On 05/06/2016 03:38 PM, Jakub Jelinek wrote:
On Fri, May 06, 2016 at 02:48:30PM +0300, Yury Gribov wrote:
6) As the use-after-scope stuff is already included in libsanitizer, no change
is needed for the library
Note that upstream seems to use a different cmdline interface. They don't
have a dedicated -fsanitize=use-after-scope and instead consider it to be a
part of -fsanitize=address (disabled by default, enabled via -mllvm
-asan-use-after-scope=1). I'd suggest to keep this interface (or at least
discuss with them) and use GCC's --param.
I personally think -fsanitize=use-after-scope (which implies address
sanitization in it) is better, can upstream be convinved not to change it?
Will that work with -fsanitize=kernel-address?
FTR here's the upstream work on this: http://reviews.llvm.org/D19347
Example:
int
main (void)
{
char *ptr;
{
char my_char[9];
ptr = &my_char[0];
}
*(ptr+9) = 'c';
}
Well, this testcase shows not just use after scope, but also out of bound
access. Would be better not to combine it, at least in the majority of
testcases.
Jakub
