Index: compiler-rt/trunk/lib/asan/asan_flags.inc =================================================================== --- compiler-rt/trunk/lib/asan/asan_flags.inc +++ compiler-rt/trunk/lib/asan/asan_flags.inc @@ -135,3 +135,5 @@ ASAN_FLAG(bool, halt_on_error, true, "Crash the program after printing the first error report " "(WARNING: USE AT YOUR OWN RISK!)") +ASAN_FLAG(bool, use_odr_indicator, false, + "Use special ODR indicator symbol for ODR violation detection") Index: compiler-rt/trunk/lib/asan/asan_globals.cc =================================================================== --- compiler-rt/trunk/lib/asan/asan_globals.cc +++ compiler-rt/trunk/lib/asan/asan_globals.cc @@ -135,6 +135,70 @@ return false; } +enum GlobalSymbolState { + UNREGISTERED = 0, + REGISTERED = 1 +}; + +// Check ODR violation for given global G via special ODR indicator. We use +// this method in case compiler instruments global variables through their +// local aliases. +static void CheckODRViolationViaIndicator(const Global *g) { + u8 *odr_indicator = reinterpret_cast(g->odr_indicator); + if (*odr_indicator == UNREGISTERED) { + *odr_indicator = REGISTERED; + return; + } + // If *odr_indicator is DEFINED, some module have already registered + // externally visible symbol with the same name. This is an ODR violation. + for (ListOfGlobals *l = list_of_all_globals; l; l = l->next) { + if (g->odr_indicator == l->g->odr_indicator && + (flags()->detect_odr_violation >= 2 || g->size != l->g->size) && + !IsODRViolationSuppressed(g->name)) + ReportODRViolation(g, FindRegistrationSite(g), + l->g, FindRegistrationSite(l->g)); + } +} + +// Check ODR violation for given global G by checking if it's already poisoned. +// We use this method in case compiler doesn't use private aliases for global +// variables. +static void CheckODRViolationViaPoisoning(const Global *g) { + if (__asan_region_is_poisoned(g->beg, g->size_with_redzone)) { + // This check may not be enough: if the first global is much larger + // the entire redzone of the second global may be within the first global. + for (ListOfGlobals *l = list_of_all_globals; l; l = l->next) { + if (g->beg == l->g->beg && + (flags()->detect_odr_violation >= 2 || g->size != l->g->size) && + !IsODRViolationSuppressed(g->name)) + ReportODRViolation(g, FindRegistrationSite(g), + l->g, FindRegistrationSite(l->g)); + } + } +} + +// Clang provides two different ways for global variables protection: +// it can poison the global itself or it's private alias. In former +// case we may poison same symbol multiple times, that can help us to +// cheaply detect ODR violation: if we try to poison an already poisoned +// global, we have ODR violation error. +// In latter case, we poison each symbol exactly once, so we use special +// indicator symbol to perform similar check. +// In either case, compiler provides a special odr_indicator field to Global +// structure, that can contain two kinds of values: +// 1) Non-zero value. In this case, odr_indicator is an address of +// corresponding indicator variable for given global. +// 2) Zero. This means that we don't use private aliases for global variables +// and can freely check ODR violation with the first method. +// +// This routine chooses between two different methods of ODR violation +// detection. +static inline bool UseODRIndicator(const Global *g) { + // Use ODR indicator method iff use_odr_indicator flag is set and + // indicator symbol address is not 0. + return flags()->use_odr_indicator && g->odr_indicator > 0; +} + // Register a global variable. // This function may be called more than once for every global // so we store the globals in a map. @@ -158,17 +222,10 @@ if (flags()->detect_odr_violation) { // Try detecting ODR (One Definition Rule) violation, i.e. the situation // where two globals with the same name are defined in different modules. - if (__asan_region_is_poisoned(g->beg, g->size_with_redzone)) { - // This check may not be enough: if the first global is much larger - // the entire redzone of the second global may be within the first global. - for (ListOfGlobals *l = list_of_all_globals; l; l = l->next) { - if (g->beg == l->g->beg && - (flags()->detect_odr_violation >= 2 || g->size != l->g->size) && - !IsODRViolationSuppressed(g->name)) - ReportODRViolation(g, FindRegistrationSite(g), - l->g, FindRegistrationSite(l->g)); - } - } + if (UseODRIndicator(g)) + CheckODRViolationViaIndicator(g); + else + CheckODRViolationViaPoisoning(g); } if (CanPoisonMemory()) PoisonRedZones(*g); @@ -199,6 +256,12 @@ // We unpoison the shadow memory for the global but we do not remove it from // the list because that would require O(n^2) time with the current list // implementation. It might not be worth doing anyway. + + // Release ODR indicator. + if (UseODRIndicator(g)) { + u8 *odr_indicator = reinterpret_cast(g->odr_indicator); + *odr_indicator = UNREGISTERED; + } } void StopInitOrderChecking() { Index: compiler-rt/trunk/lib/asan/asan_init_version.h =================================================================== --- compiler-rt/trunk/lib/asan/asan_init_version.h +++ compiler-rt/trunk/lib/asan/asan_init_version.h @@ -28,7 +28,8 @@ // v4=>v5: changed the semantics and format of __asan_stack_malloc_ and // __asan_stack_free_ functions. // v5=>v6: changed the name of the version check symbol - #define __asan_version_mismatch_check __asan_version_mismatch_check_v6 + // v6=>v7: added 'odr_indicator' to __asan_global. + #define __asan_version_mismatch_check __asan_version_mismatch_check_v7 } #endif // ASAN_INIT_VERSION_H Index: compiler-rt/trunk/lib/asan/asan_interface_internal.h =================================================================== --- compiler-rt/trunk/lib/asan/asan_interface_internal.h +++ compiler-rt/trunk/lib/asan/asan_interface_internal.h @@ -54,6 +54,7 @@ uptr has_dynamic_init; // Non-zero if the global has dynamic initializer. __asan_global_source_location *location; // Source location of a global, // or NULL if it is unknown. + uptr odr_indicator; // The address of the ODR indicator symbol. }; // These two functions should be called by the instrumented code. Index: compiler-rt/trunk/test/asan/TestCases/Linux/local_alias.cc =================================================================== --- compiler-rt/trunk/test/asan/TestCases/Linux/local_alias.cc +++ compiler-rt/trunk/test/asan/TestCases/Linux/local_alias.cc @@ -0,0 +1,36 @@ +// Test that mixing instrumented and non-instrumented code doesn't lead to crash. +// Build two modules (one is instrumented, another is not) that have globals +// with same names. Check, that ASan doesn't crash with CHECK failure or +// false positive global-buffer-overflow due to sanitized library poisons +// globals from non-sanitized one. +// +// RUN: %clangxx_asan -DBUILD_INSTRUMENTED_DSO=1 -fPIC -shared -mllvm -asan-use-private-alias %s -o %t-INSTRUMENTED-SO.so +// RUN: %clangxx -DBUILD_UNINSTRUMENTED_DSO=1 -fPIC -shared %s -o %t-UNINSTRUMENTED-SO.so +// RUN: %clangxx %s -c -mllvm -asan-use-private-alias -o %t.o +// RUN: %clangxx_asan %t.o %t-UNINSTRUMENTED-SO.so %t-INSTRUMENTED-SO.so -o %t-EXE +// RUN: %env_asan_opts=use_odr_indicator=true %run %t-EXE + +#if defined (BUILD_INSTRUMENTED_DSO) +long h = 15; +long f = 4; +long foo(long *p) { + return *p; +} +#elif defined (BUILD_UNINSTRUMENTED_DSO) +long foo(long *); +long h = 12; +long i = 13; +long f = 5; + +int bar() { + if (foo(&f) != 5 || foo(&h) != 12 || foo(&i) != 13) + return 1; + return 0; +} +#else +extern int bar(); + +int main() { + return bar(); +} +#endif Index: compiler-rt/trunk/test/asan/TestCases/Linux/odr-violation.cc =================================================================== --- compiler-rt/trunk/test/asan/TestCases/Linux/odr-violation.cc +++ compiler-rt/trunk/test/asan/TestCases/Linux/odr-violation.cc @@ -22,6 +22,13 @@ // RUN: echo "odr_violation:foo::G" > %t.supp // RUN: %env_asan_opts=fast_unwind_on_malloc=0:detect_odr_violation=2:suppressions=%t.supp %run %t-ODR-EXE 2>&1 | FileCheck %s --check-prefix=DISABLED // RUN: rm -f %t.supp +// +// Use private aliases for global variables: use indicator symbol to detect ODR violation. +// RUN: %clangxx_asan -DBUILD_SO=1 -fPIC -shared -mllvm -asan-use-private-alias %s -o %t-ODR-SO.so -DSZ=100 +// RUN: %clangxx_asan -mllvm -asan-use-private-alias %s %t-ODR-SO.so -Wl,-R. -o %t-ODR-EXE +// RUN: %env_asan_opts=fast_unwind_on_malloc=0 %run %t-ODR-EXE 2>&1 | FileCheck %s --check-prefix=DISABLED +// RUN: %env_asan_opts=fast_unwind_on_malloc=0:use_odr_indicator=false %run %t-ODR-EXE 2>&1 | FileCheck %s --check-prefix=DISABLED +// RUN: %env_asan_opts=fast_unwind_on_malloc=0:use_odr_indicator=true not %run %t-ODR-EXE 2>&1 | FileCheck %s // GNU driver doesn't handle .so files properly. // REQUIRES: Clang