This is an archive of the discontinued LLVM Phabricator instance.

Differential D4719

[asan-assembly-instrumentation] Added instrumentation for REP MOVS.
ClosedPublic

Authored by ygorshenin on Jul 30 2014, 2:49 AM.

Details

Reviewers
eugenis
Summary

[asan-assembly-instrumentation] Added instrumentation for REP MOVS.

Diff Detail

Event Timeline

ygorshenin updated this revision to Diff 12012.Jul 30 2014, 2:49 AM
ygorshenin retitled this revision from to [asan-assembly-instrumentation] Added instrumentation for REP MOVS..
ygorshenin updated this object.
ygorshenin edited the test plan for this revision. (Show Details)
ygorshenin added a reviewer: eugenis.
ygorshenin added a subscriber: Unknown Object (MLST).
eugenis added inline comments.Jul 30 2014, 4:34 AM
lib/Target/X86/AsmParser/X86AsmInstrumentation.cpp
54

InstrumentMOVS has a return value that you probably want to check here for early exit.

181

In memcpy() we check shadow for entire source and destination ranges. I guess it's not easy to do efficiently in asm, but at least leave a FIXME.

Also, this code does push eax/ecx/edx/flags four times - once for each InstrumentMemOperand. Factor prologue/epilogue generation out of InstrumentMemOperand?

lib/Target/X86/AsmParser/X86AsmParser.cpp
2287

This looks too complex, with some of the original instructions emitted directly in AsmParser, and some (REP) in instrumentation code. Could we always emit original instruction (as needed) in InstrumentInstruction?

test/Instrumentation/AddressSanitizer/X86/asm_rep_movs.ll
72

get rid of this metadata if it's not used in the test

ygorshenin updated this revision to Diff 12022.Jul 30 2014, 6:28 AM

Fixes.

ygorshenin added a comment.Jul 30 2014, 6:28 AM

PTAL

lib/Target/X86/AsmParser/X86AsmInstrumentation.cpp
54

I'd prefer to get rid of return values for Instrument*() methods, as they're complicate the logic.

181

I've added FIXME comments for both issues. Would you mind if I'll resolve second issue in a next CL?

lib/Target/X86/AsmParser/X86AsmParser.cpp
2287

Done.

test/Instrumentation/AddressSanitizer/X86/asm_rep_movs.ll
72

Done.

eugenis added inline comments.Jul 30 2014, 7:15 AM
lib/Target/X86/AsmParser/X86AsmInstrumentation.cpp
176

Don't really need a return here.

181

OK

614–621

Don't you need to emit the original instruction here?

ygorshenin updated this revision to Diff 12043.Jul 30 2014, 12:12 PM

Fixes.

ygorshenin added a comment.Jul 30 2014, 12:12 PM

PTAL

lib/Target/X86/AsmParser/X86AsmInstrumentation.cpp
176

Done.

614–621

Yes, I need. Fixed + fixed test.

eugenis accepted this revision.Jul 31 2014, 2:19 AM
eugenis edited edge metadata.

LGTM

This revision is now accepted and ready to land.Jul 31 2014, 2:19 AM
eugenis closed this revision.Jul 31 2014, 2:20 AM

r214395.

Revision Contents

PathSize
lib/
Target/
X86/
AsmParser/
13 lines
177 lines
5 lines
test/
Instrumentation/
AddressSanitizer/
X86/
2 lines
67 lines

Diff 12043

lib/Target/X86/AsmParser/X86AsmInstrumentation.h

Show All 28 Lines
X86AsmInstrumentation * X86AsmInstrumentation *
CreateX86AsmInstrumentation(const MCTargetOptions &MCOptions, CreateX86AsmInstrumentation(const MCTargetOptions &MCOptions,
const MCContext &Ctx, const MCSubtargetInfo &STI); const MCContext &Ctx, const MCSubtargetInfo &STI);
class X86AsmInstrumentation { class X86AsmInstrumentation {
public: public:
virtual ~X86AsmInstrumentation(); virtual ~X86AsmInstrumentation();
// Instruments Inst. Should be called just before the original // Tries to instrument and emit instruction.
// instruction is sent to Out. virtual void InstrumentAndEmitInstruction(
virtual void InstrumentInstruction(
const MCInst &Inst, const MCInst &Inst,
SmallVectorImpl<std::unique_ptr<MCParsedAsmOperand>> &Operands, SmallVectorImpl<std::unique_ptr<MCParsedAsmOperand> > &Operands,
MCContext &Ctx, const MCInstrInfo &MII, MCStreamer &Out); MCContext &Ctx, const MCInstrInfo &MII, MCStreamer &Out);
protected: protected:
friend X86AsmInstrumentation * friend X86AsmInstrumentation *
CreateX86AsmInstrumentation(const MCTargetOptions &MCOptions, CreateX86AsmInstrumentation(const MCTargetOptions &MCOptions,
const MCContext &Ctx, const MCSubtargetInfo &STI); const MCContext &Ctx, const MCSubtargetInfo &STI);
X86AsmInstrumentation(); X86AsmInstrumentation(const MCSubtargetInfo &STI);
void EmitInstruction(MCStreamer &Out, const MCInst &Inst);
const MCSubtargetInfo &STI;
}; };
} // End llvm namespace } // End llvm namespace
#endif // X86_ASM_INSTRUMENTATION_H #endif // X86_ASM_INSTRUMENTATION_H

lib/Target/X86/AsmParser/X86AsmInstrumentation.cpp

Show All 37 Lines
std::string FuncName(unsigned AccessSize, bool IsWrite) { std::string FuncName(unsigned AccessSize, bool IsWrite) {
return std::string("__asan_report_") + (IsWrite ? "store" : "load") + return std::string("__asan_report_") + (IsWrite ? "store" : "load") +
utostr(AccessSize); utostr(AccessSize);
} }
class X86AddressSanitizer : public X86AsmInstrumentation { class X86AddressSanitizer : public X86AsmInstrumentation {
public: public:
X86AddressSanitizer(const MCSubtargetInfo &STI) : STI(STI) {} X86AddressSanitizer(const MCSubtargetInfo &STI)
: X86AsmInstrumentation(STI), RepPrefix(false) {}
virtual ~X86AddressSanitizer() {} virtual ~X86AddressSanitizer() {}
// X86AsmInstrumentation implementation: // X86AsmInstrumentation implementation:
virtual void InstrumentInstruction( virtual void InstrumentAndEmitInstruction(
const MCInst &Inst, OperandVector &Operands, MCContext &Ctx, const MCInst &Inst, OperandVector &Operands, MCContext &Ctx,
const MCInstrInfo &MII, MCStreamer &Out) override { const MCInstrInfo &MII, MCStreamer &Out) override {
InstrumentMOVS(Inst, Operands, Ctx, MII, Out);
eugenisUnsubmitted
Not Done
ReplyInline Actions

InstrumentMOVS has a return value that you probably want to check here for early exit.

eugenis: InstrumentMOVS has a return value that you probably want to check here for early exit.
ygorsheninAuthorUnsubmitted
Not Done
ReplyInline Actions

I'd prefer to get rid of return values for Instrument*() methods, as they're complicate the logic.

ygorshenin: I'd prefer to get rid of return values for Instrument*() methods, as they're complicate the…
if (RepPrefix)
EmitInstruction(Out, MCInstBuilder(X86::REP_PREFIX));
InstrumentMOV(Inst, Operands, Ctx, MII, Out); InstrumentMOV(Inst, Operands, Ctx, MII, Out);
RepPrefix = (Inst.getOpcode() == X86::REP_PREFIX);
if (!RepPrefix)
EmitInstruction(Out, Inst);
} }
// Should be implemented differently in x86_32 and x86_64 subclasses. // Should be implemented differently in x86_32 and x86_64 subclasses.
virtual void InstrumentMemOperandSmallImpl( virtual void InstrumentMemOperandSmallImpl(
X86Operand &Op, unsigned AccessSize, bool IsWrite, MCContext &Ctx, X86Operand &Op, unsigned AccessSize, bool IsWrite, MCContext &Ctx,
MCStreamer &Out) = 0; MCStreamer &Out) = 0;
virtual void InstrumentMemOperandLargeImpl( virtual void InstrumentMemOperandLargeImpl(
X86Operand &Op, unsigned AccessSize, bool IsWrite, MCContext &Ctx, X86Operand &Op, unsigned AccessSize, bool IsWrite, MCContext &Ctx,
MCStreamer &Out) = 0; MCStreamer &Out) = 0;
virtual void InstrumentMOVSImpl(unsigned AccessSize, MCContext &Ctx,
MCStreamer &Out) = 0;
void InstrumentMemOperand(MCParsedAsmOperand &Op, unsigned AccessSize, void InstrumentMemOperand(MCParsedAsmOperand &Op, unsigned AccessSize,
bool IsWrite, MCContext &Ctx, MCStreamer &Out); bool IsWrite, MCContext &Ctx, MCStreamer &Out);
void InstrumentMOVSBase(unsigned DstReg, unsigned SrcReg, unsigned CntReg,
unsigned AccessSize, MCContext &Ctx, MCStreamer &Out);
void InstrumentMOVS(const MCInst &Inst, OperandVector &Operands,
MCContext &Ctx, const MCInstrInfo &MII, MCStreamer &Out);
void InstrumentMOV(const MCInst &Inst, OperandVector &Operands, void InstrumentMOV(const MCInst &Inst, OperandVector &Operands,
MCContext &Ctx, const MCInstrInfo &MII, MCStreamer &Out); MCContext &Ctx, const MCInstrInfo &MII, MCStreamer &Out);
void EmitInstruction(MCStreamer &Out, const MCInst &Inst) {
Out.EmitInstruction(Inst, STI);
}
void EmitLabel(MCStreamer &Out, MCSymbol *Label) { Out.EmitLabel(Label); } void EmitLabel(MCStreamer &Out, MCSymbol *Label) { Out.EmitLabel(Label); }
protected: protected:
const MCSubtargetInfo &STI; // True when previous instruction was actually REP prefix.
bool RepPrefix;
}; };
void X86AddressSanitizer::InstrumentMemOperand( void X86AddressSanitizer::InstrumentMemOperand(
MCParsedAsmOperand &Op, unsigned AccessSize, bool IsWrite, MCContext &Ctx, MCParsedAsmOperand &Op, unsigned AccessSize, bool IsWrite, MCContext &Ctx,
MCStreamer &Out) { MCStreamer &Out) {
assert(Op.isMem() && "Op should be a memory operand."); assert(Op.isMem() && "Op should be a memory operand.");
assert((AccessSize & (AccessSize - 1)) == 0 && AccessSize <= 16 && assert((AccessSize & (AccessSize - 1)) == 0 && AccessSize <= 16 &&
"AccessSize should be a power of two, less or equal than 16."); "AccessSize should be a power of two, less or equal than 16.");
X86Operand &MemOp = static_cast<X86Operand &>(Op); X86Operand &MemOp = static_cast<X86Operand &>(Op);
// FIXME: get rid of this limitation. // FIXME: get rid of this limitation.
if (IsStackReg(MemOp.getMemBaseReg()) || IsStackReg(MemOp.getMemIndexReg())) if (IsStackReg(MemOp.getMemBaseReg()) || IsStackReg(MemOp.getMemIndexReg()))
return; return;
// FIXME: take into account load/store alignment. // FIXME: take into account load/store alignment.
if (AccessSize < 8) if (AccessSize < 8)
InstrumentMemOperandSmallImpl(MemOp, AccessSize, IsWrite, Ctx, Out); InstrumentMemOperandSmallImpl(MemOp, AccessSize, IsWrite, Ctx, Out);
else else
InstrumentMemOperandLargeImpl(MemOp, AccessSize, IsWrite, Ctx, Out); InstrumentMemOperandLargeImpl(MemOp, AccessSize, IsWrite, Ctx, Out);
} }
void X86AddressSanitizer::InstrumentMOVSBase(
unsigned DstReg, unsigned SrcReg, unsigned CntReg, unsigned AccessSize,
MCContext &Ctx, MCStreamer &Out) {
// FIXME: check whole ranges [DstReg .. DstReg + AccessSize * (CntReg - 1)]
// and [SrcReg .. SrcReg + AccessSize * (CntReg - 1)].
// FIXME: extract prolog and epilogue from InstrumentMemOperand()
// and optimize this sequence of InstrumentMemOperand() calls.
// Test (%SrcReg)
{
const MCExpr *Disp = MCConstantExpr::Create(0, Ctx);
std::unique_ptr<X86Operand> Op(X86Operand::CreateMem(
0, Disp, SrcReg, 0, AccessSize, SMLoc(), SMLoc()));
InstrumentMemOperand(*Op, AccessSize, false /* IsWrite */, Ctx, Out);
}
// Test -1(%SrcReg, %CntReg, AccessSize)
{
const MCExpr *Disp = MCConstantExpr::Create(-1, Ctx);
std::unique_ptr<X86Operand> Op(X86Operand::CreateMem(
0, Disp, SrcReg, CntReg, AccessSize, SMLoc(), SMLoc()));
InstrumentMemOperand(*Op, AccessSize, false /* IsWrite */, Ctx, Out);
}
// Test (%DstReg)
{
const MCExpr *Disp = MCConstantExpr::Create(0, Ctx);
std::unique_ptr<X86Operand> Op(X86Operand::CreateMem(
0, Disp, DstReg, 0, AccessSize, SMLoc(), SMLoc()));
InstrumentMemOperand(*Op, AccessSize, true /* IsWrite */, Ctx, Out);
}
// Test -1(%DstReg, %CntReg, AccessSize)
{
const MCExpr *Disp = MCConstantExpr::Create(-1, Ctx);
std::unique_ptr<X86Operand> Op(X86Operand::CreateMem(
0, Disp, DstReg, CntReg, AccessSize, SMLoc(), SMLoc()));
InstrumentMemOperand(*Op, AccessSize, true /* IsWrite */, Ctx, Out);
}
}
void X86AddressSanitizer::InstrumentMOVS(
const MCInst &Inst, OperandVector &Operands, MCContext &Ctx,
const MCInstrInfo &MII, MCStreamer &Out) {
// Access size in bytes.
unsigned AccessSize = 0;
switch (Inst.getOpcode()) {
case X86::MOVSB:
AccessSize = 1;
break;
case X86::MOVSW:
AccessSize = 2;
break;
case X86::MOVSL:
AccessSize = 4;
break;
case X86::MOVSQ:
AccessSize = 8;
break;
default:
return;
}
InstrumentMOVSImpl(AccessSize, Ctx, Out);
}
eugenisUnsubmitted
Not Done
ReplyInline Actions

Don't really need a return here.

eugenis: Don't really need a return here.
ygorsheninAuthorUnsubmitted
Not Done
ReplyInline Actions

Done.

ygorshenin: Done.
void X86AddressSanitizer::InstrumentMOV( void X86AddressSanitizer::InstrumentMOV(
const MCInst &Inst, OperandVector &Operands, MCContext &Ctx, const MCInst &Inst, OperandVector &Operands, MCContext &Ctx,
const MCInstrInfo &MII, MCStreamer &Out) { const MCInstrInfo &MII, MCStreamer &Out) {
// Access size in bytes. // Access size in bytes.
eugenisUnsubmitted
Not Done
ReplyInline Actions

In memcpy() we check shadow for entire source and destination ranges. I guess it's not easy to do efficiently in asm, but at least leave a FIXME.

Also, this code does push eax/ecx/edx/flags four times - once for each InstrumentMemOperand. Factor prologue/epilogue generation out of InstrumentMemOperand?

eugenis: In memcpy() we check shadow for entire source and destination ranges. I guess it's not easy to…
ygorsheninAuthorUnsubmitted
Not Done
ReplyInline Actions

I've added FIXME comments for both issues. Would you mind if I'll resolve second issue in a next CL?

ygorshenin: I've added FIXME comments for both issues. Would you mind if I'll resolve second issue in a…
eugenisUnsubmitted
Not Done
ReplyInline Actions

OK

eugenis: OK
unsigned AccessSize = 0; unsigned AccessSize = 0;
switch (Inst.getOpcode()) { switch (Inst.getOpcode()) {
case X86::MOV8mi: case X86::MOV8mi:
case X86::MOV8mr: case X86::MOV8mr:
case X86::MOV8rm: case X86::MOV8rm:
AccessSize = 1; AccessSize = 1;
break; break;
Show All 40 Linespublic:
virtual ~X86AddressSanitizer32() {} virtual ~X86AddressSanitizer32() {}
virtual void InstrumentMemOperandSmallImpl( virtual void InstrumentMemOperandSmallImpl(
X86Operand &Op, unsigned AccessSize, bool IsWrite, MCContext &Ctx, X86Operand &Op, unsigned AccessSize, bool IsWrite, MCContext &Ctx,
MCStreamer &Out) override; MCStreamer &Out) override;
virtual void InstrumentMemOperandLargeImpl( virtual void InstrumentMemOperandLargeImpl(
X86Operand &Op, unsigned AccessSize, bool IsWrite, MCContext &Ctx, X86Operand &Op, unsigned AccessSize, bool IsWrite, MCContext &Ctx,
MCStreamer &Out) override; MCStreamer &Out) override;
virtual void InstrumentMOVSImpl(unsigned AccessSize, MCContext &Ctx,
MCStreamer &Out) override;
private: private:
void EmitCallAsanReport(MCContext &Ctx, MCStreamer &Out, unsigned AccessSize, void EmitCallAsanReport(MCContext &Ctx, MCStreamer &Out, unsigned AccessSize,
bool IsWrite, unsigned AddressReg) { bool IsWrite, unsigned AddressReg) {
EmitInstruction(Out, MCInstBuilder(X86::CLD)); EmitInstruction(Out, MCInstBuilder(X86::CLD));
EmitInstruction(Out, MCInstBuilder(X86::MMX_EMMS)); EmitInstruction(Out, MCInstBuilder(X86::MMX_EMMS));
EmitInstruction(Out, MCInstBuilder(X86::AND64ri8).addReg(X86::ESP) EmitInstruction(Out, MCInstBuilder(X86::AND64ri8).addReg(X86::ESP)
.addReg(X86::ESP).addImm(-16)); .addReg(X86::ESP).addImm(-16));
EmitInstruction(Out, MCInstBuilder(X86::PUSH32r).addReg(AddressReg)); EmitInstruction(Out, MCInstBuilder(X86::PUSH32r).addReg(AddressReg));
const std::string& Fn = FuncName(AccessSize, IsWrite); const std::string &Fn = FuncName(AccessSize, IsWrite);
MCSymbol *FnSym = Ctx.GetOrCreateSymbol(StringRef(Fn)); MCSymbol *FnSym = Ctx.GetOrCreateSymbol(StringRef(Fn));
const MCSymbolRefExpr *FnExpr = const MCSymbolRefExpr *FnExpr =
MCSymbolRefExpr::Create(FnSym, MCSymbolRefExpr::VK_PLT, Ctx); MCSymbolRefExpr::Create(FnSym, MCSymbolRefExpr::VK_PLT, Ctx);
EmitInstruction(Out, MCInstBuilder(X86::CALLpcrel32).addExpr(FnExpr)); EmitInstruction(Out, MCInstBuilder(X86::CALLpcrel32).addExpr(FnExpr));
} }
}; };
void X86AddressSanitizer32::InstrumentMemOperandSmallImpl( void X86AddressSanitizer32::InstrumentMemOperandSmallImpl(
▲ Show 20 LinesShow All 94 Lines▼ Show 20 Linesvoid X86AddressSanitizer32::InstrumentMemOperandLargeImpl(
} }
EmitInstruction( EmitInstruction(
Out, MCInstBuilder(X86::MOV32rr).addReg(X86::ECX).addReg(X86::EAX)); Out, MCInstBuilder(X86::MOV32rr).addReg(X86::ECX).addReg(X86::EAX));
EmitInstruction(Out, MCInstBuilder(X86::SHR32ri).addReg(X86::ECX) EmitInstruction(Out, MCInstBuilder(X86::SHR32ri).addReg(X86::ECX)
.addReg(X86::ECX).addImm(3)); .addReg(X86::ECX).addImm(3));
{ {
MCInst Inst; MCInst Inst;
switch (AccessSize) { switch (AccessSize) {
case 8: case 8:
Inst.setOpcode(X86::CMP8mi); Inst.setOpcode(X86::CMP8mi);
break; break;
case 16: case 16:
Inst.setOpcode(X86::CMP16mi); Inst.setOpcode(X86::CMP16mi);
break; break;
default: default:
assert(false && "Incorrect access size"); assert(false && "Incorrect access size");
break; break;
} }
const MCExpr *Disp = MCConstantExpr::Create(kShadowOffset, Ctx); const MCExpr *Disp = MCConstantExpr::Create(kShadowOffset, Ctx);
std::unique_ptr<X86Operand> Op( std::unique_ptr<X86Operand> Op(
X86Operand::CreateMem(0, Disp, X86::ECX, 0, 1, SMLoc(), SMLoc())); X86Operand::CreateMem(0, Disp, X86::ECX, 0, 1, SMLoc(), SMLoc()));
Op->addMemOperands(Inst, 5); Op->addMemOperands(Inst, 5);
Inst.addOperand(MCOperand::CreateImm(0)); Inst.addOperand(MCOperand::CreateImm(0));
EmitInstruction(Out, Inst); EmitInstruction(Out, Inst);
} }
MCSymbol *DoneSym = Ctx.CreateTempSymbol(); MCSymbol *DoneSym = Ctx.CreateTempSymbol();
const MCExpr *DoneExpr = MCSymbolRefExpr::Create(DoneSym, Ctx); const MCExpr *DoneExpr = MCSymbolRefExpr::Create(DoneSym, Ctx);
EmitInstruction(Out, MCInstBuilder(X86::JE_4).addExpr(DoneExpr)); EmitInstruction(Out, MCInstBuilder(X86::JE_4).addExpr(DoneExpr));
EmitCallAsanReport(Ctx, Out, AccessSize, IsWrite, X86::EAX); EmitCallAsanReport(Ctx, Out, AccessSize, IsWrite, X86::EAX);
EmitLabel(Out, DoneSym); EmitLabel(Out, DoneSym);
EmitInstruction(Out, MCInstBuilder(X86::POPF32)); EmitInstruction(Out, MCInstBuilder(X86::POPF32));
EmitInstruction(Out, MCInstBuilder(X86::POP32r).addReg(X86::ECX)); EmitInstruction(Out, MCInstBuilder(X86::POP32r).addReg(X86::ECX));
EmitInstruction(Out, MCInstBuilder(X86::POP32r).addReg(X86::EAX)); EmitInstruction(Out, MCInstBuilder(X86::POP32r).addReg(X86::EAX));
} }
void X86AddressSanitizer32::InstrumentMOVSImpl(
unsigned AccessSize, MCContext &Ctx, MCStreamer &Out) {
EmitInstruction(Out, MCInstBuilder(X86::PUSHF32));
// No need to test when ECX is equals to zero.
MCSymbol *DoneSym = Ctx.CreateTempSymbol();
const MCExpr *DoneExpr = MCSymbolRefExpr::Create(DoneSym, Ctx);
EmitInstruction(
Out, MCInstBuilder(X86::TEST32rr).addReg(X86::ECX).addReg(X86::ECX));
EmitInstruction(Out, MCInstBuilder(X86::JE_4).addExpr(DoneExpr));
// Instrument first and last elements in src and dst range.
InstrumentMOVSBase(X86::EDI /* DstReg */, X86::ESI /* SrcReg */,
X86::ECX /* CntReg */, AccessSize, Ctx, Out);
EmitLabel(Out, DoneSym);
EmitInstruction(Out, MCInstBuilder(X86::POPF32));
}
class X86AddressSanitizer64 : public X86AddressSanitizer { class X86AddressSanitizer64 : public X86AddressSanitizer {
public: public:
static const long kShadowOffset = 0x7fff8000; static const long kShadowOffset = 0x7fff8000;
X86AddressSanitizer64(const MCSubtargetInfo &STI) X86AddressSanitizer64(const MCSubtargetInfo &STI)
: X86AddressSanitizer(STI) {} : X86AddressSanitizer(STI) {}
virtual ~X86AddressSanitizer64() {} virtual ~X86AddressSanitizer64() {}
virtual void InstrumentMemOperandSmallImpl( virtual void InstrumentMemOperandSmallImpl(
X86Operand &Op, unsigned AccessSize, bool IsWrite, MCContext &Ctx, X86Operand &Op, unsigned AccessSize, bool IsWrite, MCContext &Ctx,
MCStreamer &Out) override; MCStreamer &Out) override;
virtual void InstrumentMemOperandLargeImpl( virtual void InstrumentMemOperandLargeImpl(
X86Operand &Op, unsigned AccessSize, bool IsWrite, MCContext &Ctx, X86Operand &Op, unsigned AccessSize, bool IsWrite, MCContext &Ctx,
MCStreamer &Out) override; MCStreamer &Out) override;
virtual void InstrumentMOVSImpl(unsigned AccessSize, MCContext &Ctx,
MCStreamer &Out) override;
private: private:
void EmitAdjustRSP(MCContext &Ctx, MCStreamer &Out, long Offset) { void EmitAdjustRSP(MCContext &Ctx, MCStreamer &Out, long Offset) {
MCInst Inst; MCInst Inst;
Inst.setOpcode(X86::LEA64r); Inst.setOpcode(X86::LEA64r);
Inst.addOperand(MCOperand::CreateReg(X86::RSP)); Inst.addOperand(MCOperand::CreateReg(X86::RSP));
const MCExpr *Disp = MCConstantExpr::Create(Offset, Ctx); const MCExpr *Disp = MCConstantExpr::Create(Offset, Ctx);
std::unique_ptr<X86Operand> Op( std::unique_ptr<X86Operand> Op(
X86Operand::CreateMem(0, Disp, X86::RSP, 0, 1, SMLoc(), SMLoc())); X86Operand::CreateMem(0, Disp, X86::RSP, 0, 1, SMLoc(), SMLoc()));
Op->addMemOperands(Inst, 5); Op->addMemOperands(Inst, 5);
EmitInstruction(Out, Inst); EmitInstruction(Out, Inst);
} }
void EmitCallAsanReport(MCContext &Ctx, MCStreamer &Out, unsigned AccessSize, void EmitCallAsanReport(MCContext &Ctx, MCStreamer &Out, unsigned AccessSize,
bool IsWrite) { bool IsWrite) {
EmitInstruction(Out, MCInstBuilder(X86::CLD)); EmitInstruction(Out, MCInstBuilder(X86::CLD));
EmitInstruction(Out, MCInstBuilder(X86::MMX_EMMS)); EmitInstruction(Out, MCInstBuilder(X86::MMX_EMMS));
EmitInstruction(Out, MCInstBuilder(X86::AND64ri8).addReg(X86::RSP) EmitInstruction(Out, MCInstBuilder(X86::AND64ri8).addReg(X86::RSP)
.addReg(X86::RSP).addImm(-16)); .addReg(X86::RSP).addImm(-16));
const std::string& Fn = FuncName(AccessSize, IsWrite); const std::string &Fn = FuncName(AccessSize, IsWrite);
MCSymbol *FnSym = Ctx.GetOrCreateSymbol(StringRef(Fn)); MCSymbol *FnSym = Ctx.GetOrCreateSymbol(StringRef(Fn));
const MCSymbolRefExpr *FnExpr = const MCSymbolRefExpr *FnExpr =
MCSymbolRefExpr::Create(FnSym, MCSymbolRefExpr::VK_PLT, Ctx); MCSymbolRefExpr::Create(FnSym, MCSymbolRefExpr::VK_PLT, Ctx);
EmitInstruction(Out, MCInstBuilder(X86::CALL64pcrel32).addExpr(FnExpr)); EmitInstruction(Out, MCInstBuilder(X86::CALL64pcrel32).addExpr(FnExpr));
} }
}; };
void X86AddressSanitizer64::InstrumentMemOperandSmallImpl( void X86AddressSanitizer64::InstrumentMemOperandSmallImpl(
▲ Show 20 LinesShow All 121 Lines▼ Show 20 Linesvoid X86AddressSanitizer64::InstrumentMemOperandLargeImpl(
EmitCallAsanReport(Ctx, Out, AccessSize, IsWrite); EmitCallAsanReport(Ctx, Out, AccessSize, IsWrite);
EmitLabel(Out, DoneSym); EmitLabel(Out, DoneSym);
EmitInstruction(Out, MCInstBuilder(X86::POPF64)); EmitInstruction(Out, MCInstBuilder(X86::POPF64));
EmitInstruction(Out, MCInstBuilder(X86::POP64r).addReg(X86::RAX)); EmitInstruction(Out, MCInstBuilder(X86::POP64r).addReg(X86::RAX));
EmitAdjustRSP(Ctx, Out, 128); EmitAdjustRSP(Ctx, Out, 128);
} }
void X86AddressSanitizer64::InstrumentMOVSImpl(
unsigned AccessSize, MCContext &Ctx, MCStreamer &Out) {
EmitInstruction(Out, MCInstBuilder(X86::PUSHF64));
// No need to test when RCX is equals to zero.
MCSymbol *DoneSym = Ctx.CreateTempSymbol();
const MCExpr *DoneExpr = MCSymbolRefExpr::Create(DoneSym, Ctx);
EmitInstruction(
Out, MCInstBuilder(X86::TEST64rr).addReg(X86::RCX).addReg(X86::RCX));
EmitInstruction(Out, MCInstBuilder(X86::JE_4).addExpr(DoneExpr));
// Instrument first and last elements in src and dst range.
InstrumentMOVSBase(X86::RDI /* DstReg */, X86::RSI /* SrcReg */,
X86::RCX /* CntReg */, AccessSize, Ctx, Out);
EmitLabel(Out, DoneSym);
EmitInstruction(Out, MCInstBuilder(X86::POPF64));
}
} // End anonymous namespace } // End anonymous namespace
X86AsmInstrumentation::X86AsmInstrumentation() {} X86AsmInstrumentation::X86AsmInstrumentation(const MCSubtargetInfo &STI)
: STI(STI) {}
X86AsmInstrumentation::~X86AsmInstrumentation() {} X86AsmInstrumentation::~X86AsmInstrumentation() {}
void X86AsmInstrumentation::InstrumentInstruction( void X86AsmInstrumentation::InstrumentAndEmitInstruction(
const MCInst &Inst, OperandVector &Operands, MCContext &Ctx, const MCInst &Inst, OperandVector &Operands, MCContext &Ctx,
const MCInstrInfo &MII, MCStreamer &Out) {} const MCInstrInfo &MII, MCStreamer &Out) {
EmitInstruction(Out, Inst);
}
void X86AsmInstrumentation::EmitInstruction(MCStreamer &Out,
const MCInst &Inst) {
Out.EmitInstruction(Inst, STI);
}
eugenisUnsubmitted
Not Done
ReplyInline Actions

Don't you need to emit the original instruction here?

eugenis: Don't you need to emit the original instruction here?
ygorsheninAuthorUnsubmitted
Not Done
ReplyInline Actions

Yes, I need. Fixed + fixed test.

ygorshenin: Yes, I need. Fixed + fixed test.
X86AsmInstrumentation * X86AsmInstrumentation *
CreateX86AsmInstrumentation(const MCTargetOptions &MCOptions, CreateX86AsmInstrumentation(const MCTargetOptions &MCOptions,
const MCContext &Ctx, const MCSubtargetInfo &STI) { const MCContext &Ctx, const MCSubtargetInfo &STI) {
Triple T(STI.getTargetTriple()); Triple T(STI.getTargetTriple());
const bool hasCompilerRTSupport = T.isOSLinux(); const bool hasCompilerRTSupport = T.isOSLinux();
if (ClAsanInstrumentAssembly && hasCompilerRTSupport && if (ClAsanInstrumentAssembly && hasCompilerRTSupport &&
MCOptions.SanitizeAddress) { MCOptions.SanitizeAddress) {
if ((STI.getFeatureBits() & X86::Mode32Bit) != 0) if ((STI.getFeatureBits() & X86::Mode32Bit) != 0)
return new X86AddressSanitizer32(STI); return new X86AddressSanitizer32(STI);
if ((STI.getFeatureBits() & X86::Mode64Bit) != 0) if ((STI.getFeatureBits() & X86::Mode64Bit) != 0)
return new X86AddressSanitizer64(STI); return new X86AddressSanitizer64(STI);
} }
return new X86AsmInstrumentation(); return new X86AsmInstrumentation(STI);
} }
} // End llvm namespace } // End llvm namespace

lib/Target/X86/AsmParser/X86AsmParser.cpp

Show First 20 LinesShow All 2,277 Lines▼ Show 20 Linesbool X86AsmParser::processInstruction(MCInst &Inst, const OperandVector &Ops) {
} }
} }
} }
static const char *getSubtargetFeatureName(unsigned Val); static const char *getSubtargetFeatureName(unsigned Val);
void X86AsmParser::EmitInstruction(MCInst &Inst, OperandVector &Operands, void X86AsmParser::EmitInstruction(MCInst &Inst, OperandVector &Operands,
MCStreamer &Out) { MCStreamer &Out) {
Instrumentation->InstrumentInstruction(Inst, Operands, getContext(), MII, Instrumentation->InstrumentAndEmitInstruction(Inst, Operands, getContext(),
Out); MII, Out);
eugenisUnsubmitted
Not Done
ReplyInline Actions

This looks too complex, with some of the original instructions emitted directly in AsmParser, and some (REP) in instrumentation code. Could we always emit original instruction (as needed) in InstrumentInstruction?

eugenis: This looks too complex, with some of the original instructions emitted directly in AsmParser…
ygorsheninAuthorUnsubmitted
Not Done
ReplyInline Actions

Done.

ygorshenin: Done.
Out.EmitInstruction(Inst, STI);
} }
bool X86AsmParser::MatchAndEmitInstruction(SMLoc IDLoc, unsigned &Opcode, bool X86AsmParser::MatchAndEmitInstruction(SMLoc IDLoc, unsigned &Opcode,
OperandVector &Operands, OperandVector &Operands,
MCStreamer &Out, unsigned &ErrorInfo, MCStreamer &Out, unsigned &ErrorInfo,
bool MatchingInlineAsm) { bool MatchingInlineAsm) {
assert(!Operands.empty() && "Unexpect empty operand list!"); assert(!Operands.empty() && "Unexpect empty operand list!");
X86Operand &Op = static_cast<X86Operand &>(*Operands[0]); X86Operand &Op = static_cast<X86Operand &>(*Operands[0]);
▲ Show 20 LinesShow All 321 LinesShow Last 20 Lines

test/Instrumentation/AddressSanitizer/X86/asm_mov_no_instrumentation.s

# RUN: llvm-mc %s -triple=x86_64-unknown-linux-gnu -mcpu=corei7 -mattr=+sse2 | FileCheck %s # RUN: llvm-mc %s -triple=x86_64-unknown-linux-gnu -mcpu=corei7 -mattr=+sse2 | FileCheck %s
.text .text
.globl mov1b .globl mov1b
.align 16, 0x90 .align 16, 0x90
.type mov1b,@function .type mov1b,@function
# CHECK-LABEL: mov1b # CHECK-LABEL: mov1b
# CHECK: movb (%rsi), %al
# CHECK: movb %al, (%rdi)
# CHECK-NOT: callq __asan_report_load1@PLT # CHECK-NOT: callq __asan_report_load1@PLT
# CHECK-NOT: callq __asan_report_store1@PLT # CHECK-NOT: callq __asan_report_store1@PLT
mov1b: # @mov1b mov1b: # @mov1b
.cfi_startproc .cfi_startproc
# BB#0: # BB#0:
#APP #APP
movb (%rsi), %al movb (%rsi), %al
movb %al, (%rdi) movb %al, (%rdi)
Show All 9 Lines

test/Instrumentation/AddressSanitizer/X86/asm_rep_movs.ll

  • This file was added.
; RUN: llc < %s -mtriple=x86_64-unknown-linux-gnu -mcpu=corei7 -mattr=+sse2 -asm-instrumentation=address -asan-instrument-assembly | FileCheck %s
target datalayout = "e-m:e-i64:64-f80:128-n8:16:32:64-S128"
target triple = "x86_64-unknown-linux-gnu"
; CHECK-LABEL: rep_movs_1b
; CHECK: pushfq
; CHECK-NEXT: testq %rcx, %rcx
; CHECK-NEXT: je [[B:.*]]
; CHECK: leaq (%rsi), {{.*}}
; CHECK: callq __asan_report_load1@PLT
; CHECK: leaq -1(%rsi,%rcx), {{.*}}
; CHECK: callq __asan_report_load1@PLT
; CHECK: leaq (%rdi), {{.*}}
; CHECK: callq __asan_report_store1@PLT
; CHECK: leaq -1(%rdi,%rcx), {{.*}}
; CHECK: callq __asan_report_store1@PLT
; CHECK: [[B]]:
; CHECK-NEXT: popfq
; CHECK: rep
; CHECK-NEXT: movsb (%rsi), %es:(%rdi)
; Function Attrs: nounwind sanitize_address uwtable
define void @rep_movs_1b(i8* %dst, i8* %src, i64 %n) #0 {
entry:
tail call void asm sideeffect "rep movsb \0A\09", "{si},{di},{cx},~{memory},~{dirflag},~{fpsr},~{flags}"(i8* %src, i8* %dst, i64 %n) #1
ret void
}
; CHECK-LABEL: rep_movs_8b
; CHECK: pushfq
; CHECK-NEXT: testq %rcx, %rcx
; CHECK-NEXT: je [[Q:.*]]
; CHECK: leaq (%rsi), {{.*}}
; CHECK: callq __asan_report_load8@PLT
; CHECK: leaq -1(%rsi,%rcx,8), {{.*}}
; CHECK: callq __asan_report_load8@PLT
; CHECK: leaq (%rdi), {{.*}}
; CHECK: callq __asan_report_store8@PLT
; CHECK: leaq -1(%rdi,%rcx,8), {{.*}}
; CHECK: callq __asan_report_store8@PLT
; CHECK: [[Q]]:
; CHECK-NEXT: popfq
; CHECK: rep
; CHECK-NEXT: movsq (%rsi), %es:(%rdi)
; Function Attrs: nounwind sanitize_address uwtable
define void @rep_movs_8b(i64* %dst, i64* %src, i64 %n) #0 {
entry:
tail call void asm sideeffect "rep movsq \0A\09", "{si},{di},{cx},~{memory},~{dirflag},~{fpsr},~{flags}"(i64* %src, i64* %dst, i64 %n) #1
ret void
}
attributes #0 = { nounwind sanitize_address uwtable "less-precise-fpmad"="false" "no-frame-pointer-elim"="false" "no-infs-fp-math"="false" "no-nans-fp-math"="false" "stack-protector-buffer-size"="8" "unsafe-fp-math"="false" "use-soft-float"="false" }
attributes #1 = { nounwind }
eugenisUnsubmitted
Not Done
ReplyInline Actions

get rid of this metadata if it's not used in the test

eugenis: get rid of this metadata if it's not used in the test
ygorsheninAuthorUnsubmitted
Not Done
ReplyInline Actions

Done.

ygorshenin: Done.