[Bug sanitizer/58543] New: Invalid unpoisoning of stack redzones on ARM

Thu, 26 Sep 2013 08:05:57 -0700 

http://gcc.gnu.org/bugzilla/show_bug.cgi?id=58543

            Bug ID: 58543
           Summary: Invalid unpoisoning of stack redzones on ARM
           Product: gcc
           Version: 4.9.0
            Status: UNCONFIRMED
          Severity: normal
          Priority: P3
         Component: sanitizer
          Assignee: unassigned at gcc dot gnu.org
          Reporter: y.gribov at samsung dot com
                CC: dodji at gcc dot gnu.org, dvyukov at gcc dot gnu.org,
                    jakub at gcc dot gnu.org, kcc at gcc dot gnu.org

Created attachment 30902
  --> http://gcc.gnu.org/bugzilla/attachment.cgi?id=30902&action=edit
Repro

Gcc seems to generate mismatched prologue/epilogue code to poison/unpoison
stack frame for the attached source code when I compile it with

 $ ~/install/gcc-master-arm/bin/arm-v7a15v3r2-linux-gnueabi-gcc bad.i -O0 -S
-fsanitize=address

Prologue seems to poison words at frame_shadow_base + { 0, 4, 8, 12, 16, 24,
28}:

  add  r4, r3, #536870912
  ldr  r3, .L3+8
  str  r3, [r4]
  ldr  r3, .L3+12
  str  r3, [r4, #4]
  ldr  r3, .L3+16
  str  r3, [r4, #8]
  ldr  r3, .L3+20
  str  r3, [r4, #12]
  ldr  r3, .L3+16
  str  r3, [r4, #16]
  ldr  r3, .L3+20
  str  r3, [r4, #24]
  ldr  r3, .L3+24
  str  r3, [r4, #28]

Whereas epilogue poisons frame_shadow_base + { 0, 4, 8, 12, 16, 40, 44}:

  add  r3, r4, #20
.L1:
  mov  r2, #0
  str  r2, [r4]
  add  r4, r4, #4
  cmp  r4, r3
  bcc  .L1
  add  r3, r4, #24   ; r3 gets invalid value here
  mov  r2, #0
  strb  r2, [r3]
  add  r3, r3, #1
  mov  r2, #0
  strb  r2, [r3]
  add  r3, r3, #1
  mov  r2, #0
  strb  r2, [r3]
  add  r3, r3, #1
  mov  r2, #0
  strb  r2, [r3]
  add  r3, r3, #1
  mov  r2, #0
  strb  r2, [r3]
  add  r3, r3, #1
  mov  r2, #0
  strb  r2, [r3]
  add  r3, r3, #1
  mov  r2, #0
  strb  r2, [r3]
  add  r3, r3, #1
  mov  r2, #0
  strb  r2, [r3]

This causes some shadow bytes to remain set after function returns. Those may
trigger incorrect Asan errors later.

-Y


PS: my configuration:

* GCC version: trunk, September 24

* OS: Ubuntu 12.04

* GCC configuration string: ~/gcc/gcc-master/configure
--target=arm-v7a15v3r2-linux-gnueabi
--prefix=/home/ygribov/install/gcc-master-arm --disable-libmudflap
--disable-libssp --disable-nls --enable-long-long --enable-languages=c,c++
--disable-bootstrap --disable-multilib --disable-libstdcxx --disable-libgcc
--disable-libgomp --disable-libatomic --disable-libquadmath
--disable-libstdc++-v3 --disable-libsanitizer --disable-libitm

Reply via email to