This is the mail archive of the
gcc-bugs@gcc.gnu.org
mailing list for the GCC project.
[Bug sanitizer/59454] blacklisting sanitized functions
- From: "tetra2005 at gmail dot com" <gcc-bugzilla at gcc dot gnu dot org>
- To: gcc-bugs at gcc dot gnu dot org
- Date: Fri, 16 Jun 2017 09:14:20 +0000
- Subject: [Bug sanitizer/59454] blacklisting sanitized functions
- Auto-submitted: auto-generated
- References: <bug-59454-4@http.gcc.gnu.org/bugzilla/>
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=59454
--- Comment #5 from Yuri Gribov <tetra2005 at gmail dot com> ---
(In reply to Martin Liška from comment #4)
> I'm pasting here Jakub's opinion which I agree with:
>
> ```
> I'm strongly against the blacklist, that is not the way things are done in
> GCC, you have corresponding attribute to mark functions you don't want to
> instrument, people can macroize that with
> __typeof (symbol) symbol __attribute__((__no_sanitize_address__));
> But in any case, you mark it in the code rather than adding externally
> some symbol list.
Well, blacklists simplify integration of Asan to large codebases (e.g. full
Linux distro) where you often don't have the luxury of modifying the source
code. I believe was the main reason why they were added to Clang's sanitizer.
Just to double check, what are the technical arguments against using
blacklists?