This is the mail archive of the gcc-patches@gcc.gnu.org mailing list for the GCC project.
Index Nav: | [Date Index] [Subject Index] [Author Index] [Thread Index] | |
---|---|---|
Message Nav: | [Date Prev] [Date Next] | [Thread Prev] [Thread Next] |
Other format: | [Raw text] |
This patch adds AddressSanitizer annotations to std::vector, so that ASan can detect out-of-bounds accesses to the unused capacity of a vector. e.g. std::vector<int> v(2); int* p = v.data(); v.pop_back(); return p[1]; // ERROR This cannot be detected by Debug Mode, but with these annotations ASan knows that only v.data()[0] is valid and will give an error. The annotations are only enabled for vector<T, std::allocator<T>> and only when std::allocator's base class is either malloc_allocator or new_allocator. For other allocators the memory might not come from the freestore and so isn't tracked by ASan. Something similar has been on the google branches for some time: https://gcc.gnu.org/viewcvs/gcc?view=revision&revision=207517 This patch is a complete rewrite from scratch, because the google code was not exception safe. If an exception happened while appending elements to a vector, so that the size didn't change, the google code did not undo the annotation for the increased size. It also didn't annotate before deallocating, to mark the unused capacity as valid again. We can probably do similar annotations for std::deque, so that partially filled pages are annotated. I also have a patch for shared_ptr so that objects created by make_shared can be marked as invalid after they're destroyed. * config/allocator/malloc_allocator_base.h [__SANITIZE_ADDRESS__] (_GLIBCXX_SANITIZE_STD_ALLOCATOR): Define. * config/allocator/new_allocator_base.h [__SANITIZE_ADDRESS__] (_GLIBCXX_SANITIZE_STD_ALLOCATOR): Define. * include/bits/stl_vector.h [_GLIBCXX_SANITIZE_STD_ALLOCATOR] (_Vector_impl::_Asan, _Vector_impl::_Asan::_Reinit) (_Vector_impl::_Asan::_Grow, _GLIBCXX_ASAN_ANNOTATE_REINIT) (_GLIBCXX_ASAN_ANNOTATE_GROW, _GLIBCXX_ASAN_ANNOTATE_GREW) (_GLIBCXX_ASAN_ANNOTATE_SHRINK, _GLIBCXX_ASAN_ANNOTATE_BEFORE_DEALLOC): Define annotation helper types and macros. (vector::~vector, vector::push_back, vector::pop_back) (vector::_M_erase_at_end): Add annotations. * include/bits/vector.tcc (vector::reserve, vector::emplace_back) (vector::insert, vector::_M_erase, vector::operator=) (vector::_M_fill_assign, vector::_M_assign_aux) (vector::_M_insert_rval, vector::_M_emplace_aux) (vector::_M_insert_aux, vector::_M_realloc_insert) (vector::_M_fill_insert, vector::_M_default_append) (vector::_M_shrink_to_fit, vector::_M_range_insert): Annotate. Tested x86_64-linux (using -fsanitize=address, with some local patches to the testsuite) and powerpc64le-linux. I plan to commit this to trunk tomorrow.
Attachment:
patch.txt
Description: Text document
Index Nav: | [Date Index] [Subject Index] [Author Index] [Thread Index] | |
---|---|---|
Message Nav: | [Date Prev] [Date Next] | [Thread Prev] [Thread Next] |