[compiler-rt] 46c1671 - [HWASAN]Implement memcmp interceptor in HWASAN (#67204)

via llvm-commits llvm-commits at lists.llvm.org
Fri Sep 29 16:14:52 PDT 2023 

Author: Kirill Stoimenov
Date: 2023-09-29T16:14:48-07:00
New Revision: 46c16716206241bc849571483de0f142e7bff3ff

URL: https://github.com/llvm/llvm-project/commit/46c16716206241bc849571483de0f142e7bff3ff
DIFF: https://github.com/llvm/llvm-project/commit/46c16716206241bc849571483de0f142e7bff3ff.diff

LOG: [HWASAN]Implement memcmp interceptor in HWASAN (#67204)

The plan is to fix memcmp interceptor in HWASAN and remove the
unsupported statement at that time.

---------

Co-authored-by: Vitaly Buka <vitalybuka at gmail.com>

Added: 
    compiler-rt/test/hwasan/TestCases/memcmp.cpp

Modified: 
    compiler-rt/lib/hwasan/hwasan_interceptors.cpp
    compiler-rt/lib/hwasan/hwasan_platform_interceptors.h
    compiler-rt/lib/sanitizer_common/sanitizer_common_interceptors.inc

Removed: 
    


################################################################################
diff  --git a/compiler-rt/lib/hwasan/hwasan_interceptors.cpp b/compiler-rt/lib/hwasan/hwasan_interceptors.cpp
index 92c8ec7cf55f412..0889831373a8039 100644
--- a/compiler-rt/lib/hwasan/hwasan_interceptors.cpp
+++ b/compiler-rt/lib/hwasan/hwasan_interceptors.cpp
@@ -31,6 +31,21 @@
 
 using namespace __hwasan;
 
+struct HWAsanInterceptorContext {
+  const char *interceptor_name;
+};
+
+#  define ACCESS_MEMORY_RANGE(ctx, offset, size, access)                    \
+    do {                                                                    \
+      __hwasan::CheckAddressSized<ErrorAction::Abort, access>((uptr)offset, \
+                                                              size);        \
+    } while (0)
+
+#  define HWASAN_READ_RANGE(ctx, offset, size) \
+    ACCESS_MEMORY_RANGE(ctx, offset, size, AccessType::Load)
+#  define HWASAN_WRITE_RANGE(ctx, offset, size) \
+    ACCESS_MEMORY_RANGE(ctx, offset, size, AccessType::Store)
+
 #  if !SANITIZER_APPLE
 #    define HWASAN_INTERCEPT_FUNC(name)                                        \
       do {                                                                     \
@@ -79,13 +94,11 @@ using namespace __hwasan;
       } while (false)
 
 #    define COMMON_INTERCEPTOR_READ_RANGE(ctx, ptr, size) \
-      do {                                                \
-        (void)(ctx);                                      \
-        (void)(ptr);                                      \
-        (void)(size);                                     \
-      } while (false)
+      HWASAN_READ_RANGE(ctx, ptr, size)
 
 #    define COMMON_INTERCEPTOR_ENTER(ctx, func, ...) \
+      HWAsanInterceptorContext _ctx = {#func};       \
+      ctx = (void *)&_ctx;                           \
       do {                                           \
         (void)(ctx);                                 \
         (void)(func);                                \

diff  --git a/compiler-rt/lib/hwasan/hwasan_platform_interceptors.h b/compiler-rt/lib/hwasan/hwasan_platform_interceptors.h
index 33ae70a4ded90e5..390c9d80c38edd9 100644
--- a/compiler-rt/lib/hwasan/hwasan_platform_interceptors.h
+++ b/compiler-rt/lib/hwasan/hwasan_platform_interceptors.h
@@ -65,8 +65,8 @@
 #undef SANITIZER_INTERCEPT_MEMCPY
 #define SANITIZER_INTERCEPT_MEMCPY 0
 
-#undef SANITIZER_INTERCEPT_MEMCMP
-#define SANITIZER_INTERCEPT_MEMCMP 0
+// #undef SANITIZER_INTERCEPT_MEMCMP
+// #define SANITIZER_INTERCEPT_MEMCMP 0
 
 #undef SANITIZER_INTERCEPT_BCMP
 #define SANITIZER_INTERCEPT_BCMP 0

diff  --git a/compiler-rt/lib/sanitizer_common/sanitizer_common_interceptors.inc b/compiler-rt/lib/sanitizer_common/sanitizer_common_interceptors.inc
index 0e563fa12022a3e..80efaf54a0607f6 100644
--- a/compiler-rt/lib/sanitizer_common/sanitizer_common_interceptors.inc
+++ b/compiler-rt/lib/sanitizer_common/sanitizer_common_interceptors.inc
@@ -445,11 +445,13 @@ INTERCEPTOR(char*, textdomain, const char *domainname) {
 #define INIT_TEXTDOMAIN
 #endif
 
-#if SANITIZER_INTERCEPT_STRCMP
+#if SANITIZER_INTERCEPT_STRCMP || SANITIZER_INTERCEPT_MEMCMP
 static inline int CharCmpX(unsigned char c1, unsigned char c2) {
   return (c1 == c2) ? 0 : (c1 < c2) ? -1 : 1;
 }
+#endif
 
+#if SANITIZER_INTERCEPT_STRCMP
 DECLARE_WEAK_INTERCEPTOR_HOOK(__sanitizer_weak_hook_strcmp, uptr called_pc,
                               const char *s1, const char *s2, int result)
 

diff  --git a/compiler-rt/test/hwasan/TestCases/memcmp.cpp b/compiler-rt/test/hwasan/TestCases/memcmp.cpp
new file mode 100644
index 000000000000000..c6a2b42b54d271c
--- /dev/null
+++ b/compiler-rt/test/hwasan/TestCases/memcmp.cpp
@@ -0,0 +1,27 @@
+// RUN: %clangxx_hwasan -O0 %s -o %t && not %run %t 2>&1 | FileCheck %s
+// RUN: %clangxx_hwasan -O1 %s -o %t && not %run %t 2>&1 | FileCheck %s
+// RUN: %clangxx_hwasan -O2 %s -o %t && not %run %t 2>&1 | FileCheck %s
+// RUN: %clangxx_hwasan -O3 %s -o %t && not %run %t 2>&1 | FileCheck %s
+
+#include <sanitizer/hwasan_interface.h>
+#include <stdlib.h>
+#include <string.h>
+#include <unistd.h>
+
+int main(int argc, char **argv) {
+  __hwasan_enable_allocator_tagging();
+  char a[] = {static_cast<char>(argc), 2, 3, 4};
+  volatile int size = sizeof(a);
+  char *volatile p = (char *)malloc(size);
+  memcpy(p, a, size);
+  free(p);
+  return memcmp(p, a, size);
+  // CHECK: HWAddressSanitizer: tag-mismatch on address
+  // CHECK: READ of size 4
+  // CHECK: #{{[[:digit:]]+}} 0x{{[[:xdigit:]]+}} in main {{.*}}memcmp.cpp:[[@LINE-3]]
+  // CHECK: Cause: use-after-free
+  // CHECK: freed by thread
+  // CHECK: #{{[[:digit:]]+}} 0x{{[[:xdigit:]]+}} in main {{.*}}memcmp.cpp:[[@LINE-7]]
+  // CHECK: previously allocated by thread
+  // CHECK: #{{[[:digit:]]+}} 0x{{[[:xdigit:]]+}} in main {{.*}}memcmp.cpp:[[@LINE-11]]
+}

More information about the llvm-commits mailing list