| Title | Can't use the MPS with clang -fsanitize=address |
| Status | closed |
| Priority | nice |
| Assigned user | Gareth Rees |
| Organization | Ravenbrook |
| Description | If you compile your program with the MPS using clang -fsanitize=address [1], then it will abort with ERROR: AddressSanitizer: stack-buffer-overflow as described in [3]. This will be inconvenient for developers. |
| Analysis | We need to set __attribute__((no_sanitize_address)) [2] on the function(s) that scan the stack, so that the address sanitizer does not report false positives. At the moment the only such function appears to be TraceScanAreaMasked. But I don't think we want to just set the attribute on that function, because that's also called from RootScan, and so we might be missing some potentially useful feedback: if the client program's root scanner runs off the end of a buffer, they might want to find out via the address sanitizer. So potentially we'd have to have two versions of TraceScanAreaMasked (one with the no_sanitize_address attribute, to be called from StackScanInner, and one without, to be called from RootScan), which would be ugly. (But potentially losing useful feedback is a much less important problem than aborting, so this shouldn't stop us.) |
| How found | manual_test |
| Evidence | [1] <http://llvm.org/releases/3.3/tools/clang/docs/AddressSanitizer.html>[2] < http://llvm.org/releases/3.3/tools/cla...izer.html#attribute-no-sanitize-address>[3] < https://info.ravenbrook.com/mail/2013/10/31/10-03-54/0/> |
| Created by | Gareth Rees |
| Created on | 2013-10-31 11:13:53 |
| Last modified by | Gareth Rees |
| Last modified on | 2014-03-30 18:51:53 |
| History | 2013-10-31 GDR Created. |
| Change | Effect | Date | User | Description |
|---|---|---|---|---|
| 185096 | closed | 2014-03-30 18:51:53 | Gareth Rees | Support the Clang address sanitizer. |