LLVM 3.1 with AddressSanitizer released

The good part:

LLVM 3.1 has been released, and AddressSanitizer is now officially a part of it.


The bad parts:

There are still several issues (= security bugs) with perl-5.16.0 and important modules.

  • heap-overflow threaded-only in swash_init - Carp - caller - gv_stashpvn call perl #113060 cx corruption
  • DBI use-after-free cpan #75614
  • List::Util 1.24 cpan #72700 (be sure to upgrade it from CPAN if you need to use 5.16.0 plain. Fixed in 1.25)
  • clone_with_stack heap-use-after-free on PL_curcop perl #111610

My asan talk at YAPC is on the waiting list. If someone is interested I'll do a hallway meeting. parrot is happy to use it.

asan unrelated:

See my other blog posts about AddressSanitizer:

  1. adventures-with-clang-and-asan
  2. address-sanitizer-round-2

1 Comment

Cool, thanks. Wanted to try asan for a while now.