mirror of
https://github.com/capstone-engine/llvm-capstone.git
synced 2025-01-10 10:01:42 +00:00
19074450ee
This patch enabled msan for aarch64 with 39-bit VMA and 42-bit VMA.
As defined by lib/msan/msan.h the memory layout used is for 39-bit is:
00 0000 0000 - 40 0000 0000: invalid
40 0000 0000 - 43 0000 0000: shadow
43 0000 0000 - 46 0000 0000: origin
46 0000 0000 - 55 0000 0000: invalid
55 0000 0000 - 56 0000 0000: app (low)
56 0000 0000 - 70 0000 0000: invalid
70 0000 0000 - 80 0000 0000: app (high)
And for 42-bit VMA:
000 0000 0000 - 100 0000 0000: invalid
100 0000 0000 - 11b 0000 0000: shadow
11b 0000 0000 - 120 0000 0000: invalid
120 0000 0000 - 13b 0000 0000: origin
13b 0000 0000 - 2aa 0000 0000: invalid
2aa 0000 0000 - 2ab 0000 0000: app (low)
2ab 0000 0000 - 3f0 0000 0000: invalid
3f0 0000 0000 - 400 0000 0000: app (high)
Most of tests are passing with exception of:
* Linux/mallinfo.cc
* chained_origin_limits.cc
* dlerror.cc
* param_tls_limit.cc
* signal_stress_test.cc
* nonnull-arg.cpp
The 'Linux/mallinfo.cc' is due the fact AArch64 returns the sret in 'x8'
instead of default first argument 'x1'. So a function prototype that
aims to mimic (by using first argument as the return of function) won't
work. For GCC one can make a register alias (register var asm ("r8")), but
for clang it detects is an unused variable and generate wrong code.
The 'chained_origin_limits' is probably due a wrong code generation,
since it fails only when origin memory is used
(-fsanitize-memory-track-origins=2) and only in the returned code
(return buf[50]).
The 'signal_streess_test' and 'nonnull-arg' are due currently missing variadic
argument handling in memory sanitizer code instrumentation on LLVM side.
Both 'dlerror' and 'param_tls_test' are unknown failures that require
further investigation.
All the failures are XFAIL for aarch64 for now.
llvm-svn: 247809
79 lines
1.6 KiB
C++
79 lines
1.6 KiB
C++
// ParamTLS has limited size. Everything that does not fit is considered fully
|
|
// initialized.
|
|
|
|
// RUN: %clangxx_msan -O0 %s -o %t && %run %t
|
|
// RUN: %clangxx_msan -fsanitize-memory-track-origins -O0 %s -o %t && %run %t
|
|
// RUN: %clangxx_msan -fsanitize-memory-track-origins=2 -O0 %s -o %t && %run %t
|
|
//
|
|
// AArch64 fails with:
|
|
// void f801(S<801>): Assertion `__msan_test_shadow(&s, sizeof(s)) == -1' failed
|
|
// XFAIL: aarch64
|
|
|
|
#include <sanitizer/msan_interface.h>
|
|
#include <assert.h>
|
|
|
|
// This test assumes that ParamTLS size is 800 bytes.
|
|
|
|
// This test passes poisoned values through function argument list.
|
|
// In case of overflow, argument is unpoisoned.
|
|
#define OVERFLOW(x) assert(__msan_test_shadow(&x, sizeof(x)) == -1)
|
|
// In case of no overflow, it is still poisoned.
|
|
#define NO_OVERFLOW(x) assert(__msan_test_shadow(&x, sizeof(x)) == 0)
|
|
|
|
template<int N>
|
|
struct S {
|
|
char x[N];
|
|
};
|
|
|
|
void f100(S<100> s) {
|
|
NO_OVERFLOW(s);
|
|
}
|
|
|
|
void f800(S<800> s) {
|
|
NO_OVERFLOW(s);
|
|
}
|
|
|
|
void f801(S<801> s) {
|
|
OVERFLOW(s);
|
|
}
|
|
|
|
void f1000(S<1000> s) {
|
|
OVERFLOW(s);
|
|
}
|
|
|
|
void f_many(int a, double b, S<800> s, int c, double d) {
|
|
NO_OVERFLOW(a);
|
|
NO_OVERFLOW(b);
|
|
OVERFLOW(s);
|
|
OVERFLOW(c);
|
|
OVERFLOW(d);
|
|
}
|
|
|
|
// -8 bytes for "int a", aligned by 8
|
|
// -2 to make "int c" a partial fit
|
|
void f_many2(int a, S<800 - 8 - 2> s, int c, double d) {
|
|
NO_OVERFLOW(a);
|
|
NO_OVERFLOW(s);
|
|
OVERFLOW(c);
|
|
OVERFLOW(d);
|
|
}
|
|
|
|
int main(void) {
|
|
S<100> s100;
|
|
S<800> s800;
|
|
S<801> s801;
|
|
S<1000> s1000;
|
|
f100(s100);
|
|
f800(s800);
|
|
f801(s801);
|
|
f1000(s1000);
|
|
|
|
int i;
|
|
double d;
|
|
f_many(i, d, s800, i, d);
|
|
|
|
S<800 - 8 - 2> s788;
|
|
f_many2(i, s788, i, d);
|
|
return 0;
|
|
}
|