http://gcc.gnu.org/bugzilla/show_bug.cgi?id=55485
--- Comment #9 from Kostya Serebryany <kcc at gcc dot gnu.org> 2012-11-28 14:00:53 UTC --- Correct. __asan_handle_no_return may loose some of the stack-buffer overflows. It is also used to handle clone case, where the entire stack should be unpoisoned. http://code.google.com/p/address-sanitizer/issues/detail?id=37&can=1&q=clone >> rather than trying to figure out into which function it >> longjmps and clearing only everything up to that frame, right I am not sure how to do it w/o going too deep inside the longjmp implementation. The code we care about almost never uses longjmp (and C++ exceptions) so we didn't bother. But yes, we have this case of "false negative". >> Do you do that just for noreturn calls? Yes, we just rely on LLVM telling us that a call is noreturn. (haha, there is actually a minor problem in our LLVM pass. http://code.google.com/p/address-sanitizer/issues/detail?id=129 ) >> What about say __builtin_trap () or __builtin_unreachable ()? __builtin_trap is not asan-hostile in this manner. Today we don't prepend it with __asan_handle_no_return
