MEMSTOMP
Summary
Include the MEMSTOMP DSOs in Fedora 19 to enable developers to more quickly detect certain library calls which result in undefined behaviour due to overlapping memory arguments.
Owner
- Name: Jeff Law
- Email: law@redhat.com
Current status
- Targeted release: Releases/19
- Last updated: 2013-03-11
- Percentage of completion: 100%
The non-overlapping testsuite could use some minor improvements though.
Detailed Description
MEMSTOMP is a DSO which can be preloaded by an application to detect calls to library routines with overlapping memory arguments. Specifically MEMSTOMP will detect calls to the following routines with overalapping memory arguments:
[w]memcpy, str[n]cat, wcs[n]cat, str[n]cpy, wcs[n]cpy, [w]mempcpy, memccpy, stp[n]cpy
While valgrind can detect these cases, using a DSO such as MEMSTOMP can be significantly faster. (The current valgrind-3.8.1 does not detect overlap in any of the wide-character copy functions such as wmemcpy etc. unless the implementation calls the non-wide version or other non-wide code.)
The MEMSTOMP code utilizes GPLV2+ and LGPL3 code. The GPLV2+ code is limited to the backtrace code which is not thread safe and may need to be disabled/rewritten.
Benefit to Fedora
MEMSTOMP benefits Fedora by providing additional tools to help developers identify code with undefined behaviour and at a lower runtime cost than tools such as valgrind.
Scope
The MEMSTOMP code utilizes GPLV2+ and LGPL3 code. The GPLV2+ code is limited to the backtrace code which is not thread safe and may need to be disabled/rewritten. If the thread safe code is disabled, applications making these calls with undefined semantics will immediately abort, which is still better than silently continuing.
A minimal testsuite needs to be written and the code needs trivial bundling into an RPM format.
Minimal documentation needs to be provided. A simple man page should be sufficient.
This feature won't affect any other parts of the distribution.
How To Test
MEMSTOMP has a testsuite that is run as part of its build process that will verify non-conforming calls to certain functions are caught accordingly and that conforming calls are not caught.
Users can test the feature on any existing executable by running "memstomp <your executable>".
If the executable does not make undefined calls, then it will run normally. If it does make undefined calls you will either get an abort as soon as the undefined call is detected or you will get a backtrace when the undefined call is detected.
User Experience
No user visible changes unless the user explicitly used the MEMSTOP DSO. For those who use the MEMSTOP DSO they would get a segfault or backtrace when running their application if the application has a call to one of the affected functions with overalapping memory arguments.
Dependencies
None.
Contingency Plan
None necessary as nothing depends on MEMSTOMP.
Documentation
Simple manpage in place. Still needs list of functions/arguments checked.
Release Notes
Fedora 19 comes MEMSTOMP a DSO which can be preloaded into an application to discover overlapping memory arguments to certain functions at a lower runtime cost than valgrind.