Re: Runtime security/memory checks for gcc/gdb

[guy keren]

if you are running on windows - you can use purify - it's a commercial 
tool, it costs money, but it is worth every cent. it used to have a 
2-weeks free evaluation version - so you could check that it works well 
with your product before you ask management for money.

of-course, if you are running on windows - you are asking this question 
on the wrong forum ;)

regarding false positives - from my experience, it's a price worth 
paying - once you manage to clean them out, you have much easier 
debugging later on.

--guy

Elazar Leibovich wrote:
I tried using valgrind in a different project. The main problems I've 
had with valgrind are speed (which is not a problem here) and false 
positives.
Getting gdb to report that during runtime has its advantages.
Anyhow, I was hoping to hear about products/valgrind add-ons etc I do 
not know.

The main practical problem with it, is convincing management that 
getting a linux box or VM and build the code on it is worth our while...

On Tue, Jan 12, 2010 at 12:27 AM, guy keren <c...@actcom.co.il 
<mailto:c...@actcom.co.il>> wrote:



    valgrind will tell you whenever you are using an un-ninitialized
    variable. it'll do so using runtime analysis.

    have you tried using valgrind at all?

    --guy

    Elazar Leibovich wrote:

        Just a remark, as some people asked me about it privately.
        I'm not interested in static analysis (which gcc gives for
        uninitialized variables). But with runtime analysis of where the
        uninitialized variable have been actually used when the code was
        run. This is useful in many situations (for instance, when
        having 3000 (literally) static warnings, some of similar spirit,
        and no time to check them all)
        I didn't find anything parallel to that for gcc.

        On Mon, Jan 11, 2010 at 11:54 PM, Elazar Leibovich
        <elaz...@gmail.com <mailto:elaz...@gmail.com>
        <mailto:elaz...@gmail.com <mailto:elaz...@gmail.com>>> wrote:

           We have a big legacy embedded code we need to maintain. Often, we
           wish to run some functions of the code on the PC with injected
           input, to test them or to test changes we've done to them without
           loading the code to the device it should run on.
           The code is written with C.
           Obviously, this is not an easy task, it is more difficult
        because,
           the code is bug ridden, and many times it works by accident (for
           example, a NULL pointer added a constant and then derefeced, this
           worked because the memory address was legal).
           Since the code is big, our strategy is: compile just the
        parts you
           need, debug it enough so that it would run on the PC, and
        keep the
           changes. Hopefully, after enough time, all (or most) of the code
           would be runnable on a PC.
           We use gcc+gdb to compile and debug the code. In Visual Studio's
           cl.exe there are some security checks
           <http://msdn.microsoft.com/en-us/library/aa289171(VS.71).aspx> at

           run time. This can really assist debugging. For example
        knowing when
           an unintialized variable was used can save you alot of
        frustration
           when trying to figure out why you're getting a wrong numberic
        results.
           My questions are:
           1) Are there parallel (or better) runtime security checks for
           gcc/gdb? I found the -fstack-protection stack canary switch,
        but are
           there more of this type?
           2) What other tools are there which offer similar protection?
           Valgrind of course is the first thing that comes to my mind, but
           I'll be glad to hear any more ideas.
           For example, I would love to be able to get a warning whenever a
           pointer is dereferenced twice, where the first time the pointer
           points at the memory address of variable x, and the second
        time it
           points to variable y. That way I'll get a warning for the
        following bug:
           int x[3] = {1,2,3};int y[3] = {4,5,6};
           int *p = x;
           for (int i=0;i<=3;i++,p++) (*p) = (*p)++; // note the <=
           3) We use win32 for regular development, so if anyone knows
        what is
           the support for such tests in cygwin/mingw, I'll be glad to hear
           about it.

           Thanks
           Elazar Leibovich



        ------------------------------------------------------------------------


        _______________________________________________
        Linux-il mailing list
        Linux-il@cs.huji.ac.il <mailto:Linux-il@cs.huji.ac.il>
        http://mailman.cs.huji.ac.il/mailman/listinfo/linux-il





_______________________________________________
Linux-il mailing list
Linux-il@cs.huji.ac.il
http://mailman.cs.huji.ac.il/mailman/listinfo/linux-il