| OLD | NEW |
|---|
| 1 // Copyright 2012 Google Inc. All Rights Reserved. | 1 // Copyright 2012 Google Inc. All Rights Reserved. |
| 2 // | 2 // |
| 3 // Licensed under the Apache License, Version 2.0 (the "License"); | 3 // Licensed under the Apache License, Version 2.0 (the "License"); |
| 4 // you may not use this file except in compliance with the License. | 4 // you may not use this file except in compliance with the License. |
| 5 // You may obtain a copy of the License at | 5 // You may obtain a copy of the License at |
| 6 // | 6 // |
| 7 // http://www.apache.org/licenses/LICENSE-2.0 | 7 // http://www.apache.org/licenses/LICENSE-2.0 |
| 8 // | 8 // |
| 9 // Unless required by applicable law or agreed to in writing, software | 9 // Unless required by applicable law or agreed to in writing, software |
| 10 // distributed under the License is distributed on an "AS IS" BASIS, | 10 // distributed under the License is distributed on an "AS IS" BASIS, |
| (...skipping 448 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 459 false, &dst[0], &src[memory_length_], 0xDEADDEAD, HEAP_BUFFER_OVERFLOW); | 459 false, &dst[0], &src[memory_length_], 0xDEADDEAD, HEAP_BUFFER_OVERFLOW); |
| 460 tester.ExpectSpecialMemoryErrorIsDetected( | 460 tester.ExpectSpecialMemoryErrorIsDetected( |
| 461 check_access_fn, MemoryAccessorTester::DIRECTION_FORWARD, | 461 check_access_fn, MemoryAccessorTester::DIRECTION_FORWARD, |
| 462 true, &dst[memory_length_], &src[0], 0xDEADDEAD, HEAP_BUFFER_OVERFLOW); | 462 true, &dst[memory_length_], &src[0], 0xDEADDEAD, HEAP_BUFFER_OVERFLOW); |
| 463 } | 463 } |
| 464 | 464 |
| 465 FreeMemoryBuffers(); | 465 FreeMemoryBuffers(); |
| 466 } | 466 } |
| 467 | 467 |
| 468 TEST_F(AsanRtlTest, AsanPrefixedSpecialInstructionCheckGoodAccess) { | 468 TEST_F(AsanRtlTest, AsanPrefixedSpecialInstructionCheckGoodAccess) { |
| 469 static const char* function_names[] = { | 469 static const char* function_names[] = {"asan_check_repz_4_byte_lods_access", |
| 470 "asan_check_repz_4_byte_movs_access", | 470 "asan_check_repz_4_byte_movs_access", |
| 471 "asan_check_repz_4_byte_cmps_access", | 471 "asan_check_repz_4_byte_cmps_access", |
| 472 "asan_check_repz_4_byte_stos_access" | 472 "asan_check_repz_4_byte_stos_access"}; |
| 473 }; | |
| 474 | 473 |
| 475 // Allocate memory space. | 474 // Allocate memory space. |
| 476 AllocMemoryBuffers(kAllocSize, sizeof(uint32_t)); | 475 AllocMemoryBuffers(kAllocSize, sizeof(uint32_t)); |
| 477 uint32_t* src = reinterpret_cast<uint32_t*>(memory_src_); | 476 uint32_t* src = reinterpret_cast<uint32_t*>(memory_src_); |
| 478 uint32_t* dst = reinterpret_cast<uint32_t*>(memory_dst_); | 477 uint32_t* dst = reinterpret_cast<uint32_t*>(memory_dst_); |
| 479 | 478 |
| 480 // Validate memory accesses. | 479 // Validate memory accesses. |
| 481 for (int32_t function = 0; function < arraysize(function_names); ++function) { | 480 for (int32_t function = 0; function < arraysize(function_names); ++function) { |
| 482 FARPROC check_access_fn = | 481 FARPROC check_access_fn = |
| 483 ::GetProcAddress(asan_rtl_, function_names[function]); | 482 ::GetProcAddress(asan_rtl_, function_names[function]); |
| 484 ASSERT_TRUE(check_access_fn != NULL); | 483 ASSERT_TRUE(check_access_fn != NULL); |
| 485 | 484 |
| 486 MemoryAccessorTester tester; | 485 MemoryAccessorTester tester; |
| 487 tester.ExpectSpecialMemoryErrorIsDetected( | 486 tester.ExpectSpecialMemoryErrorIsDetected( |
| 488 check_access_fn, MemoryAccessorTester::DIRECTION_FORWARD, | 487 check_access_fn, MemoryAccessorTester::DIRECTION_FORWARD, |
| 489 false, &dst[0], &src[0], memory_length_, UNKNOWN_BAD_ACCESS); | 488 false, &dst[0], &src[0], memory_length_, UNKNOWN_BAD_ACCESS); |
| 490 } | 489 } |
| 491 | 490 |
| 492 FreeMemoryBuffers(); | 491 FreeMemoryBuffers(); |
| 493 } | 492 } |
| 494 | 493 |
| 495 TEST_F(AsanRtlTest, AsanPrefixedSpecialInstructionCheckBadAccess) { | 494 TEST_F(AsanRtlTest, AsanPrefixedSpecialInstructionCheckBadAccess) { |
| 496 static const char* function_names[] = { | 495 static const char* function_names[] = {"asan_check_repz_4_byte_lods_access", |
| 497 "asan_check_repz_4_byte_movs_access", | 496 "asan_check_repz_4_byte_movs_access", |
| 498 "asan_check_repz_4_byte_cmps_access", | 497 "asan_check_repz_4_byte_cmps_access", |
| 499 "asan_check_repz_4_byte_stos_access" | 498 "asan_check_repz_4_byte_stos_access"}; |
| 500 }; | |
| 501 | 499 |
| 502 // Allocate memory space. | 500 // Allocate memory space. |
| 503 AllocMemoryBuffers(kAllocSize, sizeof(uint32_t)); | 501 AllocMemoryBuffers(kAllocSize, sizeof(uint32_t)); |
| 504 uint32_t* src = reinterpret_cast<uint32_t*>(memory_src_); | 502 uint32_t* src = reinterpret_cast<uint32_t*>(memory_src_); |
| 505 uint32_t* dst = reinterpret_cast<uint32_t*>(memory_dst_); | 503 uint32_t* dst = reinterpret_cast<uint32_t*>(memory_dst_); |
| 506 | 504 |
| 507 // Validate memory accesses. | 505 // Validate memory accesses. |
| 508 for (int32_t function = 0; function < arraysize(function_names); ++function) { | 506 for (int32_t function = 0; function < arraysize(function_names); ++function) { |
| 509 FARPROC check_access_fn = | 507 FARPROC check_access_fn = |
| 510 ::GetProcAddress(asan_rtl_, function_names[function]); | 508 ::GetProcAddress(asan_rtl_, function_names[function]); |
| 511 ASSERT_TRUE(check_access_fn != NULL); | 509 ASSERT_TRUE(check_access_fn != NULL); |
| 512 | 510 |
| 513 MemoryAccessorTester tester; | 511 MemoryAccessorTester tester; |
| 514 tester.ExpectSpecialMemoryErrorIsDetected( | 512 tester.ExpectSpecialMemoryErrorIsDetected( |
| 515 check_access_fn, MemoryAccessorTester::DIRECTION_FORWARD, | 513 check_access_fn, MemoryAccessorTester::DIRECTION_FORWARD, |
| 516 true, &dst[0], &src[0], memory_length_ + 1, HEAP_BUFFER_OVERFLOW); | 514 true, &dst[0], &src[0], memory_length_ + 1, HEAP_BUFFER_OVERFLOW); |
| 517 tester.ExpectSpecialMemoryErrorIsDetected( | 515 tester.ExpectSpecialMemoryErrorIsDetected( |
| 518 check_access_fn, MemoryAccessorTester::DIRECTION_FORWARD, | 516 check_access_fn, MemoryAccessorTester::DIRECTION_FORWARD, |
| 519 true, &dst[-1], &src[-1], memory_length_, HEAP_BUFFER_UNDERFLOW); | 517 true, &dst[-1], &src[-1], memory_length_, HEAP_BUFFER_UNDERFLOW); |
| 520 tester.ExpectSpecialMemoryErrorIsDetected( | 518 tester.ExpectSpecialMemoryErrorIsDetected( |
| 521 check_access_fn, MemoryAccessorTester::DIRECTION_FORWARD, | 519 check_access_fn, MemoryAccessorTester::DIRECTION_FORWARD, |
| 522 true, &dst[-1], &src[0], memory_length_, HEAP_BUFFER_UNDERFLOW); | 520 true, &dst[-1], &src[0], memory_length_, HEAP_BUFFER_UNDERFLOW); |
| 523 } | 521 } |
| 524 | 522 |
| 525 FreeMemoryBuffers(); | 523 FreeMemoryBuffers(); |
| 526 } | 524 } |
| 527 | 525 |
| 528 TEST_F(AsanRtlTest, AsanDirectionSpecialInstructionCheckGoodAccess) { | 526 TEST_F(AsanRtlTest, AsanDirectionSpecialInstructionCheckGoodAccess) { |
| 529 static const char* function_names[] = { | 527 static const char* function_names[] = {"asan_check_repz_4_byte_lods_access", |
| 530 "asan_check_repz_4_byte_movs_access", | 528 "asan_check_repz_4_byte_movs_access", |
| 531 "asan_check_repz_4_byte_cmps_access", | 529 "asan_check_repz_4_byte_cmps_access", |
| 532 "asan_check_repz_4_byte_stos_access" | 530 "asan_check_repz_4_byte_stos_access"}; |
| 533 }; | |
| 534 | 531 |
| 535 // Allocate memory space. | 532 // Allocate memory space. |
| 536 AllocMemoryBuffers(kAllocSize, sizeof(uint32_t)); | 533 AllocMemoryBuffers(kAllocSize, sizeof(uint32_t)); |
| 537 uint32_t* src = reinterpret_cast<uint32_t*>(memory_src_); | 534 uint32_t* src = reinterpret_cast<uint32_t*>(memory_src_); |
| 538 uint32_t* dst = reinterpret_cast<uint32_t*>(memory_dst_); | 535 uint32_t* dst = reinterpret_cast<uint32_t*>(memory_dst_); |
| 539 | 536 |
| 540 // Validate memory accesses. | 537 // Validate memory accesses. |
| 541 for (int32_t function = 0; function < arraysize(function_names); ++function) { | 538 for (int32_t function = 0; function < arraysize(function_names); ++function) { |
| 542 FARPROC check_access_fn = | 539 FARPROC check_access_fn = |
| 543 ::GetProcAddress(asan_rtl_, function_names[function]); | 540 ::GetProcAddress(asan_rtl_, function_names[function]); |
| 544 ASSERT_TRUE(check_access_fn != NULL); | 541 ASSERT_TRUE(check_access_fn != NULL); |
| 545 | 542 |
| 546 MemoryAccessorTester tester; | 543 MemoryAccessorTester tester; |
| 547 tester.ExpectSpecialMemoryErrorIsDetected( | 544 tester.ExpectSpecialMemoryErrorIsDetected( |
| 548 check_access_fn, MemoryAccessorTester::DIRECTION_BACKWARD, | 545 check_access_fn, MemoryAccessorTester::DIRECTION_BACKWARD, |
| 549 false, &dst[memory_length_ - 1], | 546 false, &dst[memory_length_ - 1], |
| 550 &src[memory_length_ - 1], memory_length_, | 547 &src[memory_length_ - 1], memory_length_, |
| 551 UNKNOWN_BAD_ACCESS); | 548 UNKNOWN_BAD_ACCESS); |
| 552 } | 549 } |
| 553 | 550 |
| 554 FreeMemoryBuffers(); | 551 FreeMemoryBuffers(); |
| 555 } | 552 } |
| 556 | 553 |
| 557 TEST_F(AsanRtlTest, AsanSpecialInstructionCheckZeroAccess) { | 554 TEST_F(AsanRtlTest, AsanSpecialInstructionCheckZeroAccess) { |
| 558 static const char* function_names[] = { | 555 static const char* function_names[] = {"asan_check_repz_1_byte_lods_access", |
| 559 "asan_check_repz_1_byte_movs_access", | 556 "asan_check_repz_1_byte_movs_access", |
| 560 "asan_check_repz_1_byte_cmps_access", | 557 "asan_check_repz_1_byte_cmps_access", |
| 561 "asan_check_repz_1_byte_stos_access", | 558 "asan_check_repz_1_byte_stos_access", |
| 562 "asan_check_repz_2_byte_movs_access", | 559 "asan_check_repz_2_byte_lods_access", |
| 563 "asan_check_repz_2_byte_cmps_access", | 560 "asan_check_repz_2_byte_movs_access", |
| 564 "asan_check_repz_2_byte_stos_access", | 561 "asan_check_repz_2_byte_cmps_access", |
| 565 "asan_check_repz_4_byte_movs_access", | 562 "asan_check_repz_2_byte_stos_access", |
| 566 "asan_check_repz_4_byte_cmps_access", | 563 "asan_check_repz_4_byte_lods_access", |
| 567 "asan_check_repz_4_byte_stos_access" | 564 "asan_check_repz_4_byte_movs_access", |
| 568 }; | 565 "asan_check_repz_4_byte_cmps_access", |
| 566 "asan_check_repz_4_byte_stos_access"}; |
| 569 | 567 |
| 570 // Allocate memory space. | 568 // Allocate memory space. |
| 571 AllocMemoryBuffers(kAllocSize, sizeof(uint32_t)); | 569 AllocMemoryBuffers(kAllocSize, sizeof(uint32_t)); |
| 572 uint32_t* src = reinterpret_cast<uint32_t*>(memory_src_); | 570 uint32_t* src = reinterpret_cast<uint32_t*>(memory_src_); |
| 573 uint32_t* dst = reinterpret_cast<uint32_t*>(memory_dst_); | 571 uint32_t* dst = reinterpret_cast<uint32_t*>(memory_dst_); |
| 574 | 572 |
| 575 // Validate memory accesses. | 573 // Validate memory accesses. |
| 576 for (int32_t function = 0; function < arraysize(function_names); ++function) { | 574 for (int32_t function = 0; function < arraysize(function_names); ++function) { |
| 577 FARPROC check_access_fn = | 575 FARPROC check_access_fn = |
| 578 ::GetProcAddress(asan_rtl_, function_names[function]); | 576 ::GetProcAddress(asan_rtl_, function_names[function]); |
| 579 ASSERT_TRUE(check_access_fn != NULL); | 577 ASSERT_TRUE(check_access_fn != NULL); |
| 580 | 578 |
| 581 // A prefixed instruction with a count of zero do not have side effects. | 579 // A prefixed instruction with a count of zero do not have side effects. |
| 582 MemoryAccessorTester tester; | 580 MemoryAccessorTester tester; |
| 583 tester.ExpectSpecialMemoryErrorIsDetected( | 581 tester.ExpectSpecialMemoryErrorIsDetected( |
| 584 check_access_fn, MemoryAccessorTester::DIRECTION_FORWARD, | 582 check_access_fn, MemoryAccessorTester::DIRECTION_FORWARD, |
| 585 false, &dst[-1], &src[-1], 0, UNKNOWN_BAD_ACCESS); | 583 false, &dst[-1], &src[-1], 0, UNKNOWN_BAD_ACCESS); |
| 586 } | 584 } |
| 587 | 585 |
| 588 FreeMemoryBuffers(); | 586 FreeMemoryBuffers(); |
| 589 } | 587 } |
| 590 | 588 |
| 591 TEST_F(AsanRtlTest, AsanSpecialInstructionCheckShortcutAccess) { | 589 TEST_F(AsanRtlTest, AsanSpecialInstructionCheckShortcutAccess) { |
| 592 static const char* function_names[] = { | 590 static const char* function_names[] = { |
| 591 "asan_check_repz_1_byte_lods_access", |
| 593 "asan_check_repz_1_byte_cmps_access", | 592 "asan_check_repz_1_byte_cmps_access", |
| 594 "asan_check_repz_2_byte_cmps_access", | 593 "asan_check_repz_2_byte_cmps_access", |
| 595 "asan_check_repz_4_byte_cmps_access", | 594 "asan_check_repz_4_byte_cmps_access", |
| 596 }; | 595 }; |
| 597 | 596 |
| 598 // Allocate memory space. | 597 // Allocate memory space. |
| 599 AllocMemoryBuffers(kAllocSize, sizeof(uint32_t)); | 598 AllocMemoryBuffers(kAllocSize, sizeof(uint32_t)); |
| 600 uint32_t* src = reinterpret_cast<uint32_t*>(memory_src_); | 599 uint32_t* src = reinterpret_cast<uint32_t*>(memory_src_); |
| 601 uint32_t* dst = reinterpret_cast<uint32_t*>(memory_dst_); | 600 uint32_t* dst = reinterpret_cast<uint32_t*>(memory_dst_); |
| 602 | 601 |
| (...skipping 59 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 662 EXPECT_EQ("Enabled", experiments["SyzyASANLargeBlockHeap"]); | 661 EXPECT_EQ("Enabled", experiments["SyzyASANLargeBlockHeap"]); |
| 663 EXPECT_EQ("Disabled", experiments["SyzyASANCrashpad"]); | 662 EXPECT_EQ("Disabled", experiments["SyzyASANCrashpad"]); |
| 664 | 663 |
| 665 // This implicitly asserts the full contents of the map by asserting | 664 // This implicitly asserts the full contents of the map by asserting |
| 666 // on the size after looking up the expected keys. | 665 // on the size after looking up the expected keys. |
| 667 EXPECT_EQ(3U, experiments.size()); | 666 EXPECT_EQ(3U, experiments.size()); |
| 668 } | 667 } |
| 669 | 668 |
| 670 } // namespace asan | 669 } // namespace asan |
| 671 } // namespace agent | 670 } // namespace agent |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 2324763003:
[SyzyASAN] Add support for LODS instruction. (Closed)
