
<div style="font-family: arial, helvetica, sans-serif; font-size: 10pt">This fix is completely wrong: FakeStack::AddrIsInFakeStack(addr)<div>doesn't return a fake stack frame containing "addr", but a pointer to</div>

<div>a mapped memory region containing a bunch of fake stack frames of the same size.<div><br><div class="gmail_quote">On Thu, Nov 15, 2012 at 7:45 PM, Kostya Serebryany <span dir="ltr"><<a href="mailto:kcc@google.com" target="_blank">kcc@google.com</a>></span> wrote:<br>

<blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><div style="font-family:arial,helvetica,sans-serif;font-size:10pt">Thanks! <div><div class="h5"><br><br><div class="gmail_quote">

On Thu, Nov 15, 2012 at 7:24 AM, Alexander Potapenko <span dir="ltr"><<a href="mailto:glider@google.com" target="_blank">glider@google.com</a>></span> wrote:<br>

<blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">Author: glider<br>

Date: Thu Nov 15 09:24:42 2012<br>

New Revision: <a href="tel:168046" value="+49168046" target="_blank">168046</a><br>

<br>

URL: <a href="http://llvm.org/viewvc/llvm-project?rev=168046&view=rev" target="_blank">http://llvm.org/viewvc/llvm-project?rev=168046&view=rev</a><br>

Log:<br>

[ASan] Revert r168040 and r168043 and take a cleaner solution suggested by Kostya: return the known frame name for fake stack instead of looking it up.<br>

<br>

Modified:<br>

    compiler-rt/trunk/lib/asan/asan_allocator.cc<br>

    compiler-rt/trunk/lib/asan/asan_internal.h<br>

    compiler-rt/trunk/lib/asan/asan_report.cc<br>

    compiler-rt/trunk/lib/asan/asan_thread.cc<br>

<br>

Modified: compiler-rt/trunk/lib/asan/asan_allocator.cc<br>

URL: <a href="http://llvm.org/viewvc/llvm-project/compiler-rt/trunk/lib/asan/asan_allocator.cc?rev=168046&r1=168045&r2=168046&view=diff" target="_blank">http://llvm.org/viewvc/llvm-project/compiler-rt/trunk/lib/asan/asan_allocator.cc?rev=168046&r1=168045&r2=168046&view=diff</a><br>


==============================================================================<br>

--- compiler-rt/trunk/lib/asan/asan_allocator.cc (original)<br>

+++ compiler-rt/trunk/lib/asan/asan_allocator.cc Thu Nov 15 09:24:42 2012<br>

@@ -998,10 +998,6 @@<br>

   CHECK(fake_frame->descr != 0);<br>

   CHECK(fake_frame->size_minus_one == size - 1);<br>

   PoisonShadow(ptr, size, kAsanStackAfterReturnMagic);<br>

-  CHECK(size >= SHADOW_GRANULARITY);<br>

-  // Poison the leftmost shadow byte with a special value so that we can find<br>

-  // the beginning of the fake frame when reporting an error.<br>

-  PoisonShadow(ptr, SHADOW_GRANULARITY, kAsanStackAfterReturnLeftMagic);<br>

 }<br>

<br>

 }  // namespace __asan<br>

<br>

Modified: compiler-rt/trunk/lib/asan/asan_internal.h<br>

URL: <a href="http://llvm.org/viewvc/llvm-project/compiler-rt/trunk/lib/asan/asan_internal.h?rev=168046&r1=168045&r2=168046&view=diff" target="_blank">http://llvm.org/viewvc/llvm-project/compiler-rt/trunk/lib/asan/asan_internal.h?rev=168046&r1=168045&r2=168046&view=diff</a><br>


==============================================================================<br>

--- compiler-rt/trunk/lib/asan/asan_internal.h (original)<br>

+++ compiler-rt/trunk/lib/asan/asan_internal.h Thu Nov 15 09:24:42 2012<br>

@@ -160,7 +160,6 @@<br>

 const int kAsanStackAfterReturnMagic = 0xf5;<br>

 const int kAsanInitializationOrderMagic = 0xf6;<br>

 const int kAsanUserPoisonedMemoryMagic = 0xf7;<br>

-const int kAsanStackAfterReturnLeftMagic = 0xf8;<br>

 const int kAsanGlobalRedzoneMagic = 0xf9;<br>

 const int kAsanInternalHeapMagic = 0xfe;<br>

<br>

<br>

Modified: compiler-rt/trunk/lib/asan/asan_report.cc<br>

URL: <a href="http://llvm.org/viewvc/llvm-project/compiler-rt/trunk/lib/asan/asan_report.cc?rev=168046&r1=168045&r2=168046&view=diff" target="_blank">http://llvm.org/viewvc/llvm-project/compiler-rt/trunk/lib/asan/asan_report.cc?rev=168046&r1=168045&r2=168046&view=diff</a><br>


==============================================================================<br>

--- compiler-rt/trunk/lib/asan/asan_report.cc (original)<br>

+++ compiler-rt/trunk/lib/asan/asan_report.cc Thu Nov 15 09:24:42 2012<br>

@@ -450,7 +450,6 @@<br>

         bug_descr = "stack-buffer-overflow";<br>

         break;<br>

       case kAsanStackAfterReturnMagic:<br>

-      case kAsanStackAfterReturnLeftMagic:<br>

         bug_descr = "stack-use-after-return";<br>

         break;<br>

       case kAsanUserPoisonedMemoryMagic:<br>

<br>

Modified: compiler-rt/trunk/lib/asan/asan_thread.cc<br>

URL: <a href="http://llvm.org/viewvc/llvm-project/compiler-rt/trunk/lib/asan/asan_thread.cc?rev=168046&r1=168045&r2=168046&view=diff" target="_blank">http://llvm.org/viewvc/llvm-project/compiler-rt/trunk/lib/asan/asan_thread.cc?rev=168046&r1=168045&r2=168046&view=diff</a><br>


==============================================================================<br>

--- compiler-rt/trunk/lib/asan/asan_thread.cc (original)<br>

+++ compiler-rt/trunk/lib/asan/asan_thread.cc Thu Nov 15 09:24:42 2012<br>

@@ -118,41 +118,35 @@<br>

<br>

 const char *AsanThread::GetFrameNameByAddr(uptr addr, uptr *offset) {<br>

   uptr bottom = 0;<br>

-  bool is_fake_stack = false;<br>

   if (AddrIsInStack(addr)) {<br>

     bottom = stack_bottom();<br>

   } else {<br>

     bottom = fake_stack().AddrIsInFakeStack(addr);<br>

     CHECK(bottom);<br>

-    is_fake_stack = true;<br>

+    *offset = addr - bottom;<br>

+    return  (const char *)((uptr*)bottom)[1];<br>

   }<br>

   uptr aligned_addr = addr & ~(__WORDSIZE/8 - 1);  // align addr.<br>

   u8 *shadow_ptr = (u8*)MemToShadow(aligned_addr);<br>

   u8 *shadow_bottom = (u8*)MemToShadow(bottom);<br>

<br>

   while (shadow_ptr >= shadow_bottom &&<br>

-      *shadow_ptr != kAsanStackLeftRedzoneMagic &&<br>

-      *shadow_ptr != kAsanStackAfterReturnLeftMagic) {<br>

+         *shadow_ptr != kAsanStackLeftRedzoneMagic) {<br>

     shadow_ptr--;<br>

   }<br>

<br>

   while (shadow_ptr >= shadow_bottom &&<br>

-      (*shadow_ptr == kAsanStackLeftRedzoneMagic ||<br>

-       *shadow_ptr == kAsanStackAfterReturnLeftMagic)) {<br>

+         *shadow_ptr == kAsanStackLeftRedzoneMagic) {<br>

     shadow_ptr--;<br>

   }<br>

<br>

   if (shadow_ptr < shadow_bottom) {<br>

-    // If we're one byte below the fake stack bottom, we've found the frame.<br>

-    if (!is_fake_stack || (*shadow_bottom != kAsanStackAfterReturnLeftMagic)) {<br>

-      *offset = 0;<br>

-      return "UNKNOWN";<br>

-    }<br>

+    *offset = 0;<br>

+    return "UNKNOWN";<br>

   }<br>

<br>

   uptr* ptr = (uptr*)SHADOW_TO_MEM((uptr)(shadow_ptr + 1));<br>

-  CHECK((ptr[0] == kCurrentStackFrameMagic) ||<br>

-      (is_fake_stack && ptr[0] == kRetiredStackFrameMagic));<br>

+  CHECK(ptr[0] == kCurrentStackFrameMagic);<br>

   *offset = addr - (uptr)ptr;<br>

   return (const char*)ptr[1];<br>

 }<br>

<br>

<br>

_______________________________________________<br>

llvm-commits mailing list<br>

<a href="mailto:llvm-commits@cs.uiuc.edu" target="_blank">llvm-commits@cs.uiuc.edu</a><br>

<a href="http://lists.cs.uiuc.edu/mailman/listinfo/llvm-commits" target="_blank">http://lists.cs.uiuc.edu/mailman/listinfo/llvm-commits</a><br>

</blockquote></div><br></div></div></div>

<br>_______________________________________________<br>

llvm-commits mailing list<br>

<a href="mailto:llvm-commits@cs.uiuc.edu">llvm-commits@cs.uiuc.edu</a><br>

<a href="http://lists.cs.uiuc.edu/mailman/listinfo/llvm-commits" target="_blank">http://lists.cs.uiuc.edu/mailman/listinfo/llvm-commits</a><br>

<br></blockquote></div><br><br clear="all"><div><br></div>-- <br><div>Alexey Samsonov, MSK</div><br>

</div></div></div>