This is the mail archive of the
gcc@gcc.gnu.org
mailing list for the GCC project.
[RFC] Don't inline builtin memory functions when ASan is enabled.
- From: Maxim Ostapenko <m dot ostapenko at partner dot samsung dot com>
- To: gcc at gcc dot gnu dot org
- Cc: Yury Gribov <y dot gribov at samsung dot com>, Slava Garbuzov <v dot garbuzov at samsung dot com>, Maxim Ostapenko <chefmax7 at gmail dot com>
- Date: Tue, 02 Sep 2014 18:32:36 +0400
- Subject: [RFC] Don't inline builtin memory functions when ASan is enabled.
- Authentication-results: sourceware.org; auth=none
Hi,
At this moment, most of GCC builtin memory functions (for example
strcpy, stpcpy, wcpcpy, strdup, etc) are not instrumented by GCC,
however some of them are rather dangerous. If GCC inlines these builtin
functions, we will miss important checks for arguments, and possible
overflow won't be detected. I know, that Clang ASan team simply disable
inlining of builtin functions in Clang if -fsanitize=address is enabled
and rely on libsanitizer's hooks.
The main benefit of this approach is that we won't miss overflow in
builtins, that can significantly increase target programs safety. Also,
some redundant checks will be removed for builtin functions, that are
instrumented and are not inlined for some reasons.
The potential disadvantage of this approach is performance decreasing
for sanitized programs.
Does disabling of builtin functions inlining look sane in this case? If
yes, I can provide performance investigation and prepare the patch.
What do you think?
-Maxim