[PATCH] D15725: Ensure safestack overflow test doesn't segfault

Dimitry Andric via llvm-commits llvm-commits at lists.llvm.org
Tue Dec 22 13:32:14 PST 2015

dim created this revision.
dim added reviewers: zatrazz, pcc, kcc.
dim added subscribers: emaste, llvm-commits.
Herald added a subscriber: aemerson.

In rL255491, the safestack overflow test was disabled for aarch64, since
it "is currently failing on an AArch64 buildbot with a segfault, but it
is currently passing on other configuration".

While testing on FreeBSD on x86, I also encountered a segfault.  This is
because the `fct()` function actually writes before and after `buffer`,
and on FreeBSD this crashes because `buffer` is usually allocated at the
end of a page.  That this runs correctly on Linux is probably just by

I propose to fix this by adding a pre and post buffer, to act as a
safety zone.  The pre and post buffers must be accessed in an 'unsafe'
way, otherwise -fsanitize=safestack will allocate them on the safe
stack, and they will not bookend `buffer` itself.  Therefore, I create
them large enough for `fct()`, and call it on both of them.

On FreeBSD, this makes the test run as expected, without segfaulting,
and I suppose this will also fix the segfault on AArch64.  I do not have
AArch64 testing capabilities, so if someone could try that out, I would
be much obliged.



Index: test/safestack/overflow.c
--- test/safestack/overflow.c
+++ test/safestack/overflow.c
@@ -17,9 +17,13 @@
 int main(int argc, char **argv)
+  int prebuf[7];
   int value1 = 42;
   int buffer[5];
   int value2 = 42;
+  int postbuf[7];
+  fct(prebuf + 1);
+  fct(postbuf + 1);
   return value1 != 42 || value2 != 42;

-------------- next part --------------
A non-text attachment was scrubbed...
Name: D15725.43476.patch
Type: text/x-patch
Size: 413 bytes
Desc: not available
URL: <http://lists.llvm.org/pipermail/llvm-commits/attachments/20151222/ea138a59/attachment.bin>

More information about the llvm-commits mailing list