From: Tobias Burnus <burnus@net-b.de>
To: Dodji Seketeli <dodji@seketeli.org>
Cc: gcc-patches@gcc.gnu.org, dnovillo@google.com, jakub@redhat.com,
wmi@google.com, davidxl@google.com,
konstantin.s.serebryany@gmail.com
Subject: Re: [PATCH 01/10] Initial import of asan from the Google branch into trunk
Date: Fri, 09 Nov 2012 13:14:00 -0000 [thread overview]
Message-ID: <509D019C.7020505@net-b.de> (raw)
In-Reply-To: <87ip9n8vi2.fsf_-_@redhat.com>
[-- Attachment #1: Type: text/plain, Size: 1417 bytes --]
Dodji Seketeli wrote:
> This patch imports the initial state of asan as it was in the
> Google branch.
>
> It provides basic infrastructure for asan to instrument memory
> accesses on the heap, at -O3. Note that it supports neither stack nor
> global variable protection.
I tried the 01/10 to 10/10 patch series but it doesn't trigger for the
following test case:
#include <stdlib.h>
#include <stdio.h>
int
main() {
int *i;
i = malloc(10*sizeof(*i));
free(i); /* <<< Free memory. */
i[10] = 5; /* <<< out of boundary even if not freed. */
printf("%d\n", i[11]); /* <<< out of boundary even if not freed. */
return 0;
}
(All of them are reported by Clang.) If I look at the dump (or
assembler), I see the call to __asan_init, __asan_report_store4 and
__asan_report_load4. However, when running the program ltrace only shows
the calls to: __libc_start_main, __asan_init, malloc, free and printf. I
haven't debugged why the condition is false [see attachment for the dump].
Other issues:
* libasan does not seem to be a multilib, at least I only find the 64bit
version on x86-64-gnu-linux such that "-m32" compilation fails.
* -fno-address-sanitizer doesn't work (it does in Clang); it is
explicitly disabled via RejectNegative in gcc/common.opt
* Probably fixed on the branch: gcc/gcc.c still has "fasan" instead of
"faddress-sanitizer" for the spec:
+ %{fasan:-lasan}
Tobias
[-- Attachment #2: hjf.c --]
[-- Type: text/x-csrc, Size: 271 bytes --]
#include <stdlib.h>
#include <stdio.h>
int
main() {
int *i;
i = malloc(10*sizeof(*i));
free(i); /* <<< Free memory. */
i[10] = 5; /* <<< out of boundary even if not freed. */
printf("%d\n", i[11]); /* <<< out of boundary even if not freed. */
return 0;
}
[-- Attachment #3: hjf.c.156t.asan0 --]
[-- Type: text/plain, Size: 1649 bytes --]
;; Function main (main, funcdef_no=2, decl_uid=2680, cgraph_uid=2)
main ()
{
int * i;
int D.2687;
int D.2686;
int * D.2685;
int * D.2684;
int * _2;
int * _3;
int _4;
int _5;
unsigned long _6;
unsigned long _7;
unsigned long _8;
unsigned char * _9;
unsigned char _10;
_Bool _11;
unsigned long _12;
unsigned char _13;
unsigned char _14;
_Bool _15;
_Bool _16;
unsigned long _17;
unsigned long _18;
unsigned long _19;
unsigned char * _20;
unsigned char _21;
_Bool _22;
unsigned long _23;
unsigned char _24;
unsigned char _25;
_Bool _26;
_Bool _27;
<bb 2>:
i_1 = malloc (40);
free (i_1);
_2 = i_1 + 40;
_6 = (unsigned long) _2;
_7 = _6 >> 3;
_8 = _7 + 17592186044416;
_9 = (unsigned char *) _8;
_10 = *_9;
_11 = _10 != 0;
_12 = _6 & 7;
_13 = (unsigned char) _12;
_14 = _13 + 3;
_15 = _14 >= _10;
_16 = _11 & _15;
if (_16 != 0)
goto <bb 5>;
else
goto <bb 4>;
<bb 5>:
__asan_report_store4 (_6);
<bb 4>:
*_2 = 5;
_3 = i_1 + 44;
_17 = (unsigned long) _3;
_18 = _17 >> 3;
_19 = _18 + 17592186044416;
_20 = (unsigned char *) _19;
_21 = *_20;
_22 = _21 != 0;
_23 = _17 & 7;
_24 = (unsigned char) _23;
_25 = _24 + 3;
_26 = _25 >= _21;
_27 = _22 & _26;
if (_27 != 0)
goto <bb 7>;
else
goto <bb 6>;
<bb 7>:
__asan_report_load4 (_17);
<bb 6>:
_4 = *_3;
printf ("%d\n", _4);
_5 = 0;
<L0>:
return _5;
}
;; Function _GLOBAL__sub_I_00099_0_main (_GLOBAL__sub_I_00099_0_main, funcdef_no=3, decl_uid=2700, cgraph_uid=0)
_GLOBAL__sub_I_00099_0_main ()
{
<bb 2>:
__asan_init ();
return;
}
next prev parent reply other threads:[~2012-11-09 13:14 UTC|newest]
Thread overview: 80+ messages / expand[flat|nested] mbox.gz Atom feed top
2012-11-01 19:53 [PATCH 00/13] Request to merge Address Sanitizer in dodji
2012-11-01 19:53 ` [PATCH 09/13] Don't forget to protect 32 bytes aligned global variables dodji
2012-11-01 19:53 ` [PATCH 05/13] Allow asan at -O0 dodji
2012-11-01 19:53 ` [PATCH 11/13] Factorize condition insertion code out of build_check_stmt dodji
2012-11-01 19:53 ` [PATCH 07/13] Implement protection of global variables dodji
2012-11-01 19:53 ` [PATCH 12/13] Instrument built-in memory access function calls dodji
2012-11-01 19:53 ` [PATCH 10/13] Make build_check_stmt accept an SSA_NAME for its base dodji
2012-11-01 19:53 ` [PATCH 06/13] Implement protection of stack variables dodji
[not found] ` <CAGQ9bdweH8Pn=8vLTNa8FSzAh92OYrWScxK78n9znCodADJUvw@mail.gmail.com>
2012-11-02 4:35 ` Xinliang David Li
2012-11-02 15:25 ` Dodji Seketeli
2012-11-02 14:44 ` Dodji Seketeli
[not found] ` <CAGQ9bdxQG3i=BrSYmaN-ssdv4omW6F5VTg50viskKNcYrF-8BQ@mail.gmail.com>
2012-11-02 16:02 ` Dodji Seketeli
2012-11-01 19:53 ` [PATCH 08/13] Fix a couple of ICEs dodji
2012-11-01 19:53 ` [PATCH 01/13] Initial import of asan from the Google branch dodji
2012-11-01 19:53 ` [PATCH 03/13] Initial asan cleanups dodji
2012-11-01 19:53 ` [PATCH 02/13] Rename tree-asan.[ch] to asan.[ch] dodji
2012-11-01 21:54 ` Joseph S. Myers
2012-11-02 22:44 ` Dodji Seketeli
2012-11-01 19:54 ` [PATCH 04/13] Emit GIMPLE directly instead of gimplifying GENERIC dodji
2012-11-02 22:53 ` [PATCH 00/13] Request to merge Address Sanitizer in Dodji Seketeli
2012-11-02 22:56 ` [PATCH 01/10] Initial import of asan from the Google branch into trunk Dodji Seketeli
2012-11-06 17:04 ` Diego Novillo
2012-11-09 13:14 ` Tobias Burnus [this message]
2012-11-09 13:58 ` Jakub Jelinek
2012-11-09 16:53 ` Xinliang David Li
2012-11-09 17:13 ` Tobias Burnus
2012-11-09 17:18 ` Wei Mi
2012-11-12 11:09 ` [PATCH 03/11] Emit GIMPLE directly instead of gimplifying GENERIC Dodji Seketeli
2012-11-12 11:20 ` [PATCH 01/10] Initial import of asan from the Google branch into trunk Dodji Seketeli
2012-11-02 22:57 ` [PATCH 02/10] Initial asan cleanups Dodji Seketeli
2012-11-06 17:04 ` Diego Novillo
2012-11-12 11:12 ` Dodji Seketeli
2012-11-02 22:58 ` [PATCH 03/10] Emit GIMPLE directly instead of gimplifying GENERIC Dodji Seketeli
2012-11-06 17:08 ` Diego Novillo
2012-11-02 22:59 ` [PATCH 04/10] Allow asan at -O0 Dodji Seketeli
2012-11-06 17:12 ` Diego Novillo
2012-11-02 23:00 ` [PATCH 05/10] Implement protection of stack variables Dodji Seketeli
2012-11-06 17:22 ` Diego Novillo
2012-11-12 11:31 ` Dodji Seketeli
2012-11-12 11:51 ` Jakub Jelinek
2012-11-12 16:08 ` Dodji Seketeli
2012-11-02 23:01 ` [PATCH 06/10] Implement protection of global variables Dodji Seketeli
2012-11-06 17:27 ` Diego Novillo
2012-11-12 11:32 ` Dodji Seketeli
2012-11-02 23:02 ` [PATCH 07/10] Make build_check_stmt accept an SSA_NAME for its base Dodji Seketeli
2012-11-06 17:28 ` Diego Novillo
2012-11-02 23:03 ` [PATCH 08/10] Factorize condition insertion code out of build_check_stmt Dodji Seketeli
2012-11-05 15:50 ` Jakub Jelinek
2012-11-05 20:25 ` Dodji Seketeli
2012-11-06 17:30 ` Diego Novillo
2012-11-02 23:05 ` [PATCH 09/10] Instrument built-in memory access function calls Dodji Seketeli
2012-11-06 17:37 ` Diego Novillo
2012-11-12 11:40 ` Dodji Seketeli
2012-11-03 8:22 ` [PATCH 10/10] Import the asan runtime library into GCC tree Dodji Seketeli
[not found] ` <87fw4r7g8w.fsf_-_@redhat.com>
2012-11-06 17:41 ` Diego Novillo
2012-11-12 11:47 ` Dodji Seketeli
2012-11-12 18:59 ` H.J. Lu
2012-11-14 11:11 ` H.J. Lu
2012-11-14 11:42 ` H.J. Lu
2012-11-12 16:07 ` [PATCH 00/13] Request to merge Address Sanitizer in Dodji Seketeli
2012-11-12 16:21 ` Jakub Jelinek
2012-11-12 16:45 ` Tobias Burnus
2012-11-12 16:51 ` Konstantin Serebryany
2012-11-12 17:20 ` Jack Howarth
2012-11-12 17:34 ` Jack Howarth
2012-11-12 17:37 ` Tobias Burnus
2012-11-12 17:57 ` Jack Howarth
2012-11-12 17:55 ` Dodji Seketeli
2012-11-12 18:40 ` Jack Howarth
2012-11-12 20:39 ` H.J. Lu
2012-11-12 22:15 ` Ian Lance Taylor
2012-11-15 19:42 ` Jack Howarth
2012-11-15 23:42 ` Konstantin Serebryany
2012-11-16 8:27 ` Dodji Seketeli
2012-11-16 14:03 ` Jack Howarth
2012-11-16 15:57 ` Jack Howarth
2012-11-16 16:02 ` Jakub Jelinek
2012-11-16 16:47 ` Jack Howarth
2012-11-16 16:56 ` Alexander Potapenko
2012-11-16 17:06 ` Jack Howarth
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=509D019C.7020505@net-b.de \
--to=burnus@net-b.de \
--cc=davidxl@google.com \
--cc=dnovillo@google.com \
--cc=dodji@seketeli.org \
--cc=gcc-patches@gcc.gnu.org \
--cc=jakub@redhat.com \
--cc=konstantin.s.serebryany@gmail.com \
--cc=wmi@google.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).