[compiler-rt] [HWASAN]Implement memcmp interceptor in HWASAN (PR #67204)
Kirill Stoimenov via llvm-commits
llvm-commits at lists.llvm.org
Thu Sep 28 14:06:14 PDT 2023
https://github.com/kstoimenov updated https://github.com/llvm/llvm-project/pull/67204
>From 07c005c4110854fe66f5c126c54bb45c2fffb137 Mon Sep 17 00:00:00 2001
From: Kirill Stoimenov <kstoimenov at google.com>
Date: Fri, 22 Sep 2023 22:57:55 +0000
Subject: [PATCH 1/3] [HWASAN] Implement memcmp interceptor in HWASAN
DON NOT SUBMIT - NEED TO TEST ON ARM
---
.../lib/hwasan/hwasan_interceptors.cpp | 23 +++++++++++++++----
.../lib/hwasan/hwasan_platform_interceptors.h | 2 +-
.../sanitizer_common_interceptors.inc | 4 +++-
compiler-rt/test/hwasan/TestCases/memcmp.cpp | 17 ++++++++++++++
4 files changed, 39 insertions(+), 7 deletions(-)
create mode 100644 compiler-rt/test/hwasan/TestCases/memcmp.cpp
diff --git a/compiler-rt/lib/hwasan/hwasan_interceptors.cpp b/compiler-rt/lib/hwasan/hwasan_interceptors.cpp
index 92c8ec7cf55f412..f9af154ef2dcab2 100644
--- a/compiler-rt/lib/hwasan/hwasan_interceptors.cpp
+++ b/compiler-rt/lib/hwasan/hwasan_interceptors.cpp
@@ -31,6 +31,21 @@
using namespace __hwasan;
+struct HWAsanInterceptorContext {
+ const char *interceptor_name;
+};
+
+# define ACCESS_MEMORY_RANGE(ctx, offset, size, access) \
+ do { \
+ __hwasan::CheckAddressSized<ErrorAction::Abort, access>((uptr)offset, \
+ size); \
+ } while (0)
+
+#define HWASAN_READ_RANGE(ctx, offset, size) \
+ ACCESS_MEMORY_RANGE(ctx, offset, size, AccessType::Load)
+#define HWASAN_WRITE_RANGE(ctx, offset, size) \
+ ACCESS_MEMORY_RANGE(ctx, offset, size, AccessType::Store)
+
# if !SANITIZER_APPLE
# define HWASAN_INTERCEPT_FUNC(name) \
do { \
@@ -79,13 +94,11 @@ using namespace __hwasan;
} while (false)
# define COMMON_INTERCEPTOR_READ_RANGE(ctx, ptr, size) \
- do { \
- (void)(ctx); \
- (void)(ptr); \
- (void)(size); \
- } while (false)
+ HWASAN_READ_RANGE(ctx, ptr, size)
# define COMMON_INTERCEPTOR_ENTER(ctx, func, ...) \
+ HWAsanInterceptorContext _ctx = {#func}; \
+ ctx = (void *)&_ctx; \
do { \
(void)(ctx); \
(void)(func); \
diff --git a/compiler-rt/lib/hwasan/hwasan_platform_interceptors.h b/compiler-rt/lib/hwasan/hwasan_platform_interceptors.h
index 33ae70a4ded90e5..9cc53201b2a800c 100644
--- a/compiler-rt/lib/hwasan/hwasan_platform_interceptors.h
+++ b/compiler-rt/lib/hwasan/hwasan_platform_interceptors.h
@@ -66,7 +66,7 @@
#define SANITIZER_INTERCEPT_MEMCPY 0
#undef SANITIZER_INTERCEPT_MEMCMP
-#define SANITIZER_INTERCEPT_MEMCMP 0
+#define SANITIZER_INTERCEPT_MEMCMP 1
#undef SANITIZER_INTERCEPT_BCMP
#define SANITIZER_INTERCEPT_BCMP 0
diff --git a/compiler-rt/lib/sanitizer_common/sanitizer_common_interceptors.inc b/compiler-rt/lib/sanitizer_common/sanitizer_common_interceptors.inc
index 0e563fa12022a3e..80efaf54a0607f6 100644
--- a/compiler-rt/lib/sanitizer_common/sanitizer_common_interceptors.inc
+++ b/compiler-rt/lib/sanitizer_common/sanitizer_common_interceptors.inc
@@ -445,11 +445,13 @@ INTERCEPTOR(char*, textdomain, const char *domainname) {
#define INIT_TEXTDOMAIN
#endif
-#if SANITIZER_INTERCEPT_STRCMP
+#if SANITIZER_INTERCEPT_STRCMP || SANITIZER_INTERCEPT_MEMCMP
static inline int CharCmpX(unsigned char c1, unsigned char c2) {
return (c1 == c2) ? 0 : (c1 < c2) ? -1 : 1;
}
+#endif
+#if SANITIZER_INTERCEPT_STRCMP
DECLARE_WEAK_INTERCEPTOR_HOOK(__sanitizer_weak_hook_strcmp, uptr called_pc,
const char *s1, const char *s2, int result)
diff --git a/compiler-rt/test/hwasan/TestCases/memcmp.cpp b/compiler-rt/test/hwasan/TestCases/memcmp.cpp
new file mode 100644
index 000000000000000..231b17393b5684c
--- /dev/null
+++ b/compiler-rt/test/hwasan/TestCases/memcmp.cpp
@@ -0,0 +1,17 @@
+// RUN: %clangxx_hwasan -O0 %s -o %t && not %run %t 2>&1 | FileCheck %s
+// RUN: %clangxx_hwasan -O1 %s -o %t && not %run %t 2>&1 | FileCheck %s
+// RUN: %clangxx_hwasan -O2 %s -o %t && not %run %t 2>&1 | FileCheck %s
+// RUN: %clangxx_hwasan -O3 %s -o %t && not %run %t 2>&1 | FileCheck %s
+
+// REQUIRES: arm
+
+#include <string.h>
+int main(int argc, char **argv) {
+ char a1[] = {static_cast<char>(argc), 2, 3, 4};
+ char a2[] = {1, static_cast<char>(2*argc), 3, 4};
+ int res = memcmp(a1, a2, 4 + argc); // BOOM
+ // CHECK: AddressSanitizer: stack-buffer-overflow
+ // CHECK: {{#[0-9]+ .*memcmp}}
+ // CHECK: {{#[0-9]+ .*main}}
+ return res;
+}
>From 0f8281fe909d8ececbbeda2c840f069daa7d89b9 Mon Sep 17 00:00:00 2001
From: Kirill Stoimenov <kstoimenov at google.com>
Date: Tue, 26 Sep 2023 17:35:42 +0000
Subject: [PATCH 2/3] Fixed test to pass on ARM.
---
compiler-rt/test/hwasan/TestCases/memcmp.cpp | 6 ++----
1 file changed, 2 insertions(+), 4 deletions(-)
diff --git a/compiler-rt/test/hwasan/TestCases/memcmp.cpp b/compiler-rt/test/hwasan/TestCases/memcmp.cpp
index 231b17393b5684c..2c22983b781f09e 100644
--- a/compiler-rt/test/hwasan/TestCases/memcmp.cpp
+++ b/compiler-rt/test/hwasan/TestCases/memcmp.cpp
@@ -3,15 +3,13 @@
// RUN: %clangxx_hwasan -O2 %s -o %t && not %run %t 2>&1 | FileCheck %s
// RUN: %clangxx_hwasan -O3 %s -o %t && not %run %t 2>&1 | FileCheck %s
-// REQUIRES: arm
+// REQUIRES: pointer-tagging
#include <string.h>
int main(int argc, char **argv) {
char a1[] = {static_cast<char>(argc), 2, 3, 4};
char a2[] = {1, static_cast<char>(2*argc), 3, 4};
int res = memcmp(a1, a2, 4 + argc); // BOOM
- // CHECK: AddressSanitizer: stack-buffer-overflow
- // CHECK: {{#[0-9]+ .*memcmp}}
- // CHECK: {{#[0-9]+ .*main}}
+ // CHECK: HWAddressSanitizer: tag-mismatch on address
return res;
}
>From 3cf5f0c2b4a3433d75fde74c89b7357eeb00165a Mon Sep 17 00:00:00 2001
From: Kirill Stoimenov <kstoimenov at google.com>
Date: Tue, 26 Sep 2023 17:39:37 +0000
Subject: [PATCH 3/3] Address comments.
---
.../lib/hwasan/hwasan_platform_interceptors.h | 4 ++--
compiler-rt/test/hwasan/TestCases/memcmp.cpp | 15 +++++++++------
2 files changed, 11 insertions(+), 8 deletions(-)
diff --git a/compiler-rt/lib/hwasan/hwasan_platform_interceptors.h b/compiler-rt/lib/hwasan/hwasan_platform_interceptors.h
index 9cc53201b2a800c..390c9d80c38edd9 100644
--- a/compiler-rt/lib/hwasan/hwasan_platform_interceptors.h
+++ b/compiler-rt/lib/hwasan/hwasan_platform_interceptors.h
@@ -65,8 +65,8 @@
#undef SANITIZER_INTERCEPT_MEMCPY
#define SANITIZER_INTERCEPT_MEMCPY 0
-#undef SANITIZER_INTERCEPT_MEMCMP
-#define SANITIZER_INTERCEPT_MEMCMP 1
+// #undef SANITIZER_INTERCEPT_MEMCMP
+// #define SANITIZER_INTERCEPT_MEMCMP 0
#undef SANITIZER_INTERCEPT_BCMP
#define SANITIZER_INTERCEPT_BCMP 0
diff --git a/compiler-rt/test/hwasan/TestCases/memcmp.cpp b/compiler-rt/test/hwasan/TestCases/memcmp.cpp
index 2c22983b781f09e..e58e260047f908e 100644
--- a/compiler-rt/test/hwasan/TestCases/memcmp.cpp
+++ b/compiler-rt/test/hwasan/TestCases/memcmp.cpp
@@ -3,13 +3,16 @@
// RUN: %clangxx_hwasan -O2 %s -o %t && not %run %t 2>&1 | FileCheck %s
// RUN: %clangxx_hwasan -O3 %s -o %t && not %run %t 2>&1 | FileCheck %s
-// REQUIRES: pointer-tagging
-
#include <string.h>
+#include <stdlib.h>
+#include <sanitizer/hwasan_interface.h>
+
int main(int argc, char **argv) {
- char a1[] = {static_cast<char>(argc), 2, 3, 4};
- char a2[] = {1, static_cast<char>(2*argc), 3, 4};
- int res = memcmp(a1, a2, 4 + argc); // BOOM
+ __hwasan_enable_allocator_tagging();
+ char a[] = {static_cast<char>(argc), 2, 3, 4};
+ char *p = (char *)malloc(sizeof(a));
+ free(p);
+ memcpy(p, a, sizeof(a));
// CHECK: HWAddressSanitizer: tag-mismatch on address
- return res;
+ return memcmp(p, a, sizeof(a));
}
More information about the llvm-commits
mailing list