[llvm-dev] [ADT] Adding instrumentation for ASAN to SmallVector
Mitch Phillips via llvm-dev
llvm-dev at lists.llvm.org
Tue Sep 8 10:39:00 PDT 2020
It sounds like a very reasonable strategy!
Have you seen __sanitizer_annotate_contiguous_container
(compiler-rt/include/sanitizer/common_interface_defs.h)? In case you missed
it - we have container-overflow built into ASan and implemented in
std::vector in libcxx, and this is the canonical way of annotating
containers like this.
Have you tried building LLVM/Clang with an ASan-ified LLVM/Clang? Curious
to see whether there's any latent bugs around.
On Mon, Sep 7, 2020 at 7:50 AM Nathan James via llvm-dev <
llvm-dev at lists.llvm.org> wrote:
> Dear list,
>
> I recently tried to add instrumentation to SmallVector for using
> Address sanitizer to detect cases where references used after they are
> invalidated. This basic implementation for this is here -
> https://reviews.llvm.org/D87237
>
> However, in adding/testing this, I did uncover some questionable code.
> Firstly `SmallString<unsigned>::c_str()` and
> `Twine::toNullTerminatedStringRef(SmallVectorImpl<char>&)` both use
> bytes outside the range of the SmallVectors storage. This isn't
> inherently bad.
> Secondly calling `SmallVectorImpl<T>::insert(iterator, const T&)`
> results in a reference invalidation when the element to insert is
> contained inside the SmallVector and the SmallVector needs to grow for
> the insert. This has been fixed inside the aforementioned PR.
>
> My main point here is how does everyone feel about using ASAN to catch
> bugs like this not only inside SmallVector but also adding the
> instrumentation to some other containers used by llvm. If people are
> happy with this implementation for SmallVector I'd be happy for
> feedback on the PR. It would likely need some specific asan test cases
> however I'm not entirely sure how to go about adding those.
>
> Thanks for reading,
>
> ~Nathan
>
> _______________________________________________
> LLVM Developers mailing list
> llvm-dev at lists.llvm.org
> https://lists.llvm.org/cgi-bin/mailman/listinfo/llvm-dev
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.llvm.org/pipermail/llvm-dev/attachments/20200908/3cace368/attachment.html>
More information about the llvm-dev
mailing list