[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
grep branch, master, updated. v2.21-14-g1555185
From: |
Jim Meyering |
Subject: |
grep branch, master, updated. v2.21-14-g1555185 |
Date: |
Mon, 12 Jan 2015 01:47:46 +0000 |
This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "grep".
The branch, master has been updated
via 1555185d5b7867472b0e5f0589f71d9b1242e842 (commit)
via 83a95bd8c8561875b948cadd417c653dbe7ef2e2 (commit)
via 9aedd79729193d57939dd171850eb2d44d28eecb (commit)
from c2d0489c43264b25f063058c4c34a66e2445abae (commit)
Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.
- Log -----------------------------------------------------------------
http://git.savannah.gnu.org/cgit/grep.git/commit/?id=1555185d5b7867472b0e5f0589f71d9b1242e842
commit 1555185d5b7867472b0e5f0589f71d9b1242e842
Author: Jim Meyering <address@hidden>
Date: Sun Jan 4 07:28:13 2015 -0800
tests: add support for ASAN memory poisoning
This lets us reliably detect with ASAN some UMR bugs
that would otherwise be detectable only some of the time
with MSAN. Use __asan_poison_memory_region to mark the unused
portion of a read buffer as inaccessible. Then, with ASAN,
any attempt to access those bytes results in an ASAN abort.
* src/system.h: Include "ignore-value.h".
(__has_feature): Define.
(HAVE_ASAN): Define when address sanitizer is enabled.
[HAVE_ASAN]: Declare these two __asan_* symbols.
[!HAVE_ASAN] (__asan_poison_memory_region): Define stub.
[!HAVE_ASAN] (__asan_unpoison_memory_region): Likewise.
* src/grep.c: Use __asan_poison_memory_region.
diff --git a/src/grep.c b/src/grep.c
index c85fc6e..7d70f4a 100644
--- a/src/grep.c
+++ b/src/grep.c
@@ -816,6 +816,11 @@ fillbuf (size_t save, struct stat const *st)
positive reports of these bytes being used uninitialized. */
memset (buflim, 0, sizeof (uword));
+ /* Mark the part of the buffer not filled by the read or set by
+ the above memset call as ASAN-poisoned. */
+ __asan_poison_memory_region (buflim + sizeof (uword),
+ bufalloc - (buflim - buffer) - sizeof (uword));
+
return cc;
}
diff --git a/src/system.h b/src/system.h
index 1cc2bd3..15a1abb 100644
--- a/src/system.h
+++ b/src/system.h
@@ -26,6 +26,7 @@
#include "binary-io.h"
#include "configmake.h"
#include "dirname.h"
+#include "ignore-value.h"
#include "minmax.h"
#include "same-inode.h"
@@ -67,4 +68,43 @@ to_uchar (char ch)
_GL_INLINE_HEADER_END
+#ifndef __has_feature
+# define __has_feature(F) false
+#endif
+
+#if defined __SANITIZE_ADDRESS__ || __has_feature (address_sanitizer)
+# define HAVE_ASAN 1
+#else
+# define HAVE_ASAN 0
+#endif
+
+#if HAVE_ASAN
+
+/* Mark memory region [addr, addr+size) as unaddressable.
+ This memory must be previously allocated by the user program. Accessing
+ addresses in this region from instrumented code is forbidden until
+ this region is unpoisoned. This function is not guaranteed to poison
+ the whole region - it may poison only a subregion of [addr, addr+size)
+ due to ASan alignment restrictions.
+ Method is NOT thread-safe in the sense that no two threads can
+ (un)poison memory in the same memory region simultaneously. */
+void __asan_poison_memory_region (void const volatile *addr, size_t size);
+
+/* Mark memory region [addr, addr+size) as addressable.
+ This memory must be previously allocated by the user program. Accessing
+ addresses in this region is allowed until this region is poisoned again.
+ This function may unpoison a superregion of [addr, addr+size) due to
+ ASan alignment restrictions.
+ Method is NOT thread-safe in the sense that no two threads can
+ (un)poison memory in the same memory region simultaneously. */
+void __asan_unpoison_memory_region (void const volatile *addr, size_t size);
+
+#else
+
+static _GL_UNUSED void
+__asan_poison_memory_region (void const volatile *addr, size_t size) { }
+static _GL_UNUSED void
+__asan_unpoison_memory_region (void const volatile *addr, size_t size) { }
+#endif
+
#endif
http://git.savannah.gnu.org/cgit/grep.git/commit/?id=83a95bd8c8561875b948cadd417c653dbe7ef2e2
commit 1555185d5b7867472b0e5f0589f71d9b1242e842
Author: Jim Meyering <address@hidden>
Date: Sun Jan 4 07:28:13 2015 -0800
tests: add support for ASAN memory poisoning
This lets us reliably detect with ASAN some UMR bugs
that would otherwise be detectable only some of the time
with MSAN. Use __asan_poison_memory_region to mark the unused
portion of a read buffer as inaccessible. Then, with ASAN,
any attempt to access those bytes results in an ASAN abort.
* src/system.h: Include "ignore-value.h".
(__has_feature): Define.
(HAVE_ASAN): Define when address sanitizer is enabled.
[HAVE_ASAN]: Declare these two __asan_* symbols.
[!HAVE_ASAN] (__asan_poison_memory_region): Define stub.
[!HAVE_ASAN] (__asan_unpoison_memory_region): Likewise.
* src/grep.c: Use __asan_poison_memory_region.
diff --git a/src/grep.c b/src/grep.c
index c85fc6e..7d70f4a 100644
--- a/src/grep.c
+++ b/src/grep.c
@@ -816,6 +816,11 @@ fillbuf (size_t save, struct stat const *st)
positive reports of these bytes being used uninitialized. */
memset (buflim, 0, sizeof (uword));
+ /* Mark the part of the buffer not filled by the read or set by
+ the above memset call as ASAN-poisoned. */
+ __asan_poison_memory_region (buflim + sizeof (uword),
+ bufalloc - (buflim - buffer) - sizeof (uword));
+
return cc;
}
diff --git a/src/system.h b/src/system.h
index 1cc2bd3..15a1abb 100644
--- a/src/system.h
+++ b/src/system.h
@@ -26,6 +26,7 @@
#include "binary-io.h"
#include "configmake.h"
#include "dirname.h"
+#include "ignore-value.h"
#include "minmax.h"
#include "same-inode.h"
@@ -67,4 +68,43 @@ to_uchar (char ch)
_GL_INLINE_HEADER_END
+#ifndef __has_feature
+# define __has_feature(F) false
+#endif
+
+#if defined __SANITIZE_ADDRESS__ || __has_feature (address_sanitizer)
+# define HAVE_ASAN 1
+#else
+# define HAVE_ASAN 0
+#endif
+
+#if HAVE_ASAN
+
+/* Mark memory region [addr, addr+size) as unaddressable.
+ This memory must be previously allocated by the user program. Accessing
+ addresses in this region from instrumented code is forbidden until
+ this region is unpoisoned. This function is not guaranteed to poison
+ the whole region - it may poison only a subregion of [addr, addr+size)
+ due to ASan alignment restrictions.
+ Method is NOT thread-safe in the sense that no two threads can
+ (un)poison memory in the same memory region simultaneously. */
+void __asan_poison_memory_region (void const volatile *addr, size_t size);
+
+/* Mark memory region [addr, addr+size) as addressable.
+ This memory must be previously allocated by the user program. Accessing
+ addresses in this region is allowed until this region is poisoned again.
+ This function may unpoison a superregion of [addr, addr+size) due to
+ ASan alignment restrictions.
+ Method is NOT thread-safe in the sense that no two threads can
+ (un)poison memory in the same memory region simultaneously. */
+void __asan_unpoison_memory_region (void const volatile *addr, size_t size);
+
+#else
+
+static _GL_UNUSED void
+__asan_poison_memory_region (void const volatile *addr, size_t size) { }
+static _GL_UNUSED void
+__asan_unpoison_memory_region (void const volatile *addr, size_t size) { }
+#endif
+
#endif
http://git.savannah.gnu.org/cgit/grep.git/commit/?id=9aedd79729193d57939dd171850eb2d44d28eecb
commit 1555185d5b7867472b0e5f0589f71d9b1242e842
Author: Jim Meyering <address@hidden>
Date: Sun Jan 4 07:28:13 2015 -0800
tests: add support for ASAN memory poisoning
This lets us reliably detect with ASAN some UMR bugs
that would otherwise be detectable only some of the time
with MSAN. Use __asan_poison_memory_region to mark the unused
portion of a read buffer as inaccessible. Then, with ASAN,
any attempt to access those bytes results in an ASAN abort.
* src/system.h: Include "ignore-value.h".
(__has_feature): Define.
(HAVE_ASAN): Define when address sanitizer is enabled.
[HAVE_ASAN]: Declare these two __asan_* symbols.
[!HAVE_ASAN] (__asan_poison_memory_region): Define stub.
[!HAVE_ASAN] (__asan_unpoison_memory_region): Likewise.
* src/grep.c: Use __asan_poison_memory_region.
diff --git a/src/grep.c b/src/grep.c
index c85fc6e..7d70f4a 100644
--- a/src/grep.c
+++ b/src/grep.c
@@ -816,6 +816,11 @@ fillbuf (size_t save, struct stat const *st)
positive reports of these bytes being used uninitialized. */
memset (buflim, 0, sizeof (uword));
+ /* Mark the part of the buffer not filled by the read or set by
+ the above memset call as ASAN-poisoned. */
+ __asan_poison_memory_region (buflim + sizeof (uword),
+ bufalloc - (buflim - buffer) - sizeof (uword));
+
return cc;
}
diff --git a/src/system.h b/src/system.h
index 1cc2bd3..15a1abb 100644
--- a/src/system.h
+++ b/src/system.h
@@ -26,6 +26,7 @@
#include "binary-io.h"
#include "configmake.h"
#include "dirname.h"
+#include "ignore-value.h"
#include "minmax.h"
#include "same-inode.h"
@@ -67,4 +68,43 @@ to_uchar (char ch)
_GL_INLINE_HEADER_END
+#ifndef __has_feature
+# define __has_feature(F) false
+#endif
+
+#if defined __SANITIZE_ADDRESS__ || __has_feature (address_sanitizer)
+# define HAVE_ASAN 1
+#else
+# define HAVE_ASAN 0
+#endif
+
+#if HAVE_ASAN
+
+/* Mark memory region [addr, addr+size) as unaddressable.
+ This memory must be previously allocated by the user program. Accessing
+ addresses in this region from instrumented code is forbidden until
+ this region is unpoisoned. This function is not guaranteed to poison
+ the whole region - it may poison only a subregion of [addr, addr+size)
+ due to ASan alignment restrictions.
+ Method is NOT thread-safe in the sense that no two threads can
+ (un)poison memory in the same memory region simultaneously. */
+void __asan_poison_memory_region (void const volatile *addr, size_t size);
+
+/* Mark memory region [addr, addr+size) as addressable.
+ This memory must be previously allocated by the user program. Accessing
+ addresses in this region is allowed until this region is poisoned again.
+ This function may unpoison a superregion of [addr, addr+size) due to
+ ASan alignment restrictions.
+ Method is NOT thread-safe in the sense that no two threads can
+ (un)poison memory in the same memory region simultaneously. */
+void __asan_unpoison_memory_region (void const volatile *addr, size_t size);
+
+#else
+
+static _GL_UNUSED void
+__asan_poison_memory_region (void const volatile *addr, size_t size) { }
+static _GL_UNUSED void
+__asan_unpoison_memory_region (void const volatile *addr, size_t size) { }
+#endif
+
#endif
-----------------------------------------------------------------------
Summary of changes:
NEWS | 5 +++
THANKS.in | 1 +
src/grep.c | 11 +++++++
src/kwset.c | 2 +
src/system.h | 40 ++++++++++++++++++++++++++++
tests/Makefile.am | 1 +
tests/{mb-non-UTF8-overrun => kwset-abuse} | 22 ++++++++-------
7 files changed, 72 insertions(+), 10 deletions(-)
copy tests/{mb-non-UTF8-overrun => kwset-abuse} (58%)
hooks/post-receive
--
grep
[Prev in Thread] |
Current Thread |
[Next in Thread] |
- grep branch, master, updated. v2.21-14-g1555185,
Jim Meyering <=