[MSan] Tweak CopyOrigin

stephan-yichao-zhao · stephan-yichao-zhao · commit 82655c151450 · 2021-01-13T01:22:05.000Z
There could be some mis-alignments when copying origins not aligned. I believe inaligned memcpy is rare so the cases do not matter too much in practice. 1) About the change at line 50 Let dst be (void*)5, then d=5, beg=4 so we need to write 3 (4+4-5) bytes from 5 to 7. 2) About the change around line 77. Let dst be (void*)5, because of lines 50-55, the bytes from 5-7 were already writen. So the aligned copy is from 8. Reviewed-by: eugenis Differential Revision: https://reviews.llvm.org/D94552
diff --git a/compiler-rt/lib/msan/msan_poisoning.cpp b/compiler-rt/lib/msan/msan_poisoning.cpp
@@ -47,7 +47,7 @@ void CopyOrigin(const void *dst, const void *src, uptr size,
   uptr beg = d & ~3UL;
   // Copy left unaligned origin if that memory is poisoned.
   if (beg < d) {
-    u32 o = GetOriginIfPoisoned((uptr)src, d - beg);
+    u32 o = GetOriginIfPoisoned((uptr)src, beg + 4 - d);
     if (o) {
       if (__msan_get_track_origins() > 1) o = ChainOrigin(o, stack);
       *(u32 *)MEM_TO_ORIGIN(beg) = o;
@@ -71,12 +71,13 @@ void CopyOrigin(const void *dst, const void *src, uptr size,
   if (beg < end) {
     // Align src up.
     uptr s = ((uptr)src + 3) & ~3UL;
+    uptr aligned_beg = ((uptr)dst + 3) & ~3UL;
     // FIXME: factor out to msan_copy_origin_aligned
     if (__msan_get_track_origins() > 1) {
       u32 *src = (u32 *)MEM_TO_ORIGIN(s);
       u32 *src_s = (u32 *)MEM_TO_SHADOW(s);
-      u32 *src_end = (u32 *)MEM_TO_ORIGIN(s + (end - beg));
-      u32 *dst = (u32 *)MEM_TO_ORIGIN(beg);
+      u32 *src_end = (u32 *)MEM_TO_ORIGIN(s + (end - aligned_beg));
+      u32 *dst = (u32 *)MEM_TO_ORIGIN(aligned_beg);
       u32 src_o = 0;
       u32 dst_o = 0;
       for (; src < src_end; ++src, ++src_s, ++dst) {
@@ -88,8 +89,9 @@ void CopyOrigin(const void *dst, const void *src, uptr size,
         *dst = dst_o;
       }
     } else {
-      REAL(memcpy)((void *)MEM_TO_ORIGIN(beg), (void *)MEM_TO_ORIGIN(s),
-                   end - beg);
+      REAL(memcpy)
+      ((void *)MEM_TO_ORIGIN(aligned_beg), (void *)MEM_TO_ORIGIN(s),
+       end - aligned_beg);
     }
   }
 }
