diff options
author | Enna1 <xumingjie.enna1@bytedance.com> | 2023-04-28 16:59:41 +0800 |
---|---|---|
committer | Enna1 <xumingjie.enna1@bytedance.com> | 2023-04-28 17:00:26 +0800 |
commit | d961f66b28c592d3d34664b613c193cb3f75dd79 (patch) | |
tree | d9729e8e5062db77f4bcde2a38785cb05993340e /compiler-rt/test | |
parent | 9baa85271dff411dace755c879cef1412c69ebd9 (diff) | |
download | llvm-d961f66b28c592d3d34664b613c193cb3f75dd79.tar.gz |
[hwasan] fix false positive when hwasan-match-all-tag flag is enabled and short granules are used
When hwasan-match-all-tag flag is enabled and short granules are used, at the point checking if this is a short tag case, the tag from pointer is stored in X16 register,
which breaks the assumption that tag from shadow memory is stored in X16 register, this will cause a false positive.
Reviewed By: vitalybuka
Differential Revision: https://reviews.llvm.org/D149252
Diffstat (limited to 'compiler-rt/test')
-rw-r--r-- | compiler-rt/test/hwasan/TestCases/short-granule-and-match-all-tag.cpp | 12 |
1 files changed, 12 insertions, 0 deletions
diff --git a/compiler-rt/test/hwasan/TestCases/short-granule-and-match-all-tag.cpp b/compiler-rt/test/hwasan/TestCases/short-granule-and-match-all-tag.cpp new file mode 100644 index 000000000000..5d23ecc3ddd2 --- /dev/null +++ b/compiler-rt/test/hwasan/TestCases/short-granule-and-match-all-tag.cpp @@ -0,0 +1,12 @@ +// RUN: %clang_hwasan -mllvm -hwasan-match-all-tag=0 %s -o %t && %run %t + +#include <sanitizer/hwasan_interface.h> +#include <stdlib.h> + +int main() { + __hwasan_enable_allocator_tagging(); + char *x = (char *)malloc(40); + char volatile z = *x; + free(x); + return 0; +} |