svadev AT lists.siebelschool.illinois.edu
Subject: Svadev mailing list
List archive
- From: David Keaton <dmk AT dmk.com>
- To: Matthew Wala <wala1 AT illinois.edu>
- Cc: "svadev AT cs.uiuc.edu" <svadev AT cs.uiuc.edu>
- Subject: Re: [svadev] question about SAFECode output
- Date: Thu, 19 Jan 2012 11:22:02 -0800
- List-archive: <http://lists.cs.uiuc.edu/pipermail/svadev>
- List-id: <svadev.cs.uiuc.edu>
Matt,
Thanks for your help.
On 01/18/2012 06:35 PM, Matthew Wala wrote:
I'm pretty sure this is why the long error sequence occurs:
http://lists.cs.uiuc.edu/pipermail/svadev/2011-August/000104.html
That explains a lot, thanks.
If you want to output only the first error message and then exit, use
the '-fmemsafety-terminate' option along with '-fmemsafety' when
compiling your code.
Actually, I am looking for just the opposite. I would like to run a program to completion, and then afterward look at the list of buffer overflows that occurred.
Many programs work in spite of their buffer overflows. For example, they may allocate 15 bytes, but use 16, and they get away with it because 16 bytes were reserved by the compiler or library for alignment purposes.
Benchmarks are another category where run-to-completion is important.
There are a couple of ways to implement this in a memory safety compiler/runtime system. One is to report the error and then let the program go on and do what it does. Another is to have the memory safety runtime system fake-extend each object to the maximum size that is actually accessed, as described in some of the papers on the subject.
I thought SAFECode did the latter. Is it a special option that needs to be turned on explicitly, or is it not implemented?
As to why the program counter is printed as 0x8, it looks like the
runtime was accessing the wrong register value on x86-64 Linux. This
should be fixed in revision 148458.
Thanks for fixing this! The sample program from the SAFECode Users Guide now shows a reasonable-looking program counter for these faults. It also now terminates after 20 faults, rather than continuing to fault indefinitely. Is this a newly designed limit? If so, can it be turned off to achieve run-to-completion?
I've appended the new output from the Users Guide sample program below.
David
-----
$ ./overflow 10
SAFECode:Violation Type 0x6 when accessing 0x6be989 at IP=0x402250
=======+++++++ SAFECODE RUNTIME ALERT +++++++=======
= Error type : Load/Store Error
= CWE ID : 120
= Faulting pointer : 0x6be989
= Program counter : 0x402250
= Fault PC Source : /home/dmk/com/llvm/sample/overflow.c:7
=
= Object allocated at PC : 0x4023e1
= Allocated in Source File : /home/dmk/com/llvm/sample/overflow.c:17
= Object allocation sequence number : 3
= Object start : 0x6be980
= Object length : 0x9
SAFECode: Fault!
SAFECode:Violation Type 0x9 when accessing 0xc0000001 at IP=0x402254
=======+++++++ SAFECODE RUNTIME ALERT +++++++=======
= Error type : Uninitialized/NULL Pointer
Error
= CWE ID : 120
= Faulting pointer : 0xc0000001
= Program counter : 0x402254
= Fault PC Source : <unknown>:0
SAFECode: Fault!
SAFECode:Violation Type 0x9 when accessing 0xc0000001 at IP=0x402254
=======+++++++ SAFECODE RUNTIME ALERT +++++++=======
= Error type : Uninitialized/NULL Pointer
Error
= CWE ID : 120
= Faulting pointer : 0xc0000001
= Program counter : 0x402254
= Fault PC Source : <unknown>:0
SAFECode: Fault!
SAFECode:Violation Type 0x9 when accessing 0xc0000001 at IP=0x402254
=======+++++++ SAFECODE RUNTIME ALERT +++++++=======
= Error type : Uninitialized/NULL Pointer
Error
= CWE ID : 120
= Faulting pointer : 0xc0000001
= Program counter : 0x402254
= Fault PC Source : <unknown>:0
SAFECode: Fault!
SAFECode:Violation Type 0x9 when accessing 0xc0000001 at IP=0x402254
=======+++++++ SAFECODE RUNTIME ALERT +++++++=======
= Error type : Uninitialized/NULL Pointer
Error
= CWE ID : 120
= Faulting pointer : 0xc0000001
= Program counter : 0x402254
= Fault PC Source : <unknown>:0
SAFECode: Fault!
SAFECode:Violation Type 0x9 when accessing 0xc0000001 at IP=0x402254
=======+++++++ SAFECODE RUNTIME ALERT +++++++=======
= Error type : Uninitialized/NULL Pointer
Error
= CWE ID : 120
= Faulting pointer : 0xc0000001
= Program counter : 0x402254
= Fault PC Source : <unknown>:0
SAFECode: Fault!
SAFECode:Violation Type 0x9 when accessing 0xc0000001 at IP=0x402254
=======+++++++ SAFECODE RUNTIME ALERT +++++++=======
= Error type : Uninitialized/NULL Pointer
Error
= CWE ID : 120
= Faulting pointer : 0xc0000001
= Program counter : 0x402254
= Fault PC Source : <unknown>:0
SAFECode: Fault!
SAFECode:Violation Type 0x9 when accessing 0xc0000001 at IP=0x402254
=======+++++++ SAFECODE RUNTIME ALERT +++++++=======
= Error type : Uninitialized/NULL Pointer
Error
= CWE ID : 120
= Faulting pointer : 0xc0000001
= Program counter : 0x402254
= Fault PC Source : <unknown>:0
SAFECode: Fault!
SAFECode:Violation Type 0x9 when accessing 0xc0000001 at IP=0x402254
=======+++++++ SAFECODE RUNTIME ALERT +++++++=======
= Error type : Uninitialized/NULL Pointer
Error
= CWE ID : 120
= Faulting pointer : 0xc0000001
= Program counter : 0x402254
= Fault PC Source : <unknown>:0
SAFECode: Fault!
SAFECode:Violation Type 0x9 when accessing 0xc0000001 at IP=0x402254
=======+++++++ SAFECODE RUNTIME ALERT +++++++=======
= Error type : Uninitialized/NULL Pointer
Error
= CWE ID : 120
= Faulting pointer : 0xc0000001
= Program counter : 0x402254
= Fault PC Source : <unknown>:0
SAFECode: Fault!
SAFECode:Violation Type 0x9 when accessing 0xc0000001 at IP=0x402254
=======+++++++ SAFECODE RUNTIME ALERT +++++++=======
= Error type : Uninitialized/NULL Pointer
Error
= CWE ID : 120
= Faulting pointer : 0xc0000001
= Program counter : 0x402254
= Fault PC Source : <unknown>:0
SAFECode: Fault!
SAFECode:Violation Type 0x9 when accessing 0xc0000001 at IP=0x402254
=======+++++++ SAFECODE RUNTIME ALERT +++++++=======
= Error type : Uninitialized/NULL Pointer
Error
= CWE ID : 120
= Faulting pointer : 0xc0000001
= Program counter : 0x402254
= Fault PC Source : <unknown>:0
SAFECode: Fault!
SAFECode:Violation Type 0x9 when accessing 0xc0000001 at IP=0x402254
=======+++++++ SAFECODE RUNTIME ALERT +++++++=======
= Error type : Uninitialized/NULL Pointer
Error
= CWE ID : 120
= Faulting pointer : 0xc0000001
= Program counter : 0x402254
= Fault PC Source : <unknown>:0
SAFECode: Fault!
SAFECode:Violation Type 0x9 when accessing 0xc0000001 at IP=0x402254
=======+++++++ SAFECODE RUNTIME ALERT +++++++=======
= Error type : Uninitialized/NULL Pointer
Error
= CWE ID : 120
= Faulting pointer : 0xc0000001
= Program counter : 0x402254
= Fault PC Source : <unknown>:0
SAFECode: Fault!
SAFECode:Violation Type 0x9 when accessing 0xc0000001 at IP=0x402254
=======+++++++ SAFECODE RUNTIME ALERT +++++++=======
= Error type : Uninitialized/NULL Pointer
Error
= CWE ID : 120
= Faulting pointer : 0xc0000001
= Program counter : 0x402254
= Fault PC Source : <unknown>:0
SAFECode: Fault!
SAFECode:Violation Type 0x9 when accessing 0xc0000001 at IP=0x402254
=======+++++++ SAFECODE RUNTIME ALERT +++++++=======
= Error type : Uninitialized/NULL Pointer
Error
= CWE ID : 120
= Faulting pointer : 0xc0000001
= Program counter : 0x402254
= Fault PC Source : <unknown>:0
SAFECode: Fault!
SAFECode:Violation Type 0x9 when accessing 0xc0000001 at IP=0x402254
=======+++++++ SAFECODE RUNTIME ALERT +++++++=======
= Error type : Uninitialized/NULL Pointer
Error
= CWE ID : 120
= Faulting pointer : 0xc0000001
= Program counter : 0x402254
= Fault PC Source : <unknown>:0
SAFECode: Fault!
SAFECode:Violation Type 0x9 when accessing 0xc0000001 at IP=0x402254
=======+++++++ SAFECODE RUNTIME ALERT +++++++=======
= Error type : Uninitialized/NULL Pointer
Error
= CWE ID : 120
= Faulting pointer : 0xc0000001
= Program counter : 0x402254
= Fault PC Source : <unknown>:0
SAFECode: Fault!
SAFECode:Violation Type 0x9 when accessing 0xc0000001 at IP=0x402254
=======+++++++ SAFECODE RUNTIME ALERT +++++++=======
= Error type : Uninitialized/NULL Pointer
Error
= CWE ID : 120
= Faulting pointer : 0xc0000001
= Program counter : 0x402254
= Fault PC Source : <unknown>:0
SAFECode: Fault!
SAFECode:Violation Type 0x9 when accessing 0xc0000001 at IP=0x402254
=======+++++++ SAFECODE RUNTIME ALERT +++++++=======
= Error type : Uninitialized/NULL Pointer
Error
= CWE ID : 120
= Faulting pointer : 0xc0000001
= Program counter : 0x402254
= Fault PC Source : <unknown>:0
Aborted
- [svadev] question about SAFECode output, David Keaton, 01/18/2012
- Re: [svadev] question about SAFECode output, Matthew Wala, 01/18/2012
- Re: [svadev] question about SAFECode output, David Keaton, 01/19/2012
- Re: [svadev] question about SAFECode output, Matthew Wala, 01/19/2012
- Re: [svadev] question about SAFECode output, David Keaton, 01/20/2012
- Re: [svadev] question about SAFECode output, John Criswell, 01/23/2012
- Re: [svadev] question about SAFECode output, Matthew Wala, 01/19/2012
- Re: [svadev] question about SAFECode output, David Keaton, 01/19/2012
- Re: [svadev] question about SAFECode output, Matthew Wala, 01/18/2012
Archive powered by MHonArc 2.6.16.