On 01/20/2017 12:49 PM, Martin Liška wrote:
> Great, thanks a lot. I'm going to re-trigger asan-bootstrap with your patch.
> I'm also adding gcc/testsuite/gcc.dg/asan/use-after-scope-10.c that is a valid
> test-case for this issue.
Hi.
Unfortunately this way would not work as clobber marks content of the memory as
uninitialize
is different behavior that just marking a memory can be used (and maybe already
contains a value).
This shows the problem:
#include <string.h>
char cc;
char ptr[] = "sparta2";
void get(char **x)
{
*x = ptr;
}
int main()
{
char *here = &cc;
for (;;)
{
next_line:
if (here == NULL)
__builtin_abort();
get (&here);
if (strcmp (here, "sparta") == 0)
goto next_line;
else if (strcmp (here, "sparta2") == 0)
break;
}
}
With the patch, DSE would optimize out '*here = &cc;' and thus aborts. The
problem is definitely
related to goto magic, where we are more defensive in placement of
ASAN_MARK(UNPOISON,...).
Hope your optimization is still valid for situations w/o artificial
ASAN_MARK(UNPOISON,...) placed due
to goto magic.
Do we still want to do it now, or postponing to GCC 8 would be better option?
Thanks,
Martin
