[compiler-rt] [dfsan] Fix release_shadow_space.c (PR #94770)

Thurston Dang via llvm-commits llvm-commits at lists.llvm.org
Fri Jun 7 09:56:45 PDT 2024 

https://github.com/thurstond created https://github.com/llvm/llvm-project/pull/94770

DFSan's sscanf is incorrect (https://github.com/llvm/llvm-project/issues/94769), which results in erroneous matches when scraping RSS /proc/maps. This patch works around the issue by using strstr as a secondary check.

It also adds a loose validity check for the initial RSS, to guard against future regressions in get_rss_kb().

Fixes https://github.com/llvm/llvm-project/issues/91287

>From e4347a1ba74b980170f2283f4bc9755ec39ab5d2 Mon Sep 17 00:00:00 2001
From: Thurston Dang <thurston at google.com>
Date: Fri, 7 Jun 2024 16:52:45 +0000
Subject: [PATCH] [dfsan] Fix release_shadow_space.c

DFSan's sscanf is incorrect (https://github.com/llvm/llvm-project/issues/94769), which
results in erroneous matches when scraping RSS /proc/maps. This patch works
around the issue by using strstr as a secondary check.

It also adds a loose validity check for the initial RSS, to guard
against future regressions in get_rss_kb().

Fixes https://github.com/llvm/llvm-project/issues/91287
---
 compiler-rt/test/dfsan/release_shadow_space.c | 14 ++++++++++----
 1 file changed, 10 insertions(+), 4 deletions(-)

diff --git a/compiler-rt/test/dfsan/release_shadow_space.c b/compiler-rt/test/dfsan/release_shadow_space.c
index 60dec98ebec49..0f0e1a9c731cb 100644
--- a/compiler-rt/test/dfsan/release_shadow_space.c
+++ b/compiler-rt/test/dfsan/release_shadow_space.c
@@ -3,9 +3,6 @@
 // DFSAN_OPTIONS=no_huge_pages_for_shadow=false RUN: %clang_dfsan %s -DORIGIN_TRACKING -mllvm -dfsan-track-origins=1 -o %t && %run %t
 // DFSAN_OPTIONS=no_huge_pages_for_shadow=true RUN: %clang_dfsan %s -DORIGIN_TRACKING -mllvm -dfsan-track-origins=1 -o %t && %run %t
 
-// This test is flaky right now: https://github.com/llvm/llvm-project/issues/91287
-// UNSUPPORTED:  target={{.*}}
-
 #include <assert.h>
 #include <sanitizer/dfsan_interface.h>
 #include <stdbool.h>
@@ -26,7 +23,11 @@ size_t get_rss_kb() {
   char buf[256];
   while (fgets(buf, sizeof(buf), f) != NULL) {
     int64_t rss;
-    if (sscanf(buf, "Rss: %ld kB", &rss) == 1)
+    // DFSan's sscanf is broken and doesn't check for ordinary characters in
+    // the format string, hence we use strstr as a secondary check
+    // (https://github.com/llvm/llvm-project/issues/94769).
+    if ((sscanf(buf, "Rss: %ld kB", &rss) == 1) &&
+        (strstr(buf, "Rss: ") != NULL))
       ret += rss;
   }
   assert(feof(f));
@@ -73,6 +74,11 @@ int main(int argc, char **argv) {
       before, after_mmap, after_mmap_and_set_label, after_fixed_mmap,
       after_mmap_and_set_label2, after_munmap);
 
+  // This is orders of magnitude larger than we expect (typically < 10,000KB).
+  // It is a quick check to ensure that the RSS calculation function isn't
+  // egregriously wrong.
+  assert(before < 1000000);
+
   const size_t mmap_cost_kb = map_size >> 10;
   // Shadow space (1:1 with application memory)
   const size_t mmap_shadow_cost_kb = sizeof(dfsan_label) * mmap_cost_kb;

More information about the llvm-commits mailing list