[compiler-rt] r341554 - [MSan] store origins for variadic function parameters in __msan_va_arg_origin_tls

Alexander Potapenko via llvm-commits llvm-commits at lists.llvm.org
Thu Sep 6 08:14:36 PDT 2018 

Author: glider
Date: Thu Sep  6 08:14:36 2018
New Revision: 341554

URL: http://llvm.org/viewvc/llvm-project?rev=341554&view=rev
Log:
[MSan] store origins for variadic function parameters in __msan_va_arg_origin_tls

Add the __msan_va_arg_origin_tls TLS array to keep the origins for variadic function parameters.
Change the instrumentation pass to store parameter origins in this array.

This is a reland of r341528.

test/msan/vararg.cc doesn't work on Mips, PPC and AArch64 (because this
patch doesn't touch them), XFAIL these arches.
Also turned out Clang crashed on i80 vararg arguments because of
incorrect origin type returned by getOriginPtrForVAArgument() - fixed it
and added a test.

Added:
    compiler-rt/trunk/test/msan/vararg.cc
Modified:
    compiler-rt/trunk/lib/msan/msan.cc

Modified: compiler-rt/trunk/lib/msan/msan.cc
URL: http://llvm.org/viewvc/llvm-project/compiler-rt/trunk/lib/msan/msan.cc?rev=341554&r1=341553&r2=341554&view=diff
==============================================================================
--- compiler-rt/trunk/lib/msan/msan.cc (original)
+++ compiler-rt/trunk/lib/msan/msan.cc Thu Sep  6 08:14:36 2018
@@ -59,6 +59,10 @@ SANITIZER_INTERFACE_ATTRIBUTE
 ALIGNED(16) THREADLOCAL u64 __msan_va_arg_tls[kMsanParamTlsSize / sizeof(u64)];
 
 SANITIZER_INTERFACE_ATTRIBUTE
+ALIGNED(16)
+THREADLOCAL u32 __msan_va_arg_origin_tls[kMsanParamTlsSize / sizeof(u32)];
+
+SANITIZER_INTERFACE_ATTRIBUTE
 THREADLOCAL u64 __msan_va_arg_overflow_size_tls;
 
 SANITIZER_INTERFACE_ATTRIBUTE
@@ -277,6 +281,8 @@ void ScopedThreadLocalStateBackup::Resto
   internal_memset(__msan_param_tls, 0, sizeof(__msan_param_tls));
   internal_memset(__msan_retval_tls, 0, sizeof(__msan_retval_tls));
   internal_memset(__msan_va_arg_tls, 0, sizeof(__msan_va_arg_tls));
+  internal_memset(__msan_va_arg_origin_tls, 0,
+                  sizeof(__msan_va_arg_origin_tls));
 
   if (__msan_get_track_origins()) {
     internal_memset(&__msan_retval_origin_tls, 0,

Added: compiler-rt/trunk/test/msan/vararg.cc
URL: http://llvm.org/viewvc/llvm-project/compiler-rt/trunk/test/msan/vararg.cc?rev=341554&view=auto
==============================================================================
--- compiler-rt/trunk/test/msan/vararg.cc (added)
+++ compiler-rt/trunk/test/msan/vararg.cc Thu Sep  6 08:14:36 2018
@@ -0,0 +1,60 @@
+// RUN: %clangxx_msan -fsanitize-memory-track-origins=0 -O3 %s -o %t && \
+// RUN:     not %run %t va_arg_tls >%t.out 2>&1
+// RUN: FileCheck %s --check-prefix=CHECK < %t.out
+
+// RUN: %clangxx_msan -fsanitize-memory-track-origins=0 -O3 %s -o %t && \
+// RUN:     not %run %t overflow >%t.out 2>&1
+// RUN: FileCheck %s --check-prefix=CHECK < %t.out
+
+// RUN: %clangxx_msan -fsanitize-memory-track-origins=2 -O3 %s -o %t && \
+// RUN:     not %run %t va_arg_tls >%t.out 2>&1
+// RUN: FileCheck %s --check-prefixes=CHECK,CHECK-ORIGIN < %t.out
+
+// RUN: %clangxx_msan -fsanitize-memory-track-origins=2 -O3 %s -o %t && \
+// RUN:     not %run %t overflow >%t.out 2>&1
+// RUN: FileCheck %s --check-prefixes=CHECK,CHECK-ORIGIN < %t.out
+
+// Check that shadow and origin are passed through va_args.
+
+// Copying origins on AArch64, MIPS and PowerPC isn't supported yet.
+// XFAIL: aarch64
+// XFAIL: mips
+// XFAIL: powerpc64
+
+#include <stdarg.h>
+#include <string.h>
+
+__attribute__((noinline))
+int sum(int n, ...) {
+  va_list args;
+  int i, sum = 0, arg;
+  volatile int temp;
+  va_start(args, n);
+  for (i = 0; i < n; i++) {
+    arg = va_arg(args, int);
+    sum += arg;
+  }
+  va_end(args);
+  return sum;
+}
+
+int main(int argc, char *argv[]) {
+  volatile int uninit;
+  volatile int a = 1, b = 2;
+  if (argc == 2) {
+    // Shadow/origin will be passed via va_arg_tls/va_arg_origin_tls.
+    if (strcmp(argv[1], "va_arg_tls") == 0) {
+      return sum(3, uninit, a, b);
+    }
+    // Shadow/origin of |uninit| will be passed via overflow area.
+    if (strcmp(argv[1], "overflow") == 0) {
+      return sum(7,
+        a, a, a, a, a, a, uninit
+      );
+    }
+  }
+  return 0;
+}
+
+// CHECK: WARNING: MemorySanitizer: use-of-uninitialized-value
+// CHECK-ORIGIN: Uninitialized value was created by an allocation of 'uninit' in the stack frame of function 'main'

More information about the llvm-commits mailing list