[Bug sanitizer/69276] Address sanitizer does not handle heap overflow
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=69276 Martin Liška changed: What|Removed |Added Status|NEW |RESOLVED Resolution|--- |FIXED --- Comment #6 from Martin Liška --- Fixed in trunk.
[Bug sanitizer/69276] Address sanitizer does not handle heap overflow
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=69276 --- Comment #5 from Martin Liška --- Author: marxin Date: Thu Feb 4 11:50:40 2016 New Revision: 233137 URL: https://gcc.gnu.org/viewcvs?rev=233137=gcc=rev Log: Fix PR sanitizer/69276 * g++.dg/asan/pr69276.C: New test. PR sanitizer/PR69276 * asan.c (has_stmt_been_instrumented_p): Instrument gimple calls that are gimple_store_p. (maybe_instrument_call): Likewise. Added: trunk/gcc/testsuite/g++.dg/asan/pr69276.C Modified: trunk/gcc/ChangeLog trunk/gcc/asan.c trunk/gcc/testsuite/ChangeLog
[Bug sanitizer/69276] Address sanitizer does not handle heap overflow
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=69276 --- Comment #3 from Martin Liška --- (In reply to Jakub Jelinek from comment #2) > Comment on attachment 37341 [details] > suggested patch > > + else if (is_gimple_call (stmt) && gimple_store_p (stmt) > +&& gimple_clobber_p (stmt)) > +{ > + asan_mem_ref r; > + asan_mem_ref_init (, NULL, 1); > + > + r.start = gimple_call_lhs (stmt); > + r.access_size = int_size_in_bytes (TREE_TYPE (r.start)); > + return has_mem_ref_been_instrumented (); > +} > + > > This condition is never true, did you mean !gimple_clobber_p instead? > But obviously calls are never clobbers, so there is no need to test that. Sure, that was a typo, yeah it can be removed from the condition ;)
[Bug sanitizer/69276] Address sanitizer does not handle heap overflow
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=69276 Jakub Jelinek changed: What|Removed |Added Status|UNCONFIRMED |NEW Last reconfirmed||2016-01-14 Ever confirmed|0 |1 --- Comment #4 from Jakub Jelinek --- Otherwise it LGTM, so please remove the gimple_clobber_p stuff from the patch, add a testcase to the testsuite, verify it fails before the patch and passes after it and submit to gcc-patches. Thanks.
[Bug sanitizer/69276] Address sanitizer does not handle heap overflow
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=69276 --- Comment #1 from Jakub Jelinek --- Comment on attachment 37341 --> https://gcc.gnu.org/bugzilla/attachment.cgi?id=37341 suggested patch + else if (is_gimple_call (stmt) && gimple_store_p (stmt) + && gimple_clobber_p (stmt)) +{ + asan_mem_ref r; + asan_mem_ref_init (, NULL, 1); + + r.start = gimple_call_lhs (stmt); + r.access_size = int_size_in_bytes (TREE_TYPE (r.start)); + return has_mem_ref_been_instrumented (); +} + This condition is never true, did you mean !gimple_clobber_p instead? But obviously calls are never clobbers, so there is no need to test that.
[Bug sanitizer/69276] Address sanitizer does not handle heap overflow
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=69276 --- Comment #2 from Jakub Jelinek --- Comment on attachment 37341 --> https://gcc.gnu.org/bugzilla/attachment.cgi?id=37341 suggested patch + else if (is_gimple_call (stmt) && gimple_store_p (stmt) + && gimple_clobber_p (stmt)) +{ + asan_mem_ref r; + asan_mem_ref_init (, NULL, 1); + + r.start = gimple_call_lhs (stmt); + r.access_size = int_size_in_bytes (TREE_TYPE (r.start)); + return has_mem_ref_been_instrumented (); +} + This condition is never true, did you mean !gimple_clobber_p instead? But obviously calls are never clobbers, so there is no need to test that.