From 552bdae22fee776603ee62362daf2f6d6e6193ea Mon Sep 17 00:00:00 2001 From: anoopkg6 Date: Fri, 10 Oct 2025 18:22:29 +0200 Subject: [PATCH 1/3] Resolve Endianess issue with getting shadow 4 bytes corresponding to the first origin pointer --- .../Transforms/Instrumentation/DataFlowSanitizer.cpp | 10 ++++++++-- 1 file changed, 8 insertions(+), 2 deletions(-) diff --git a/llvm/lib/Transforms/Instrumentation/DataFlowSanitizer.cpp b/llvm/lib/Transforms/Instrumentation/DataFlowSanitizer.cpp index 5ba2167859490..b4f88779b00c0 100644 --- a/llvm/lib/Transforms/Instrumentation/DataFlowSanitizer.cpp +++ b/llvm/lib/Transforms/Instrumentation/DataFlowSanitizer.cpp @@ -2187,8 +2187,14 @@ std::pair DFSanFunction::loadShadowFast( // and then the entire shadow for the second origin pointer (which will be // chosen by combineOrigins() iff the least-significant half of the wide // shadow was empty but the other half was not). - Value *WideShadowLo = IRB.CreateShl( - WideShadow, ConstantInt::get(WideShadowTy, WideShadowBitWidth / 2)); + Value *WideShadowLo = + F->getParent()->getDataLayout().isLittleEndian() + ? IRB.CreateShl( + WideShadow, + ConstantInt::get(WideShadowTy, WideShadowBitWidth / 2)) + : IRB.CreateAnd( + WideShadow, + ConstantInt::get(WideShadowTy, 0xFFFFFFFF00000000ULL)); Shadows.push_back(WideShadow); Origins.push_back(DFS.loadNextOrigin(Pos, OriginAlign, &OriginAddr)); From 774ef1cbad6ed4526c7fa06e2045b63be37afe5a Mon Sep 17 00:00:00 2001 From: anoopkg6 Date: Sun, 12 Oct 2025 14:39:07 +0200 Subject: [PATCH 2/3] Rewriting masking off WideShadow 4 bytes for Big Endians in terms of WideShadowBitWidth --- llvm/lib/Transforms/Instrumentation/DataFlowSanitizer.cpp | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/llvm/lib/Transforms/Instrumentation/DataFlowSanitizer.cpp b/llvm/lib/Transforms/Instrumentation/DataFlowSanitizer.cpp index b4f88779b00c0..47597c44baacc 100644 --- a/llvm/lib/Transforms/Instrumentation/DataFlowSanitizer.cpp +++ b/llvm/lib/Transforms/Instrumentation/DataFlowSanitizer.cpp @@ -2194,7 +2194,9 @@ std::pair DFSanFunction::loadShadowFast( ConstantInt::get(WideShadowTy, WideShadowBitWidth / 2)) : IRB.CreateAnd( WideShadow, - ConstantInt::get(WideShadowTy, 0xFFFFFFFF00000000ULL)); + ConstantInt::get(WideShadowTy, + (1 - (1 << (WideShadowBitWidth / 2))) + << (WideShadowBitWidth / 2))); Shadows.push_back(WideShadow); Origins.push_back(DFS.loadNextOrigin(Pos, OriginAlign, &OriginAddr)); From 447173a174d2f453afad4a7818db4d60a086fd3e Mon Sep 17 00:00:00 2001 From: anoopkg6 Date: Wed, 29 Oct 2025 17:10:15 +0100 Subject: [PATCH 3/3] Added test for fixing endianness issue in dfsan --- compiler-rt/test/dfsan/origin_endianness.c | 37 ++++++++++++++++++++++ 1 file changed, 37 insertions(+) create mode 100644 compiler-rt/test/dfsan/origin_endianness.c diff --git a/compiler-rt/test/dfsan/origin_endianness.c b/compiler-rt/test/dfsan/origin_endianness.c new file mode 100644 index 0000000000000..a73dcda080e79 --- /dev/null +++ b/compiler-rt/test/dfsan/origin_endianness.c @@ -0,0 +1,37 @@ +// RUN: %clang_dfsan -gmlt -mllvm -dfsan-track-origins=1 %s -o %t && \ +// RUN: %run %t >%t.out 2>&1 +// RUN: FileCheck %s < %t.out +// +// Test origin tracking is accurate in terms of endianness. + +#include + +typedef uint64_t FULL_TYPE; +typedef uint32_t HALF_TYPE; + +__attribute__((noinline)) FULL_TYPE foo(FULL_TYPE a, FULL_TYPE b) { + return a + b; +} + +int main(int argc, char *argv[]) { + FULL_TYPE a = 1; + FULL_TYPE b = 10; + dfsan_set_label(4, (HALF_TYPE *)&a, sizeof(HALF_TYPE)); + FULL_TYPE c = foo(a, b); + dfsan_print_origin_trace(&c, NULL); + dfsan_print_origin_trace((HALF_TYPE *)&c, NULL); +} + +// CHECK: Taint value 0x4 {{.*}} origin tracking () +// CHECK: Origin value: {{.*}}, Taint value was stored to memory at +// CHECK: #0 {{.*}} in main {{.*}}origin_endianness.c:[[@LINE-7]] + +// CHECK: Origin value: {{.*}}, Taint value was created at +// CHECK: #0 {{.*}} in main {{.*}}origin_endianness.c:[[@LINE-11]] + +// CHECK: Taint value 0x4 {{.*}} origin tracking () +// CHECK: Origin value: {{.*}}, Taint value was stored to memory at +// CHECK: #0 {{.*}} in main {{.*}}origin_endianness.c:[[@LINE-14]] + +// CHECK: Origin value: {{.*}}, Taint value was created at +// CHECK: #0 {{.*}} in main {{.*}}origin_endianness.c:[[@LINE-18]]