Index: lib/Target/X86/AsmParser/X86AsmInstrumentation.h =================================================================== --- lib/Target/X86/AsmParser/X86AsmInstrumentation.h +++ lib/Target/X86/AsmParser/X86AsmInstrumentation.h @@ -34,11 +34,10 @@ public: virtual ~X86AsmInstrumentation(); - // Instruments Inst. Should be called just before the original - // instruction is sent to Out. - virtual void InstrumentInstruction( + // Tries to instrument and emit instruction. + virtual void InstrumentAndEmitInstruction( const MCInst &Inst, - SmallVectorImpl> &Operands, + SmallVectorImpl > &Operands, MCContext &Ctx, const MCInstrInfo &MII, MCStreamer &Out); protected: @@ -46,7 +45,11 @@ CreateX86AsmInstrumentation(const MCTargetOptions &MCOptions, const MCContext &Ctx, const MCSubtargetInfo &STI); - X86AsmInstrumentation(); + X86AsmInstrumentation(const MCSubtargetInfo &STI); + + void EmitInstruction(MCStreamer &Out, const MCInst &Inst); + + const MCSubtargetInfo &STI; }; } // End llvm namespace Index: lib/Target/X86/AsmParser/X86AsmInstrumentation.cpp =================================================================== --- lib/Target/X86/AsmParser/X86AsmInstrumentation.cpp +++ lib/Target/X86/AsmParser/X86AsmInstrumentation.cpp @@ -43,14 +43,23 @@ class X86AddressSanitizer : public X86AsmInstrumentation { public: - X86AddressSanitizer(const MCSubtargetInfo &STI) : STI(STI) {} + X86AddressSanitizer(const MCSubtargetInfo &STI) + : X86AsmInstrumentation(STI), RepPrefix(false) {} virtual ~X86AddressSanitizer() {} // X86AsmInstrumentation implementation: - virtual void InstrumentInstruction( + virtual void InstrumentAndEmitInstruction( const MCInst &Inst, OperandVector &Operands, MCContext &Ctx, const MCInstrInfo &MII, MCStreamer &Out) override { + InstrumentMOVS(Inst, Operands, Ctx, MII, Out); + if (RepPrefix) + EmitInstruction(Out, MCInstBuilder(X86::REP_PREFIX)); + InstrumentMOV(Inst, Operands, Ctx, MII, Out); + + RepPrefix = (Inst.getOpcode() == X86::REP_PREFIX); + if (!RepPrefix) + EmitInstruction(Out, Inst); } // Should be implemented differently in x86_32 and x86_64 subclasses. @@ -60,19 +69,23 @@ virtual void InstrumentMemOperandLargeImpl( X86Operand &Op, unsigned AccessSize, bool IsWrite, MCContext &Ctx, MCStreamer &Out) = 0; + virtual void InstrumentMOVSImpl(unsigned AccessSize, MCContext &Ctx, + MCStreamer &Out) = 0; void InstrumentMemOperand(MCParsedAsmOperand &Op, unsigned AccessSize, bool IsWrite, MCContext &Ctx, MCStreamer &Out); + void InstrumentMOVSBase(unsigned DstReg, unsigned SrcReg, unsigned CntReg, + unsigned AccessSize, MCContext &Ctx, MCStreamer &Out); + void InstrumentMOVS(const MCInst &Inst, OperandVector &Operands, + MCContext &Ctx, const MCInstrInfo &MII, MCStreamer &Out); void InstrumentMOV(const MCInst &Inst, OperandVector &Operands, MCContext &Ctx, const MCInstrInfo &MII, MCStreamer &Out); - void EmitInstruction(MCStreamer &Out, const MCInst &Inst) { - Out.EmitInstruction(Inst, STI); - } void EmitLabel(MCStreamer &Out, MCSymbol *Label) { Out.EmitLabel(Label); } protected: - const MCSubtargetInfo &STI; + // True when previous instruction was actually REP prefix. + bool RepPrefix; }; void X86AddressSanitizer::InstrumentMemOperand( @@ -94,6 +107,74 @@ InstrumentMemOperandLargeImpl(MemOp, AccessSize, IsWrite, Ctx, Out); } +void X86AddressSanitizer::InstrumentMOVSBase( + unsigned DstReg, unsigned SrcReg, unsigned CntReg, unsigned AccessSize, + MCContext &Ctx, MCStreamer &Out) { + // FIXME: check whole ranges [DstReg .. DstReg + AccessSize * (CntReg - 1)] + // and [SrcReg .. SrcReg + AccessSize * (CntReg - 1)]. + + // FIXME: extract prolog and epilogue from InstrumentMemOperand() + // and optimize this sequence of InstrumentMemOperand() calls. + + // Test (%SrcReg) + { + const MCExpr *Disp = MCConstantExpr::Create(0, Ctx); + std::unique_ptr Op(X86Operand::CreateMem( + 0, Disp, SrcReg, 0, AccessSize, SMLoc(), SMLoc())); + InstrumentMemOperand(*Op, AccessSize, false /* IsWrite */, Ctx, Out); + } + + // Test -1(%SrcReg, %CntReg, AccessSize) + { + const MCExpr *Disp = MCConstantExpr::Create(-1, Ctx); + std::unique_ptr Op(X86Operand::CreateMem( + 0, Disp, SrcReg, CntReg, AccessSize, SMLoc(), SMLoc())); + InstrumentMemOperand(*Op, AccessSize, false /* IsWrite */, Ctx, Out); + } + + // Test (%DstReg) + { + const MCExpr *Disp = MCConstantExpr::Create(0, Ctx); + std::unique_ptr Op(X86Operand::CreateMem( + 0, Disp, DstReg, 0, AccessSize, SMLoc(), SMLoc())); + InstrumentMemOperand(*Op, AccessSize, true /* IsWrite */, Ctx, Out); + } + + // Test -1(%DstReg, %CntReg, AccessSize) + { + const MCExpr *Disp = MCConstantExpr::Create(-1, Ctx); + std::unique_ptr Op(X86Operand::CreateMem( + 0, Disp, DstReg, CntReg, AccessSize, SMLoc(), SMLoc())); + InstrumentMemOperand(*Op, AccessSize, true /* IsWrite */, Ctx, Out); + } +} + +void X86AddressSanitizer::InstrumentMOVS( + const MCInst &Inst, OperandVector &Operands, MCContext &Ctx, + const MCInstrInfo &MII, MCStreamer &Out) { + // Access size in bytes. + unsigned AccessSize = 0; + + switch (Inst.getOpcode()) { + case X86::MOVSB: + AccessSize = 1; + break; + case X86::MOVSW: + AccessSize = 2; + break; + case X86::MOVSL: + AccessSize = 4; + break; + case X86::MOVSQ: + AccessSize = 8; + break; + default: + return; + } + + InstrumentMOVSImpl(AccessSize, Ctx, Out); +} + void X86AddressSanitizer::InstrumentMOV( const MCInst &Inst, OperandVector &Operands, MCContext &Ctx, const MCInstrInfo &MII, MCStreamer &Out) { @@ -154,8 +235,10 @@ virtual void InstrumentMemOperandLargeImpl( X86Operand &Op, unsigned AccessSize, bool IsWrite, MCContext &Ctx, MCStreamer &Out) override; + virtual void InstrumentMOVSImpl(unsigned AccessSize, MCContext &Ctx, + MCStreamer &Out) override; - private: +private: void EmitCallAsanReport(MCContext &Ctx, MCStreamer &Out, unsigned AccessSize, bool IsWrite, unsigned AddressReg) { EmitInstruction(Out, MCInstBuilder(X86::CLD)); @@ -165,8 +248,7 @@ .addReg(X86::ESP).addImm(-16)); EmitInstruction(Out, MCInstBuilder(X86::PUSH32r).addReg(AddressReg)); - - const std::string& Fn = FuncName(AccessSize, IsWrite); + const std::string &Fn = FuncName(AccessSize, IsWrite); MCSymbol *FnSym = Ctx.GetOrCreateSymbol(StringRef(Fn)); const MCSymbolRefExpr *FnExpr = MCSymbolRefExpr::Create(FnSym, MCSymbolRefExpr::VK_PLT, Ctx); @@ -277,15 +359,15 @@ { MCInst Inst; switch (AccessSize) { - case 8: - Inst.setOpcode(X86::CMP8mi); - break; - case 16: - Inst.setOpcode(X86::CMP16mi); - break; - default: - assert(false && "Incorrect access size"); - break; + case 8: + Inst.setOpcode(X86::CMP8mi); + break; + case 16: + Inst.setOpcode(X86::CMP16mi); + break; + default: + assert(false && "Incorrect access size"); + break; } const MCExpr *Disp = MCConstantExpr::Create(kShadowOffset, Ctx); std::unique_ptr Op( @@ -306,6 +388,25 @@ EmitInstruction(Out, MCInstBuilder(X86::POP32r).addReg(X86::EAX)); } +void X86AddressSanitizer32::InstrumentMOVSImpl( + unsigned AccessSize, MCContext &Ctx, MCStreamer &Out) { + EmitInstruction(Out, MCInstBuilder(X86::PUSHF32)); + + // No need to test when ECX is equals to zero. + MCSymbol *DoneSym = Ctx.CreateTempSymbol(); + const MCExpr *DoneExpr = MCSymbolRefExpr::Create(DoneSym, Ctx); + EmitInstruction( + Out, MCInstBuilder(X86::TEST32rr).addReg(X86::ECX).addReg(X86::ECX)); + EmitInstruction(Out, MCInstBuilder(X86::JE_4).addExpr(DoneExpr)); + + // Instrument first and last elements in src and dst range. + InstrumentMOVSBase(X86::EDI /* DstReg */, X86::ESI /* SrcReg */, + X86::ECX /* CntReg */, AccessSize, Ctx, Out); + + EmitLabel(Out, DoneSym); + EmitInstruction(Out, MCInstBuilder(X86::POPF32)); +} + class X86AddressSanitizer64 : public X86AddressSanitizer { public: static const long kShadowOffset = 0x7fff8000; @@ -320,6 +421,8 @@ virtual void InstrumentMemOperandLargeImpl( X86Operand &Op, unsigned AccessSize, bool IsWrite, MCContext &Ctx, MCStreamer &Out) override; + virtual void InstrumentMOVSImpl(unsigned AccessSize, MCContext &Ctx, + MCStreamer &Out) override; private: void EmitAdjustRSP(MCContext &Ctx, MCStreamer &Out, long Offset) { @@ -342,7 +445,7 @@ EmitInstruction(Out, MCInstBuilder(X86::AND64ri8).addReg(X86::RSP) .addReg(X86::RSP).addImm(-16)); - const std::string& Fn = FuncName(AccessSize, IsWrite); + const std::string &Fn = FuncName(AccessSize, IsWrite); MCSymbol *FnSym = Ctx.GetOrCreateSymbol(StringRef(Fn)); const MCSymbolRefExpr *FnExpr = MCSymbolRefExpr::Create(FnSym, MCSymbolRefExpr::VK_PLT, Ctx); @@ -480,14 +583,42 @@ EmitAdjustRSP(Ctx, Out, 128); } +void X86AddressSanitizer64::InstrumentMOVSImpl( + unsigned AccessSize, MCContext &Ctx, MCStreamer &Out) { + EmitInstruction(Out, MCInstBuilder(X86::PUSHF64)); + + // No need to test when RCX is equals to zero. + MCSymbol *DoneSym = Ctx.CreateTempSymbol(); + const MCExpr *DoneExpr = MCSymbolRefExpr::Create(DoneSym, Ctx); + EmitInstruction( + Out, MCInstBuilder(X86::TEST64rr).addReg(X86::RCX).addReg(X86::RCX)); + EmitInstruction(Out, MCInstBuilder(X86::JE_4).addExpr(DoneExpr)); + + // Instrument first and last elements in src and dst range. + InstrumentMOVSBase(X86::RDI /* DstReg */, X86::RSI /* SrcReg */, + X86::RCX /* CntReg */, AccessSize, Ctx, Out); + + EmitLabel(Out, DoneSym); + EmitInstruction(Out, MCInstBuilder(X86::POPF64)); +} + } // End anonymous namespace -X86AsmInstrumentation::X86AsmInstrumentation() {} +X86AsmInstrumentation::X86AsmInstrumentation(const MCSubtargetInfo &STI) + : STI(STI) {} + X86AsmInstrumentation::~X86AsmInstrumentation() {} -void X86AsmInstrumentation::InstrumentInstruction( +void X86AsmInstrumentation::InstrumentAndEmitInstruction( const MCInst &Inst, OperandVector &Operands, MCContext &Ctx, - const MCInstrInfo &MII, MCStreamer &Out) {} + const MCInstrInfo &MII, MCStreamer &Out) { + EmitInstruction(Out, Inst); +} + +void X86AsmInstrumentation::EmitInstruction(MCStreamer &Out, + const MCInst &Inst) { + Out.EmitInstruction(Inst, STI); +} X86AsmInstrumentation * CreateX86AsmInstrumentation(const MCTargetOptions &MCOptions, @@ -501,7 +632,7 @@ if ((STI.getFeatureBits() & X86::Mode64Bit) != 0) return new X86AddressSanitizer64(STI); } - return new X86AsmInstrumentation(); + return new X86AsmInstrumentation(STI); } } // End llvm namespace Index: lib/Target/X86/AsmParser/X86AsmParser.cpp =================================================================== --- lib/Target/X86/AsmParser/X86AsmParser.cpp +++ lib/Target/X86/AsmParser/X86AsmParser.cpp @@ -2283,9 +2283,8 @@ void X86AsmParser::EmitInstruction(MCInst &Inst, OperandVector &Operands, MCStreamer &Out) { - Instrumentation->InstrumentInstruction(Inst, Operands, getContext(), MII, - Out); - Out.EmitInstruction(Inst, STI); + Instrumentation->InstrumentAndEmitInstruction(Inst, Operands, getContext(), + MII, Out); } bool X86AsmParser::MatchAndEmitInstruction(SMLoc IDLoc, unsigned &Opcode, Index: test/Instrumentation/AddressSanitizer/X86/asm_mov_no_instrumentation.s =================================================================== --- test/Instrumentation/AddressSanitizer/X86/asm_mov_no_instrumentation.s +++ test/Instrumentation/AddressSanitizer/X86/asm_mov_no_instrumentation.s @@ -5,6 +5,8 @@ .align 16, 0x90 .type mov1b,@function # CHECK-LABEL: mov1b +# CHECK: movb (%rsi), %al +# CHECK: movb %al, (%rdi) # CHECK-NOT: callq __asan_report_load1@PLT # CHECK-NOT: callq __asan_report_store1@PLT mov1b: # @mov1b Index: test/Instrumentation/AddressSanitizer/X86/asm_rep_movs.ll =================================================================== --- /dev/null +++ test/Instrumentation/AddressSanitizer/X86/asm_rep_movs.ll @@ -0,0 +1,67 @@ +; RUN: llc < %s -mtriple=x86_64-unknown-linux-gnu -mcpu=corei7 -mattr=+sse2 -asm-instrumentation=address -asan-instrument-assembly | FileCheck %s + +target datalayout = "e-m:e-i64:64-f80:128-n8:16:32:64-S128" +target triple = "x86_64-unknown-linux-gnu" + +; CHECK-LABEL: rep_movs_1b +; CHECK: pushfq +; CHECK-NEXT: testq %rcx, %rcx +; CHECK-NEXT: je [[B:.*]] + +; CHECK: leaq (%rsi), {{.*}} +; CHECK: callq __asan_report_load1@PLT + +; CHECK: leaq -1(%rsi,%rcx), {{.*}} +; CHECK: callq __asan_report_load1@PLT + +; CHECK: leaq (%rdi), {{.*}} +; CHECK: callq __asan_report_store1@PLT + +; CHECK: leaq -1(%rdi,%rcx), {{.*}} +; CHECK: callq __asan_report_store1@PLT + +; CHECK: [[B]]: +; CHECK-NEXT: popfq + +; CHECK: rep +; CHECK-NEXT: movsb (%rsi), %es:(%rdi) + +; Function Attrs: nounwind sanitize_address uwtable +define void @rep_movs_1b(i8* %dst, i8* %src, i64 %n) #0 { +entry: + tail call void asm sideeffect "rep movsb \0A\09", "{si},{di},{cx},~{memory},~{dirflag},~{fpsr},~{flags}"(i8* %src, i8* %dst, i64 %n) #1 + ret void +} + +; CHECK-LABEL: rep_movs_8b +; CHECK: pushfq +; CHECK-NEXT: testq %rcx, %rcx +; CHECK-NEXT: je [[Q:.*]] + +; CHECK: leaq (%rsi), {{.*}} +; CHECK: callq __asan_report_load8@PLT + +; CHECK: leaq -1(%rsi,%rcx,8), {{.*}} +; CHECK: callq __asan_report_load8@PLT + +; CHECK: leaq (%rdi), {{.*}} +; CHECK: callq __asan_report_store8@PLT + +; CHECK: leaq -1(%rdi,%rcx,8), {{.*}} +; CHECK: callq __asan_report_store8@PLT + +; CHECK: [[Q]]: +; CHECK-NEXT: popfq + +; CHECK: rep +; CHECK-NEXT: movsq (%rsi), %es:(%rdi) + +; Function Attrs: nounwind sanitize_address uwtable +define void @rep_movs_8b(i64* %dst, i64* %src, i64 %n) #0 { +entry: + tail call void asm sideeffect "rep movsq \0A\09", "{si},{di},{cx},~{memory},~{dirflag},~{fpsr},~{flags}"(i64* %src, i64* %dst, i64 %n) #1 + ret void +} + +attributes #0 = { nounwind sanitize_address uwtable "less-precise-fpmad"="false" "no-frame-pointer-elim"="false" "no-infs-fp-math"="false" "no-nans-fp-math"="false" "stack-protector-buffer-size"="8" "unsafe-fp-math"="false" "use-soft-float"="false" } +attributes #1 = { nounwind }