[compiler-rt] c985b24 - [MSan] Simulate OOM in mmap_interceptor()

Evgenii Stepanov via llvm-commits llvm-commits at lists.llvm.org
Thu Mar 19 13:34:03 PDT 2020 

Author: Ilya Leoshkevich
Date: 2020-03-19T13:33:45-07:00
New Revision: c985b244ee12c781330d594e2aa2baaf4995f715

URL: https://github.com/llvm/llvm-project/commit/c985b244ee12c781330d594e2aa2baaf4995f715
DIFF: https://github.com/llvm/llvm-project/commit/c985b244ee12c781330d594e2aa2baaf4995f715.diff

LOG: [MSan] Simulate OOM in mmap_interceptor()

Summary:
Some kernels can provide 16EiB worth of mappings to each process, which
causes mmap test to run for a very long time. In order to make it stop
after a few seconds, make mmap_interceptor() fail when the original
mmap() returns an address which is outside of the application range.

Reviewers: eugenis

Reviewed By: eugenis

Subscribers: #sanitizers, Andreas-Krebbel, stefansf, jonpa, uweigand

Tags: #sanitizers

Differential Revision: https://reviews.llvm.org/D76426

Added: 
    

Modified: 
    compiler-rt/lib/msan/msan_interceptors.cpp

Removed: 
    


################################################################################
diff  --git a/compiler-rt/lib/msan/msan_interceptors.cpp b/compiler-rt/lib/msan/msan_interceptors.cpp
index 1c6956eca0f6..4cdce7e29af1 100644
--- a/compiler-rt/lib/msan/msan_interceptors.cpp
+++ b/compiler-rt/lib/msan/msan_interceptors.cpp
@@ -953,7 +953,9 @@ void __sanitizer_dtor_callback(const void *data, uptr size) {
 template <class Mmap>
 static void *mmap_interceptor(Mmap real_mmap, void *addr, SIZE_T length,
                               int prot, int flags, int fd, OFF64_T offset) {
-  if (addr && !MEM_IS_APP(addr)) {
+  SIZE_T rounded_length = RoundUpTo(length, GetPageSize());
+  void *end_addr = (char *)addr + (rounded_length - 1);
+  if (addr && (!MEM_IS_APP(addr) || !MEM_IS_APP(end_addr))) {
     if (flags & map_fixed) {
       errno = errno_EINVAL;
       return (void *)-1;
@@ -962,7 +964,18 @@ static void *mmap_interceptor(Mmap real_mmap, void *addr, SIZE_T length,
     }
   }
   void *res = real_mmap(addr, length, prot, flags, fd, offset);
-  if (res != (void *)-1) __msan_unpoison(res, RoundUpTo(length, GetPageSize()));
+  if (res != (void *)-1) {
+    void *end_res = (char *)res + (rounded_length - 1);
+    if (MEM_IS_APP(res) && MEM_IS_APP(end_res)) {
+      __msan_unpoison(res, rounded_length);
+    } else {
+      // Application has attempted to map more memory than is supported by
+      // MSAN. Act as if we ran out of memory.
+      internal_munmap(res, length);
+      errno = errno_ENOMEM;
+      return (void *)-1;
+    }
+  }
   return res;
 }

More information about the llvm-commits mailing list