This is an archive of the discontinued LLVM Phabricator instance.

Differential D39393

[asan] Use dynamic shadow on 32-bit Android.
ClosedPublic

Authored by eugenis on Oct 27 2017, 3:17 PM.

Details

Reviewers
kcc
vitalybuka
pcc
Commits
rG989299c42b00: [asan] Use dynamic shadow on 32-bit Android.
rCRT317943: [asan] Use dynamic shadow on 32-bit Android.
rL317943: [asan] Use dynamic shadow on 32-bit Android.
Summary

The following kernel change has moved ET_DYN base to 0x4000000 on arm32:
https://marc.info/?l=linux-kernel&m=149825162606848&w=2

Switch to dynamic shadow base to avoid such conflicts in the future.

In my limited testing, this is causing 1.3% binary size increase, and
from 1% to 6% CPU overhead, depending on the benchmark.

Diff Detail

Repository
rL LLVM

Event Timeline

eugenis created this revision.Oct 27 2017, 3:17 PM
Herald added subscribers: hiraditya, kristof.beyls, kubamracek and 2 others. · View Herald TranscriptOct 27 2017, 3:17 PM
eugenis added a reviewer: vitalybuka.Oct 31 2017, 1:51 PM
eugenis planned changes to this revision.Oct 31 2017, 1:54 PM
eugenis updated this revision to Diff 121804.Nov 6 2017, 3:21 PM

Reserve shadow range in ifunc.

Herald added a subscriber: mgorny. · View Herald TranscriptNov 6 2017, 3:21 PM
eugenis updated this revision to Diff 121805.Nov 6 2017, 3:26 PM

.

Harbormaster completed remote builds in B11895: Diff 121805.Nov 6 2017, 3:26 PM
pcc added a subscriber: pcc.Nov 6 2017, 3:47 PM
pcc added inline comments.
compiler-rt/lib/sanitizer_common/sanitizer_linux.cc
970 ↗(On Diff #121805)

Is the ifunc_safe change necessary? If common_flags() is inlined, I would expect the access to go through common_flags_dont_use, which you have marked as hidden. You might want to make common_flags() hidden as well, in case it doesn't get inlined.

vitalybuka added inline comments.Nov 6 2017, 4:05 PM
compiler-rt/lib/asan/asan_linux.cc
99 ↗(On Diff #121805)

why do you need to *8 here?

eugenis added inline comments.Nov 6 2017, 4:07 PM
compiler-rt/lib/sanitizer_common/sanitizer_linux.cc
970 ↗(On Diff #121805)

unfortunately it does into GetKernelAreaSize(), because common_flags()->full_address_space is statically initialized to false. And that is not ifunc-safe.

eugenis added inline comments.Nov 6 2017, 4:08 PM
compiler-rt/lib/asan/asan_linux.cc
99 ↗(On Diff #121805)

I had the same question a while ago :)
Because shadow gap start is calculated as shadow(shadow_start), and needs to be page-aligned, so shadow-start needs to be 8 page aligned.

vitalybuka accepted this revision.Nov 6 2017, 4:15 PM
This revision is now accepted and ready to land.Nov 6 2017, 4:15 PM
pcc added inline comments.Nov 6 2017, 4:26 PM
compiler-rt/lib/sanitizer_common/sanitizer_linux.cc
970 ↗(On Diff #121805)

Oh, right.

I have a mild preference for there to be a separate function that is ifunc-safe (maybe rename this function to GetMaxUserVirtualAddress and then have the ifunc-safe one be GetMaxVirtualAddress), but up to you.

eugenis added a comment.Nov 6 2017, 6:30 PM

It turns out that clang is exceptionally bad at accessing external variables in PIC code on ARM:
https://bugs.llvm.org/show_bug.cgi?id=35221

This translates to 20% code size regression, and 15% CPU.
I think I'll hold off on this change, and look at the codegen issue in the meantime.

eugenis updated this revision to Diff 122012.Nov 7 2017, 4:23 PM

Lets go ahead with this, but keep using "legacy" dynamic shadow instrumentation.
Performance numbers of that mode aren't that bad and it solves the kernel compatibility issue.
By switching the runtime library to ifunc early, the future switch of instrumentation will not be an ABI break.

Speaking of ABI, I'm bumping the asan_version_mismatch thing on 32-bit android only. It looks a bit ugly,
but I think that not disturbing other platforms users is worth it.

eugenis marked an inline comment as done.Nov 7 2017, 4:23 PM
eugenis added a comment.Nov 10 2017, 1:12 PM

ping

pcc accepted this revision.Nov 10 2017, 1:17 PM

Can you add a test that uses the -asan-with-ifunc flag?

LGTM with that.

eugenis updated this revision to Diff 122521.Nov 10 2017, 1:57 PM

Add a test.

Harbormaster completed remote builds in B12085: Diff 122521.Nov 10 2017, 1:57 PM
pcc accepted this revision.Nov 10 2017, 2:00 PM

LGTM

Closed by commit rL317943: [asan] Use dynamic shadow on 32-bit Android. (authored by eugenis). · Explain WhyNov 10 2017, 2:29 PM
This revision was automatically updated to reflect the committed changes.

Revision Contents

PathSize
compiler-rt/
trunk/
lib/
asan/
1 line
7 lines
32 lines
8 lines
28 lines
69 lines
sanitizer_common/
1 line
4 lines
4 lines
18 lines
4 lines
4 lines
llvm/
trunk/
lib/
Transforms/
Instrumentation/
46 lines
test/
Instrumentation/
AddressSanitizer/
30 lines

Diff 122534

compiler-rt/trunk/lib/asan/CMakeLists.txt

Show All 15 Linesset(ASAN_SOURCES
asan_linux.cc asan_linux.cc
asan_mac.cc asan_mac.cc
asan_malloc_linux.cc asan_malloc_linux.cc
asan_malloc_mac.cc asan_malloc_mac.cc
asan_malloc_win.cc asan_malloc_win.cc
asan_memory_profile.cc asan_memory_profile.cc
asan_poisoning.cc asan_poisoning.cc
asan_posix.cc asan_posix.cc
asan_premap_shadow.cc
asan_report.cc asan_report.cc
asan_rtl.cc asan_rtl.cc
asan_shadow_setup.cc asan_shadow_setup.cc
asan_stack.cc asan_stack.cc
asan_stats.cc asan_stats.cc
asan_suppressions.cc asan_suppressions.cc
asan_thread.cc asan_thread.cc
asan_win.cc) asan_win.cc)
▲ Show 20 LinesShow All 252 LinesShow Last 20 Lines

compiler-rt/trunk/lib/asan/asan_init_version.h

Show All 9 Lines
// This file is a part of AddressSanitizer, an address sanity checker. // This file is a part of AddressSanitizer, an address sanity checker.
// //
// This header defines a versioned __asan_init function to be called at the // This header defines a versioned __asan_init function to be called at the
// startup of the instrumented program. // startup of the instrumented program.
//===----------------------------------------------------------------------===// //===----------------------------------------------------------------------===//
#ifndef ASAN_INIT_VERSION_H #ifndef ASAN_INIT_VERSION_H
#define ASAN_INIT_VERSION_H #define ASAN_INIT_VERSION_H
#include "sanitizer_common/sanitizer_platform.h"
extern "C" { extern "C" {
// Every time the ASan ABI changes we also change the version number in the // Every time the ASan ABI changes we also change the version number in the
// __asan_init function name. Objects built with incompatible ASan ABI // __asan_init function name. Objects built with incompatible ASan ABI
// versions will not link with run-time. // versions will not link with run-time.
// //
// Changes between ABI versions: // Changes between ABI versions:
// v1=>v2: added 'module_name' to __asan_global // v1=>v2: added 'module_name' to __asan_global
// v2=>v3: stack frame description (created by the compiler) // v2=>v3: stack frame description (created by the compiler)
// contains the function PC as the 3rd field (see // contains the function PC as the 3rd field (see
// DescribeAddressIfStack) // DescribeAddressIfStack)
// v3=>v4: added '__asan_global_source_location' to __asan_global // v3=>v4: added '__asan_global_source_location' to __asan_global
// v4=>v5: changed the semantics and format of __asan_stack_malloc_ and // v4=>v5: changed the semantics and format of __asan_stack_malloc_ and
// __asan_stack_free_ functions // __asan_stack_free_ functions
// v5=>v6: changed the name of the version check symbol // v5=>v6: changed the name of the version check symbol
// v6=>v7: added 'odr_indicator' to __asan_global // v6=>v7: added 'odr_indicator' to __asan_global
// v7=>v8: added '__asan_(un)register_image_globals' functions for dead // v7=>v8: added '__asan_(un)register_image_globals' functions for dead
// stripping support on Mach-O platforms // stripping support on Mach-O platforms
#if SANITIZER_WORDSIZE == 32 && SANITIZER_ANDROID
// v8=>v9: 32-bit Android switched to dynamic shadow
#define __asan_version_mismatch_check __asan_version_mismatch_check_v9
#else
#define __asan_version_mismatch_check __asan_version_mismatch_check_v8 #define __asan_version_mismatch_check __asan_version_mismatch_check_v8
#endif
} }
#endif // ASAN_INIT_VERSION_H #endif // ASAN_INIT_VERSION_H

compiler-rt/trunk/lib/asan/asan_linux.cc

Show All 11 Lines
// Linux-specific details. // Linux-specific details.
//===----------------------------------------------------------------------===// //===----------------------------------------------------------------------===//
#include "sanitizer_common/sanitizer_platform.h" #include "sanitizer_common/sanitizer_platform.h"
#if SANITIZER_FREEBSD || SANITIZER_LINUX || SANITIZER_NETBSD #if SANITIZER_FREEBSD || SANITIZER_LINUX || SANITIZER_NETBSD
#include "asan_interceptors.h" #include "asan_interceptors.h"
#include "asan_internal.h" #include "asan_internal.h"
#include "asan_premap_shadow.h"
#include "asan_thread.h" #include "asan_thread.h"
#include "sanitizer_common/sanitizer_flags.h" #include "sanitizer_common/sanitizer_flags.h"
#include "sanitizer_common/sanitizer_freebsd.h" #include "sanitizer_common/sanitizer_freebsd.h"
#include "sanitizer_common/sanitizer_libc.h" #include "sanitizer_common/sanitizer_libc.h"
#include "sanitizer_common/sanitizer_procmaps.h" #include "sanitizer_common/sanitizer_procmaps.h"
#include <sys/time.h> #include <sys/time.h>
#include <sys/resource.h> #include <sys/resource.h>
▲ Show 20 LinesShow All 48 Lines▼ Show 20 Lines
void InitializePlatformExceptionHandlers() {} void InitializePlatformExceptionHandlers() {}
bool IsSystemHeapAddress (uptr addr) { return false; } bool IsSystemHeapAddress (uptr addr) { return false; }
void *AsanDoesNotSupportStaticLinkage() { void *AsanDoesNotSupportStaticLinkage() {
// This will fail to link with -static. // This will fail to link with -static.
return &_DYNAMIC; // defined in link.h return &_DYNAMIC; // defined in link.h
} }
#if ASAN_PREMAP_SHADOW
uptr FindDynamicShadowStart() { uptr FindDynamicShadowStart() {
UNREACHABLE("FindDynamicShadowStart is not available"); uptr granularity = GetMmapGranularity();
return 0; uptr shadow_start = reinterpret_cast<uptr>(&__asan_shadow);
uptr shadow_size = PremapShadowSize();
UnmapOrDie((void *)(shadow_start - granularity), shadow_size + granularity);
// MmapNoAccess does not touch TotalMmap, but UnmapOrDie decreases it.
// Compensate.
IncreaseTotalMmap(shadow_size + granularity);
return shadow_start;
}
#else
uptr FindDynamicShadowStart() {
uptr granularity = GetMmapGranularity();
uptr alignment = granularity * 8;
uptr left_padding = granularity;
uptr shadow_size = kHighShadowEnd + left_padding;
uptr map_size = shadow_size + alignment;
uptr map_start = (uptr)MmapNoAccess(map_size);
CHECK_NE(map_start, ~(uptr)0);
uptr shadow_start = RoundUpTo(map_start, alignment);
UnmapOrDie((void *)map_start, map_size);
// MmapNoAccess does not touch TotalMmap, but UnmapOrDie decreases it.
// Compensate.
IncreaseTotalMmap(map_size);
return shadow_start;
} }
#endif
void AsanApplyToGlobals(globals_op_fptr op, const void *needle) { void AsanApplyToGlobals(globals_op_fptr op, const void *needle) {
UNIMPLEMENTED(); UNIMPLEMENTED();
} }
#if SANITIZER_ANDROID #if SANITIZER_ANDROID
// FIXME: should we do anything for Android? // FIXME: should we do anything for Android?
void AsanCheckDynamicRTPrereqs() {} void AsanCheckDynamicRTPrereqs() {}
▲ Show 20 LinesShow All 100 LinesShow Last 20 Lines

compiler-rt/trunk/lib/asan/asan_mapping.h

Show First 20 LinesShow All 150 Lines▼ Show 20 Lines
static const u64 kWindowsShadowOffset32 = 3ULL << 28; // 0x30000000 static const u64 kWindowsShadowOffset32 = 3ULL << 28; // 0x30000000
#define SHADOW_SCALE kDefaultShadowScale #define SHADOW_SCALE kDefaultShadowScale
#if SANITIZER_FUCHSIA #if SANITIZER_FUCHSIA
# define SHADOW_OFFSET (0) # define SHADOW_OFFSET (0)
#elif SANITIZER_WORDSIZE == 32 #elif SANITIZER_WORDSIZE == 32
# if SANITIZER_ANDROID # if SANITIZER_ANDROID
# define SHADOW_OFFSET (0) # define SHADOW_OFFSET __asan_shadow_memory_dynamic_address
# elif defined(__mips__) # elif defined(__mips__)
# define SHADOW_OFFSET kMIPS32_ShadowOffset32 # define SHADOW_OFFSET kMIPS32_ShadowOffset32
# elif SANITIZER_FREEBSD # elif SANITIZER_FREEBSD
# define SHADOW_OFFSET kFreeBSD_ShadowOffset32 # define SHADOW_OFFSET kFreeBSD_ShadowOffset32
# elif SANITIZER_WINDOWS # elif SANITIZER_WINDOWS
# define SHADOW_OFFSET kWindowsShadowOffset32 # define SHADOW_OFFSET kWindowsShadowOffset32
# elif SANITIZER_IOS # elif SANITIZER_IOS
# if SANITIZER_IOSSIM # if SANITIZER_IOSSIM
Show All 27 Lines
# define SHADOW_OFFSET kMIPS64_ShadowOffset64 # define SHADOW_OFFSET kMIPS64_ShadowOffset64
# elif SANITIZER_WINDOWS64 # elif SANITIZER_WINDOWS64
# define SHADOW_OFFSET __asan_shadow_memory_dynamic_address # define SHADOW_OFFSET __asan_shadow_memory_dynamic_address
# else # else
# define SHADOW_OFFSET kDefaultShort64bitShadowOffset # define SHADOW_OFFSET kDefaultShort64bitShadowOffset
# endif # endif
#endif #endif
#if SANITIZER_ANDROID && defined(__arm__)
# define ASAN_PREMAP_SHADOW 1
#else
# define ASAN_PREMAP_SHADOW 0
#endif
#define SHADOW_GRANULARITY (1ULL << SHADOW_SCALE) #define SHADOW_GRANULARITY (1ULL << SHADOW_SCALE)
#define MEM_TO_SHADOW(mem) (((mem) >> SHADOW_SCALE) + (SHADOW_OFFSET)) #define MEM_TO_SHADOW(mem) (((mem) >> SHADOW_SCALE) + (SHADOW_OFFSET))
#define kLowMemBeg 0 #define kLowMemBeg 0
#define kLowMemEnd (SHADOW_OFFSET ? SHADOW_OFFSET - 1 : 0) #define kLowMemEnd (SHADOW_OFFSET ? SHADOW_OFFSET - 1 : 0)
#define kLowShadowBeg SHADOW_OFFSET #define kLowShadowBeg SHADOW_OFFSET
#define kLowShadowEnd MEM_TO_SHADOW(kLowMemEnd) #define kLowShadowEnd MEM_TO_SHADOW(kLowMemEnd)
▲ Show 20 LinesShow All 137 LinesShow Last 20 Lines

compiler-rt/trunk/lib/asan/asan_premap_shadow.h

//===-- asan_mapping.h ------------------------------------------*- C++ -*-===//
//
// The LLVM Compiler Infrastructure
//
// This file is distributed under the University of Illinois Open Source
// License. See LICENSE.TXT for details.
//
//===----------------------------------------------------------------------===//
//
// This file is a part of AddressSanitizer, an address sanity checker.
//
// Premap shadow range with an ifunc resolver.
//===----------------------------------------------------------------------===//
#ifndef ASAN_PREMAP_SHADOW_H
#define ASAN_PREMAP_SHADOW_H
#if ASAN_PREMAP_SHADOW
namespace __asan {
// Conservative upper limit.
uptr PremapShadowSize();
}
#endif
extern "C" INTERFACE_ATTRIBUTE void __asan_shadow();
#endif // ASAN_PREMAP_SHADOW_H

compiler-rt/trunk/lib/asan/asan_premap_shadow.cc

//===-- asan_premap_shadow.cc ---------------------------------------------===//
//
// The LLVM Compiler Infrastructure
//
// This file is distributed under the University of Illinois Open Source
// License. See LICENSE.TXT for details.
//
//===----------------------------------------------------------------------===//
//
// This file is a part of AddressSanitizer, an address sanity checker.
//
// Reserve shadow memory with an ifunc resolver.
//===----------------------------------------------------------------------===//
#include "asan_mapping.h"
#if ASAN_PREMAP_SHADOW
#include "asan_premap_shadow.h"
#include "sanitizer_common/sanitizer_posix.h"
namespace __asan {
// The code in this file needs to run in an unrelocated binary. It may not
// access any external symbol, including its own non-hidden globals.
// Conservative upper limit.
uptr PremapShadowSize() {
return GetMaxVirtualAddress() >> SHADOW_SCALE;
}
// Returns an address aligned to 8 pages, such that one page on the left and
// PremapShadowSize() bytes on the right of it are mapped r/o.
uptr PremapShadow() {
uptr granularity = GetMmapGranularity();
uptr alignment = granularity * 8;
uptr left_padding = granularity;
uptr shadow_size = PremapShadowSize();
uptr map_size = shadow_size + left_padding + alignment;
uptr map_start = (uptr)MmapNoAccess(map_size);
CHECK_NE(map_start, ~(uptr)0);
uptr shadow_start = RoundUpTo(map_start + left_padding, alignment);
uptr shadow_end = shadow_start + shadow_size;
internal_munmap(reinterpret_cast<void *>(map_start),
shadow_start - left_padding - map_start);
internal_munmap(reinterpret_cast<void *>(shadow_end),
map_start + map_size - shadow_end);
return shadow_start;
}
} // namespace __asan
extern "C" {
decltype(__asan_shadow)* __asan_premap_shadow() {
// The resolver may be called multiple times. Map the shadow just once.
static uptr premapped_shadow = 0;
if (!premapped_shadow) premapped_shadow = __asan::PremapShadow();
return reinterpret_cast<decltype(__asan_shadow)*>(premapped_shadow);
}
// __asan_shadow is a "function" that has the same address as the first byte of
// the shadow mapping.
INTERFACE_ATTRIBUTE __attribute__((ifunc("__asan_premap_shadow"))) void
__asan_shadow();
}
#endif // ASAN_PREMAP_SHADOW

compiler-rt/trunk/lib/sanitizer_common/sanitizer_common.h

Show First 20 LinesShow All 67 Lines▼ Show 20 Lines
uptr GetPageSize(); uptr GetPageSize();
extern uptr PageSizeCached; extern uptr PageSizeCached;
INLINE uptr GetPageSizeCached() { INLINE uptr GetPageSizeCached() {
if (!PageSizeCached) if (!PageSizeCached)
PageSizeCached = GetPageSize(); PageSizeCached = GetPageSize();
return PageSizeCached; return PageSizeCached;
} }
uptr GetMmapGranularity(); uptr GetMmapGranularity();
uptr GetMaxVirtualAddress();
uptr GetMaxUserVirtualAddress(); uptr GetMaxUserVirtualAddress();
// Threads // Threads
tid_t GetTid(); tid_t GetTid();
uptr GetThreadSelf(); uptr GetThreadSelf();
void GetThreadStackTopAndBottom(bool at_initialization, uptr *stack_top, void GetThreadStackTopAndBottom(bool at_initialization, uptr *stack_top,
uptr *stack_bottom); uptr *stack_bottom);
void GetThreadStackAndTls(bool main, uptr *stk_addr, uptr *stk_size, void GetThreadStackAndTls(bool main, uptr *stk_addr, uptr *stk_size,
uptr *tls_addr, uptr *tls_size); uptr *tls_addr, uptr *tls_size);
▲ Show 20 LinesShow All 856 LinesShow Last 20 Lines

compiler-rt/trunk/lib/sanitizer_common/sanitizer_flags.h

Show All 28 Lines
#include "sanitizer_flags.inc" #include "sanitizer_flags.inc"
#undef COMMON_FLAG #undef COMMON_FLAG
void SetDefaults(); void SetDefaults();
void CopyFrom(const CommonFlags &other); void CopyFrom(const CommonFlags &other);
}; };
// Functions to get/set global CommonFlags shared by all sanitizer runtimes: // Functions to get/set global CommonFlags shared by all sanitizer runtimes:
extern CommonFlags common_flags_dont_use; // FIXME: hidden needed for asan_premap_shadow. Consider building with
// -fvisibility=hidden.
extern CommonFlags common_flags_dont_use __attribute__((visibility("hidden")));
inline const CommonFlags *common_flags() { inline const CommonFlags *common_flags() {
return &common_flags_dont_use; return &common_flags_dont_use;
} }
inline void SetCommonFlagsDefaults() { inline void SetCommonFlagsDefaults() {
common_flags_dont_use.SetDefaults(); common_flags_dont_use.SetDefaults();
} }
Show All 23 Lines

compiler-rt/trunk/lib/sanitizer_common/sanitizer_fuchsia.cc

Show First 20 LinesShow All 185 Lines▼ Show 20 Lines
sanitizer_shadow_bounds_t ShadowBounds; sanitizer_shadow_bounds_t ShadowBounds;
uptr GetMaxUserVirtualAddress() { uptr GetMaxUserVirtualAddress() {
ShadowBounds = __sanitizer_shadow_bounds(); ShadowBounds = __sanitizer_shadow_bounds();
return ShadowBounds.memory_limit - 1; return ShadowBounds.memory_limit - 1;
} }
uptr GetMaxVirtualAddress() {
return GetMaxUserVirtualAddress();
}
static void *DoAnonymousMmapOrDie(uptr size, const char *mem_type, static void *DoAnonymousMmapOrDie(uptr size, const char *mem_type,
bool raw_report, bool die_for_nomem) { bool raw_report, bool die_for_nomem) {
size = RoundUpTo(size, PAGE_SIZE); size = RoundUpTo(size, PAGE_SIZE);
zx_handle_t vmo; zx_handle_t vmo;
zx_status_t status = _zx_vmo_create(size, 0, &vmo); zx_status_t status = _zx_vmo_create(size, 0, &vmo);
if (status != ZX_OK) { if (status != ZX_OK) {
if (status != ZX_ERR_NO_MEMORY || die_for_nomem) if (status != ZX_ERR_NO_MEMORY || die_for_nomem)
▲ Show 20 LinesShow All 346 LinesShow Last 20 Lines

compiler-rt/trunk/lib/sanitizer_common/sanitizer_linux.cc

Show First 20 LinesShow All 948 Lines▼ Show 20 Lines#endif // SANITIZER_ANDROID
// Top gigabyte is reserved for kernel. // Top gigabyte is reserved for kernel.
return gbyte; return gbyte;
#else #else
return 0; return 0;
#endif // SANITIZER_LINUX && !SANITIZER_X32 #endif // SANITIZER_LINUX && !SANITIZER_X32
} }
#endif // SANITIZER_WORDSIZE == 32 #endif // SANITIZER_WORDSIZE == 32
uptr GetMaxUserVirtualAddress() { uptr GetMaxVirtualAddress() {
#if SANITIZER_NETBSD && defined(__x86_64__) #if SANITIZER_NETBSD && defined(__x86_64__)
return 0x7f7ffffff000ULL; // (0x00007f8000000000 - PAGE_SIZE) return 0x7f7ffffff000ULL; // (0x00007f8000000000 - PAGE_SIZE)
#elif SANITIZER_WORDSIZE == 64 #elif SANITIZER_WORDSIZE == 64
# if defined(__powerpc64__) || defined(__aarch64__) # if defined(__powerpc64__) || defined(__aarch64__)
// On PowerPC64 we have two different address space layouts: 44- and 46-bit. // On PowerPC64 we have two different address space layouts: 44- and 46-bit.
// We somehow need to figure out which one we are using now and choose // We somehow need to figure out which one we are using now and choose
// one of 0x00000fffffffffffUL and 0x00003fffffffffffUL. // one of 0x00000fffffffffffUL and 0x00003fffffffffffUL.
// Note that with 'ulimit -s unlimited' the stack is moved away from the top // Note that with 'ulimit -s unlimited' the stack is moved away from the top
// of the address space, so simply checking the stack address is not enough. // of the address space, so simply checking the stack address is not enough.
// This should (does) work for both PowerPC64 Endian modes. // This should (does) work for both PowerPC64 Endian modes.
// Similarly, aarch64 has multiple address space layouts: 39, 42 and 47-bit. // Similarly, aarch64 has multiple address space layouts: 39, 42 and 47-bit.
return (1ULL << (MostSignificantSetBitIndex(GET_CURRENT_FRAME()) + 1)) - 1; return (1ULL << (MostSignificantSetBitIndex(GET_CURRENT_FRAME()) + 1)) - 1;
# elif defined(__mips64) # elif defined(__mips64)
return (1ULL << 40) - 1; // 0x000000ffffffffffUL; return (1ULL << 40) - 1; // 0x000000ffffffffffUL;
# elif defined(__s390x__) # elif defined(__s390x__)
return (1ULL << 53) - 1; // 0x001fffffffffffffUL; return (1ULL << 53) - 1; // 0x001fffffffffffffUL;
# else # else
return (1ULL << 47) - 1; // 0x00007fffffffffffUL; return (1ULL << 47) - 1; // 0x00007fffffffffffUL;
# endif # endif
#else // SANITIZER_WORDSIZE == 32 #else // SANITIZER_WORDSIZE == 32
# if defined(__s390__) # if defined(__s390__)
return (1ULL << 31) - 1; // 0x7fffffff; return (1ULL << 31) - 1; // 0x7fffffff;
# else # else
uptr res = (1ULL << 32) - 1; // 0xffffffff; return (1ULL << 32) - 1; // 0xffffffff;
if (!common_flags()->full_address_space)
res -= GetKernelAreaSize();
CHECK_LT(reinterpret_cast<uptr>(&res), res);
return res;
# endif # endif
#endif // SANITIZER_WORDSIZE #endif // SANITIZER_WORDSIZE
} }
uptr GetMaxUserVirtualAddress() {
uptr addr = GetMaxVirtualAddress();
#if SANITIZER_WORDSIZE == 32 && !defined(__s390__)
if (!common_flags()->full_address_space)
addr -= GetKernelAreaSize();
CHECK_LT(reinterpret_cast<uptr>(&addr), addr);
#endif
return addr;
}
uptr GetPageSize() { uptr GetPageSize() {
// Android post-M sysconf(_SC_PAGESIZE) crashes if called from .preinit_array. // Android post-M sysconf(_SC_PAGESIZE) crashes if called from .preinit_array.
#if SANITIZER_ANDROID #if SANITIZER_ANDROID
return 4096; return 4096;
#elif SANITIZER_LINUX && (defined(__x86_64__) || defined(__i386__)) #elif SANITIZER_LINUX && (defined(__x86_64__) || defined(__i386__))
return EXEC_PAGESIZE; return EXEC_PAGESIZE;
#elif SANITIZER_USE_GETAUXVAL #elif SANITIZER_USE_GETAUXVAL
return getauxval(AT_PAGESZ); return getauxval(AT_PAGESZ);
▲ Show 20 LinesShow All 831 LinesShow Last 20 Lines

compiler-rt/trunk/lib/sanitizer_common/sanitizer_mac.cc

Show First 20 LinesShow All 858 Lines▼ Show 20 Lines
# else # else
return (1ULL << 47) - 1; // 0x00007fffffffffffUL; return (1ULL << 47) - 1; // 0x00007fffffffffffUL;
# endif # endif
#else // SANITIZER_WORDSIZE == 32 #else // SANITIZER_WORDSIZE == 32
return (1ULL << 32) - 1; // 0xffffffff; return (1ULL << 32) - 1; // 0xffffffff;
#endif // SANITIZER_WORDSIZE #endif // SANITIZER_WORDSIZE
} }
uptr GetMaxVirtualAddress() {
return GetMaxUserVirtualAddress();
}
uptr FindAvailableMemoryRange(uptr shadow_size, uptr FindAvailableMemoryRange(uptr shadow_size,
uptr alignment, uptr alignment,
uptr left_padding, uptr left_padding,
uptr *largest_gap_found) { uptr *largest_gap_found) {
typedef vm_region_submap_short_info_data_64_t RegionInfo; typedef vm_region_submap_short_info_data_64_t RegionInfo;
enum { kRegionInfoSize = VM_REGION_SUBMAP_SHORT_INFO_COUNT_64 }; enum { kRegionInfoSize = VM_REGION_SUBMAP_SHORT_INFO_COUNT_64 };
// Start searching for available memory region past PAGEZERO, which is // Start searching for available memory region past PAGEZERO, which is
// 4KB on 32-bit and 4GB on 64-bit. // 4KB on 32-bit and 4GB on 64-bit.
▲ Show 20 LinesShow All 131 LinesShow Last 20 Lines

compiler-rt/trunk/lib/sanitizer_common/sanitizer_win.cc

Show First 20 LinesShow All 64 Lines▼ Show 20 Lines
} }
uptr GetMaxUserVirtualAddress() { uptr GetMaxUserVirtualAddress() {
SYSTEM_INFO si; SYSTEM_INFO si;
GetSystemInfo(&si); GetSystemInfo(&si);
return (uptr)si.lpMaximumApplicationAddress; return (uptr)si.lpMaximumApplicationAddress;
} }
uptr GetMaxVirtualAddress() {
return GetMaxUserVirtualAddress();
}
bool FileExists(const char *filename) { bool FileExists(const char *filename) {
return ::GetFileAttributesA(filename) != INVALID_FILE_ATTRIBUTES; return ::GetFileAttributesA(filename) != INVALID_FILE_ATTRIBUTES;
} }
uptr internal_getpid() { uptr internal_getpid() {
return GetProcessId(GetCurrentProcess()); return GetProcessId(GetCurrentProcess());
} }
▲ Show 20 LinesShow All 1,018 LinesShow Last 20 Lines

llvm/trunk/lib/Transforms/Instrumentation/AddressSanitizer.cpp

Show First 20 LinesShow All 130 Lines▼ Show 20 Linesstatic const char *const kAsanUnregisterImageGlobalsName =
"__asan_unregister_image_globals"; "__asan_unregister_image_globals";
static const char *const kAsanRegisterElfGlobalsName = static const char *const kAsanRegisterElfGlobalsName =
"__asan_register_elf_globals"; "__asan_register_elf_globals";
static const char *const kAsanUnregisterElfGlobalsName = static const char *const kAsanUnregisterElfGlobalsName =
"__asan_unregister_elf_globals"; "__asan_unregister_elf_globals";
static const char *const kAsanPoisonGlobalsName = "__asan_before_dynamic_init"; static const char *const kAsanPoisonGlobalsName = "__asan_before_dynamic_init";
static const char *const kAsanUnpoisonGlobalsName = "__asan_after_dynamic_init"; static const char *const kAsanUnpoisonGlobalsName = "__asan_after_dynamic_init";
static const char *const kAsanInitName = "__asan_init"; static const char *const kAsanInitName = "__asan_init";
static const char *const kAsanVersionCheckName = static const char *const kAsanVersionCheckNamePrefix =
"__asan_version_mismatch_check_v8"; "__asan_version_mismatch_check_v";
static const char *const kAsanPtrCmp = "__sanitizer_ptr_cmp"; static const char *const kAsanPtrCmp = "__sanitizer_ptr_cmp";
static const char *const kAsanPtrSub = "__sanitizer_ptr_sub"; static const char *const kAsanPtrSub = "__sanitizer_ptr_sub";
static const char *const kAsanHandleNoReturnName = "__asan_handle_no_return"; static const char *const kAsanHandleNoReturnName = "__asan_handle_no_return";
static const int kMaxAsanStackMallocSizeClass = 10; static const int kMaxAsanStackMallocSizeClass = 10;
static const char *const kAsanStackMallocNameTemplate = "__asan_stack_malloc_"; static const char *const kAsanStackMallocNameTemplate = "__asan_stack_malloc_";
static const char *const kAsanStackFreeNameTemplate = "__asan_stack_free_"; static const char *const kAsanStackFreeNameTemplate = "__asan_stack_free_";
static const char *const kAsanGenPrefix = "__asan_gen_"; static const char *const kAsanGenPrefix = "__asan_gen_";
static const char *const kODRGenPrefix = "__odr_asan_gen_"; static const char *const kODRGenPrefix = "__odr_asan_gen_";
▲ Show 20 LinesShow All 53 Lines▼ Show 20 Linesstatic cl::opt<bool> ClAlwaysSlowPath(
cl::desc("use instrumentation with slow path for all accesses"), cl::Hidden, cl::desc("use instrumentation with slow path for all accesses"), cl::Hidden,
cl::init(false)); cl::init(false));
static cl::opt<bool> ClForceDynamicShadow( static cl::opt<bool> ClForceDynamicShadow(
"asan-force-dynamic-shadow", "asan-force-dynamic-shadow",
cl::desc("Load shadow address into a local variable for each function"), cl::desc("Load shadow address into a local variable for each function"),
cl::Hidden, cl::init(false)); cl::Hidden, cl::init(false));
static cl::opt<bool>
ClWithIfunc("asan-with-ifunc",
cl::desc("Access dynamic shadow through an ifunc global on "
"platforms that support this"),
cl::Hidden, cl::init(false));
// This flag limits the number of instructions to be instrumented // This flag limits the number of instructions to be instrumented
// in any given BB. Normally, this should be set to unlimited (INT_MAX), // in any given BB. Normally, this should be set to unlimited (INT_MAX),
// but due to http://llvm.org/bugs/show_bug.cgi?id=12652 we temporary // but due to http://llvm.org/bugs/show_bug.cgi?id=12652 we temporary
// set it to 10000. // set it to 10000.
static cl::opt<int> ClMaxInsnsToInstrumentPerBB( static cl::opt<int> ClMaxInsnsToInstrumentPerBB(
"asan-max-ins-per-bb", cl::init(10000), "asan-max-ins-per-bb", cl::init(10000),
cl::desc("maximal number of instructions to instrument in any given BB"), cl::desc("maximal number of instructions to instrument in any given BB"),
cl::Hidden); cl::Hidden);
▲ Show 20 LinesShow All 224 Lines▼ Show 20 Lines
private: private:
bool inited_ = false; bool inited_ = false;
DenseMap<GlobalVariable *, Entry> Entries; DenseMap<GlobalVariable *, Entry> Entries;
}; };
/// This struct defines the shadow mapping using the rule: /// This struct defines the shadow mapping using the rule:
/// shadow = (mem >> Scale) ADD-or-OR Offset. /// shadow = (mem >> Scale) ADD-or-OR Offset.
/// If InGlobal is true, then
/// extern char __asan_shadow[];
/// shadow = (mem >> Scale) + &__asan_shadow
struct ShadowMapping { struct ShadowMapping {
int Scale; int Scale;
uint64_t Offset; uint64_t Offset;
bool OrShadowOffset; bool OrShadowOffset;
bool InGlobal;
}; };
} // end anonymous namespace } // end anonymous namespace
static ShadowMapping getShadowMapping(Triple &TargetTriple, int LongSize, static ShadowMapping getShadowMapping(Triple &TargetTriple, int LongSize,
bool IsKasan) { bool IsKasan) {
bool IsAndroid = TargetTriple.isAndroid(); bool IsAndroid = TargetTriple.isAndroid();
bool IsIOS = TargetTriple.isiOS() || TargetTriple.isWatchOS(); bool IsIOS = TargetTriple.isiOS() || TargetTriple.isWatchOS();
bool IsFreeBSD = TargetTriple.isOSFreeBSD(); bool IsFreeBSD = TargetTriple.isOSFreeBSD();
bool IsNetBSD = TargetTriple.isOSNetBSD(); bool IsNetBSD = TargetTriple.isOSNetBSD();
bool IsPS4CPU = TargetTriple.isPS4CPU(); bool IsPS4CPU = TargetTriple.isPS4CPU();
bool IsLinux = TargetTriple.isOSLinux(); bool IsLinux = TargetTriple.isOSLinux();
bool IsPPC64 = TargetTriple.getArch() == Triple::ppc64 || bool IsPPC64 = TargetTriple.getArch() == Triple::ppc64 ||
TargetTriple.getArch() == Triple::ppc64le; TargetTriple.getArch() == Triple::ppc64le;
bool IsSystemZ = TargetTriple.getArch() == Triple::systemz; bool IsSystemZ = TargetTriple.getArch() == Triple::systemz;
bool IsX86 = TargetTriple.getArch() == Triple::x86; bool IsX86 = TargetTriple.getArch() == Triple::x86;
bool IsX86_64 = TargetTriple.getArch() == Triple::x86_64; bool IsX86_64 = TargetTriple.getArch() == Triple::x86_64;
bool IsMIPS32 = TargetTriple.getArch() == Triple::mips || bool IsMIPS32 = TargetTriple.getArch() == Triple::mips ||
TargetTriple.getArch() == Triple::mipsel; TargetTriple.getArch() == Triple::mipsel;
bool IsMIPS64 = TargetTriple.getArch() == Triple::mips64 || bool IsMIPS64 = TargetTriple.getArch() == Triple::mips64 ||
TargetTriple.getArch() == Triple::mips64el; TargetTriple.getArch() == Triple::mips64el;
bool IsArmOrThumb = TargetTriple.isARM() || TargetTriple.isThumb();
bool IsAArch64 = TargetTriple.getArch() == Triple::aarch64; bool IsAArch64 = TargetTriple.getArch() == Triple::aarch64;
bool IsWindows = TargetTriple.isOSWindows(); bool IsWindows = TargetTriple.isOSWindows();
bool IsFuchsia = TargetTriple.isOSFuchsia(); bool IsFuchsia = TargetTriple.isOSFuchsia();
ShadowMapping Mapping; ShadowMapping Mapping;
if (LongSize == 32) { if (LongSize == 32) {
// Android is always PIE, which means that the beginning of the address
// space is always available.
if (IsAndroid) if (IsAndroid)
Mapping.Offset = 0; Mapping.Offset = kDynamicShadowSentinel;
else if (IsMIPS32) else if (IsMIPS32)
Mapping.Offset = kMIPS32_ShadowOffset32; Mapping.Offset = kMIPS32_ShadowOffset32;
else if (IsFreeBSD) else if (IsFreeBSD)
Mapping.Offset = kFreeBSD_ShadowOffset32; Mapping.Offset = kFreeBSD_ShadowOffset32;
else if (IsIOS) else if (IsIOS)
// If we're targeting iOS and x86, the binary is built for iOS simulator. // If we're targeting iOS and x86, the binary is built for iOS simulator.
Mapping.Offset = IsX86 ? kIOSSimShadowOffset32 : kIOSShadowOffset32; Mapping.Offset = IsX86 ? kIOSSimShadowOffset32 : kIOSShadowOffset32;
else if (IsWindows) else if (IsWindows)
▲ Show 20 LinesShow All 51 Lines▼ Show 20 Linesstatic ShadowMapping getShadowMapping(Triple &TargetTriple, int LongSize,
// OR-ing shadow offset if more efficient (at least on x86) if the offset // OR-ing shadow offset if more efficient (at least on x86) if the offset
// is a power of two, but on ppc64 we have to use add since the shadow // is a power of two, but on ppc64 we have to use add since the shadow
// offset is not necessary 1/8-th of the address space. On SystemZ, // offset is not necessary 1/8-th of the address space. On SystemZ,
// we could OR the constant in a single instruction, but it's more // we could OR the constant in a single instruction, but it's more
// efficient to load it once and use indexed addressing. // efficient to load it once and use indexed addressing.
Mapping.OrShadowOffset = !IsAArch64 && !IsPPC64 && !IsSystemZ && !IsPS4CPU && Mapping.OrShadowOffset = !IsAArch64 && !IsPPC64 && !IsSystemZ && !IsPS4CPU &&
!(Mapping.Offset & (Mapping.Offset - 1)) && !(Mapping.Offset & (Mapping.Offset - 1)) &&
Mapping.Offset != kDynamicShadowSentinel; Mapping.Offset != kDynamicShadowSentinel;
Mapping.InGlobal = ClWithIfunc && IsAndroid && IsArmOrThumb;
return Mapping; return Mapping;
} }
static size_t RedzoneSizeForScale(int MappingScale) { static size_t RedzoneSizeForScale(int MappingScale) {
// Redzone used for stack and globals is at least 32 bytes. // Redzone used for stack and globals is at least 32 bytes.
// For scales 6 and 7, the redzone has to be 64 and 128 bytes respectively. // For scales 6 and 7, the redzone has to be 64 and 128 bytes respectively.
return std::max(32U, 1U << MappingScale); return std::max(32U, 1U << MappingScale);
▲ Show 20 LinesShow All 106 Lines▼ Show 20 Linesprivate:
bool CompileKernel; bool CompileKernel;
bool Recover; bool Recover;
bool UseAfterScope; bool UseAfterScope;
Type *IntptrTy; Type *IntptrTy;
ShadowMapping Mapping; ShadowMapping Mapping;
DominatorTree *DT; DominatorTree *DT;
Function *AsanHandleNoReturnFunc; Function *AsanHandleNoReturnFunc;
Function *AsanPtrCmpFunction, *AsanPtrSubFunction; Function *AsanPtrCmpFunction, *AsanPtrSubFunction;
Constant *AsanShadowGlobal;
// These arrays is indexed by AccessIsWrite, Experiment and log2(AccessSize). // These arrays is indexed by AccessIsWrite, Experiment and log2(AccessSize).
Function *AsanErrorCallback[2][2][kNumberOfAccessSizes]; Function *AsanErrorCallback[2][2][kNumberOfAccessSizes];
Function *AsanMemoryAccessCallback[2][2][kNumberOfAccessSizes]; Function *AsanMemoryAccessCallback[2][2][kNumberOfAccessSizes];
// These arrays is indexed by AccessIsWrite and Experiment. // These arrays is indexed by AccessIsWrite and Experiment.
Function *AsanErrorCallbackSized[2][2]; Function *AsanErrorCallbackSized[2][2];
Function *AsanMemoryAccessCallbackSized[2][2]; Function *AsanMemoryAccessCallbackSized[2][2];
▲ Show 20 LinesShow All 56 Lines▼ Show 20 Linesprivate:
bool ShouldInstrumentGlobal(GlobalVariable *G); bool ShouldInstrumentGlobal(GlobalVariable *G);
bool ShouldUseMachOGlobalsSection() const; bool ShouldUseMachOGlobalsSection() const;
StringRef getGlobalMetadataSection() const; StringRef getGlobalMetadataSection() const;
void poisonOneInitializer(Function &GlobalInit, GlobalValue *ModuleName); void poisonOneInitializer(Function &GlobalInit, GlobalValue *ModuleName);
void createInitializerPoisonCalls(Module &M, GlobalValue *ModuleName); void createInitializerPoisonCalls(Module &M, GlobalValue *ModuleName);
size_t MinRedzoneSizeForGlobal() const { size_t MinRedzoneSizeForGlobal() const {
return RedzoneSizeForScale(Mapping.Scale); return RedzoneSizeForScale(Mapping.Scale);
} }
int GetAsanVersion(const Module &M) const;
GlobalsMetadata GlobalsMD; GlobalsMetadata GlobalsMD;
bool CompileKernel; bool CompileKernel;
bool Recover; bool Recover;
bool UseGlobalsGC; bool UseGlobalsGC;
bool UseCtorComdat; bool UseCtorComdat;
Type *IntptrTy; Type *IntptrTy;
LLVMContext *C; LLVMContext *C;
▲ Show 20 LinesShow All 349 Lines▼ Show 20 Lines
} }
Value *AddressSanitizer::memToShadow(Value *Shadow, IRBuilder<> &IRB) { Value *AddressSanitizer::memToShadow(Value *Shadow, IRBuilder<> &IRB) {
// Shadow >> scale // Shadow >> scale
Shadow = IRB.CreateLShr(Shadow, Mapping.Scale); Shadow = IRB.CreateLShr(Shadow, Mapping.Scale);
if (Mapping.Offset == 0) return Shadow; if (Mapping.Offset == 0) return Shadow;
// (Shadow >> scale) | offset // (Shadow >> scale) | offset
Value *ShadowBase; Value *ShadowBase;
if (Mapping.InGlobal)
return IRB.CreatePtrToInt(
IRB.CreateGEP(AsanShadowGlobal,
{ConstantInt::get(IntptrTy, 0), Shadow}),
IntptrTy);
if (LocalDynamicShadow) if (LocalDynamicShadow)
ShadowBase = LocalDynamicShadow; ShadowBase = LocalDynamicShadow;
else else
ShadowBase = ConstantInt::get(IntptrTy, Mapping.Offset); ShadowBase = ConstantInt::get(IntptrTy, Mapping.Offset);
if (Mapping.OrShadowOffset) if (Mapping.OrShadowOffset)
return IRB.CreateOr(Shadow, ShadowBase); return IRB.CreateOr(Shadow, ShadowBase);
else else
return IRB.CreateAdd(Shadow, ShadowBase); return IRB.CreateAdd(Shadow, ShadowBase);
▲ Show 20 LinesShow All 1,031 Lines▼ Show 20 Linesbool AddressSanitizerModule::InstrumentGlobals(IRBuilder<> &IRB, Module &M, bool *CtorComdat) {
// Create calls for poisoning before initializers run and unpoisoning after. // Create calls for poisoning before initializers run and unpoisoning after.
if (HasDynamicallyInitializedGlobals) if (HasDynamicallyInitializedGlobals)
createInitializerPoisonCalls(M, ModuleName); createInitializerPoisonCalls(M, ModuleName);
DEBUG(dbgs() << M); DEBUG(dbgs() << M);
return true; return true;
} }
int AddressSanitizerModule::GetAsanVersion(const Module &M) const {
int LongSize = M.getDataLayout().getPointerSizeInBits();
bool isAndroid = Triple(M.getTargetTriple()).isAndroid();
int Version = 8;
// 32-bit Android is one version ahead because of the switch to dynamic
// shadow.
Version += (LongSize == 32 && isAndroid);
return Version;
}
bool AddressSanitizerModule::runOnModule(Module &M) { bool AddressSanitizerModule::runOnModule(Module &M) {
C = &(M.getContext()); C = &(M.getContext());
int LongSize = M.getDataLayout().getPointerSizeInBits(); int LongSize = M.getDataLayout().getPointerSizeInBits();
IntptrTy = Type::getIntNTy(*C, LongSize); IntptrTy = Type::getIntNTy(*C, LongSize);
TargetTriple = Triple(M.getTargetTriple()); TargetTriple = Triple(M.getTargetTriple());
Mapping = getShadowMapping(TargetTriple, LongSize, CompileKernel); Mapping = getShadowMapping(TargetTriple, LongSize, CompileKernel);
initializeCallbacks(M); initializeCallbacks(M);
if (CompileKernel) if (CompileKernel)
return false; return false;
// Create a module constructor. A destructor is created lazily because not all // Create a module constructor. A destructor is created lazily because not all
// platforms, and not all modules need it. // platforms, and not all modules need it.
std::string VersionCheckName =
kAsanVersionCheckNamePrefix + std::to_string(GetAsanVersion(M));
std::tie(AsanCtorFunction, std::ignore) = createSanitizerCtorAndInitFunctions( std::tie(AsanCtorFunction, std::ignore) = createSanitizerCtorAndInitFunctions(
M, kAsanModuleCtorName, kAsanInitName, /*InitArgTypes=*/{}, M, kAsanModuleCtorName, kAsanInitName, /*InitArgTypes=*/{},
/*InitArgs=*/{}, kAsanVersionCheckName); /*InitArgs=*/{}, VersionCheckName);
bool CtorComdat = true; bool CtorComdat = true;
bool Changed = false; bool Changed = false;
// TODO(glider): temporarily disabled globals instrumentation for KASan. // TODO(glider): temporarily disabled globals instrumentation for KASan.
if (ClGlobals) { if (ClGlobals) {
IRBuilder<> IRB(AsanCtorFunction->getEntryBlock().getTerminator()); IRBuilder<> IRB(AsanCtorFunction->getEntryBlock().getTerminator());
Changed |= InstrumentGlobals(IRB, M, &CtorComdat); Changed |= InstrumentGlobals(IRB, M, &CtorComdat);
} }
▲ Show 20 LinesShow All 82 Lines▼ Show 20 Linesvoid AddressSanitizer::initializeCallbacks(Module &M) {
AsanPtrCmpFunction = checkSanitizerInterfaceFunction(M.getOrInsertFunction( AsanPtrCmpFunction = checkSanitizerInterfaceFunction(M.getOrInsertFunction(
kAsanPtrCmp, IRB.getVoidTy(), IntptrTy, IntptrTy)); kAsanPtrCmp, IRB.getVoidTy(), IntptrTy, IntptrTy));
AsanPtrSubFunction = checkSanitizerInterfaceFunction(M.getOrInsertFunction( AsanPtrSubFunction = checkSanitizerInterfaceFunction(M.getOrInsertFunction(
kAsanPtrSub, IRB.getVoidTy(), IntptrTy, IntptrTy)); kAsanPtrSub, IRB.getVoidTy(), IntptrTy, IntptrTy));
// We insert an empty inline asm after __asan_report* to avoid callback merge. // We insert an empty inline asm after __asan_report* to avoid callback merge.
EmptyAsm = InlineAsm::get(FunctionType::get(IRB.getVoidTy(), false), EmptyAsm = InlineAsm::get(FunctionType::get(IRB.getVoidTy(), false),
StringRef(""), StringRef(""), StringRef(""), StringRef(""),
/*hasSideEffects=*/true); /*hasSideEffects=*/true);
if (Mapping.InGlobal)
AsanShadowGlobal = M.getOrInsertGlobal("__asan_shadow",
ArrayType::get(IRB.getInt8Ty(), 0));
} }
// virtual // virtual
bool AddressSanitizer::doInitialization(Module &M) { bool AddressSanitizer::doInitialization(Module &M) {
// Initialize the private fields. No one has accessed them before. // Initialize the private fields. No one has accessed them before.
GlobalsMD.init(M); GlobalsMD.init(M);
C = &(M.getContext()); C = &(M.getContext());
Show All 25 Lines if (F.getName().find(" load]") != std::string::npos) {
IRB.CreateCall(AsanInitFunction, {}); IRB.CreateCall(AsanInitFunction, {});
return true; return true;
} }
return false; return false;
} }
void AddressSanitizer::maybeInsertDynamicShadowAtFunctionEntry(Function &F) { void AddressSanitizer::maybeInsertDynamicShadowAtFunctionEntry(Function &F) {
// Generate code only when dynamic addressing is needed. // Generate code only when dynamic addressing is needed.
if (Mapping.Offset != kDynamicShadowSentinel) if (Mapping.Offset != kDynamicShadowSentinel || Mapping.InGlobal)
return; return;
IRBuilder<> IRB(&F.front().front()); IRBuilder<> IRB(&F.front().front());
Value *GlobalDynamicAddress = F.getParent()->getOrInsertGlobal( Value *GlobalDynamicAddress = F.getParent()->getOrInsertGlobal(
kAsanShadowMemoryDynamicAddress, IntptrTy); kAsanShadowMemoryDynamicAddress, IntptrTy);
LocalDynamicShadow = IRB.CreateLoad(GlobalDynamicAddress); LocalDynamicShadow = IRB.CreateLoad(GlobalDynamicAddress);
} }
▲ Show 20 LinesShow All 781 LinesShow Last 20 Lines

llvm/trunk/test/Instrumentation/AddressSanitizer/with-ifunc.ll

; Test -asan-force-dynamic-shadow flag.
;
; RUN: opt -asan -asan-module -S -asan-with-ifunc=1 < %s | FileCheck %s --check-prefixes=CHECK,CHECK-IFUNC
; RUN: opt -asan -asan-module -S -asan-with-ifunc=0 < %s | FileCheck %s --check-prefixes=CHECK,CHECK-NOIFUNC
target datalayout = "e-m:e-p:32:32-i64:64-v128:64:128-a:0:32-n32-S64"
target triple = "armv7--linux-android"
; CHECK-IFUNC: @__asan_shadow = external global [0 x i8]
; CHECK-NOIFUNC: @__asan_shadow_memory_dynamic_address = external global i32
define i32 @test_load(i32* %a) sanitize_address {
; First instrumentation in the function must be to load the dynamic shadow
; address into a local variable.
; CHECK-LABEL: @test_load
; CHECK: entry:
; CHECK-IFUNC-NEXT: %[[A:[^ ]*]] = ptrtoint i32* %a to i32
; CHECK-IFUNC-NEXT: %[[B:[^ ]*]] = lshr i32 %[[A]], 3
; CHECK-IFUNC-NEXT: %[[C:[^ ]*]] = getelementptr [0 x i8], [0 x i8]* @__asan_shadow, i32 0, i32 %[[B]]
; CHECK-NOIFUNC-NEXT: %[[SHADOW:[^ ]*]] = load i32, i32* @__asan_shadow_memory_dynamic_address
; CHECK-NOIFUNC-NEXT: %[[A:[^ ]*]] = ptrtoint i32* %a to i32
; CHECK-NOIFUNC-NEXT: %[[B:[^ ]*]] = lshr i32 %[[A]], 3
; CHECK-NOIFUNC-NEXT: %[[C:[^ ]*]] = add i32 %[[B]], %[[SHADOW]]
entry:
%x = load i32, i32* %a, align 4
ret i32 %x
}