[llvm-commits] [compiler-rt] r168040 - in /compiler-rt/trunk/lib/asan: asan_allocator.cc asan_internal.h asan_report.cc asan_thread.cc

Kostya Serebryany kcc at google.com
Thu Nov 15 07:05:41 PST 2012


Oh, that's too complex.


I'd prefer something like

===================================================================
--- asan_thread.cc      (revision 167542)
+++ asan_thread.cc      (working copy)
@@ -124,6 +124,8 @@
   } else {
     bottom = fake_stack().AddrIsInFakeStack(addr);
     CHECK(bottom);
+    *offset = addr - bottom;
+    return  (const char *)((uptr*)bottom)[1];
     is_fake_stack = true;
   }
   uptr aligned_addr = addr & ~(__WORDSIZE/8 - 1);  // align addr.


Can you please check if it works, revert this patch and apply the one
above?



On Thu, Nov 15, 2012 at 5:40 AM, Alexander Potapenko <glider at google.com>wrote:

> Author: glider
> Date: Thu Nov 15 07:40:44 2012
> New Revision: 168040
>
> URL: http://llvm.org/viewvc/llvm-project?rev=168040&view=rev
> Log:
> [ASan] Poison the leftmost shadow byte with a special value so that we can
> find
> the beginning of the fake frame when reporting an use-after-return error.
> Fixes http://code.google.com/p/address-sanitizer/issues/detail?id=126
>
>
> Modified:
>     compiler-rt/trunk/lib/asan/asan_allocator.cc
>     compiler-rt/trunk/lib/asan/asan_internal.h
>     compiler-rt/trunk/lib/asan/asan_report.cc
>     compiler-rt/trunk/lib/asan/asan_thread.cc
>
> Modified: compiler-rt/trunk/lib/asan/asan_allocator.cc
> URL:
> http://llvm.org/viewvc/llvm-project/compiler-rt/trunk/lib/asan/asan_allocator.cc?rev=168040&r1=168039&r2=168040&view=diff
>
> ==============================================================================
> --- compiler-rt/trunk/lib/asan/asan_allocator.cc (original)
> +++ compiler-rt/trunk/lib/asan/asan_allocator.cc Thu Nov 15 07:40:44 2012
> @@ -998,6 +998,10 @@
>    CHECK(fake_frame->descr != 0);
>    CHECK(fake_frame->size_minus_one == size - 1);
>    PoisonShadow(ptr, size, kAsanStackAfterReturnMagic);
> +  CHECK(size >= SHADOW_GRANULARITY);
> +  // Poison the leftmost shadow byte with a special value so that we can
> find
> +  // the beginning of the fake frame when reporting an error.
> +  PoisonShadow(ptr, SHADOW_GRANULARITY, kAsanStackAfterReturnLeftMagic);
>  }
>
>  }  // namespace __asan
>
> Modified: compiler-rt/trunk/lib/asan/asan_internal.h
> URL:
> http://llvm.org/viewvc/llvm-project/compiler-rt/trunk/lib/asan/asan_internal.h?rev=168040&r1=168039&r2=168040&view=diff
>
> ==============================================================================
> --- compiler-rt/trunk/lib/asan/asan_internal.h (original)
> +++ compiler-rt/trunk/lib/asan/asan_internal.h Thu Nov 15 07:40:44 2012
> @@ -160,6 +160,7 @@
>  const int kAsanStackAfterReturnMagic = 0xf5;
>  const int kAsanInitializationOrderMagic = 0xf6;
>  const int kAsanUserPoisonedMemoryMagic = 0xf7;
> +const int kAsanStackAfterReturnLeftMagic = 0xf8;
>  const int kAsanGlobalRedzoneMagic = 0xf9;
>  const int kAsanInternalHeapMagic = 0xfe;
>
>
> Modified: compiler-rt/trunk/lib/asan/asan_report.cc
> URL:
> http://llvm.org/viewvc/llvm-project/compiler-rt/trunk/lib/asan/asan_report.cc?rev=168040&r1=168039&r2=168040&view=diff
>
> ==============================================================================
> --- compiler-rt/trunk/lib/asan/asan_report.cc (original)
> +++ compiler-rt/trunk/lib/asan/asan_report.cc Thu Nov 15 07:40:44 2012
> @@ -450,6 +450,7 @@
>          bug_descr = "stack-buffer-overflow";
>          break;
>        case kAsanStackAfterReturnMagic:
> +      case kAsanStackAfterReturnLeftMagic:
>          bug_descr = "stack-use-after-return";
>          break;
>        case kAsanUserPoisonedMemoryMagic:
>
> Modified: compiler-rt/trunk/lib/asan/asan_thread.cc
> URL:
> http://llvm.org/viewvc/llvm-project/compiler-rt/trunk/lib/asan/asan_thread.cc?rev=168040&r1=168039&r2=168040&view=diff
>
> ==============================================================================
> --- compiler-rt/trunk/lib/asan/asan_thread.cc (original)
> +++ compiler-rt/trunk/lib/asan/asan_thread.cc Thu Nov 15 07:40:44 2012
> @@ -131,12 +131,14 @@
>    u8 *shadow_bottom = (u8*)MemToShadow(bottom);
>
>    while (shadow_ptr >= shadow_bottom &&
> -      *shadow_ptr != kAsanStackLeftRedzoneMagic) {
> +      *shadow_ptr != kAsanStackLeftRedzoneMagic &&
> +      *shadow_ptr != kAsanStackAfterReturnLeftMagic) {
>      shadow_ptr--;
>    }
>
>    while (shadow_ptr >= shadow_bottom &&
> -      *shadow_ptr == kAsanStackLeftRedzoneMagic) {
> +      (*shadow_ptr == kAsanStackLeftRedzoneMagic ||
> +       *shadow_ptr == kAsanStackAfterReturnLeftMagic)) {
>      shadow_ptr--;
>    }
>
>
>
> _______________________________________________
> llvm-commits mailing list
> llvm-commits at cs.uiuc.edu
> http://lists.cs.uiuc.edu/mailman/listinfo/llvm-commits
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.llvm.org/pipermail/llvm-commits/attachments/20121115/67910143/attachment.html>


More information about the llvm-commits mailing list