Skip to content


Folders and files

Last commit message
Last commit date

Latest commit



28 Commits

Repository files navigation

This is a README FILE for SoftBoundCETS pointer-based checking. For more technical details and algorithms, visit SoftBoundCETS website at

Using SoftBoundCETS with LLVM+CLANG-3.4 on a x86-64 machine with Linux OS

  1. Download the github repository from

  2. Build SoftBoundCETS for LLVM+3.4

    1. Goto to directory softboundcets-llvm-clang34 by executing the following command

        cd softboundcets-llvm-clang34
    2. Configure LLVM, clang and softboundcets with the following command

        ./configure --enable-assertions --disable-optimized

      If you prefer a faster compiler and do not need to debug SoftBoundCETS, use --enable-optimized.

      If you want to use SoftBoundCETS with LTO, follow the instructions at and add the --with-binutils-include=/usr/include parameter. Replace /usr/include by the folder that contains the plugin-api.h file.

    3. Build softboundcets, LLVM, clang with the following command

        make -j8
  3. Set up your environment to use SoftBoundCETS

    For example in bash, it would be

      export PATH=<git_repo>/softboundcets-llvm-clang34/Debug+Asserts/bin:$PATH

    If you compiled an optimized build, the path is Release+Asserts instead of Debug+Asserts.

  4. Compile the SoftBoundCETS runtime library

      cd <git_repo>
      cd softboundcets-lib

    If you compiled the LLVM gold plugin, add the line below before calling make, in order to also build the SoftBoundCETS runtime library with LTO support.

      export LLVM_GOLD=<git_repo>/softboundcets-llvm-clang34/Debug+Asserts/lib/
  5. Test whether it all worked

    1. Compile

        cd tests
        clang -fsoftboundcets test.c -o test -L<git_repo>/softboundcets-lib -lm -lrt
        clang -fsoftboundcets -flto test.c -o test-lto -L<git_repo>/softboundcets-lib/lto -lm -lrt
    2. Run the test program


      Enter 10; the program executes successfully.

      Enter 105; a memory safety violation is triggered.

  6. Avoiding checking with specific function by providing a sanitizer black list file

    1. Create a file with list of functions as specified below. Lets say we create a file list.txt with following entries



    2. Run clang with -fsanitize-blacklist=list.txt along with the above SoftBoundCETS flags. The SoftBoundCETS pass will not add checks for the functions in list.txt (in the example above: it is parseargs and temp_test)


(1) LLVM/clang-3.4 introduces vectorization instructions in the IR (insertelement, extractelement, shufflevector) for structures and arrays with pointers, SoftBoundCETS still does not handle these instructions. If you see false violations, use -fno-vectorize in your flags to avoid memory safety violations.

(2) SoftBoundCETS-3.4 does not support checking variable argument functions. It is necessary to make these functions softbound defined to avoid false violations.


SoftBoundCETS for LLVM+Clang version 34







No releases published


No packages published