[PATCH] D68676: [ASan] Do not misrepresent high value address dereferences as null dereferences
Julian Lettner via Phabricator via llvm-commits
llvm-commits at lists.llvm.org
Tue Oct 8 18:00:52 PDT 2019
yln created this revision.
Herald added a reviewer: jfb.
Herald added projects: Sanitizers, LLVM.
Herald added subscribers: llvm-commits, Sanitizers.
Dereferences with addresses above the 48-bit hardware addressable range
produce "invalid instruction" (instead of "invalid access") hardware
exceptions (there is no hardware address decoding logic for those bits),
and the address provided by this exception is the address of the
instruction (not the faulting address). The kernel maps the "invalid
instruction" to SEGV, but fails to provide the real fault address.
Because of this ASan lies and says that those cases are null
dereferences. This downgrades the severity of a found bug in terms of
security. In the ASan signal handler, we can not provide the real
faulting address, but at least we can try not to lie.
rdar://50366151
Repository:
rG LLVM Github Monorepo
https://reviews.llvm.org/D68676
Files:
compiler-rt/lib/asan/asan_errors.h
compiler-rt/lib/sanitizer_common/sanitizer_common.h
compiler-rt/lib/sanitizer_common/sanitizer_posix.cpp
compiler-rt/lib/sanitizer_common/sanitizer_symbolizer_report.cpp
compiler-rt/lib/sanitizer_common/sanitizer_win.cpp
compiler-rt/test/asan/TestCases/Darwin/high-address-dereference.c
-------------- next part --------------
A non-text attachment was scrubbed...
Name: D68676.223966.patch
Type: text/x-patch
Size: 7002 bytes
Desc: not available
URL: <http://lists.llvm.org/pipermail/llvm-commits/attachments/20191009/8e7084e6/attachment-0001.bin>
More information about the llvm-commits
mailing list