| Besides the already mentioned: - IOC : low overhead, only for integer overflows - KCC : high overhead, for all kinds of undefined behavior, limited standard library support (and source-level only) - Valgrind : medium overhead, for various memory errors, binary, may fail to detect undefined behaviors that have been made undetectable by compilation. You may also find: - various memory-safe C compilers. There are plenty here, I had better let you do the googling. medium overhead, generally better than Valgrind at being sound (since they work at source level), unless they trade efficiency for soundness: http://research.microsoft.com/pubs/101450/baggy-usenix2009.p... . May require all source code to be available. - Frama-C's value analysis, a static analyzer that can be used as a C interpreter. This is what I work on. Limitations comparable to KCC, quite a bit faster (but still high overhead), some slightly different design choices. I do not have a good single write-up for this use, but some details are available at these URLs: http://blog.frama-c.com/public/csmith.pdf http://blog.frama-c.com/index.php?post/2011/08/29/CompCert-g... |