Closed ramosian-glider closed 9 years ago
please start with a clang flag, e.g. -fsanitize=use-after-return
Reported by konstantin.s.serebryany
on 2012-11-20 14:06:29
FYI I have a couple of pending patches for UAR handling in ASan runtime (and ok with
reassigning this to me).
Reported by samsonov@google.com
on 2012-11-20 14:09:34
kcc: I don't get it. Do you want this to work separately from -fsanitize=address? Or
you just want to expose -mllvm -asan-use-after-return?
samsonov: ok, done ;)
Reported by ramosian.glider
on 2012-11-20 14:19:07
I suggest this:
-fsanitize=address,use-after-return # works
-fsanitize=use-after-return # barks, saying that address should be enabled
(please CC Richard Smith on the review)
Reported by konstantin.s.serebryany
on 2012-11-20 14:22:44
I think we can have the following syntax:
-fsanitize=address,use-after-return // ASan + UAR
-fsanitize=use-after-return // Compile error: use-after-return must assume
address.
The first line will additionally add -mllvm -asan-use-after-return=1
Reported by samsonov@google.com
on 2012-11-20 14:23:26
FYI: I got a possible UAR false-positive with perl, so I'd love to have a
-fsanitize=address,no-use-after-return
clang version 3.2 (trunk 167594)
perl 5.16.2
SIGSEGV in Perl_re_intuit_start, regexec.c:661 with
gdb --args ./perl -I../lib uni/latin2.t
ok 90 - \xE1 to (?i:\xC1)
Program received signal SIGSEGV, Segmentation fault.
0x00007ffff7b47cc1 in Perl_re_intuit_start (rx=<optimized out>, sv=0x7ffff5e6e118,
strpos=0x7ffff4f3ea40 "Á",
strend=0x7ffff4f3ea42 "", flags=3, data=0x0) at regexec.c:661
$ disassemble Perl_re_intuit_start
0x00007ffff7b47cbb <+4315>: jge 0x7ffff7b4a0e0 <Perl_re_intuit_start+13568>
=> 0x00007ffff7b47cc1 <+4321>: mov (%rdi),%eax
0x00007ffff7b47cc3 <+4323>: movzbl %al,%ecx
---Type <return> to continue, or q <return> to quit---
0x00007ffff7b47cc6 <+4326>: cmp $0xc,%ecx
0x00007ffff7b47cc9 <+4329>: jne 0x7ffff7b47cef <Perl_re_intuit_start+4367>
0x00007ffff7b47ccb <+4331>: callq 0x7ffff77d8400 <__asan_handle_no_return@plt>
Reported by reini.urban
on 2012-11-20 16:14:46
I think that -fno-sanitize=use-after-return may work as a no- option.
Is that really a false positive?
Reported by konstantin.s.serebryany
on 2012-11-20 16:36:48
kcc: why not "-fno-sanitize=address,use-after-return"?
Assuming that "use-after-return" is the option name, it shouldn't be used separately.
E.g. consider that "use-after-return" is a UBSan option as well (whatever this means),
and UBSan runtime is compatible with ASan. Which of the two UAR options shall "-fno-sanitize=use-after-return"
disable?
Reported by ramosian.glider
on 2012-11-22 16:59:21
There is little sense in discussing this here.
Please talk to cfe-dev and Richard Smith.
Reported by konstantin.s.serebryany
on 2012-11-22 17:33:25
Kosta, ad 7.
Unfortunately yes. I cannot repro it with any other compiler,
and it seem to be related to the asan_handle_no_return instrumentation.
But I couldn't come up with an easy testcase.
Reported by reini.urban
on 2012-12-13 21:45:10
UAR detector has been heavily rewritten and now does not require any extra compiler
flags (but needs a run-time flag for now).
https://code.google.com/p/address-sanitizer/wiki/UseAfterReturn
I consider it quite stable, at least it runs on Chromium well.
This issue seems to be fixed.
Reini, I'd be curious to know if this works for Perl now
(and if not, please file a separate bug)
Reported by konstantin.s.serebryany
on 2013-10-03 13:17:22
Fixed
Adding Project:AddressSanitizer as part of GitHub migration.
Reported by ramosian.glider
on 2015-07-30 09:13:40
Originally reported on Google Code with ID 127
Reported by
ramosian.glider
on 2012-11-20 14:04:52