Svadev mailing list

[Baozeng <sploving1 AT gmail.com>]

Dear John,
Also for the same test (int p[33]; p[35]=8), we compile it using
"clang -fmemsafety ...", run it and it shows:

SAFECode:Violation Type 0x6 when accessing  0x80626f4 at IP=0x80496cf

=======+++++++    SAFECODE RUNTIME ALERT +++++++=======
= Error type                            :       Load/Store Error
= CWE ID                                :       120
= Faulting pointer                      :       0x80626f4
= Program counter                       :       0x80496cf
= Fault PC Source                       :       main:1

Then we compile it with "clang -fmemsafety -bbc ...", run it and it
does not shows any violation.

Then I compare the IR files they generated respectively.

Without BBC, it is:
@p = common global [33 x i32] zeroinitializer, align 4

define i32 @main() nounwind {
  call void @fastlscheck_debug(i8* bitcast ([33 x i32]* @p to i8*),
i8* bitcast (i32* getelementptr inbounds ([33 x i32]* @p, i64 1, i32
2) to i8*), i32 132, i32 4, i32 0, i8* getelementptr inbounds ([28 x
i8]* @sourcefile, i32 0, i32 0), i32 5)
  store i32 8, i32* getelementptr inbounds ([33 x i32]* @p, i64 1, i32
2), align 4, !dbg !18
  ret i32 0, !dbg !20
}

With BBC, it is:

@p = common global { [33 x i32], [116 x i8], { i32, i32* } }
zeroinitializer, align 256

define i32 @main() nounwind {
  call void @fastlscheck_debug(i8* bitcast ({ [33 x i32], [116 x i8],
{ i32, i32* } }* @p to i8*), i8* bitcast (i32* getelementptr inbounds
([33 x i32]* getelementptr inbounds ({ [33 x i32], [116 x i8], { i32,
i32* } }* @p, i32 0, i32 0), i64 1, i32 2) to i8*), i32 132, i32 4,
i32 0, i8* getelementptr inbounds ({ [28 x i8], [28 x i8], { i32, i32*
} }* @sourcefile, i32 0, i32 0, i32 0), i32 5)

  store i32 8, i32* getelementptr inbounds ([33 x i32]* getelementptr
inbounds ({ [33 x i32], [116 x i8], { i32, i32* } }* @p, i32 0, i32
0), i64 1, i32 2), align 4, !dbg !18
  ret i32 0, !dbg !20
}

So I think fastlscheck_debug does not work for BBC, am I right?
I am also confused by so many "getelementptr" instructions in the
argument of fastlscheck_debug function. Another thing, in the test
file, there is  p[35]=8, why in the store instruction above, there is
no 35?




2012/5/31 John Criswell 
<criswell AT illinois.edu>:
> On 5/30/12 9:08 PM, Baozeng wrote:
>>
>> 2012/5/31 John 
>> Criswell<criswell AT illinois.edu>:
>>>
>>> On 5/30/12 9:03 AM, Baozeng wrote:
>>>>
>>>> Dear John,
>>>> I added metadata information for global and stack variables(commit
>>>> r157609 and commit r157670). Then I first test global variable with
>>>> the following test:
>>>>
>>>> #include<stdlib.h>
>>>>
>>>> int p[33];
>>>> int main() {
>>>>   p[35] = 8;
>>>>   return 0;
>>>> }
>>>> Then
>>>> #clang -fmemsafety -bbc globaltest.c -o test
>>>> -L/home/sploving/llvm/projects/safecode/Debug/lib
>>>> It shows the following error:
>>>> /tmp/globaltest-GkBpxH.o:globaltest.c:function sourcefile: error:
>>>> undefined reference to 'baggy.metadata1'
>>>
>>>
>>> I don't see anything immediately wrong.  However, I'd like to point out
>>> that
>>> in the command above, you're not using the -g option, and in the command
>>> below, you are using the -g option.
>>>
>>> Do you get the problem both with and without the -g option?
>>>
>>>
>>>> Its IR file is as the following(clang -g -fmemsafety -bbc globaltest.c
>>>> -o test_me.bc -c -emit-llvm
>>>> ):
>>>>
>>>> ; ModuleID = '<stdin>'
>>>> target datalayout =
>>>>
>>>>
>>>> "e-p:32:32:32-i1:8:8-i8:8:8-i16:16:16-i32:32:32-i64:32:64-f32:32:32-f64:32:64-v64:64:64-v128:128:128-a0:0:64-f80:32:32-n8:16:32-S128"
>>>> target triple = "i386-pc-linux-gnu"
>>>>
>>>> @llvm.global_ctors = appending global [1 x { i32, void ()* }] [{ i32,
>>>> void ()* } { i32 0, void ()* @pool_ctor }]
>>>> @baggy.metadata = common global { i32, i32* }
>>>> @p = common global { [33 x i32], [116 x i8], { i32, i32* } } { [33 x
>>>> i32] zeroinitializer, [116 x i8] zeroinitializer, { i32, i32* }*
>>>> @baggy.metadata }, align 256
>>>> @baggy.metadata1 = internal constant { i32, i32* }
>>>> @sourcefile = internal constant { [28 x i8], [28 x i8], { i32, i32* }
>>>> } { [28 x i8] c"/home/sploving/globaltest.c\00", [28 x i8]
>>>> zeroinitializer, { i32, i32* }* @baggy.metadata1 }, align 64
>>>
>>>
>>> Try adding a zeroinitializer to the baggy.metadata global variables.  I
>>> get
>>> an error about them not having any initializer when I try to use BBC with
>>> libLTO.
>>>
>> yes. I added a zeroinitializer to it and it works.
>
>
> I also noticed that the metadata is given the same linkage as the global
> variable.  If possible, the metadata should be given internal linkage so
> that we don't get conflicts between compilation units.
>
> -- John T.
>
>
>>>> [snip]
>>>>
>>>>
>>>> What is the matter with my commit?
>>>>
>>>> Another thing, are there any classic examples to test whether BBC
>>>> support global and stack variables checking?
>>>>
>>> No.  To test it, you'll need to write your own sample programs.
>>>  Eventually,
>>> we'll want to add lit tests for BBC.
>>>
>>> -- John T.
>>>
>>
>>
>



-- 
     Best Regards,
                                                                 Baozeng Ding
                                                                 
OSTG,NFS,ISCAS