Article: Finding memory bugs in D code with AddressSanitizer
Johan Engelen
j at j.nl
Tue Dec 26 23:41:46 UTC 2017
On Tuesday, 26 December 2017 at 22:11:18 UTC, Jon Degenhardt
wrote:
> On Monday, 25 December 2017 at 17:03:37 UTC, Johan Engelen
> wrote:
>> I've been writing this article since August, and finally found
>> some time to finish it:
>>
>> http://johanengelen.github.io/ldc/2017/12/25/LDC-and-AddressSanitizer.html
>>
>
> Nice article. Main question / comment is about the need for
> blacklisting D standard libraries (druntime/phobos). If someone
> wants to try ASan out on their own code, can they start by
> ignoring the D standard libraries? And, for programs that use
> druntime/phobos, will this be effective? If I understand the
> post, the answer is "yes", but I think it could be more
> explicit.
Indeed, yes. I've used ASan successfully on the ddmd lexer.
"successfully" = I found and fixed an actual bug with it.
Without ASan-enabled standard libs, ASan testing will cover your
code and (most) std lib _templated_ code.
A blacklist may be needed for templated std lib code that doesn't
work with ASan (yet), either because of a bug in the std lib (not
very likely I think) or something else. We need much more testing
of LDC+ASan.
> Second comment is related - If the reader was to try
> instrumenting druntime/phobos along with their own code, how
> much effort should be expected to correctly blacklist
> druntime/phobos code? Would many programs have smooth sailing
> if they took the blacklist published in the post? Or is this
> early stage enough that some real effort should be expected?
Very early stage. I myself have not worked on ASan-enabled
druntime/phobos for more than 30 minutes. Already found some
trouble with cpuid functions (inline asm): `fun:_D4core5cpuid*`
must be added to the blacklist.
I think the first goal should be to make a blacklist such that
all tests pass, adding blacklist items in a "# not reviewed"
section. Then afterwards, we can reduce the blacklist bit-by-bit
by figuring out exactly why ASan triggers: either a bug, expected
behavior, or an ASan bug.
A counterpart to the blacklist file is an
`@no_sanitize("address")` magic UDA; to disable ASan and document
it inside the code. This should be done in such a way that it is
upstreamable. (e.g. version(LDC) static import ldc.attributes,
alias no_sanitize = ...)
> Also, if the blacklist file in the post represents a meaningful
> starting point,
it does
> perhaps it makes sense to check it in and distribute it. This
> would provide a place for contributors to start making
> improvements.
Definitely makes sense. I think this should be inside the runtime
libraries' repos, right? (So one blacklist for druntime, and
another for Phobos).
(I'm even thinking about adding `-fsanitize-blacklist=<...>` to
the shipped blacklist in `ldc.conf`.)
I'll figure out how to incorporate your comments into the
article, thanks.
cheers,
Johan
More information about the Digitalmars-d-announce
mailing list