Unpoison variable partition properly (PR sanitizer/85774).

author Martin Liska <mliska@suse.cz>

Mon, 24 Sep 2018 11:22:38 +0000 (13:22 +0200)

committer Martin Liska <marxin@gcc.gnu.org>

Mon, 24 Sep 2018 11:22:38 +0000 (11:22 +0000)
author Martin Liska <mliska@suse.cz>
Mon, 24 Sep 2018 11:22:38 +0000 (13:22 +0200)
committer Martin Liska <marxin@gcc.gnu.org>
Mon, 24 Sep 2018 11:22:38 +0000 (11:22 +0000)
diff --git a/gcc/ChangeLog b/gcc/ChangeLog

index 5c07395eefdf832f994d1e7f76d09ec2ce30777c..fc16b257d5af0f27b6bcd3dbc93a9d0072db0f6c 100644 (file)
--- a/gcc/ChangeLog
+++ b/gcc/ChangeLog
@@ -1,3 +1,13 @@
+2018-09-24  Martin Liska  <mliska@suse.cz>
+
+       PR sanitizer/85774
+       * asan.c: Make asan_handled_variables extern.
+       * asan.h: Likewise.
+       * cfgexpand.c (expand_stack_vars): Make sure
+       a representative is unpoison if another
+       variable in the partition is handled by
+       use-after-scope sanitization.
+
  2018-09-24  Richard Biener  <rguenther@suse.de>
  
         PR tree-optimization/63155
diff --git a/gcc/asan.c b/gcc/asan.c

index e71ab2cc710f572bb4324784f4e203228dc85273..235e219479d006779228cde9ae8ff559067d29a1 100644 (file)
--- a/gcc/asan.c
+++ b/gcc/asan.c
@@ -253,7 +253,7 @@ static tree last_alloca_addr;
  /* Set of variable declarations that are going to be guarded by
     use-after-scope sanitizer.  */
  
-static hash_set<tree> *asan_handled_variables = NULL;
+hash_set<tree> *asan_handled_variables = NULL;
  
  hash_set <tree> *asan_used_labels = NULL;
  
diff --git a/gcc/asan.h b/gcc/asan.h

index 412af220597e1731d85fe5519d99f098569ee0d5..2f431b4f93825601c33fbd682a6fd503de4ce051 100644 (file)
--- a/gcc/asan.h
+++ b/gcc/asan.h
@@ -110,6 +110,8 @@ extern bool asan_sanitize_stack_p (void);
  
  extern bool asan_sanitize_allocas_p (void);
  
+extern hash_set<tree> *asan_handled_variables;
+
  /* Return TRUE if builtin with given FCODE will be intercepted by
     libasan.  */
  
diff --git a/gcc/cfgexpand.c b/gcc/cfgexpand.c

index c8d7805308c464a443dc003c25094e0ca99f976a..35ca276e4ad0ad3e9485e13357d68c1c2b92d828 100644 (file)
--- a/gcc/cfgexpand.c
+++ b/gcc/cfgexpand.c
@@ -1155,6 +1155,20 @@ expand_stack_vars (bool (*pred) (size_t), struct stack_vars_data *data)
               if (repr_decl == NULL_TREE)
                 repr_decl = stack_vars[i].decl;
               data->asan_decl_vec.safe_push (repr_decl);
+
+             /* Make sure a representative is unpoison if another
+                variable in the partition is handled by
+                use-after-scope sanitization.  */
+             if (asan_handled_variables != NULL
+                 && !asan_handled_variables->contains (repr_decl))
+               {
+                 for (j = i; j != EOC; j = stack_vars[j].next)
+                   if (asan_handled_variables->contains (stack_vars[j].decl))
+                     break;
+                 if (j != EOC)
+                   asan_handled_variables->add (repr_decl);
+               }
+
               data->asan_alignb = MAX (data->asan_alignb, alignb);
               if (data->asan_base == NULL)
                 data->asan_base = gen_reg_rtx (Pmode);
diff --git a/gcc/testsuite/ChangeLog b/gcc/testsuite/ChangeLog

index 6a3f97b0e0ff9bfe74059ba181b2df7194d50e30..569d20f6fd093c43aaba5290e430a0dafe43f988 100644 (file)
--- a/gcc/testsuite/ChangeLog
+++ b/gcc/testsuite/ChangeLog
@@ -1,3 +1,8 @@
+2018-09-24  Martin Liska  <mliska@suse.cz>
+
+       PR sanitizer/85774
+       * g++.dg/asan/pr85774.C: New test.
+
  2018-09-24  Alexandre Oliva <oliva@adacore.com>
  
         PR middle-end/87054
diff --git a/gcc/testsuite/g++.dg/asan/pr85774.C b/gcc/testsuite/g++.dg/asan/pr85774.C

new file mode 100644 (file)

index 0000000..c033abf
--- /dev/null
+++ b/gcc/testsuite/g++.dg/asan/pr85774.C
@@ -0,0 +1,51 @@
+/* PR sanitizer/85774 */
+/* { dg-do run } */
+
+#include <functional>
+
+void
+DoSomething ()
+{
+}
+
+void
+DoFunc (const std::function<void(void)> &func)
+{
+  func ();
+}
+
+void
+Setup ()
+{
+  switch (1)
+    {
+    case 1:
+      {
+       DoFunc ([]() {});
+       break;
+      }
+    case 2:
+      {
+       DoFunc ([]() {});
+       break;
+      }
+    default:
+      break;
+    }
+
+  DoSomething ();
+}
+
+void
+DemostrateBadPoisoning ()
+{
+  DoFunc ([]() {});
+}
+
+int
+main ()
+{
+  Setup ();
+  DemostrateBadPoisoning ();
+  return 0;
+}
author	Martin Liska <mliska@suse.cz>
	Mon, 24 Sep 2018 11:22:38 +0000 (13:22 +0200)
committer	Martin Liska <marxin@gcc.gnu.org>
	Mon, 24 Sep 2018 11:22:38 +0000 (11:22 +0000)
gcc/ChangeLog		patch \| blob \| history
gcc/asan.c		patch \| blob \| history
gcc/asan.h		patch \| blob \| history
gcc/cfgexpand.c		patch \| blob \| history
gcc/testsuite/ChangeLog		patch \| blob \| history
gcc/testsuite/g++.dg/asan/pr85774.C	[new file with mode: 0644]	patch \| blob