This is the mail archive of the
mailing list for the GCC project.
Re: [RFC] Don't inline builtin memory functions when ASan is enabled.
- From: Konstantin Serebryany <konstantin dot s dot serebryany at gmail dot com>
- To: Maxim Ostapenko <m dot ostapenko at partner dot samsung dot com>
- Cc: GCC Development <gcc at gcc dot gnu dot org>, Yury Gribov <y dot gribov at samsung dot com>, Slava Garbuzov <v dot garbuzov at samsung dot com>, Maxim Ostapenko <chefmax7 at gmail dot com>
- Date: Wed, 3 Sep 2014 10:21:14 -0700
- Subject: Re: [RFC] Don't inline builtin memory functions when ASan is enabled.
- Authentication-results: sourceware.org; auth=none
- References: <5405D504 dot 40101 at partner dot samsung dot com>
On Tue, Sep 2, 2014 at 7:32 AM, Maxim Ostapenko
> At this moment, most of GCC builtin memory functions (for example strcpy,
> stpcpy, wcpcpy, strdup, etc) are not instrumented by GCC, however some of
> them are rather dangerous. If GCC inlines these builtin functions, we will
> miss important checks for arguments, and possible overflow won't be
> detected. I know, that Clang ASan team simply disable inlining of builtin
> functions in Clang if -fsanitize=address is enabled and rely on
> libsanitizer's hooks.
Correct, that's what we do.
> The main benefit of this approach is that we won't miss overflow in
> builtins, that can significantly increase target programs safety. Also, some
> redundant checks will be removed for builtin functions, that are
> instrumented and are not inlined for some reasons.
> The potential disadvantage of this approach is performance decreasing for
> sanitized programs.
> Does disabling of builtin functions inlining look sane in this case? If yes,
> I can provide performance investigation and prepare the patch.
> What do you think?