[llvm-dev] Attempt to modify memory sanitizer for support of X86

Pusl, Stefan via llvm-dev llvm-dev at lists.llvm.org
Fri Jun 17 05:02:31 PDT 2016 

Hello,

I'm quite new to LLVM, but I'm interested in memory sanitizer. The petty thing is, that 32bit addressing on Linux is not supported. Thus I tried to take the latest version of the software and to modify it, using Ubuntu 16.04 as operating system. Given the example

example.c:
#include <stdio.h>
#include <stdlib.h>

int main(int argc, char **argv) {
   int *a = (int *)malloc(10*sizeof(10));
   a[5] = 0;
   if (a[argc])
      printf("xx\n");
   return 0;
}

which I compiled with the command

clang -fsanitize=memory -m32 -fPIE -pie -fno-omit-frame-pointer -g -Wl,-Map,example32.map example.c -oexample32.out

I get now a segmentation fault during the execution:

(gdb) r
Starting program: /home/pusl/code/example32.out
[Thread debugging using libthread_db enabled]
Using host libthread_db library "/lib/x86_64-linux-gnu/libthread_db.so.1".

Program received signal SIGSEGV, Segmentation fault.
0x565e14f9 in main (argc=1448445640, argv=0xf7f1d3dc) at example.c:4


I tried to figure out the issue, but as a newcomer to LLVM I don't have any further idea now to get nearer to the root cause. Any new idea is welcome.

I changed 5 files. The diffs are:


-          cmake/config-ix.cmake:
diff --git a/cmake/config-ix.cmake b/cmake/config-ix.cmake
index 04e33a0..d02e319 100644
--- a/cmake/config-ix.cmake
+++ b/cmake/config-ix.cmake
@@ -149,7 +149,7 @@ set(ALL_ASAN_SUPPORTED_ARCH ${X86} ${X86_64} ${ARM32} ${ARM64}
     ${MIPS32} ${MIPS64} ${PPC64})
set(ALL_DFSAN_SUPPORTED_ARCH ${X86_64} ${MIPS64} ${ARM64})
set(ALL_LSAN_SUPPORTED_ARCH ${X86_64} ${MIPS64} ${ARM64})
-set(ALL_MSAN_SUPPORTED_ARCH ${X86_64} ${MIPS64} ${ARM64})
+set(ALL_MSAN_SUPPORTED_ARCH ${X86} ${X86_64} ${MIPS64} ${ARM64})
set(ALL_PROFILE_SUPPORTED_ARCH ${X86} ${X86_64} ${ARM32} ${ARM64} ${PPC64}
     ${MIPS32} ${MIPS64})
set(ALL_TSAN_SUPPORTED_ARCH ${X86_64} ${MIPS64} ${ARM64} ${PPC64})


-          lib/msan/msan.h:
diff --git a/lib/msan/msan.h b/lib/msan/msan.h
index be74f6e..10b5b05 100644
--- a/lib/msan/msan.h
+++ b/lib/msan/msan.h
@@ -147,6 +147,26 @@ const MappingDesc kMemoryLayout[] = {
#define MEM_TO_SHADOW(mem) (LINEARIZE_MEM((mem)) + 0x100000000000ULL)
#define SHADOW_TO_ORIGIN(shadow) (((uptr)(shadow)) + 0x280000000000)
+#elif SANITIZER_LINUX && SANITIZER_WORDSIZE == 32
+
+const MappingDesc kMemoryLayout[] = {
+    {0x00000000ULL, 0x10000000ULL, MappingDesc::APP, "app-1"},
+    {0x10000000ULL, 0x20000000ULL, MappingDesc::SHADOW, "shadow-1"},
+    {0x20000000ULL, 0x30000000ULL, MappingDesc::ORIGIN, "origin-1"},
+    {0x30000000ULL, 0x50000000ULL, MappingDesc::INVALID, "invalid"},
+    {0x50000000ULL, 0x60000000ULL, MappingDesc::APP, "app-2"},
+    {0x60000000ULL, 0x70000000ULL, MappingDesc::SHADOW, "shadow-2"},
+    {0x70000000ULL, 0x80000000ULL, MappingDesc::ORIGIN, "origin-2"},
+    {0x80000000ULL, 0x90000000ULL, MappingDesc::SHADOW, "shadow-3"},
+    {0x90000000ULL, 0xa0000000ULL, MappingDesc::ORIGIN, "origin-3"},
+    {0xa0000000ULL, 0xf0000000ULL, MappingDesc::INVALID, "invalid"},
+    {0xf0000000ULL, 0xffffffffULL, MappingDesc::APP, "app-3"},
+};
+#define MOVE_MEM(mem) \
+  ((uptr)(mem) & ~0x80000000ULL)
+#define MEM_TO_SHADOW(mem) (MOVE_MEM((mem)) + 0x10000000ULL)
+#define SHADOW_TO_ORIGIN(mem) (((uptr)(mem)) + 0x10000000ULL)
+
#elif SANITIZER_LINUX && SANITIZER_WORDSIZE == 64
 #ifdef MSAN_LINUX_X86_64_OLD_MAPPING


-          lib/msan/msan_allocator.cc:
diff --git a/lib/msan/msan_allocator.cc b/lib/msan/msan_allocator.cc
index b7d3947..dae6d72 100644
--- a/lib/msan/msan_allocator.cc
+++ b/lib/msan/msan_allocator.cc
@@ -49,7 +49,15 @@ struct MsanMapUnmapCallback {
   typedef SizeClassAllocator32<0, SANITIZER_MMAP_RANGE_SIZE, sizeof(Metadata),
                                SizeClassMap, kRegionSizeLog, ByteMap,
                                MsanMapUnmapCallback> PrimaryAllocator;
-
+#elif defined (__i386__)
+static const uptr kMaxAllowedMallocSize = 3UL << 30;
+  static const uptr kRegionSizeLog = 20;
+  static const uptr kNumRegions = SANITIZER_MMAP_RANGE_SIZE >> kRegionSizeLog;
+  typedef FlatByteMap<kNumRegions> ByteMap;
+  typedef CompactSizeClassMap SizeClassMap;
+  typedef SizeClassAllocator32<0, SANITIZER_MMAP_RANGE_SIZE, sizeof(Metadata),
+                               SizeClassMap, kRegionSizeLog, ByteMap,
+                               MsanMapUnmapCallback> PrimaryAllocator;
#elif defined(__x86_64__)
#if SANITIZER_LINUX && !defined(MSAN_LINUX_X86_64_OLD_MAPPING)
   static const uptr kAllocatorSpace = 0x700000000000ULL;


-          lib/msan/msan_linux.cc:
diff --git a/lib/msan/msan_linux.cc b/lib/msan/msan_linux.cc
index d6a9588..ca59564 100644
--- a/lib/msan/msan_linux.cc
+++ b/lib/msan/msan_linux.cc
@@ -82,7 +82,7 @@ static void CheckMemoryLayoutSanity() {
     CHECK_LT(start, end);
     CHECK_EQ(prev_end, start);
     CHECK(addr_is_type(start, type));
-    CHECK(addr_is_type((start + end) / 2, type));
+    CHECK(addr_is_type(start/2 + end/2, type));
     CHECK(addr_is_type(end - 1, type));
     if (type == MappingDesc::APP) {
       uptr addr = start;
@@ -90,7 +90,7 @@ static void CheckMemoryLayoutSanity() {
       CHECK(MEM_IS_ORIGIN(MEM_TO_ORIGIN(addr)));
       CHECK_EQ(MEM_TO_ORIGIN(addr), SHADOW_TO_ORIGIN(MEM_TO_SHADOW(addr)));
-      addr = (start + end) / 2;
+      addr = start/2 + end/2;
       CHECK(MEM_IS_SHADOW(MEM_TO_SHADOW(addr)));
       CHECK(MEM_IS_ORIGIN(MEM_TO_ORIGIN(addr)));
       CHECK_EQ(MEM_TO_ORIGIN(addr), SHADOW_TO_ORIGIN(MEM_TO_SHADOW(addr)));


-          lib/sanitizer_common/sanitizer_platform_interceptors.h:
--- a/lib/sanitizer_common/sanitizer_platform_interceptors.h
+++ b/lib/sanitizer_common/sanitizer_platform_interceptors.h
@@ -211,7 +211,7 @@
   SI_FREEBSD || SI_MAC || SI_LINUX_NOT_ANDROID
#define SANITIZER_INTERCEPT_ETHER_R SI_FREEBSD || SI_LINUX_NOT_ANDROID
#define SANITIZER_INTERCEPT_SHMCTL \
-  ((SI_FREEBSD || SI_LINUX_NOT_ANDROID) && SANITIZER_WORDSIZE == 64)
+  ((SI_FREEBSD || SI_LINUX_NOT_ANDROID) && (SANITIZER_WORDSIZE == 64 || defined(__i386__)))
#define SANITIZER_INTERCEPT_RANDOM_R SI_LINUX_NOT_ANDROID
#define SANITIZER_INTERCEPT_PTHREAD_ATTR_GET SI_NOT_WINDOWS
#define SANITIZER_INTERCEPT_PTHREAD_ATTR_GETINHERITSCHED \

Stefan Pusl


Intel Deutschland GmbH
Registered Address: Am Campeon 10-12, 85579 Neubiberg, Germany
Tel: +49 89 99 8853-0, www.intel.de
Managing Directors: Christin Eisenschmid, Christian Lamprechter
Chairperson of the Supervisory Board: Nicole Lau
Registered Office: Munich
Commercial Register: Amtsgericht Muenchen HRB 186928
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.llvm.org/pipermail/llvm-dev/attachments/20160617/fc00f88a/attachment-0001.html>

More information about the llvm-dev mailing list