From 5236cff8bf581bb2615c787eb59ed53d0cb95586 Mon Sep 17 00:00:00 2001
From: Evgeniy Stepanov <eugeni.stepanov@gmail.com>
Date: Sun, 24 May 2015 02:47:59 +0000
Subject: [msan] Mprotect all inaccessible memory regions.

Fix 2 bugs in memory mapping setup:
- the invalid region at offset 0 was not protected because mmap at
  address 0 fails with EPERM on most Linux systems. We did not
  notice this because the check condition was flipped: the code was
  checking that mprotect has failed. And the test that was supposed
  to catch this was weakened by the mitigations in the mmap
  interceptor.
- when running without origins, the origin shadow range was left
  unprotected.

The new test ensures that mmap w/o MAP_FIXED always returns valid
application addresses.


git-svn-id: https://llvm.org/svn/llvm-project/compiler-rt/trunk@238109 91177308-0d34-0410-b5e6-96231b3b80d8
---
 test/msan/mmap.cc | 42 ++++++++++++++++++++++++++++++++++++++++++
 1 file changed, 42 insertions(+)
 create mode 100644 test/msan/mmap.cc

(limited to 'test/msan')

diff --git a/test/msan/mmap.cc b/test/msan/mmap.cc
new file mode 100644
index 000000000..c657052e0
--- /dev/null
+++ b/test/msan/mmap.cc
@@ -0,0 +1,42 @@
+// Test that mmap (without MAP_FIXED) always returns valid application addresses.
+// RUN: %clangxx_msan -O0 %s -o %t && %run %t
+// RUN: %clangxx_msan -O0 -fsanitize-memory-track-origins %s -o %t && %run %t
+
+#include <assert.h>
+#include <errno.h>
+#include <stdint.h>
+#include <sys/mman.h>
+#include <stdio.h>
+
+bool AddrIsApp(void *p) {
+  uintptr_t addr = (uintptr_t)p;
+#if defined(__FreeBSD__) && defined(__x86_64__)
+  return addr < 0x010000000000ULL || addr >= 0x600000000000ULL;
+#elif defined(__x86_64__)
+  return addr >= 0x600000000000ULL;
+#elif defined(__mips64)
+  return addr >= 0x00e000000000ULL;
+#endif
+}
+
+int main() {
+  // Large enough to quickly exhaust the entire address space.
+#if defined(__mips64)
+  const size_t kMapSize = 0x100000000ULL;
+#else
+  const size_t kMapSize = 0x1000000000ULL;
+#endif
+  int success_count = 0;
+  while (true) {
+    void *p = mmap(0, kMapSize, PROT_WRITE, MAP_PRIVATE | MAP_ANONYMOUS, -1, 0);
+    printf("%p\n", p);
+    if (p == MAP_FAILED) {
+      assert(errno == ENOMEM);
+      break;
+    }
+    assert(AddrIsApp(p));
+    success_count++;
+  }
+  printf("successful mappings: %d\n", success_count);
+  assert(success_count > 5);
+}
-- 
cgit v1.2.3