This is the mail archive of the gcc-patches@gcc.gnu.org mailing list for the GCC project.
| Index Nav: | [Date Index] [Subject Index] [Author Index] [Thread Index] | |
|---|---|---|
| Message Nav: | [Date Prev] [Date Next] | [Thread Prev] [Thread Next] |
| Other format: | [Raw text] | |
> Can you please be more verbose Right, I should have been.So as you can see from the asm log in the bug description, prologue writes shadow bytes corresponding to words at frame_shadow_base + { 0, 4, 8, 12, 16, 24, 28}. Epilogue should clear those but instead it zeros out frame_shadow_base + { 0, 4, 8, 12, 16, 40, 44}, thus causing words at frame_shadow_base + {24, 28} to remain poisoned and causing false Asan errors later.
The reason as I see it is that we change the address of shadow_mem in asan_emit_stack_protection twice: once in asan_clear_shadow tmp = expand_simple_binop (Pmode, PLUS, addr, gen_int_mode (4, Pmode), addr,
true, OPTAB_LIB_WIDEN);
if (tmp != addr)
emit_move_insn (addr, tmp);
and asan_emit_stack_protection itself:
if (last_size)
{
shadow_mem = adjust_address (shadow_mem, VOIDmode,
(last_offset - prev_offset)
>> ASAN_SHADOW_SHIFT);
This would translate into
add r4, r4, #4
and
add r3, r4, #24
in the asm. The shadow_mem will thus have the next block offset added to
it _twice_ and will point to invalid position.
My simple fix uses a temp register in asan_clear_shadow to avoid
spoiling the shadow_mem inside the loop.
I'm not yet a gcc guru so I wanted some experienced person to say whether I'm doing something completely wrong here.
BTW I forgot to mention that Asan tests pass both on ARM and on x86_64. > Also, you are missing a ChangeLog entry. Attached. -Y
Attachment:
Changelog.add
Description: Text document
| Index Nav: | [Date Index] [Subject Index] [Author Index] [Thread Index] | |
|---|---|---|
| Message Nav: | [Date Prev] [Date Next] | [Thread Prev] [Thread Next] |