[cfe-dev] GCC's -fmpx in clang?
Szabolcs Nagy
nsz at port70.net
Sun Sep 14 02:07:02 PDT 2014
* Reid Kleckner <rnk at google.com> [2014-09-13 18:37:57 -0700]:
> Not that I know of. So far as I know, ASan is superior to any MIX based
> instrumentation. The only class of false negatives I know of is arrays in
> structs, which there are plans for.
>
mpx is new to me, but looking at the docs it solves a different
problem than asan
asan must not be used in production code, it's not a hardening
solution, but a debugging one (it actually increases the attack
surface by all its instrumentations, its own set of reliance on
ub and strong interdependency on libc internals)
mpx is for hardening deployed code with bounds check instructions
More information about the cfe-dev
mailing list