[PATCH] D41301: ASan+operator new[]: Fix operator new[] cookie poisoning
This revision was automatically updated to reflect the committed changes. Closed by commit rL321645: ASan+operator new[]: Fix operator new[] cookie poisoning (authored by filcab, committed by ). Repository: rL LLVM https://reviews.llvm.org/D41301 Files: cfe/trunk/lib/CodeGen/ItaniumCXXABI.cpp cfe/trunk/test/CodeGen/address-sanitizer-and-array-cookie.cpp Index: cfe/trunk/test/CodeGen/address-sanitizer-and-array-cookie.cpp === --- cfe/trunk/test/CodeGen/address-sanitizer-and-array-cookie.cpp +++ cfe/trunk/test/CodeGen/address-sanitizer-and-array-cookie.cpp @@ -7,7 +7,7 @@ std::nothrow_t nothrow; } void *operator new[](size_t, const std::nothrow_t &) throw(); -void *operator new[](size_t, char *); +void *operator new[](size_t, void *); struct C { int x; @@ -53,3 +53,11 @@ } // ASAN-LABEL: CallPlacementNew // ASAN-NOT: __asan_poison_cxx_array_cookie + +void *operator new[](size_t n, int); + +C *CallNewWithArgs() { +// ASAN-LABEL: CallNewWithArgs +// ASAN: call void @__asan_poison_cxx_array_cookie + return new (123) C[20]; +} Index: cfe/trunk/lib/CodeGen/ItaniumCXXABI.cpp === --- cfe/trunk/lib/CodeGen/ItaniumCXXABI.cpp +++ cfe/trunk/lib/CodeGen/ItaniumCXXABI.cpp @@ -1847,8 +1847,7 @@ llvm::Instruction *SI = CGF.Builder.CreateStore(NumElements, NumElementsPtr); // Handle the array cookie specially in ASan. - if (CGM.getLangOpts().Sanitize.has(SanitizerKind::Address) && AS == 0 && - expr->getOperatorNew()->isReplaceableGlobalAllocationFunction()) { + if (CGM.getLangOpts().Sanitize.has(SanitizerKind::Address) && AS == 0) { // The store to the CookiePtr does not need to be instrumented. CGM.getSanitizerMetadata()->disableSanitizerForInstruction(SI); llvm::FunctionType *FTy = Index: cfe/trunk/test/CodeGen/address-sanitizer-and-array-cookie.cpp === --- cfe/trunk/test/CodeGen/address-sanitizer-and-array-cookie.cpp +++ cfe/trunk/test/CodeGen/address-sanitizer-and-array-cookie.cpp @@ -7,7 +7,7 @@ std::nothrow_t nothrow; } void *operator new[](size_t, const std::nothrow_t &) throw(); -void *operator new[](size_t, char *); +void *operator new[](size_t, void *); struct C { int x; @@ -53,3 +53,11 @@ } // ASAN-LABEL: CallPlacementNew // ASAN-NOT: __asan_poison_cxx_array_cookie + +void *operator new[](size_t n, int); + +C *CallNewWithArgs() { +// ASAN-LABEL: CallNewWithArgs +// ASAN: call void @__asan_poison_cxx_array_cookie + return new (123) C[20]; +} Index: cfe/trunk/lib/CodeGen/ItaniumCXXABI.cpp === --- cfe/trunk/lib/CodeGen/ItaniumCXXABI.cpp +++ cfe/trunk/lib/CodeGen/ItaniumCXXABI.cpp @@ -1847,8 +1847,7 @@ llvm::Instruction *SI = CGF.Builder.CreateStore(NumElements, NumElementsPtr); // Handle the array cookie specially in ASan. - if (CGM.getLangOpts().Sanitize.has(SanitizerKind::Address) && AS == 0 && - expr->getOperatorNew()->isReplaceableGlobalAllocationFunction()) { + if (CGM.getLangOpts().Sanitize.has(SanitizerKind::Address) && AS == 0) { // The store to the CookiePtr does not need to be instrumented. CGM.getSanitizerMetadata()->disableSanitizerForInstruction(SI); llvm::FunctionType *FTy = ___ cfe-commits mailing list cfe-commits@lists.llvm.org http://lists.llvm.org/cgi-bin/mailman/listinfo/cfe-commits
[PATCH] D41301: ASan+operator new[]: Fix operator new[] cookie poisoning
rjmccall accepted this revision. rjmccall added a comment. This revision is now accepted and ready to land. LGTM. Repository: rC Clang https://reviews.llvm.org/D41301 ___ cfe-commits mailing list cfe-commits@lists.llvm.org http://lists.llvm.org/cgi-bin/mailman/listinfo/cfe-commits
[PATCH] D41301: ASan+operator new[]: Fix operator new[] cookie poisoning
filcab created this revision. filcab added reviewers: rjmccall, kcc, rsmith. The C++ Itanium ABI says: No cookie is required if the new operator being used is ::operator new[](size_t, void*). We should only avoid poisoning the cookie if we're calling this operator, not others. This is dealt with before the call to InitializeArrayCookie. Repository: rC Clang https://reviews.llvm.org/D41301 Files: lib/CodeGen/ItaniumCXXABI.cpp test/CodeGen/address-sanitizer-and-array-cookie.cpp Index: test/CodeGen/address-sanitizer-and-array-cookie.cpp === --- test/CodeGen/address-sanitizer-and-array-cookie.cpp +++ test/CodeGen/address-sanitizer-and-array-cookie.cpp @@ -7,7 +7,7 @@ std::nothrow_t nothrow; } void *operator new[](size_t, const std::nothrow_t &) throw(); -void *operator new[](size_t, char *); +void *operator new[](size_t, void *); struct C { int x; @@ -53,3 +53,11 @@ } // ASAN-LABEL: CallPlacementNew // ASAN-NOT: __asan_poison_cxx_array_cookie + +void *operator new[](size_t n, int); + +C *CallNewWithArgs() { +// ASAN-LABEL: CallNewWithArgs +// ASAN: call void @__asan_poison_cxx_array_cookie + return new (123) C[20]; +} Index: lib/CodeGen/ItaniumCXXABI.cpp === --- lib/CodeGen/ItaniumCXXABI.cpp +++ lib/CodeGen/ItaniumCXXABI.cpp @@ -1843,8 +1843,7 @@ llvm::Instruction *SI = CGF.Builder.CreateStore(NumElements, NumElementsPtr); // Handle the array cookie specially in ASan. - if (CGM.getLangOpts().Sanitize.has(SanitizerKind::Address) && AS == 0 && - expr->getOperatorNew()->isReplaceableGlobalAllocationFunction()) { + if (CGM.getLangOpts().Sanitize.has(SanitizerKind::Address) && AS == 0) { // The store to the CookiePtr does not need to be instrumented. CGM.getSanitizerMetadata()->disableSanitizerForInstruction(SI); llvm::FunctionType *FTy = Index: test/CodeGen/address-sanitizer-and-array-cookie.cpp === --- test/CodeGen/address-sanitizer-and-array-cookie.cpp +++ test/CodeGen/address-sanitizer-and-array-cookie.cpp @@ -7,7 +7,7 @@ std::nothrow_t nothrow; } void *operator new[](size_t, const std::nothrow_t &) throw(); -void *operator new[](size_t, char *); +void *operator new[](size_t, void *); struct C { int x; @@ -53,3 +53,11 @@ } // ASAN-LABEL: CallPlacementNew // ASAN-NOT: __asan_poison_cxx_array_cookie + +void *operator new[](size_t n, int); + +C *CallNewWithArgs() { +// ASAN-LABEL: CallNewWithArgs +// ASAN: call void @__asan_poison_cxx_array_cookie + return new (123) C[20]; +} Index: lib/CodeGen/ItaniumCXXABI.cpp === --- lib/CodeGen/ItaniumCXXABI.cpp +++ lib/CodeGen/ItaniumCXXABI.cpp @@ -1843,8 +1843,7 @@ llvm::Instruction *SI = CGF.Builder.CreateStore(NumElements, NumElementsPtr); // Handle the array cookie specially in ASan. - if (CGM.getLangOpts().Sanitize.has(SanitizerKind::Address) && AS == 0 && - expr->getOperatorNew()->isReplaceableGlobalAllocationFunction()) { + if (CGM.getLangOpts().Sanitize.has(SanitizerKind::Address) && AS == 0) { // The store to the CookiePtr does not need to be instrumented. CGM.getSanitizerMetadata()->disableSanitizerForInstruction(SI); llvm::FunctionType *FTy = ___ cfe-commits mailing list cfe-commits@lists.llvm.org http://lists.llvm.org/cgi-bin/mailman/listinfo/cfe-commits