This is an archive of the discontinued LLVM Phabricator instance.

Differential D105705

[hwasan] More realistic setjmp test.
AbandonedPublic

Authored by fmayer on Jul 9 2021, 8:46 AM.

Details

Reviewers
hctim
Commits
rG5511bfdb6715: [hwasan] More realistic setjmp test.
Summary

The existing one actually failed on the int* p, not on int z (as can be
seen by the fault being 8 bytes rather than 4).

This is also needed to make sure the stack safety analysis does not
classify the alloca as safe.

Diff Detail

Event Timeline

fmayer requested review of this revision.Jul 9 2021, 8:46 AM
fmayer created this revision.
Herald added a project: Restricted Project. · View Herald TranscriptJul 9 2021, 8:46 AM
Herald added a subscriber: Restricted Project. · View Herald Transcript
fmayer updated this revision to Diff 357528.Jul 9 2021, 8:47 AM

Formatting.

fmayer added a reviewer: hctim.Jul 9 2021, 8:50 AM
fmayer added a subscriber: eugenis.
fmayer edited the summary of this revision. (Show Details)Jul 9 2021, 8:54 AM
Harbormaster completed remote builds in B113214: Diff 357528.Jul 9 2021, 9:46 AM
hctim added inline comments.Jul 9 2021, 11:41 AM
compiler-rt/test/hwasan/TestCases/longjmp.c
19

this relies on globals tagging. can you have p be declared in main() and passed as a parameter to f()? then no need to update the comment as well :)

20–21

the load of p[0] in main will crash.

hctim accepted this revision.Jul 9 2021, 11:46 AM

LGTM w/ comment change

compiler-rt/test/hwasan/TestCases/longjmp.c
19

nvm, as you point out this is p not &p. oops.

This revision is now accepted and ready to land.Jul 9 2021, 11:46 AM
fmayer updated this revision to Diff 357586.Jul 9 2021, 11:47 AM
fmayer marked an inline comment as done.

Fix comment.

Harbormaster completed remote builds in B113253: Diff 357586.Jul 9 2021, 12:26 PM
Closed by commit rG5511bfdb6715: [hwasan] More realistic setjmp test. (authored by fmayer). · Explain WhyJul 9 2021, 12:27 PM
This revision was automatically updated to reflect the committed changes.
fmayer added a commit: rG5511bfdb6715: [hwasan] More realistic setjmp test..
post.kadirselcuk added a parent revision: D105762: [X86] Teach X86FloatingPoint's handleCall to only erase the FP stack if there is a regmask operand that clobbers the FP stack..Jul 10 2021, 8:06 PM
craig.topper removed a parent revision: D105762: [X86] Teach X86FloatingPoint's handleCall to only erase the FP stack if there is a regmask operand that clobbers the FP stack..Jul 10 2021, 9:47 PM
vitalybuka added a reverting change: rGb8424b42a58e: Revert "[hwasan] More realistic setjmp test.".Jul 12 2021, 10:16 PM
vitalybuka reopened this revision.Jul 12 2021, 10:18 PM
vitalybuka added a subscriber: vitalybuka.

Reverted, It fails here https://lab.llvm.org/buildbot/#/builders/169/builds/1360

This revision is now accepted and ready to land.Jul 12 2021, 10:18 PM
fmayer abandoned this revision.Oct 28 2021, 5:29 PM
fmayer marked 2 inline comments as done.

I realised this is already tested in longjmp-setjmp-interception.c

Revision Contents

PathSize
compiler-rt/
test/
hwasan/
TestCases/
22 lines

Diff 357597

compiler-rt/test/hwasan/TestCases/longjmp.c

// RUN: %clang_hwasan -O0 -DNEGATIVE %s -o %t && %run %t 2>&1 // RUN: %clang_hwasan -O0 -DNEGATIVE %s -o %t && %run %t 2>&1
// RUN: %clang_hwasan -O0 %s -o %t && not %run %t 2>&1 | FileCheck %s // RUN: %clang_hwasan -O0 %s -o %t && not %run %t 2>&1 | FileCheck %s
// REQUIRES: stable-runtime, pointer-tagging // REQUIRES: stable-runtime, pointer-tagging
#include <setjmp.h>
#include <stdlib.h> #include <stdlib.h>
#include <assert.h> #include <assert.h>
#include <sanitizer/hwasan_interface.h> #include <sanitizer/hwasan_interface.h>
#include <unistd.h>
static int *volatile p;
__attribute__((noinline)) __attribute__((noinline))
int f(void *caller_frame) { int f(jmp_buf buf) {
int z = 0; int z = 0;
int *volatile p = &z; p = &z;
// Tag of local is never zero. // Tag of local is never zero.
assert(__hwasan_tag_pointer(p, 0) != p); assert(__hwasan_tag_pointer(p, 0) != p);
hctimUnsubmitted
Done
ReplyInline Actions

this relies on globals tagging. can you have p be declared in main() and passed as a parameter to f()? then no need to update the comment as well :)

hctim: this relies on globals tagging. can you have `p` be declared in `main()` and passed as a…
hctimUnsubmitted
Done
ReplyInline Actions

nvm, as you point out this is p not &p. oops.

hctim: nvm, as you point out this is `p` not `&p`. oops.
#ifndef NEGATIVE #ifndef NEGATIVE
// This will destroy shadow of "z", and the following load will crash. // This will destroy shadow of "z", the p[0] in main will crash.
hctimUnsubmitted
Done
ReplyInline Actions

the load of p[0] in main will crash.

hctim: the load of `p[0]` in main will crash.
__hwasan_handle_longjmp(caller_frame); longjmp(buf, 1);
#endif #endif
return p[0]; return p[0];
} }
int main() { int main() {
return f(__builtin_frame_address(0)); jmp_buf buf;
// CHECK: READ of size 8 at {{.*}} tags: {{.*}}/00 (ptr/mem) if (setjmp(buf)) {
return p[0];
} else {
f(buf);
}
return 0;
// CHECK: READ of size 4 at {{.*}} tags: {{.*}}/00 (ptr/mem)
} }