https://gcc.gnu.org/bugzilla/show_bug.cgi?id=66514
--- Comment #6 from Martin Liška <marxin at gcc dot gnu.org> ---
(In reply to Jakub Jelinek from comment #5)
> The thing is that if you poison at the end of destructor, you need to
> unpoison it again somewhere, except for file scope variables that when they
> are destructed supposedly can't be constructed again.
> For automatic variables I guess it depends on whether at runtime
> use-after-return is enabled or not (if it is enabled, then the variables are
> allocated in a heap object that is completely poisoned afterwards anyway, so
> that would work too. But if use-after-return is disabled, they are
> allocated in the normal stack frame and we'd need to unpoison those objects
> (together with unpoisoning the guards around them). And of course we'd need
> to ensure the stack space is not reused for other variables.
> Then there are objects constructed/destructed in heap space, those are
> supposedly fine too, at least I hope a free poisons the memory. But what
> about
> objects destructed in e.g. mmap allocated area? And finally objects
> placement new constructed in some other variable, there we'd need to
> unpoison on the first store to that area (or placement new construction).
> That is very much non-trivial though, at least in the asan framework.
I see the problem, what if we start with all cases that are safe because a
poisoned memory should not be reused? From the list of cases you described, we
should be able to catch heap-allocated instances. You are right that following
case is already covered by asan (heap-use-after-free):
#include <new>
struct A
{
A (int _m): m(_m) {}
int m;
};
int main()
{
/* Test A */
A *a = new A(12);
delete a;
return a->m == 234;
}
But we miss:
#include <new>
struct A
{
A (int _m): m(_m) {}
int m;
};
int main()
{
/* Test A */
A *a = new A(12);
a->~A();
return a->m == 234;
}
And second doable category should be file scope variables. The rest, including
automatic variables and all these placement new stuff, can be left for future?
What do you think?
Martin
