[compiler-rt] d961f66 - [hwasan] fix false positive when hwasan-match-all-tag flag is enabled and short granules are used
via llvm-commits
llvm-commits at lists.llvm.org
Fri Apr 28 02:01:13 PDT 2023
Author: Enna1
Date: 2023-04-28T17:00:26+08:00
New Revision: d961f66b28c592d3d34664b613c193cb3f75dd79
URL: https://github.com/llvm/llvm-project/commit/d961f66b28c592d3d34664b613c193cb3f75dd79
DIFF: https://github.com/llvm/llvm-project/commit/d961f66b28c592d3d34664b613c193cb3f75dd79.diff
LOG: [hwasan] fix false positive when hwasan-match-all-tag flag is enabled and short granules are used
When hwasan-match-all-tag flag is enabled and short granules are used, at the point checking if this is a short tag case, the tag from pointer is stored in X16 register,
which breaks the assumption that tag from shadow memory is stored in X16 register, this will cause a false positive.
Reviewed By: vitalybuka
Differential Revision: https://reviews.llvm.org/D149252
Added:
compiler-rt/test/hwasan/TestCases/short-granule-and-match-all-tag.cpp
Modified:
llvm/lib/Target/AArch64/AArch64AsmPrinter.cpp
llvm/test/CodeGen/AArch64/hwasan-check-memaccess.ll
Removed:
################################################################################
diff --git a/compiler-rt/test/hwasan/TestCases/short-granule-and-match-all-tag.cpp b/compiler-rt/test/hwasan/TestCases/short-granule-and-match-all-tag.cpp
new file mode 100644
index 0000000000000..5d23ecc3ddd22
--- /dev/null
+++ b/compiler-rt/test/hwasan/TestCases/short-granule-and-match-all-tag.cpp
@@ -0,0 +1,12 @@
+// RUN: %clang_hwasan -mllvm -hwasan-match-all-tag=0 %s -o %t && %run %t
+
+#include <sanitizer/hwasan_interface.h>
+#include <stdlib.h>
+
+int main() {
+ __hwasan_enable_allocator_tagging();
+ char *x = (char *)malloc(40);
+ char volatile z = *x;
+ free(x);
+ return 0;
+}
diff --git a/llvm/lib/Target/AArch64/AArch64AsmPrinter.cpp b/llvm/lib/Target/AArch64/AArch64AsmPrinter.cpp
index 1c9a790c6d72f..9e433db8f23a6 100644
--- a/llvm/lib/Target/AArch64/AArch64AsmPrinter.cpp
+++ b/llvm/lib/Target/AArch64/AArch64AsmPrinter.cpp
@@ -531,14 +531,14 @@ void AArch64AsmPrinter::emitHwasanMemaccessSymbols(Module &M) {
if (HasMatchAllTag) {
OutStreamer->emitInstruction(MCInstBuilder(AArch64::UBFMXri)
- .addReg(AArch64::X16)
+ .addReg(AArch64::X17)
.addReg(Reg)
.addImm(56)
.addImm(63),
*STI);
OutStreamer->emitInstruction(MCInstBuilder(AArch64::SUBSXri)
.addReg(AArch64::XZR)
- .addReg(AArch64::X16)
+ .addReg(AArch64::X17)
.addImm(MatchAllTag)
.addImm(0),
*STI);
diff --git a/llvm/test/CodeGen/AArch64/hwasan-check-memaccess.ll b/llvm/test/CodeGen/AArch64/hwasan-check-memaccess.ll
index 3aff1c2906def..f5f31e796815b 100644
--- a/llvm/test/CodeGen/AArch64/hwasan-check-memaccess.ll
+++ b/llvm/test/CodeGen/AArch64/hwasan-check-memaccess.ll
@@ -104,8 +104,8 @@ declare void @llvm.hwasan.check.memaccess.shortgranules(ptr, ptr, i32)
; CHECK-NEXT: .Ltmp6:
; CHECK-NEXT: ret
; CHECK-NEXT: .Ltmp5:
-; CHECK-NEXT: lsr x16, x1, #56
-; CHECK-NEXT: cmp x16, #255
+; CHECK-NEXT: lsr x17, x1, #56
+; CHECK-NEXT: cmp x17, #255
; CHECK-NEXT: b.eq .Ltmp6
; CHECK-NEXT: stp x0, x1, [sp, #-256]!
; CHECK-NEXT: stp x29, x30, [sp, #232]
@@ -121,8 +121,8 @@ declare void @llvm.hwasan.check.memaccess.shortgranules(ptr, ptr, i32)
; CHECK-NEXT: .Ltmp8:
; CHECK-NEXT: ret
; CHECK-NEXT: .Ltmp7:
-; CHECK-NEXT: lsr x16, x1, #56
-; CHECK-NEXT: cmp x16, #0
+; CHECK-NEXT: lsr x17, x1, #56
+; CHECK-NEXT: cmp x17, #0
; CHECK-NEXT: b.eq .Ltmp8
; CHECK-NEXT: cmp w16, #15
; CHECK-NEXT: b.hi .Ltmp9
More information about the llvm-commits
mailing list