This is an archive of the discontinued LLVM Phabricator instance.

Differential D128387

[hwasan] Add __hwasan_add_frame_record to the hwasan interface
ClosedPublic

Authored by leonardchan on Jun 22 2022, 3:27 PM.

Details

Reviewers
mcgrathr
vitalybuka
eugenis
Commits
rG21f72c05c4e4: [hwasan] Add __hwasan_add_frame_record to the hwasan interface
rG4956620387ee: [hwasan] Add __hwasan_record_frame_record to the hwasan interface
Summary

Hwasan includes instructions in the prologue that mix the PC and SP and store it into the stack ring buffer stored at __hwasan_tls. This is a thread_local global exposed from the hwasan runtime. However, if TLS-mechanisms or the hwasan runtime haven't been setup yet, it will be invalid to access __hwasan_tls. This is the case for Fuchsia where we instrument libc, so some functions that are instrumented but can run before hwasan initialization will incorrectly access this global. Additionally, libc cannot have any TLS variables, so we cannot weakly define __hwasan_tls until the runtime is loaded.

A way we can work around this is by moving the instructions into a hwasan function that does the store into the ring buffer and creating a weak definition of that function locally in libc. This way __hwasan_tls will not actually be referenced. This is not our long-term solution, but this will allow us to roll out hwasan in the meantime.

This patch includes:

  • A new llvm flag for choosing to emit a libcall rather than instructions in the prologue (off by default)
  • The libcall for storing into the ringbuffer (__hwasan_record_frame_record)

Diff Detail

Event Timeline

leonardchan created this revision.Jun 22 2022, 3:27 PM
Herald added a project: Restricted Project. · View Herald TranscriptJun 22 2022, 3:27 PM
Herald added subscribers: Enna1, hiraditya. · View Herald Transcript
leonardchan requested review of this revision.Jun 22 2022, 3:27 PM
Herald added a project: Restricted Project. · View Herald TranscriptJun 22 2022, 3:27 PM
Herald added a subscriber: llvm-commits. · View Herald Transcript
vitalybuka added a comment.Jun 22 2022, 3:33 PM

Could you please move refactoring (like extraction emitPrologue) into a separate CL?

We also need one test for runtime and one test for generated IR.

Harbormaster completed remote builds in B171440: Diff 439172.Jun 22 2022, 3:59 PM
leonardchan mentioned this in D128551: [NFC][HWASan] Refactor hwasan pass.Jun 24 2022, 12:32 PM
leonardchan mentioned this in rG9553d695804c: [NFC][HWASan] Refactor hwasan pass.Jun 28 2022, 12:09 PM
leonardchan updated this revision to Diff 440812.Jun 28 2022, 4:57 PM
leonardchan edited the summary of this revision. (Show Details)

Added tests and this patch doesn't contain refactoring.

Herald added subscribers: abrachet, phosek. · View Herald TranscriptJun 28 2022, 4:57 PM
Harbormaster completed remote builds in B172616: Diff 440812.Jun 28 2022, 6:23 PM
leonardchan added a comment.Jun 30 2022, 3:38 PM
In D128387#3603205, @vitalybuka wrote:

Could you please move refactoring (like extraction emitPrologue) into a separate CL?

We also need one test for runtime and one test for generated IR.

Should I break this up into 2 compiler-rt and llvm patches?

mcgrathr added a comment.Jul 6 2022, 11:14 AM

I don't see a problem having the compiler-rt and compiler changes in the same commit. Seems desirable in this case, actually.

compiler-rt/lib/hwasan/hwasan_interface_internal.h
172

A comment here about when the compiler generates calls to this would be helpful.

llvm/lib/Transforms/Instrumentation/HWAddressSanitizer.cpp
1237

It seems better to call the subroutine you just broke out above rather than to have its logic still open-coded here as well.
Conversely, perhaps just move this code up before the conditional and reuse the same FrameRecordInfo local variable in both the libcall and direct-store cases, rather than having a subroutine.

vitalybuka added a comment.Jul 6 2022, 2:07 PM
In D128387#3623787, @leonardchan wrote:
In D128387#3603205, @vitalybuka wrote:

Could you please move refactoring (like extraction emitPrologue) into a separate CL?

We also need one test for runtime and one test for generated IR.

Should I break this up into 2 compiler-rt and llvm patches?

I don't have preference regarding compiler-rt / llvm split. Seems having them together is useful.
It's more about moving as much as possible into NFC patches. Also in this snapshot it's not obvious what can be move out of the patch.

compiler-rt/lib/hwasan/hwasan.cpp
579

can have a nicer name?
maybe __hwasan_add_frame_record

llvm/lib/Transforms/Instrumentation/HWAddressSanitizer.cpp
182–207

maybe better to convert hwasan-record-stack-history into enum?
hwasan-record-stack-history-with-calls is meaningless if hwasan-record-stack-history=0

1237

Also looks like can be inserted twice
Value *ThreadLong = IRB.CreateLoad(IntptrTy, SlotPtr);

1241–1244

When I asked about refactoring, you can do all NFC changes in a separate patch,
maybe you can reorder ThreadLongMaybeUntagged calculations in NFC patch so you don't have to touch it here

leonardchan updated this revision to Diff 442719.Jul 6 2022, 4:43 PM
leonardchan marked 5 inline comments as done.
leonardchan retitled this revision from [hwasan] Add __hwasan_record_frame_record to the hwasan interface to [hwasan] Add __hwasan_add_frame_record to the hwasan interface.

Addressed some comments. Also updated the current stack history codegen path such that getFrameRecordInfo can be reused. Although this changes some test cases. If the patch is too big with this, I think I can move that into a separate one.

llvm/lib/Transforms/Instrumentation/HWAddressSanitizer.cpp
182–207

Done and updated tests. I couldn't think of a better enum value for the default behavior other than instr :/

1237

It seems better to call the subroutine you just broke out above rather than to have its logic still open-coded here as well. Conversely, perhaps just move this code up before the conditional and reuse the same FrameRecordInfo local variable in both the libcall and direct-store cases, rather than having a subroutine.

Can do. I initially wanted to leave that out since it would mean this patch changes the IR in the prologue slightly and updating some tests that I could save for another patch. Currently, the order is (1) inttoptr (2) or PC, SP (3) store. But reusing the subroutine or FrameRecordInfo would change the order to (1) or SP, PC (2) inttoptr (3) store, but I think that shouldn't affect lowering from IR much.

Also looks like can be inserted twice
Value *ThreadLong = IRB.CreateLoad(IntptrTy, SlotPtr);

I think the second Value *ThreadLong = IRB.CreateLoad(IntptrTy, SlotPtr); in the conditional below shouldn't happen if ThreadLongMaybeUntagged is set, which will be set in this block where the first CreateLoad would happen since it looks like ThreadLongMaybeUntagged = TargetTriple.isAArch64() ? ThreadLong : untagPointer(IRB, ThreadLong) should never be nullptr, unless I'm perhaps missing something.

1241–1244

So this part's a bit awkward bc in the above block, the intermediate variables SlotPtr and ThreadLong are used for a bunch of other things like WrapMask and StackBaseTag which aren't needed here. That is, if ThreadLongMaybeUntagged isn't set above, then neither would SlotPtr or ThreadLong. I suppose I could have something like:

Value *getThreadLongMaybeUntagged(Value *&SlotPtr, Value *&ThreadLong) {
    if (!SlotPtr)
        SlotPtr = getHwasanThreadSlotPtr(IRB, IntptrTy);
    if (!ThreadLong)
        ThreadLong = IRB.CreateLoad(IntptrTy, SlotPtr);
    // Extract the address field from ThreadLong. Unnecessary on AArch64 with TBI.
    return TargetTriple.isAArch64() ? ThreadLong : untagPointer(IRB, ThreadLong);
}

  Value *ThreadLongMaybeUntagged = nullptr, *SlotPtr = nullptr, *ThreadLong = nullptr;
  if (WithFrameRecord) {
    if (ClRecordStackHistoryWithCalls) {
        ....
    } else {
        ThreadLongMaybeUntagged = getThreadLongMaybeUntagged(SlotPtr, ThreadLong);
        ....
    }
  }

  if (!ShadowBase) {
    if (!ThreadLongMaybeUntagged) {
      ThreadLongMaybeUntagged = getThreadLongMaybeUntagged(SlotPtr, ThreadLong);
      ...

where I can save intermediate values?

Harbormaster completed remote builds in B174010: Diff 442719.Jul 6 2022, 5:32 PM
vitalybuka added a comment.Jul 6 2022, 9:49 PM

LGTM

llvm/lib/Transforms/Instrumentation/HWAddressSanitizer.cpp
1160

you can add this function in a separate patch

1200–1238

switch/case

1241–1244

function local lambda works for me

auto getThreadLongMaybeUntagged = [&]() {
    if (!SlotPtr)
        SlotPtr = getHwasanThreadSlotPtr(IRB, IntptrTy);
    if (!ThreadLong)
        ThreadLong = IRB.CreateLoad(IntptrTy, SlotPtr);
    // Extract the address field from ThreadLong. Unnecessary on AArch64 with TBI.
    return TargetTriple.isAArch64() ? ThreadLong : untagPointer(IRB, ThreadLong);
}
vitalybuka accepted this revision.Jul 7 2022, 10:26 AM
vitalybuka added 1 blocking reviewer(s): mcgrathr.
leonardchan mentioned this in D129315: [hwasan] Refactor frame record info into function.Jul 7 2022, 11:42 AM
leonardchan marked an inline comment as done.
leonardchan added inline comments.
llvm/lib/Transforms/Instrumentation/HWAddressSanitizer.cpp
1160

Made https://reviews.llvm.org/D129315

leonardchan mentioned this in rG0f589826a301: [hwasan] Refactor frame record info into function.Jul 7 2022, 2:45 PM
leonardchan updated this revision to Diff 443076.Jul 7 2022, 3:15 PM
leonardchan marked 3 inline comments as done.
leonardchan marked an inline comment as done.
Harbormaster completed remote builds in B174267: Diff 443076.Jul 7 2022, 4:05 PM
leonardchan added a comment.Jul 12 2022, 2:28 PM

ping @mcgrathr does this look good to you?

mcgrathr accepted this revision.Jul 13 2022, 1:28 PM

LGTM, I didn't realize Phabricator considered me to be blocking.

This revision is now accepted and ready to land.Jul 13 2022, 1:28 PM
This revision was landed with ongoing or failed builds.Jul 13 2022, 2:09 PM
Closed by commit rG4956620387ee: [hwasan] Add __hwasan_record_frame_record to the hwasan interface (authored by leonardchan). · Explain Why
This revision was automatically updated to reflect the committed changes.
leonardchan added a commit: rG4956620387ee: [hwasan] Add __hwasan_record_frame_record to the hwasan interface.
leonardchan added a reverting change: rGd843d5c8e6c9: Revert "[hwasan] Add __hwasan_record_frame_record to the hwasan interface".Jul 13 2022, 3:06 PM
leonardchan added a commit: rG21f72c05c4e4: [hwasan] Add __hwasan_add_frame_record to the hwasan interface.Jul 13 2022, 3:15 PM

Revision Contents

PathSize
compiler-rt/
lib/
hwasan/
6 lines
8 lines
test/
hwasan/
TestCases/
9 lines
6 lines
4 lines
4 lines
llvm/
lib/
Transforms/
Instrumentation/
120 lines
test/
Instrumentation/
HWAddressSanitizer/
36 lines

Diff 443076

compiler-rt/lib/hwasan/hwasan.cpp

Show First 20 LinesShow All 570 Lines▼ Show 20 Lines
static const u8 kFallbackTag = 0xBB & kTagMask; static const u8 kFallbackTag = 0xBB & kTagMask;
u8 __hwasan_generate_tag() { u8 __hwasan_generate_tag() {
Thread *t = GetCurrentThread(); Thread *t = GetCurrentThread();
if (!t) return kFallbackTag; if (!t) return kFallbackTag;
return t->GenerateRandomTag(); return t->GenerateRandomTag();
} }
void __hwasan_add_frame_record(u64 frame_record_info) {
vitalybukaUnsubmitted
Done
ReplyInline Actions

can have a nicer name?
maybe __hwasan_add_frame_record

vitalybuka: can have a nicer name? maybe __hwasan_add_frame_record
Thread *t = GetCurrentThread();
if (t)
t->stack_allocations()->push(frame_record_info);
}
#if !SANITIZER_SUPPORTS_WEAK_HOOKS #if !SANITIZER_SUPPORTS_WEAK_HOOKS
extern "C" { extern "C" {
SANITIZER_INTERFACE_ATTRIBUTE SANITIZER_WEAK_ATTRIBUTE SANITIZER_INTERFACE_ATTRIBUTE SANITIZER_WEAK_ATTRIBUTE
const char* __hwasan_default_options() { return ""; } const char* __hwasan_default_options() { return ""; }
} // extern "C" } // extern "C"
#endif #endif
extern "C" { extern "C" {
Show All 14 Lines

compiler-rt/lib/hwasan/hwasan_interface_internal.h

Show First 20 LinesShow All 162 Lines▼ Show 20 Lines
void __hwasan_thread_enter(); void __hwasan_thread_enter();
SANITIZER_INTERFACE_ATTRIBUTE SANITIZER_INTERFACE_ATTRIBUTE
void __hwasan_thread_exit(); void __hwasan_thread_exit();
SANITIZER_INTERFACE_ATTRIBUTE SANITIZER_INTERFACE_ATTRIBUTE
void __hwasan_print_memory_usage(); void __hwasan_print_memory_usage();
// The compiler will generate this when
// `-hwasan-record-stack-history-with-calls` is added as a flag, which will add
mcgrathrUnsubmitted
Done
ReplyInline Actions

A comment here about when the compiler generates calls to this would be helpful.

mcgrathr: A comment here about when the compiler generates calls to this would be helpful.
// frame record information to the stack ring buffer. This is an alternative to
// the compiler emitting instructions in the prologue for doing the same thing
// by accessing the ring buffer directly.
SANITIZER_INTERFACE_ATTRIBUTE
void __hwasan_add_frame_record(u64 frame_record_info);
SANITIZER_INTERFACE_ATTRIBUTE SANITIZER_INTERFACE_ATTRIBUTE
void *__hwasan_memcpy(void *dst, const void *src, uptr size); void *__hwasan_memcpy(void *dst, const void *src, uptr size);
SANITIZER_INTERFACE_ATTRIBUTE SANITIZER_INTERFACE_ATTRIBUTE
void *__hwasan_memset(void *s, int c, uptr n); void *__hwasan_memset(void *s, int c, uptr n);
SANITIZER_INTERFACE_ATTRIBUTE SANITIZER_INTERFACE_ATTRIBUTE
void *__hwasan_memmove(void *dest, const void *src, uptr n); void *__hwasan_memmove(void *dest, const void *src, uptr n);
SANITIZER_INTERFACE_ATTRIBUTE SANITIZER_INTERFACE_ATTRIBUTE
void __hwasan_set_error_report_callback(void (*callback)(const char *)); void __hwasan_set_error_report_callback(void (*callback)(const char *));
} // extern "C" } // extern "C"
#endif // HWASAN_INTERFACE_INTERNAL_H #endif // HWASAN_INTERFACE_INTERNAL_H

compiler-rt/test/hwasan/TestCases/deep-recursion.c

// RUN: %clang_hwasan -O1 %s -o %t // RUN: %clang_hwasan -O1 %s -o %t
// RUN: %env_hwasan_opts=stack_history_size=1 not %run %t 2>&1 | FileCheck %s --check-prefix=D1 // RUN: %env_hwasan_opts=stack_history_size=1 not %run %t 2>&1 | FileCheck %s --check-prefix=D1
// RUN: %env_hwasan_opts=stack_history_size=2 not %run %t 2>&1 | FileCheck %s --check-prefix=D2 // RUN: %env_hwasan_opts=stack_history_size=2 not %run %t 2>&1 | FileCheck %s --check-prefix=D2
// RUN: %env_hwasan_opts=stack_history_size=3 not %run %t 2>&1 | FileCheck %s --check-prefix=D3 // RUN: %env_hwasan_opts=stack_history_size=3 not %run %t 2>&1 | FileCheck %s --check-prefix=D3
// RUN: %env_hwasan_opts=stack_history_size=5 not %run %t 2>&1 | FileCheck %s --check-prefix=D5 // RUN: %env_hwasan_opts=stack_history_size=5 not %run %t 2>&1 | FileCheck %s --check-prefix=D5
// RUN: not %run %t 2>&1 | FileCheck %s --check-prefix=DEFAULT // RUN: not %run %t 2>&1 | FileCheck %s --check-prefix=DEFAULT
// Run the same tests as above, but using the __hwasan_add_frame_record libcall.
// The output should be the exact same.
// RUN: %clang_hwasan -O1 %s -o %t -mllvm -hwasan-record-stack-history=libcall
// RUN: %env_hwasan_opts=stack_history_size=1 not %run %t 2>&1 | FileCheck %s --check-prefix=D1
// RUN: %env_hwasan_opts=stack_history_size=2 not %run %t 2>&1 | FileCheck %s --check-prefix=D2
// RUN: %env_hwasan_opts=stack_history_size=3 not %run %t 2>&1 | FileCheck %s --check-prefix=D3
// RUN: %env_hwasan_opts=stack_history_size=5 not %run %t 2>&1 | FileCheck %s --check-prefix=D5
// RUN: not %run %t 2>&1 | FileCheck %s --check-prefix=DEFAULT
// REQUIRES: stable-runtime // REQUIRES: stable-runtime
// Stack histories are currently not recorded on x86. // Stack histories are currently not recorded on x86.
// XFAIL: x86_64 // XFAIL: x86_64
#include <stdlib.h> #include <stdlib.h>
// At least -O1 is needed for this function to not have a stack frame on // At least -O1 is needed for this function to not have a stack frame on
// AArch64. // AArch64.
▲ Show 20 LinesShow All 61 LinesShow Last 20 Lines

compiler-rt/test/hwasan/TestCases/stack-history-length.c

// RUN: %clang_hwasan -O1 %s -o %t // RUN: %clang_hwasan -O1 %s -o %t
// RUN: %env_hwasan_opts=stack_history_size=2048 not %run %t 2045 2>&1 | FileCheck %s --check-prefix=YES // RUN: %env_hwasan_opts=stack_history_size=2048 not %run %t 2045 2>&1 | FileCheck %s --check-prefix=YES
// RUN: %env_hwasan_opts=stack_history_size=2048 not %run %t 2047 2>&1 | FileCheck %s --check-prefix=NO // RUN: %env_hwasan_opts=stack_history_size=2048 not %run %t 2047 2>&1 | FileCheck %s --check-prefix=NO
// Run the same tests as above, but using the __hwasan_add_frame_record libcall.
// The output should be the exact same.
// RUN: %clang_hwasan -O1 %s -o %t -mllvm -hwasan-record-stack-history=libcall
// RUN: %env_hwasan_opts=stack_history_size=2048 not %run %t 2045 2>&1 | FileCheck %s --check-prefix=YES
// RUN: %env_hwasan_opts=stack_history_size=2048 not %run %t 2047 2>&1 | FileCheck %s --check-prefix=NO
// REQUIRES: stable-runtime // REQUIRES: stable-runtime
// Stack histories are currently not recorded on x86. // Stack histories are currently not recorded on x86.
// XFAIL: x86_64 // XFAIL: x86_64
#include <stdlib.h> #include <stdlib.h>
void USE(void *x) { // pretend_to_do_something(void *x) void USE(void *x) { // pretend_to_do_something(void *x)
Show All 30 Lines

compiler-rt/test/hwasan/TestCases/stack-uar.c

// Tests use-after-return detection and reporting. // Tests use-after-return detection and reporting.
// RUN: %clang_hwasan -g %s -o %t && not %run %t 2>&1 | FileCheck %s // RUN: %clang_hwasan -g %s -o %t && not %run %t 2>&1 | FileCheck %s
// RUN: %clang_hwasan -g %s -o %t && not %env_hwasan_opts=symbolize=0 %run %t 2>&1 | FileCheck %s --check-prefix=NOSYM // RUN: %clang_hwasan -g %s -o %t && not %env_hwasan_opts=symbolize=0 %run %t 2>&1 | FileCheck %s --check-prefix=NOSYM
// Run the same test as above, but using the __hwasan_add_frame_record libcall.
// The output should be the exact same.
// RUN: %clang_hwasan -g %s -o %t -mllvm -hwasan-record-stack-history=libcall && not %env_hwasan_opts=symbolize=0 %run %t 2>&1 | FileCheck %s --check-prefix=NOSYM
// REQUIRES: stable-runtime // REQUIRES: stable-runtime
// Stack histories currently are not recorded on x86. // Stack histories currently are not recorded on x86.
// XFAIL: x86_64 // XFAIL: x86_64
void USE(void *x) { // pretend_to_do_something(void *x) void USE(void *x) { // pretend_to_do_something(void *x)
__asm__ __volatile__("" : : "r" (x) : "memory"); __asm__ __volatile__("" : : "r" (x) : "memory");
} }
Show All 35 Lines

compiler-rt/test/hwasan/TestCases/stack-uas.c

// Tests use-after-scope detection and reporting. // Tests use-after-scope detection and reporting.
// RUN: %clang_hwasan -mllvm -hwasan-use-after-scope -g %s -o %t && not %run %t 2>&1 | FileCheck %s // RUN: %clang_hwasan -mllvm -hwasan-use-after-scope -g %s -o %t && not %run %t 2>&1 | FileCheck %s
// RUN: %clang_hwasan -mllvm -hwasan-use-after-scope -g %s -o %t && not %env_hwasan_opts=symbolize=0 %run %t 2>&1 | FileCheck %s --check-prefix=NOSYM // RUN: %clang_hwasan -mllvm -hwasan-use-after-scope -g %s -o %t && not %env_hwasan_opts=symbolize=0 %run %t 2>&1 | FileCheck %s --check-prefix=NOSYM
// RUN: %clang_hwasan -mllvm -hwasan-use-after-scope=false -g %s -o %t && %run %t 2>&1 // RUN: %clang_hwasan -mllvm -hwasan-use-after-scope=false -g %s -o %t && %run %t 2>&1
// Use after scope is turned off by default. // Use after scope is turned off by default.
// RUN: %clang_hwasan -g %s -o %t && %run %t 2>&1 // RUN: %clang_hwasan -g %s -o %t && %run %t 2>&1
// RUN: %clang_hwasan -mllvm -hwasan-use-after-scope -g %s -o %t && not %run %t 2>&1 | FileCheck %s // RUN: %clang_hwasan -mllvm -hwasan-use-after-scope -g %s -o %t && not %run %t 2>&1 | FileCheck %s
// Run the same test as above, but using the __hwasan_add_frame_record libcall.
// The output should be the exact same.
// RUN: %clang_hwasan -mllvm -hwasan-use-after-scope -mllvm -hwasan-record-stack-history=libcall -g %s -o %t && not %env_hwasan_opts=symbolize=0 %run %t 2>&1 | FileCheck %s --check-prefix=NOSYM
// REQUIRES: stable-runtime // REQUIRES: stable-runtime
// Stack histories currently are not recorded on x86. // Stack histories currently are not recorded on x86.
// XFAIL: x86_64 // XFAIL: x86_64
void USE(void *x) { // pretend_to_do_something(void *x) void USE(void *x) { // pretend_to_do_something(void *x)
__asm__ __volatile__("" __asm__ __volatile__(""
: :
▲ Show 20 LinesShow All 49 LinesShow Last 20 Lines

llvm/lib/Transforms/Instrumentation/HWAddressSanitizer.cpp

Show First 20 LinesShow All 173 Lines▼ Show 20 Lines ClWithIfunc("hwasan-with-ifunc",
"platforms that support this"), "platforms that support this"),
cl::Hidden, cl::init(false)); cl::Hidden, cl::init(false));
static cl::opt<bool> ClWithTls( static cl::opt<bool> ClWithTls(
"hwasan-with-tls", "hwasan-with-tls",
cl::desc("Access dynamic shadow through an thread-local pointer on " cl::desc("Access dynamic shadow through an thread-local pointer on "
"platforms that support this"), "platforms that support this"),
cl::Hidden, cl::init(true)); cl::Hidden, cl::init(true));
static cl::opt<bool> // Mode for selecting how to insert frame record info into the stack ring
ClRecordStackHistory("hwasan-record-stack-history", // buffer.
cl::desc("Record stack frames with tagged allocations " enum RecordStackHistoryMode {
"in a thread-local ring buffer"), // Do not record frame record info.
cl::Hidden, cl::init(true)); none,
// Insert instructions into the prologue for storing into the stack ring
// buffer directly.
instr,
// Add a call to __hwasan_add_frame_record in the runtime.
libcall,
};
static cl::opt<RecordStackHistoryMode> ClRecordStackHistory(
"hwasan-record-stack-history",
cl::desc("Record stack frames with tagged allocations in a thread-local "
"ring buffer"),
cl::values(clEnumVal(none, "Do not record stack ring history"),
clEnumVal(instr, "Insert instructions into the prologue for "
"storing into the stack ring buffer directly"),
clEnumVal(libcall, "Add a call to __hwasan_add_frame_record for "
"storing into the stack ring buffer")),
cl::Hidden, cl::init(instr));
vitalybukaUnsubmitted
Done
ReplyInline Actions

maybe better to convert hwasan-record-stack-history into enum?
hwasan-record-stack-history-with-calls is meaningless if hwasan-record-stack-history=0

vitalybuka: maybe better to convert hwasan-record-stack-history into enum? hwasan-record-stack-history-with…
leonardchanAuthorUnsubmitted
Done
ReplyInline Actions

Done and updated tests. I couldn't think of a better enum value for the default behavior other than instr :/

leonardchan: Done and updated tests. I couldn't think of a better enum value for the default behavior other…
static cl::opt<bool> static cl::opt<bool>
ClInstrumentMemIntrinsics("hwasan-instrument-mem-intrinsics", ClInstrumentMemIntrinsics("hwasan-instrument-mem-intrinsics",
cl::desc("instrument memory intrinsics"), cl::desc("instrument memory intrinsics"),
cl::Hidden, cl::init(true)); cl::Hidden, cl::init(true));
static cl::opt<bool> static cl::opt<bool>
ClInstrumentLandingPads("hwasan-instrument-landing-pads", ClInstrumentLandingPads("hwasan-instrument-landing-pads",
cl::desc("instrument landing pads"), cl::Hidden, cl::desc("instrument landing pads"), cl::Hidden,
▲ Show 20 LinesShow All 178 Lines▼ Show 20 Linesprivate:
Function *HwasanCtorFunction; Function *HwasanCtorFunction;
FunctionCallee HwasanMemoryAccessCallback[2][kNumberOfAccessSizes]; FunctionCallee HwasanMemoryAccessCallback[2][kNumberOfAccessSizes];
FunctionCallee HwasanMemoryAccessCallbackSized[2]; FunctionCallee HwasanMemoryAccessCallbackSized[2];
FunctionCallee HwasanTagMemoryFunc; FunctionCallee HwasanTagMemoryFunc;
FunctionCallee HwasanGenerateTagFunc; FunctionCallee HwasanGenerateTagFunc;
FunctionCallee HwasanRecordFrameRecordFunc;
Constant *ShadowGlobal; Constant *ShadowGlobal;
Value *ShadowBase = nullptr; Value *ShadowBase = nullptr;
Value *StackBaseTag = nullptr; Value *StackBaseTag = nullptr;
Value *CachedSP = nullptr; Value *CachedSP = nullptr;
GlobalValue *ThreadPtrGlobal = nullptr; GlobalValue *ThreadPtrGlobal = nullptr;
}; };
▲ Show 20 LinesShow All 235 Lines▼ Show 20 Lines for (size_t AccessIsWrite = 0; AccessIsWrite <= 1; AccessIsWrite++) {
} }
} }
HwasanTagMemoryFunc = M.getOrInsertFunction( HwasanTagMemoryFunc = M.getOrInsertFunction(
"__hwasan_tag_memory", IRB.getVoidTy(), Int8PtrTy, Int8Ty, IntptrTy); "__hwasan_tag_memory", IRB.getVoidTy(), Int8PtrTy, Int8Ty, IntptrTy);
HwasanGenerateTagFunc = HwasanGenerateTagFunc =
M.getOrInsertFunction("__hwasan_generate_tag", Int8Ty); M.getOrInsertFunction("__hwasan_generate_tag", Int8Ty);
HwasanRecordFrameRecordFunc = M.getOrInsertFunction(
"__hwasan_record_frame_record", IRB.getVoidTy(), Int64Ty);
ShadowGlobal = M.getOrInsertGlobal("__hwasan_shadow", ShadowGlobal = M.getOrInsertGlobal("__hwasan_shadow",
ArrayType::get(IRB.getInt8Ty(), 0)); ArrayType::get(IRB.getInt8Ty(), 0));
const std::string MemIntrinCallbackPrefix = const std::string MemIntrinCallbackPrefix =
(CompileKernel && !ClKasanMemIntrinCallbackPrefix) (CompileKernel && !ClKasanMemIntrinCallbackPrefix)
? std::string("") ? std::string("")
: ClMemoryAccessCallbackPrefix; : ClMemoryAccessCallbackPrefix;
HWAsanMemmove = M.getOrInsertFunction(MemIntrinCallbackPrefix + "memmove", HWAsanMemmove = M.getOrInsertFunction(MemIntrinCallbackPrefix + "memmove",
▲ Show 20 LinesShow All 487 Lines▼ Show 20 Lines if (!CachedSP) {
CachedSP = IRB.CreatePtrToInt( CachedSP = IRB.CreatePtrToInt(
IRB.CreateCall(GetStackPointerFn, IRB.CreateCall(GetStackPointerFn,
{Constant::getNullValue(IRB.getInt32Ty())}), {Constant::getNullValue(IRB.getInt32Ty())}),
IntptrTy); IntptrTy);
} }
return CachedSP; return CachedSP;
} }
Value *HWAddressSanitizer::getFrameRecordInfo(IRBuilder<> &IRB) { Value *HWAddressSanitizer::getFrameRecordInfo(IRBuilder<> &IRB) {
vitalybukaUnsubmitted
Done
ReplyInline Actions

you can add this function in a separate patch

vitalybuka: you can add this function in a separate patch
leonardchanAuthorUnsubmitted
Done
ReplyInline Actions

Made https://reviews.llvm.org/D129315

leonardchan: Made https://reviews.llvm.org/D129315
// Prepare ring buffer data. // Prepare ring buffer data.
Value *PC = getPC(IRB); Value *PC = getPC(IRB);
Value *SP = getSP(IRB); Value *SP = getSP(IRB);
// Mix SP and PC. // Mix SP and PC.
// Assumptions: // Assumptions:
// PC is 0x0000PPPPPPPPPPPP (48 bits are meaningful, others are zero) // PC is 0x0000PPPPPPPPPPPP (48 bits are meaningful, others are zero)
// SP is 0xsssssssssssSSSS0 (4 lower bits are zero) // SP is 0xsssssssssssSSSS0 (4 lower bits are zero)
// We only really need ~20 lower non-zero bits (SSSS), so we mix like this: // We only really need ~20 lower non-zero bits (SSSS), so we mix like this:
// 0xSSSSPPPPPPPPPPPP // 0xSSSSPPPPPPPPPPPP
SP = IRB.CreateShl(SP, 44); SP = IRB.CreateShl(SP, 44);
return IRB.CreateOr(PC, SP); return IRB.CreateOr(PC, SP);
} }
void HWAddressSanitizer::emitPrologue(IRBuilder<> &IRB, bool WithFrameRecord) { void HWAddressSanitizer::emitPrologue(IRBuilder<> &IRB, bool WithFrameRecord) {
if (!Mapping.InTls) if (!Mapping.InTls)
ShadowBase = getShadowNonTls(IRB); ShadowBase = getShadowNonTls(IRB);
else if (!WithFrameRecord && TargetTriple.isAndroid()) else if (!WithFrameRecord && TargetTriple.isAndroid())
ShadowBase = getDynamicShadowIfunc(IRB); ShadowBase = getDynamicShadowIfunc(IRB);
if (!WithFrameRecord && ShadowBase) if (!WithFrameRecord && ShadowBase)
return; return;
Value *SlotPtr = getHwasanThreadSlotPtr(IRB, IntptrTy); Value *SlotPtr = nullptr;
assert(SlotPtr); Value *ThreadLong = nullptr;
Value *ThreadLongMaybeUntagged = nullptr;
Value *ThreadLong = IRB.CreateLoad(IntptrTy, SlotPtr);
// Extract the address field from ThreadLong. Unnecessary on AArch64 with TBI. auto getThreadLongMaybeUntagged = [&]() {
Value *ThreadLongMaybeUntagged = if (!SlotPtr)
TargetTriple.isAArch64() ? ThreadLong : untagPointer(IRB, ThreadLong); SlotPtr = getHwasanThreadSlotPtr(IRB, IntptrTy);
if (!ThreadLong)
ThreadLong = IRB.CreateLoad(IntptrTy, SlotPtr);
// Extract the address field from ThreadLong. Unnecessary on AArch64 with
// TBI.
return TargetTriple.isAArch64() ? ThreadLong
: untagPointer(IRB, ThreadLong);
};
if (WithFrameRecord) { if (WithFrameRecord) {
switch (ClRecordStackHistory) {
case libcall: {
// Emit a runtime call into hwasan rather than emitting instructions for
// recording stack history.
Value *FrameRecordInfo = getFrameRecordInfo(IRB);
IRB.CreateCall(HwasanRecordFrameRecordFunc, {FrameRecordInfo});
break;
}
case instr: {
ThreadLongMaybeUntagged = getThreadLongMaybeUntagged();
StackBaseTag = IRB.CreateAShr(ThreadLong, 3); StackBaseTag = IRB.CreateAShr(ThreadLong, 3);
// Store data to ring buffer. // Store data to ring buffer.
Value *FrameRecordInfo = getFrameRecordInfo(IRB); Value *FrameRecordInfo = getFrameRecordInfo(IRB);
Value *RecordPtr = Value *RecordPtr = IRB.CreateIntToPtr(ThreadLongMaybeUntagged,
IRB.CreateIntToPtr(ThreadLongMaybeUntagged, IntptrTy->getPointerTo(0)); IntptrTy->getPointerTo(0));
IRB.CreateStore(FrameRecordInfo, RecordPtr); IRB.CreateStore(FrameRecordInfo, RecordPtr);
// Update the ring buffer. Top byte of ThreadLong defines the size of the // Update the ring buffer. Top byte of ThreadLong defines the size of the
// buffer in pages, it must be a power of two, and the start of the buffer // buffer in pages, it must be a power of two, and the start of the buffer
// must be aligned by twice that much. Therefore wrap around of the ring // must be aligned by twice that much. Therefore wrap around of the ring
// buffer is simply Addr &= ~((ThreadLong >> 56) << 12). // buffer is simply Addr &= ~((ThreadLong >> 56) << 12).
// The use of AShr instead of LShr is due to // The use of AShr instead of LShr is due to
// https://bugs.llvm.org/show_bug.cgi?id=39030 // https://bugs.llvm.org/show_bug.cgi?id=39030
// Runtime library makes sure not to use the highest bit. // Runtime library makes sure not to use the highest bit.
Value *WrapMask = IRB.CreateXor( Value *WrapMask = IRB.CreateXor(
IRB.CreateShl(IRB.CreateAShr(ThreadLong, 56), 12, "", true, true), IRB.CreateShl(IRB.CreateAShr(ThreadLong, 56), 12, "", true, true),
ConstantInt::get(IntptrTy, (uint64_t)-1)); ConstantInt::get(IntptrTy, (uint64_t)-1));
Value *ThreadLongNew = IRB.CreateAnd( Value *ThreadLongNew = IRB.CreateAnd(
IRB.CreateAdd(ThreadLong, ConstantInt::get(IntptrTy, 8)), WrapMask); IRB.CreateAdd(ThreadLong, ConstantInt::get(IntptrTy, 8)), WrapMask);
IRB.CreateStore(ThreadLongNew, SlotPtr); IRB.CreateStore(ThreadLongNew, SlotPtr);
break;
}
case none: {
llvm_unreachable(
"A stack history recording mode should've been selected.");
}
mcgrathrUnsubmitted
Done
ReplyInline Actions

It seems better to call the subroutine you just broke out above rather than to have its logic still open-coded here as well.
Conversely, perhaps just move this code up before the conditional and reuse the same FrameRecordInfo local variable in both the libcall and direct-store cases, rather than having a subroutine.

mcgrathr: It seems better to call the subroutine you just broke out above rather than to have its logic…
vitalybukaUnsubmitted
Done
ReplyInline Actions

Also looks like can be inserted twice
Value *ThreadLong = IRB.CreateLoad(IntptrTy, SlotPtr);

vitalybuka: Also looks like can be inserted twice Value *ThreadLong = IRB.CreateLoad(IntptrTy, SlotPtr);
leonardchanAuthorUnsubmitted
Done
ReplyInline Actions

It seems better to call the subroutine you just broke out above rather than to have its logic still open-coded here as well. Conversely, perhaps just move this code up before the conditional and reuse the same FrameRecordInfo local variable in both the libcall and direct-store cases, rather than having a subroutine.

Can do. I initially wanted to leave that out since it would mean this patch changes the IR in the prologue slightly and updating some tests that I could save for another patch. Currently, the order is (1) inttoptr (2) or PC, SP (3) store. But reusing the subroutine or FrameRecordInfo would change the order to (1) or SP, PC (2) inttoptr (3) store, but I think that shouldn't affect lowering from IR much.

Also looks like can be inserted twice
Value *ThreadLong = IRB.CreateLoad(IntptrTy, SlotPtr);

I think the second Value *ThreadLong = IRB.CreateLoad(IntptrTy, SlotPtr); in the conditional below shouldn't happen if ThreadLongMaybeUntagged is set, which will be set in this block where the first CreateLoad would happen since it looks like ThreadLongMaybeUntagged = TargetTriple.isAArch64() ? ThreadLong : untagPointer(IRB, ThreadLong) should never be nullptr, unless I'm perhaps missing something.

leonardchan: > It seems better to call the subroutine you just broke out above rather than to have its logic…
}
vitalybukaUnsubmitted
Done
ReplyInline Actions

switch/case

vitalybuka: switch/case
} }
if (!ShadowBase) { if (!ShadowBase) {
if (!ThreadLongMaybeUntagged)
ThreadLongMaybeUntagged = getThreadLongMaybeUntagged();
vitalybukaUnsubmitted
Done
ReplyInline Actions

When I asked about refactoring, you can do all NFC changes in a separate patch,
maybe you can reorder ThreadLongMaybeUntagged calculations in NFC patch so you don't have to touch it here

vitalybuka: When I asked about refactoring, you can do all NFC changes in a separate patch, maybe you can…
leonardchanAuthorUnsubmitted
Done
ReplyInline Actions

So this part's a bit awkward bc in the above block, the intermediate variables SlotPtr and ThreadLong are used for a bunch of other things like WrapMask and StackBaseTag which aren't needed here. That is, if ThreadLongMaybeUntagged isn't set above, then neither would SlotPtr or ThreadLong. I suppose I could have something like:

Value *getThreadLongMaybeUntagged(Value *&SlotPtr, Value *&ThreadLong) {
    if (!SlotPtr)
        SlotPtr = getHwasanThreadSlotPtr(IRB, IntptrTy);
    if (!ThreadLong)
        ThreadLong = IRB.CreateLoad(IntptrTy, SlotPtr);
    // Extract the address field from ThreadLong. Unnecessary on AArch64 with TBI.
    return TargetTriple.isAArch64() ? ThreadLong : untagPointer(IRB, ThreadLong);
}

  Value *ThreadLongMaybeUntagged = nullptr, *SlotPtr = nullptr, *ThreadLong = nullptr;
  if (WithFrameRecord) {
    if (ClRecordStackHistoryWithCalls) {
        ....
    } else {
        ThreadLongMaybeUntagged = getThreadLongMaybeUntagged(SlotPtr, ThreadLong);
        ....
    }
  }

  if (!ShadowBase) {
    if (!ThreadLongMaybeUntagged) {
      ThreadLongMaybeUntagged = getThreadLongMaybeUntagged(SlotPtr, ThreadLong);
      ...

where I can save intermediate values?

leonardchan: So this part's a bit awkward bc in the above block, the intermediate variables `SlotPtr` and…
vitalybukaUnsubmitted
Done
ReplyInline Actions

function local lambda works for me

auto getThreadLongMaybeUntagged = [&]() {
    if (!SlotPtr)
        SlotPtr = getHwasanThreadSlotPtr(IRB, IntptrTy);
    if (!ThreadLong)
        ThreadLong = IRB.CreateLoad(IntptrTy, SlotPtr);
    // Extract the address field from ThreadLong. Unnecessary on AArch64 with TBI.
    return TargetTriple.isAArch64() ? ThreadLong : untagPointer(IRB, ThreadLong);
}
vitalybuka: function local lambda works for me ``` auto getThreadLongMaybeUntagged = [&]() { if (!
// Get shadow base address by aligning RecordPtr up. // Get shadow base address by aligning RecordPtr up.
// Note: this is not correct if the pointer is already aligned. // Note: this is not correct if the pointer is already aligned.
// Runtime library will make sure this never happens. // Runtime library will make sure this never happens.
ShadowBase = IRB.CreateAdd( ShadowBase = IRB.CreateAdd(
IRB.CreateOr( IRB.CreateOr(
ThreadLongMaybeUntagged, ThreadLongMaybeUntagged,
ConstantInt::get(IntptrTy, (1ULL << kShadowBaseAlignment) - 1)), ConstantInt::get(IntptrTy, (1ULL << kShadowBaseAlignment) - 1)),
ConstantInt::get(IntptrTy, 1), "hwasan.shadow"); ConstantInt::get(IntptrTy, 1), "hwasan.shadow");
▲ Show 20 LinesShow All 207 Lines▼ Show 20 Lines if (SInfo.AllocasToInstrument.empty() && OperandsToInstrument.empty() &&
IntrinToInstrument.empty()) IntrinToInstrument.empty())
return Changed; return Changed;
assert(!ShadowBase); assert(!ShadowBase);
Instruction *InsertPt = &*F.getEntryBlock().begin(); Instruction *InsertPt = &*F.getEntryBlock().begin();
IRBuilder<> EntryIRB(InsertPt); IRBuilder<> EntryIRB(InsertPt);
emitPrologue(EntryIRB, emitPrologue(EntryIRB,
/*WithFrameRecord*/ ClRecordStackHistory && /*WithFrameRecord*/ ClRecordStackHistory != none &&
Mapping.WithFrameRecord && Mapping.WithFrameRecord &&
!SInfo.AllocasToInstrument.empty()); !SInfo.AllocasToInstrument.empty());
if (!SInfo.AllocasToInstrument.empty()) { if (!SInfo.AllocasToInstrument.empty()) {
const DominatorTree &DT = FAM.getResult<DominatorTreeAnalysis>(F); const DominatorTree &DT = FAM.getResult<DominatorTreeAnalysis>(F);
const PostDominatorTree &PDT = FAM.getResult<PostDominatorTreeAnalysis>(F); const PostDominatorTree &PDT = FAM.getResult<PostDominatorTreeAnalysis>(F);
const LoopInfo &LI = FAM.getResult<LoopAnalysis>(F); const LoopInfo &LI = FAM.getResult<LoopAnalysis>(F);
Value *StackTag = Value *StackTag =
▲ Show 20 LinesShow All 247 LinesShow Last 20 Lines

llvm/test/Instrumentation/HWAddressSanitizer/prologue.ll

; Test -hwasan-with-ifunc flag. ; Test -hwasan-with-ifunc flag.
; ;
; RUN: opt -passes=hwasan -S < %s | \ ; RUN: opt -passes=hwasan -S < %s | \
; RUN: FileCheck %s --check-prefixes=CHECK,CHECK-NOGLOBAL,CHECK-TLS-SLOT,CHECK-HISTORY,CHECK-HISTORY-TLS-SLOT ; RUN: FileCheck %s --check-prefixes=CHECK,CHECK-NOGLOBAL,CHECK-TLS-SLOT,CHECK-HISTORY,CHECK-HISTORY-TLS-SLOT,CHECK-HISTORY-TLS
; RUN: opt -passes=hwasan -S -hwasan-with-ifunc=0 -hwasan-with-tls=1 -hwasan-record-stack-history=1 < %s | \ ; RUN: opt -passes=hwasan -S -hwasan-with-ifunc=0 -hwasan-with-tls=1 -hwasan-record-stack-history=instr < %s | \
; RUN: FileCheck %s --check-prefixes=CHECK,CHECK-NOGLOBAL,CHECK-TLS-SLOT,CHECK-HISTORY,CHECK-HISTORY-TLS-SLOT ; RUN: FileCheck %s --check-prefixes=CHECK,CHECK-NOGLOBAL,CHECK-TLS-SLOT,CHECK-HISTORY,CHECK-HISTORY-TLS-SLOT,CHECK-HISTORY-TLS
; RUN: opt -passes=hwasan -S -hwasan-with-ifunc=0 -hwasan-with-tls=1 -hwasan-record-stack-history=0 < %s | \ ; RUN: opt -passes=hwasan -S -hwasan-with-ifunc=0 -hwasan-with-tls=1 -hwasan-record-stack-history=none < %s | \
; RUN: FileCheck %s --check-prefixes=CHECK,CHECK-NOGLOBAL,CHECK-IFUNC,CHECK-NOHISTORY ; RUN: FileCheck %s --check-prefixes=CHECK,CHECK-NOGLOBAL,CHECK-IFUNC,CHECK-NOHISTORY
; RUN: opt -passes=hwasan -S -hwasan-with-ifunc=0 -hwasan-with-tls=0 < %s | \ ; RUN: opt -passes=hwasan -S -hwasan-with-ifunc=0 -hwasan-with-tls=0 < %s | \
; RUN: FileCheck %s --check-prefixes=CHECK,CHECK-GLOBAL,CHECK-NOHISTORY ; RUN: FileCheck %s --check-prefixes=CHECK,CHECK-GLOBAL,CHECK-NOHISTORY
; RUN: opt -passes=hwasan -S -hwasan-with-ifunc=1 -hwasan-with-tls=0 < %s | \ ; RUN: opt -passes=hwasan -S -hwasan-with-ifunc=1 -hwasan-with-tls=0 < %s | \
; RUN: FileCheck %s --check-prefixes=CHECK,CHECK-IFUNC,CHECK-NOHISTORY ; RUN: FileCheck %s --check-prefixes=CHECK,CHECK-IFUNC,CHECK-NOHISTORY
; RUN: opt -passes=hwasan -S -mtriple=aarch64-fuchsia < %s | \ ; RUN: opt -passes=hwasan -S -mtriple=aarch64-fuchsia < %s | \
; RUN: FileCheck %s --check-prefixes=CHECK,CHECK-ZERO-OFFSET,CHECK-SHORT-GRANULES,CHECK-HISTORY,CHECK-HWASAN-TLS,CHECK-HISTORY-HWASAN-TLS ; RUN: FileCheck %s --check-prefixes=CHECK,CHECK-ZERO-OFFSET,CHECK-SHORT-GRANULES,CHECK-HISTORY,CHECK-HWASAN-TLS,CHECK-HISTORY-HWASAN-TLS,CHECK-HISTORY-TLS
; RUN: opt -passes=hwasan -S -mtriple=aarch64-fuchsia -hwasan-record-stack-history=libcall < %s | \
; RUN: FileCheck %s --check-prefixes=CHECK,CHECK-HISTORY,CHECK-HISTORY-LIBCALL
target datalayout = "e-m:e-i8:8:32-i16:16:32-i64:64-i128:128-n32:64-S128" target datalayout = "e-m:e-i8:8:32-i16:16:32-i64:64-i128:128-n32:64-S128"
target triple = "aarch64--linux-android22" target triple = "aarch64--linux-android22"
; CHECK-IFUNC: @__hwasan_shadow = external global [0 x i8] ; CHECK-IFUNC: @__hwasan_shadow = external global [0 x i8]
; CHECK-NOIFUNC: @__hwasan_shadow_memory_dynamic_address = external global i64 ; CHECK-NOIFUNC: @__hwasan_shadow_memory_dynamic_address = external global i64
define i32 @test_load(i32* %a) sanitize_hwaddress { define i32 @test_load(i32* %a) sanitize_hwaddress {
Show All 38 Lines
; CHECK-TLS-SLOT: %[[C:[^ ]*]] = bitcast i8* %[[B]] to i64* ; CHECK-TLS-SLOT: %[[C:[^ ]*]] = bitcast i8* %[[B]] to i64*
; CHECK-TLS-SLOT: %[[D:[^ ]*]] = load i64, i64* %[[C]] ; CHECK-TLS-SLOT: %[[D:[^ ]*]] = load i64, i64* %[[C]]
; CHECK-TLS-SLOT: %[[E:[^ ]*]] = ashr i64 %[[D]], 3 ; CHECK-TLS-SLOT: %[[E:[^ ]*]] = ashr i64 %[[D]], 3
; CHECK-HWASAN-TLS: %[[D:[^ ]*]] = load i64, i64* @__hwasan_tls, align 8 ; CHECK-HWASAN-TLS: %[[D:[^ ]*]] = load i64, i64* @__hwasan_tls, align 8
; CHECK-HWASAN-TLS: %[[E:[^ ]*]] = ashr i64 %[[D]], 3 ; CHECK-HWASAN-TLS: %[[E:[^ ]*]] = ashr i64 %[[D]], 3
; CHECK-NOHISTORY-NOT: store i64 ; CHECK-NOHISTORY-NOT: store i64
; CHECK-HISTORY: call i64 @llvm.read_register.i64(metadata [[MD:![0-9]*]]) ; When watching stack history, all code paths attempt to get PC and SP and mix them together.
; CHECK-HISTORY: %[[PTR:[^ ]*]] = inttoptr i64 %[[D]] to i64* ; CHECK-HISTORY: %[[PC:[^ ]*]] = call i64 @llvm.read_register.i64(metadata [[MD:![0-9]*]])
; CHECK-HISTORY: store i64 %{{.*}}, i64* %[[PTR]] ; CHECK-HISTORY: %[[SP0:[^ ]*]] = call i8* @llvm.frameaddress.p0i8(i32 0)
; CHECK-HISTORY: %[[D1:[^ ]*]] = ashr i64 %[[D]], 56 ; CHECK-HISTORY: %[[SP1:[^ ]*]] = ptrtoint i8* %[[SP0]] to i64
; CHECK-HISTORY: %[[D2:[^ ]*]] = shl nuw nsw i64 %[[D1]], 12 ; CHECK-HISTORY: %[[SP2:[^ ]*]] = shl i64 %[[SP1]], 44
; CHECK-HISTORY: %[[D3:[^ ]*]] = xor i64 %[[D2]], -1
; CHECK-HISTORY: %[[D4:[^ ]*]] = add i64 %[[D]], 8 ; CHECK-HISTORY: %[[MIX:[^ ]*]] = or i64 %[[PC]], %[[SP2]]
; CHECK-HISTORY: %[[D5:[^ ]*]] = and i64 %[[D4]], %[[D3]] ; CHECK-HISTORY-TLS: %[[PTR:[^ ]*]] = inttoptr i64 %[[D]] to i64*
; CHECK-HISTORY-TLS: store i64 %[[MIX]], i64* %[[PTR]]
; CHECK-HISTORY-TLS: %[[D1:[^ ]*]] = ashr i64 %[[D]], 56
; CHECK-HISTORY-TLS: %[[D2:[^ ]*]] = shl nuw nsw i64 %[[D1]], 12
; CHECK-HISTORY-TLS: %[[D3:[^ ]*]] = xor i64 %[[D2]], -1
; CHECK-HISTORY-TLS: %[[D4:[^ ]*]] = add i64 %[[D]], 8
; CHECK-HISTORY-TLS: %[[D5:[^ ]*]] = and i64 %[[D4]], %[[D3]]
; CHECK-HISTORY-TLS-SLOT: store i64 %[[D5]], i64* %[[C]] ; CHECK-HISTORY-TLS-SLOT: store i64 %[[D5]], i64* %[[C]]
; CHECK-HISTORY-HWASAN-TLS: store i64 %[[D5]], i64* @__hwasan_tls ; CHECK-HISTORY-HWASAN-TLS: store i64 %[[D5]], i64* @__hwasan_tls
; CHECK-HISTORY-LIBCALL: call void @__hwasan_record_frame_record(i64 %[[MIX]])
; CHECK-TLS: %[[F:[^ ]*]] = or i64 %[[D]], 4294967295 ; CHECK-TLS: %[[F:[^ ]*]] = or i64 %[[D]], 4294967295
; CHECK-TLS: = add i64 %[[F]], 1 ; CHECK-TLS: = add i64 %[[F]], 1
; CHECK-HISTORY-LIBCALL: %[[E:hwasan.stack.base.tag]] = xor
; CHECK-HISTORY: = xor i64 %[[E]], 0 ; CHECK-HISTORY: = xor i64 %[[E]], 0
; CHECK-NOHISTORY-NOT: store i64 ; CHECK-NOHISTORY-NOT: store i64
entry: entry:
%x = alloca i32, align 4 %x = alloca i32, align 4
call void @use(i32* %x) call void @use(i32* %x)
ret void ret void
} }
; CHECK-HISTORY: [[MD]] = !{!"pc"} ; CHECK-HISTORY: [[MD]] = !{!"pc"}