svadev AT lists.siebelschool.illinois.edu
Subject: Svadev mailing list
List archive
- From: David Keaton <dmk AT dmk.com>
- To: "svadev AT cs.uiuc.edu" <svadev AT cs.uiuc.edu>
- Subject: [svadev] question about SAFECode output
- Date: Wed, 18 Jan 2012 14:41:07 -0800
- List-archive: <http://lists.cs.uiuc.edu/pipermail/svadev>
- List-id: <svadev.cs.uiuc.edu>
I tried the version of SAFECode that works with the LLVM 3.0 release, and I got a puzzling result. I'm hoping you have seen this before.
I used svn to check out the release_30 branch of LLVM (not the trunk) and put poolalloc and safecode in the projects directory. I built it following the directions on the SAFECode web site. I did this on Ubuntu 10.04 x86-64.
Then I copied and pasted the sample buffer overflow program from the SAFECode web site.
http://sva.cs.illinois.edu/docs/UsersGuide.html
I used the following commands to compile and run it, pointing to the libraries I had just built as part of the SAFECode build.
clang -g -fmemsafety -o overflow overflow.c -L${HOME}/local/lib
./overflow 10
The first part of the result was what I expected from reading the documentation. Then a repeating attempted null pointer dereference occurred, and SAFECode didn't seem to be able to find out where it came from.
SAFECode:Violation Type 0x6 when accessing 0x170eda9 at IP=0x4025ea
=======+++++++ SAFECODE RUNTIME ALERT +++++++=======
= Error type : Load/Store Error
= Faulting pointer : 0x170eda9
= Program counter : 0x4025ea
= Fault PC Source :
/home/dmk/com/llvm/sample/overfl
ow.c:7
=
= Object allocated at PC : 0x402d15
= Allocated in Source File :
/home/dmk/com/llvm/sample/overfl
ow.c:17
= Object allocation sequence number : 3
= Object start : 0x170eda0
= Object length : 0x9
SAFECode: Fault!
SAFECode:Violation Type 0x9 when accessing 0xc0000001 at IP=0x8
=======+++++++ SAFECODE RUNTIME ALERT +++++++=======
= Error type : Uninitialized/NULL Pointer
Error
= Faulting pointer : 0xc0000001
= Program counter : 0x8
= Fault PC Source : <unknown>:0
SAFECode: Fault!
SAFECode:Violation Type 0x9 when accessing 0xc0000001 at IP=0x8
=======+++++++ SAFECODE RUNTIME ALERT +++++++=======
= Error type : Uninitialized/NULL Pointer
Error
= Faulting pointer : 0xc0000001
= Program counter : 0x8
= Fault PC Source : <unknown>:0
SAFECode: Fault!
SAFECode:Violation Type 0x9 when accessing 0xc0000001 at IP=0x8
. . .
The null pointer dereference keeps reoccurring until I abort the program.
Is this a known problem? What is it that creates a null pointer dereference with a program counter of 0x8?
David Keaton
- [svadev] question about SAFECode output, David Keaton, 01/18/2012
- Re: [svadev] question about SAFECode output, Matthew Wala, 01/18/2012
- Re: [svadev] question about SAFECode output, David Keaton, 01/19/2012
- Re: [svadev] question about SAFECode output, Matthew Wala, 01/19/2012
- Re: [svadev] question about SAFECode output, David Keaton, 01/20/2012
- Re: [svadev] question about SAFECode output, John Criswell, 01/23/2012
- Re: [svadev] question about SAFECode output, Matthew Wala, 01/19/2012
- Re: [svadev] question about SAFECode output, David Keaton, 01/19/2012
- Re: [svadev] question about SAFECode output, Matthew Wala, 01/18/2012
Archive powered by MHonArc 2.6.16.