[Info-vax] A few tools for improving software security
Craig A. Berry
craigberry at nospam.mac.com
Sat Jan 20 14:46:40 EST 2024
On 1/20/24 10:56 AM, John Dallman wrote:
> In article <uogs7c$3o3e0$2 at dont-email.me>, arne at vajhoej.dk (Arne Vajhøj)
> wrote:
>
>> I wonder how difficult it would be to get it running
>> on VMS x86-64. ELF image format and x86-64 instruction
>> set are already done. But I assume it would need to know
>> about various RTL.
>
> It certainly needs to know about run-times. Valgrind itself is C. The
> project's platforms page says:
>
> Windows is not under consideration because porting to it would require
> so many changes it would almost be a separate project. ... Also,
> non-open-source OSes are difficult to deal with; being able to see
> the OS and associated (libc) source code makes things much easier.
>
> VMS is not Windows, but their respective difference from Linux are on a
> similar scale. VSI could presumably port it, but it is clearly a long way
> from being the most urgent thing for them to do.
AddressSanitizer might be more possible given the LLVM-based compilers
on x86. But I believe -fsanitize requires a link-time component, and it
isn't clear to me whether it could operate on the downstream side of the
GEM2IR translations, and if not, it could only work for clang. And a lot
of the OS modules written in C are probably not clang-ready at this
point. So it wouldn't be a small project. Whether it would be a big
project or a humongous one I don't know.
More information about the Info-vax
mailing list