Issue
It seems href="http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=728990" rel="noreferrer">that the -fmudflap
feature was removed from GCC.
Thus my question: what to use instead of it for dynamically analyzing programs for out-of-bound read/writes, uninitialized reads and such issues?
(and perhaps as a side question: why was it removed?)
The approach of mudflap (instrumentalizing generated code inside the compiler) looks quite elegant.
Background
Other tools instrumentalize on a machine-code level (e.g. Purify), on a source-code level (e.g. Insure) or instrumentalize during the emulation of a CPU (e.g. Valgrind).
The mudflap approach has the potential to find errors which can't be detected by valgrind or purify (e.g. stack based array access errors). It is also more lightweight than other approaches.
I am searching for an open source solution.
Solution
It looks like -fsanitize
is a direct replacement of -fmudflap
. To quote the GCC 4.8.5 man page:
-fsanitize=address Enable AddressSanitizer, a fast memory error detector. Memory access instructions will be instrumented to detect out-of-bounds and use-after- free bugs. See <http://code.google.com/p/address-sanitizer/> for more details. -fsanitize=thread Enable ThreadSanitizer, a fast data race detector. Memory access instructions will be instrumented to detect data race bugs. See <http://code.google.com/p/data-race-test/wiki/ThreadSanitizer> for more details.
It is also available as part of LLVM (>= 3.1).
Answered By - maxschlepzig Answer Checked By - Timothy Miller (WPSolving Admin)