From c7f7ccbe2e21fd155a71b00d089c53e51f456ff6 Mon Sep 17 00:00:00 2001 From: Vedant Kumar Date: Fri, 8 Dec 2017 01:51:51 +0000 Subject: [PATCH 1/4] [ubsan] Test for pass_object_size bounds checks git-svn-id: https://llvm.org/svn/llvm-project/compiler-rt/trunk@320129 91177308-0d34-0410-b5e6-96231b3b80d8 (cherry picked from commit 54a1331a5027f748f0088ef64d010dafc8f6e23e) (cherry picked from commit 44d79ee7a4bab41991daa3b6834a7e4f60ded60d) --- test/ubsan/TestCases/Misc/bounds.cpp | 16 ++++++++++++++++ 1 file changed, 16 insertions(+) diff --git a/test/ubsan/TestCases/Misc/bounds.cpp b/test/ubsan/TestCases/Misc/bounds.cpp index 199690dad..9f890f290 100644 --- a/test/ubsan/TestCases/Misc/bounds.cpp +++ b/test/ubsan/TestCases/Misc/bounds.cpp @@ -5,7 +5,23 @@ // RUN: %run %t 0 3 0 2>&1 | FileCheck %s --check-prefix=CHECK-B-3 // RUN: %run %t 0 0 4 2>&1 | FileCheck %s --check-prefix=CHECK-C-4 +int get_int(int *const p __attribute__((pass_object_size(0))), int i) { + // CHECK-A-2: bounds.cpp:[[@LINE+1]]:10: runtime error: index 2 out of bounds for type 'int *' + return p[i]; +} + +int get_double(double *const p __attribute__((pass_object_size(0))), int i) { + // CHECK-A-2: bounds.cpp:[[@LINE+1]]:10: runtime error: index 2 out of bounds for type 'double *' + return p[i]; +} + int main(int argc, char **argv) { + int bar[2]; + get_int(bar, argv[1][0] - '0'); + + double baz[2]; + get_double(baz, argv[1][0] - '0'); + int arr[2][3][4] = {}; return arr[argv[1][0] - '0'][argv[2][0] - '0'][argv[3][0] - '0']; From 15cea4ccd9547fcccd3199eb50cd2db0d2e320cd Mon Sep 17 00:00:00 2001 From: Evgeniy Stepanov Date: Sat, 11 Nov 2017 02:32:02 +0000 Subject: [PATCH 2/4] [ubsan-minimal] Get rid of the libc++ dependency. Summary: Use -nodefaultlibs. Replace std:atomic with sanitizer atomics. Reviewers: vitalybuka, kongyi, EricWF Subscribers: mgorny, llvm-commits Differential Revision: https://reviews.llvm.org/D39934 git-svn-id: https://llvm.org/svn/llvm-project/compiler-rt/trunk@317969 91177308-0d34-0410-b5e6-96231b3b80d8 (cherry picked from commit 4eb81d264dde37f70252d16e7428945e8936699e) --- lib/ubsan_minimal/CMakeLists.txt | 6 ++-- lib/ubsan_minimal/ubsan_minimal_handlers.cc | 35 +++++++++++---------- 2 files changed, 23 insertions(+), 18 deletions(-) diff --git a/lib/ubsan_minimal/CMakeLists.txt b/lib/ubsan_minimal/CMakeLists.txt index e26fc34ce..54860a3d2 100644 --- a/lib/ubsan_minimal/CMakeLists.txt +++ b/lib/ubsan_minimal/CMakeLists.txt @@ -9,8 +9,9 @@ include_directories(..) set(UBSAN_CFLAGS ${SANITIZER_COMMON_CFLAGS}) append_rtti_flag(OFF UBSAN_CFLAGS) -set(UBSAN_STANDALONE_CFLAGS ${SANITIZER_COMMON_CFLAGS}) -append_rtti_flag(OFF UBSAN_STANDALONE_CFLAGS) +set(UBSAN_LINK_FLAGS ${SANITIZER_COMMON_LINK_FLAGS}) + +set(UBSAN_DYNAMIC_LIBS ${SANITIZER_COMMON_LINK_LIBS}) add_compiler_rt_component(ubsan-minimal) @@ -39,6 +40,7 @@ if(COMPILER_RT_HAS_UBSAN_MINIMAL) ARCHS ${UBSAN_SUPPORTED_ARCH} OBJECT_LIBS RTUbsan_minimal CFLAGS ${UBSAN_CFLAGS} + LINK_FLAGS ${UBSAN_LINK_FLAGS} LINK_LIBS ${UBSAN_DYNAMIC_LIBS} PARENT_TARGET ubsan-minimal) diff --git a/lib/ubsan_minimal/ubsan_minimal_handlers.cc b/lib/ubsan_minimal/ubsan_minimal_handlers.cc index dac127bc2..92b673d9e 100644 --- a/lib/ubsan_minimal/ubsan_minimal_handlers.cc +++ b/lib/ubsan_minimal/ubsan_minimal_handlers.cc @@ -1,5 +1,7 @@ -#include +#include "sanitizer_common/sanitizer_atomic.h" + #include +#include #include #include @@ -8,37 +10,38 @@ static void message(const char *msg) { } static const int kMaxCallerPcs = 20; -static std::atomic caller_pcs[kMaxCallerPcs]; +static __sanitizer::atomic_uintptr_t caller_pcs[kMaxCallerPcs]; // Number of elements in caller_pcs. A special value of kMaxCallerPcs + 1 means // that "too many errors" has already been reported. -static std::atomic caller_pcs_sz; +static __sanitizer::atomic_uint32_t caller_pcs_sz; -__attribute__((noinline)) -static bool report_this_error(void *caller) { - if (caller == nullptr) return false; +__attribute__((noinline)) static bool report_this_error(void *caller_p) { + uintptr_t caller = reinterpret_cast(caller_p); + if (caller == 0) return false; while (true) { - int sz = caller_pcs_sz.load(std::memory_order_relaxed); - if (sz > kMaxCallerPcs) return false; // early exit + unsigned sz = __sanitizer::atomic_load_relaxed(&caller_pcs_sz); + if (sz > kMaxCallerPcs) return false; // early exit // when sz==kMaxCallerPcs print "too many errors", but only when cmpxchg // succeeds in order to not print it multiple times. if (sz > 0 && sz < kMaxCallerPcs) { - void *p; - for (int i = 0; i < sz; ++i) { - p = caller_pcs[i].load(std::memory_order_relaxed); - if (p == nullptr) break; // Concurrent update. + uintptr_t p; + for (unsigned i = 0; i < sz; ++i) { + p = __sanitizer::atomic_load_relaxed(&caller_pcs[i]); + if (p == 0) break; // Concurrent update. if (p == caller) return false; } - if (p == nullptr) continue; // FIXME: yield? + if (p == 0) continue; // FIXME: yield? } - if (!caller_pcs_sz.compare_exchange_strong(sz, sz + 1)) - continue; // Concurrent update! Try again from the start. + if (!__sanitizer::atomic_compare_exchange_strong( + &caller_pcs_sz, &sz, sz + 1, __sanitizer::memory_order_seq_cst)) + continue; // Concurrent update! Try again from the start. if (sz == kMaxCallerPcs) { message("ubsan: too many errors\n"); return false; } - caller_pcs[sz].store(caller, std::memory_order_relaxed); + __sanitizer::atomic_store_relaxed(&caller_pcs[sz], caller); return true; } } From 71a8760d7c73f8f4b173c54ce735b7db7c563cd6 Mon Sep 17 00:00:00 2001 From: Adam Nemet Date: Tue, 14 Nov 2017 19:00:08 +0000 Subject: [PATCH 3/4] Adjust test after r318159 git-svn-id: https://llvm.org/svn/llvm-project/compiler-rt/trunk@318170 91177308-0d34-0410-b5e6-96231b3b80d8 (cherry picked from commit 5d09f38cf41f411c05ac01b96aea60ccf58ecc26) --- test/profile/instrprof-darwin-dead-strip.c | 1 + 1 file changed, 1 insertion(+) diff --git a/test/profile/instrprof-darwin-dead-strip.c b/test/profile/instrprof-darwin-dead-strip.c index 64a4895a9..03049335e 100644 --- a/test/profile/instrprof-darwin-dead-strip.c +++ b/test/profile/instrprof-darwin-dead-strip.c @@ -35,6 +35,7 @@ int main() { return 0; } // PROF-NEXT: Hash: // PROF-NEXT: Counters: 1 // PROF-NEXT: Function count: 1 +// PROF-NEXT: Instrumentation level: Front-end // PROF-NEXT: Functions shown: 1 // PROF-NEXT: Total functions: 1 // PROF-NEXT: Maximum function count: 1 From 9c1f9946a53b4bdb798e2ce82b00a5c7481dba64 Mon Sep 17 00:00:00 2001 From: Vedant Kumar Date: Tue, 14 Nov 2017 23:57:58 +0000 Subject: [PATCH 4/4] [profile] Update InstrProfData.inc to sync with llvm git-svn-id: https://llvm.org/svn/llvm-project/compiler-rt/trunk@318230 91177308-0d34-0410-b5e6-96231b3b80d8 (cherry picked from commit 270a9d57af3a0b13214ca6e2cd33a820094cd6c3) --- lib/profile/InstrProfData.inc | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/lib/profile/InstrProfData.inc b/lib/profile/InstrProfData.inc index 66d63a462..6a98dc7b9 100644 --- a/lib/profile/InstrProfData.inc +++ b/lib/profile/InstrProfData.inc @@ -628,7 +628,7 @@ serializeValueProfDataFrom(ValueProfRecordClosure *Closure, /* Raw profile format version (start from 1). */ #define INSTR_PROF_RAW_VERSION 4 /* Indexed profile format version (start from 1). */ -#define INSTR_PROF_INDEX_VERSION 4 +#define INSTR_PROF_INDEX_VERSION 5 /* Coverage mapping format vresion (start from 0). */ #define INSTR_PROF_COVMAP_VERSION 2