[LLVMdev] LLVM-based address sanity checker
Kostya Serebryany
kcc at google.com
Tue May 3 11:52:05 PDT 2011
Hello,
We've just released the first version of our LLVM-based address sanity
checker: AddressSanitizer (http://code.google.com/p/address-sanitizer/).
The tool finds out-of-bound and use-after-free bugs (the subset of bugs
detectable by Valgrind/Memcheck);
it consists of a LLVM compiler plugin which performs simple code
instrumentation and a malloc replacement library.
The main advantage of the new tool is high speed: the slowdown is usually
within 2x-2.5x.
Detailed description of the algorithm is found here:
http://code.google.com/p/address-sanitizer/wiki/AddressSanitizerAlgorithm
The tool is young, but it already can run the Chromium browser
(interactively!) and find bugs in it.
Would the LLVM community be interested in adopting this code into the LLVM
trunk?
The instrumentation pass is ~350 LOC (
http://code.google.com/p/address-sanitizer/source/browse/trunk/llvm/AddressSanitizer.cpp),
but may grow over time as we add optimizations.
The run-time library (malloc replacement,
http://code.google.com/p/address-sanitizer/source/browse/trunk/asan/asan_rtl.cc)
is ~1500 LOC.
Thanks,
--kcc
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.llvm.org/pipermail/llvm-dev/attachments/20110503/dd4e4f71/attachment.html>
More information about the llvm-dev
mailing list