On Fri, Mar 24, 2017 at 3:10 PM, Peter Zijlstra <pet...@infradead.org> wrote: > On Fri, Mar 24, 2017 at 02:50:24PM +0100, Dmitry Vyukov wrote: >> OK, I guess should not have referenced the llvm-linux page. >> So here are reasons on our side that I am ready to vouch: >> >> - clang make it possible to implement KMSAN (dynamic detection of >> uses of uninit memory) > > How does GCC make this impossible?
Too complex and too difficult to implement correctly on all corner cases. All other sanitizers were ported to gcc very quickly, but msan wasn't. Nobody is brave enough to even approach it. >> - better code coverage for fuzzing > > How so? Why can't the same be achieved using GCC? Same reason. >> - why simpler and faster development (e.g. we can port our user-space >> hardening technologies -- CFI and SafeStack) > > That's just because you've already implemented this in clang, right? So > less work for you. Not because its impossible. I am not saying that it's impossible. It would just require unreasonable amount of time, and then perpetual maintenance to fix corner cases and regressions. For background: I implemented the current fuzzing coverage (KCOV) in gcc, and user-space tsan instrumentation in gcc.