Hacker News new | comments | show | ask | jobs | submit login

"Compile-time valgrind" seems incorrect. It is compile-time addition of run-time valgrind-like instrumentation.



Yes, that's right. It does do the same thing as valgrind but the practical benefit of compile-time instrumentation rather than dynamic translation is that ASAN is enormously faster.

A lot of people are using this on their fuzzing rigs with large software applications like Firefox. ASAN hugely decreases cost per test cycle (and therefore cost per bug, without changing fuzzers).

A friend and I chipped in to get a fuzz server (quad xeon X5660, 96 GB RAM, dual SSD). It's paid for itself twice over in bug bounties and there are more in the queue. Valgrind was always too expensive but using ASAN builds we can find more bugs.

Having ASAN support in GCC would be really handy, because for large projects it can be a major effort to get everything to compile in CLANG.

If you are sufficiently paranoid, and willing to accept a speed and memory hit (roughly factor of two) you could use ASAN in production. Personally, I am beginning to entertain the idea of using an ASAN-instrumented browser for day-to-day use.


> If you are ... willing to accept a speed and memory hit (roughly factor of two) you could use ASAN in production

That's a pretty interesting idea, and seems to be a practical realization of something people have been trying to do for ages: produce a C variant with more safety. The most prominent project I know trying to do that is the C-like language Cyclone (http://cyclone.thelanguage.org/), but this seems like an alternate approach that lets you get "C but safer" without actually moving away from C.


We're also trying to do that with Rust (it's based on the work of Dan Grossman and others with the Cyclone region-based memory management). It depends on whether you consider it a C variant, of course.

Cyclone is something every programming language enthusiast should look into, IMHO. It's extremely interesting, well-done work.


Don't get me wrong; I don't mean to say it's not fantastic, just that the headline was misleading. My expectations for "Hey, we managed to move this stuff to compile time" is that it will be 1) more interesting theoretically, and 2) less interesting practically (at least in the short term). Either can be fantastic, and these expectations are sometimes violated besides, but I just wanted to give a heads up to others (at least, those that skim the HN comments first) or be corrected if my reading of it was wrong.


Yeah, it's not static analysis... it's runtime instrumentation. And BTW it's very useful and helped me find a race condition.




Guidelines | FAQ | Support | API | Security | Lists | Bookmarklet | DMCA | Apply to YC | Contact

Search: