[cfe-dev] [RFC] Linux bots should set MALLOC_PERTURB_
Alexander Potapenko
glider at google.com
Tue Jul 22 04:05:04 PDT 2014
Does the attached testcase belong to the LLVM test suite? If it does
not, have you tried to run asanified Clang on that?
On Tue, Jul 22, 2014 at 3:01 PM, İsmail Dönmez <ismail at donmez.ws> wrote:
>
>
>
> On Tue, Jul 22, 2014 at 2:00 PM, İsmail Dönmez <ismail at donmez.ws> wrote:
>>
>> Hi,
>>
>>
>> On Tue, Jul 22, 2014 at 1:58 PM, Alexander Potapenko <glider at google.com>
>> wrote:
>>>
>>> IIUC this flag does not make glibc invalidate the _pointers_ to freed
>>> memory, it just overwrites the contents of the freed memory with
>>> garbage.
>>> Picking different flag values results in different garbage values,
>>> which may affect the behavior of buggy programs and thus help detect
>>> the presence of a read-after-free (not a write-after-free or
>>> double-free - the latter is handled by MALLOC_CHECK_).
>>> This flag can't be used together with ASan, because ASan replaces the
>>> libc allocator with its own one. ASan's use-after-free/double-free
>>> detection is far more reliable.
>>
>>
>> Thanks for your reply! I know Asan and MALLOC_PERTURB_ is now compatible
>> but they uncover similar bugs with latter being really lightweight and
>> less-capable. But still as in PR20228 it uncovers bugs which Asan didn't
>> find (I guess?).
>>
>
>
> s/now/not
>
> of course...
>
>
--
Alexander Potapenko
Software Engineer
Google Moscow
More information about the cfe-dev
mailing list