summary refs log tree commit diff stats
path: root/results/classifier/118/review/514
diff options
context:
space:
mode:
Diffstat (limited to 'results/classifier/118/review/514')
-rw-r--r--results/classifier/118/review/51485
1 files changed, 85 insertions, 0 deletions
diff --git a/results/classifier/118/review/514 b/results/classifier/118/review/514
new file mode 100644
index 00000000..eb05ad3a
--- /dev/null
+++ b/results/classifier/118/review/514
@@ -0,0 +1,85 @@
+architecture: 0.850
+register: 0.815
+ppc: 0.796
+device: 0.778
+arm: 0.773
+graphic: 0.745
+debug: 0.649
+performance: 0.646
+semantic: 0.631
+mistranslation: 0.623
+x86: 0.583
+vnc: 0.549
+PID: 0.519
+assembly: 0.514
+files: 0.512
+VMM: 0.478
+risc-v: 0.476
+boot: 0.468
+socket: 0.457
+i386: 0.456
+TCG: 0.451
+permissions: 0.448
+kernel: 0.439
+network: 0.427
+peripherals: 0.383
+hypervisor: 0.370
+KVM: 0.335
+user-level: 0.300
+virtual: 0.265
+--------------------
+arm: 0.990
+debug: 0.804
+performance: 0.536
+TCG: 0.135
+kernel: 0.098
+semantic: 0.080
+register: 0.035
+files: 0.023
+architecture: 0.017
+hypervisor: 0.015
+PID: 0.012
+assembly: 0.009
+user-level: 0.008
+virtual: 0.005
+device: 0.005
+boot: 0.004
+mistranslation: 0.003
+risc-v: 0.002
+permissions: 0.002
+VMM: 0.002
+peripherals: 0.001
+KVM: 0.001
+socket: 0.001
+network: 0.001
+graphic: 0.001
+vnc: 0.001
+ppc: 0.000
+x86: 0.000
+i386: 0.000
+
+MTE reports false positive for "str" instruction with the SP as the base register.
+Description of problem:
+When PE executes "sp"-based store instruction with offset I got tag check fault exception. But according to arm spec. load or store that uses "sp" register should generate Tag Unchecked access.
+Steps to reproduce:
+Clang version: clang version 12.0.1. 
+I compiled my code using "-target aarch64-linux -march=armv8+memtag -fsanitize=memtag" for Clang. Clang generates following code:
+```
+0000000000000c14 <test_func>:
+     c14:       a9bc7bfd        stp     x29, x30, [sp, #-64]!
+     c18:       f9000bf7        str     x23, [sp, #16]
+     ...
+```
+Whole stack was mapped in translation tables as Tagged memory."SCTLR" register was configured to trigger synchronous exception on tag mismatch.
+When cpu executes firs instruction "stp     x29, x30, [sp, #-64]!" I got tag check fault exception: "0b010001 When FEAT_MTE is implemented Synchronous Tag Check Fault":
+ESR_EL1=0x96000051.
+
+According to ARM specification load or store that uses "sp" register should generate Tag Unchecked access:
+```
+A Tag Unchecked access will be generated for a load or store that uses either of the following:
+• A base register only, with the SP as the base register.
+• A base register plus immediate offset addressing form, with the SP as the base register.
+```
+Looks like qemu erroneously generates tag mismatch exceptions for SP-based loads and stores with immediate offset.
+Additional information:
+