[Bug sanitizer/59600] New: no_sanitize_address mishandled when function is inlined

eggert at gnu dot org gcc-bugzilla@gcc.gnu.org
Thu Dec 26 01:57:00 GMT 2013


            Bug ID: 59600
           Summary: no_sanitize_address mishandled when function is
           Product: gcc
           Version: 4.8.2
            Status: UNCONFIRMED
          Severity: normal
          Priority: P3
         Component: sanitizer
          Assignee: unassigned at gcc dot gnu.org
          Reporter: eggert at gnu dot org
                CC: dodji at gcc dot gnu.org, dvyukov at gcc dot gnu.org,
                    jakub at gcc dot gnu.org, kcc at gcc dot gnu.org

Created attachment 31514
  --> http://gcc.gnu.org/bugzilla/attachment.cgi?id=31514&action=edit
Compile and link with '-fsanitize=address -O2' and run to illustrate the bug

A function declared with __attribute__ ((no_sanitize_address)) will attempt to
sanitize its addresses if the function happens to be inlined in another
function that lacks the attribute.  This will cause the code to dump core even
when it's not supposed to.  I discovered this problem when trying to use
address sanitization in Emacs.  To reproduce the problem on an x86-64 platform,
compile the attached program with 'gcc -fsanitize=address -O2'.  It will dump
core because the commented address is sanitized even though it's in a
no_sanitize_address function.  Compiling with -DTHIS_WORKS_AROUND_THE_BUG works
around the bug by adding a noinline attribute to the function in question, but
user code shouldn't have to do that.

More information about the Gcc-bugs mailing list