[cfe-commits] [PATCH] AddressSanitizer Initialization Order Checking

Reid Watson reidw at google.com
Wed Aug 15 10:04:58 PDT 2012 

Hello,

This patch extends AddressSanitizer to include checking for the
initialization order fiascos in C++.
Specifically, this will cause AddressSanitizer to crash when it
encounters an example of access to a global object or its members
before it's (non-trivial) constructor runs.
This is undefined behavior by sections 12.7.1 and 3.8.1 of the C++11 standard.
Real world testing has shown initialization order checking has been
finding plenty of examples of undefined behavior with no currently
known false positives.

This patch includes a few components:
1. Clang patch
    - Small patch to add metadata identifying dynamically initialized
globals for AddressSanitizer to instrument.
2. LLVM patch
    - Changes to the AddressSanitizer instrumentation pass to
instrument initializers.
    - Tests
3. Compiler-RT patch
    - Changes to AddressSanitizer runtime library to display info
about an initialization order fiasco crash.
    - Output test, and a small patch to output_tests.sh to support
multiple files in compiling a test (necessary for testing initializers
in separate TUs).
4. Stress test
    - I'm not sure if there's a good home for this, but I've attached
a small shell/C++ program to benchmark this.
    - This patch adds a ~0.1 second overhead to initialization of a
program which contains 40,000 (!) dynamically initialized int size
globals and 40,000 statically initialized globals.
    - Performance of initialization order checking is independent of
the number of statically initialized globals

I'd appreciate review of this patch.  I've also updated the issue on Rietveld:

LLVM: http://codereview.appspot.com/6432065/
Compiler-RT: http://codereview.appspot.com/6419070/
Clang: http://codereview.appspot.com/6440051/

All the best,
Reid
-------------- next part --------------
A non-text attachment was scrubbed...
Name: stress_test.tar
Type: application/x-tar
Size: 10240 bytes
Desc: not available
URL: <http://lists.llvm.org/pipermail/cfe-commits/attachments/20120815/e6866f6f/attachment.tar>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: asan-initialization-order-compilerrt.patch
Type: application/octet-stream
Size: 15507 bytes
Desc: not available
URL: <http://lists.llvm.org/pipermail/cfe-commits/attachments/20120815/e6866f6f/attachment.obj>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: asan-initialization-order-clang.patch
Type: application/octet-stream
Size: 989 bytes
Desc: not available
URL: <http://lists.llvm.org/pipermail/cfe-commits/attachments/20120815/e6866f6f/attachment-0001.obj>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: asan-initialization-order-llvm.patch
Type: application/octet-stream
Size: 18390 bytes
Desc: not available
URL: <http://lists.llvm.org/pipermail/cfe-commits/attachments/20120815/e6866f6f/attachment-0002.obj>

More information about the cfe-commits mailing list