From patchwork Wed Jan 27 12:47:10 2016 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: =?utf-8?q?Martin_Li=C5=A1ka?= X-Patchwork-Id: 573972 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Received: from sourceware.org (server1.sourceware.org [209.132.180.131]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ozlabs.org (Postfix) with ESMTPS id 6F077140B97 for ; Wed, 27 Jan 2016 23:47:25 +1100 (AEDT) Authentication-Results: ozlabs.org; dkim=pass (1024-bit key; unprotected) header.d=gcc.gnu.org header.i=@gcc.gnu.org header.b=vx9IupVR; dkim-atps=neutral DomainKey-Signature: a=rsa-sha1; c=nofws; d=gcc.gnu.org; h=list-id :list-unsubscribe:list-archive:list-post:list-help:sender:to :from:subject:message-id:date:mime-version:content-type; q=dns; s=default; b=DcFnu4VBAoPspg6bpLwaNrV+EnuQK/+5oJman9zijFY/uMeNiY BW0LOjS2FI9yoh2uprEHVqE9XgDqlNMK02sk91iHrVIu5vRX9hc+GLkL2KEuyBf0 h0w/XBccnkKnefwQRaofQONAXP/wGdAE2oV7pGfrraeu40YiZgQ9oRHCo= DKIM-Signature: v=1; a=rsa-sha1; c=relaxed; d=gcc.gnu.org; h=list-id :list-unsubscribe:list-archive:list-post:list-help:sender:to :from:subject:message-id:date:mime-version:content-type; s= default; bh=EUZzN5VS6BK6OGggSGHc3CMvWQU=; b=vx9IupVR6V6Nmiqk01fW sFRwUAqVosRkVE7cBXLSxPuKd9D+L2xtgdIBq2uDMZ35A7oFwmOvIZJ2UQTRu7Aa HFOX+yz87sVpColHAXLIBqgaV6eJbQc93gXzcGb+Gm2vw3KBf5SvS4ptF4eRS7q2 NylN70VHufVMOyqgiaNgneM= Received: (qmail 75505 invoked by alias); 27 Jan 2016 12:47:17 -0000 Mailing-List: contact gcc-patches-help@gcc.gnu.org; run by ezmlm Precedence: bulk List-Id: List-Unsubscribe: List-Archive: List-Post: List-Help: Sender: gcc-patches-owner@gcc.gnu.org Delivered-To: mailing list gcc-patches@gcc.gnu.org Received: (qmail 75483 invoked by uid 89); 27 Jan 2016 12:47:15 -0000 Authentication-Results: sourceware.org; auth=none X-Virus-Found: No X-Spam-SWARE-Status: No, score=-2.6 required=5.0 tests=BAYES_00, RCVD_IN_DNSWL_LOW, SPF_PASS autolearn=ham version=3.3.2 spammy=UD:start, sk:dgaddi, sk:dg-addi, Hx-languages-length:2759 X-HELO: mx2.suse.de Received: from mx2.suse.de (HELO mx2.suse.de) (195.135.220.15) by sourceware.org (qpsmtpd/0.93/v0.84-503-g423c35a) with (CAMELLIA256-SHA encrypted) ESMTPS; Wed, 27 Jan 2016 12:47:14 +0000 Received: from relay2.suse.de (charybdis-ext.suse.de [195.135.220.254]) by mx2.suse.de (Postfix) with ESMTP id 2C687ADB9 for ; Wed, 27 Jan 2016 12:47:10 +0000 (UTC) To: GCC Patches From: =?UTF-8?Q?Martin_Li=c5=a1ka?= Subject: [PATCH] Fix PR sanitizer/PR69276 Message-ID: <56A8BC4E.4060507@suse.cz> Date: Wed, 27 Jan 2016 13:47:10 +0100 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:38.0) Gecko/20100101 Thunderbird/38.5.1 MIME-Version: 1.0 X-IsSubscribed: yes Following patch was kind of pre-approved by Jakub in: https://gcc.gnu.org/bugzilla/show_bug.cgi?id=69276#c4 Patch can bootstrap in x86_64-linux-gnu and survives regression tests. I also verified that newly added test-case works with the patch. Ready for trunk? Thanks, Martin From 4e4575cfef5d06d8e8477716ce2f4d7e28ae66f0 Mon Sep 17 00:00:00 2001 From: marxin Date: Thu, 14 Jan 2016 18:15:04 +0100 Subject: [PATCH] Fix PR sanitizer/PR69276 gcc/testsuite/ChangeLog: 2016-01-14 Martin Liska * g++.dg/asan/pr69276.C: New test. gcc/ChangeLog: 2016-01-14 Martin Liska PR sanitizer/PR69276 * asan.c (has_stmt_been_instrumented_p): Instrument gimple calls that are gimple_store_p. (maybe_instrument_call): Likewise. --- gcc/asan.c | 21 ++++++++++++++++++++ gcc/testsuite/g++.dg/asan/pr69276.C | 38 +++++++++++++++++++++++++++++++++++++ 2 files changed, 59 insertions(+) create mode 100644 gcc/testsuite/g++.dg/asan/pr69276.C diff --git a/gcc/asan.c b/gcc/asan.c index 2f9f92f..1747e90 100644 --- a/gcc/asan.c +++ b/gcc/asan.c @@ -897,6 +897,16 @@ has_stmt_been_instrumented_p (gimple *stmt) return true; } } + else if (is_gimple_call (stmt) && gimple_store_p (stmt)) + { + asan_mem_ref r; + asan_mem_ref_init (&r, NULL, 1); + + r.start = gimple_call_lhs (stmt); + r.access_size = int_size_in_bytes (TREE_TYPE (r.start)); + return has_mem_ref_been_instrumented (&r); + } + return false; } @@ -2038,6 +2048,17 @@ maybe_instrument_call (gimple_stmt_iterator *iter) gimple_set_location (g, gimple_location (stmt)); gsi_insert_before (iter, g, GSI_SAME_STMT); } + else if (gimple_store_p (stmt)) + { + tree ref_expr = gimple_call_lhs (stmt); + instrument_derefs (iter, ref_expr, + gimple_location (stmt), + /*is_store=*/true); + + gsi_next (iter); + return true; + } + return false; } diff --git a/gcc/testsuite/g++.dg/asan/pr69276.C b/gcc/testsuite/g++.dg/asan/pr69276.C new file mode 100644 index 0000000..ff43650 --- /dev/null +++ b/gcc/testsuite/g++.dg/asan/pr69276.C @@ -0,0 +1,38 @@ +/* { dg-do run } */ +/* { dg-shouldfail "asan" } */ +/* { dg-additional-options "-O0 -fno-lto" } */ + +#include + +typedef __SIZE_TYPE__ size_t; +inline void * operator new (size_t, void *p) { return p; } + + +struct vec +{ + int size; +}; + +struct vnull +{ + operator vec() { return vec(); } +}; +vnull vNULL; + +struct A +{ + A(): value2 (vNULL), value3 (vNULL) {} + int value; + vec value2; + vec value3; +}; + +int main() +{ + int *array = (int *)malloc (sizeof (int) * 1); + A *a = new (array) A (); + free (array); +} + +/* { dg-output "ERROR: AddressSanitizer: heap-buffer-overflow.*(\n|\r\n|\r)" } */ +/* { dg-output " #0 0x\[0-9a-f\]+ +in A::A()" } */ -- 2.7.0