[PATCH] Call BUILT_IN_ASAN_HANDLE_NO_RETURN before BUILT_IN_UNWIND_RESUME (PR sanitizer/81021).

["Martin Liška" <mliska@suse.cz>]

[-- Attachment #1: Type: text/plain, Size: 929 bytes --]

Hi.

For a function that does not handle an expection (and calls BUILT_IN_UNWIND_RESUME),
we need to emit call to BUILT_IN_ASAN_HANDLE_NO_RETURN. That will clean up stack
which can possibly contain poisoned shadow memory that will not be cleaned-up
in function prologue.

Patch can bootstrap on ppc64le-redhat-linux and survives regression tests.

Ready to be installed?
Martin

gcc/testsuite/ChangeLog:

2017-06-12  Martin Liska  <mliska@suse.cz>

	PR sanitizer/81021
	* g++.dg/asan/pr81021.C: New test.

gcc/ChangeLog:

2017-06-12  Martin Liska  <mliska@suse.cz>

	PR sanitizer/81021
	* tree-eh.c (lower_resx): Call BUILT_IN_ASAN_HANDLE_NO_RETURN
	before BUILT_IN_UNWIND_RESUME when ASAN is used.
---
 gcc/testsuite/g++.dg/asan/pr81021.C | 33 +++++++++++++++++++++++++++++++++
 gcc/tree-eh.c                       | 14 ++++++++++++++
 2 files changed, 47 insertions(+)
 create mode 100644 gcc/testsuite/g++.dg/asan/pr81021.C



[-- Attachment #2: 0001-Call-BUILT_IN_ASAN_HANDLE_NO_RETURN-before-BUILT_IN_.patch --]
[-- Type: text/x-patch, Size: 2072 bytes --]

diff --git a/gcc/testsuite/g++.dg/asan/pr81021.C b/gcc/testsuite/g++.dg/asan/pr81021.C
new file mode 100644
index 00000000000..daa0525c273
--- /dev/null
+++ b/gcc/testsuite/g++.dg/asan/pr81021.C
@@ -0,0 +1,33 @@
+// { dg-do run }
+
+#include <string>
+
+struct ConfigFile {
+    ConfigFile(std::string filename, std::string delimiter) { throw "error"; }
+    ConfigFile(std::string filename) {}
+};
+
+struct Configuration {
+    ConfigFile _configFile;
+
+    Configuration(const std::string &root, const char *baseName) 
+        : _configFile(root + baseName, "=") { }
+    Configuration(const std::string &root, const char *a, const char *b) 
+        : _configFile(root + a + b) { }
+};
+
+
+void test() {
+    std::string root("etc");
+    try {
+        Configuration config(root, "notthere");
+    }
+    catch (...) {
+        // exception is thrown, caught here and ignored...
+    }
+    Configuration config(root, "a", "b"); // ASAN error during constructor here
+}
+
+int main(int argc, const char *argv[]) {
+    test();
+}
diff --git a/gcc/tree-eh.c b/gcc/tree-eh.c
index fc016d795b7..fdd348c52e9 100644
--- a/gcc/tree-eh.c
+++ b/gcc/tree-eh.c
@@ -3304,6 +3304,20 @@ lower_resx (basic_block bb, gresx *stmt,
 	  gimple_call_set_lhs (x, var);
 	  gsi_insert_before (&gsi, x, GSI_SAME_STMT);
 
+	  /* When exception handling is delegated to a caller function, we
+	     have to guarantee that shadow memory variables living on stack
+	     will be cleaner before control is given to a parent function.  */
+	  if ((flag_sanitize & SANITIZE_ADDRESS) != 0
+	      && !lookup_attribute ("no_sanitize_address",
+				    DECL_ATTRIBUTES (current_function_decl)))
+	    {
+	      tree decl
+		= builtin_decl_implicit (BUILT_IN_ASAN_HANDLE_NO_RETURN);
+	      gimple *g = gimple_build_call (decl, 0);
+	      gimple_set_location (g, gimple_location (stmt));
+	      gsi_insert_before (&gsi, g, GSI_SAME_STMT);
+	    }
+
 	  fn = builtin_decl_implicit (BUILT_IN_UNWIND_RESUME);
 	  x = gimple_build_call (fn, 1, var);
 	  gsi_insert_before (&gsi, x, GSI_SAME_STMT);