From 5094f7d540ff2f8ccbb3b78a0962a07ffa5960cb Mon Sep 17 00:00:00 2001
From: Maxim Ostapenko <m.ostapenko@samsung.com>
Date: Thu, 6 Jul 2017 16:05:00 +0000
Subject: [PATCH] asan.h (asan_sanitize_allocas_p): Declare.

gcc/
	* asan.h (asan_sanitize_allocas_p): Declare.
	* asan.c (asan_sanitize_allocas_p): New function.
	(handle_builtin_stack_restore): Bail out if !asan_sanitize_allocas_p.
	(handle_builtin_alloca): Likewise.
	* cfgexpand.c (expand_used_vars): Do not add allocas unpoisoning stuff
	if !asan_sanitize_allocas_p.
	* params.def (asan-instrument-allocas): Add new option.
	* params.h (ASAN_PROTECT_ALLOCAS): Define.
	* opts.c (common_handle_option): Disable allocas sanitization for
	KASan by default.

gcc/testsuite/
	* c-c++-common/asan/kasan-alloca-1.c: New test.
	* c-c++-common/asan/kasan-alloca-2.c: Likewise.

From-SVN: r250032
---
 gcc/ChangeLog                                    | 13 +++++++++++++
 gcc/asan.c                                       | 10 ++++++++--
 gcc/asan.h                                       |  2 ++
 gcc/cfgexpand.c                                  |  2 +-
 gcc/opts.c                                       |  3 +++
 gcc/params.def                                   |  5 +++++
 gcc/params.h                                     |  2 ++
 gcc/testsuite/ChangeLog                          |  5 +++++
 gcc/testsuite/c-c++-common/asan/kasan-alloca-1.c | 11 +++++++++++
 gcc/testsuite/c-c++-common/asan/kasan-alloca-2.c | 11 +++++++++++
 10 files changed, 61 insertions(+), 3 deletions(-)
 create mode 100644 gcc/testsuite/c-c++-common/asan/kasan-alloca-1.c
 create mode 100644 gcc/testsuite/c-c++-common/asan/kasan-alloca-2.c

diff --git a/gcc/ChangeLog b/gcc/ChangeLog
index f5614b01dcd..e0fe1a63858 100644
--- a/gcc/ChangeLog
+++ b/gcc/ChangeLog
@@ -1,3 +1,16 @@
+2017-07-06  Maxim Ostapenko  <m.ostapenko@samsung.com>
+
+	* asan.h (asan_sanitize_allocas_p): Declare.
+	* asan.c (asan_sanitize_allocas_p): New function.
+	(handle_builtin_stack_restore): Bail out if !asan_sanitize_allocas_p.
+	(handle_builtin_alloca): Likewise.
+	* cfgexpand.c (expand_used_vars): Do not add allocas unpoisoning stuff
+	if !asan_sanitize_allocas_p.
+	* params.def (asan-instrument-allocas): Add new option.
+	* params.h (ASAN_PROTECT_ALLOCAS): Define.
+	* opts.c (common_handle_option): Disable allocas sanitization for
+	KASan by default.
+
 2017-07-06  Maxim Ostapenko  <m.ostapenko@samsung.com>
 
 	* asan.c: Include gimple-fold.h.
diff --git a/gcc/asan.c b/gcc/asan.c
index 252e59fcd4d..95004d734a5 100644
--- a/gcc/asan.c
+++ b/gcc/asan.c
@@ -310,6 +310,12 @@ asan_sanitize_stack_p (void)
   return (sanitize_flags_p (SANITIZE_ADDRESS) && ASAN_STACK);
 }
 
+bool
+asan_sanitize_allocas_p (void)
+{
+  return (asan_sanitize_stack_p () && ASAN_PROTECT_ALLOCAS);
+}
+
 /* Checks whether section SEC should be sanitized.  */
 
 static bool
@@ -569,7 +575,7 @@ get_last_alloca_addr ()
 static void
 handle_builtin_stack_restore (gcall *call, gimple_stmt_iterator *iter)
 {
-  if (!iter)
+  if (!iter || !asan_sanitize_allocas_p ())
     return;
 
   tree last_alloca = get_last_alloca_addr ();
@@ -607,7 +613,7 @@ handle_builtin_stack_restore (gcall *call, gimple_stmt_iterator *iter)
 static void
 handle_builtin_alloca (gcall *call, gimple_stmt_iterator *iter)
 {
-  if (!iter)
+  if (!iter || !asan_sanitize_allocas_p ())
     return;
 
   gassign *g;
diff --git a/gcc/asan.h b/gcc/asan.h
index 4e8120ef761..c82d4d901e5 100644
--- a/gcc/asan.h
+++ b/gcc/asan.h
@@ -108,6 +108,8 @@ extern void set_sanitized_sections (const char *);
 
 extern bool asan_sanitize_stack_p (void);
 
+extern bool asan_sanitize_allocas_p (void);
+
 /* Return TRUE if builtin with given FCODE will be intercepted by
    libasan.  */
 
diff --git a/gcc/cfgexpand.c b/gcc/cfgexpand.c
index dd7277f4a73..c427a89bab0 100644
--- a/gcc/cfgexpand.c
+++ b/gcc/cfgexpand.c
@@ -2241,7 +2241,7 @@ expand_used_vars (void)
       expand_stack_vars (NULL, &data);
     }
 
-  if ((flag_sanitize & SANITIZE_ADDRESS) && cfun->calls_alloca)
+  if (asan_sanitize_allocas_p () && cfun->calls_alloca)
     var_end_seq = asan_emit_allocas_unpoison (virtual_stack_dynamic_rtx,
 					      virtual_stack_vars_rtx,
 					      var_end_seq);
diff --git a/gcc/opts.c b/gcc/opts.c
index 7460c2be1b6..7555ed55434 100644
--- a/gcc/opts.c
+++ b/gcc/opts.c
@@ -1909,6 +1909,9 @@ common_handle_option (struct gcc_options *opts,
 				 opts_set->x_param_values);
 	  maybe_set_param_value (PARAM_ASAN_STACK, 0, opts->x_param_values,
 				 opts_set->x_param_values);
+	  maybe_set_param_value (PARAM_ASAN_PROTECT_ALLOCAS, 0,
+				 opts->x_param_values,
+				 opts_set->x_param_values);
 	  maybe_set_param_value (PARAM_ASAN_USE_AFTER_RETURN, 0,
 				 opts->x_param_values,
 				 opts_set->x_param_values);
diff --git a/gcc/params.def b/gcc/params.def
index 6b07518a34b..805302bb93e 100644
--- a/gcc/params.def
+++ b/gcc/params.def
@@ -1142,6 +1142,11 @@ DEFPARAM (PARAM_ASAN_STACK,
          "Enable asan stack protection.",
          1, 0, 1)
 
+DEFPARAM (PARAM_ASAN_PROTECT_ALLOCAS,
+	"asan-instrument-allocas",
+	"Enable asan allocas/VLAs protection.",
+	1, 0, 1)
+
 DEFPARAM (PARAM_ASAN_GLOBALS,
          "asan-globals",
          "Enable asan globals protection.",
diff --git a/gcc/params.h b/gcc/params.h
index 8b916607f16..2188e1877e9 100644
--- a/gcc/params.h
+++ b/gcc/params.h
@@ -232,6 +232,8 @@ extern void init_param_values (int *params);
   PARAM_VALUE (PARAM_ALLOW_PACKED_STORE_DATA_RACES)
 #define ASAN_STACK \
   PARAM_VALUE (PARAM_ASAN_STACK)
+#define ASAN_PROTECT_ALLOCAS \
+  PARAM_VALUE (PARAM_ASAN_PROTECT_ALLOCAS)
 #define ASAN_GLOBALS \
   PARAM_VALUE (PARAM_ASAN_GLOBALS)
 #define ASAN_INSTRUMENT_READS \
diff --git a/gcc/testsuite/ChangeLog b/gcc/testsuite/ChangeLog
index 886689f6c9c..ac18d1ab293 100644
--- a/gcc/testsuite/ChangeLog
+++ b/gcc/testsuite/ChangeLog
@@ -1,3 +1,8 @@
+2017-07-06  Maxim Ostapenko  <m.ostapenko@samsung.com>
+
+	* c-c++-common/asan/kasan-alloca-1.c: New test.
+	* c-c++-common/asan/kasan-alloca-2.c: Likewise.
+
 2017-07-06  Maxim Ostapenko  <m.ostapenko@samsung.com>
 
 	* c-c++-common/asan/alloca_big_alignment.c: New test.
diff --git a/gcc/testsuite/c-c++-common/asan/kasan-alloca-1.c b/gcc/testsuite/c-c++-common/asan/kasan-alloca-1.c
new file mode 100644
index 00000000000..518d19050ed
--- /dev/null
+++ b/gcc/testsuite/c-c++-common/asan/kasan-alloca-1.c
@@ -0,0 +1,11 @@
+/* { dg-do compile } */
+/* { dg-options "-fno-sanitize=address -fsanitize=kernel-address -fdump-tree-sanopt" } */
+/* { dg-skip-if "" { *-*-* } { "*" } { "-O0" } } */
+
+void foo(int index, int len) {
+  char str[len];
+  str[index] = '1'; // BOOM
+}
+
+/* { dg-final { scan-tree-dump-not "__builtin___asan_alloca_poison" "sanopt" } } */
+/* { dg-final { scan-tree-dump-not "__builtin___asan_allocas_unpoison" "sanopt" } } */
diff --git a/gcc/testsuite/c-c++-common/asan/kasan-alloca-2.c b/gcc/testsuite/c-c++-common/asan/kasan-alloca-2.c
new file mode 100644
index 00000000000..e3999d93f6f
--- /dev/null
+++ b/gcc/testsuite/c-c++-common/asan/kasan-alloca-2.c
@@ -0,0 +1,11 @@
+/* { dg-do compile } */
+/* { dg-options "-fno-sanitize=address -fsanitize=kernel-address --param asan-instrument-allocas=1 --param asan-stack=1 -fdump-tree-sanopt" } */
+/* { dg-skip-if "" { *-*-* } { "*" } { "-O0" } } */
+
+void foo(int index, int len) {
+  char str[len];
+  str[index] = '1'; // BOOM
+}
+
+/* { dg-final { scan-tree-dump-times "__builtin___asan_alloca_poison" 1 "sanopt" } } */
+/* { dg-final { scan-tree-dump-times "__builtin___asan_allocas_unpoison" 1 "sanopt" } } */
-- 
2.30.2