asan.h (asan_sanitize_allocas_p): Declare.

gcc/
	* asan.h (asan_sanitize_allocas_p): Declare.
	* asan.c (asan_sanitize_allocas_p): New function.
	(handle_builtin_stack_restore): Bail out if !asan_sanitize_allocas_p.
	(handle_builtin_alloca): Likewise.
	* cfgexpand.c (expand_used_vars): Do not add allocas unpoisoning stuff
	if !asan_sanitize_allocas_p.
	* params.def (asan-instrument-allocas): Add new option.
	* params.h (ASAN_PROTECT_ALLOCAS): Define.
	* opts.c (common_handle_option): Disable allocas sanitization for
	KASan by default.

gcc/testsuite/
	* c-c++-common/asan/kasan-alloca-1.c: New test.
	* c-c++-common/asan/kasan-alloca-2.c: Likewise.

From-SVN: r250032

gcc/ChangeLog

@@ -1,3 +1,16 @@
+2017-07-06  Maxim Ostapenko  <m.ostapenko@samsung.com>
+
+	* asan.h (asan_sanitize_allocas_p): Declare.
+	* asan.c (asan_sanitize_allocas_p): New function.
+	(handle_builtin_stack_restore): Bail out if !asan_sanitize_allocas_p.
+	(handle_builtin_alloca): Likewise.
+	* cfgexpand.c (expand_used_vars): Do not add allocas unpoisoning stuff
+	if !asan_sanitize_allocas_p.
+	* params.def (asan-instrument-allocas): Add new option.
+	* params.h (ASAN_PROTECT_ALLOCAS): Define.
+	* opts.c (common_handle_option): Disable allocas sanitization for
+	KASan by default.
+
 2017-07-06  Maxim Ostapenko  <m.ostapenko@samsung.com>
 
 	* asan.c: Include gimple-fold.h.

gcc/asan.c

@@ -310,6 +310,12 @@ asan_sanitize_stack_p (void)
   return (sanitize_flags_p (SANITIZE_ADDRESS) && ASAN_STACK);
 }
 
+bool
+asan_sanitize_allocas_p (void)
+{
+  return (asan_sanitize_stack_p () && ASAN_PROTECT_ALLOCAS);
+}
+
 /* Checks whether section SEC should be sanitized.  */
 
 static bool
@@ -569,7 +575,7 @@ get_last_alloca_addr ()
 static void
 handle_builtin_stack_restore (gcall *call, gimple_stmt_iterator *iter)
 {
-  if (!iter)
+  if (!iter || !asan_sanitize_allocas_p ())
     return;
 
   tree last_alloca = get_last_alloca_addr ();
@@ -607,7 +613,7 @@ handle_builtin_stack_restore (gcall *call, gimple_stmt_iterator *iter)
 static void
 handle_builtin_alloca (gcall *call, gimple_stmt_iterator *iter)
 {
-  if (!iter)
+  if (!iter || !asan_sanitize_allocas_p ())
     return;
 
   gassign *g;

gcc/asan.h

@@ -108,6 +108,8 @@ extern void set_sanitized_sections (const char *);
 
 extern bool asan_sanitize_stack_p (void);
 
+extern bool asan_sanitize_allocas_p (void);
+
 /* Return TRUE if builtin with given FCODE will be intercepted by
    libasan.  */
 

gcc/cfgexpand.c

@@ -2241,7 +2241,7 @@ expand_used_vars (void)
       expand_stack_vars (NULL, &data);
     }
 
-  if ((flag_sanitize & SANITIZE_ADDRESS) && cfun->calls_alloca)
+  if (asan_sanitize_allocas_p () && cfun->calls_alloca)
     var_end_seq = asan_emit_allocas_unpoison (virtual_stack_dynamic_rtx,
 					      virtual_stack_vars_rtx,
 					      var_end_seq);

gcc/opts.c

@@ -1909,6 +1909,9 @@ common_handle_option (struct gcc_options *opts,
 				 opts_set->x_param_values);
 	  maybe_set_param_value (PARAM_ASAN_STACK, 0, opts->x_param_values,
 				 opts_set->x_param_values);
+	  maybe_set_param_value (PARAM_ASAN_PROTECT_ALLOCAS, 0,
+				 opts->x_param_values,
+				 opts_set->x_param_values);
 	  maybe_set_param_value (PARAM_ASAN_USE_AFTER_RETURN, 0,
 				 opts->x_param_values,
 				 opts_set->x_param_values);

gcc/params.def

@@ -1142,6 +1142,11 @@ DEFPARAM (PARAM_ASAN_STACK,
          "Enable asan stack protection.",
          1, 0, 1)
 
+DEFPARAM (PARAM_ASAN_PROTECT_ALLOCAS,
+	"asan-instrument-allocas",
+	"Enable asan allocas/VLAs protection.",
+	1, 0, 1)
+
 DEFPARAM (PARAM_ASAN_GLOBALS,
          "asan-globals",
          "Enable asan globals protection.",

gcc/params.h

@@ -232,6 +232,8 @@ extern void init_param_values (int *params);
   PARAM_VALUE (PARAM_ALLOW_PACKED_STORE_DATA_RACES)
 #define ASAN_STACK \
   PARAM_VALUE (PARAM_ASAN_STACK)
+#define ASAN_PROTECT_ALLOCAS \
+  PARAM_VALUE (PARAM_ASAN_PROTECT_ALLOCAS)
 #define ASAN_GLOBALS \
   PARAM_VALUE (PARAM_ASAN_GLOBALS)
 #define ASAN_INSTRUMENT_READS \

gcc/testsuite/ChangeLog

@@ -1,3 +1,8 @@
+2017-07-06  Maxim Ostapenko  <m.ostapenko@samsung.com>
+
+	* c-c++-common/asan/kasan-alloca-1.c: New test.
+	* c-c++-common/asan/kasan-alloca-2.c: Likewise.
+
 2017-07-06  Maxim Ostapenko  <m.ostapenko@samsung.com>
 
 	* c-c++-common/asan/alloca_big_alignment.c: New test.

gcc/testsuite/c-c++-common/asan/kasan-alloca-1.c

@@ -0,0 +1,11 @@
+/* { dg-do compile } */
+/* { dg-options "-fno-sanitize=address -fsanitize=kernel-address -fdump-tree-sanopt" } */
+/* { dg-skip-if "" { *-*-* } { "*" } { "-O0" } } */
+
+void foo(int index, int len) {
+  char str[len];
+  str[index] = '1'; // BOOM
+}
+
+/* { dg-final { scan-tree-dump-not "__builtin___asan_alloca_poison" "sanopt" } } */
+/* { dg-final { scan-tree-dump-not "__builtin___asan_allocas_unpoison" "sanopt" } } */

gcc/testsuite/c-c++-common/asan/kasan-alloca-2.c

@@ -0,0 +1,11 @@
+/* { dg-do compile } */
+/* { dg-options "-fno-sanitize=address -fsanitize=kernel-address --param asan-instrument-allocas=1 --param asan-stack=1 -fdump-tree-sanopt" } */
+/* { dg-skip-if "" { *-*-* } { "*" } { "-O0" } } */
+
+void foo(int index, int len) {
+  char str[len];
+  str[index] = '1'; // BOOM
+}
+
+/* { dg-final { scan-tree-dump-times "__builtin___asan_alloca_poison" 1 "sanopt" } } */
+/* { dg-final { scan-tree-dump-times "__builtin___asan_allocas_unpoison" 1 "sanopt" } } */