On Tuesday 23 May 2006 13:34, Chris Lattner wrote:> On Tue, 23 May 2006, Nai Xia wrote: > > Maybe Chris can us give more helpful comments. > > Andrew (and Dinakar, and perhaps others) are the current current > maintainers of DSA.Oh, I'd say sorry to you and Andrew both. I had though you are the maintainer... ... So I am currently thinking that maybe it is not hard to make the callgraph more accurate in a similar way DSA deals with indirect callsites. I am just curious about why it is not already in LLVM. I think identifying the range of an indirect call is a worthwhile job, for example if we want to track the correctness of a program's control flow with the possibility that it is being attacked through buffer overflow.> > -Chris >-- Regards, Nai
On Tue, 23 May 2006, Nai Xia wrote:> So I am currently thinking that maybe it is not hard to make the > callgraph more accurate in a similar way DSA deals with indirect > callsites. I am just curious about why it is not already in LLVM. I > think identifying the range of an indirect call is a worthwhile job, for > example if we want to track the correctness of a program's control flow > with the possibility that it is being attacked through buffer overflow.Sure. More precise call graph analysis can benefit many clients. This is why the CallGraph interface is an abstract one that can be implemented with many different algorithms. If you'd like to work on a new implementation, that would be great. -Chris -- http://nondot.org/sabre/ http://llvm.org/
I think I will make a try. :) On Tuesday 23 May 2006 14:03, Chris Lattner wrote:> On Tue, 23 May 2006, Nai Xia wrote: > > > So I am currently thinking that maybe it is not hard to make the > > callgraph more accurate in a similar way DSA deals with indirect > > callsites. I am just curious about why it is not already in LLVM. I > > think identifying the range of an indirect call is a worthwhile job, for > > example if we want to track the correctness of a program's control flow > > with the possibility that it is being attacked through buffer overflow. > > Sure. More precise call graph analysis can benefit many clients. This is > why the CallGraph interface is an abstract one that can be implemented > with many different algorithms. If you'd like to work on a new > implementation, that would be great. > > -Chris >-- Regards, Nai