[LLVMdev] LLVM-based address sanity checker

Chris Lattner clattner at apple.com
Thu Jun 16 12:00:58 PDT 2011 

On Jun 16, 2011, at 1:27 AM, Kostya Serebryany wrote:

> Hello again, 
> 
> The tool we announced 1.5 months ago has matured quite a bit. 
> In addition to heap out-of-bound and use-after-free bugs it also finds stack overruns/underruns. 
> AddressSanitizer is being actively used by the Chromium developers and already found over 20 bugs: http://blog.chromium.org/2011/06/testing-chromium-addresssanitizer-fast.html
> 
> Question to the LLVM developers: would you consider adding the AddressSanitizer code to the LLVM trunk? 

Having functionality like this in mainline would be really interesting.  I haven't looked at your code yet, what are the major components, what impact does it have on the codebase?

-Chris


> 
> Thanks, 
> 
> --kcc 
> 
> On Tue, May 3, 2011 at 10:52 PM, Kostya Serebryany <kcc at google.com> wrote:
> Hello, 
> 
> We've just released the first version of our LLVM-based address sanity checker: AddressSanitizer (http://code.google.com/p/address-sanitizer/).
> The tool finds out-of-bound and use-after-free bugs (the subset of bugs detectable by Valgrind/Memcheck); 
> it consists of a LLVM compiler plugin which performs simple code instrumentation and a malloc replacement library. 
> The main advantage of the new tool is high speed: the slowdown is usually within 2x-2.5x. 
> Detailed description of the algorithm is found here: http://code.google.com/p/address-sanitizer/wiki/AddressSanitizerAlgorithm
> The tool is young, but it already can run the Chromium browser (interactively!) and find bugs in it. 
> 
> Would the LLVM community be interested in adopting this code into the LLVM trunk? 
> The instrumentation pass is ~350 LOC (http://code.google.com/p/address-sanitizer/source/browse/trunk/llvm/AddressSanitizer.cpp), but may grow over time as we add optimizations. 
> The run-time library (malloc replacement, http://code.google.com/p/address-sanitizer/source/browse/trunk/asan/asan_rtl.cc) is ~1500 LOC. 
> 
> Thanks, 
> 
> --kcc 
> 
> _______________________________________________
> LLVM Developers mailing list
> LLVMdev at cs.uiuc.edu         http://llvm.cs.uiuc.edu
> http://lists.cs.uiuc.edu/mailman/listinfo/llvmdev

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.llvm.org/pipermail/llvm-dev/attachments/20110616/ecbcd103/attachment.html>

More information about the llvm-dev mailing list