[ubsan_minimal] Allow UBSan handler from Minimal runtime to acceprt arguments

Also renamed minimal-specific WEAK_DEF anchor from __ubsan_report_error to __ubsan_minimal_report_error.
A new __ubsan_minimal_report_error accepts address of the variable being inspected.

Author: alazarev

clang/lib/CodeGen/CGExpr.cpp

@@ -3717,6 +3717,33 @@ static void emitCheckHandlerCall(CodeGenFunction &CGF,
   }
 }
 
+// Adapts the arguments to the handler function.
+// It is expected that {StaticArgs..., DynamicArgs...} sequence matches the
+// corresponding XxxData type from the ubsan_handlers.h file.
+// Minimal hadler can use a subset of the arguments.
+static void
+AdaptArgsToHandler(CodeGenModule &CGM, SanitizerHandler CheckHandler,
+                   ArrayRef<llvm::Constant *> StaticArgs,
+                   ArrayRef<llvm::Value *> DynamicArgs,
+                   SmallVectorImpl<llvm::Constant *> &HandlerStaticArgs,
+                   SmallVectorImpl<llvm::Value *> &HandlerDynamicArgs) {
+  if (!CGM.getCodeGenOpts().SanitizeMinimalRuntime) {
+    HandlerStaticArgs.assign(StaticArgs.begin(), StaticArgs.end());
+    HandlerDynamicArgs.assign(DynamicArgs.begin(), DynamicArgs.end());
+    return;
+  }
+
+  switch (CheckHandler) {
+  case SanitizerHandler::TypeMismatch:
+    // Pass value pointer only. It adds minimal overhead.
+    HandlerDynamicArgs.assign(DynamicArgs.begin(), DynamicArgs.end());
+    break;
+  default:
+    // No arguments for other checks.
+    break;
+  }
+}
+
 void CodeGenFunction::EmitCheck(
     ArrayRef<std::pair<llvm::Value *, SanitizerKind::SanitizerOrdinal>> Checked,
     SanitizerHandler CheckHandler, ArrayRef<llvm::Constant *> StaticArgs,
@@ -3794,28 +3821,37 @@ void CodeGenFunction::EmitCheck(
   // representing operand values.
   SmallVector<llvm::Value *, 4> Args;
   SmallVector<llvm::Type *, 4> ArgTypes;
-  if (!CGM.getCodeGenOpts().SanitizeMinimalRuntime) {
-    Args.reserve(DynamicArgs.size() + 1);
-    ArgTypes.reserve(DynamicArgs.size() + 1);
-
-    // Emit handler arguments and create handler function type.
-    if (!StaticArgs.empty()) {
-      llvm::Constant *Info = llvm::ConstantStruct::getAnon(StaticArgs);
-      auto *InfoPtr = new llvm::GlobalVariable(
-          CGM.getModule(), Info->getType(), false,
-          llvm::GlobalVariable::PrivateLinkage, Info, "", nullptr,
-          llvm::GlobalVariable::NotThreadLocal,
-          CGM.getDataLayout().getDefaultGlobalsAddressSpace());
-      InfoPtr->setUnnamedAddr(llvm::GlobalValue::UnnamedAddr::Global);
-      CGM.getSanitizerMetadata()->disableSanitizerForGlobal(InfoPtr);
-      Args.push_back(InfoPtr);
-      ArgTypes.push_back(Args.back()->getType());
-    }
 
-    for (llvm::Value *DynamicArg : DynamicArgs) {
-      Args.push_back(EmitCheckValue(DynamicArg));
-      ArgTypes.push_back(IntPtrTy);
-    }
+  SmallVector<llvm::Constant *, 4> HandlerStaticArgs;
+  SmallVector<llvm::Value *, 4> HandlerDynamicArgs;
+  AdaptArgsToHandler(CGM, CheckHandler, StaticArgs, DynamicArgs,
+                     HandlerStaticArgs, HandlerDynamicArgs);
+
+  Args.reserve(HandlerDynamicArgs.size() + 1);
+  ArgTypes.reserve(HandlerDynamicArgs.size() + 1);
+
+  // Emit handler arguments and create handler function type.
+  if (!HandlerStaticArgs.empty()) {
+    llvm::Constant *Info = llvm::ConstantStruct::getAnon(HandlerStaticArgs);
+    auto *InfoPtr = new llvm::GlobalVariable(
+        CGM.getModule(), Info->getType(),
+        // Non-constant global is used in non-minimal handler to deduplicate
+        // reports. Minimal handler stores history statically.
+        // TODO: make it constant for non-minimal handler.
+        /*isConstant=*/
+        CGM.getCodeGenOpts().SanitizeMinimalRuntime,
+        llvm::GlobalVariable::PrivateLinkage, Info, "", nullptr,
+        llvm::GlobalVariable::NotThreadLocal,
+        CGM.getDataLayout().getDefaultGlobalsAddressSpace());
+    InfoPtr->setUnnamedAddr(llvm::GlobalValue::UnnamedAddr::Global);
+    CGM.getSanitizerMetadata()->disableSanitizerForGlobal(InfoPtr);
+    Args.push_back(InfoPtr);
+    ArgTypes.push_back(Args.back()->getType());
+  }
+
+  for (llvm::Value *DynamicArg : HandlerDynamicArgs) {
+    Args.push_back(EmitCheckValue(DynamicArg));
+    ArgTypes.push_back(IntPtrTy);
   }
 
   llvm::FunctionType *FnType =

compiler-rt/lib/ubsan_minimal/ubsan_minimal_handlers.cpp

@@ -34,20 +34,25 @@ static char *append_hex(uintptr_t d, char *buf, const char *end) {
   return buf;
 }
 
-static void format_msg(const char *kind, uintptr_t caller, char *buf,
-                       const char *end) {
+static void format_msg(const char *kind, uintptr_t caller,
+                       const uintptr_t *address, char *buf, const char *end) {
   buf = append_str("ubsan: ", buf, end);
   buf = append_str(kind, buf, end);
   buf = append_str(" by 0x", buf, end);
   buf = append_hex(caller, buf, end);
+  if (address) {
+    buf = append_str(" address 0x", buf, end);
+    buf = append_hex(*address, buf, end);
+  }
   buf = append_str("\n", buf, end);
   if (buf == end)
     --buf; // Make sure we don't cause a buffer overflow.
   *buf = '\0';
 }
 
-SANITIZER_INTERFACE_WEAK_DEF(void, __ubsan_report_error, const char *kind,
-                             uintptr_t caller) {
+SANITIZER_INTERFACE_WEAK_DEF(void, __ubsan_minimal_report_error,
+                             const char *kind, uintptr_t caller,
+                             const uintptr_t *address) {
   if (caller == 0)
     return;
   while (true) {
@@ -80,15 +85,16 @@ SANITIZER_INTERFACE_WEAK_DEF(void, __ubsan_report_error, const char *kind,
     __sanitizer::atomic_store_relaxed(&caller_pcs[sz], caller);
 
     char msg_buf[128];
-    format_msg(kind, caller, msg_buf, msg_buf + sizeof(msg_buf));
+    format_msg(kind, caller, address, msg_buf, msg_buf + sizeof(msg_buf));
     message(msg_buf);
   }
 }
 
-SANITIZER_INTERFACE_WEAK_DEF(void, __ubsan_report_error_fatal, const char *kind,
-                             uintptr_t caller) {
+SANITIZER_INTERFACE_WEAK_DEF(void, __ubsan_minimal_report_error_fatal,
+                             const char *kind, uintptr_t caller,
+                             const uintptr_t *address) {
   // Use another handlers, in case it's already overriden.
-  __ubsan_report_error(kind, caller);
+  __ubsan_minimal_report_error(kind, caller, address);
 }
 
 #if defined(__ANDROID__)
@@ -121,21 +127,39 @@ void NORETURN CheckFailed(const char *file, int, const char *cond, u64, u64) {
 
 #define HANDLER_RECOVER(name, kind)                                            \
   INTERFACE void __ubsan_handle_##name##_minimal() {                           \
-    __ubsan_report_error(kind, GET_CALLER_PC());                               \
+    __ubsan_minimal_report_error(kind, GET_CALLER_PC(), nullptr);              \
   }
 
 #define HANDLER_NORECOVER(name, kind)                                          \
   INTERFACE void __ubsan_handle_##name##_minimal_abort() {                     \
     uintptr_t caller = GET_CALLER_PC();                                        \
-    __ubsan_report_error_fatal(kind, caller);                                  \
+    __ubsan_minimal_report_error_fatal(kind, caller, nullptr);                 \
     abort_with_message(kind, caller);                                          \
   }
 
 #define HANDLER(name, kind)                                                    \
   HANDLER_RECOVER(name, kind)                                                  \
   HANDLER_NORECOVER(name, kind)
 
-HANDLER(type_mismatch, "type-mismatch")
+#define HANDLER_RECOVER_PTR(name, kind)                                        \
+  INTERFACE void __ubsan_handle_##name##_minimal(const uintptr_t address) {    \
+    __ubsan_minimal_report_error(kind, GET_CALLER_PC(), &address);             \
+  }
+
+#define HANDLER_NORECOVER_PTR(name, kind)                                      \
+  INTERFACE void __ubsan_handle_##name##_minimal_abort(                        \
+      const uintptr_t address) {                                               \
+    uintptr_t caller = GET_CALLER_PC();                                        \
+    __ubsan_minimal_report_error_fatal(kind, caller, &address);                \
+    abort_with_message(kind, caller);                                          \
+  }
+
+// A version of a handler that takes a pointer to a value.
+#define HANDLER_PTR(name, kind)                                                \
+  HANDLER_RECOVER_PTR(name, kind)                                              \
+  HANDLER_NORECOVER_PTR(name, kind)
+
+HANDLER_PTR(type_mismatch, "type-mismatch")
 HANDLER(alignment_assumption, "alignment-assumption")
 HANDLER(add_overflow, "add-overflow")
 HANDLER(sub_overflow, "sub-overflow")