[hwasan] fix false positive when hwasan-match-all-tag flag is enabled and short granu...

When hwasan-match-all-tag flag is enabled and short granules are used, at the point checking if this is a short tag case, the tag from pointer is stored in X16 register,
which breaks the assumption that tag from shadow memory is stored in X16 register, this will cause a false positive.

Reviewed By: vitalybuka

Differential Revision: https://reviews.llvm.org/D149252

diff --git a/compiler-rt/test/hwasan/TestCases/short-granule-and-match-all-tag.cpp b/compiler-rt/test/hwasan/TestCases/short-granule-and-match-all-tag.cpp
new file mode 100644 (file)
index 0000000..5d23ecc
--- /dev/null
+++ b/compiler-rt/test/hwasan/TestCases/short-granule-and-match-all-tag.cpp
@@ -0,0 +1,12 @@
+// RUN: %clang_hwasan -mllvm -hwasan-match-all-tag=0 %s -o %t && %run %t
+
+#include <sanitizer/hwasan_interface.h>
+#include <stdlib.h>
+
+int main() {
+  __hwasan_enable_allocator_tagging();
+  char *x = (char *)malloc(40);
+  char volatile z = *x;
+  free(x);
+  return 0;
+}

diff --git a/llvm/lib/Target/AArch64/AArch64AsmPrinter.cpp b/llvm/lib/Target/AArch64/AArch64AsmPrinter.cpp
index 1c9a790..9e433db 100644 (file)
--- a/llvm/lib/Target/AArch64/AArch64AsmPrinter.cpp
+++ b/llvm/lib/Target/AArch64/AArch64AsmPrinter.cpp
@@ -531,14 +531,14 @@ void AArch64AsmPrinter::emitHwasanMemaccessSymbols(Module &M) {
 
     if (HasMatchAllTag) {
       OutStreamer->emitInstruction(MCInstBuilder(AArch64::UBFMXri)
-                                       .addReg(AArch64::X16)
+                                       .addReg(AArch64::X17)
                                        .addReg(Reg)
                                        .addImm(56)
                                        .addImm(63),
                                    *STI);
       OutStreamer->emitInstruction(MCInstBuilder(AArch64::SUBSXri)
                                        .addReg(AArch64::XZR)
-                                       .addReg(AArch64::X16)
+                                       .addReg(AArch64::X17)
                                        .addImm(MatchAllTag)
                                        .addImm(0),
                                    *STI);

diff --git a/llvm/test/CodeGen/AArch64/hwasan-check-memaccess.ll b/llvm/test/CodeGen/AArch64/hwasan-check-memaccess.ll
index 3aff1c2..f5f31e7 100644 (file)
--- a/llvm/test/CodeGen/AArch64/hwasan-check-memaccess.ll
+++ b/llvm/test/CodeGen/AArch64/hwasan-check-memaccess.ll
@@ -104,8 +104,8 @@ declare void @llvm.hwasan.check.memaccess.shortgranules(ptr, ptr, i32)
 ; CHECK-NEXT: .Ltmp6:
 ; CHECK-NEXT: ret
 ; CHECK-NEXT: .Ltmp5:
-; CHECK-NEXT: lsr x16, x1, #56
-; CHECK-NEXT: cmp x16, #255
+; CHECK-NEXT: lsr x17, x1, #56
+; CHECK-NEXT: cmp x17, #255
 ; CHECK-NEXT: b.eq .Ltmp6
 ; CHECK-NEXT: stp x0, x1, [sp, #-256]!
 ; CHECK-NEXT: stp x29, x30, [sp, #232]
@@ -121,8 +121,8 @@ declare void @llvm.hwasan.check.memaccess.shortgranules(ptr, ptr, i32)
 ; CHECK-NEXT: .Ltmp8:
 ; CHECK-NEXT: ret
 ; CHECK-NEXT: .Ltmp7:
-; CHECK-NEXT: lsr      x16, x1, #56
-; CHECK-NEXT: cmp      x16, #0
+; CHECK-NEXT: lsr      x17, x1, #56
+; CHECK-NEXT: cmp      x17, #0
 ; CHECK-NEXT: b.eq     .Ltmp8
 ; CHECK-NEXT: cmp      w16, #15
 ; CHECK-NEXT: b.hi     .Ltmp9