This is an archive of the discontinued LLVM Phabricator instance.

Differential D12709

[PATCH] [sanitizers] [msan] Enable MSAN for aarch64
ClosedPublic

Authored by zatrazz on Sep 8 2015, 2:18 PM.

Details

Reviewers
kcc
rengolin
t.p.northover
dvyukov
eugenis
pcc
Summary

This patch enabled msan for aarch64 with 39-bit VMA and 42-bit VMA.
As defined by lib/msan/msan.h the memory layout used is for 39-bit is:

00 0000 0000 - 40 0000 0000:  invalid
40 0000 0000 - 43 0000 0000:  shadow
43 0000 0000 - 46 0000 0000:  origin
46 0000 0000 - 55 0000 0000:  invalid
55 0000 0000 - 56 0000 0000:  app (low)
56 0000 0000 - 70 0000 0000:  invalid
70 0000 0000 - 80 0000 0000:  app (high)

And for 42-bit VMA:

000 0000 0000 - 100 0000 0000:  invalid
100 0000 0000 - 11b 0000 0000:  shadow
11b 0000 0000 - 120 0000 0000:  invalid
120 0000 0000 - 13b 0000 0000:  origin
13b 0000 0000 - 2aa 0000 0000:  invalid
2aa 0000 0000 - 2ab 0000 0000:  app (low)
2ab 0000 0000 - 3f0 0000 0000:  invalid
3f0 0000 0000 - 400 0000 0000:  app (high)

Most of tests are passing with exception of:

  • Linux/mallinfo.cc
  • chained_origin_limits.cc
  • dlerror.cc
  • param_tls_limit.cc
  • signal_stress_test.cc
  • nonnull-arg.cpp

The 'Linux/mallinfo.cc' is due the fact AArch64 returns the sret in 'x8'
instead of default first argument 'x1'. So a function prototype that
aims to mimic (by using first argument as the return of function) won't
work. For GCC one can make a register alias (register var asm ("r8")), but
for clang it detects it an unused variable and generate wrong code.

The 'chained_origin_limits' is probably due a wrong code generation,
since it fails only when origin memory is used
(-fsanitize-memory-track-origins=2) and only in the returned code
(return buf[50]).

The 'signal_streess_test' and 'nonnull-arg' are due currently missing variadic
argument handling in memory sanitizer code instrumentation on LLVM side.

Both 'dlerror' and 'param_tls_test' are unknown failures that require
further investigation.

All the failures are XFAIL for aarch64 for now.

Diff Detail

Event Timeline

zatrazz updated this revision to Diff 34263.Sep 8 2015, 2:18 PM
zatrazz retitled this revision from to [PATCH] [sanitizers] [msan] Enable MSAN for aarch64.
zatrazz updated this object.
zatrazz added reviewers: kcc, rengolin, dvyukov, eugenis, pcc.
zatrazz added a subscriber: llvm-commits.
Herald added subscribers: rengolin, aemerson. · View Herald TranscriptSep 8 2015, 2:18 PM
rengolin edited edge metadata.Sep 9 2015, 3:54 AM

Hi Adhemerval,

About named register variables, if you use the variable in a piece of inline asm, it works in LLVM, too. If you just declare it, Clang ignores and LLVM optimises it away.

cheers,
--renato

rengolin added a reviewer: t.p.northover.Sep 9 2015, 4:01 AM

Adding Tim as a reviewer for the Darwin part of the XFAILs.

lib/msan/msan_interceptors.cc
254

implement this in asm and it will work on both gcc and clang.

test/msan/chained_origin_limits.cc
65

I think this is "arm64" for Darwin. It'd be good if someone could test this in Darwin and make sure we need the same XFAILs, and if so, we should add their arch-name, too.

test/msan/strlen_of_shadow.cc
26

Can't you re-use the one you have above? Maybe this should even be in compiler-rt?

test/sanitizer_common/TestCases/Linux/ptrace.cc
82

#endif // (aarch64)

zatrazz added a comment.Sep 9 2015, 5:45 AM
In D12709#242292, @rengolin wrote:

Hi Adhemerval,

About named register variables, if you use the variable in a piece of inline asm, it works in LLVM, too. If you just declare it, Clang ignores and LLVM optimises it away.

cheers,
--renato

In this case the variable will not be used for attribution , but instead to catch the value of 'x8'. My understanding is clang should not mark the variable as unused if it is used as a named register variable, otherwise it will not be able to catch registers values as is in function calling.

Another option that came to my mind is to use an volatile inline assembly to explicit get the register value:

INTERCEPTOR(void, mallinfo, __sanitizer_mallinfo *sret) {
#ifdef __aarch64__
  uptr r8;
  asm volatile("mov %0,x8" : "=r" (r8));
  sret = reinterpret_cast<__sanitizer_mallinfo*>(r8);
#endif
  REAL(memset)(sret, 0, sizeof(*sret));
  __msan_unpoison(sret, sizeof(*sret));
}

This works and make the test pass. I will use it instead.

zatrazz added inline comments.Sep 9 2015, 5:49 AM
test/msan/strlen_of_shadow.cc
26

This is for tests only, so I see the best option to add on 'test/msan/test.h'. I will change it.

rengolin added a comment.Sep 9 2015, 5:57 AM
In D12709#242337, @zatrazz wrote:

In this case the variable will not be used for attribution , but instead to catch the value of 'x8'. My understanding is clang should not mark the variable as unused if it is used as a named register variable, otherwise it will not be able to catch registers values as is in function calling.

This is a lost battle, let's not go there.

Another option that came to my mind is to use an volatile inline assembly to explicit get the register value:

Yup, that's what I was referring to.

uptr r8;
asm volatile("mov %0,x8" : "=r" (r8));
sret = reinterpret_cast<__sanitizer_mallinfo*>(r8);

You can use named registers here:

register uptr x8 asm("x8");
asm volatile("mov %0, %1\n" : "=r" (sret), "r" (x8));
zatrazz updated this revision to Diff 34334.Sep 9 2015, 7:27 AM
zatrazz edited edge metadata.

Updated patch with rengolin comments.

rengolin added a comment.Sep 15 2015, 7:52 AM

One comment inline, another here:

Could you add a comment to the XFAILs stating very briefly what's wrong with it? I'd like to know what's an error you think you can fix it versus one that cannot be implemented due to hardware / architecture restrictions. Even if they all fall into temporary errors, would be good to know what exactly is breaking, to make it easier for people to pick them up and fix them, or even if some unrelated patch does fix them, they can know it's not unrelated after all.

I guess about Darwin names, we shall see if it breaks the Darwin bots.

cheers,
--renato

test/msan/strlen_of_shadow.cc
31

Can't you just use the macro for now?

zatrazz added a comment.Sep 15 2015, 12:18 PM
In D12709#246157, @rengolin wrote:

One comment inline, another here:

Which macro do you mean ?

Could you add a comment to the XFAILs stating very briefly what's wrong with it? I'd like to know what's an error you think you can fix it versus one that cannot be implemented due to hardware / architecture restrictions. Even if they all fall into temporary errors, would be good to know what exactly is breaking, to make it easier for people to pick them up and fix them, or even if some unrelated patch does fix them, they can know it's not unrelated after all.

Right, I will add comment about the failures reason (the ones I debugged at least).

I guess about Darwin names, we shall see if it breaks the Darwin bots.

cheers,
--renato

rengolin added inline comments.Sep 15 2015, 12:25 PM
test/msan/strlen_of_shadow.cc
31

Something like:

#elif defined(__aarch64__)
  #if SANITIZER_AARCH64_VMA == 39
  #define LINEARIZE_MEM(mem) (((uintptr_t)(mem) & ~0x7C00000000ULL) ^ 0x100000000ULL)
  #else
  #define LINEARIZE_MEM(mem) (((uintptr_t)(mem) & ~0x3E000000000ULL) ^ 0x1000000000ULL)
  #endif
return (char *)(LINEARIZE_MEM(p) + 0x4000000000ULL);
...
zatrazz added inline comments.Sep 15 2015, 12:50 PM
test/msan/strlen_of_shadow.cc
31

SANITIZER_AARCH64_VMA is used within compiler-rt itself, not exported for tests.

rengolin accepted this revision.Sep 15 2015, 1:16 PM
rengolin edited edge metadata.

Right, ok. LGTM with the extra comments on the FIXME lines.

This revision is now accepted and ready to land.Sep 15 2015, 1:16 PM
eugenis added inline comments.Sep 15 2015, 3:12 PM
lib/sanitizer_common/sanitizer_platform_limits_posix.cc
332

did you mean PT_GETFPREGS here and PT_GETFPXREGS below?

lib/sanitizer_common/sanitizer_stacktrace.h
22

Oh, are you saying the current fast unwind implementation simply works on aarch64? Nice.

zatrazz added inline comments.Sep 16 2015, 6:16 AM
lib/sanitizer_common/sanitizer_platform_limits_posix.cc
332

Yes and '#if defined(PT_GETFPXREGS) && defined(PT_SETFPXREGS)' below as well. I will fix it.

lib/sanitizer_common/sanitizer_stacktrace.h
22

I saw no regressions or failures tests that indicate otherwise. In fact it fixes 'MemorySanitizer :: fork.cc' which stucks in _Unwind_Backtrace from libgcc with SlowUnwinder.

zatrazz closed this revision.Sep 16 2015, 8:13 AM

Revision Contents

PathSize
cmake/
2 lines
lib/
msan/
41 lines
10 lines
10 lines
sanitizer_common/
4 lines
2 lines
2 lines
26 lines
3 lines
test/
msan/
2 lines
2 lines
16 lines
3 lines
2 lines
2 lines
18 lines
15 lines
sanitizer_common/
TestCases/
Linux/
26 lines
ubsan/
TestCases/
Misc/
10 lines

Diff 34334

cmake/config-ix.cmake

Show First 20 LinesShow All 255 Lines▼ Show 20 Lines
set(ALL_BUILTIN_SUPPORTED_ARCH i386 i686 ${X86_64} ${ARM32} ${ARM64}) set(ALL_BUILTIN_SUPPORTED_ARCH i386 i686 ${X86_64} ${ARM32} ${ARM64})
set(ALL_SANITIZER_COMMON_SUPPORTED_ARCH ${X86_64} i386 i686 powerpc64 set(ALL_SANITIZER_COMMON_SUPPORTED_ARCH ${X86_64} i386 i686 powerpc64
powerpc64le ${ARM32} ${ARM64} mips mips64 mipsel mips64el) powerpc64le ${ARM32} ${ARM64} mips mips64 mipsel mips64el)
set(ALL_ASAN_SUPPORTED_ARCH ${X86_64} i386 i686 powerpc64 powerpc64le ${ARM32} set(ALL_ASAN_SUPPORTED_ARCH ${X86_64} i386 i686 powerpc64 powerpc64le ${ARM32}
${ARM64} mips mipsel mips64 mips64el) ${ARM64} mips mipsel mips64 mips64el)
set(ALL_DFSAN_SUPPORTED_ARCH ${X86_64} mips64 mips64el ${ARM64}) set(ALL_DFSAN_SUPPORTED_ARCH ${X86_64} mips64 mips64el ${ARM64})
set(ALL_LSAN_SUPPORTED_ARCH ${X86_64} mips64 mips64el) set(ALL_LSAN_SUPPORTED_ARCH ${X86_64} mips64 mips64el)
set(ALL_MSAN_SUPPORTED_ARCH ${X86_64} mips64 mips64el) set(ALL_MSAN_SUPPORTED_ARCH ${X86_64} mips64 mips64el ${ARM64})
set(ALL_PROFILE_SUPPORTED_ARCH ${X86_64} i386 i686 ${ARM32} mips mips64 set(ALL_PROFILE_SUPPORTED_ARCH ${X86_64} i386 i686 ${ARM32} mips mips64
mipsel mips64el ${ARM64} powerpc64 powerpc64le) mipsel mips64el ${ARM64} powerpc64 powerpc64le)
set(ALL_TSAN_SUPPORTED_ARCH ${X86_64} mips64 mips64el ${ARM64}) set(ALL_TSAN_SUPPORTED_ARCH ${X86_64} mips64 mips64el ${ARM64})
set(ALL_UBSAN_SUPPORTED_ARCH ${X86_64} i386 i686 ${ARM32} ${ARM64} mips set(ALL_UBSAN_SUPPORTED_ARCH ${X86_64} i386 i686 ${ARM32} ${ARM64} mips
mipsel mips64 mips64el powerpc64 powerpc64le) mipsel mips64 mips64el powerpc64 powerpc64le)
set(ALL_SAFESTACK_SUPPORTED_ARCH ${X86_64} i386 i686) set(ALL_SAFESTACK_SUPPORTED_ARCH ${X86_64} i386 i686)
if(APPLE) if(APPLE)
▲ Show 20 LinesShow All 260 LinesShow Last 20 Lines

lib/msan/msan.h

Show First 20 LinesShow All 46 Lines▼ Show 20 Linesconst MappingDesc kMemoryLayout[] = {
{0x000000000000ULL, 0x00a000000000ULL, MappingDesc::INVALID, "invalid"}, {0x000000000000ULL, 0x00a000000000ULL, MappingDesc::INVALID, "invalid"},
{0x00a000000000ULL, 0x00c000000000ULL, MappingDesc::SHADOW, "shadow"}, {0x00a000000000ULL, 0x00c000000000ULL, MappingDesc::SHADOW, "shadow"},
{0x00c000000000ULL, 0x00e000000000ULL, MappingDesc::ORIGIN, "origin"}, {0x00c000000000ULL, 0x00e000000000ULL, MappingDesc::ORIGIN, "origin"},
{0x00e000000000ULL, 0x010000000000ULL, MappingDesc::APP, "app"}}; {0x00e000000000ULL, 0x010000000000ULL, MappingDesc::APP, "app"}};
#define MEM_TO_SHADOW(mem) (((uptr)(mem)) & ~0x4000000000ULL) #define MEM_TO_SHADOW(mem) (((uptr)(mem)) & ~0x4000000000ULL)
#define SHADOW_TO_ORIGIN(shadow) (((uptr)(shadow)) + 0x002000000000) #define SHADOW_TO_ORIGIN(shadow) (((uptr)(shadow)) + 0x002000000000)
#elif SANITIZER_LINUX && defined(__aarch64__)
# if SANITIZER_AARCH64_VMA == 39
const MappingDesc kMemoryLayout[] = {
{0x0000000000ULL, 0x4000000000ULL, MappingDesc::INVALID, "invalid"},
{0x4000000000ULL, 0x4300000000ULL, MappingDesc::SHADOW, "shadow"},
{0x4300000000ULL, 0x4600000000ULL, MappingDesc::ORIGIN, "origin"},
{0x4600000000ULL, 0x5500000000ULL, MappingDesc::INVALID, "invalid"},
{0x5500000000ULL, 0x5600000000ULL, MappingDesc::APP, "app"},
{0x5600000000ULL, 0x7000000000ULL, MappingDesc::INVALID, "invalid"},
{0x7000000000ULL, 0x8000000000ULL, MappingDesc::APP, "app"}
};
// Maps low and high app ranges to contiguous space with zero base:
// Low: 55 0000 0000 - 55 ffff ffff -> 1 0000 0000 - 1 ffff ffff
// High: 70 0000 0000 - 7f ffff ffff -> 0 0000 0000 - f ffff ffff
# define LINEARIZE_MEM(mem) \
(((uptr)(mem) & ~0x7C00000000ULL) ^ 0x100000000ULL)
# define MEM_TO_SHADOW(mem) (LINEARIZE_MEM((mem)) + 0x4000000000ULL)
# define SHADOW_TO_ORIGIN(shadow) (((uptr)(shadow)) + 0x300000000ULL)
# elif SANITIZER_AARCH64_VMA == 42
const MappingDesc kMemoryLayout[] = {
{0x00000000000ULL, 0x10000000000ULL, MappingDesc::INVALID, "invalid"},
{0x10000000000ULL, 0x11b00000000ULL, MappingDesc::SHADOW, "shadow"},
{0x11b00000000ULL, 0x12000000000ULL, MappingDesc::INVALID, "invalid"},
{0x12000000000ULL, 0x13b00000000ULL, MappingDesc::ORIGIN, "origin"},
{0x13b00000000ULL, 0x2aa00000000ULL, MappingDesc::INVALID, "invalid"},
{0x2aa00000000ULL, 0x2ab00000000ULL, MappingDesc::APP, "app"},
{0x2ab00000000ULL, 0x3f000000000ULL, MappingDesc::INVALID, "invalid"},
{0x3f000000000ULL, 0x40000000000ULL, MappingDesc::APP, "app"},
};
// Maps low and high app ranges to contigous space with zero base:
// 2 aa00 0000 00 - 2 ab00 0000 00: -> 1a00 0000 00 - 1aff ffff ff
// 3 f000 0000 00 - 4 0000 0000 00: -> 0000 0000 00 - 0fff ffff ff
# define LINEARIZE_MEM(mem) \
(((uptr)(mem) & ~0x3E000000000ULL) ^ 0x1000000000ULL)
# define MEM_TO_SHADOW(mem) (LINEARIZE_MEM((mem)) + 0x10000000000ULL)
# define SHADOW_TO_ORIGIN(shadow) (((uptr)(shadow)) + 0x2000000000ULL)
# endif // SANITIZER_AARCH64_VMA
#elif SANITIZER_LINUX && defined(__powerpc64__) #elif SANITIZER_LINUX && defined(__powerpc64__)
const MappingDesc kMemoryLayout[] = { const MappingDesc kMemoryLayout[] = {
{0x000000000000ULL, 0x000100000000ULL, MappingDesc::APP, "low memory"}, {0x000000000000ULL, 0x000100000000ULL, MappingDesc::APP, "low memory"},
{0x000100000000ULL, 0x080000000000ULL, MappingDesc::INVALID, "invalid"}, {0x000100000000ULL, 0x080000000000ULL, MappingDesc::INVALID, "invalid"},
{0x080000000000ULL, 0x180100000000ULL, MappingDesc::SHADOW, "shadow"}, {0x080000000000ULL, 0x180100000000ULL, MappingDesc::SHADOW, "shadow"},
{0x180100000000ULL, 0x1C0000000000ULL, MappingDesc::INVALID, "invalid"}, {0x180100000000ULL, 0x1C0000000000ULL, MappingDesc::INVALID, "invalid"},
{0x1C0000000000ULL, 0x2C0100000000ULL, MappingDesc::ORIGIN, "origin"}, {0x1C0000000000ULL, 0x2C0100000000ULL, MappingDesc::ORIGIN, "origin"},
▲ Show 20 LinesShow All 176 LinesShow Last 20 Lines

lib/msan/msan_allocator.cc

Show First 20 LinesShow All 61 Lines▼ Show 20 Lines#elif defined(__powerpc64__)
static const uptr kAllocatorSpace = 0x300000000000; static const uptr kAllocatorSpace = 0x300000000000;
static const uptr kAllocatorSize = 0x020000000000; // 2T static const uptr kAllocatorSize = 0x020000000000; // 2T
static const uptr kMetadataSize = sizeof(Metadata); static const uptr kMetadataSize = sizeof(Metadata);
static const uptr kMaxAllowedMallocSize = 2UL << 30; // 2G static const uptr kMaxAllowedMallocSize = 2UL << 30; // 2G
typedef SizeClassAllocator64<kAllocatorSpace, kAllocatorSize, kMetadataSize, typedef SizeClassAllocator64<kAllocatorSpace, kAllocatorSize, kMetadataSize,
DefaultSizeClassMap, DefaultSizeClassMap,
MsanMapUnmapCallback> PrimaryAllocator; MsanMapUnmapCallback> PrimaryAllocator;
#elif defined(__aarch64__)
static const uptr kMaxAllowedMallocSize = 2UL << 30; // 2G
static const uptr kRegionSizeLog = 20;
static const uptr kNumRegions = SANITIZER_MMAP_RANGE_SIZE >> kRegionSizeLog;
typedef TwoLevelByteMap<(kNumRegions >> 12), 1 << 12> ByteMap;
typedef CompactSizeClassMap SizeClassMap;
typedef SizeClassAllocator32<0, SANITIZER_MMAP_RANGE_SIZE, sizeof(Metadata),
SizeClassMap, kRegionSizeLog, ByteMap,
MsanMapUnmapCallback> PrimaryAllocator;
#endif #endif
typedef SizeClassAllocatorLocalCache<PrimaryAllocator> AllocatorCache; typedef SizeClassAllocatorLocalCache<PrimaryAllocator> AllocatorCache;
typedef LargeMmapAllocator<MsanMapUnmapCallback> SecondaryAllocator; typedef LargeMmapAllocator<MsanMapUnmapCallback> SecondaryAllocator;
typedef CombinedAllocator<PrimaryAllocator, AllocatorCache, typedef CombinedAllocator<PrimaryAllocator, AllocatorCache,
SecondaryAllocator> Allocator; SecondaryAllocator> Allocator;
static Allocator allocator; static Allocator allocator;
static AllocatorCache fallback_allocator_cache; static AllocatorCache fallback_allocator_cache;
▲ Show 20 LinesShow All 159 LinesShow Last 20 Lines

lib/msan/msan_interceptors.cc

Show First 20 LinesShow All 239 Lines▼ Show 20 Lines
#endif #endif
INTERCEPTOR(uptr, malloc_usable_size, void *ptr) { INTERCEPTOR(uptr, malloc_usable_size, void *ptr) {
return __sanitizer_get_allocated_size(ptr); return __sanitizer_get_allocated_size(ptr);
} }
#if !SANITIZER_FREEBSD #if !SANITIZER_FREEBSD
// This function actually returns a struct by value, but we can't unpoison a // This function actually returns a struct by value, but we can't unpoison a
// temporary! The following is equivalent on all supported platforms, and we // temporary! The following is equivalent on all supported platforms but
// have a test to confirm that. // aarch64 (which uses a different register for sret value). We have a test
// to confirm that.
INTERCEPTOR(void, mallinfo, __sanitizer_mallinfo *sret) { INTERCEPTOR(void, mallinfo, __sanitizer_mallinfo *sret) {
#ifdef __aarch64__
uptr r8;
asm volatile("mov %0,x8" : "=r" (r8));
rengolinUnsubmitted
Not Done
ReplyInline Actions

implement this in asm and it will work on both gcc and clang.

rengolin: implement this in asm and it will work on both gcc and clang.
sret = reinterpret_cast<__sanitizer_mallinfo*>(r8);
#endif
REAL(memset)(sret, 0, sizeof(*sret)); REAL(memset)(sret, 0, sizeof(*sret));
__msan_unpoison(sret, sizeof(*sret)); __msan_unpoison(sret, sizeof(*sret));
} }
#define MSAN_MAYBE_INTERCEPT_MALLINFO INTERCEPT_FUNCTION(mallinfo) #define MSAN_MAYBE_INTERCEPT_MALLINFO INTERCEPT_FUNCTION(mallinfo)
#else #else
#define MSAN_MAYBE_INTERCEPT_MALLINFO #define MSAN_MAYBE_INTERCEPT_MALLINFO
#endif #endif
▲ Show 20 LinesShow All 1,373 LinesShow Last 20 Lines

lib/sanitizer_common/sanitizer_common_syscalls.inc

Show First 20 LinesShow All 2,295 Lines▼ Show 20 Lines
PRE_SYSCALL(ni_syscall)() {} PRE_SYSCALL(ni_syscall)() {}
POST_SYSCALL(ni_syscall)(long res) {} POST_SYSCALL(ni_syscall)(long res) {}
PRE_SYSCALL(ptrace)(long request, long pid, long addr, long data) { PRE_SYSCALL(ptrace)(long request, long pid, long addr, long data) {
#if !SANITIZER_ANDROID && \ #if !SANITIZER_ANDROID && \
(defined(__i386) || defined(__x86_64) || defined(__mips64) || \ (defined(__i386) || defined(__x86_64) || defined(__mips64) || \
defined(__powerpc64__)) defined(__powerpc64__) || defined(__aarch64__))
if (data) { if (data) {
if (request == ptrace_setregs) { if (request == ptrace_setregs) {
PRE_READ((void *)data, struct_user_regs_struct_sz); PRE_READ((void *)data, struct_user_regs_struct_sz);
} else if (request == ptrace_setfpregs) { } else if (request == ptrace_setfpregs) {
PRE_READ((void *)data, struct_user_fpregs_struct_sz); PRE_READ((void *)data, struct_user_fpregs_struct_sz);
} else if (request == ptrace_setfpxregs) { } else if (request == ptrace_setfpxregs) {
PRE_READ((void *)data, struct_user_fpxregs_struct_sz); PRE_READ((void *)data, struct_user_fpxregs_struct_sz);
} else if (request == ptrace_setsiginfo) { } else if (request == ptrace_setsiginfo) {
PRE_READ((void *)data, siginfo_t_sz); PRE_READ((void *)data, siginfo_t_sz);
} else if (request == ptrace_setregset) { } else if (request == ptrace_setregset) {
__sanitizer_iovec *iov = (__sanitizer_iovec *)data; __sanitizer_iovec *iov = (__sanitizer_iovec *)data;
PRE_READ(iov->iov_base, iov->iov_len); PRE_READ(iov->iov_base, iov->iov_len);
} }
} }
#endif #endif
} }
POST_SYSCALL(ptrace)(long res, long request, long pid, long addr, long data) { POST_SYSCALL(ptrace)(long res, long request, long pid, long addr, long data) {
#if !SANITIZER_ANDROID && \ #if !SANITIZER_ANDROID && \
(defined(__i386) || defined(__x86_64) || defined(__mips64) || \ (defined(__i386) || defined(__x86_64) || defined(__mips64) || \
defined(__powerpc64__)) defined(__powerpc64__) || defined(__aarch64__))
if (res >= 0 && data) { if (res >= 0 && data) {
// Note that this is different from the interceptor in // Note that this is different from the interceptor in
// sanitizer_common_interceptors.inc. // sanitizer_common_interceptors.inc.
// PEEK* requests return resulting values through data pointer. // PEEK* requests return resulting values through data pointer.
if (request == ptrace_getregs) { if (request == ptrace_getregs) {
POST_WRITE((void *)data, struct_user_regs_struct_sz); POST_WRITE((void *)data, struct_user_regs_struct_sz);
} else if (request == ptrace_getfpregs) { } else if (request == ptrace_getfpregs) {
POST_WRITE((void *)data, struct_user_fpregs_struct_sz); POST_WRITE((void *)data, struct_user_fpregs_struct_sz);
▲ Show 20 LinesShow All 523 LinesShow Last 20 Lines

lib/sanitizer_common/sanitizer_platform_interceptors.h

Show First 20 LinesShow All 127 Lines▼ Show 20 Lines
#define SANITIZER_INTERCEPT_GETPEERNAME SI_NOT_WINDOWS #define SANITIZER_INTERCEPT_GETPEERNAME SI_NOT_WINDOWS
#define SANITIZER_INTERCEPT_IOCTL SI_NOT_WINDOWS #define SANITIZER_INTERCEPT_IOCTL SI_NOT_WINDOWS
#define SANITIZER_INTERCEPT_INET_ATON SI_NOT_WINDOWS #define SANITIZER_INTERCEPT_INET_ATON SI_NOT_WINDOWS
#define SANITIZER_INTERCEPT_SYSINFO SI_LINUX #define SANITIZER_INTERCEPT_SYSINFO SI_LINUX
#define SANITIZER_INTERCEPT_READDIR SI_NOT_WINDOWS #define SANITIZER_INTERCEPT_READDIR SI_NOT_WINDOWS
#define SANITIZER_INTERCEPT_READDIR64 SI_LINUX_NOT_ANDROID #define SANITIZER_INTERCEPT_READDIR64 SI_LINUX_NOT_ANDROID
#define SANITIZER_INTERCEPT_PTRACE SI_LINUX_NOT_ANDROID && \ #define SANITIZER_INTERCEPT_PTRACE SI_LINUX_NOT_ANDROID && \
(defined(__i386) || defined(__x86_64) || defined(__mips64) || \ (defined(__i386) || defined(__x86_64) || defined(__mips64) || \
defined(__powerpc64__)) defined(__powerpc64__) || defined(__aarch64__))
#define SANITIZER_INTERCEPT_SETLOCALE SI_NOT_WINDOWS #define SANITIZER_INTERCEPT_SETLOCALE SI_NOT_WINDOWS
#define SANITIZER_INTERCEPT_GETCWD SI_NOT_WINDOWS #define SANITIZER_INTERCEPT_GETCWD SI_NOT_WINDOWS
#define SANITIZER_INTERCEPT_GET_CURRENT_DIR_NAME SI_LINUX_NOT_ANDROID #define SANITIZER_INTERCEPT_GET_CURRENT_DIR_NAME SI_LINUX_NOT_ANDROID
#define SANITIZER_INTERCEPT_STRTOIMAX SI_NOT_WINDOWS #define SANITIZER_INTERCEPT_STRTOIMAX SI_NOT_WINDOWS
#define SANITIZER_INTERCEPT_MBSTOWCS SI_NOT_WINDOWS #define SANITIZER_INTERCEPT_MBSTOWCS SI_NOT_WINDOWS
#define SANITIZER_INTERCEPT_MBSNRTOWCS SI_MAC || SI_LINUX_NOT_ANDROID #define SANITIZER_INTERCEPT_MBSNRTOWCS SI_MAC || SI_LINUX_NOT_ANDROID
#define SANITIZER_INTERCEPT_WCSTOMBS SI_NOT_WINDOWS #define SANITIZER_INTERCEPT_WCSTOMBS SI_NOT_WINDOWS
#define SANITIZER_INTERCEPT_WCSNRTOMBS \ #define SANITIZER_INTERCEPT_WCSNRTOMBS \
▲ Show 20 LinesShow All 119 LinesShow Last 20 Lines

lib/sanitizer_common/sanitizer_platform_limits_posix.h

Show First 20 LinesShow All 718 Lines▼ Show 20 Lines
# define SANITIZER_HAS_STRUCT_FILE 1 # define SANITIZER_HAS_STRUCT_FILE 1
#else #else
typedef void __sanitizer_FILE; typedef void __sanitizer_FILE;
# define SANITIZER_HAS_STRUCT_FILE 0 # define SANITIZER_HAS_STRUCT_FILE 0
#endif #endif
#if SANITIZER_LINUX && !SANITIZER_ANDROID && \ #if SANITIZER_LINUX && !SANITIZER_ANDROID && \
(defined(__i386) || defined(__x86_64) || defined(__mips64) || \ (defined(__i386) || defined(__x86_64) || defined(__mips64) || \
defined(__powerpc64__)) defined(__powerpc64__) || defined(__aarch64__))
extern unsigned struct_user_regs_struct_sz; extern unsigned struct_user_regs_struct_sz;
extern unsigned struct_user_fpregs_struct_sz; extern unsigned struct_user_fpregs_struct_sz;
extern unsigned struct_user_fpxregs_struct_sz; extern unsigned struct_user_fpxregs_struct_sz;
extern int ptrace_peektext; extern int ptrace_peektext;
extern int ptrace_peekdata; extern int ptrace_peekdata;
extern int ptrace_peekuser; extern int ptrace_peekuser;
extern int ptrace_getregs; extern int ptrace_getregs;
▲ Show 20 LinesShow All 620 LinesShow Last 20 Lines

lib/sanitizer_common/sanitizer_platform_limits_posix.cc

Show First 20 LinesShow All 113 Lines▼ Show 20 Lines
#if SANITIZER_FREEBSD || SANITIZER_IOS #if SANITIZER_FREEBSD || SANITIZER_IOS
#undef IOC_DIRMASK #undef IOC_DIRMASK
#endif #endif
#if SANITIZER_LINUX || SANITIZER_FREEBSD #if SANITIZER_LINUX || SANITIZER_FREEBSD
# include <utime.h> # include <utime.h>
# include <sys/ptrace.h> # include <sys/ptrace.h>
# if defined(__mips64) # if defined(__mips64) || defined(__aarch64__)
# include <asm/ptrace.h> # include <asm/ptrace.h>
# endif # endif
#endif #endif
#if !SANITIZER_ANDROID #if !SANITIZER_ANDROID
#include <ifaddrs.h> #include <ifaddrs.h>
#include <sys/ucontext.h> #include <sys/ucontext.h>
#include <wordexp.h> #include <wordexp.h>
▲ Show 20 LinesShow All 165 Lines▼ Show 20 Lines
#if (SANITIZER_LINUX || SANITIZER_FREEBSD) && !SANITIZER_ANDROID #if (SANITIZER_LINUX || SANITIZER_FREEBSD) && !SANITIZER_ANDROID
int glob_nomatch = GLOB_NOMATCH; int glob_nomatch = GLOB_NOMATCH;
int glob_altdirfunc = GLOB_ALTDIRFUNC; int glob_altdirfunc = GLOB_ALTDIRFUNC;
#endif #endif
#if SANITIZER_LINUX && !SANITIZER_ANDROID && \ #if SANITIZER_LINUX && !SANITIZER_ANDROID && \
(defined(__i386) || defined(__x86_64) || defined(__mips64) || \ (defined(__i386) || defined(__x86_64) || defined(__mips64) || \
defined(__powerpc64__)) defined(__powerpc64__) || defined(__aarch64__))
#if defined(__mips64) || defined(__powerpc64__) #if defined(__mips64) || defined(__powerpc64__)
unsigned struct_user_regs_struct_sz = sizeof(struct pt_regs); unsigned struct_user_regs_struct_sz = sizeof(struct pt_regs);
unsigned struct_user_fpregs_struct_sz = sizeof(elf_fpregset_t); unsigned struct_user_fpregs_struct_sz = sizeof(elf_fpregset_t);
#elif defined(__aarch64__)
unsigned struct_user_regs_struct_sz = sizeof(struct user_pt_regs);
unsigned struct_user_fpregs_struct_sz = sizeof(struct user_fpsimd_state);
#else #else
unsigned struct_user_regs_struct_sz = sizeof(struct user_regs_struct); unsigned struct_user_regs_struct_sz = sizeof(struct user_regs_struct);
unsigned struct_user_fpregs_struct_sz = sizeof(struct user_fpregs_struct); unsigned struct_user_fpregs_struct_sz = sizeof(struct user_fpregs_struct);
#endif // __mips64 || __powerpc64__ #endif // __mips64 || __powerpc64__ || __aarch64__
#if defined(__x86_64) || defined(__mips64) || defined(__powerpc64__) #if defined(__x86_64) || defined(__mips64) || defined(__powerpc64__) || \
defined(__aarch64__)
unsigned struct_user_fpxregs_struct_sz = 0; unsigned struct_user_fpxregs_struct_sz = 0;
#else #else
unsigned struct_user_fpxregs_struct_sz = sizeof(struct user_fpxregs_struct); unsigned struct_user_fpxregs_struct_sz = sizeof(struct user_fpxregs_struct);
#endif // __x86_64 || __mips64 || __powerpc64__ #endif // __x86_64 || __mips64 || __powerpc64__ || __aarch64__
int ptrace_peektext = PTRACE_PEEKTEXT; int ptrace_peektext = PTRACE_PEEKTEXT;
int ptrace_peekdata = PTRACE_PEEKDATA; int ptrace_peekdata = PTRACE_PEEKDATA;
int ptrace_peekuser = PTRACE_PEEKUSER; int ptrace_peekuser = PTRACE_PEEKUSER;
#if defined(PT_GETREGS) && defined(PT_SETREGS)
int ptrace_getregs = PTRACE_GETREGS; int ptrace_getregs = PTRACE_GETREGS;
int ptrace_setregs = PTRACE_SETREGS; int ptrace_setregs = PTRACE_SETREGS;
#else
int ptrace_getregs = -1;
int ptrace_setregs = -1;
#endif
#if defined(PT_GETREGS) && defined(PT_SETREGS)
eugenisUnsubmitted
Not Done
ReplyInline Actions

did you mean PT_GETFPREGS here and PT_GETFPXREGS below?

eugenis: did you mean PT_GETFPREGS here and PT_GETFPXREGS below?
zatrazzAuthorUnsubmitted
Not Done
ReplyInline Actions

Yes and '#if defined(PT_GETFPXREGS) && defined(PT_SETFPXREGS)' below as well. I will fix it.

zatrazz: Yes and '#if defined(PT_GETFPXREGS) && defined(PT_SETFPXREGS)' below as well. I will fix it.
int ptrace_getfpregs = PTRACE_GETFPREGS; int ptrace_getfpregs = PTRACE_GETFPREGS;
int ptrace_setfpregs = PTRACE_SETFPREGS; int ptrace_setfpregs = PTRACE_SETFPREGS;
#if defined(PTRACE_GETFPXREGS) && defined(PTRACE_SETFPXREGS) #else
int ptrace_getfpregs = -1;
int ptrace_setfpregs = -1;
#endif
#if defined(PT_GETFPREGS) && defined(PT_SETFPREGS)
int ptrace_getfpxregs = PTRACE_GETFPXREGS; int ptrace_getfpxregs = PTRACE_GETFPXREGS;
int ptrace_setfpxregs = PTRACE_SETFPXREGS; int ptrace_setfpxregs = PTRACE_SETFPXREGS;
#else #else
int ptrace_getfpxregs = -1; int ptrace_getfpxregs = -1;
int ptrace_setfpxregs = -1; int ptrace_setfpxregs = -1;
#endif // PTRACE_GETFPXREGS/PTRACE_SETFPXREGS #endif // PTRACE_GETFPXREGS/PTRACE_SETFPXREGS
int ptrace_geteventmsg = PTRACE_GETEVENTMSG; int ptrace_geteventmsg = PTRACE_GETEVENTMSG;
#if (defined(PTRACE_GETSIGINFO) && defined(PTRACE_SETSIGINFO)) || \ #if (defined(PTRACE_GETSIGINFO) && defined(PTRACE_SETSIGINFO)) || \
▲ Show 20 LinesShow All 895 LinesShow Last 20 Lines

lib/sanitizer_common/sanitizer_stacktrace.h

Show All 13 Lines
#define SANITIZER_STACKTRACE_H #define SANITIZER_STACKTRACE_H
#include "sanitizer_internal_defs.h" #include "sanitizer_internal_defs.h"
namespace __sanitizer { namespace __sanitizer {
static const u32 kStackTraceMax = 256; static const u32 kStackTraceMax = 256;
#if SANITIZER_LINUX && (defined(__aarch64__) || defined(__sparc__) || \ #if SANITIZER_LINUX && (defined(__sparc__) || defined(__mips__))
eugenisUnsubmitted
Not Done
ReplyInline Actions

Oh, are you saying the current fast unwind implementation simply works on aarch64? Nice.

eugenis: Oh, are you saying the current fast unwind implementation simply works on aarch64? Nice.
zatrazzAuthorUnsubmitted
Not Done
ReplyInline Actions

I saw no regressions or failures tests that indicate otherwise. In fact it fixes 'MemorySanitizer :: fork.cc' which stucks in _Unwind_Backtrace from libgcc with SlowUnwinder.

zatrazz: I saw no regressions or failures tests that indicate otherwise. In fact it fixes…
defined(__mips__))
# define SANITIZER_CAN_FAST_UNWIND 0 # define SANITIZER_CAN_FAST_UNWIND 0
#elif SANITIZER_WINDOWS #elif SANITIZER_WINDOWS
# define SANITIZER_CAN_FAST_UNWIND 0 # define SANITIZER_CAN_FAST_UNWIND 0
#else #else
# define SANITIZER_CAN_FAST_UNWIND 1 # define SANITIZER_CAN_FAST_UNWIND 1
#endif #endif
// Fast unwind is the only option on Mac for now; we will need to // Fast unwind is the only option on Mac for now; we will need to
▲ Show 20 LinesShow All 106 LinesShow Last 20 Lines

test/msan/chained_origin_limits.cc

Show First 20 LinesShow All 55 Lines▼ Show 20 Lines
// RUN: MSAN_OPTIONS=origin_history_size=2 not %run %t >%t.out 2>&1 // RUN: MSAN_OPTIONS=origin_history_size=2 not %run %t >%t.out 2>&1
// RUN: FileCheck %s --check-prefix=CHECK2 < %t.out // RUN: FileCheck %s --check-prefix=CHECK2 < %t.out
// RUN: MSAN_OPTIONS=origin_history_per_stack_limit=1 not %run %t >%t.out 2>&1 // RUN: MSAN_OPTIONS=origin_history_per_stack_limit=1 not %run %t >%t.out 2>&1
// RUN: FileCheck %s --check-prefix=CHECK-PER-STACK < %t.out // RUN: FileCheck %s --check-prefix=CHECK-PER-STACK < %t.out
// RUN: MSAN_OPTIONS=origin_history_size=7,origin_history_per_stack_limit=0 not %run %t >%t.out 2>&1 // RUN: MSAN_OPTIONS=origin_history_size=7,origin_history_per_stack_limit=0 not %run %t >%t.out 2>&1
// RUN: FileCheck %s --check-prefix=CHECK7 < %t.out // RUN: FileCheck %s --check-prefix=CHECK7 < %t.out
//
// XFAIL: aarch64
rengolinUnsubmitted
Not Done
ReplyInline Actions

I think this is "arm64" for Darwin. It'd be good if someone could test this in Darwin and make sure we need the same XFAILs, and if so, we should add their arch-name, too.

rengolin: I think this is "arm64" for Darwin. It'd be good if someone could test this in Darwin and make…
#include <stdio.h> #include <stdio.h>
#include <stdlib.h> #include <stdlib.h>
#include <string.h> #include <string.h>
#include <unistd.h> #include <unistd.h>
static char *buf, *cur, *end; static char *buf, *cur, *end;
void init() { void init() {
▲ Show 20 LinesShow All 107 LinesShow Last 20 Lines

test/msan/dlerror.cc

// RUN: %clangxx_msan -O0 %s -o %t && %run %t // RUN: %clangxx_msan -O0 %s -o %t && %run %t
//
// XFAIL: aarch64
#include <assert.h> #include <assert.h>
#include <dlfcn.h> #include <dlfcn.h>
#include <stdio.h> #include <stdio.h>
#include <string.h> #include <string.h>
int main(void) { int main(void) {
void *p = dlopen("/bad/file/name", RTLD_NOW); void *p = dlopen("/bad/file/name", RTLD_NOW);
assert(!p); assert(!p);
char *s = dlerror(); char *s = dlerror();
printf("%s, %zu\n", s, strlen(s)); printf("%s, %zu\n", s, strlen(s));
return 0; return 0;
} }

test/msan/mmap.cc

// Test that mmap (without MAP_FIXED) always returns valid application addresses. // Test that mmap (without MAP_FIXED) always returns valid application addresses.
// RUN: %clangxx_msan -O0 %s -o %t && %run %t // RUN: %clangxx_msan -O0 %s -o %t && %run %t
// RUN: %clangxx_msan -O0 -fsanitize-memory-track-origins %s -o %t && %run %t // RUN: %clangxx_msan -O0 -fsanitize-memory-track-origins %s -o %t && %run %t
#include <assert.h> #include <assert.h>
#include <errno.h> #include <errno.h>
#include <stdint.h> #include <stdint.h>
#include <sys/mman.h> #include <sys/mman.h>
#include <stdio.h> #include <stdio.h>
#include <stdlib.h>
#include "test.h"
bool AddrIsApp(void *p) { bool AddrIsApp(void *p) {
uintptr_t addr = (uintptr_t)p; uintptr_t addr = (uintptr_t)p;
#if defined(__FreeBSD__) && defined(__x86_64__) #if defined(__FreeBSD__) && defined(__x86_64__)
return addr < 0x010000000000ULL || addr >= 0x600000000000ULL; return addr < 0x010000000000ULL || addr >= 0x600000000000ULL;
#elif defined(__x86_64__) #elif defined(__x86_64__)
return addr >= 0x600000000000ULL; return addr >= 0x600000000000ULL;
#elif defined(__mips64) #elif defined(__mips64)
return addr >= 0x00e000000000ULL; return addr >= 0x00e000000000ULL;
#elif defined(__powerpc64__) #elif defined(__powerpc64__)
return addr < 0x000100000000ULL || addr >= 0x300000000000ULL; return addr < 0x000100000000ULL || addr >= 0x300000000000ULL;
#elif defined(__aarch64__)
unsigned long vma = SystemVMA();
if (vma == 39)
return (addr >= 0x5500000000ULL && addr < 0x5600000000ULL) ||
(addr > 0x7000000000ULL);
else if (vma == 42)
return (addr >= 0x2aa00000000ULL && addr < 0x2ab00000000ULL) ||
(addr > 0x3f000000000ULL);
else {
fprintf(stderr, "unsupported vma: %lu\n", vma);
exit(1);
}
#endif #endif
} }
int main() { int main() {
// Large enough to quickly exhaust the entire address space. // Large enough to quickly exhaust the entire address space.
#if defined(__mips64) #if defined(__mips64) || defined(__aarch64__)
const size_t kMapSize = 0x100000000ULL; const size_t kMapSize = 0x100000000ULL;
#else #else
const size_t kMapSize = 0x1000000000ULL; const size_t kMapSize = 0x1000000000ULL;
#endif #endif
int success_count = 0; int success_count = 0;
while (true) { while (true) {
void *p = mmap(0, kMapSize, PROT_WRITE, void *p = mmap(0, kMapSize, PROT_WRITE,
MAP_PRIVATE | MAP_ANONYMOUS | MAP_NORESERVE, -1, 0); MAP_PRIVATE | MAP_ANONYMOUS | MAP_NORESERVE, -1, 0);
Show All 11 Lines

test/msan/mmap_below_shadow.cc

Show All 21 Lines#elif defined(__x86_64__)
uintptr_t hint = 0x4f0000000000ULL; uintptr_t hint = 0x4f0000000000ULL;
const uintptr_t app_start = 0x600000000000ULL; const uintptr_t app_start = 0x600000000000ULL;
#elif defined (__mips64) #elif defined (__mips64)
uintptr_t hint = 0x4f00000000ULL; uintptr_t hint = 0x4f00000000ULL;
const uintptr_t app_start = 0x6000000000ULL; const uintptr_t app_start = 0x6000000000ULL;
#elif defined (__powerpc64__) #elif defined (__powerpc64__)
uintptr_t hint = 0x2f0000000000ULL; uintptr_t hint = 0x2f0000000000ULL;
const uintptr_t app_start = 0x300000000000ULL; const uintptr_t app_start = 0x300000000000ULL;
#elif defined (__aarch64__)
uintptr_t hint = 0x4f0000000ULL;
const uintptr_t app_start = 0x7000000000ULL;
#endif #endif
uintptr_t p = (uintptr_t)mmap( uintptr_t p = (uintptr_t)mmap(
(void *)hint, 4096, PROT_WRITE, (void *)hint, 4096, PROT_WRITE,
MAP_PRIVATE | MAP_ANONYMOUS | (FIXED ? MAP_FIXED : 0), -1, 0); MAP_PRIVATE | MAP_ANONYMOUS | (FIXED ? MAP_FIXED : 0), -1, 0);
if (FIXED) if (FIXED)
assert(p == (uintptr_t)-1 && errno == EINVAL); assert(p == (uintptr_t)-1 && errno == EINVAL);
else else
assert(p >= app_start); assert(p >= app_start);
return 0; return 0;
} }

test/msan/param_tls_limit.cc

// ParamTLS has limited size. Everything that does not fit is considered fully // ParamTLS has limited size. Everything that does not fit is considered fully
// initialized. // initialized.
// RUN: %clangxx_msan -O0 %s -o %t && %run %t // RUN: %clangxx_msan -O0 %s -o %t && %run %t
// RUN: %clangxx_msan -fsanitize-memory-track-origins -O0 %s -o %t && %run %t // RUN: %clangxx_msan -fsanitize-memory-track-origins -O0 %s -o %t && %run %t
// RUN: %clangxx_msan -fsanitize-memory-track-origins=2 -O0 %s -o %t && %run %t // RUN: %clangxx_msan -fsanitize-memory-track-origins=2 -O0 %s -o %t && %run %t
//
// XFAIL: aarch64
#include <sanitizer/msan_interface.h> #include <sanitizer/msan_interface.h>
#include <assert.h> #include <assert.h>
// This test assumes that ParamTLS size is 800 bytes. // This test assumes that ParamTLS size is 800 bytes.
// This test passes poisoned values through function argument list. // This test passes poisoned values through function argument list.
// In case of overflow, argument is unpoisoned. // In case of overflow, argument is unpoisoned.
▲ Show 20 LinesShow All 60 LinesShow Last 20 Lines

test/msan/signal_stress_test.cc

// RUN: %clangxx_msan -std=c++11 -O0 %s -o %t && %run %t // RUN: %clangxx_msan -std=c++11 -O0 %s -o %t && %run %t
//
// XFAIL: aarch64
// Test that va_arg shadow from a signal handler does not leak outside. // Test that va_arg shadow from a signal handler does not leak outside.
#include <signal.h> #include <signal.h>
#include <stdarg.h> #include <stdarg.h>
#include <sanitizer/msan_interface.h> #include <sanitizer/msan_interface.h>
#include <assert.h> #include <assert.h>
#include <sys/time.h> #include <sys/time.h>
▲ Show 20 LinesShow All 62 LinesShow Last 20 Lines

test/msan/strlen_of_shadow.cc

// RUN: %clangxx_msan -O0 %s -o %t && %run %t // RUN: %clangxx_msan -O0 %s -o %t && %run %t
// Check that strlen() and similar intercepted functions can be called on shadow // Check that strlen() and similar intercepted functions can be called on shadow
// memory. // memory.
#include <assert.h> #include <assert.h>
#include <stdint.h> #include <stdint.h>
#include <stdio.h> #include <stdio.h>
#include <string.h> #include <string.h>
#include <stdlib.h>
#include "test.h"
const char *mem_to_shadow(const char *p) { const char *mem_to_shadow(const char *p) {
#if defined(__x86_64__) #if defined(__x86_64__)
return (char *)((uintptr_t)p & ~0x400000000000ULL); return (char *)((uintptr_t)p & ~0x400000000000ULL);
#elif defined (__mips64) #elif defined (__mips64)
return (char *)((uintptr_t)p & ~0x4000000000ULL); return (char *)((uintptr_t)p & ~0x4000000000ULL);
#elif defined(__powerpc64__) #elif defined(__powerpc64__)
#define LINEARIZE_MEM(mem) \ #define LINEARIZE_MEM(mem) \
(((uintptr_t)(mem) & ~0x200000000000ULL) ^ 0x100000000000ULL) (((uintptr_t)(mem) & ~0x200000000000ULL) ^ 0x100000000000ULL)
return (char *)(LINEARIZE_MEM(p) + 0x080000000000ULL); return (char *)(LINEARIZE_MEM(p) + 0x080000000000ULL);
#elif defined(__aarch64__)
unsigned long vma = SystemVMA();
#define LINEARIZE_MEM_39(mem) \
(((uintptr_t)(mem) & ~0x7C00000000ULL) ^ 0x100000000ULL)
rengolinUnsubmitted
Not Done
ReplyInline Actions

Can't you re-use the one you have above? Maybe this should even be in compiler-rt?

rengolin: Can't you re-use the one you have above? Maybe this should even be in compiler-rt?
zatrazzAuthorUnsubmitted
Not Done
ReplyInline Actions

This is for tests only, so I see the best option to add on 'test/msan/test.h'. I will change it.

zatrazz: This is for tests only, so I see the best option to add on 'test/msan/test.h'. I will change it.
#define LINEARIZE_MEM_42(mem) \
(((uintptr_t)(mem) & ~0x3E000000000ULL) ^ 0x1000000000ULL)
if (vma == 39)
return (char *)(LINEARIZE_MEM_39(p) + 0x4000000000ULL);
rengolinUnsubmitted
Not Done
ReplyInline Actions

Can't you just use the macro for now?

rengolin: Can't you just use the macro for now?
rengolinUnsubmitted
Not Done
ReplyInline Actions

Something like:

#elif defined(__aarch64__)
  #if SANITIZER_AARCH64_VMA == 39
  #define LINEARIZE_MEM(mem) (((uintptr_t)(mem) & ~0x7C00000000ULL) ^ 0x100000000ULL)
  #else
  #define LINEARIZE_MEM(mem) (((uintptr_t)(mem) & ~0x3E000000000ULL) ^ 0x1000000000ULL)
  #endif
return (char *)(LINEARIZE_MEM(p) + 0x4000000000ULL);
...
rengolin: Something like: #elif defined(__aarch64__) #if SANITIZER_AARCH64_VMA == 39…
zatrazzAuthorUnsubmitted
Not Done
ReplyInline Actions

SANITIZER_AARCH64_VMA is used within compiler-rt itself, not exported for tests.

zatrazz: SANITIZER_AARCH64_VMA is used within compiler-rt itself, not exported for tests.
else if (vma == 42)
return (char *)(LINEARIZE_MEM_42(p) + 0x10000000000ULL);
else {
fprintf(stderr, "unsupported vma: %lu\n", vma);
exit(1);
}
#endif #endif
} }
int main(void) { int main(void) {
const char *s = "abcdef"; const char *s = "abcdef";
assert(strlen(s) == 6); assert(strlen(s) == 6);
assert(strlen(mem_to_shadow(s)) == 0); assert(strlen(mem_to_shadow(s)) == 0);
char *t = new char[42]; char *t = new char[42];
t[41] = 0; t[41] = 0;
assert(strlen(mem_to_shadow(t)) == 41); assert(strlen(mem_to_shadow(t)) == 41);
return 0; return 0;
} }

test/msan/test.h

  • This file was added.
#if __LP64__
# define SANITIZER_WORDSIZE 64
#else
# define SANITIZER_WORDSIZE 32
#endif
// This is a simplified version of GetMaxVirtualAddress function.
unsigned long SystemVMA () {
#if SANITIZER_WORDSIZE == 64
unsigned long vma = (unsigned long)__builtin_frame_address(0);
return SANITIZER_WORDSIZE - __builtin_clzll(vma);
#else
return SANITIZER_WORDSIZE;
#endif
}

test/sanitizer_common/TestCases/Linux/ptrace.cc

// RUN: %clangxx -O0 %s -o %t && %run %t // RUN: %clangxx -O0 %s -o %t && %run %t
#include <assert.h> #include <assert.h>
#include <signal.h> #include <signal.h>
#include <stdio.h> #include <stdio.h>
#include <sys/ptrace.h> #include <sys/ptrace.h>
#include <sys/types.h> #include <sys/types.h>
#include <sys/user.h> #include <sys/user.h>
#include <sys/wait.h> #include <sys/wait.h>
#include <sys/uio.h>
#include <unistd.h> #include <unistd.h>
#include <elf.h>
#if __mips64 #if __mips64
#include <asm/ptrace.h> #include <asm/ptrace.h>
#include <sys/procfs.h> #include <sys/procfs.h>
#endif #endif
#ifdef __aarch64__
// GLIBC 2.20+ sys/user does not include asm/ptrace.h
#include <asm/ptrace.h>
#endif
int main(void) { int main(void) {
pid_t pid; pid_t pid;
pid = fork(); pid = fork();
if (pid == 0) { // child if (pid == 0) { // child
ptrace(PTRACE_TRACEME, 0, NULL, NULL); ptrace(PTRACE_TRACEME, 0, NULL, NULL);
execl("/bin/true", "true", NULL); execl("/bin/true", "true", NULL);
} else { } else {
Show All 27 Lines
#endif #endif
elf_fpregset_t fpregs; elf_fpregset_t fpregs;
res = ptrace((enum __ptrace_request)PTRACE_GETFPREGS, pid, NULL, &fpregs); res = ptrace((enum __ptrace_request)PTRACE_GETFPREGS, pid, NULL, &fpregs);
assert(!res); assert(!res);
if ((elf_greg_t)fpregs[32]) // fpscr if ((elf_greg_t)fpregs[32]) // fpscr
printf("%lx\n", (elf_greg_t)fpregs[32]); printf("%lx\n", (elf_greg_t)fpregs[32]);
#endif // (__powerpc64__ || __mips64) #endif // (__powerpc64__ || __mips64)
#if (__aarch64__)
struct iovec regset_io;
struct user_pt_regs regs;
regset_io.iov_base = &regs;
regset_io.iov_len = sizeof(regs);
res = ptrace(PTRACE_GETREGSET, pid, (void*)NT_PRSTATUS, (void*)&regset_io);
assert(!res);
if (regs.pc)
printf("%llx\n", regs.pc);
struct user_fpsimd_state fpregs;
regset_io.iov_base = &fpregs;
regset_io.iov_len = sizeof(fpregs);
res = ptrace(PTRACE_GETREGSET, pid, (void*)NT_FPREGSET, (void*)&regset_io);
assert(!res);
if (fpregs.fpsr)
printf("%x\n", fpregs.fpsr);
#endif // (__aarch64__)
rengolinUnsubmitted
Not Done
ReplyInline Actions

#endif // (aarch64)

rengolin: #endif // (__aarch64__)
siginfo_t siginfo; siginfo_t siginfo;
res = ptrace(PTRACE_GETSIGINFO, pid, NULL, &siginfo); res = ptrace(PTRACE_GETSIGINFO, pid, NULL, &siginfo);
assert(!res); assert(!res);
assert(siginfo.si_pid == pid); assert(siginfo.si_pid == pid);
ptrace(PTRACE_CONT, pid, NULL, NULL); ptrace(PTRACE_CONT, pid, NULL, NULL);
wait(NULL); wait(NULL);
} }
return 0; return 0;
} }

test/ubsan/TestCases/Misc/nonnull-arg.cpp

// RUN: %clangxx -fsanitize=nonnull-attribute -fno-sanitize-recover=all %s -O3 -o %t // RUN: %clangxx -fsanitize=nonnull-attribute -fno-sanitize-recover=all %s -O3 -o %t
// RUN: %run %t nc // RUN: %run %t nc
// RUN: %run %t nm // RUN: %run %t nm
// RUN: %run %t nf // RUN: %run %t nf
// RUN: %run %t nv // RUN: %run %t nv
// RUN: not %run %t 0c 2>&1 | FileCheck %s --check-prefix=CTOR // RUN: not %run %t 0c 2>&1 | FileCheck %s --check-prefix=CTOR
// RUN: not %run %t 0m 2>&1 | FileCheck %s --check-prefix=METHOD // RUN: not %run %t 0m 2>&1 | FileCheck %s --check-prefix=METHOD
// RUN: not %run %t 0f 2>&1 | FileCheck %s --check-prefix=FUNC // RUN: not %run %t 0f 2>&1 | FileCheck %s --check-prefix=FUNC
// RUN: not %run %t 0v 2>&1 | FileCheck %s --check-prefix=VARIADIC // RUN: not %run %t 0v 2>&1 | FileCheck %s --check-prefix=VARIADIC
//
// XFAIL: aarch64
class C { class C {
int *null_; int *null_;
int *nonnull_; int *nonnull_;
public: public:
C(int *null, __attribute__((nonnull)) int *nonnull) C(int *null, __attribute__((nonnull)) int *nonnull)
: null_(null), nonnull_(nonnull) {} : null_(null), nonnull_(nonnull) {}
Show All 17 Lines
int main(int argc, char *argv[]) { int main(int argc, char *argv[]) {
int local = 0; int local = 0;
int *arg = (argv[1][0] == '0') ? 0x0 : &local; int *arg = (argv[1][0] == '0') ? 0x0 : &local;
switch (argv[1][1]) { switch (argv[1][1]) {
case 'c': case 'c':
return C(0x0, arg).value(); return C(0x0, arg).value();
// CTOR: {{.*}}nonnull-arg.cpp:[[@LINE-1]]:21: runtime error: null pointer passed as argument 2, which is declared to never be null // CTOR: {{.*}}nonnull-arg.cpp:[[@LINE-1]]:21: runtime error: null pointer passed as argument 2, which is declared to never be null
// CTOR-NEXT: {{.*}}nonnull-arg.cpp:16:31: note: nonnull attribute specified here // CTOR-NEXT: {{.*}}nonnull-arg.cpp:18:31: note: nonnull attribute specified here
case 'm': case 'm':
return C(0x0, &local).method(arg, 0x0); return C(0x0, &local).method(arg, 0x0);
// METHOD: {{.*}}nonnull-arg.cpp:[[@LINE-1]]:36: runtime error: null pointer passed as argument 1, which is declared to never be null // METHOD: {{.*}}nonnull-arg.cpp:[[@LINE-1]]:36: runtime error: null pointer passed as argument 1, which is declared to never be null
// METHOD-NEXT: {{.*}}nonnull-arg.cpp:19:54: note: nonnull attribute specified here // METHOD-NEXT: {{.*}}nonnull-arg.cpp:21:54: note: nonnull attribute specified here
case 'f': case 'f':
return func(arg); return func(arg);
// FUNC: {{.*}}nonnull-arg.cpp:[[@LINE-1]]:19: runtime error: null pointer passed as argument 1, which is declared to never be null // FUNC: {{.*}}nonnull-arg.cpp:[[@LINE-1]]:19: runtime error: null pointer passed as argument 1, which is declared to never be null
// FUNC-NEXT: {{.*}}nonnull-arg.cpp:24:16: note: nonnull attribute specified here // FUNC-NEXT: {{.*}}nonnull-arg.cpp:26:16: note: nonnull attribute specified here
case 'v': case 'v':
return variadic(42, arg); return variadic(42, arg);
// VARIADIC: {{.*}}nonnull-arg.cpp:[[@LINE-1]]:27: runtime error: null pointer passed as argument 2, which is declared to never be null // VARIADIC: {{.*}}nonnull-arg.cpp:[[@LINE-1]]:27: runtime error: null pointer passed as argument 2, which is declared to never be null
// VARIADIC-NEXT: {{.*}}nonnull-arg.cpp:27:16: note: nonnull attribute specified here // VARIADIC-NEXT: {{.*}}nonnull-arg.cpp:29:16: note: nonnull attribute specified here
} }
return 0; return 0;
} }