Git Product home page Git Product logo

Comments (2)

AdvenamTacet avatar AdvenamTacet commented on June 15, 2024 1

Hey!
I don't know much about libstdc++ std::set, but you are almost certainly right about memory not being actually freed.

Also, I don't think std::map/std::set is (ASan) annotated in any implementation.

can you provide more information about address sanitizer annotations for STL containers in libcxx?

In libc++17, my annotations were added to std::deque. std::basic_string annotations hopefully will be included in libc++18 (already implemented, waiting for dylib shipping commit).

ASan API (compiler-rt) was extended in LLVM16 to support more allocators during annotating containers and since libc++17 all allocators are annotated by default, improving state of the art of std::vector annotations and impacting std::deque annotations.

Any plan to add asan annotation for associative containers like std::map ?

I looked quickly (so, take my word with grain of salt) on libc++ implementation and it looks like some memory from the node is freed every time when element is removed from a __tree. Probably there is no benefit from std::set/std::map annotations in libc++. I don't know anything about libstdc++.

I don't think more containers than mentioned above will be annotated any time soon. Not sure if there is even a point to do it ever (if memory is freed "on erase", any use after free will be detected).

PS

Changes in libc++ have no effect on libstdc++ containers. We have working PoC for libstdc++ (12?) containers (deque and string), which we may make public, but those are more hacked implementations than something what can be simply merged.

from sanitizers.

Enna1 avatar Enna1 commented on June 15, 2024

I'm not familiar with the implementation details of std::map in libstd++.
IMHO, this is because the underlying memory is not actually freed when calling mp.erase(it), so asan can not detect it as a heap-use-after-free bug.
The address sanitizer annotation for std::map is also not implemented in libstdc++, see https://gcc.gnu.org/legacy-ml/gcc-patches/2017-07/msg01314.html .

Under my test, this bug can be detected using clang with libcxx, see https://godbolt.org/z/xvzM7vYrq .
@AdvenamTacet recently implemented more address sanitizer annotations for STL containers in libcxx.

Hi @vitalybuka @AdvenamTacet can you provide more information about address sanitizer annotations for STL containers in libcxx?
Any plan to add asan annotation for associative containers like std::map ?

from sanitizers.

Related Issues (20)

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. 📊📈🎉

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google ❤️ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.