gcc - __asan_poison_memory_region 不起作用
问题描述
我正在尝试allow_user_poisoning
AddressSanitizer 的功能。这是一个简单的复制器:
#include <stdlib.h>
#include <stdio.h>
void __asan_poison_memory_region(void *p, int n);
void unit_test_2(void)
{
int *p;
p = (int *)malloc(sizeof(int));
__asan_poison_memory_region(p, sizeof(int));
*p = 1;
printf("%p:%d\n", p, *p);
return;
}
ASAN 的调试日志说
==32232==AddressSanitizer Init done
Trying to poison memory region [0x00000147a040, 0x00000147a044)
0x147a040:1
ASAN 试图毒化内存,但保护不起作用:数据被错误地写入毒化地址,而不是报告无效访问。
我误解__asan_poison_memory_region
或错过了什么吗?
解决方案
您在Asan 常见问题解答中遇到以下问题:
Q: Why didn't ASan report an obviously invalid memory access in my code?
A1: If your errors is too obvious, compiler might have already optimized
it out by the time Asan runs.
如果您查看汇编代码,您会看到编译器 const-propagated 分配*p
要printf
调用:
mov DWORD PTR [rbx], 1
mov rsi, rbx
mov edx, 1
pop rbx
mov edi, OFFSET FLAT:.LC0
xor eax, eax
jmp printf