[compiler-rt] [scudo] Fix isOwned on MTE devices. (PR #111060)

Evgenii Stepanov via llvm-commits llvm-commits at lists.llvm.org
Thu Oct 3 13:40:28 PDT 2024 

https://github.com/eugenis created https://github.com/llvm/llvm-project/pull/111060

If called on address that is actually not owned, the tags could not match. Disable tag checks in isOwned().

>From bcf9f40fbd95db8f23f4986a7d0995783ba0c43e Mon Sep 17 00:00:00 2001
From: Evgenii Stepanov <eugenis at google.com>
Date: Thu, 3 Oct 2024 13:19:37 -0700
Subject: [PATCH] [scudo] Fix isOwned on MTE devices.

If called on address that is actually not owned, the tags could not
match. Disable tag checks in isOwned().
---
 compiler-rt/lib/scudo/standalone/combined.h | 3 +++
 compiler-rt/lib/scudo/standalone/memtag.h   | 9 +++++++--
 2 files changed, 10 insertions(+), 2 deletions(-)

diff --git a/compiler-rt/lib/scudo/standalone/combined.h b/compiler-rt/lib/scudo/standalone/combined.h
index a5f1bc388e8824..323a8b9d76c994 100644
--- a/compiler-rt/lib/scudo/standalone/combined.h
+++ b/compiler-rt/lib/scudo/standalone/combined.h
@@ -785,6 +785,9 @@ class Allocator {
   // A corrupted chunk will not be reported as owned, which is WAI.
   bool isOwned(const void *Ptr) {
     initThreadMaybe();
+    // If the allocation is not owned, the tags could be wrong.
+    ScopedDisableMemoryTagChecks x(
+        useMemoryTagging<AllocatorConfig>(Primary.Options.load()));
 #ifdef GWP_ASAN_HOOKS
     if (GuardedAlloc.pointerIsMine(Ptr))
       return true;
diff --git a/compiler-rt/lib/scudo/standalone/memtag.h b/compiler-rt/lib/scudo/standalone/memtag.h
index 1f6983e99404a2..06a2ed275e9afb 100644
--- a/compiler-rt/lib/scudo/standalone/memtag.h
+++ b/compiler-rt/lib/scudo/standalone/memtag.h
@@ -122,9 +122,12 @@ inline NORETURN void enableSystemMemoryTaggingTestOnly() {
 
 class ScopedDisableMemoryTagChecks {
   uptr PrevTCO;
+  bool active;
 
 public:
-  ScopedDisableMemoryTagChecks() {
+  ScopedDisableMemoryTagChecks(bool cond = true) : active(cond) {
+    if (!active)
+      return;
     __asm__ __volatile__(
         R"(
         .arch_extension memtag
@@ -135,6 +138,8 @@ class ScopedDisableMemoryTagChecks {
   }
 
   ~ScopedDisableMemoryTagChecks() {
+    if (!active)
+      return;
     __asm__ __volatile__(
         R"(
         .arch_extension memtag
@@ -269,7 +274,7 @@ inline NORETURN void enableSystemMemoryTaggingTestOnly() {
 }
 
 struct ScopedDisableMemoryTagChecks {
-  ScopedDisableMemoryTagChecks() {}
+  ScopedDisableMemoryTagChecks(bool cond UNUSED = true) {}
 };
 
 inline NORETURN uptr selectRandomTag(uptr Ptr, uptr ExcludeMask) {

More information about the llvm-commits mailing list