[compiler-rt] cef078a - [NFC][asan] Reimplement with FindBadAddress
Vitaly Buka via llvm-commits
llvm-commits at lists.llvm.org
Sun Nov 27 23:01:06 PST 2022
Author: Vitaly Buka
Date: 2022-11-27T23:00:42-08:00
New Revision: cef078a89da8c239ea595a5b11302378f6271bf5
URL: https://github.com/llvm/llvm-project/commit/cef078a89da8c239ea595a5b11302378f6271bf5
DIFF: https://github.com/llvm/llvm-project/commit/cef078a89da8c239ea595a5b11302378f6271bf5.diff
LOG: [NFC][asan] Reimplement with FindBadAddress
Added:
Modified:
compiler-rt/lib/asan/asan_poisoning.cpp
Removed:
################################################################################
diff --git a/compiler-rt/lib/asan/asan_poisoning.cpp b/compiler-rt/lib/asan/asan_poisoning.cpp
index 558ec9d1f13e..680c04f471d9 100644
--- a/compiler-rt/lib/asan/asan_poisoning.cpp
+++ b/compiler-rt/lib/asan/asan_poisoning.cpp
@@ -653,58 +653,35 @@ int __sanitizer_verify_contiguous_container(const void *beg_p,
const void *__sanitizer_double_ended_contiguous_container_find_bad_address(
const void *storage_beg_p, const void *container_beg_p,
const void *container_end_p, const void *storage_end_p) {
+ if (!flags()->detect_container_overflow)
+ return nullptr;
uptr granularity = ASAN_SHADOW_GRANULARITY;
- // This exists to verify double ended containers.
- // We assume that such collection's internal memory layout
- // consists of contiguous blocks:
- // [a; b) [b; c) [c; d)
- // where
- // a - beginning address of contiguous memory block,
- // b - beginning address of contiguous memory in use
- // (address of the first element in the block)
- // c - end address of contiguous memory in use
- // (address just after the last element in the block)
- // d - end address of contiguous memory block
- // [a; b) - poisoned
- // [b; c) - accessible
- // [c; d) - poisoned
- // WARNING: We can't poison [a; b) fully in all cases.
- // This is because the current shadow memory encoding
- // does not allow for marking/poisoning that a prefix
- // of an 8-byte block (or, ASAN_SHADOW_GRANULARITY sized block)
- // cannot be used by the instrumented program. It only has the
- // 01, 02, 03, 04, 05, 06, 07 and 00 encodings
- // for usable/addressable memory
- // (where 00 means that the whole 8-byte block can be used).
- //
- // This means that there are cases where not whole of the [a; b)
- // region is poisoned and instead only the [a; RoundDown(b))
- // region is poisoned and we may not detect invalid memory accesses on
- // [RegionDown(b), b).
- // This is an inherent design limitation of how AddressSanitizer granularity
- // and shadow memory encoding works at the moment.
-
- // If empty, storage_beg_p == container_beg_p == container_end_p
-
- const void *a = storage_beg_p;
- // We do not suport poisoning prefixes of blocks, so
- // memory in the first block with data in us,
- // just before container beginning cannot be poisoned, as described above.
- const void *b = reinterpret_cast<const void *>(
- RoundDownTo(reinterpret_cast<uptr>(container_beg_p), granularity));
- const void *c = container_end_p;
- const void *d = storage_end_p;
- if (container_beg_p == container_end_p)
- return __sanitizer_contiguous_container_find_bad_address(a, a, d);
- const void *result;
- if (a < b &&
- (result = __sanitizer_contiguous_container_find_bad_address(a, a, b)))
- return result;
- if (b < d &&
- (result = __sanitizer_contiguous_container_find_bad_address(b, c, d)))
- return result;
+ uptr storage_beg = reinterpret_cast<uptr>(storage_beg_p);
+ uptr storage_end = reinterpret_cast<uptr>(storage_end_p);
+ uptr beg = reinterpret_cast<uptr>(container_beg_p);
+ uptr end = reinterpret_cast<uptr>(container_end_p);
+
+ // The prefix of the firs granule of the container is unpoisoned.
+ if (beg != end)
+ beg = Max(storage_beg, RoundDownTo(beg, granularity));
+
+ // If the byte after the storage is unpoisoned, the prefix of the last granule
+ // is unpoisoned.
+ uptr annotations_end = (!AddrIsAlignedByGranularity(storage_end) &&
+ !AddressIsPoisoned(storage_end))
+ ? RoundDownTo(storage_end, granularity)
+ : storage_end;
+ storage_beg = Min(storage_beg, annotations_end);
+ beg = Min(beg, annotations_end);
+ end = Min(end, annotations_end);
- return nullptr;
+ if (auto *bad = FindBadAddress(storage_beg, beg, true))
+ return bad;
+ if (auto *bad = FindBadAddress(beg, end, false))
+ return bad;
+ if (auto *bad = FindBadAddress(end, annotations_end, true))
+ return bad;
+ return FindBadAddress(annotations_end, storage_end, false);
}
int __sanitizer_verify_double_ended_contiguous_container(
More information about the llvm-commits
mailing list