diff --git a/compiler-rt/lib/asan/asan_interface.inc b/compiler-rt/lib/asan/asan_interface.inc --- a/compiler-rt/lib/asan/asan_interface.inc +++ b/compiler-rt/lib/asan/asan_interface.inc @@ -108,6 +108,13 @@ INTERFACE_FUNCTION(__asan_set_death_callback) INTERFACE_FUNCTION(__asan_set_error_report_callback) INTERFACE_FUNCTION(__asan_set_shadow_00) +INTERFACE_FUNCTION(__asan_set_shadow_01) +INTERFACE_FUNCTION(__asan_set_shadow_02) +INTERFACE_FUNCTION(__asan_set_shadow_03) +INTERFACE_FUNCTION(__asan_set_shadow_04) +INTERFACE_FUNCTION(__asan_set_shadow_05) +INTERFACE_FUNCTION(__asan_set_shadow_06) +INTERFACE_FUNCTION(__asan_set_shadow_07) INTERFACE_FUNCTION(__asan_set_shadow_f1) INTERFACE_FUNCTION(__asan_set_shadow_f2) INTERFACE_FUNCTION(__asan_set_shadow_f3) diff --git a/compiler-rt/lib/asan/asan_interface_internal.h b/compiler-rt/lib/asan/asan_interface_internal.h --- a/compiler-rt/lib/asan/asan_interface_internal.h +++ b/compiler-rt/lib/asan/asan_interface_internal.h @@ -90,6 +90,20 @@ SANITIZER_INTERFACE_ATTRIBUTE void __asan_set_shadow_00(uptr addr, uptr size); SANITIZER_INTERFACE_ATTRIBUTE + void __asan_set_shadow_01(uptr addr, uptr size); + SANITIZER_INTERFACE_ATTRIBUTE + void __asan_set_shadow_02(uptr addr, uptr size); + SANITIZER_INTERFACE_ATTRIBUTE + void __asan_set_shadow_03(uptr addr, uptr size); + SANITIZER_INTERFACE_ATTRIBUTE + void __asan_set_shadow_04(uptr addr, uptr size); + SANITIZER_INTERFACE_ATTRIBUTE + void __asan_set_shadow_05(uptr addr, uptr size); + SANITIZER_INTERFACE_ATTRIBUTE + void __asan_set_shadow_06(uptr addr, uptr size); + SANITIZER_INTERFACE_ATTRIBUTE + void __asan_set_shadow_07(uptr addr, uptr size); + SANITIZER_INTERFACE_ATTRIBUTE void __asan_set_shadow_f1(uptr addr, uptr size); SANITIZER_INTERFACE_ATTRIBUTE void __asan_set_shadow_f2(uptr addr, uptr size); diff --git a/compiler-rt/lib/asan/asan_poisoning.cpp b/compiler-rt/lib/asan/asan_poisoning.cpp --- a/compiler-rt/lib/asan/asan_poisoning.cpp +++ b/compiler-rt/lib/asan/asan_poisoning.cpp @@ -13,6 +13,8 @@ #include "asan_poisoning.h" +#include + #include "asan_report.h" #include "asan_stack.h" #include "sanitizer_common/sanitizer_atomic.h" @@ -312,6 +314,41 @@ REAL(memset)((void *)addr, 0, size); } +void __asan_set_shadow_01(uptr addr, uptr size) { + assert(size == 1); + REAL(memset)((void *)addr, 0x01, size); +} + +void __asan_set_shadow_02(uptr addr, uptr size) { + assert(size == 1); + REAL(memset)((void *)addr, 0x02, size); +} + +void __asan_set_shadow_03(uptr addr, uptr size) { + assert(size == 1); + REAL(memset)((void *)addr, 0x03, size); +} + +void __asan_set_shadow_04(uptr addr, uptr size) { + assert(size == 1); + REAL(memset)((void *)addr, 0x04, size); +} + +void __asan_set_shadow_05(uptr addr, uptr size) { + assert(size == 1); + REAL(memset)((void *)addr, 0x05, size); +} + +void __asan_set_shadow_06(uptr addr, uptr size) { + assert(size == 1); + REAL(memset)((void *)addr, 0x06, size); +} + +void __asan_set_shadow_07(uptr addr, uptr size) { + assert(size == 1); + REAL(memset)((void *)addr, 0x07, size); +} + void __asan_set_shadow_f1(uptr addr, uptr size) { REAL(memset)((void *)addr, 0xf1, size); } diff --git a/compiler-rt/lib/asan/asan_rtl.cpp b/compiler-rt/lib/asan/asan_rtl.cpp --- a/compiler-rt/lib/asan/asan_rtl.cpp +++ b/compiler-rt/lib/asan/asan_rtl.cpp @@ -288,11 +288,18 @@ case 38: __asan_region_is_poisoned(0, 0); break; case 39: __asan_describe_address(0); break; case 40: __asan_set_shadow_00(0, 0); break; - case 41: __asan_set_shadow_f1(0, 0); break; - case 42: __asan_set_shadow_f2(0, 0); break; - case 43: __asan_set_shadow_f3(0, 0); break; - case 44: __asan_set_shadow_f5(0, 0); break; - case 45: __asan_set_shadow_f8(0, 0); break; + case 41: __asan_set_shadow_01(0, 0); break; + case 42: __asan_set_shadow_02(0, 0); break; + case 43: __asan_set_shadow_03(0, 0); break; + case 44: __asan_set_shadow_04(0, 0); break; + case 45: __asan_set_shadow_05(0, 0); break; + case 46: __asan_set_shadow_06(0, 0); break; + case 47: __asan_set_shadow_07(0, 0); break; + case 48: __asan_set_shadow_f1(0, 0); break; + case 49: __asan_set_shadow_f2(0, 0); break; + case 50: __asan_set_shadow_f3(0, 0); break; + case 51: __asan_set_shadow_f5(0, 0); break; + case 52: __asan_set_shadow_f8(0, 0); break; } // clang-format on } diff --git a/compiler-rt/lib/asan/tests/asan_internal_interface_test.cpp b/compiler-rt/lib/asan/tests/asan_internal_interface_test.cpp --- a/compiler-rt/lib/asan/tests/asan_internal_interface_test.cpp +++ b/compiler-rt/lib/asan/tests/asan_internal_interface_test.cpp @@ -19,6 +19,27 @@ __asan_set_shadow_00((uptr)buffer.data(), buffer.size()); EXPECT_EQ(std::vector(buffer.size(), 0x00), buffer); + __asan_set_shadow_01((uptr)buffer.data(), buffer.size()); + EXPECT_EQ(std::vector(buffer.size(), 0x01), buffer); + + __asan_set_shadow_02((uptr)buffer.data(), buffer.size()); + EXPECT_EQ(std::vector(buffer.size(), 0x02), buffer); + + __asan_set_shadow_03((uptr)buffer.data(), buffer.size()); + EXPECT_EQ(std::vector(buffer.size(), 0x03), buffer); + + __asan_set_shadow_04((uptr)buffer.data(), buffer.size()); + EXPECT_EQ(std::vector(buffer.size(), 0x04), buffer); + + __asan_set_shadow_05((uptr)buffer.data(), buffer.size()); + EXPECT_EQ(std::vector(buffer.size(), 0x05), buffer); + + __asan_set_shadow_06((uptr)buffer.data(), buffer.size()); + EXPECT_EQ(std::vector(buffer.size(), 0x06), buffer); + + __asan_set_shadow_07((uptr)buffer.data(), buffer.size()); + EXPECT_EQ(std::vector(buffer.size(), 0x07), buffer); + __asan_set_shadow_f1((uptr)buffer.data(), buffer.size()); EXPECT_EQ(std::vector(buffer.size(), 0xf1), buffer); diff --git a/compiler-rt/test/asan/TestCases/set_shadow_test.c b/compiler-rt/test/asan/TestCases/set_shadow_test.c --- a/compiler-rt/test/asan/TestCases/set_shadow_test.c +++ b/compiler-rt/test/asan/TestCases/set_shadow_test.c @@ -13,6 +13,13 @@ #include void __asan_set_shadow_00(size_t addr, size_t size); +void __asan_set_shadow_01(size_t addr, size_t size); +void __asan_set_shadow_02(size_t addr, size_t size); +void __asan_set_shadow_03(size_t addr, size_t size); +void __asan_set_shadow_04(size_t addr, size_t size); +void __asan_set_shadow_05(size_t addr, size_t size); +void __asan_set_shadow_06(size_t addr, size_t size); +void __asan_set_shadow_07(size_t addr, size_t size); void __asan_set_shadow_f1(size_t addr, size_t size); void __asan_set_shadow_f2(size_t addr, size_t size); void __asan_set_shadow_f3(size_t addr, size_t size); @@ -32,6 +39,34 @@ // X00: PASS case 0x00: return __asan_set_shadow_00(addr, 1); + // X01: AddressSanitizer: stack-buffer-overflow + // X01: [01] + case 0x01: + return __asan_set_shadow_01(addr, 1); + // X02: AddressSanitizer: stack-buffer-overflow + // X02: [02] + case 0x02: + return __asan_set_shadow_02(addr, 1); + // X03: AddressSanitizer: stack-buffer-overflow + // X03: [03] + case 0x03: + return __asan_set_shadow_03(addr, 1); + // X04: AddressSanitizer: stack-buffer-overflow + // X04: [04] + case 0x04: + return __asan_set_shadow_04(addr, 1); + // X05: AddressSanitizer: stack-buffer-overflow + // X05: [05] + case 0x05: + return __asan_set_shadow_05(addr, 1); + // X06: AddressSanitizer: stack-buffer-overflow + // X06: [06] + case 0x06: + return __asan_set_shadow_06(addr, 1); + // X07: AddressSanitizer: stack-buffer-overflow + // X07: [07] + case 0x07: + return __asan_set_shadow_07(addr, 1); // XF1: AddressSanitizer: stack-buffer-underflow // XF1: [f1] case 0xf1: diff --git a/llvm/lib/Transforms/Instrumentation/AddressSanitizer.cpp b/llvm/lib/Transforms/Instrumentation/AddressSanitizer.cpp --- a/llvm/lib/Transforms/Instrumentation/AddressSanitizer.cpp +++ b/llvm/lib/Transforms/Instrumentation/AddressSanitizer.cpp @@ -2809,7 +2809,8 @@ kAsanUnpoisonStackMemoryName, IRB.getVoidTy(), IntptrTy, IntptrTy); } - for (size_t Val : {0x00, 0xf1, 0xf2, 0xf3, 0xf5, 0xf8}) { + for (size_t Val : {0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0xf1, 0xf2, + 0xf3, 0xf5, 0xf8}) { std::ostringstream Name; Name << kAsanSetShadowPrefix; Name << std::setw(2) << std::setfill('0') << std::hex << Val; diff --git a/llvm/test/Instrumentation/AddressSanitizer/calls-only.ll b/llvm/test/Instrumentation/AddressSanitizer/calls-only.ll new file mode 100644 --- /dev/null +++ b/llvm/test/Instrumentation/AddressSanitizer/calls-only.ll @@ -0,0 +1,55 @@ +; RUN: opt < %s -passes=asan -asan-max-inline-poisoning-size=0 -asan-stack-dynamic-alloca=0 -S | FileCheck --check-prefix=OUTLINE %s +; RUN: opt < %s -passes=asan -asan-max-inline-poisoning-size=999 -asan-stack-dynamic-alloca=0 -S | FileCheck --check-prefix=INLINE %s + +target datalayout = "e-m:o-i64:64-i128:128-n32:64-S128" +target triple = "arm64-apple-macosx13.0.0" + +; Function Attrs: noinline nounwind optnone sanitize_address ssp uwtable(sync) +define void @foo() #0 { +entry: + %array01 = alloca [1 x i8], align 1 + %array02 = alloca [2 x i8], align 1 + %array03 = alloca [3 x i8], align 1 + %array04 = alloca [4 x i8], align 1 + %array05 = alloca [5 x i8], align 1 + %array06 = alloca [6 x i8], align 1 + %array07 = alloca [7 x i8], align 1 +; OUTLINE: call void @__asan_set_shadow_f1(i64 %33, i64 4) +; OUTLINE: call void @__asan_set_shadow_01(i64 %34, i64 1) +; OUTLINE: call void @__asan_set_shadow_f2(i64 %35, i64 1) +; OUTLINE: call void @__asan_set_shadow_02(i64 %36, i64 1) +; OUTLINE: call void @__asan_set_shadow_f2(i64 %37, i64 1) +; OUTLINE: call void @__asan_set_shadow_03(i64 %38, i64 1) +; OUTLINE: call void @__asan_set_shadow_f2(i64 %39, i64 1) +; OUTLINE: call void @__asan_set_shadow_04(i64 %40, i64 1) +; OUTLINE: call void @__asan_set_shadow_f2(i64 %41, i64 1) +; OUTLINE: call void @__asan_set_shadow_05(i64 %42, i64 1) +; OUTLINE: call void @__asan_set_shadow_f2(i64 %43, i64 3) +; OUTLINE: call void @__asan_set_shadow_06(i64 %44, i64 1) +; OUTLINE: call void @__asan_set_shadow_f2(i64 %45, i64 3) +; OUTLINE: call void @__asan_set_shadow_07(i64 %46, i64 1) +; OUTLINE: call void @__asan_set_shadow_f3(i64 %47, i64 3) +; OUTLINE: call void @__asan_set_shadow_f5(i64 %134, i64 32) +; OUTLINE: call void @__asan_set_shadow_00(i64 %140, i64 24) +; INLINE: store i64 -1007977276409515535, ptr %34, align 1 +; INLINE: store i64 -940423264817843709, ptr %36, align 1 +; INLINE: store i64 -868083087686045178, ptr %38, align 1 + %arrayidx = getelementptr inbounds [1 x i8], ptr %array01, i64 0, i64 1 + store i8 1, ptr %arrayidx, align 1 + %arrayidx1 = getelementptr inbounds [2 x i8], ptr %array02, i64 0, i64 2 + store i8 2, ptr %arrayidx1, align 1 + %arrayidx2 = getelementptr inbounds [3 x i8], ptr %array03, i64 0, i64 3 + store i8 3, ptr %arrayidx2, align 1 + %arrayidx3 = getelementptr inbounds [4 x i8], ptr %array04, i64 0, i64 4 + store i8 4, ptr %arrayidx3, align 1 + %arrayidx4 = getelementptr inbounds [5 x i8], ptr %array05, i64 0, i64 5 + store i8 5, ptr %arrayidx4, align 1 + %arrayidx5 = getelementptr inbounds [6 x i8], ptr %array06, i64 0, i64 6 + store i8 6, ptr %arrayidx5, align 1 + %arrayidx6 = getelementptr inbounds [7 x i8], ptr %array07, i64 0, i64 7 + store i8 7, ptr %arrayidx6, align 1 +; CHECK-NOT: store i64 -723401728380766731, ptr %126, align 1 + ret void +} +attributes #0 = { noinline nounwind optnone sanitize_address ssp uwtable(sync) "frame-pointer"="non-leaf" "min-legal-vector-width"="0" "no-trapping-math"="true" "stack-protector-buffer-size"="8" "target-cpu"="apple-m1" "target-features"="+aes,+crc,+crypto,+dotprod,+fp-armv8,+fp16fml,+fullfp16,+lse,+neon,+ras,+rcpc,+rdm,+sha2,+sha3,+sm4,+v8.1a,+v8.2a,+v8.3a,+v8.4a,+v8.5a,+v8a,+zcm,+zcz" } +