This is an archive of the discontinued LLVM Phabricator instance.

[hwasan] Check for overflow when searching candidates.
ClosedPublic

Authored by fmayer on Jun 28 2021, 7:35 AM.

Details

Summary

If the fault address is at the boundary of memory regions, this could
cause us to segfault otherwise.

Ran test with old compiler_rt to make sure it fails.

Diff Detail

Event Timeline

fmayer requested review of this revision.Jun 28 2021, 7:35 AM
fmayer created this revision.
Herald added a project: Restricted Project. · View Herald TranscriptJun 28 2021, 7:35 AM
Herald added a subscriber: Restricted Project. · View Herald Transcript
eugenis added inline comments.Jun 29 2021, 3:16 PM
compiler-rt/lib/hwasan/hwasan_report.cpp
299

There is MemIsApp in hwasan_linux.cpp. Rename this one to MemIsShadow, and maybe move both definitions to hwasan_mapping.h.

300

kLowShadowEnd and kHighShadowEnd are inclusive - a bit unusual but consider that on 32-bit (in other sanitizers) ex. kHighMemEnd may be 0xffffffff, and kHighMemEnd+1 is not representable in uptr.

fmayer updated this revision to Diff 355498.Jun 30 2021, 3:38 AM
fmayer marked an inline comment as done.

Rename & move IsShadow(...)

fmayer marked an inline comment as done.Jun 30 2021, 3:40 AM
fmayer added inline comments.
compiler-rt/lib/hwasan/hwasan_report.cpp
299

Left MemIsApp in the old place, as it uses a function defined in hwasan.h, which I guess is the reason it is there in the first place.

fmayer marked an inline comment as done.Jun 30 2021, 3:42 AM
eugenis accepted this revision.Jun 30 2021, 1:16 PM

LGTM

This revision is now accepted and ready to land.Jun 30 2021, 1:16 PM
This revision was automatically updated to reflect the committed changes.