Loading compiler-rt/lib/asan/asan_errors.cpp +1 −0 Original line number Diff line number Diff line Loading @@ -658,6 +658,7 @@ static void CheckPoisonRecords(uptr addr) { u8 shadow_val = *shadow_addr; if (shadow_val != kAsanUserPoisonedMemoryMagic && shadow_val != kAsanContiguousContainerOOBMagic && shadow_val >= ASAN_SHADOW_GRANULARITY) { return; } Loading compiler-rt/lib/asan/asan_poisoning.cpp +8 −0 Original line number Diff line number Diff line Loading @@ -507,6 +507,8 @@ void __sanitizer_annotate_contiguous_container(const void *beg_p, if (old_end == new_end) return; // Nothing to do here. RecordPoison(new_end, old_end); FixUnalignedStorage(storage_beg, storage_end, old_beg, old_end, new_beg, new_end); Loading Loading @@ -582,6 +584,9 @@ void __sanitizer_annotate_double_ended_contiguous_container( (old_beg == new_beg && old_end == new_end)) return; // Nothing to do here. RecordPoison(old_beg, new_beg); RecordPoison(new_end, old_end); FixUnalignedStorage(storage_beg, storage_end, old_beg, old_end, new_beg, new_end); Loading Loading @@ -789,6 +794,9 @@ void __sanitizer_copy_contiguous_container_annotations(const void *src_beg_p, if (src_beg == src_end || src_beg == dst_beg) return; // FIXME: Consider RecordPoison. // Due to support for overlapping buffers, we may have to copy elements // in reversed order, when destination buffer starts in the middle of // the source buffer (or shares first granule with it). Loading compiler-rt/test/asan/TestCases/contiguous_container_crash.cpp +6 −0 Original line number Diff line number Diff line // RUN: %clangxx_asan -O %s -o %t // RUN: not %run %t crash 2>&1 | FileCheck --check-prefix=CHECK-CRASH %s // RUN: %env_asan_opts=poison_history_size=10000 not %run %t crash 2>&1 | FileCheck --check-prefix=CHECK-CRASH,POISON %s // RUN: not %run %t bad-bounds 2>&1 | FileCheck --check-prefix=CHECK-BAD-BOUNDS %s // RUN: not %run %t unaligned-bad-bounds 2>&1 | FileCheck --check-prefix=CHECK-UNALIGNED-BAD-BOUNDS %s --implicit-check-not="beg is not aligned by" // RUN: not %run %t odd-alignment 2>&1 | FileCheck --check-prefix=CHECK-CRASH %s Loading @@ -8,6 +9,8 @@ // // RUN: not %run %t double-crash-beg 2>&1 | FileCheck --check-prefix=DOUBLE-CRASH-BEG %s // RUN: not %run %t double-crash-end 2>&1 | FileCheck --check-prefix=DOUBLE-CRASH-END %s // RUN: %env_asan_opts=poison_history_size=10000 not %run %t double-crash-beg 2>&1 | FileCheck --check-prefix=DOUBLE-CRASH-BEG,POISON %s // RUN: %env_asan_opts=poison_history_size=10000 not %run %t double-crash-end 2>&1 | FileCheck --check-prefix=DOUBLE-CRASH-END,POISON %s // RUN: not %run %t double-bad-bounds 2>&1 | FileCheck --check-prefix=DOUBLE-BAD-BOUNDS %s // RUN: not %run %t double-unaligned-bad-bounds 2>&1 | FileCheck --check-prefix=DOUBLE-UNALIGNED-BAD-BOUNDS %s --implicit-check-not="beg is not aligned by" // RUN: not %run %t double-odd-alignment 2>&1 | FileCheck --check-prefix=DOUBLE-CRASH-BEG %s Loading Loading @@ -116,6 +119,9 @@ int DoubleEndedOddAlignmentEnd() { return (int)t[95 * one]; } // POISON: Memory was manually poisoned by thread T0: // POISON: TestCrash int main(int argc, char **argv) { assert(argc == 2); if (!strcmp(argv[1], "crash")) Loading Loading
compiler-rt/lib/asan/asan_errors.cpp +1 −0 Original line number Diff line number Diff line Loading @@ -658,6 +658,7 @@ static void CheckPoisonRecords(uptr addr) { u8 shadow_val = *shadow_addr; if (shadow_val != kAsanUserPoisonedMemoryMagic && shadow_val != kAsanContiguousContainerOOBMagic && shadow_val >= ASAN_SHADOW_GRANULARITY) { return; } Loading
compiler-rt/lib/asan/asan_poisoning.cpp +8 −0 Original line number Diff line number Diff line Loading @@ -507,6 +507,8 @@ void __sanitizer_annotate_contiguous_container(const void *beg_p, if (old_end == new_end) return; // Nothing to do here. RecordPoison(new_end, old_end); FixUnalignedStorage(storage_beg, storage_end, old_beg, old_end, new_beg, new_end); Loading Loading @@ -582,6 +584,9 @@ void __sanitizer_annotate_double_ended_contiguous_container( (old_beg == new_beg && old_end == new_end)) return; // Nothing to do here. RecordPoison(old_beg, new_beg); RecordPoison(new_end, old_end); FixUnalignedStorage(storage_beg, storage_end, old_beg, old_end, new_beg, new_end); Loading Loading @@ -789,6 +794,9 @@ void __sanitizer_copy_contiguous_container_annotations(const void *src_beg_p, if (src_beg == src_end || src_beg == dst_beg) return; // FIXME: Consider RecordPoison. // Due to support for overlapping buffers, we may have to copy elements // in reversed order, when destination buffer starts in the middle of // the source buffer (or shares first granule with it). Loading
compiler-rt/test/asan/TestCases/contiguous_container_crash.cpp +6 −0 Original line number Diff line number Diff line // RUN: %clangxx_asan -O %s -o %t // RUN: not %run %t crash 2>&1 | FileCheck --check-prefix=CHECK-CRASH %s // RUN: %env_asan_opts=poison_history_size=10000 not %run %t crash 2>&1 | FileCheck --check-prefix=CHECK-CRASH,POISON %s // RUN: not %run %t bad-bounds 2>&1 | FileCheck --check-prefix=CHECK-BAD-BOUNDS %s // RUN: not %run %t unaligned-bad-bounds 2>&1 | FileCheck --check-prefix=CHECK-UNALIGNED-BAD-BOUNDS %s --implicit-check-not="beg is not aligned by" // RUN: not %run %t odd-alignment 2>&1 | FileCheck --check-prefix=CHECK-CRASH %s Loading @@ -8,6 +9,8 @@ // // RUN: not %run %t double-crash-beg 2>&1 | FileCheck --check-prefix=DOUBLE-CRASH-BEG %s // RUN: not %run %t double-crash-end 2>&1 | FileCheck --check-prefix=DOUBLE-CRASH-END %s // RUN: %env_asan_opts=poison_history_size=10000 not %run %t double-crash-beg 2>&1 | FileCheck --check-prefix=DOUBLE-CRASH-BEG,POISON %s // RUN: %env_asan_opts=poison_history_size=10000 not %run %t double-crash-end 2>&1 | FileCheck --check-prefix=DOUBLE-CRASH-END,POISON %s // RUN: not %run %t double-bad-bounds 2>&1 | FileCheck --check-prefix=DOUBLE-BAD-BOUNDS %s // RUN: not %run %t double-unaligned-bad-bounds 2>&1 | FileCheck --check-prefix=DOUBLE-UNALIGNED-BAD-BOUNDS %s --implicit-check-not="beg is not aligned by" // RUN: not %run %t double-odd-alignment 2>&1 | FileCheck --check-prefix=DOUBLE-CRASH-BEG %s Loading Loading @@ -116,6 +119,9 @@ int DoubleEndedOddAlignmentEnd() { return (int)t[95 * one]; } // POISON: Memory was manually poisoned by thread T0: // POISON: TestCrash int main(int argc, char **argv) { assert(argc == 2); if (!strcmp(argv[1], "crash")) Loading
