[llvm-dev] What the current state of Asan/Container Overflow detection?

Kostya Serebryany via llvm-dev llvm-dev at lists.llvm.org
Wed Sep 6 13:25:44 PDT 2017


Hi Dennis,

With libc++ the annotations in the std::vector work for me:

# test file from https://github.com/google/sani
clang++ -fsanitize=address co.cc -stdlib=libc++  && ./a.out
==11644==ERROR: AddressSanitizer: container-overflow

This is not the most frequent kind of bug, but we catch it reliably.
E.g. these are trophies at oss-fuzz:

In the fresh libstdc++ the annotations also seem to be present, but I did
not verify that they work.

We did not annotate any other STL container in libc++ nor in libstdc++.
Our work on annotating std::string in STL got stuck in review for several
months, then we stopped pushing.
Marshall, do you think we should try again?


On Wed, Sep 6, 2017 at 5:06 AM, Dennis Luehring via llvm-dev <
llvm-dev at lists.llvm.org> wrote:

> https://llvm.org/devmtg/2014-04/PDFs/LightningTalks/EuroLLVM
> %202014%20--%20container%20overflow.pdf
> https://github.com/google/sanitizers/wiki/AddressSanitizerCo
> ntainerOverflow
> and followed some discussion from ~2014
> are libc++ and stdlibc++ now fully annotated?
> my tests with clang 5.x/gcc 7.x does not report any error on container
> missuse
> _______________________________________________
> LLVM Developers mailing list
> llvm-dev at lists.llvm.org
> http://lists.llvm.org/cgi-bin/mailman/listinfo/llvm-dev
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.llvm.org/pipermail/llvm-dev/attachments/20170906/37cfd106/attachment.html>

More information about the llvm-dev mailing list