+2014-08-18 Yury Gribov <y.gribov@samsung.com>
+
+ PR sanitizer/62089
+ * asan.c (instrument_derefs): Fix bitfield check.
+
2014-08-17 Segher Boessenkool <segher@kernel.crashing.org>
* config/rs6000/constraints.md ("S"): Require TARGET_POWERPC64.
int volatilep = 0, unsignedp = 0;
tree inner = get_inner_reference (t, &bitsize, &bitpos, &offset,
&mode, &unsignedp, &volatilep, false);
- if (((size_in_bytes & (size_in_bytes - 1)) == 0
- && (bitpos % (size_in_bytes * BITS_PER_UNIT)))
- || bitsize != size_in_bytes * BITS_PER_UNIT)
+
+ if (TREE_CODE (t) == COMPONENT_REF
+ && DECL_BIT_FIELD_REPRESENTATIVE (TREE_OPERAND (t, 1)) != NULL_TREE)
{
- if (TREE_CODE (t) == COMPONENT_REF
- && DECL_BIT_FIELD_REPRESENTATIVE (TREE_OPERAND (t, 1)) != NULL_TREE)
- {
- tree repr = DECL_BIT_FIELD_REPRESENTATIVE (TREE_OPERAND (t, 1));
- instrument_derefs (iter, build3 (COMPONENT_REF, TREE_TYPE (repr),
- TREE_OPERAND (t, 0), repr,
- NULL_TREE), location, is_store);
- }
+ tree repr = DECL_BIT_FIELD_REPRESENTATIVE (TREE_OPERAND (t, 1));
+ instrument_derefs (iter, build3 (COMPONENT_REF, TREE_TYPE (repr),
+ TREE_OPERAND (t, 0), repr,
+ NULL_TREE), location, is_store);
return;
}
- if (bitpos % BITS_PER_UNIT)
+
+ if (bitpos % BITS_PER_UNIT
+ || bitsize != size_in_bytes * BITS_PER_UNIT)
return;
if (TREE_CODE (inner) == VAR_DECL
+2014-08-18 Yury Gribov <y.gribov@samsung.com>
+
+ PR sanitizer/62089
+ * c-c++-common/asan/pr62089.c: New test.
+ * c-c++-common/asan/bitfield-1.c: New test.
+ * c-c++-common/asan/bitfield-2.c: New test.
+ * c-c++-common/asan/bitfield-3.c: New test.
+ * c-c++-common/asan/bitfield-4.c: New test.
+
2014-08-18 Kugan Vivekanandarajah <kuganv@linaro.org>
PR tree-optimization/52904
--- /dev/null
+/* Check that Asan correctly instruments bitfields with non-round size. */
+
+/* { dg-do run } */
+/* { dg-shouldfail "asan" } */
+
+struct A
+{
+ char base;
+ int : 4;
+ long x : 7;
+};
+
+int __attribute__ ((noinline, noclone))
+f (void *p) {
+ return ((struct A *)p)->x;
+}
+
+int
+main ()
+{
+ char a = 0;
+ return f (&a);
+}
+
+/* { dg-output "ERROR: AddressSanitizer: stack-buffer-overflow" } */
--- /dev/null
+/* Check that Asan correctly instruments bitfields with non-round offset. */
+
+/* { dg-do run } */
+/* { dg-shouldfail "asan" } */
+
+struct A
+{
+ char base;
+ int : 7;
+ int x : 8;
+};
+
+int __attribute__ ((noinline, noclone))
+f (void *p) {
+ return ((struct A *)p)->x;
+}
+
+int
+main ()
+{
+ char a = 0;
+ return f (&a);
+}
+
+/* { dg-output "ERROR: AddressSanitizer: stack-buffer-overflow" } */
--- /dev/null
+/* Check that Asan correctly instruments bitfields with round offset. */
+
+/* { dg-do run } */
+/* { dg-shouldfail "asan" } */
+
+struct A
+{
+ char base;
+ int : 8;
+ int x : 8;
+};
+
+int __attribute__ ((noinline, noclone))
+f (void *p) {
+ return ((struct A *)p)->x;
+}
+
+int
+main ()
+{
+ char a = 0;
+ return f (&a);
+}
+
+/* { dg-output "ERROR: AddressSanitizer: stack-buffer-overflow" } */
--- /dev/null
+/* Check that Asan correctly instruments bitfields with round offset. */
+
+/* { dg-do run } */
+/* { dg-shouldfail "asan" } */
+
+struct A
+{
+ char base;
+ int : 0;
+ int x : 8;
+};
+
+int __attribute__ ((noinline, noclone))
+f (void *p) {
+ return ((struct A *)p)->x;
+}
+
+int
+main ()
+{
+ char a = 0;
+ return f (&a);
+}
+
+/* { dg-output "ERROR: AddressSanitizer: stack-buffer-overflow" } */
--- /dev/null
+/* { dg-do run } */
+/* { dg-shouldfail "asan" } */
+
+#include <sanitizer/asan_interface.h>
+
+struct vfsmount {};
+struct dentry {};
+
+struct path {
+ struct vfsmount *mnt;
+ struct dentry *dentry;
+};
+
+struct fs_struct {
+ int users;
+ int lock;
+ int seq;
+ int umask;
+ int in_exec;
+ struct path root, pwd;
+};
+
+void __attribute__((noinline, noclone))
+copy_fs_struct(struct fs_struct *a, struct fs_struct *b) {
+ a->root = b->root;
+}
+
+struct fs_struct a, b;
+
+int
+main () {
+ __asan_poison_memory_region (&a.root, sizeof (a.root));
+ copy_fs_struct (&a, &b);
+ return 0;
+}
+
+/* { dg-output "ERROR: AddressSanitizer: use-after-poison" } */
projects / platform / upstream / gcc.git / commitdiff