tech-kern archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

Re: [gsoc] syscall/libc fuzzer proposal



On Sat, Mar 20, 2010 at 05:32:28PM +0200, Mateusz Kocielski wrote:
> 
> As a part of my work I would like to write a translator for C language and a
> small library. Their goal would be to detect integer overflows, stack 
> overflows,
> problems with static array indexing, etc (when such occur during the program
> execution). It will enable me to uncover more bugs in the software.

What is the benefit of this when compared to existing static-analysis
tools such as Coverity Scan, splint, or the Clang static analyzer?  Will
this cover any cases they don't?  If so, which ones?

If not, I don't think this adds any benefit to your proposal and is likely
to simply be a distraction; I'd urge you in that case to drop it.

Thor


Home | Main Index | Thread Index | Old Index