similar to: BoundsChecking Pass

Hi Pierre, I'm the author of the BoundsChecking pass. It's true there's little documentation about it (only mentioned in: http://clang.llvm.org/docs/UndefinedBehaviorSanitizer.html#availablle-checks). You can run it with 'clang -fsanitize=bounds' or 'opt -bounds-checking'. The BoundsChecking pass, AddressSanitizer and BaggyBoundsCheck are all different code bases,

Hi Nuno, On 22 May 2016 at 22:33, Nuno Lopes <nunoplopes at sapo.pt> wrote: > Hi Pierre, > > I'm the author of the BoundsChecking pass. > Wow, I am happily surprised to have an answer from you directly! > It's true there's little documentation about it (only mentioned in: > http://clang.llvm.org/docs/UndefinedBehaviorSanitizer.html#availablle-checks). >

Dear Pierre, Stepping up a level, what is your goal in replacing calls to malloc() and free()? Is it any different than what SAFECode, SoftBound, or ASan do? Regards, John Criswell On 5/25/16 8:05 AM, Pierre Gagelin via llvm-dev wrote: > Hi everyone, > > I am having troubles but this shouldn't be hard to solve for many > people here. I am beginning a runtime feature for the

Hi everyone, I am having troubles but this shouldn't be hard to solve for many people here. I am beginning a runtime feature for the BoundsChecking pass and I want to replace the libc malloc&free. I followed the design of AddressSanitizer (Asan) and tried to use the INTERCEPTOR macro from the interception.h file of compiler-rt library. Here is the problem. The file I modify

Hello everyone, I have noticed that there is a BoundsChecking.c under lib/Transforms/Instrumentation/. I am wondering how to use this tool and which type of bugs it targets. Are the tool provide the same functionality with Address Aanitizer? Thanks a lot -------------- next part -------------- An HTML attachment was scrubbed... URL:

Hi John, On 25 May 2016 at 16:11, John Criswell <jtcriswel at gmail.com> wrote: > Dear Pierre, > > Stepping up a level, what is your goal in replacing calls to malloc() and > free()? Is it any different than what SAFECode, SoftBound, or ASan do? > That's a good question. I didn't knew about SoftBound until now, so thank you for the name =). Anyway here is what I

Hi Kevin, Thanks for your interest and for your deep analysis. Unfortunately, your approach doesn't catch all bugs and is vulnerable to an attack. Consider the following case: ...................... | ----- obj --- | | end ^ ptr ^ ^ end-of-memory The scenario is as follows: - an object is allocated in the last page of the address space - obj is byte

I am investigating changing BoundsChecking to use address-based rather than size- & offset-based tests. To explain, here is a short code sample cribbed from one of the tests: %mem = tail call i8* @calloc(i64 1, i64 %elements) %memobj = bitcast i8* %mem to i64* %ptr = getelementptr inbounds i64* %memobj, i64 %index %4 = load i64* %ptr, align 8 Currently, the IR for bounds checking

Nuno, Inspired by this email thread, I spent a bit of time today looking through the implementation of BoundsChecking::instrument(..). Based on my reading of prior work, it should be possible to do these checks in two comparisons, or possibly even one if the right assumptions could be made. Could you provide a bit of background of the expected domains of Size and Offset? In particular,

> On May 25, 2016, at 6:05 AM, Pierre Gagelin via llvm-dev <llvm-dev at lists.llvm.org> wrote: > > Hi everyone, > > I am having troubles but this shouldn't be hard to solve for many people here. I am beginning a runtime feature for the BoundsChecking pass and I want to replace the libc malloc&free. I followed the design of AddressSanitizer (Asan) and tried to use the

Hi everyone, After spending 2 months on LLVM generally speaking and more specifically on security passes (ASan, SAFECode, BoundsChecking) I wanted to know if there were an available implementation of strictly fat-pointer based approach to enforce bounds? If not, I wanted to implement one. I think it is interessant to have such a tool available even if there are better designs (SoftBound does

I am building LLVM on OS X 10.7.5 with cmake. Under this configuration some ASan and UBSan tests are failing: $ make check-ubsan … ******************** Testing Time: 2.36s ******************** Failing Tests (11): UndefinedBehaviorSanitizer :: Float/cast-overflow.cpp UndefinedBehaviorSanitizer :: Integer/add-overflow.cpp UndefinedBehaviorSanitizer :: Integer/div-zero.cpp

Some more information … On Jan 4, 2013, at 6:56 PM, Meador Inge wrote: > I am building LLVM on OS X 10.7.5 with cmake. Under this configuration some ASan and UBSan tests > are failing: > > $ make check-ubsan > > … > > ******************** > Testing Time: 2.36s > ******************** > Failing Tests (11): > UndefinedBehaviorSanitizer ::

I also encounter this issue and solved it locally by implementing this 2 functions. - The linux version of StartSymbolizerSubprocess uses only POSIX function and can be reused as is on OS X (maybe we should move it in a new sanitizer_symbolizer_posix.cc file) - I have a simple implementation of GetListOfModules (see the attached file) but it required 10.6 at least. That said, implementing this

Hi, > Could you provide a bit of background of the expected domains of Size and > Offset? In particular, are they signed or unsigned integers? A > non-negative size doesn't seem to make much sense in this context, but > depending on how it's calculated I could see it arising. Is a zero Size > something that might arise here? I'm assuming the Offset comes from an

On Tuesday 26 June 2007 14:05, Reid Spencer wrote: > I think you mis-interpreted something. That's not surprising. :) > If you build with -disable-assertions you are telling whatever build > mode (Debug or Release) to not include assertions. Consequently you get > either Release-Asserts (Release minus asserts) or Debug-Asserts (Debug > minus Asserts). I was wondering if

On Wed, 30 May 2012 10:04:50 -0700 Andrew Trick <atrick at apple.com> wrote: > Originally on llvm-commits. > > On May 30, 2012, at 8:48 AM, Nuno Lopes <nunoplopes at sapo.pt> wrote: > >> This is probably fine for now. It's a relatively safe use of > >> SCEVExpander and the least effort approach, but generally I would > >> like to encourage

Hi Nuno, I noticed your commits related to -fbounds-checking and have some questions. The functionality of this new phase seems to (partially?) overlap with AddressSanitizer and SAFECode, so I am curious how would you compare the two existing tools with the new one. Earlier you wrote: >> So the main idea of this new flag is not for debugging, but rather for production. >> This means

Hi Evgeniy, So, to XFAIL some UBSAN failues, I found an issue: UndefinedBehaviorSanitizer-AddressSanitizer :: TestCases/TypeCheck/vptr.cpp UndefinedBehaviorSanitizer-Standalone :: TestCases/Misc/missing_return.cpp These two tests fail on that configuration, but pass when reversed. So, if I XFAIL: armv7l..., I get the following error: UndefinedBehaviorSanitizer-AddressSanitizer ::

I blame this line in lsan/lit_tests/lit.cfg: # Setup attributes common for all compiler-rt projects. compiler_rt_lit_cfg = os.path.join(llvm_src_root, "projects", "compiler-rt", "lib", "lit.common.cfg") On Fri, May 24, 2013 at 2:53 PM, Alexey Samsonov <samsonov at google.com>wrote: > > On Fri, May 24,