Glibc-audit is a memory access check software for developers that uses a modified version of glibc to ensure reliable code.
Glibc-audit has undergone an audit and has been cleaned up to help reduce the noise that is often present in C libraries, making reports produced by the memory access checker more meaningful for developers. Unlike ordinary glibc, which uses uninitialized dummy variables that make no sense to the logic itself but are reported to the memory access checker, glibc-audit initializes all its local variables and structs before use.
The r_debug.r_brk protocol has been enhanced to work better with a co-resident auditor. When an auditor sets .r_brk, the runtime loader will contact the auditor directly whenever a shared library event happens. This method is more comfortable than using breakpoints. In machines where pointer functions are similar to ordinary pointers, the new protocol is binary backward compatible with the old protocol, which works just like before. Unfortunately, platforms where a pointer to a function is longer like HP-PA RISC, Alpha processor, or PowerPC are not binary backward-compatible and will have to increment r_debug.r_version. Existing clients like gdb will witness a type mismatch error.
The additional code of the patch takes up 18 more bytes of .text, and 24 fewer bytes in the .so, compared to glibc-2.3.2-27.9, with an execution cost of 0 to 3 CPU cycles per affected routine. The estimated median total effect on a machine per day is less than one second. For the cases of *printf(), glibc-audit is faster than glibc because the cleaned up source helps gcc-3.2 avoid generating grotesque code when initializing printf_spec.info for parse_one_spec() in stdio-common/printf-parse.h.
Glibc-audit was created by analyzing the reported errors from running a memory access checker on the internal test cases of glibc, fixing the bugs that were found, and modifying the source. This process revealed ten memory access bugs in glibc-2.3.2-11.9, seven of which were fixed in glibc-2.3.2-27.9, two in CVS, and one is a design flaw that might not be addressed. Predecessor patches were submitted to the glibc project but were ignored or rejected, so glibc-audit-1 was created separately.
Lastly, the patches have been updated to glibc-2.4-4 in the latest release, and a bug in glibc that interfered with gdb stop-on-solib-events on x86, x86-64, and PowerPC has been fixed. Additionally, the __NR_open system call on these platforms has been improved to prevent the leakage of user information to the kernel.
Overall, glibc-audit is an excellent option for developers who use memory access checkers like Valgrind, Insure, or Purify. It provides cleaner and more meaningful reports than typical glibc, initializes its local variables and structs, and has an enhanced r_debug.r_brk protocol. The latest release fixes some bugs and updates the patches to glibc-2.4-4, further improving this already impressive software.
Version 2.4-4: N/A