This is an archive of the discontinued LLVM Phabricator instance.

compiler-rt/lib/asan/asan_thread.cpp
369	when does this happen? When a variable is too large to fit in the fake stack?
compiler-rt/test/asan/TestCases/invalid-pointer-pairs-subtract-success.cpp
3	Can we test both modes?
26	If the behavior depends on the size of the stack variable, I'd prefer to extend the test to have both cases.

kcc added a subscriber: llvm-commits.Oct 16 2020, 11:32 AM

marxin marked 3 inline comments as done.Oct 19 2020, 1:01 AM

marxin added inline comments.

compiler-rt/lib/asan/asan_thread.cpp
369	The function is only called from IsInvalidPointerPair which finds whether a pointer is a pointer to a stack/global/heap variable. So it's fine to return 0 when the function is called for a non-stack variable and fake stacks are enabled.

marxin updated this revision to Diff 298949.Oct 19 2020, 1:01 AM

marxin marked an inline comment as done.

kcc added inline comments.Oct 19 2020, 10:49 AM

compiler-rt/test/asan/TestCases/invalid-pointer-pairs-subtract-success.cpp
26	any thoughts on this comment?

marxin marked an inline comment as done.Oct 20 2020, 12:41 AM

marxin added inline comments.

compiler-rt/test/asan/TestCases/invalid-pointer-pairs-subtract-success.cpp
26	It does not depend on any size of a stack variable. I thought you mean to run the test-case both with shadow stack and without shadow stack. That's why I added the another `// RUN` line.

LGTM, thanks!

This revision is now accepted and ready to land.Oct 20 2020, 9:54 AM

Closed by commit rGad2be02a833e: ASAN: Support detect_invalid_pointer_pairs=1 with… (authored by marxin). · Explain WhyOct 20 2020, 10:29 AM

This revision was automatically updated to reflect the committed changes.

marxin marked an inline comment as done.

marxin added a commit: rGad2be02a833e: ASAN: Support detect_invalid_pointer_pairs=1 with….

Herald added a project: Restricted Project. · View Herald TranscriptOct 20 2020, 10:29 AM

Herald added a subscriber: Restricted Project. · View Herald Transcript

MaskRay added a subscriber: MaskRay.Oct 20 2020, 4:01 PM

MaskRay added inline comments.

compiler-rt/lib/asan/asan_thread.cpp
369	https://llvm.org/docs/CodingStandards.html#don-t-use-braces-on-simple-single-statement-bodies-of-if-else-loop-statements The coding standard prefer dropping braces for simple single statements.

Revision Contents

Path

Size

compiler-rt/

lib/

asan/

asan_thread.cpp

4 lines

test/

asan/

TestCases/

invalid-pointer-pairs-subtract-success.cpp

2 lines

Diff 298621

compiler-rt/lib/asan/asan_thread.cpp

	Show First 20 Lines • Show All 360 Lines • ▼ Show 20 Lines
	}			}

	uptr AsanThread::GetStackVariableShadowStart(uptr addr) {			uptr AsanThread::GetStackVariableShadowStart(uptr addr) {
	uptr bottom = 0;			uptr bottom = 0;
	if (AddrIsInStack(addr)) {			if (AddrIsInStack(addr)) {
	bottom = stack_bottom();			bottom = stack_bottom();
	} else if (has_fake_stack()) {			} else if (has_fake_stack()) {
	bottom = fake_stack()->AddrIsInFakeStack(addr);			bottom = fake_stack()->AddrIsInFakeStack(addr);
	CHECK(bottom);			if (bottom == 0) {
				kccUnsubmitted Done Reply Inline Actions when does this happen? When a variable is too large to fit in the fake stack? kcc: when does this happen? When a variable is too large to fit in the fake stack?
				marxinAuthorUnsubmitted Done Reply Inline Actions The function is only called from IsInvalidPointerPair which finds whether a pointer is a pointer to a stack/global/heap variable. So it's fine to return 0 when the function is called for a non-stack variable and fake stacks are enabled. marxin: The function is only called from IsInvalidPointerPair which finds whether a pointer is a…
				MaskRayUnsubmitted Not Done Reply Inline Actions https://llvm.org/docs/CodingStandards.html#don-t-use-braces-on-simple-single-statement-bodies-of-if-else-loop-statements The coding standard prefer dropping braces for simple single statements. MaskRay: https://llvm.org/docs/CodingStandards.html#don-t-use-braces-on-simple-single-statement-bodies…
				return 0;
				}
	} else {			} else {
	return 0;			return 0;
	}			}

	uptr aligned_addr = RoundDownTo(addr, SANITIZER_WORDSIZE / 8); // align addr.			uptr aligned_addr = RoundDownTo(addr, SANITIZER_WORDSIZE / 8); // align addr.
	u8 shadow_ptr = (u8)MemToShadow(aligned_addr);			u8 shadow_ptr = (u8)MemToShadow(aligned_addr);
	u8 shadow_bottom = (u8)MemToShadow(bottom);			u8 shadow_bottom = (u8)MemToShadow(bottom);

	▲ Show 20 Lines • Show All 161 Lines • Show Last 20 Lines

compiler-rt/test/asan/TestCases/invalid-pointer-pairs-subtract-success.cpp

	// RUN: %clangxx_asan -O0 %s -o %t -mllvm -asan-detect-invalid-pointer-pair			// RUN: %clangxx_asan -O0 %s -o %t -mllvm -asan-detect-invalid-pointer-pair

	// RUN: %env_asan_opts=detect_invalid_pointer_pairs=2 %run %t			// RUN: %env_asan_opts=detect_invalid_pointer_pairs=2,detect_stack_use_after_return=1 %run %t
				kccUnsubmitted Done Reply Inline Actions Can we test both modes? kcc: Can we test both modes?

	#include <assert.h>			#include <assert.h>
	#include <stdlib.h>			#include <stdlib.h>

	int bar(char p, char q) {			int bar(char p, char q) {
	return p - q;			return p - q;
	}			}

	char global[10000] = {};			char global[10000] = {};

	int main() {			int main() {
	// Heap allocated memory.			// Heap allocated memory.
	char p = (char )malloc(42);			char p = (char )malloc(42);
	int r = bar(p, p + 20);			int r = bar(p, p + 20);
	free(p);			free(p);

	// Global variable.			// Global variable.
	bar(&global[0], &global[100]);			bar(&global[0], &global[100]);
	bar(&global[1000], &global[9000]);			bar(&global[1000], &global[9000]);
	bar(&global[500], &global[10]);			bar(&global[500], &global[10]);
	bar(&global[0], &global[10000]);			bar(&global[0], &global[10000]);

	// Stack variable.			// Stack variable.
				kccUnsubmitted Done Reply Inline Actions If the behavior depends on the size of the stack variable, I'd prefer to extend the test to have both cases. kcc: If the behavior depends on the size of the stack variable, I'd prefer to extend the test to…
				kccUnsubmitted Done Reply Inline Actions any thoughts on this comment? kcc: any thoughts on this comment?
				marxinAuthorUnsubmitted Done Reply Inline Actions It does not depend on any size of a stack variable. I thought you mean to run the test-case both with shadow stack and without shadow stack. That's why I added the another `// RUN` line. marxin: It does not depend on any size of a stack variable. I thought you mean to run the test-case…
	char stack[10000];			char stack[10000];
	bar(&stack[0], &stack[100]);			bar(&stack[0], &stack[100]);
	bar(&stack[1000], &stack[9000]);			bar(&stack[1000], &stack[9000]);
	bar(&stack[500], &stack[10]);			bar(&stack[500], &stack[10]);

	return 0;			return 0;
	}			}

This is an archive of the discontinued LLVM Phabricator instance.

ASAN: Support detect_invalid_pointer_pairs=1 with detect_stack_use_after_return=1ClosedPublic

Details

Diff Detail

Event Timeline

Revision Contents

Diff 298621

compiler-rt/lib/asan/asan_thread.cpp

compiler-rt/test/asan/TestCases/invalid-pointer-pairs-subtract-success.cpp

ASAN: Support detect_invalid_pointer_pairs=1 with detect_stack_use_after_return=1
ClosedPublic