From Fedora Project Wiki

Revision as of 14:45, 24 January 2013 by Jreznik (talk | contribs) (Feature has been announced on devel-announce mailing list on 2013-01-24)


MEMSTOMP

Summary

Include the MEMSTOMP DSOs in Fedora 19 to enable developers to more quickly detect certain library calls which result in undefined behaviour due to overlapping memory arguments.

Owner

  • Name: Jeff Law
  • Email: law@redhat.com

Current status

  • Targeted release: Releases/19
  • Last updated: 2013-01-22
  • Percentage of completion: 50%

Detailed Description

MEMSTOMP is a DSO which can be preloaded by an application to detect calls to library routines with overlapping memory arguments. Specifically MEMSTOMP will detect calls to the following routines with overalapping memory arguments:

[w]memcpy, str[n]cat, wcs[n]cat, str[n]cpy, wcs[n]cpy, [w]mempcpy, memccpy, stp[n]cpy

While valgrind can detect these cases, using a DSO such as MEMSTOMP can be significantly faster.

The MEMSTOMP code utilizes GPLV2+ and LGPL3 code. The GPLV2+ code is limited to the backtrace code which is not thread safe and may need to be disabled/rewritten.

Benefit to Fedora

MEMSTOMP benefits Fedora by providing additional tools to help developers identify code with undefined behaviour and at a lower runtime cost than tools such as valgrind.


Scope

The MEMSTOMP code utilizes GPLV2+ and LGPL3 code. The GPLV2+ code is limited to the backtrace code which is not thread safe and may need to be disabled/rewritten. If the thread safe code is disabled, applications making these calls with undefined semantics will immediately abort, which is still better than silently continuing.

A minimal testsuite needs to be written and the code needs trivial bundling into an RPM format.

Minimal documentation needs to be provided. A simple man page should be sufficient.

This feature won't affect any other parts of the distribution.

How To Test

MEMSTOMP does not currently have a testsuite. I propose adding a simple testsuite to MEMSTOMP which verifies that a call to each of the listed functions with overlapping arguments is detected and that a call to each without overlapping arguments results in proper copying.

Users can test the feature on any existing executable by running "memstomp <your executable>".

If the executable does not make undefined calls, then it will run normally. If it does make undefined calls you will either get an abort as soon as the undefined call is detected or you will get a backtrace when the undefined call is detected.

User Experience

No user visible changes unless the user explicitly used the MEMSTOP DSO. For those who use the MEMSTOP DSO they would get a segfault or backtrace when running their application if the application has a call to one of the affected functions with overalapping memory arguments.

Dependencies

None.

Contingency Plan

None necessary as nothing depends on MEMSTOMP.


Documentation

None available yet. Usage, list of functions/arguments checked would be added if package is approved.

Release Notes

Fedora 19 comes MEMSTOMP a DSO which can be preloaded into an application to discover overlapping memory arguments to certain functions at a lower runtime cost than valgrind.


Comments and Discussion