[llvm-commits] AddressSanitizer, first patch
Kostya Serebryany
kcc at google.com
Thu Sep 8 17:14:38 PDT 2011
On Thu, Sep 8, 2011 at 4:43 PM, Eric Christopher <echristo at apple.com> wrote:
>
> On Sep 8, 2011, at 4:35 PM, Chandler Carruth wrote:
>
> > FYI,
> >
> > I've looked again at this patch recently, and talked to several others
> about it...
> >
> > I think there are some big issues with the implementation, bit I think
> they could probably be addressed. The one that I see the most is the x86
> assembly just being dumped as a blob. I think that really needs to be
> resolved before this can move forward.
> >
> > It seems like this should be do-able in some way with the llvm.trap
> intrinsic. If anything, we might need another intrinsic or an extension of
> llvm.trap that allows feeding the SIGILL signal handler the data arguments
> it needs; I'd need to read up on exactly what is required for that to figure
> out how best to represent that in IR, but it shouldn't be that hard.
> >
> > That said, maybe to improve the discussion of the patch and make
> reviewing it easier, you could just switch to emitting the call to the
> runtime library function in all cases? That should be a strictly simpler
> patch, and then how to improve performance by avoiding the runtime call can
> be a followup.
> >
>
> This encompasses most of my concerns with the patch.
>
> > Maybe others could comment on other implementation issues? I'm sadly not
> an expert at LLVM...
>
> In a glance I didn't see a lot, but the other bits were somewhat hiding it.
> How about when we get a new patch we can take a bit more of a look at it.
>
I dropped the assembly part and updated the patch at
http://codereview.appspot.com/4867059/ (also in attachment).
We can figure out how to make it more efficient later (something
like llvm.trap intrinsic with a parameter).
This patch is 570 LOC plus few lines of trivial changes and a test.
It implements only basic functionality: detection of out-of-bounds and
use-after-free in heap.
The complete version of LLVM pass is ~1000 LOC (
http://code.google.com/p/address-sanitizer/source/browse/trunk/llvm/AddressSanitizer.cpp
).
It also handles out-of-bounds for stack and global objects and (recently
added) stack use-after-return bugs.
--kcc
>
> -eric
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.llvm.org/pipermail/llvm-commits/attachments/20110908/168f7826/attachment.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: issue4867059_14001.diff
Type: text/x-patch
Size: 24944 bytes
Desc: not available
URL: <http://lists.llvm.org/pipermail/llvm-commits/attachments/20110908/168f7826/attachment.bin>
More information about the llvm-commits
mailing list