Changes to Scrash in the short term mostly involve improvements to the analysis phase. The implementation of CQual that our current system uses is at times too conservative - it marks too many variables as $sensitive - but we expect to be able to use a more accurate version soon. The new implementation, currently under development, will use a polymorphic analysis of functions so that more variables can be safely labeled insensitive. Modifying Scrash to work with C++ is another area of active interest; CQual has recently been extended to work with C++ code.
In addition, we hope that support for Scrash will be incorporated into some of the standard bug reporting tools, such as the GNOME Bug-Buddy. Another avenue would be to combine runtime error detection tools, such as StackGuard or CCured [5,9], with Scrash. When these runtime tools would detect a violation, Scrash would send a core file to the developer. This pairing would aid in the detection of security vulnerabilities such as buffer overruns.