This is an archive of the discontinued LLVM Phabricator instance.

Differential D126929

Add sanitizer metadata attributes to clang IR gen.
ClosedPublic

Authored by hctim on Jun 2 2022, 3:34 PM.

Details

Reviewers
vitalybuka
kstoimenov
Commits
rG77475ffd2241: Reland "Add sanitizer metadata attributes to clang IR gen."
rGe7766972a679: Add sanitizer metadata attributes to clang IR gen.
Summary

This patch adds generation of sanitizer metadata attributes (which were
added in D126100) to the clang frontend.

We still currently generate the llvm.asan.globals that's consumed by
the IR pass, but the plan is to eventually migrate off of that onto
purely debuginfo and these IR attributes.

Diff Detail

Event Timeline

hctim created this revision.Jun 2 2022, 3:34 PM
Herald added a project: Restricted Project. · View Herald TranscriptJun 2 2022, 3:34 PM
hctim requested review of this revision.Jun 2 2022, 3:34 PM
Herald added a project: Restricted Project. · View Herald TranscriptJun 2 2022, 3:34 PM
Herald added a subscriber: cfe-commits. · View Herald Transcript
hctim added a parent revision: D126922: Add documentation of new sanitizer-specific GV attributes..Jun 2 2022, 3:35 PM
Harbormaster completed remote builds in B167636: Diff 433908.Jun 2 2022, 4:21 PM
kstoimenov added inline comments.Jun 3 2022, 11:08 AM
clang/lib/CodeGen/SanitizerMetadata.cpp
50–52

Would it make sense to create two separate functions something like reportGlobalNew and reportGlobalLegacy to make it more clear which one is which? Then you code will be something like the one below? You can come up with better names for functions, I am sure.

reportGlobal(...) {
  reportGlobalNew(...);
  reportGlobalLegacy(...);
}
hctim marked an inline comment as done.Jun 3 2022, 2:10 PM
hctim added inline comments.
clang/lib/CodeGen/SanitizerMetadata.cpp
50–52

I think there's too much crossover (like calculating IsExcluded and setting of Meta.Sanitizer) to warrant splitting them out; and the follow-up patch is going to immediately delete the legacy code anyway :).

kstoimenov added inline comments.Jun 3 2022, 2:13 PM
clang/lib/CodeGen/SanitizerMetadata.cpp
50–52

In that case, could you please add a FIXME comment indicating which code is supposed to be deleted?

hctim updated this revision to Diff 434145.Jun 3 2022, 2:29 PM
hctim marked 2 inline comments as done.

Add TODO() comments from Kirill's notes.

Herald added a project: Restricted Project. · View Herald TranscriptJun 3 2022, 2:29 PM
Herald added subscribers: llvm-commits, ormris, jdoerfert and 2 others. · View Herald Transcript
Harbormaster completed remote builds in B167804: Diff 434145.Jun 3 2022, 2:30 PM
kstoimenov accepted this revision.Jun 3 2022, 3:08 PM

Please get approval from vitalybuka@ before submitting.

This revision is now accepted and ready to land.Jun 3 2022, 3:08 PM
vitalybuka requested changes to this revision.Jun 3 2022, 3:21 PM

Can you please rebase this patch onto others two?

This revision now requires changes to proceed.Jun 3 2022, 3:21 PM
hctim updated this revision to Diff 434546.Jun 6 2022, 11:27 AM

Rebased.

Harbormaster completed remote builds in B168111: Diff 434546.Jun 6 2022, 12:07 PM
vitalybuka mentioned this in rG5d9de5f44660: [NFC] Clang-format parts of D126929 and D126100.Jun 7 2022, 2:09 PM
vitalybuka updated this revision to Diff 434956.Jun 7 2022, 2:23 PM

rebase

Harbormaster completed remote builds in B168413: Diff 434956.Jun 7 2022, 2:24 PM
vitalybuka added a comment.Jun 7 2022, 2:27 PM

I simplified this a little bit, but I guess this is effectively the same.

clang/lib/CodeGen/CodeGenModule.cpp
2766–2780

can this lines be landed separately?

clang/lib/CodeGen/SanitizerMetadata.cpp
85

it's incorrect as is
isInNoSanitizeList is sanitizer specific
we need to add isInNoSanitizeList version which return relevant SanitizerMask

110

Why don't we care about IsExcluded here?

vitalybuka mentioned this in D126100: Add sanitizer-specific GlobalValue attributes..Jun 7 2022, 2:32 PM
hctim marked 3 inline comments as done.Jun 8 2022, 11:01 AM
hctim added inline comments.
clang/lib/CodeGen/CodeGenModule.cpp
2766–2780

sure

clang/lib/CodeGen/SanitizerMetadata.cpp
85

sure, added the sanitizer-specific parsing as well, including a test (sanitizer-special-case-list-globals.txt)

110

doesn't matter as the global is disabled anyway, and this preserves previous behaviour which the existing tests assert on.

i'll make it conditional in the follow up change, as all the llvm.asan.globals tests need to be deleted. added a note.

hctim updated this revision to Diff 435257.Jun 8 2022, 11:01 AM
hctim marked 3 inline comments as done.

Update.

Harbormaster completed remote builds in B168633: Diff 435257.Jun 8 2022, 11:02 AM
vitalybuka added a comment.Jun 8 2022, 1:12 PM
In D126929#3567491, @hctim wrote:

Update.

Sorry if it want clear that I some changes. You undone my snapshot.

vitalybuka added a comment.Jun 8 2022, 1:41 PM

No need to recover my snapshot, I'll just comment here.

clang/lib/CodeGen/SanitizerMetadata.cpp
20

Seems inconsistent with the rest.
it no so frequently use here to justify indirection.

59

it can be in some weird ubsan check ignore list, and this way it will propagate on asan/hwasan
I don't think you can avoid extending isInNoSanitizeList (in a separate patch)

64

May be early isAsanHwasanOrMemTag check here is useful to avoid string stuff below for compilation without sanitizers.

64

the last arg is not sanitizer, just a particulate check of it
like "init" here llvm-project/compiler-rt/lib/asan/asan_ignorelist.txt

70

I don't insist but one it's cleaner with lambda and return
if you prefer your way please revert lambda in a separate patch

87–89

undo this line move

116

don't use {} for one liners

116

moving QualName calculation is unnecessary, please move it back before NoSanitizeMask

120

this if probably should go before the loop

vitalybuka added inline comments.Jun 8 2022, 1:44 PM
clang/lib/CodeGen/SanitizerMetadata.cpp
59

you you can introduce:

bool CodeGenModule::isInNoSanitizeList(SanitizerMask Kind, llvm::GlobalVariable *GV,
                                       SourceLocation Loc) const {

similar to

bool CodeGenModule::isInNoSanitizeList(SanitizerMask Kind, llvm::Function *Fn,
                                       SourceLocation Loc) const {
ormris removed a subscriber: ormris.Jun 8 2022, 3:05 PM
hctim marked 10 inline comments as done.Jun 9 2022, 1:49 PM
hctim added inline comments.
clang/lib/CodeGen/CodeGenModule.cpp
2766–2780

(now we do touch a little bit here regardless)

clang/lib/CodeGen/SanitizerMetadata.cpp
59

done, but bearing in mind if you have some global src: exclude in an -fsanitize-ignorelist that's designed to ignore some file for UBSan, and then you compile with -fsanitize=address,undefined and use that -fsanitize-ignorelist, then those GVs would also be ignored in ASan. The right way to go about that is to have the creator of the ignorelist make sure that the src: rule is in a [undefined] block. Added the expected use case to sanitizer-special-case-list-globals.txt.

i think it's small enough a change + relevant enough to this CL to not fork it out to a different patch and then have to do the cleanup twice.

64

sure, also hoisted the other check up

70

reverted it back, lambda here seems very fancy for a simple farmer like me, but i can't deny that it's pretty.

hctim updated this revision to Diff 435667.Jun 9 2022, 1:49 PM
hctim marked 3 inline comments as done.

update

Harbormaster completed remote builds in B168901: Diff 435667.Jun 9 2022, 1:50 PM
hctim updated this revision to Diff 435669.Jun 9 2022, 1:51 PM

Remove two unnecessary braces.

Harbormaster completed remote builds in B168903: Diff 435669.Jun 9 2022, 1:52 PM
hctim updated this revision to Diff 435671.Jun 9 2022, 1:52 PM

And some small diff-reducing touch ups

Harbormaster completed remote builds in B168905: Diff 435671.Jun 9 2022, 1:53 PM
hctim added a child revision: D127543: [HWASan] Use new IR attribute for communicating unsanitized globals..Jun 10 2022, 2:51 PM
hctim mentioned this in D127543: [HWASan] Use new IR attribute for communicating unsanitized globals..
vitalybuka added inline comments.Jun 10 2022, 5:56 PM
clang/lib/CodeGen/SanitizerMetadata.cpp
34

Prefer return value to output parameters:

SanitizerMask expandKernelSanitizerMasks(SanitizerMask Mask) {
  if (Mask & (SanitizerKind::Address | SanitizerKind::KernelAddress))
    Mask |= SanitizerKind::Address | SanitizerKind::KernelAddress;
  return Mask;
}
89–90

you don't need both here after expansion

you can either remove expandKernelSanitizerMasks(&NoSanitizeAttrMask);
or SanitizerKind::KernelAddress from here

93

same

101

Meta.IsDynInit -> IsDynInit
they must be equal, and this legacy code better not use new Meta.

vitalybuka accepted this revision.Jun 10 2022, 5:56 PM
This revision is now accepted and ready to land.Jun 10 2022, 5:56 PM
hctim updated this revision to Diff 436484.Jun 13 2022, 11:17 AM
hctim marked 4 inline comments as done.

Final review touch-ups.

clang/lib/CodeGen/SanitizerMetadata.cpp
101

sure. in practice, Meta.IsDynInit is exactly equal to IsDynInit, but moved it back for now.

hctim updated this revision to Diff 436485.Jun 13 2022, 11:18 AM

Remove one unnecessary set of brackets before submit.

This revision was landed with ongoing or failed builds.Jun 13 2022, 11:19 AM
Closed by commit rGe7766972a679: Add sanitizer metadata attributes to clang IR gen. (authored by hctim). · Explain Why
This revision was automatically updated to reflect the committed changes.
hctim added a commit: rGe7766972a679: Add sanitizer metadata attributes to clang IR gen..
thakis added a subscriber: thakis.Jun 13 2022, 11:57 AM

Looks like this breaks tests on win: http://45.33.8.238/win/60022/step_7.txt

Please take a look and revert for now if takes a while to fix.

hctim added a reverting change: rG8e1f47b596b2: Revert "Add sanitizer metadata attributes to clang IR gen.".Jun 13 2022, 12:11 PM
hctim added a commit: rG77475ffd2241: Reland "Add sanitizer metadata attributes to clang IR gen.".Jun 13 2022, 12:23 PM
hctim added a comment.Jun 13 2022, 12:25 PM

Thanks for the heads up. Reverted, and now re-landing. Unfortunately I don't have a Windows machine so I've made my best guesses about fixing (mostly seems to just symbol name mangling / global attributes that change on the windows target). I'll keep an eye on that specific bot but please let me know if I need to continue to whack-a-mole.

thakis added a comment.Jun 13 2022, 12:48 PM

The reland broke fewer tests, but it still broke tests: http://45.33.8.238/win/60026/step_7.txt

If you update the patch on here, the presubmit bot should also run windows tests, so you don't have to break main to find out if the patch works.

thakis added a comment.Jun 13 2022, 1:19 PM

Ping – windows bots are still red.

Harbormaster completed remote builds in B169512: Diff 436485.Jun 13 2022, 1:33 PM
hctim mentioned this in rG2a5d56704156: Fix-forward broken ASan test on Windows..Jun 13 2022, 2:23 PM
hctim added a comment.Jun 13 2022, 2:42 PM

LGTM: http://45.33.8.238/win/60042/summary.html

thakis added a comment.Jun 13 2022, 4:02 PM

Thanks for the successful whack-a-moling :)

Revision Contents

Diff 435667

clang/lib/CodeGen/CodeGenModule.h

Show First 20 LinesShow All 1,300 Lines▼ Show 20 Linespublic:
/// Add global annotations that are set on D, for the global GV. Those /// Add global annotations that are set on D, for the global GV. Those
/// annotations are emitted during finalization of the LLVM code. /// annotations are emitted during finalization of the LLVM code.
void AddGlobalAnnotations(const ValueDecl *D, llvm::GlobalValue *GV); void AddGlobalAnnotations(const ValueDecl *D, llvm::GlobalValue *GV);
bool isInNoSanitizeList(SanitizerMask Kind, llvm::Function *Fn, bool isInNoSanitizeList(SanitizerMask Kind, llvm::Function *Fn,
SourceLocation Loc) const; SourceLocation Loc) const;
bool isInNoSanitizeList(llvm::GlobalVariable *GV, SourceLocation Loc, bool isInNoSanitizeList(SanitizerMask Kind, llvm::GlobalVariable *GV,
QualType Ty, StringRef Category = StringRef()) const; SourceLocation Loc, QualType Ty,
StringRef Category = StringRef()) const;
/// Imbue XRay attributes to a function, applying the always/never attribute /// Imbue XRay attributes to a function, applying the always/never attribute
/// lists in the process. Returns true if we did imbue attributes this way, /// lists in the process. Returns true if we did imbue attributes this way,
/// false otherwise. /// false otherwise.
bool imbueXRayAttrs(llvm::Function *Fn, SourceLocation Loc, bool imbueXRayAttrs(llvm::Function *Fn, SourceLocation Loc,
StringRef Category = StringRef()) const; StringRef Category = StringRef()) const;
/// Returns true if function at the given location should be excluded from /// Returns true if function at the given location should be excluded from
▲ Show 20 LinesShow All 349 LinesShow Last 20 Lines

clang/lib/CodeGen/CodeGenModule.cpp

  • This file is larger than 256 KB, so syntax highlighting is disabled by default.
Show First 20 LinesShow All 2,752 Lines▼ Show 20 Linesbool CodeGenModule::isInNoSanitizeList(SanitizerMask Kind, llvm::Function *Fn,
// it's located in the main file. // it's located in the main file.
auto &SM = Context.getSourceManager(); auto &SM = Context.getSourceManager();
if (const auto *MainFile = SM.getFileEntryForID(SM.getMainFileID())) { if (const auto *MainFile = SM.getFileEntryForID(SM.getMainFileID())) {
return NoSanitizeL.containsFile(Kind, MainFile->getName()); return NoSanitizeL.containsFile(Kind, MainFile->getName());
} }
return false; return false;
} }
bool CodeGenModule::isInNoSanitizeList(llvm::GlobalVariable *GV, bool CodeGenModule::isInNoSanitizeList(SanitizerMask Kind,
llvm::GlobalVariable *GV,
SourceLocation Loc, QualType Ty, SourceLocation Loc, QualType Ty,
StringRef Category) const { StringRef Category) const {
// For now globals can be ignored only in ASan and KASan.
const SanitizerMask EnabledAsanMask =
LangOpts.Sanitize.Mask &
(SanitizerKind::Address | SanitizerKind::KernelAddress |
SanitizerKind::HWAddress | SanitizerKind::KernelHWAddress |
SanitizerKind::MemTag);
if (!EnabledAsanMask)
return false;
const auto &NoSanitizeL = getContext().getNoSanitizeList(); const auto &NoSanitizeL = getContext().getNoSanitizeList();
if (NoSanitizeL.containsGlobal(EnabledAsanMask, GV->getName(), Category)) if (NoSanitizeL.containsGlobal(Kind, GV->getName(), Category))
return true; return true;
if (NoSanitizeL.containsLocation(EnabledAsanMask, Loc, Category)) if (NoSanitizeL.containsLocation(Kind, Loc, Category))
return true; return true;
// Check global type. // Check global type.
if (!Ty.isNull()) { if (!Ty.isNull()) {
// Drill down the array types: if global variable of a fixed type is // Drill down the array types: if global variable of a fixed type is
// not sanitized, we also don't instrument arrays of them. // not sanitized, we also don't instrument arrays of them.
while (auto AT = dyn_cast<ArrayType>(Ty.getTypePtr())) while (auto AT = dyn_cast<ArrayType>(Ty.getTypePtr()))
Ty = AT->getElementType(); Ty = AT->getElementType();
Ty = Ty.getCanonicalType().getUnqualifiedType(); Ty = Ty.getCanonicalType().getUnqualifiedType();
// Only record types (classes, structs etc.) are ignored. // Only record types (classes, structs etc.) are ignored.
if (Ty->isRecordType()) { if (Ty->isRecordType()) {
std::string TypeStr = Ty.getAsString(getContext().getPrintingPolicy()); std::string TypeStr = Ty.getAsString(getContext().getPrintingPolicy());
if (NoSanitizeL.containsType(EnabledAsanMask, TypeStr, Category)) if (NoSanitizeL.containsType(Kind, TypeStr, Category))
vitalybukaUnsubmitted
Done
ReplyInline Actions

can this lines be landed separately?

vitalybuka: can this lines be landed separately?
hctimAuthorUnsubmitted
Done
ReplyInline Actions

sure

hctim: sure
hctimAuthorUnsubmitted
Done
ReplyInline Actions

(now we do touch a little bit here regardless)

hctim: (now we do touch a little bit here regardless)
return true; return true;
} }
} }
return false; return false;
} }
bool CodeGenModule::imbueXRayAttrs(llvm::Function *Fn, SourceLocation Loc, bool CodeGenModule::imbueXRayAttrs(llvm::Function *Fn, SourceLocation Loc,
StringRef Category) const { StringRef Category) const {
▲ Show 20 LinesShow All 4,071 LinesShow Last 20 Lines

clang/lib/CodeGen/SanitizerMetadata.h

//===--- SanitizerMetadata.h - Metadata for sanitizers ----------*- C++ -*-===// //===--- SanitizerMetadata.h - Metadata for sanitizers ----------*- C++ -*-===//
// //
// Part of the LLVM Project, under the Apache License v2.0 with LLVM Exceptions. // Part of the LLVM Project, under the Apache License v2.0 with LLVM Exceptions.
// See https://llvm.org/LICENSE.txt for license information. // See https://llvm.org/LICENSE.txt for license information.
// SPDX-License-Identifier: Apache-2.0 WITH LLVM-exception // SPDX-License-Identifier: Apache-2.0 WITH LLVM-exception
// //
//===----------------------------------------------------------------------===// //===----------------------------------------------------------------------===//
// //
// Class which emits metadata consumed by sanitizer instrumentation passes. // Class which emits metadata consumed by sanitizer instrumentation passes.
// //
//===----------------------------------------------------------------------===// //===----------------------------------------------------------------------===//
#ifndef LLVM_CLANG_LIB_CODEGEN_SANITIZERMETADATA_H #ifndef LLVM_CLANG_LIB_CODEGEN_SANITIZERMETADATA_H
#define LLVM_CLANG_LIB_CODEGEN_SANITIZERMETADATA_H #define LLVM_CLANG_LIB_CODEGEN_SANITIZERMETADATA_H
#include "clang/AST/Type.h" #include "clang/AST/Type.h"
#include "clang/Basic/LLVM.h" #include "clang/Basic/LLVM.h"
#include "clang/Basic/Sanitizers.h"
#include "clang/Basic/SourceLocation.h" #include "clang/Basic/SourceLocation.h"
namespace llvm { namespace llvm {
class GlobalVariable; class GlobalVariable;
class Instruction; class Instruction;
class MDNode; class MDNode;
} // namespace llvm } // namespace llvm
Show All 10 Linesclass SanitizerMetadata {
CodeGenModule &CGM; CodeGenModule &CGM;
public: public:
SanitizerMetadata(CodeGenModule &CGM); SanitizerMetadata(CodeGenModule &CGM);
void reportGlobal(llvm::GlobalVariable *GV, const VarDecl &D, void reportGlobal(llvm::GlobalVariable *GV, const VarDecl &D,
bool IsDynInit = false); bool IsDynInit = false);
void reportGlobal(llvm::GlobalVariable *GV, SourceLocation Loc, void reportGlobal(llvm::GlobalVariable *GV, SourceLocation Loc,
StringRef Name, QualType Ty = {}, bool IsDynInit = false); StringRef Name, QualType Ty = {},
SanitizerMask NoSanitizeAttrMask = {},
bool IsDynInit = false);
void disableSanitizerForGlobal(llvm::GlobalVariable *GV); void disableSanitizerForGlobal(llvm::GlobalVariable *GV);
void disableSanitizerForInstruction(llvm::Instruction *I); void disableSanitizerForInstruction(llvm::Instruction *I);
private: private:
void reportGlobal(llvm::GlobalVariable *GV, SourceLocation Loc, void reportGlobal(llvm::GlobalVariable *GV, SourceLocation Loc,
StringRef Name, QualType Ty, bool IsDynInit, StringRef Name, QualType Ty, bool IsDynInit,
bool IsExcluded); bool IsExcluded);
llvm::MDNode *getLocationMetadata(SourceLocation Loc); llvm::MDNode *getLocationMetadata(SourceLocation Loc);
}; };
} // end namespace CodeGen } // end namespace CodeGen
} // end namespace clang } // end namespace clang
#endif #endif

clang/lib/CodeGen/SanitizerMetadata.cpp

Show All 11 Lines
#include "SanitizerMetadata.h" #include "SanitizerMetadata.h"
#include "CodeGenModule.h" #include "CodeGenModule.h"
#include "clang/AST/Attr.h" #include "clang/AST/Attr.h"
#include "clang/AST/Type.h" #include "clang/AST/Type.h"
#include "clang/Basic/SourceManager.h" #include "clang/Basic/SourceManager.h"
#include "llvm/ADT/StringRef.h" #include "llvm/ADT/StringRef.h"
#include "llvm/IR/Constants.h" #include "llvm/IR/Constants.h"
using namespace clang; using namespace clang;
vitalybukaUnsubmitted
Done
ReplyInline Actions

Seems inconsistent with the rest.
it no so frequently use here to justify indirection.

vitalybuka: Seems inconsistent with the rest. it no so frequently use here to justify indirection.
using namespace CodeGen; using namespace CodeGen;
SanitizerMetadata::SanitizerMetadata(CodeGenModule &CGM) : CGM(CGM) {} SanitizerMetadata::SanitizerMetadata(CodeGenModule &CGM) : CGM(CGM) {}
// TODO(hctim): Can be removed when we migrate off of llvm.asan.globals. This
// prevents llvm.asan.globals from being emitted for
// __attribute__((disable_sanitizer_instrumentation)) and uses of
// -fsanitize-ignorelist when a sanitizer isn't enabled.
static bool isAsanHwasanOrMemTag(const SanitizerSet &SS) { static bool isAsanHwasanOrMemTag(const SanitizerSet &SS) {
return SS.hasOneOf(SanitizerKind::Address | SanitizerKind::KernelAddress | return SS.hasOneOf(SanitizerKind::Address | SanitizerKind::KernelAddress |
SanitizerKind::HWAddress | SanitizerKind::KernelHWAddress | SanitizerKind::HWAddress | SanitizerKind::MemTag);
SanitizerKind::MemTag); }
static void expandKernelSanitizerMasks(SanitizerMask *Mask) {
vitalybukaUnsubmitted
Done
ReplyInline Actions

Prefer return value to output parameters:

SanitizerMask expandKernelSanitizerMasks(SanitizerMask Mask) {
  if (Mask & (SanitizerKind::Address | SanitizerKind::KernelAddress))
    Mask |= SanitizerKind::Address | SanitizerKind::KernelAddress;
  return Mask;
}
vitalybuka: Prefer return value to output parameters: ``` SanitizerMask expandKernelSanitizerMasks…
if (*Mask & (SanitizerKind::Address | SanitizerKind::KernelAddress))
*Mask |= SanitizerKind::Address | SanitizerKind::KernelAddress;
// KHWASan doesn't support global variables.
} }
void SanitizerMetadata::reportGlobal(llvm::GlobalVariable *GV, void SanitizerMetadata::reportGlobal(llvm::GlobalVariable *GV,
SourceLocation Loc, StringRef Name, SourceLocation Loc, StringRef Name,
QualType Ty, bool IsDynInit, QualType Ty,
bool IsExcluded) { SanitizerMask NoSanitizeAttrMask,
IsDynInit &= !CGM.isInNoSanitizeList(GV, Loc, Ty, "init"); bool IsDynInit) {
IsExcluded |= CGM.isInNoSanitizeList(GV, Loc, Ty); SanitizerSet FsanitizeArgument = CGM.getLangOpts().Sanitize;
if (!isAsanHwasanOrMemTag(FsanitizeArgument))
return;
expandKernelSanitizerMasks(&FsanitizeArgument.Mask);
expandKernelSanitizerMasks(&NoSanitizeAttrMask);
SanitizerSet NoSanitizeAttrSet = {NoSanitizeAttrMask &
FsanitizeArgument.Mask};
kstoimenovUnsubmitted
Done
ReplyInline Actions

Would it make sense to create two separate functions something like reportGlobalNew and reportGlobalLegacy to make it more clear which one is which? Then you code will be something like the one below? You can come up with better names for functions, I am sure.

reportGlobal(...) {
  reportGlobalNew(...);
  reportGlobalLegacy(...);
}
kstoimenov: Would it make sense to create two separate functions something like reportGlobalNew and…
hctimAuthorUnsubmitted
Done
ReplyInline Actions

I think there's too much crossover (like calculating IsExcluded and setting of Meta.Sanitizer) to warrant splitting them out; and the follow-up patch is going to immediately delete the legacy code anyway :).

hctim: I think there's too much crossover (like calculating `IsExcluded` and setting of `Meta.
kstoimenovUnsubmitted
Done
ReplyInline Actions

In that case, could you please add a FIXME comment indicating which code is supposed to be deleted?

kstoimenov: In that case, could you please add a FIXME comment indicating which code is supposed to be…
llvm::GlobalVariable::SanitizerMetadata Meta;
if (GV->hasSanitizerMetadata())
Meta = GV->getSanitizerMetadata();
Meta.NoAddress |= NoSanitizeAttrSet.hasOneOf(SanitizerKind::Address |
SanitizerKind::KernelAddress);
vitalybukaUnsubmitted
Done
ReplyInline Actions

it can be in some weird ubsan check ignore list, and this way it will propagate on asan/hwasan
I don't think you can avoid extending isInNoSanitizeList (in a separate patch)

vitalybuka: it can be in some weird ubsan check ignore list, and this way it will propagate on asan/hwasan…
vitalybukaUnsubmitted
Done
ReplyInline Actions

you you can introduce:

bool CodeGenModule::isInNoSanitizeList(SanitizerMask Kind, llvm::GlobalVariable *GV,
                                       SourceLocation Loc) const {

similar to

bool CodeGenModule::isInNoSanitizeList(SanitizerMask Kind, llvm::Function *Fn,
                                       SourceLocation Loc) const {
vitalybuka: you you can introduce: ``` bool CodeGenModule::isInNoSanitizeList(SanitizerMask Kind, llvm…
hctimAuthorUnsubmitted
Done
ReplyInline Actions

done, but bearing in mind if you have some global src: exclude in an -fsanitize-ignorelist that's designed to ignore some file for UBSan, and then you compile with -fsanitize=address,undefined and use that -fsanitize-ignorelist, then those GVs would also be ignored in ASan. The right way to go about that is to have the creator of the ignorelist make sure that the src: rule is in a [undefined] block. Added the expected use case to sanitizer-special-case-list-globals.txt.

i think it's small enough a change + relevant enough to this CL to not fork it out to a different patch and then have to do the cleanup twice.

hctim: done, but bearing in mind if you have some global `src:` exclude in an `-fsanitize-ignorelist`…
Meta.NoAddress |= CGM.isInNoSanitizeList(
FsanitizeArgument.Mask &
(SanitizerKind::Address | SanitizerKind::KernelAddress),
GV, Loc, Ty);
vitalybukaUnsubmitted
Done
ReplyInline Actions

the last arg is not sanitizer, just a particulate check of it
like "init" here llvm-project/compiler-rt/lib/asan/asan_ignorelist.txt

vitalybuka: the last arg is not sanitizer, just a particulate check of it like "init" here llvm…
Meta.NoHWAddress |= NoSanitizeAttrSet.hasOneOf(SanitizerKind::HWAddress);
Meta.NoHWAddress |= CGM.isInNoSanitizeList(
FsanitizeArgument.Mask & (SanitizerKind::HWAddress), GV, Loc, Ty);
Meta.NoMemtag |= NoSanitizeAttrSet.hasOneOf(SanitizerKind::MemTag);
Meta.NoMemtag |= CGM.isInNoSanitizeList(
FsanitizeArgument.Mask & (SanitizerKind::MemTag), GV, Loc, Ty);
if (FsanitizeArgument.has(SanitizerKind::Address)) {
// TODO(hctim): Make this conditional when we migrate off llvm.asan.globals.
IsDynInit &= !CGM.isInNoSanitizeList(SanitizerKind::Address |
SanitizerKind::KernelAddress,
GV, Loc, Ty, "init");
Meta.IsDynInit = IsDynInit;
}
bool IsExcluded = Meta.NoAddress || Meta.NoHWAddress || Meta.NoMemtag;
GV->setSanitizerMetadata(Meta);
// TODO(hctim): Code below can be removed when we migrate off of
vitalybukaUnsubmitted
Done
ReplyInline Actions

it's incorrect as is
isInNoSanitizeList is sanitizer specific
we need to add isInNoSanitizeList version which return relevant SanitizerMask

vitalybuka: it's incorrect as is isInNoSanitizeList is sanitizer specific we need to add isInNoSanitizeList…
hctimAuthorUnsubmitted
Done
ReplyInline Actions

sure, added the sanitizer-specific parsing as well, including a test (sanitizer-special-case-list-globals.txt)

hctim: sure, added the sanitizer-specific parsing as well, including a test (sanitizer-special-case…
// llvm.asan.globals onto the new metadata attributes.
llvm::Metadata *LocDescr = nullptr; llvm::Metadata *LocDescr = nullptr;
llvm::Metadata *GlobalName = nullptr; llvm::Metadata *GlobalName = nullptr;
llvm::LLVMContext &VMContext = CGM.getLLVMContext(); llvm::LLVMContext &VMContext = CGM.getLLVMContext();
vitalybukaUnsubmitted
Done
ReplyInline Actions

undo this line move

vitalybuka: undo this line move
if (!IsExcluded) { if (!IsExcluded) {
vitalybukaUnsubmitted
Done
ReplyInline Actions

you don't need both here after expansion

you can either remove expandKernelSanitizerMasks(&NoSanitizeAttrMask);
or SanitizerKind::KernelAddress from here

vitalybuka: you don't need both here after expansion you can either remove expandKernelSanitizerMasks…
// Don't generate source location and global name if it is on // Don't generate source location and global name if it is on
// the NoSanitizeList - it won't be instrumented anyway. // the NoSanitizeList - it won't be instrumented anyway.
LocDescr = getLocationMetadata(Loc); LocDescr = getLocationMetadata(Loc);
vitalybukaUnsubmitted
Done
ReplyInline Actions

same

vitalybuka: same
if (!Name.empty()) if (!Name.empty())
GlobalName = llvm::MDString::get(VMContext, Name); GlobalName = llvm::MDString::get(VMContext, Name);
} }
llvm::Metadata *GlobalMetadata[] = { llvm::Metadata *GlobalMetadata[] = {
llvm::ConstantAsMetadata::get(GV), LocDescr, GlobalName, llvm::ConstantAsMetadata::get(GV), LocDescr, GlobalName,
llvm::ConstantAsMetadata::get( llvm::ConstantAsMetadata::get(llvm::ConstantInt::get(
llvm::ConstantInt::get(llvm::Type::getInt1Ty(VMContext), IsDynInit)), llvm::Type::getInt1Ty(VMContext), Meta.IsDynInit)),
vitalybukaUnsubmitted
Done
ReplyInline Actions

Meta.IsDynInit -> IsDynInit
they must be equal, and this legacy code better not use new Meta.

vitalybuka: Meta.IsDynInit -> IsDynInit they must be equal, and this legacy code better not use new Meta.
hctimAuthorUnsubmitted
Done
ReplyInline Actions

sure. in practice, Meta.IsDynInit is exactly equal to IsDynInit, but moved it back for now.

hctim: sure. in practice, `Meta.IsDynInit` is exactly equal to `IsDynInit`, but moved it back for now.
llvm::ConstantAsMetadata::get(llvm::ConstantInt::get( llvm::ConstantAsMetadata::get(llvm::ConstantInt::get(
llvm::Type::getInt1Ty(VMContext), IsExcluded))}; llvm::Type::getInt1Ty(VMContext), IsExcluded))};
llvm::MDNode *ThisGlobal = llvm::MDNode::get(VMContext, GlobalMetadata); llvm::MDNode *ThisGlobal = llvm::MDNode::get(VMContext, GlobalMetadata);
llvm::NamedMDNode *AsanGlobals = llvm::NamedMDNode *AsanGlobals =
CGM.getModule().getOrInsertNamedMetadata("llvm.asan.globals"); CGM.getModule().getOrInsertNamedMetadata("llvm.asan.globals");
AsanGlobals->addOperand(ThisGlobal); AsanGlobals->addOperand(ThisGlobal);
} }
vitalybukaUnsubmitted
Done
ReplyInline Actions

Why don't we care about IsExcluded here?

vitalybuka: Why don't we care about IsExcluded here?
hctimAuthorUnsubmitted
Done
ReplyInline Actions

doesn't matter as the global is disabled anyway, and this preserves previous behaviour which the existing tests assert on.

i'll make it conditional in the follow up change, as all the llvm.asan.globals tests need to be deleted. added a note.

hctim: doesn't matter as the global is disabled anyway, and this preserves previous behaviour which…
void SanitizerMetadata::reportGlobal(llvm::GlobalVariable *GV, const VarDecl &D, void SanitizerMetadata::reportGlobal(llvm::GlobalVariable *GV, const VarDecl &D,
bool IsDynInit) { bool IsDynInit) {
if (!isAsanHwasanOrMemTag(CGM.getLangOpts().Sanitize)) auto &SanTarget = CGM.getLangOpts().Sanitize;
vitalybukaUnsubmitted
Done
ReplyInline Actions

May be early isAsanHwasanOrMemTag check here is useful to avoid string stuff below for compilation without sanitizers.

vitalybuka: May be early isAsanHwasanOrMemTag check here is useful to avoid string stuff below for…
hctimAuthorUnsubmitted
Done
ReplyInline Actions

sure, also hoisted the other check up

hctim: sure, also hoisted the other check up
if (!isAsanHwasanOrMemTag(SanTarget))
return; return;
std::string QualName; std::string QualName;
vitalybukaUnsubmitted
Done
ReplyInline Actions

don't use {} for one liners

vitalybuka: don't use {} for one liners
vitalybukaUnsubmitted
Done
ReplyInline Actions

moving QualName calculation is unnecessary, please move it back before NoSanitizeMask

vitalybuka: moving QualName calculation is unnecessary, please move it back before NoSanitizeMask
llvm::raw_string_ostream OS(QualName); llvm::raw_string_ostream OS(QualName);
D.printQualifiedName(OS); D.printQualifiedName(OS);
auto getNoSanitizeMask = [](const VarDecl &D) { auto getNoSanitizeMask = [](const VarDecl &D) -> SanitizerMask {
vitalybukaUnsubmitted
Done
ReplyInline Actions

I don't insist but one it's cleaner with lambda and return
if you prefer your way please revert lambda in a separate patch

vitalybuka: I don't insist but one it's cleaner with lambda and return if you prefer your way please revert…
hctimAuthorUnsubmitted
Done
ReplyInline Actions

reverted it back, lambda here seems very fancy for a simple farmer like me, but i can't deny that it's pretty.

hctim: reverted it back, lambda here seems very fancy for a simple farmer like me, but i can't deny…
vitalybukaUnsubmitted
Done
ReplyInline Actions

this if probably should go before the loop

vitalybuka: this if probably should go before the loop
if (D.hasAttr<DisableSanitizerInstrumentationAttr>()) if (D.hasAttr<DisableSanitizerInstrumentationAttr>())
return SanitizerKind::All; return SanitizerKind::All;
SanitizerMask NoSanitizeMask; SanitizerMask NoSanitizeMask;
for (auto *Attr : D.specific_attrs<NoSanitizeAttr>()) for (auto *Attr : D.specific_attrs<NoSanitizeAttr>())
NoSanitizeMask |= Attr->getMask(); NoSanitizeMask |= Attr->getMask();
return NoSanitizeMask; return NoSanitizeMask;
}; };
reportGlobal(GV, D.getLocation(), OS.str(), D.getType(), IsDynInit,
SanitizerSet{getNoSanitizeMask(D)}.has(SanitizerKind::Address));
}
void SanitizerMetadata::reportGlobal(llvm::GlobalVariable *GV, reportGlobal(GV, D.getLocation(), OS.str(), D.getType(), getNoSanitizeMask(D),
SourceLocation Loc, StringRef Name, IsDynInit);
QualType Ty, bool IsDynInit) {
if (!isAsanHwasanOrMemTag(CGM.getLangOpts().Sanitize))
return;
reportGlobal(GV, Loc, Name, Ty, IsDynInit, false);
} }
void SanitizerMetadata::disableSanitizerForGlobal(llvm::GlobalVariable *GV) { void SanitizerMetadata::disableSanitizerForGlobal(llvm::GlobalVariable *GV) {
// For now, just make sure the global is not modified by the ASan reportGlobal(GV, SourceLocation(), "", QualType(), SanitizerKind::All);
// instrumentation.
if (isAsanHwasanOrMemTag(CGM.getLangOpts().Sanitize))
reportGlobal(GV, SourceLocation(), "", QualType(), false, true);
} }
void SanitizerMetadata::disableSanitizerForInstruction(llvm::Instruction *I) { void SanitizerMetadata::disableSanitizerForInstruction(llvm::Instruction *I) {
I->setMetadata(llvm::LLVMContext::MD_nosanitize, I->setMetadata(llvm::LLVMContext::MD_nosanitize,
llvm::MDNode::get(CGM.getLLVMContext(), None)); llvm::MDNode::get(CGM.getLLVMContext(), None));
} }
llvm::MDNode *SanitizerMetadata::getLocationMetadata(SourceLocation Loc) { llvm::MDNode *SanitizerMetadata::getLocationMetadata(SourceLocation Loc) {
Show All 13 Lines

clang/test/CodeGen/Inputs/sanitizer-special-case-list-globals.txt

  • This file was added.
global:always_ignored
[address]
global:asan_ignored
[hwaddress]
global:hwasan_ignored
[memtag]
global:memtag_ignored
[cfi-vcall|cfi-icall]
src:*

clang/test/CodeGen/asan-globals.cpp

Show All 17 Lines
int __special_global; // KASAN - ignore globals with __-prefix int __special_global; // KASAN - ignore globals with __-prefix
} }
void func() { void func() {
static int static_var = 0; static int static_var = 0;
const char *literal = "Hello, world!"; const char *literal = "Hello, world!";
} }
// ASAN: @dyn_init_global = global {{.*}}, sanitize_address_dyninit
// KASAN: @dyn_init_global = global {{.*}}, sanitize_address_dyninit
// ASAN: sectioned_global{{.*}} global { i32, [28 x i8] }{{.*}}, align 32 // ASAN: sectioned_global{{.*}} global { i32, [28 x i8] }{{.*}}, align 32
// KASAN: sectioned_global{{.*}} global i32 // KASAN: sectioned_global{{.*}} global i32
// ASAN: @__special_global{{.*}} global { i32, [28 x i8] }{{.*}}, align 32 // ASAN: @__special_global{{.*}} global { i32, [28 x i8] }{{.*}}, align 32
// KASAN: @__special_global{{.*}} global i32 // KASAN: @__special_global{{.*}} global i32
/// Without -fasynchronous-unwind-tables, ctor and dtor get the uwtable attribute. /// Without -fasynchronous-unwind-tables, ctor and dtor get the uwtable attribute.
// CHECK-LABEL: define internal void @asan.module_ctor() #[[#ATTR:]] { // CHECK-LABEL: define internal void @asan.module_ctor() #[[#ATTR:]] {
// ASAN-NEXT: call void @__asan_init // ASAN-NEXT: call void @__asan_init
▲ Show 20 LinesShow All 51 LinesShow Last 20 Lines

clang/test/CodeGen/sanitize-init-order.cpp

Show All 30 Linespublic:
PODWithCtor() {} PODWithCtor() {}
}; };
const volatile PODWithCtor array[5][5]; const volatile PODWithCtor array[5][5];
} }
// Check that ASan init-order checking ignores structs with trivial default // Check that ASan init-order checking ignores structs with trivial default
// constructor. // constructor.
// CHECK: @s1 = global
// CHECK-NOT: sanitize_address_dyninit
// CHECK: @s2 = global
// CHECK-NOT: sanitize_address_dyninit
// CHECK: @s3 = global {{.*}}, sanitize_address_dyninit
// CHECK: @{{.*}}array{{.*}} = global {{.*}}, sanitize_address_dyninit
// CHECK: !llvm.asan.globals = !{![[GLOB_1:[0-9]+]], ![[GLOB_2:[0-9]+]], ![[GLOB_3:[0-9]+]], ![[GLOB_4:[0-9]+]] // CHECK: !llvm.asan.globals = !{![[GLOB_1:[0-9]+]], ![[GLOB_2:[0-9]+]], ![[GLOB_3:[0-9]+]], ![[GLOB_4:[0-9]+]]
// CHECK: ![[GLOB_1]] = !{%struct.PODStruct* {{.*}}, i1 false, i1 false} // CHECK: ![[GLOB_1]] = !{%struct.PODStruct* {{.*}}, i1 false, i1 false}
// CHECK: ![[GLOB_2]] = !{%struct.PODWithDtor* {{.*}}, i1 false, i1 false} // CHECK: ![[GLOB_2]] = !{%struct.PODWithDtor* {{.*}}, i1 false, i1 false}
// CHECK: ![[GLOB_3]] = !{%struct.PODWithCtorAndDtor* {{.*}}, i1 true, i1 false} // CHECK: ![[GLOB_3]] = !{%struct.PODWithCtorAndDtor* {{.*}}, i1 true, i1 false}
// CHECK: ![[GLOB_4]] = !{{{.*}}class.NS::PODWithCtor{{.*}}, i1 true, i1 false} // CHECK: ![[GLOB_4]] = !{{{.*}}class.NS::PODWithCtor{{.*}}, i1 true, i1 false}
// IGNORELIST: @s1 = global
// IGNORELIST-NOT: sanitize_address_dyninit
// IGNORELIST: @s2 = global
// IGNORELIST-NOT: sanitize_address_dyninit
// IGNORELIST: @s3 = global
// IGNORELIST-NOT: sanitize_address_dyninit
// IGNORELIST: @{{.*}}array{{.*}} = global
// IGNORELIST-NOT: sanitize_address_dyninit
// IGNORELIST: !llvm.asan.globals = !{![[GLOB_1:[0-9]+]], ![[GLOB_2:[0-9]+]], ![[GLOB_3:[0-9]+]], ![[GLOB_4:[0-9]+]]} // IGNORELIST: !llvm.asan.globals = !{![[GLOB_1:[0-9]+]], ![[GLOB_2:[0-9]+]], ![[GLOB_3:[0-9]+]], ![[GLOB_4:[0-9]+]]}
// IGNORELIST: ![[GLOB_1]] = !{%struct.PODStruct* {{.*}}, i1 false, i1 false} // IGNORELIST: ![[GLOB_1]] = !{%struct.PODStruct* {{.*}}, i1 false, i1 false}
// IGNORELIST: ![[GLOB_2]] = !{%struct.PODWithDtor* {{.*}}, i1 false, i1 false} // IGNORELIST: ![[GLOB_2]] = !{%struct.PODWithDtor* {{.*}}, i1 false, i1 false}
// IGNORELIST: ![[GLOB_3]] = !{%struct.PODWithCtorAndDtor* {{.*}}, i1 false, i1 false} // IGNORELIST: ![[GLOB_3]] = !{%struct.PODWithCtorAndDtor* {{.*}}, i1 false, i1 false}
// IGNORELIST: ![[GLOB_4]] = !{{{.*}}class.NS::PODWithCtor{{.*}}, i1 false, i1 false} // IGNORELIST: ![[GLOB_4]] = !{{{.*}}class.NS::PODWithCtor{{.*}}, i1 false, i1 false}

clang/test/CodeGen/sanitizer-special-case-list-globals.c

  • This file was added.
/// Verify that ignorelist sections correctly select sanitizers to apply
/// ignorelist entries to.
// RUN: %clang_cc1 -emit-llvm %s -o -\
// RUN: -fsanitize-ignorelist=%S/Inputs/sanitizer-special-case-list-globals.txt \
// RUN: | FileCheck %s --check-prefix=NONE
// RUN: %clang_cc1 -fsanitize=address -emit-llvm %s -o -\
// RUN: -fsanitize-ignorelist=%S/Inputs/sanitizer-special-case-list-globals.txt \
// RUN: | FileCheck %s --check-prefix=ASAN
/// Note: HWASan effectively reorders globals (it puts the unsanitized ones
/// first), which is hard to check for, as 'CHECK-DAG' doesn't play terribly
/// nicely with 'CHECK-NOT'. This is why the 'always_ignored' and
/// 'hwasan_ignored' comes first in this file.
// RUN: %clang_cc1 -fsanitize=hwaddress -emit-llvm %s -o -\
// RUN: -fsanitize-ignorelist=%S/Inputs/sanitizer-special-case-list-globals.txt \
// RUN: | FileCheck %s --check-prefix=HWASAN
/// TODO(hctim): Move over to memtag-globals when it's implemented. For now
/// though, it's fine, the frontend still annotates based on any memtag sanitizer
/// being used.
// RUN: %clang_cc1 -fsanitize=memtag-heap -triple=aarch64-linux-android31 -emit-llvm %s -o -\
// RUN: -fsanitize-ignorelist=%S/Inputs/sanitizer-special-case-list-globals.txt \
// RUN: | FileCheck %s --check-prefix=MEMTAG
/// Check that the '[cfi-vcall|cfi-icall] src:*' rule in the ignorelist doesn't change
/// anything for ASan.
// RUN: %clang_cc1 -fsanitize=address -emit-llvm %s -o -\
// RUN: -fsanitize-ignorelist=%S/Inputs/sanitizer-special-case-list-globals.txt \
// RUN: | FileCheck %s --check-prefix=ASAN
/// Check that -fsanitize=kernel-address picks up the '[address]' groups.
// RUN: %clang_cc1 -fsanitize=kernel-address -mllvm -hwasan-kernel=1 -emit-llvm %s -o -\
// RUN: -fsanitize-ignorelist=%S/Inputs/sanitizer-special-case-list-globals.txt \
// RUN: | FileCheck %s --check-prefix=ASAN
/// KHWASan doesn't instrument global variables.
// RUN: %clang_cc1 -fsanitize=kernel-hwaddress -mllvm -hwasan-kernel=1 -emit-llvm %s -o -\
// RUN: -fsanitize-ignorelist=%S/Inputs/sanitizer-special-case-list-globals.txt \
// RUN: | FileCheck %s --check-prefix=NONE
/// Check that the '[cfi-vcall|cfi-icall] src:*' rule doesnt' emit anything for
/// GVs.
// RUN: %clang_cc1 -fsanitize=cfi-vcall,cfi-icall -emit-llvm %s -o -\
// RUN: -fsanitize-ignorelist=%S/Inputs/sanitizer-special-case-list-globals.txt \
// RUN: | FileCheck %s --check-prefix=NONE
// NONE: @always_ignored = global
// NONE-NOT: no_sanitize
// ASAN: @always_ignored = global {{.*}}, no_sanitize_address
// HWASAN: @always_ignored = global {{.*}}, no_sanitize_hwaddress
// MEMTAG: @always_ignored = global {{.*}}, no_sanitize_memtag
unsigned always_ignored;
// NONE: @hwasan_ignored = global
// NONE-NOT: no_sanitize
// ASAN: @hwasan_ignored = global
// ASAN-NOT: no_sanitize_address
// HWASAN: @hwasan_ignored = global {{.*}}, no_sanitize_hwaddress
// MEMTAG: @hwasan_ignored = global
// MEMTAG-NOT: no_sanitize_memtag
unsigned hwasan_ignored;
// NONE: @asan_ignored = global
// NONE-NOT: asan_ignored
// ASAN: @asan_ignored = global {{.*}}, no_sanitize_address
// HWASAN: @asan_ignored.hwasan = {{.*}} global
// HWASAN-NOT: no_sanitize_hwaddress
// MEMTAG: @asan_ignored = global
// MEMTAG-NOT: no_sanitize_memtag
unsigned asan_ignored;
// NONE: @memtag_ignored = global
// NONE-NOT: memtag_ignored
// ASAN: @memtag_ignored = global
// ASAN-NOT: no_sanitize_address
// HWASAN: @memtag_ignored.hwasan = {{.*}} global
// HWASAN-NOT: no_sanitize_hwaddress
// MEMTAG: @memtag_ignored = global {{.*}}, no_sanitize_memtag
unsigned memtag_ignored;
// NONE: @never_ignored = global
// NONE-NOT: never_ignored
// ASAN: @never_ignored = global
// ASAN-NOT: no_sanitize_address
// HWASAN: @never_ignored.hwasan = {{.*}} global
// HWASAN-NOT: no_sanitize_hwaddress
// MEMTAG: @never_ignored = global
// MEMTAG-NOT: no_sanitize_memtag
unsigned never_ignored;