This is an archive of the discontinued LLVM Phabricator instance.

Differential D55794

[asan] In llvm.asan.globals, allow entries to be non-GlobalVariable and skip over them
ClosedPublic

Authored by kubamracek on Dec 17 2018, 2:50 PM.

Details

Reviewers
rjmccall
aprantl
yln
delcypher
kcc
eugenis
vitalybuka
Commits
rG3760fc9f3de1: [asan] In llvm.asan.globals, allow entries to be non-GlobalVariable and skip…
rL349544: [asan] In llvm.asan.globals, allow entries to be non-GlobalVariable and skip…
Summary

Looks like there are valid reasons why we need to allow bitcasts in llvm.asan.globals, see discussion at https://github.com/apple/swift-llvm/pull/133. Let's skip over them in the llvm.asan.globals list.

Diff Detail

Event Timeline

kubamracek created this revision.Dec 17 2018, 2:50 PM
rjmccall added a comment.Dec 17 2018, 3:48 PM

Thanks! I think the only real question here is whether the entry should be *skipped* if it isn't directly a global variable or if you should stripPointerCasts() to try to find the global.

For the IR-linker example I gave you, it's probably reasonable to assume that if the global is in llvm.asan.globals in one module, it's there in all of them, just possibly with a different type. Assuming the linker picks a type for the global that corresponds to its type from at least one of the input modules (I.e. it doesn't just invent an arbitrarily different type from whole cloth), that means there should be at least one uncasted entry in llvm.asan.globals.

On the other hand, it's probably more resilient to strip casts. This would also handle the case where e.g. a global-initialization optimization sees something weird, like a pointer-typed global being initialized with a float, and decides that its best option is to rewrite the global's type. That shouldn't result in the global being dropped from llvm.asan.globals.

kubamracek added a comment.Dec 18 2018, 11:42 AM

I see, you're probably right. The reason why I suggested to skip entries with bitcasts was because the cases where I hit this crash were all such that the global was getting re-inserted into llvm.asan.globals anyway, so it didn't matter if we skipped them. But I guess that doesn't need to always be the case. I'll change the patch to look through bitcasts, and I believe the code should already be handling the case of repeated values in llvm.asan.globals.

kubamracek updated this revision to Diff 178751.Dec 18 2018, 12:04 PM
rjmccall added inline comments.Dec 18 2018, 12:26 PM
lib/Transforms/Instrumentation/AddressSanitizer.cpp
445

This will crash if V is actually null.

kubamracek updated this revision to Diff 178759.Dec 18 2018, 12:31 PM
kubamracek marked an inline comment as done.
rjmccall accepted this revision.Dec 18 2018, 1:03 PM
rjmccall added inline comments.
lib/Transforms/Instrumentation/AddressSanitizer.cpp
448

This can now just be dyn_cast. But LGTM with that.

This revision is now accepted and ready to land.Dec 18 2018, 1:03 PM
Closed by commit rL349544: [asan] In llvm.asan.globals, allow entries to be non-GlobalVariable and skip… (authored by kuba.brecka). · Explain WhyDec 18 2018, 1:23 PM
This revision was automatically updated to reflect the committed changes.

Revision Contents

PathSize
lib/
Transforms/
Instrumentation/
5 lines
test/
Instrumentation/
AddressSanitizer/
13 lines

Diff 178759

lib/Transforms/Instrumentation/AddressSanitizer.cpp

Show First 20 LinesShow All 435 Lines▼ Show 20 Linespublic:
void init(Module &M) { void init(Module &M) {
assert(!inited_); assert(!inited_);
inited_ = true; inited_ = true;
NamedMDNode *Globals = M.getNamedMetadata("llvm.asan.globals"); NamedMDNode *Globals = M.getNamedMetadata("llvm.asan.globals");
if (!Globals) return; if (!Globals) return;
for (auto MDN : Globals->operands()) { for (auto MDN : Globals->operands()) {
// Metadata node contains the global and the fields of "Entry". // Metadata node contains the global and the fields of "Entry".
assert(MDN->getNumOperands() == 5); assert(MDN->getNumOperands() == 5);
auto *GV = mdconst::extract_or_null<GlobalVariable>(MDN->getOperand(0)); auto *V = mdconst::extract_or_null<Constant>(MDN->getOperand(0));
// The optimizer may optimize away a global entirely. // The optimizer may optimize away a global entirely.
rjmccallUnsubmitted
Done
ReplyInline Actions

This will crash if V is actually null.

rjmccall: This will crash if V is actually null.
if (!V) continue;
auto *StrippedV = V->stripPointerCasts();
auto *GV = dyn_cast_or_null<GlobalVariable>(StrippedV);
rjmccallUnsubmitted
Not Done
ReplyInline Actions

This can now just be dyn_cast. But LGTM with that.

rjmccall: This can now just be `dyn_cast`. But LGTM with that.
if (!GV) continue; if (!GV) continue;
// We can already have an entry for GV if it was merged with another // We can already have an entry for GV if it was merged with another
// global. // global.
Entry &E = Entries[GV]; Entry &E = Entries[GV];
if (auto *Loc = cast_or_null<MDNode>(MDN->getOperand(1))) if (auto *Loc = cast_or_null<MDNode>(MDN->getOperand(1)))
E.SourceLoc.parse(Loc); E.SourceLoc.parse(Loc);
if (auto *Name = cast_or_null<MDString>(MDN->getOperand(2))) if (auto *Name = cast_or_null<MDString>(MDN->getOperand(2)))
E.Name = Name->getString(); E.Name = Name->getString();
▲ Show 20 LinesShow All 2,802 LinesShow Last 20 Lines

test/Instrumentation/AddressSanitizer/global_metadata_bitcasts.ll

; Test that the compiler doesn't crash when the llvm.asan.globals containts
; an entry that points to a BitCast instruction.
; RUN: opt < %s -asan -asan-module -asan-globals-live-support=1 -S
target datalayout = "e-m:o-i64:64-f80:128-n8:16:32:64-S128"
target triple = "x86_64-apple-macosx10.11.0"
@g = global [1 x i32] zeroinitializer, align 4
!llvm.asan.globals = !{!0, !1}
!0 = !{[1 x i32]* @g, null, !"name", i1 false, i1 false}
!1 = !{i8* bitcast ([1 x i32]* @g to i8*), null, !"name", i1 false, i1 false}