Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Integrate Address Sanitizer #1089

Open
wants to merge 11 commits into
base: master
Choose a base branch
from
Open

Integrate Address Sanitizer #1089

wants to merge 11 commits into from

Conversation

corbanvilla
Copy link
Contributor

Overview

AddressSanitizer (ASAN) runs as an LLVM pass, which instruments code to detect reading and writing to out of bounds memory addresses at runtime.

Related Issue

AddressSanitizer Overview

  1. Mark functions to be sanitized with the sanitize_address LLVM attribute.
  2. Run the address sanitizer passes before compiling to an object.

Discussion

  • Unlike coverage instrumentation, which requires that the pass be run even before outputting IR code, the ASAN passes should NOT be run if the target output is IR. Otherwise, when the code is later compiled (i.e. with clang -fsanitize=address, the ASAN pass will run twice and cause issues. However, it is useful to run the ASAN pass with clang, since the -fsanitize=address flag will also handle linking to the runtime ASAN library.
  • I began the pass code in this PR under persist_to_obj, so that if you would like to also compile binaries with ASAN using only Rusty, it's there with some notes. However, I haven't looked into how it needs to be integrated into the linker, such that the runtime libraries are found and linked properly. It may be that it's not a high priority to include this feature, given ASAN is a more advanced functionality to begin with, and it's easy enough to link with clang.

Example

You can test the address sanitizer with the following commands:

> cargo build
> ./target/debug/plc --ir ./examples/buffer_overflow.st
> clang -v -fsanitize=address ./buffer_overflow.st.ll -o a.out && ./a.out
...
=================================================================
==97514==ERROR: AddressSanitizer: stack-buffer-overflow on address 0x7fffffffdea3 at pc 0x555555632018 bp 0x7fffffffde70 sp 0x7fffffffde68
WRITE of size 1 at 0x7fffffffdea3 thread T0
    #0 0x555555632017 in buf_overflow (/workspaces/corbanvilla_rusty/a.out+0xde017) (BuildId: a3a8111854e13c79f22563ad6c5116151ae5de04)
    #1 0x555555631ead in main (/workspaces/corbanvilla_rusty/a.out+0xddead) (BuildId: a3a8111854e13c79f22563ad6c5116151ae5de04)
    #2 0x7ffff7d041c9  (/lib/x86_64-linux-gnu/libc.so.6+0x271c9) (BuildId: 51657f818beb1ae70372216a99b7412b8a100a20)
    #3 0x7ffff7d04284 in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x27284) (BuildId: 51657f818beb1ae70372216a99b7412b8a100a20)
    #4 0x555555574300 in _start (/workspaces/corbanvilla_rusty/a.out+0x20300) (BuildId: a3a8111854e13c79f22563ad6c5116151ae5de04)

@corbanvilla corbanvilla mentioned this pull request Feb 16, 2024
Open
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
1 participant
@corbanvilla