[asan] fix false dynamic-stack-buffer-overflow report with constantly-sized dynamic allocas, compiler-rt part

See the bug report at https://github.com/google/sanitizers/issues/691. When a dynamic alloca has a constant size, ASan instrumentation will treat it as a regular dynamic alloca (insert calls to poison and unpoison), but the backend will turn it into a regular stack variable. The poisoning/unpoisoning is then broken. This patch will treat such allocas as static. Differential Revision: http://reviews.llvm.org/D21509 llvm-svn: 273889
2016-06-27 15:57:53 +00:00 · 2016-06-27 15:57:53 +00:00 · 7d1ebed0c5
parent 7d03ce480a
commit 7d1ebed0c5
1 changed files with 44 additions and 0 deletions
--- a/compiler-rt/test/asan/TestCases/alloca_constant_size.cc
+++ b/compiler-rt/test/asan/TestCases/alloca_constant_size.cc
@ -0,0 +1,44 @@
+// Regression test for https://github.com/google/sanitizers/issues/691
+
+// RUN: %clangxx_asan -O0 %s -o %t -fstack-protector
+// RUN: %run %t 1 2>&1 | FileCheck %s
+// RUN: %run %t 2 2>&1 | FileCheck %s
+
+#include <alloca.h>
+#include <stdio.h>
+#include <string.h>
+
+void f1_alloca() {
+  char *dynamic_buffer = (char *)alloca(200);
+  fprintf(stderr, "dynamic_buffer = %p\n", dynamic_buffer);
+  memset(dynamic_buffer, 'y', 200);
+  return;
+}
+
+static const int kDynamicArraySize = 200;
+
+void f1_vla() {
+  char dynamic_buffer[kDynamicArraySize];
+  fprintf(stderr, "dynamic_buffer = %p\n", dynamic_buffer);
+  memset(dynamic_buffer, 'y', kDynamicArraySize);
+  return;
+}
+
+void f2() {
+  char buf[1024];
+  memset(buf, 'x', 1024);
+}
+
+int main(int argc, const char *argv[]) {
+  if (!strcmp(argv[1], "1")) {
+    f1_alloca();
+  } else if (!strcmp(argv[1], "2")) {
+    f1_vla();
+  }
+  f2();
+  fprintf(stderr, "Done.\n");
+  return 0;
+}
+
+// CHECK-NOT: ERROR: AddressSanitizer
+// CHECK: Done.