights Reserved Analytics Canvas Tutorial: Course Introduction What is Data Preparation? Myth: Data preparation is a time-consuming manual process that is heavily prone to errors. Fact: Data preparation, when done with the right tools, empowers users to maintain control, while accelerating the process and providing a better foundation for decision-making. Better decision- making starts with better data. To an extent, data preparation is synonymous with, or related to: data pre-processing, data scrubbing, business intelligence, data cleansing/cleaning, and ETL (“Extract, Transform, and Load”). In this course, we are going to take a broad view of data preparation. Here is the definition we will work with: data preparation is a step in the data analysis process, in which data from one or more sources is cleaned, and transformed and enriched to improve its quality prior to its use. Data- driven decisions Knowledge discovery Data Science Descriptive analytics and reporting Data preparation Data Sources Figure 1: Data Preparation in the Data Analysis Process The figure above illustrates the position of the data preparation in the data analysis process. It is easy to see the importance of data preparation - as the foundation of business decisions. nModal Solutions Inc. All Rights Reserved Analytics Canvas Tutorial: Course Introduction Conclusion Thank you for reading this tutorial. We invite you to continue with the tutorial training to learn more about using Analytics Canvas. nModal Solutions Inc. All Rights Reserved .
    [Show full text]
  • Compiling Linux with LLVM
    Open Source Open Possibilities Compiling Linux with LLVM Presented by: Mark Charlebois Presentation Date: 06/07/2012 PAGE 1 Open Source Open Possibilities Agenda Why would I want to use Clang to compile Linux? Status updates: cross compiling for ARM with Clang building Linux kernel with Clang running Linux compiled with Clang To do list PAGE 2 Open Source Open Possibilities Open Source Open Possibilities Why Would I Want to Use Clang to Compile Linux? PAGE 3 Open Source Open Possibilities Better Diagnostics $ gcc-4.2 -fsyntax-only t.c t.c:7: error: invalid operands to binary + (have 'int' and 'struct A') $ clang -fsyntax-only t.c t.c:7:39: error: invalid operands to binary expression ('int' and 'struct A') return y + func(y ? ((SomeA.X + 40) + SomeA) / 42 + SomeA.X : SomeA.X); ~~~~~~~~~~~~~~ ^ ~~~~~ See http://clang.llvm.org/diagnostics.html for more examples GCC extensions: all extensions are explicitly recognized as such and marked with extension diagnostics, which can be mapped to warnings, errors, or just ignored. Google builds their products also with Clang just for the better debug output Rich diagnostic output enables auto-generation of patches PAGE 4 Open Source Open Possibilities Fix-it Hints "Fix-it" hints provide advice for fixing small, localized problems in source code. $ clang t.c t.c:5:28: warning: use of GNU old-style field designator extension struct point origin = { x: 0.0, y: 0.0 }; ~~ ^ .x = t.c:5:36: warning: use of GNU old-style field designator extension struct point origin = { x: 0.0, y: 0.0 }; ~~ ^ .y = PAGE 5
    [Show full text]