[prev in list] [next in list] [prev in thread] [next in thread] 

List:       vtk-developers
Subject:    Re: [vtk-developers] clang undefined behaviour sanitizer overview
From:       Will Schroeder <will.schroeder () kitware ! com>
Date:       2013-02-28 19:40:16
Message-ID: CAEiDrtWD4n8t-PGZ5k7rf+UyoXQDfJu+exubf2J_=5m8eZNwZA () mail ! gmail ! com
[Download RAW message or body]

[Attachment #2 (multipart/alternative)]


Sean it was a pleasure to have you, thanks for the hard work.
W


On Thu, Feb 28, 2013 at 2:38 PM, Sean McBride <sean@rogue-research.com>wrote:

> Hi all,
> 
> So at the VTK hack-a-thon yesterday I showed some of you clang's
> 'undefined behaviour sanitizer' (abbreviated 'ubsan').  If you want to try
> it yourself, you need to build clang from svn, which is easy and can be
> done with CMake:
> 
> <http://clang.llvm.org/get_started.html>
> 
> I recommend setting CMAKE_BUILD_TYPE=Release and LLVM_ENABLE_ASSERTIONS=ON.
> 
> Then you just use your new clang executable with "-fsanitize=undefined" as
> a C/C++ flag.  Should work on linux or OS X.  It's described here:
> 
> <http://clang.llvm.org/docs/UsersManual.html#controlling-code-generation>
> 
> It may report many things, and can be too noisy, so you can specify a
> subset of checks.  For VTK, I've been using
> "-fsanitize=bool,bounds,float-cast-overflow,integer-divide-by-zero,null,object-size,return,shift,signed-integer-overflow,unreachable,vla-bound"
>  and this triggers only a few issues, some of which we fixed at the
> hack-a-thon:
> 
> <http://review.source.kitware.com/10021>
> <http://review.source.kitware.com/10026>
> 
> Notice that its output nicely pinpoints the problem:
> 
> vtkOOGLExporter.cxx:228:3: runtime error: index -4 out of bounds for type
> 'char [256]'
> vtkOrderedTriangulator.cxx:1609  runtime error: index 8 out of bounds for
> type 'TemplateIDType [8]'
> 
> And we found one false-positive (so you should maybe not use
> 'float-cast-overflow' for now):
> 
> <http://llvm.org/PR15383>
> 
> I'll be turning these on on my Rogue7 dashboard bit by bit...
> 
> (clang also has AddressSanitizer, ThreadSanitizer, and MemorySanitizer,
> which look very interesting too, but I have not yet tried them.)
> 
> Cheers,
> 
> --
> ____________________________________________________________
> Sean McBride, B. Eng                 sean@rogue-research.com
> Rogue Research                        www.rogue-research.com
> Mac Software Developer              Montréal, Québec, Canada
> 
> 
> _______________________________________________
> Powered by www.kitware.com
> 
> Visit other Kitware open-source projects at
> http://www.kitware.com/opensource/opensource.html
> 
> Follow this link to subscribe/unsubscribe:
> http://www.vtk.org/mailman/listinfo/vtk-developers
> 
> 


-- 
William J. Schroeder, PhD
Kitware, Inc.
28 Corporate Drive
Clifton Park, NY 12065
will.schroeder@kitware.com
http://www.kitware.com
(518) 881-4902


[Attachment #5 (text/html)]

<div dir="ltr">Sean it was a pleasure to have you, thanks for the hard \
work.<div>W</div></div><div class="gmail_extra"><br><br><div class="gmail_quote">On \
Thu, Feb 28, 2013 at 2:38 PM, Sean McBride <span dir="ltr">&lt;<a \
href="mailto:sean@rogue-research.com" \
target="_blank">sean@rogue-research.com</a>&gt;</span> wrote:<br>

<blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc \
solid;padding-left:1ex">Hi all,<br> <br>
So at the VTK hack-a-thon yesterday I showed some of you clang&#39;s &#39;undefined \
behaviour sanitizer&#39; (abbreviated &#39;ubsan&#39;).  If you want to try it \
yourself, you need to build clang from svn, which is easy and can be done with \
CMake:<br>


<br>
&lt;<a href="http://clang.llvm.org/get_started.html" \
target="_blank">http://clang.llvm.org/get_started.html</a>&gt;<br> <br>
I recommend setting CMAKE_BUILD_TYPE=Release and LLVM_ENABLE_ASSERTIONS=ON.<br>
<br>
Then you just use your new clang executable with &quot;-fsanitize=undefined&quot; as \
a C/C++ flag.  Should work on linux or OS X.  It&#39;s described here:<br> <br>
&lt;<a href="http://clang.llvm.org/docs/UsersManual.html#controlling-code-generation" \
target="_blank">http://clang.llvm.org/docs/UsersManual.html#controlling-code-generation</a>&gt;<br>
 <br>
It may report many things, and can be too noisy, so you can specify a subset of \
checks.  For VTK, I&#39;ve been using \
&quot;-fsanitize=bool,bounds,float-cast-overflow,integer-divide-by-zero,null,object-size,return,shift,signed-integer-overflow,unreachable,vla-bound&quot; \
and this triggers only a few issues, some of which we fixed at the hack-a-thon:<br>


<br>
&lt;<a href="http://review.source.kitware.com/10021" \
target="_blank">http://review.source.kitware.com/10021</a>&gt;<br> &lt;<a \
href="http://review.source.kitware.com/10026" \
target="_blank">http://review.source.kitware.com/10026</a>&gt;<br> <br>
Notice that its output nicely pinpoints the problem:<br>
<br>
vtkOOGLExporter.cxx:228:3: runtime error: index -4 out of bounds for type &#39;char \
[256]&#39;<br> vtkOrderedTriangulator.cxx:1609  runtime error: index 8 out of bounds \
for type &#39;TemplateIDType [8]&#39;<br> <br>
And we found one false-positive (so you should maybe not use \
&#39;float-cast-overflow&#39; for now):<br> <br>
&lt;<a href="http://llvm.org/PR15383" \
target="_blank">http://llvm.org/PR15383</a>&gt;<br> <br>
I&#39;ll be turning these on on my Rogue7 dashboard bit by bit...<br>
<br>
(clang also has AddressSanitizer, ThreadSanitizer, and MemorySanitizer, which look \
very interesting too, but I have not yet tried them.)<br> <br>
Cheers,<br>
<br>
--<br>
____________________________________________________________<br>
Sean McBride, B. Eng                 <a \
href="mailto:sean@rogue-research.com">sean@rogue-research.com</a><br> Rogue Research  \
<a href="http://www.rogue-research.com" \
target="_blank">www.rogue-research.com</a><br> Mac Software Developer              \
Montréal, Québec, Canada<br> <br>
<br>
_______________________________________________<br>
Powered by <a href="http://www.kitware.com" target="_blank">www.kitware.com</a><br>
<br>
Visit other Kitware open-source projects at <a \
href="http://www.kitware.com/opensource/opensource.html" \
target="_blank">http://www.kitware.com/opensource/opensource.html</a><br> <br>
Follow this link to subscribe/unsubscribe:<br>
<a href="http://www.vtk.org/mailman/listinfo/vtk-developers" \
target="_blank">http://www.vtk.org/mailman/listinfo/vtk-developers</a><br> <br>
</blockquote></div><br><br clear="all"><div><br></div>-- <br>William J. Schroeder, \
PhD<br>Kitware, Inc.<br>28 Corporate Drive<br>Clifton Park, NY 12065<br><a \
href="mailto:will.schroeder@kitware.com">will.schroeder@kitware.com</a><br>

<a href="http://www.kitware.com">http://www.kitware.com</a><br>(518) 881-4902
</div>



_______________________________________________
Powered by www.kitware.com

Visit other Kitware open-source projects at http://www.kitware.com/opensource/opensource.html

Follow this link to subscribe/unsubscribe:
http://www.vtk.org/mailman/listinfo/vtk-developers



[prev in list] [next in list] [prev in thread] [next in thread]

Configure | About | News | Add a list | Sponsored by KoreLogic