Hi.
I've noticed ASAN can inform user about location of stack variables
when a stack violation is detected.
Sample example:
...
This frame has 3 object(s):
[32, 36) 'counter' (line 3) <== Memory access at offset 36 overflows this
variable
[96, 100) 'size' (line 5)
[160, 164) 'length' (line 6)
...
I consider that handy so that I implemented that as well.
Ready after it finishes tests?
Martin
gcc/ChangeLog:
2018-09-27 Martin Liska <mli...@suse.cz>
* asan.c (asan_emit_stack_protection): If a stack variable
is located in a same file as current function, then emit
line info into variable definition string.
gcc/testsuite/ChangeLog:
2018-09-27 Martin Liska <mli...@suse.cz>
* c-c++-common/asan/pr64820.c: Add line number to scanned
pattern.
* c-c++-common/asan/use-after-return-1.c: Likewise.
* g++.dg/asan/function-argument-1.C (main): Likewise.
* g++.dg/asan/function-argument-2.C (main): Likewise.
* g++.dg/asan/function-argument-3.C (main): Likewise.
* g++.dg/asan/use-after-scope-1.C (main): Likewise.
* g++.dg/asan/use-after-scope-2.C (main): Likewise.
* g++.dg/asan/use-after-scope-types-1.C (main): Likewise.
* g++.dg/asan/use-after-scope-types-2.C (main): Likewise.
* g++.dg/asan/use-after-scope-types-3.C (main): Likewise.
* g++.dg/asan/use-after-scope-types-4.C (main): Likewise.
* g++.dg/asan/use-after-scope-types-5.C (main): Likewise.
* gcc.dg/asan/pr78541.c (main): Likewise.
* gcc.dg/asan/use-after-scope-1.c (main): Likewise.
* gcc.dg/asan/use-after-scope-10.c (main): Likewise.
* gcc.dg/asan/use-after-scope-2.c (main): Likewise.
* gcc.dg/asan/use-after-scope-3.c (main): Likewise.
* gcc.dg/asan/use-after-scope-5.c (main): Likewise.
* gcc.dg/asan/use-after-scope-9.c (main): Likewise.
---
gcc/asan.c | 22 +++++++++++++++++--
gcc/testsuite/c-c++-common/asan/pr64820.c | 2 +-
.../c-c++-common/asan/use-after-return-1.c | 2 +-
.../g++.dg/asan/function-argument-1.C | 2 +-
.../g++.dg/asan/function-argument-2.C | 2 +-
.../g++.dg/asan/function-argument-3.C | 2 +-
gcc/testsuite/g++.dg/asan/use-after-scope-1.C | 2 +-
gcc/testsuite/g++.dg/asan/use-after-scope-2.C | 2 +-
.../g++.dg/asan/use-after-scope-types-1.C | 2 +-
.../g++.dg/asan/use-after-scope-types-2.C | 2 +-
.../g++.dg/asan/use-after-scope-types-3.C | 2 +-
.../g++.dg/asan/use-after-scope-types-4.C | 2 +-
.../g++.dg/asan/use-after-scope-types-5.C | 2 +-
gcc/testsuite/gcc.dg/asan/pr78541.c | 2 +-
gcc/testsuite/gcc.dg/asan/use-after-scope-1.c | 2 +-
.../gcc.dg/asan/use-after-scope-10.c | 2 +-
gcc/testsuite/gcc.dg/asan/use-after-scope-2.c | 2 +-
gcc/testsuite/gcc.dg/asan/use-after-scope-3.c | 2 +-
gcc/testsuite/gcc.dg/asan/use-after-scope-5.c | 2 +-
gcc/testsuite/gcc.dg/asan/use-after-scope-9.c | 2 +-
20 files changed, 39 insertions(+), 21 deletions(-)
diff --git a/gcc/asan.c b/gcc/asan.c
index 235e219479d..653bedb385a 100644
--- a/gcc/asan.c
+++ b/gcc/asan.c
@@ -1269,6 +1269,9 @@ asan_emit_stack_protection (rtx base, rtx pbase, unsigned int alignb,
if (shadow_ptr_types[0] == NULL_TREE)
asan_init_shadow_ptr_types ();
+ expanded_location cfun_xloc
+ = expand_location (DECL_SOURCE_LOCATION (current_function_decl));
+
/* First of all, prepare the description string. */
pretty_printer asan_pp;
@@ -1281,15 +1284,30 @@ asan_emit_stack_protection (rtx base, rtx pbase, unsigned int alignb,
pp_space (&asan_pp);
pp_wide_integer (&asan_pp, offsets[l - 1] - offsets[l]);
pp_space (&asan_pp);
+
+ expanded_location xloc
+ = expand_location (DECL_SOURCE_LOCATION (decl));
+ char location[32];
+
+ if (xloc.file == cfun_xloc.file)
+ sprintf (location, ":%d", xloc.line);
+ else
+ location[0] = '\0';
+
if (DECL_P (decl) && DECL_NAME (decl))
{
- pp_decimal_int (&asan_pp, IDENTIFIER_LENGTH (DECL_NAME (decl)));
+ unsigned l
+ = IDENTIFIER_LENGTH (DECL_NAME (decl)) + strlen (location);
+ pp_decimal_int (&asan_pp, l);
pp_space (&asan_pp);
pp_tree_identifier (&asan_pp, DECL_NAME (decl));
+ pp_string (&asan_pp, location);
}
else
pp_string (&asan_pp, "9 <unknown>");
- pp_space (&asan_pp);
+
+ if (l > 2)
+ pp_space (&asan_pp);
}
str_cst = asan_pp_string (&asan_pp);
diff --git a/gcc/testsuite/c-c++-common/asan/pr64820.c b/gcc/testsuite/c-c++-common/asan/pr64820.c
index 885a6621491..a00debf3588 100644
--- a/gcc/testsuite/c-c++-common/asan/pr64820.c
+++ b/gcc/testsuite/c-c++-common/asan/pr64820.c
@@ -28,4 +28,4 @@ int main(int argc, char **argv) {
/* { dg-output "WRITE of size 1 at .* thread T0.*" } */
/* { dg-output " #0.*(Func2)?.*pr64820.(c:21)?.*" } */
/* { dg-output "is located in stack of thread T0 at offset.*" } */
-/* { dg-output "\'local\' <== Memory access at offset 32 is inside this variable" } */
+/* { dg-output "\'local\' \\(line 14\\) <== Memory access at offset 32 is inside this variable" } */
diff --git a/gcc/testsuite/c-c++-common/asan/use-after-return-1.c b/gcc/testsuite/c-c++-common/asan/use-after-return-1.c
index 49933e531b9..e1bb18a5743 100644
--- a/gcc/testsuite/c-c++-common/asan/use-after-return-1.c
+++ b/gcc/testsuite/c-c++-common/asan/use-after-return-1.c
@@ -50,4 +50,4 @@ int main(int argc, char **argv) {
/* { dg-output "WRITE of size 1 at .* thread T0.*" } */
/* { dg-output " #0.*(Func2)?.*use-after-return-1.(c:31)?.*" } */
/* { dg-output "is located in stack of thread T0 at offset.*" } */
-/* { dg-output "\'local\' <== Memory access at offset 32 is inside this variable" } */
+/* { dg-output "\'local\' \\(line 24\\) <== Memory access at offset 32 is inside this variable" } */
diff --git a/gcc/testsuite/g++.dg/asan/function-argument-1.C b/gcc/testsuite/g++.dg/asan/function-argument-1.C
index bdbb37a44a4..f421ad68b5d 100644
--- a/gcc/testsuite/g++.dg/asan/function-argument-1.C
+++ b/gcc/testsuite/g++.dg/asan/function-argument-1.C
@@ -28,4 +28,4 @@ main ()
// { dg-output "ERROR: AddressSanitizer: stack-buffer-underflow on address.*(\n|\r\n|\r)" }
// { dg-output "READ of size . at.*" }
-// { dg-output ".*'arg' <== Memory access at offset \[0-9\]* underflows this variable.*" }
+// { dg-output ".*'arg' \\(line 18\\) <== Memory access at offset \[0-9\]* underflows this variable.*" }
diff --git a/gcc/testsuite/g++.dg/asan/function-argument-2.C b/gcc/testsuite/g++.dg/asan/function-argument-2.C
index 3a7c33bdaaa..bdd3dc6e49f 100644
--- a/gcc/testsuite/g++.dg/asan/function-argument-2.C
+++ b/gcc/testsuite/g++.dg/asan/function-argument-2.C
@@ -21,4 +21,4 @@ main ()
// { dg-output "ERROR: AddressSanitizer: stack-buffer-overflow on address.*(\n|\r\n|\r)" }
// { dg-output "READ of size . at.*" }
-// { dg-output ".*'arg' <== Memory access at offset \[0-9\]* partially overflows this variable.*" }
+// { dg-output ".*'arg' \\(line 11\\) <== Memory access at offset \[0-9\]* partially overflows this variable.*" }
diff --git a/gcc/testsuite/g++.dg/asan/function-argument-3.C b/gcc/testsuite/g++.dg/asan/function-argument-3.C
index 6994b6df1c8..26b3f9268af 100644
--- a/gcc/testsuite/g++.dg/asan/function-argument-3.C
+++ b/gcc/testsuite/g++.dg/asan/function-argument-3.C
@@ -25,4 +25,4 @@ main ()
// { dg-output "ERROR: AddressSanitizer: stack-buffer-overflow on address.*(\n|\r\n|\r)" }
// { dg-output "READ of size . at.*" }
-// { dg-output ".*'arg' <== Memory access at offset \[0-9\]* overflows this variable.*" }
+// { dg-output ".*'arg' \\(line 14\\) <== Memory access at offset \[0-9\]* overflows this variable.*" }
diff --git a/gcc/testsuite/g++.dg/asan/use-after-scope-1.C b/gcc/testsuite/g++.dg/asan/use-after-scope-1.C
index fd875ad7a13..4cbc5345b57 100644
--- a/gcc/testsuite/g++.dg/asan/use-after-scope-1.C
+++ b/gcc/testsuite/g++.dg/asan/use-after-scope-1.C
@@ -18,4 +18,4 @@ int main() {
// { dg-output "ERROR: AddressSanitizer: stack-use-after-scope on address.*(\n|\r\n|\r)" }
// { dg-output "READ of size 4 at.*" }
-// { dg-output ".*'v' <== Memory access at offset \[0-9\]* is inside this variable.*" }
+// { dg-output ".*'v' \\(line 9\\) <== Memory access at offset \[0-9\]* is inside this variable.*" }
diff --git a/gcc/testsuite/g++.dg/asan/use-after-scope-2.C b/gcc/testsuite/g++.dg/asan/use-after-scope-2.C
index 92a4bd13029..5d11834dfeb 100644
--- a/gcc/testsuite/g++.dg/asan/use-after-scope-2.C
+++ b/gcc/testsuite/g++.dg/asan/use-after-scope-2.C
@@ -37,4 +37,4 @@ int main(int argc, char **argv)
// { dg-output "ERROR: AddressSanitizer: stack-use-after-scope on address.*(\n|\r\n|\r)" }
// { dg-output "READ of size 4 at.*" }
-// { dg-output ".*'x' <== Memory access at offset \[0-9\]* is inside this variable.*" }
+// { dg-output ".*'x' \\(line 31\\) <== Memory access at offset \[0-9\]* is inside this variable.*" }
diff --git a/gcc/testsuite/g++.dg/asan/use-after-scope-types-1.C b/gcc/testsuite/g++.dg/asan/use-after-scope-types-1.C
index bedcfa4edb9..180804ca81d 100644
--- a/gcc/testsuite/g++.dg/asan/use-after-scope-types-1.C
+++ b/gcc/testsuite/g++.dg/asan/use-after-scope-types-1.C
@@ -14,4 +14,4 @@ int main()
// { dg-output "ERROR: AddressSanitizer: stack-use-after-scope on address.*(\n|\r\n|\r)" }
// { dg-output "WRITE of size " }
-// { dg-output ".*'x' <== Memory access at offset \[0-9\]* is inside this variable.*" }
+// { dg-output ".*'x' \\(line 25\\) <== Memory access at offset \[0-9\]* is inside this variable.*" }
diff --git a/gcc/testsuite/g++.dg/asan/use-after-scope-types-2.C b/gcc/testsuite/g++.dg/asan/use-after-scope-types-2.C
index 75a01d9eb36..172c5c03b2e 100644
--- a/gcc/testsuite/g++.dg/asan/use-after-scope-types-2.C
+++ b/gcc/testsuite/g++.dg/asan/use-after-scope-types-2.C
@@ -14,4 +14,4 @@ int main()
// { dg-output "ERROR: AddressSanitizer: stack-use-after-scope on address.*(\n|\r\n|\r)" }
// { dg-output "WRITE of size " }
-// { dg-output ".*'x' <== Memory access at offset \[0-9\]* is inside this variable.*" }
+// { dg-output ".*'x' \\(line 25\\) <== Memory access at offset \[0-9\]* is inside this variable.*" }
diff --git a/gcc/testsuite/g++.dg/asan/use-after-scope-types-3.C b/gcc/testsuite/g++.dg/asan/use-after-scope-types-3.C
index 3350c69c6ae..d4ad0fcc3a5 100644
--- a/gcc/testsuite/g++.dg/asan/use-after-scope-types-3.C
+++ b/gcc/testsuite/g++.dg/asan/use-after-scope-types-3.C
@@ -14,4 +14,4 @@ int main()
// { dg-output "ERROR: AddressSanitizer: stack-use-after-scope on address.*(\n|\r\n|\r)" }
// { dg-output "WRITE of size " }
-// { dg-output ".*'x' <== Memory access at offset \[0-9\]* is inside this variable.*" }
+// { dg-output ".*'x' \\(line 25\\) <== Memory access at offset \[0-9\]* is inside this variable.*" }
diff --git a/gcc/testsuite/g++.dg/asan/use-after-scope-types-4.C b/gcc/testsuite/g++.dg/asan/use-after-scope-types-4.C
index 44f4d3b09f5..7638107d2cc 100644
--- a/gcc/testsuite/g++.dg/asan/use-after-scope-types-4.C
+++ b/gcc/testsuite/g++.dg/asan/use-after-scope-types-4.C
@@ -14,4 +14,4 @@ int main()
// { dg-output "ERROR: AddressSanitizer: stack-use-after-scope on address.*(\n|\r\n|\r)" }
// { dg-output "READ of size " }
-// { dg-output ".*'x' <== Memory access at offset \[0-9\]* is inside this variable.*" }
+// { dg-output ".*'x' \\(line 25\\) <== Memory access at offset \[0-9\]* is inside this variable.*" }
diff --git a/gcc/testsuite/g++.dg/asan/use-after-scope-types-5.C b/gcc/testsuite/g++.dg/asan/use-after-scope-types-5.C
index 42abc2a0ccd..fe7c57fc37b 100644
--- a/gcc/testsuite/g++.dg/asan/use-after-scope-types-5.C
+++ b/gcc/testsuite/g++.dg/asan/use-after-scope-types-5.C
@@ -14,4 +14,4 @@ int main()
// { dg-output "ERROR: AddressSanitizer: stack-use-after-scope on address.*(\n|\r\n|\r)" }
// { dg-output "WRITE of size " }
-// { dg-output ".*'x' <== Memory access at offset \[0-9\]* is inside this variable.*" }
+// { dg-output ".*'x' \\(line 25\\) <== Memory access at offset \[0-9\]* is inside this variable.*" }
diff --git a/gcc/testsuite/gcc.dg/asan/pr78541.c b/gcc/testsuite/gcc.dg/asan/pr78541.c
index fb02082f3d9..612c7e58071 100644
--- a/gcc/testsuite/gcc.dg/asan/pr78541.c
+++ b/gcc/testsuite/gcc.dg/asan/pr78541.c
@@ -22,4 +22,4 @@ int main()
// { dg-output "ERROR: AddressSanitizer: stack-use-after-scope on address.*(\n|\r\n|\r)" }
// { dg-output "READ of size.*" }
-// { dg-output ".*'x' <== Memory access at offset \[0-9\]* is inside this variable.*" }
+// { dg-output ".*'x' \\(line 9\\) <== Memory access at offset \[0-9\]* is inside this variable.*" }
diff --git a/gcc/testsuite/gcc.dg/asan/use-after-scope-1.c b/gcc/testsuite/gcc.dg/asan/use-after-scope-1.c
index bdbc97becae..19a8379f4af 100644
--- a/gcc/testsuite/gcc.dg/asan/use-after-scope-1.c
+++ b/gcc/testsuite/gcc.dg/asan/use-after-scope-1.c
@@ -15,4 +15,4 @@ main (void)
// { dg-output "ERROR: AddressSanitizer: stack-use-after-scope on address.*(\n|\r\n|\r)" }
// { dg-output "READ of size 1 at.*" }
-// { dg-output ".*'my_char' <== Memory access at offset \[0-9\]* is inside this variable.*" }
+// { dg-output ".*'my_char' \\(line 9\\) <== Memory access at offset \[0-9\]* is inside this variable.*" }
diff --git a/gcc/testsuite/gcc.dg/asan/use-after-scope-10.c b/gcc/testsuite/gcc.dg/asan/use-after-scope-10.c
index 60f45768019..e4b986ec071 100644
--- a/gcc/testsuite/gcc.dg/asan/use-after-scope-10.c
+++ b/gcc/testsuite/gcc.dg/asan/use-after-scope-10.c
@@ -20,4 +20,4 @@ main (int argc, char **argv)
// { dg-output "ERROR: AddressSanitizer: stack-use-after-scope on address.*(\n|\r\n|\r)" }
// { dg-output "WRITE of size .*" }
-// { dg-output ".*'a' <== Memory access at offset \[0-9\]* is inside this variable.*" }
+// { dg-output ".*'a' \\(line 12\\) <== Memory access at offset \[0-9\]* is inside this variable.*" }
diff --git a/gcc/testsuite/gcc.dg/asan/use-after-scope-2.c b/gcc/testsuite/gcc.dg/asan/use-after-scope-2.c
index dedb73400cd..101858126ff 100644
--- a/gcc/testsuite/gcc.dg/asan/use-after-scope-2.c
+++ b/gcc/testsuite/gcc.dg/asan/use-after-scope-2.c
@@ -44,4 +44,4 @@ main (void)
// { dg-output "ERROR: AddressSanitizer: stack-use-after-scope on address.*(\n|\r\n|\r)" }
// { dg-output "READ of size 4 at.*" }
-// { dg-output ".*'c' <== Memory access at offset \[0-9\]* is inside this variable.*" }
+// { dg-output ".*'c' \\(line 37\\) <== Memory access at offset \[0-9\]* is inside this variable.*" }
diff --git a/gcc/testsuite/gcc.dg/asan/use-after-scope-3.c b/gcc/testsuite/gcc.dg/asan/use-after-scope-3.c
index ddf3c04eb45..8f8533760c5 100644
--- a/gcc/testsuite/gcc.dg/asan/use-after-scope-3.c
+++ b/gcc/testsuite/gcc.dg/asan/use-after-scope-3.c
@@ -18,4 +18,4 @@ main (void)
// { dg-output "ERROR: AddressSanitizer: stack-use-after-scope on address.*(\n|\r\n|\r)" }
// { dg-output "WRITE of size 1 at.*" }
-// { dg-output ".*'my_char' <== Memory access at offset \[0-9\]* overflows this variable.*" }
+// { dg-output ".*'my_char' \\(line 11\\) <== Memory access at offset \[0-9\]* overflows this variable.*" }
diff --git a/gcc/testsuite/gcc.dg/asan/use-after-scope-5.c b/gcc/testsuite/gcc.dg/asan/use-after-scope-5.c
index b53712daa34..1c2fafb43be 100644
--- a/gcc/testsuite/gcc.dg/asan/use-after-scope-5.c
+++ b/gcc/testsuite/gcc.dg/asan/use-after-scope-5.c
@@ -24,4 +24,4 @@ main (int argc, char **argv)
// { dg-output "ERROR: AddressSanitizer: stack-use-after-scope on address.*(\n|\r\n|\r)" }
// { dg-output "READ of size 4 at.*" }
-// { dg-output ".*'values' <== Memory access at offset \[0-9\]* is inside this variable.*" }
+// { dg-output ".*'values' \\(line 10\\) <== Memory access at offset \[0-9\]* is inside this variable.*" }
diff --git a/gcc/testsuite/gcc.dg/asan/use-after-scope-9.c b/gcc/testsuite/gcc.dg/asan/use-after-scope-9.c
index c3e4da55aad..853765bf3cc 100644
--- a/gcc/testsuite/gcc.dg/asan/use-after-scope-9.c
+++ b/gcc/testsuite/gcc.dg/asan/use-after-scope-9.c
@@ -20,4 +20,4 @@ main (int argc, char **argv)
// { dg-final { scan-tree-dump-times {= \.ASAN_POISON \(\)} 1 "asan1" } }
// { dg-output "ERROR: AddressSanitizer: stack-use-after-scope on address.*(\n|\r\n|\r)" }
// { dg-output "READ of size .*" }
-// { dg-output ".*'a' <== Memory access at offset \[0-9\]* is inside this variable.*" }
+// { dg-output ".*'a' \\(line 12\\) <== Memory access at offset \[0-9\]* is inside this variable.*" }
