This is an archive of the discontinued LLVM Phabricator instance.

Paths

Table of Contentst

-
include/llvm/Transforms/Utils/
-
llvm/
-
Transforms/
-
Utils/
-
ModuleUtils.h
-
lib/Transforms/
-
Transforms/
-
Instrumentation/
1
AddressSanitizer.cpp
-
MemorySanitizer.cpp
-
SanitizerCoverage.cpp
-
ThreadSanitizer.cpp
-
Utils/
1
ModuleUtils.cpp

Differential D8754

Don't add sanitizer init function directly into module constructors
AbandonedPublic

Authored by ismailp on Mar 31 2015, 3:49 PM.

Download Raw Diff

Details

Reviewers

kcc
samsonov
eugenis

Summary

AddressSanitizer creates a function within the module, which calls
__asan_init. This function is then added to the module's constructors.
ThreadSanitizer, and MemorySanitizer, however, add their respective init
functions directly to module constructors. This prevents these
sanitizers be used in certain cases, where module constructor must be
implemented in instrumented object itself. This patch unifies how
sanitizer constructor functions are created, and how init functions are
called across all sanitizers.

Moved checkInterfaceFunction into ModuleUtils.

Diff Detail

Event Timeline

ismailp updated this revision to Diff 23018.Mar 31 2015, 3:49 PM

ismailp retitled this revision from to Don't add sanitizer init function directly into module constructors.

ismailp updated this object.

ismailp edited the test plan for this revision. (Show Details)

ismailp added reviewers: kcc, samsonov, eugenis.

ismailp added a subscriber: Unknown Object (MLST).

This prevents these sanitizers be used in certain cases,

Can you give an example?

Also, please add tests to test/Instrumentation/*Sanitizer

The change touches 3 sanitizers that have 3 different primary maintainers
It might be simpler to split this patch into several:

move checkInterfaceFunction w/o other functionality changes
update each of the sanitizers.

lib/Transforms/Instrumentation/AddressSanitizer.cpp
1220	here and below, please use a file-static named constant (e.g. kSanitizerName)
lib/Transforms/Utils/ModuleUtils.cpp
109	You can just print "Sanitizer interface function" to make the code simpler.

Thanks for quick response!

In D8754#150169, @kcc wrote:

This prevents these sanitizers be used in certain cases,

Can you give an example?

Yes; Darwin. Dynamic linker is expecting module initializer to be defined within the module itself, otherwise it says:
dyld: initializer function <address> not in mapped image

Also, please add tests to test/Instrumentation/*Sanitizer

Yes, this is clearly forgotten. I was rushing to submit this.

The change touches 3 sanitizers that have 3 different primary maintainers
It might be simpler to split this patch into several:

move checkInterfaceFunction w/o other functionality changes

update each of the sanitizers.

Makes sense; will do that. I am abandoning this revision, and will submit 2/3 new. Could you please let me know who are primary maintainers for each sanitizer, so that I add correct reviewers?

Yes; Darwin. Dynamic linker is expecting module initializer to be defined within the module itself, otherwise it says:
dyld: initializer function <address> not in mapped image

Interesting. Does this mean that you are porting tsan/msan to Darwin?
This, especially for msan, could be a great challenge.

The change touches 3 sanitizers that have 3 different primary maintainers
It might be simpler to split this patch into several:

move checkInterfaceFunction w/o other functionality changes

update each of the sanitizers.

Makes sense; will do that. I am abandoning this revision, and will submit 2/3 new. Could you please let me know who are primary maintainers for each sanitizer, so that I add correct reviewers?

Let's do like this:
asan/common: samsonov@
msan: eugenis@
tsan: dvyukov@
CC me to all of them.

In D8754#150182, @kcc wrote:

Yes; Darwin. Dynamic linker is expecting module initializer to be defined within the module itself, otherwise it says:
dyld: initializer function <address> not in mapped image

Interesting. Does this mean that you are porting tsan/msan to Darwin?
This, especially for msan, could be a great challenge.

Yes, tsan on Darwin. It's mostly working. TLS is the biggest problem. My patches are far from submission quality right now, but I am working on it. Basically;

cur_thread() cannot use cur_thread_placeholder, because its storage initialized too late. I will certainly need help with this one. I use malloc to obtain storage, and store this pointer with pthread_setspecific, where key is the finalize key (and that is still a problem :) )
Race report doesn't print function name - I think this is easy to fix, although I didn't carefully check yet. I have found TSan's report format is slightly different with ASan's, and ASan report prints function name. Maybe it's really that easy, maybe not...
I mostly copied pthread_barrier implementation from FreeBSD, as some tests use this.

After getting TSan to run on Darwin, I can try MSan as well.

Revision Contents

Path

Size

include/

llvm/

Transforms/

Utils/

ModuleUtils.h

23 lines

lib/

Transforms/

Instrumentation/

AddressSanitizer.cpp

114 lines

MemorySanitizer.cpp

13 lines

SanitizerCoverage.cpp

51 lines

ThreadSanitizer.cpp

124 lines

Utils/

ModuleUtils.cpp

48 lines

Diff 23018

include/llvm/Transforms/Utils/ModuleUtils.h

	//===-- ModuleUtils.h - Functions to manipulate Modules ---------- C++ --===//			//===-- ModuleUtils.h - Functions to manipulate Modules ---------- C++ --===//
	//			//
	// The LLVM Compiler Infrastructure			// The LLVM Compiler Infrastructure
	//			//
	// This file is distributed under the University of Illinois Open Source			// This file is distributed under the University of Illinois Open Source
	// License. See LICENSE.TXT for details.			// License. See LICENSE.TXT for details.
	//			//
	//===----------------------------------------------------------------------===//			//===----------------------------------------------------------------------===//
	//			//
	// This family of functions perform manipulations on Modules.			// This family of functions perform manipulations on Modules.
	//			//
	//===----------------------------------------------------------------------===//			//===----------------------------------------------------------------------===//

	#ifndef LLVM_TRANSFORMS_UTILS_MODULEUTILS_H			#ifndef LLVM_TRANSFORMS_UTILS_MODULEUTILS_H
	#define LLVM_TRANSFORMS_UTILS_MODULEUTILS_H			#define LLVM_TRANSFORMS_UTILS_MODULEUTILS_H

				#include "llvm/ADT/ArrayRef.h"

	namespace llvm {			namespace llvm {

	class Module;			class Module;
	class Function;			class Function;
	class GlobalValue;			class GlobalValue;
	class GlobalVariable;			class GlobalVariable;
				class Constant;
				class StringRef;
				class Value;
				class Type;
	template <class PtrType> class SmallPtrSetImpl;			template <class PtrType> class SmallPtrSetImpl;

	/// Append F to the list of global ctors of module M with the given Priority.			/// Append F to the list of global ctors of module M with the given Priority.
	/// This wraps the function in the appropriate structure and stores it along			/// This wraps the function in the appropriate structure and stores it along
	/// side other global constructors. For details see			/// side other global constructors. For details see
	/// http://llvm.org/docs/LangRef.html#intg_global_ctors			/// http://llvm.org/docs/LangRef.html#intg_global_ctors
	void appendToGlobalCtors(Module &M, Function *F, int Priority);			void appendToGlobalCtors(Module &M, Function *F, int Priority);

	/// Same as appendToGlobalCtors(), but for global dtors.			/// Same as appendToGlobalCtors(), but for global dtors.
	void appendToGlobalDtors(Module &M, Function *F, int Priority);			void appendToGlobalDtors(Module &M, Function *F, int Priority);

	/// \brief Given "llvm.used" or "llvm.compiler.used" as a global name, collect			/// \brief Given "llvm.used" or "llvm.compiler.used" as a global name, collect
	/// the initializer elements of that global in Set and return the global itself.			/// the initializer elements of that global in Set and return the global itself.
	GlobalVariable *collectUsedGlobalVariables(Module &M,			GlobalVariable *collectUsedGlobalVariables(Module &M,
	SmallPtrSetImpl<GlobalValue *> &Set,			SmallPtrSetImpl<GlobalValue *> &Set,
	bool CompilerUsed);			bool CompilerUsed);

				// Validate the result of Module::getOrInsertFunction called for an interface
				// function of given sanitizer. If the instrumented module defines a function
				// with the same name, their prototypes must match, otherwise
				// getOrInsertFunction returns a bitcast.
				Function checkInterfaceFunction(StringRef Sanitizer, Constant FuncOrBitcast);

				/// \brief Creates sanitizer constructor function, and calls sanitizer's init
				/// function from it.
				Function *createSanitizerCtor(Module &M, StringRef Sanitizer,
				StringRef CtorName, StringRef InitName,
				ArrayRef<Type > InitType = ArrayRef<Type >(),
				ArrayRef<Value > InitArgs = ArrayRef<Value >(),
				Function **InitFunctionPtr = nullptr);
				Function *createSanitizerCtor(Module &M, StringRef Sanitizer,
				StringRef CtorName, StringRef InitName,
				Function **InitFunctionPtr);
	} // End llvm namespace			} // End llvm namespace

	#endif // LLVM_TRANSFORMS_UTILS_MODULEUTILS_H			#endif // LLVM_TRANSFORMS_UTILS_MODULEUTILS_H

lib/Transforms/Instrumentation/AddressSanitizer.cpp

Show First 20 Lines • Show All 962 Lines • ▼ Show 20 Lines	if ((TypeSize == 8 \|\| TypeSize == 16 \|\| TypeSize == 32 \|\| TypeSize == 64 \|\|
TypeSize == 128) &&		TypeSize == 128) &&
(Alignment >= Granularity \|\| Alignment == 0 \|\| Alignment >= TypeSize / 8))		(Alignment >= Granularity \|\| Alignment == 0 \|\| Alignment >= TypeSize / 8))
return instrumentAddress(I, I, Addr, TypeSize, IsWrite, nullptr, UseCalls,		return instrumentAddress(I, I, Addr, TypeSize, IsWrite, nullptr, UseCalls,
Exp);		Exp);
instrumentUnusualSizeOrAlignment(I, Addr, TypeSize, IsWrite, nullptr,		instrumentUnusualSizeOrAlignment(I, Addr, TypeSize, IsWrite, nullptr,
UseCalls, Exp);		UseCalls, Exp);
}		}

// Validate the result of Module::getOrInsertFunction called for an interface
// function of AddressSanitizer. If the instrumented module defines a function
// with the same name, their prototypes must match, otherwise
// getOrInsertFunction returns a bitcast.
static Function checkInterfaceFunction(Constant FuncOrBitcast) {
if (isa<Function>(FuncOrBitcast)) return cast<Function>(FuncOrBitcast);
FuncOrBitcast->dump();
report_fatal_error(
"trying to redefine an AddressSanitizer "
"interface function");
}

Instruction AddressSanitizer::generateCrashCode(Instruction InsertBefore,		Instruction AddressSanitizer::generateCrashCode(Instruction InsertBefore,
Value *Addr, bool IsWrite,		Value *Addr, bool IsWrite,
size_t AccessSizeIndex,		size_t AccessSizeIndex,
Value *SizeArgument,		Value *SizeArgument,
uint32_t Exp) {		uint32_t Exp) {
IRBuilder<> IRB(InsertBefore);		IRBuilder<> IRB(InsertBefore);
Value *ExpVal = Exp == 0 ? nullptr : ConstantInt::get(IRB.getInt32Ty(), Exp);		Value *ExpVal = Exp == 0 ? nullptr : ConstantInt::get(IRB.getInt32Ty(), Exp);
CallInst *Call = nullptr;		CallInst *Call = nullptr;
▲ Show 20 Lines • Show All 232 Lines • ▼ Show 20 Lines	bool AddressSanitizerModule::ShouldInstrumentGlobal(GlobalVariable *G) {
}		}

return true;		return true;
}		}

void AddressSanitizerModule::initializeCallbacks(Module &M) {		void AddressSanitizerModule::initializeCallbacks(Module &M) {
IRBuilder<> IRB(*C);		IRBuilder<> IRB(*C);
// Declare our poisoning and unpoisoning functions.		// Declare our poisoning and unpoisoning functions.
AsanPoisonGlobals = checkInterfaceFunction(M.getOrInsertFunction(		AsanPoisonGlobals = checkInterfaceFunction(
kAsanPoisonGlobalsName, IRB.getVoidTy(), IntptrTy, nullptr));		"AddressSanitizer",
		kccUnsubmitted Not Done Reply Inline Actions here and below, please use a file-static named constant (e.g. kSanitizerName) kcc: here and below, please use a file-static named constant (e.g. kSanitizerName)
		M.getOrInsertFunction(kAsanPoisonGlobalsName, IRB.getVoidTy(), IntptrTy,
		nullptr));
AsanPoisonGlobals->setLinkage(Function::ExternalLinkage);		AsanPoisonGlobals->setLinkage(Function::ExternalLinkage);
AsanUnpoisonGlobals = checkInterfaceFunction(M.getOrInsertFunction(		AsanUnpoisonGlobals = checkInterfaceFunction(
kAsanUnpoisonGlobalsName, IRB.getVoidTy(), nullptr));		"AddressSanitizer", M.getOrInsertFunction(kAsanUnpoisonGlobalsName,
		IRB.getVoidTy(), nullptr));
AsanUnpoisonGlobals->setLinkage(Function::ExternalLinkage);		AsanUnpoisonGlobals->setLinkage(Function::ExternalLinkage);
// Declare functions that register/unregister globals.		// Declare functions that register/unregister globals.
AsanRegisterGlobals = checkInterfaceFunction(M.getOrInsertFunction(		AsanRegisterGlobals = checkInterfaceFunction(
kAsanRegisterGlobalsName, IRB.getVoidTy(), IntptrTy, IntptrTy, nullptr));		"AddressSanitizer",
		M.getOrInsertFunction(kAsanRegisterGlobalsName, IRB.getVoidTy(), IntptrTy,
		IntptrTy, nullptr));
AsanRegisterGlobals->setLinkage(Function::ExternalLinkage);		AsanRegisterGlobals->setLinkage(Function::ExternalLinkage);
AsanUnregisterGlobals = checkInterfaceFunction(		AsanUnregisterGlobals = checkInterfaceFunction(
		"AddressSanitizer",
M.getOrInsertFunction(kAsanUnregisterGlobalsName, IRB.getVoidTy(),		M.getOrInsertFunction(kAsanUnregisterGlobalsName, IRB.getVoidTy(),
IntptrTy, IntptrTy, nullptr));		IntptrTy, IntptrTy, nullptr));
AsanUnregisterGlobals->setLinkage(Function::ExternalLinkage);		AsanUnregisterGlobals->setLinkage(Function::ExternalLinkage);
}		}

// This function replaces all global variables with new variables that have		// This function replaces all global variables with new variables that have
// trailing redzones. It also creates a function that poisons		// trailing redzones. It also creates a function that poisons
// redzones and inserts this function into llvm.global_ctors.		// redzones and inserts this function into llvm.global_ctors.
▲ Show 20 Lines • Show All 152 Lines • ▼ Show 20 Lines	void AddressSanitizer::initializeCallbacks(Module &M) {
IRBuilder<> IRB(*C);		IRBuilder<> IRB(*C);
// Create __asan_report* callbacks.		// Create __asan_report* callbacks.
// IsWrite, TypeSize and Exp are encoded in the function name.		// IsWrite, TypeSize and Exp are encoded in the function name.
for (int Exp = 0; Exp < 2; Exp++) {		for (int Exp = 0; Exp < 2; Exp++) {
for (size_t AccessIsWrite = 0; AccessIsWrite <= 1; AccessIsWrite++) {		for (size_t AccessIsWrite = 0; AccessIsWrite <= 1; AccessIsWrite++) {
const std::string TypeStr = AccessIsWrite ? "store" : "load";		const std::string TypeStr = AccessIsWrite ? "store" : "load";
const std::string ExpStr = Exp ? "exp_" : "";		const std::string ExpStr = Exp ? "exp_" : "";
const Type ExpType = Exp ? Type::getInt32Ty(C) : nullptr;		const Type ExpType = Exp ? Type::getInt32Ty(C) : nullptr;
AsanErrorCallbackSized[AccessIsWrite][Exp] =		AsanErrorCallbackSized[AccessIsWrite][Exp] = checkInterfaceFunction(
checkInterfaceFunction(M.getOrInsertFunction(		"AddressSanitizer",
		M.getOrInsertFunction(
kAsanReportErrorTemplate + ExpStr + TypeStr + "_n",		kAsanReportErrorTemplate + ExpStr + TypeStr + "_n",
IRB.getVoidTy(), IntptrTy, IntptrTy, ExpType, nullptr));		IRB.getVoidTy(), IntptrTy, IntptrTy, ExpType, nullptr));
AsanMemoryAccessCallbackSized[AccessIsWrite][Exp] =		AsanMemoryAccessCallbackSized[AccessIsWrite][Exp] =
checkInterfaceFunction(M.getOrInsertFunction(		checkInterfaceFunction(
		"AddressSanitizer",
		M.getOrInsertFunction(
ClMemoryAccessCallbackPrefix + ExpStr + TypeStr + "N",		ClMemoryAccessCallbackPrefix + ExpStr + TypeStr + "N",
IRB.getVoidTy(), IntptrTy, IntptrTy, ExpType, nullptr));		IRB.getVoidTy(), IntptrTy, IntptrTy, ExpType, nullptr));
for (size_t AccessSizeIndex = 0; AccessSizeIndex < kNumberOfAccessSizes;		for (size_t AccessSizeIndex = 0; AccessSizeIndex < kNumberOfAccessSizes;
AccessSizeIndex++) {		AccessSizeIndex++) {
const std::string Suffix = TypeStr + itostr(1 << AccessSizeIndex);		const std::string Suffix = TypeStr + itostr(1 << AccessSizeIndex);
AsanErrorCallback[AccessIsWrite][Exp][AccessSizeIndex] =		AsanErrorCallback[AccessIsWrite][Exp][AccessSizeIndex] =
checkInterfaceFunction(M.getOrInsertFunction(		checkInterfaceFunction(
		"AddressSanitizer",
		M.getOrInsertFunction(
kAsanReportErrorTemplate + ExpStr + Suffix, IRB.getVoidTy(),		kAsanReportErrorTemplate + ExpStr + Suffix, IRB.getVoidTy(),
IntptrTy, ExpType, nullptr));		IntptrTy, ExpType, nullptr));
AsanMemoryAccessCallback[AccessIsWrite][Exp][AccessSizeIndex] =		AsanMemoryAccessCallback[AccessIsWrite][Exp][AccessSizeIndex] =
checkInterfaceFunction(M.getOrInsertFunction(		checkInterfaceFunction(
ClMemoryAccessCallbackPrefix + ExpStr + Suffix, IRB.getVoidTy(),		"AddressSanitizer",
IntptrTy, ExpType, nullptr));		M.getOrInsertFunction(
		ClMemoryAccessCallbackPrefix + ExpStr + Suffix,
		IRB.getVoidTy(), IntptrTy, ExpType, nullptr));
}		}
}		}
}		}

AsanMemmove = checkInterfaceFunction(M.getOrInsertFunction(		AsanMemmove = checkInterfaceFunction(
ClMemoryAccessCallbackPrefix + "memmove", IRB.getInt8PtrTy(),		"AddressSanitizer",
IRB.getInt8PtrTy(), IRB.getInt8PtrTy(), IntptrTy, nullptr));		M.getOrInsertFunction(ClMemoryAccessCallbackPrefix + "memmove",
AsanMemcpy = checkInterfaceFunction(M.getOrInsertFunction(		IRB.getInt8PtrTy(), IRB.getInt8PtrTy(),
ClMemoryAccessCallbackPrefix + "memcpy", IRB.getInt8PtrTy(),		IRB.getInt8PtrTy(), IntptrTy, nullptr));
IRB.getInt8PtrTy(), IRB.getInt8PtrTy(), IntptrTy, nullptr));		AsanMemcpy = checkInterfaceFunction(
AsanMemset = checkInterfaceFunction(M.getOrInsertFunction(		"AddressSanitizer",
ClMemoryAccessCallbackPrefix + "memset", IRB.getInt8PtrTy(),		M.getOrInsertFunction(ClMemoryAccessCallbackPrefix + "memcpy",
IRB.getInt8PtrTy(), IRB.getInt32Ty(), IntptrTy, nullptr));		IRB.getInt8PtrTy(), IRB.getInt8PtrTy(),
		IRB.getInt8PtrTy(), IntptrTy, nullptr));
		AsanMemset = checkInterfaceFunction(
		"AddressSanitizer",
		M.getOrInsertFunction(ClMemoryAccessCallbackPrefix + "memset",
		IRB.getInt8PtrTy(), IRB.getInt8PtrTy(),
		IRB.getInt32Ty(), IntptrTy, nullptr));

AsanHandleNoReturnFunc = checkInterfaceFunction(		AsanHandleNoReturnFunc = checkInterfaceFunction(
		"AddressSanitizer",
M.getOrInsertFunction(kAsanHandleNoReturnName, IRB.getVoidTy(), nullptr));		M.getOrInsertFunction(kAsanHandleNoReturnName, IRB.getVoidTy(), nullptr));

AsanPtrCmpFunction = checkInterfaceFunction(M.getOrInsertFunction(		AsanPtrCmpFunction = checkInterfaceFunction(
kAsanPtrCmp, IRB.getVoidTy(), IntptrTy, IntptrTy, nullptr));		"AddressSanitizer", M.getOrInsertFunction(kAsanPtrCmp, IRB.getVoidTy(),
AsanPtrSubFunction = checkInterfaceFunction(M.getOrInsertFunction(		IntptrTy, IntptrTy, nullptr));
kAsanPtrSub, IRB.getVoidTy(), IntptrTy, IntptrTy, nullptr));		AsanPtrSubFunction = checkInterfaceFunction(
		"AddressSanitizer", M.getOrInsertFunction(kAsanPtrSub, IRB.getVoidTy(),
		IntptrTy, IntptrTy, nullptr));
// We insert an empty inline asm after __asan_report* to avoid callback merge.		// We insert an empty inline asm after __asan_report* to avoid callback merge.
EmptyAsm = InlineAsm::get(FunctionType::get(IRB.getVoidTy(), false),		EmptyAsm = InlineAsm::get(FunctionType::get(IRB.getVoidTy(), false),
StringRef(""), StringRef(""),		StringRef(""), StringRef(""),
/hasSideEffects=/true);		/hasSideEffects=/true);
}		}

// virtual		// virtual
bool AddressSanitizer::doInitialization(Module &M) {		bool AddressSanitizer::doInitialization(Module &M) {
// Initialize the private fields. No one has accessed them before.		// Initialize the private fields. No one has accessed them before.

GlobalsMD.init(M);		GlobalsMD.init(M);

C = &(M.getContext());		C = &(M.getContext());
LongSize = M.getDataLayout().getPointerSizeInBits();		LongSize = M.getDataLayout().getPointerSizeInBits();
IntptrTy = Type::getIntNTy(*C, LongSize);		IntptrTy = Type::getIntNTy(*C, LongSize);
TargetTriple = Triple(M.getTargetTriple());		TargetTriple = Triple(M.getTargetTriple());

AsanCtorFunction =		AsanCtorFunction =
Function::Create(FunctionType::get(Type::getVoidTy(*C), false),		createSanitizerCtor(M, "AddressSanitizer", kAsanModuleCtorName,
GlobalValue::InternalLinkage, kAsanModuleCtorName, &M);		kAsanInitName, &AsanInitFunction);
BasicBlock AsanCtorBB = BasicBlock::Create(C, "", AsanCtorFunction);
// call __asan_init in the module ctor.
IRBuilder<> IRB(ReturnInst::Create(*C, AsanCtorBB));
AsanInitFunction = checkInterfaceFunction(
M.getOrInsertFunction(kAsanInitName, IRB.getVoidTy(), nullptr));
AsanInitFunction->setLinkage(Function::ExternalLinkage);
IRB.CreateCall(AsanInitFunction);

Mapping = getShadowMapping(TargetTriple, LongSize);		Mapping = getShadowMapping(TargetTriple, LongSize);

appendToGlobalCtors(M, AsanCtorFunction, kAsanCtorAndDtorPriority);		appendToGlobalCtors(M, AsanCtorFunction, kAsanCtorAndDtorPriority);
return true;		return true;
}		}

bool AddressSanitizer::maybeInsertAsanInitAtFunctionEntry(Function &F) {		bool AddressSanitizer::maybeInsertAsanInitAtFunctionEntry(Function &F) {
▲ Show 20 Lines • Show All 132 Lines • ▼ Show 20 Lines	bool AddressSanitizer::LooksLikeCodeInBug11395(Instruction *I) {
// We have inline assembly with quite a few arguments.		// We have inline assembly with quite a few arguments.
return true;		return true;
}		}

void FunctionStackPoisoner::initializeCallbacks(Module &M) {		void FunctionStackPoisoner::initializeCallbacks(Module &M) {
IRBuilder<> IRB(*C);		IRBuilder<> IRB(*C);
for (int i = 0; i <= kMaxAsanStackMallocSizeClass; i++) {		for (int i = 0; i <= kMaxAsanStackMallocSizeClass; i++) {
std::string Suffix = itostr(i);		std::string Suffix = itostr(i);
AsanStackMallocFunc[i] = checkInterfaceFunction(M.getOrInsertFunction(		AsanStackMallocFunc[i] = checkInterfaceFunction(
kAsanStackMallocNameTemplate + Suffix, IntptrTy, IntptrTy, nullptr));		"AddressSanitizer",
		M.getOrInsertFunction(kAsanStackMallocNameTemplate + Suffix, IntptrTy,
		IntptrTy, nullptr));
AsanStackFreeFunc[i] = checkInterfaceFunction(		AsanStackFreeFunc[i] = checkInterfaceFunction(
		"AddressSanitizer",
M.getOrInsertFunction(kAsanStackFreeNameTemplate + Suffix,		M.getOrInsertFunction(kAsanStackFreeNameTemplate + Suffix,
IRB.getVoidTy(), IntptrTy, IntptrTy, nullptr));		IRB.getVoidTy(), IntptrTy, IntptrTy, nullptr));
}		}
AsanPoisonStackMemoryFunc = checkInterfaceFunction(		AsanPoisonStackMemoryFunc = checkInterfaceFunction(
		"AddressSanitizer",
M.getOrInsertFunction(kAsanPoisonStackMemoryName, IRB.getVoidTy(),		M.getOrInsertFunction(kAsanPoisonStackMemoryName, IRB.getVoidTy(),
IntptrTy, IntptrTy, nullptr));		IntptrTy, IntptrTy, nullptr));
AsanUnpoisonStackMemoryFunc = checkInterfaceFunction(		AsanUnpoisonStackMemoryFunc = checkInterfaceFunction(
		"AddressSanitizer",
M.getOrInsertFunction(kAsanUnpoisonStackMemoryName, IRB.getVoidTy(),		M.getOrInsertFunction(kAsanUnpoisonStackMemoryName, IRB.getVoidTy(),
IntptrTy, IntptrTy, nullptr));		IntptrTy, IntptrTy, nullptr));
}		}

void FunctionStackPoisoner::poisonRedZones(ArrayRef<uint8_t> ShadowBytes,		void FunctionStackPoisoner::poisonRedZones(ArrayRef<uint8_t> ShadowBytes,
IRBuilder<> &IRB, Value *ShadowBase,		IRBuilder<> &IRB, Value *ShadowBase,
bool DoPoison) {		bool DoPoison) {
size_t n = ShadowBytes.size();		size_t n = ShadowBytes.size();
▲ Show 20 Lines • Show All 484 Lines • Show Last 20 Lines

lib/Transforms/Instrumentation/MemorySanitizer.cpp

Show First 20 Lines • Show All 185 Lines • ▼ Show 20 Lines

// This is an experiment to enable handling of cases where shadow is a non-zero		// This is an experiment to enable handling of cases where shadow is a non-zero
// compile-time constant. For some unexplainable reason they were silently		// compile-time constant. For some unexplainable reason they were silently
// ignored in the instrumentation.		// ignored in the instrumentation.
static cl::opt<bool> ClCheckConstantShadow("msan-check-constant-shadow",		static cl::opt<bool> ClCheckConstantShadow("msan-check-constant-shadow",
cl::desc("Insert checks for constant shadow values"),		cl::desc("Insert checks for constant shadow values"),
cl::Hidden, cl::init(false));		cl::Hidden, cl::init(false));

		static const char *const kMsanModuleCtorName = "msan.module_ctor";
		static const char *const kMsanInitName = "__msan_init";

namespace {		namespace {

// Memory map parameters used in application-to-shadow address calculation.		// Memory map parameters used in application-to-shadow address calculation.
// Offset = (Addr & ~AndMask) ^ XorMask		// Offset = (Addr & ~AndMask) ^ XorMask
// Shadow = ShadowBase + Offset		// Shadow = ShadowBase + Offset
// Origin = OriginBase + Offset		// Origin = OriginBase + Offset
struct MemoryMapParams {		struct MemoryMapParams {
uint64_t AndMask;		uint64_t AndMask;
▲ Show 20 Lines • Show All 125 Lines • ▼ Show 20 Lines	private:
/// \brief Memory map parameters used in application-to-shadow calculation.		/// \brief Memory map parameters used in application-to-shadow calculation.
const MemoryMapParams *MapParams;		const MemoryMapParams *MapParams;

MDNode *ColdCallWeights;		MDNode *ColdCallWeights;
/// \brief Branch weights for origin store.		/// \brief Branch weights for origin store.
MDNode *OriginStoreWeights;		MDNode *OriginStoreWeights;
/// \brief An empty volatile inline asm that prevents callback merge.		/// \brief An empty volatile inline asm that prevents callback merge.
InlineAsm *EmptyAsm;		InlineAsm *EmptyAsm;
		Function *MsanCtorFunction;

friend struct MemorySanitizerVisitor;		friend struct MemorySanitizerVisitor;
friend struct VarArgAMD64Helper;		friend struct VarArgAMD64Helper;
friend struct VarArgMIPS64Helper;		friend struct VarArgMIPS64Helper;
};		};
} // namespace		} // namespace

char MemorySanitizer::ID = 0;		char MemorySanitizer::ID = 0;
▲ Show 20 Lines • Show All 143 Lines • ▼ Show 20 Lines	bool MemorySanitizer::doInitialization(Module &M) {
C = &(M.getContext());		C = &(M.getContext());
IRBuilder<> IRB(*C);		IRBuilder<> IRB(*C);
IntptrTy = IRB.getIntPtrTy(DL);		IntptrTy = IRB.getIntPtrTy(DL);
OriginTy = IRB.getInt32Ty();		OriginTy = IRB.getInt32Ty();

ColdCallWeights = MDBuilder(*C).createBranchWeights(1, 1000);		ColdCallWeights = MDBuilder(*C).createBranchWeights(1, 1000);
OriginStoreWeights = MDBuilder(*C).createBranchWeights(1, 1000);		OriginStoreWeights = MDBuilder(*C).createBranchWeights(1, 1000);

// Insert a call to __msan_init/__msan_track_origins into the module's CTORs.		MsanCtorFunction = createSanitizerCtor(M, "MemorySanitizer",
appendToGlobalCtors(M, cast<Function>(M.getOrInsertFunction(		kMsanModuleCtorName, kMsanInitName);
"__msan_init", IRB.getVoidTy(), nullptr)), 0);
		appendToGlobalCtors(M, MsanCtorFunction, 0);

if (TrackOrigins)		if (TrackOrigins)
new GlobalVariable(M, IRB.getInt32Ty(), true, GlobalValue::WeakODRLinkage,		new GlobalVariable(M, IRB.getInt32Ty(), true, GlobalValue::WeakODRLinkage,
IRB.getInt32(TrackOrigins), "__msan_track_origins");		IRB.getInt32(TrackOrigins), "__msan_track_origins");

if (ClKeepGoing)		if (ClKeepGoing)
new GlobalVariable(M, IRB.getInt32Ty(), true, GlobalValue::WeakODRLinkage,		new GlobalVariable(M, IRB.getInt32Ty(), true, GlobalValue::WeakODRLinkage,
IRB.getInt32(ClKeepGoing), "__msan_keep_going");		IRB.getInt32(ClKeepGoing), "__msan_keep_going");
▲ Show 20 Lines • Show All 2,471 Lines • ▼ Show 20 Lines	else if (TargetTriple.getArch() == llvm::Triple::mips64 \|\|
return new VarArgMIPS64Helper(Func, Msan, Visitor);		return new VarArgMIPS64Helper(Func, Msan, Visitor);
else		else
return new VarArgNoOpHelper(Func, Msan, Visitor);		return new VarArgNoOpHelper(Func, Msan, Visitor);
}		}

} // namespace		} // namespace

bool MemorySanitizer::runOnFunction(Function &F) {		bool MemorySanitizer::runOnFunction(Function &F) {
		if (&F == MsanCtorFunction)
		return false;
MemorySanitizerVisitor Visitor(F, *this);		MemorySanitizerVisitor Visitor(F, *this);

// Clear out readonly/readnone attributes.		// Clear out readonly/readnone attributes.
AttrBuilder B;		AttrBuilder B;
B.addAttribute(Attribute::ReadOnly)		B.addAttribute(Attribute::ReadOnly)
.addAttribute(Attribute::ReadNone);		.addAttribute(Attribute::ReadNone);
F.removeAttributes(AttributeSet::FunctionIndex,		F.removeAttributes(AttributeSet::FunctionIndex,
AttributeSet::get(F.getContext(),		AttributeSet::get(F.getContext(),
AttributeSet::FunctionIndex, B));		AttributeSet::FunctionIndex, B));

return Visitor.runOnFunction();		return Visitor.runOnFunction();
}		}

lib/Transforms/Instrumentation/SanitizerCoverage.cpp

Show First 20 Lines • Show All 134 Lines • ▼ Show 20 Lines	private:
GlobalVariable *GuardArray;		GlobalVariable *GuardArray;
GlobalVariable *EightBitCounterArray;		GlobalVariable *EightBitCounterArray;

int CoverageLevel;		int CoverageLevel;
};		};

} // namespace		} // namespace

static Function checkInterfaceFunction(Constant FuncOrBitcast) {
if (Function *F = dyn_cast<Function>(FuncOrBitcast))
return F;
std::string Err;
raw_string_ostream Stream(Err);
Stream << "SanitizerCoverage interface function redefined: "
<< *FuncOrBitcast;
report_fatal_error(Err);
}

bool SanitizerCoverageModule::runOnModule(Module &M) {		bool SanitizerCoverageModule::runOnModule(Module &M) {
if (!CoverageLevel) return false;		if (!CoverageLevel) return false;
C = &(M.getContext());		C = &(M.getContext());
DL = &M.getDataLayout();		DL = &M.getDataLayout();
IntptrTy = Type::getIntNTy(*C, DL->getPointerSizeInBits());		IntptrTy = Type::getIntNTy(*C, DL->getPointerSizeInBits());
Type VoidTy = Type::getVoidTy(C);		Type VoidTy = Type::getVoidTy(C);
IRBuilder<> IRB(*C);		IRBuilder<> IRB(*C);
Type *Int8PtrTy = PointerType::getUnqual(IRB.getInt8Ty());		Type *Int8PtrTy = PointerType::getUnqual(IRB.getInt8Ty());
Type *Int32PtrTy = PointerType::getUnqual(IRB.getInt32Ty());		Type *Int32PtrTy = PointerType::getUnqual(IRB.getInt32Ty());
Int64Ty = IRB.getInt64Ty();		Int64Ty = IRB.getInt64Ty();

Function *CtorFunc =
Function::Create(FunctionType::get(VoidTy, false),
GlobalValue::InternalLinkage, kSanCovModuleCtorName, &M);
ReturnInst::Create(C, BasicBlock::Create(C, "", CtorFunc));
appendToGlobalCtors(M, CtorFunc, kSanCtorAndDtorPriority);

SanCovFunction = checkInterfaceFunction(		SanCovFunction = checkInterfaceFunction(
		"SanitizerCoverage",
M.getOrInsertFunction(kSanCovName, VoidTy, Int32PtrTy, nullptr));		M.getOrInsertFunction(kSanCovName, VoidTy, Int32PtrTy, nullptr));
SanCovWithCheckFunction = checkInterfaceFunction(		SanCovWithCheckFunction = checkInterfaceFunction(
		"SanitizerCoverage",
M.getOrInsertFunction(kSanCovWithCheckName, VoidTy, Int32PtrTy, nullptr));		M.getOrInsertFunction(kSanCovWithCheckName, VoidTy, Int32PtrTy, nullptr));
SanCovIndirCallFunction = checkInterfaceFunction(M.getOrInsertFunction(		SanCovIndirCallFunction = checkInterfaceFunction(
kSanCovIndirCallName, VoidTy, IntptrTy, IntptrTy, nullptr));		"SanitizerCoverage", M.getOrInsertFunction(kSanCovIndirCallName, VoidTy,
SanCovTraceCmpFunction = checkInterfaceFunction(M.getOrInsertFunction(		IntptrTy, IntptrTy, nullptr));
kSanCovTraceCmp, VoidTy, Int64Ty, Int64Ty, Int64Ty, nullptr));		SanCovTraceCmpFunction = checkInterfaceFunction(
		"SanitizerCoverage",
SanCovModuleInit = checkInterfaceFunction(M.getOrInsertFunction(		M.getOrInsertFunction(kSanCovTraceCmp, VoidTy, Int64Ty, Int64Ty, Int64Ty,
kSanCovModuleInitName, Type::getVoidTy(*C), Int32PtrTy, IntptrTy,		nullptr));
Int8PtrTy, Int8PtrTy, nullptr));
SanCovModuleInit->setLinkage(Function::ExternalLinkage);
// We insert an empty inline asm after cov callbacks to avoid callback merge.		// We insert an empty inline asm after cov callbacks to avoid callback merge.
EmptyAsm = InlineAsm::get(FunctionType::get(IRB.getVoidTy(), false),		EmptyAsm = InlineAsm::get(FunctionType::get(IRB.getVoidTy(), false),
StringRef(""), StringRef(""),		StringRef(""), StringRef(""),
/hasSideEffects=/true);		/hasSideEffects=/true);

if (ClExperimentalTracing) {		if (ClExperimentalTracing) {
SanCovTraceEnter = checkInterfaceFunction(		SanCovTraceEnter = checkInterfaceFunction(
		"SanitizerCoverage",
M.getOrInsertFunction(kSanCovTraceEnter, VoidTy, Int32PtrTy, nullptr));		M.getOrInsertFunction(kSanCovTraceEnter, VoidTy, Int32PtrTy, nullptr));
SanCovTraceBB = checkInterfaceFunction(		SanCovTraceBB = checkInterfaceFunction(
		"SanitizerCoverage",
M.getOrInsertFunction(kSanCovTraceBB, VoidTy, Int32PtrTy, nullptr));		M.getOrInsertFunction(kSanCovTraceBB, VoidTy, Int32PtrTy, nullptr));
}		}

// At this point we create a dummy array of guards because we don't		// At this point we create a dummy array of guards because we don't
// know how many elements we will need.		// know how many elements we will need.
Type *Int32Ty = IRB.getInt32Ty();		Type *Int32Ty = IRB.getInt32Ty();
Type *Int8Ty = IRB.getInt8Ty();		Type *Int8Ty = IRB.getInt8Ty();

Show All 40 Lines	bool SanitizerCoverageModule::runOnModule(Module &M) {

// Create variable for module (compilation unit) name		// Create variable for module (compilation unit) name
Constant *ModNameStrConst =		Constant *ModNameStrConst =
ConstantDataArray::getString(M.getContext(), M.getName(), true);		ConstantDataArray::getString(M.getContext(), M.getName(), true);
GlobalVariable *ModuleName =		GlobalVariable *ModuleName =
new GlobalVariable(M, ModNameStrConst->getType(), true,		new GlobalVariable(M, ModNameStrConst->getType(), true,
GlobalValue::PrivateLinkage, ModNameStrConst);		GlobalValue::PrivateLinkage, ModNameStrConst);

// Call __sanitizer_cov_module_init		ArrayRef<Value *> InitArgs = {
IRB.SetInsertPoint(CtorFunc->getEntryBlock().getTerminator());		IRB.CreatePointerCast(RealGuardArray, Int32PtrTy),
IRB.CreateCall4(
SanCovModuleInit, IRB.CreatePointerCast(RealGuardArray, Int32PtrTy),
ConstantInt::get(IntptrTy, N),		ConstantInt::get(IntptrTy, N),
ClUse8bitCounters		ClUse8bitCounters
? IRB.CreatePointerCast(RealEightBitCounterArray, Int8PtrTy)		? IRB.CreatePointerCast(RealEightBitCounterArray, Int8PtrTy)
: Constant::getNullValue(Int8PtrTy),		: Constant::getNullValue(Int8PtrTy),
IRB.CreatePointerCast(ModuleName, Int8PtrTy));		IRB.CreatePointerCast(ModuleName, Int8PtrTy)};

		Function *CtorFunc = createSanitizerCtor(
		M, "SanitizerCoverage", kSanCovModuleCtorName, kSanCovModuleInitName,
		{Int32PtrTy, IntptrTy, Int8PtrTy, Int8PtrTy}, InitArgs,
		&SanCovModuleInit);

		appendToGlobalCtors(M, CtorFunc, kSanCtorAndDtorPriority);

return true;		return true;
}		}

bool SanitizerCoverageModule::runOnFunction(Function &F) {		bool SanitizerCoverageModule::runOnFunction(Function &F) {
if (F.empty()) return false;		if (F.empty()) return false;
if (F.getName().find(".module_ctor") != std::string::npos)		if (F.getName().find(".module_ctor") != std::string::npos)
return false; // Should not instrument sanitizer init functions.		return false; // Should not instrument sanitizer init functions.
if (CoverageLevel >= 3)		if (CoverageLevel >= 3)
▲ Show 20 Lines • Show All 160 Lines • Show Last 20 Lines

lib/Transforms/Instrumentation/ThreadSanitizer.cpp

Show First 20 Lines • Show All 66 Lines • ▼ Show 20 Lines
STATISTIC(NumAccessesWithBadSize, "Number of accesses with bad size");		STATISTIC(NumAccessesWithBadSize, "Number of accesses with bad size");
STATISTIC(NumInstrumentedVtableWrites, "Number of vtable ptr writes");		STATISTIC(NumInstrumentedVtableWrites, "Number of vtable ptr writes");
STATISTIC(NumInstrumentedVtableReads, "Number of vtable ptr reads");		STATISTIC(NumInstrumentedVtableReads, "Number of vtable ptr reads");
STATISTIC(NumOmittedReadsFromConstantGlobals,		STATISTIC(NumOmittedReadsFromConstantGlobals,
"Number of reads from constant globals");		"Number of reads from constant globals");
STATISTIC(NumOmittedReadsFromVtable, "Number of vtable reads");		STATISTIC(NumOmittedReadsFromVtable, "Number of vtable reads");
STATISTIC(NumOmittedNonCaptured, "Number of accesses ignored due to capturing");		STATISTIC(NumOmittedNonCaptured, "Number of accesses ignored due to capturing");

		static const char *const kTsanModuleCtorName = "tsan.module_ctor";
		static const char *const kTsanInitName = "__tsan_init";

namespace {		namespace {

/// ThreadSanitizer: instrument the code in module to find races.		/// ThreadSanitizer: instrument the code in module to find races.
struct ThreadSanitizer : public FunctionPass {		struct ThreadSanitizer : public FunctionPass {
ThreadSanitizer() : FunctionPass(ID) {}		ThreadSanitizer() : FunctionPass(ID) {}
const char *getPassName() const override;		const char *getPassName() const override;
bool runOnFunction(Function &F) override;		bool runOnFunction(Function &F) override;
bool doInitialization(Module &M) override;		bool doInitialization(Module &M) override;
Show All 25 Lines	private:
Function *TsanAtomicStore[kNumberOfAccessSizes];		Function *TsanAtomicStore[kNumberOfAccessSizes];
Function *TsanAtomicRMW[AtomicRMWInst::LAST_BINOP + 1][kNumberOfAccessSizes];		Function *TsanAtomicRMW[AtomicRMWInst::LAST_BINOP + 1][kNumberOfAccessSizes];
Function *TsanAtomicCAS[kNumberOfAccessSizes];		Function *TsanAtomicCAS[kNumberOfAccessSizes];
Function *TsanAtomicThreadFence;		Function *TsanAtomicThreadFence;
Function *TsanAtomicSignalFence;		Function *TsanAtomicSignalFence;
Function *TsanVptrUpdate;		Function *TsanVptrUpdate;
Function *TsanVptrLoad;		Function *TsanVptrLoad;
Function MemmoveFn, MemcpyFn, *MemsetFn;		Function MemmoveFn, MemcpyFn, *MemsetFn;
		Function *TsanCtorFunction;
};		};
} // namespace		} // namespace

char ThreadSanitizer::ID = 0;		char ThreadSanitizer::ID = 0;
INITIALIZE_PASS(ThreadSanitizer, "tsan",		INITIALIZE_PASS(ThreadSanitizer, "tsan",
"ThreadSanitizer: detects data races.",		"ThreadSanitizer: detects data races.",
false, false)		false, false)

const char *ThreadSanitizer::getPassName() const {		const char *ThreadSanitizer::getPassName() const {
return "ThreadSanitizer";		return "ThreadSanitizer";
}		}

FunctionPass *llvm::createThreadSanitizerPass() {		FunctionPass *llvm::createThreadSanitizerPass() {
return new ThreadSanitizer();		return new ThreadSanitizer();
}		}

static Function checkInterfaceFunction(Constant FuncOrBitcast) {
if (Function *F = dyn_cast<Function>(FuncOrBitcast))
return F;
FuncOrBitcast->dump();
report_fatal_error("ThreadSanitizer interface function redefined");
}

void ThreadSanitizer::initializeCallbacks(Module &M) {		void ThreadSanitizer::initializeCallbacks(Module &M) {
IRBuilder<> IRB(M.getContext());		IRBuilder<> IRB(M.getContext());
// Initialize the callbacks.		// Initialize the callbacks.
TsanFuncEntry = checkInterfaceFunction(M.getOrInsertFunction(		TsanFuncEntry = checkInterfaceFunction(
"__tsan_func_entry", IRB.getVoidTy(), IRB.getInt8PtrTy(), nullptr));		"ThreadSanitizer",
TsanFuncExit = checkInterfaceFunction(M.getOrInsertFunction(		M.getOrInsertFunction("__tsan_func_entry", IRB.getVoidTy(),
"__tsan_func_exit", IRB.getVoidTy(), nullptr));		IRB.getInt8PtrTy(), nullptr));
		TsanFuncExit = checkInterfaceFunction(
		"ThreadSanitizer",
		M.getOrInsertFunction("__tsan_func_exit", IRB.getVoidTy(), nullptr));
OrdTy = IRB.getInt32Ty();		OrdTy = IRB.getInt32Ty();
for (size_t i = 0; i < kNumberOfAccessSizes; ++i) {		for (size_t i = 0; i < kNumberOfAccessSizes; ++i) {
const size_t ByteSize = 1 << i;		const size_t ByteSize = 1 << i;
const size_t BitSize = ByteSize * 8;		const size_t BitSize = ByteSize * 8;
SmallString<32> ReadName("__tsan_read" + itostr(ByteSize));		SmallString<32> ReadName("__tsan_read" + itostr(ByteSize));
TsanRead[i] = checkInterfaceFunction(M.getOrInsertFunction(		TsanRead[i] = checkInterfaceFunction(
ReadName, IRB.getVoidTy(), IRB.getInt8PtrTy(), nullptr));		"ThreadSanitizer", M.getOrInsertFunction(ReadName, IRB.getVoidTy(),
		IRB.getInt8PtrTy(), nullptr));

SmallString<32> WriteName("__tsan_write" + itostr(ByteSize));		SmallString<32> WriteName("__tsan_write" + itostr(ByteSize));
TsanWrite[i] = checkInterfaceFunction(M.getOrInsertFunction(		TsanWrite[i] = checkInterfaceFunction(
WriteName, IRB.getVoidTy(), IRB.getInt8PtrTy(), nullptr));		"ThreadSanitizer", M.getOrInsertFunction(WriteName, IRB.getVoidTy(),
		IRB.getInt8PtrTy(), nullptr));

SmallString<64> UnalignedReadName("__tsan_unaligned_read" +		SmallString<64> UnalignedReadName("__tsan_unaligned_read" +
itostr(ByteSize));		itostr(ByteSize));
TsanUnalignedRead[i] = checkInterfaceFunction(M.getOrInsertFunction(		TsanUnalignedRead[i] = checkInterfaceFunction(
UnalignedReadName, IRB.getVoidTy(), IRB.getInt8PtrTy(), nullptr));		"ThreadSanitizer",
		M.getOrInsertFunction(UnalignedReadName, IRB.getVoidTy(),
		IRB.getInt8PtrTy(), nullptr));

SmallString<64> UnalignedWriteName("__tsan_unaligned_write" +		SmallString<64> UnalignedWriteName("__tsan_unaligned_write" +
itostr(ByteSize));		itostr(ByteSize));
TsanUnalignedWrite[i] = checkInterfaceFunction(M.getOrInsertFunction(		TsanUnalignedWrite[i] = checkInterfaceFunction(
UnalignedWriteName, IRB.getVoidTy(), IRB.getInt8PtrTy(), nullptr));		"ThreadSanitizer",
		M.getOrInsertFunction(UnalignedWriteName, IRB.getVoidTy(),
		IRB.getInt8PtrTy(), nullptr));

Type *Ty = Type::getIntNTy(M.getContext(), BitSize);		Type *Ty = Type::getIntNTy(M.getContext(), BitSize);
Type *PtrTy = Ty->getPointerTo();		Type *PtrTy = Ty->getPointerTo();
SmallString<32> AtomicLoadName("__tsan_atomic" + itostr(BitSize) +		SmallString<32> AtomicLoadName("__tsan_atomic" + itostr(BitSize) +
"_load");		"_load");
TsanAtomicLoad[i] = checkInterfaceFunction(M.getOrInsertFunction(		TsanAtomicLoad[i] = checkInterfaceFunction(
AtomicLoadName, Ty, PtrTy, OrdTy, nullptr));		"ThreadSanitizer",
		M.getOrInsertFunction(AtomicLoadName, Ty, PtrTy, OrdTy, nullptr));

SmallString<32> AtomicStoreName("__tsan_atomic" + itostr(BitSize) +		SmallString<32> AtomicStoreName("__tsan_atomic" + itostr(BitSize) +
"_store");		"_store");
TsanAtomicStore[i] = checkInterfaceFunction(M.getOrInsertFunction(		TsanAtomicStore[i] = checkInterfaceFunction(
AtomicStoreName, IRB.getVoidTy(), PtrTy, Ty, OrdTy,		"ThreadSanitizer",
nullptr));		M.getOrInsertFunction(AtomicStoreName, IRB.getVoidTy(), PtrTy, Ty,
		OrdTy, nullptr));

for (int op = AtomicRMWInst::FIRST_BINOP;		for (int op = AtomicRMWInst::FIRST_BINOP;
op <= AtomicRMWInst::LAST_BINOP; ++op) {		op <= AtomicRMWInst::LAST_BINOP; ++op) {
TsanAtomicRMW[op][i] = nullptr;		TsanAtomicRMW[op][i] = nullptr;
const char *NamePart = nullptr;		const char *NamePart = nullptr;
if (op == AtomicRMWInst::Xchg)		if (op == AtomicRMWInst::Xchg)
NamePart = "_exchange";		NamePart = "_exchange";
else if (op == AtomicRMWInst::Add)		else if (op == AtomicRMWInst::Add)
NamePart = "_fetch_add";		NamePart = "_fetch_add";
else if (op == AtomicRMWInst::Sub)		else if (op == AtomicRMWInst::Sub)
NamePart = "_fetch_sub";		NamePart = "_fetch_sub";
else if (op == AtomicRMWInst::And)		else if (op == AtomicRMWInst::And)
NamePart = "_fetch_and";		NamePart = "_fetch_and";
else if (op == AtomicRMWInst::Or)		else if (op == AtomicRMWInst::Or)
NamePart = "_fetch_or";		NamePart = "_fetch_or";
else if (op == AtomicRMWInst::Xor)		else if (op == AtomicRMWInst::Xor)
NamePart = "_fetch_xor";		NamePart = "_fetch_xor";
else if (op == AtomicRMWInst::Nand)		else if (op == AtomicRMWInst::Nand)
NamePart = "_fetch_nand";		NamePart = "_fetch_nand";
else		else
continue;		continue;
SmallString<32> RMWName("__tsan_atomic" + itostr(BitSize) + NamePart);		SmallString<32> RMWName("__tsan_atomic" + itostr(BitSize) + NamePart);
TsanAtomicRMW[op][i] = checkInterfaceFunction(M.getOrInsertFunction(		TsanAtomicRMW[op][i] = checkInterfaceFunction(
RMWName, Ty, PtrTy, Ty, OrdTy, nullptr));		"ThreadSanitizer",
		M.getOrInsertFunction(RMWName, Ty, PtrTy, Ty, OrdTy, nullptr));
}		}

SmallString<32> AtomicCASName("__tsan_atomic" + itostr(BitSize) +		SmallString<32> AtomicCASName("__tsan_atomic" + itostr(BitSize) +
"_compare_exchange_val");		"_compare_exchange_val");
TsanAtomicCAS[i] = checkInterfaceFunction(M.getOrInsertFunction(		TsanAtomicCAS[i] = checkInterfaceFunction(
AtomicCASName, Ty, PtrTy, Ty, Ty, OrdTy, OrdTy, nullptr));		"ThreadSanitizer", M.getOrInsertFunction(AtomicCASName, Ty, PtrTy, Ty,
}		Ty, OrdTy, OrdTy, nullptr));
TsanVptrUpdate = checkInterfaceFunction(M.getOrInsertFunction(		}
"__tsan_vptr_update", IRB.getVoidTy(), IRB.getInt8PtrTy(),		TsanVptrUpdate = checkInterfaceFunction(
		"ThreadSanitizer",
		M.getOrInsertFunction("__tsan_vptr_update", IRB.getVoidTy(),
		IRB.getInt8PtrTy(), IRB.getInt8PtrTy(), nullptr));
		TsanVptrLoad = checkInterfaceFunction(
		"ThreadSanitizer",
		M.getOrInsertFunction("__tsan_vptr_read", IRB.getVoidTy(),
IRB.getInt8PtrTy(), nullptr));		IRB.getInt8PtrTy(), nullptr));
TsanVptrLoad = checkInterfaceFunction(M.getOrInsertFunction(		TsanAtomicThreadFence = checkInterfaceFunction(
"__tsan_vptr_read", IRB.getVoidTy(), IRB.getInt8PtrTy(), nullptr));		"ThreadSanitizer",
TsanAtomicThreadFence = checkInterfaceFunction(M.getOrInsertFunction(		M.getOrInsertFunction("__tsan_atomic_thread_fence", IRB.getVoidTy(),
"__tsan_atomic_thread_fence", IRB.getVoidTy(), OrdTy, nullptr));		OrdTy, nullptr));
TsanAtomicSignalFence = checkInterfaceFunction(M.getOrInsertFunction(		TsanAtomicSignalFence = checkInterfaceFunction(
"__tsan_atomic_signal_fence", IRB.getVoidTy(), OrdTy, nullptr));		"ThreadSanitizer",
		M.getOrInsertFunction("__tsan_atomic_signal_fence", IRB.getVoidTy(),
MemmoveFn = checkInterfaceFunction(M.getOrInsertFunction(		OrdTy, nullptr));
"memmove", IRB.getInt8PtrTy(), IRB.getInt8PtrTy(),
		MemmoveFn = checkInterfaceFunction(
		"ThreadSanitizer",
		M.getOrInsertFunction("memmove", IRB.getInt8PtrTy(), IRB.getInt8PtrTy(),
IRB.getInt8PtrTy(), IntptrTy, nullptr));		IRB.getInt8PtrTy(), IntptrTy, nullptr));
MemcpyFn = checkInterfaceFunction(M.getOrInsertFunction(		MemcpyFn = checkInterfaceFunction(
"memcpy", IRB.getInt8PtrTy(), IRB.getInt8PtrTy(), IRB.getInt8PtrTy(),		"ThreadSanitizer",
IntptrTy, nullptr));		M.getOrInsertFunction("memcpy", IRB.getInt8PtrTy(), IRB.getInt8PtrTy(),
MemsetFn = checkInterfaceFunction(M.getOrInsertFunction(		IRB.getInt8PtrTy(), IntptrTy, nullptr));
"memset", IRB.getInt8PtrTy(), IRB.getInt8PtrTy(), IRB.getInt32Ty(),		MemsetFn = checkInterfaceFunction(
IntptrTy, nullptr));		"ThreadSanitizer",
		M.getOrInsertFunction("memset", IRB.getInt8PtrTy(), IRB.getInt8PtrTy(),
		IRB.getInt32Ty(), IntptrTy, nullptr));
}		}

bool ThreadSanitizer::doInitialization(Module &M) {		bool ThreadSanitizer::doInitialization(Module &M) {
const DataLayout &DL = M.getDataLayout();		const DataLayout &DL = M.getDataLayout();
		IntptrTy = DL.getIntPtrType(M.getContext());
		TsanCtorFunction = createSanitizerCtor(M, "ThreadSanitizer",
		kTsanModuleCtorName, kTsanInitName);

// Always insert a call to __tsan_init into the module's CTORs.		appendToGlobalCtors(M, TsanCtorFunction, 0);
IRBuilder<> IRB(M.getContext());
IntptrTy = IRB.getIntPtrTy(DL);
Value *TsanInit = M.getOrInsertFunction("__tsan_init",
IRB.getVoidTy(), nullptr);
appendToGlobalCtors(M, cast<Function>(TsanInit), 0);

return true;		return true;
}		}

static bool isVtableAccess(Instruction *I) {		static bool isVtableAccess(Instruction *I) {
if (MDNode *Tag = I->getMetadata(LLVMContext::MD_tbaa))		if (MDNode *Tag = I->getMetadata(LLVMContext::MD_tbaa))
return Tag->isTBAAVtableAccess();		return Tag->isTBAAVtableAccess();
return false;		return false;
▲ Show 20 Lines • Show All 81 Lines • ▼ Show 20 Lines	static bool isAtomic(Instruction *I) {
if (isa<AtomicCmpXchgInst>(I))		if (isa<AtomicCmpXchgInst>(I))
return true;		return true;
if (isa<FenceInst>(I))		if (isa<FenceInst>(I))
return true;		return true;
return false;		return false;
}		}

bool ThreadSanitizer::runOnFunction(Function &F) {		bool ThreadSanitizer::runOnFunction(Function &F) {
		if (&F == TsanCtorFunction)
		return false;
initializeCallbacks(*F.getParent());		initializeCallbacks(*F.getParent());
SmallVector<Instruction*, 8> RetVec;		SmallVector<Instruction*, 8> RetVec;
SmallVector<Instruction*, 8> AllLoadsAndStores;		SmallVector<Instruction*, 8> AllLoadsAndStores;
SmallVector<Instruction*, 8> LocalLoadsAndStores;		SmallVector<Instruction*, 8> LocalLoadsAndStores;
SmallVector<Instruction*, 8> AtomicAccesses;		SmallVector<Instruction*, 8> AtomicAccesses;
SmallVector<Instruction*, 8> MemIntrinCalls;		SmallVector<Instruction*, 8> MemIntrinCalls;
bool Res = false;		bool Res = false;
bool HasCalls = false;		bool HasCalls = false;
▲ Show 20 Lines • Show All 255 Lines • Show Last 20 Lines

lib/Transforms/Utils/ModuleUtils.cpp

Show All 11 Lines
//===----------------------------------------------------------------------===//		//===----------------------------------------------------------------------===//

#include "llvm/Transforms/Utils/ModuleUtils.h"		#include "llvm/Transforms/Utils/ModuleUtils.h"
#include "llvm/ADT/SmallPtrSet.h"		#include "llvm/ADT/SmallPtrSet.h"
#include "llvm/IR/DerivedTypes.h"		#include "llvm/IR/DerivedTypes.h"
#include "llvm/IR/Function.h"		#include "llvm/IR/Function.h"
#include "llvm/IR/IRBuilder.h"		#include "llvm/IR/IRBuilder.h"
#include "llvm/IR/Module.h"		#include "llvm/IR/Module.h"
		#include "llvm/Support/raw_ostream.h"

using namespace llvm;		using namespace llvm;

static void appendToGlobalArray(const char *Array,		static void appendToGlobalArray(const char *Array,
Module &M, Function *F, int Priority) {		Module &M, Function *F, int Priority) {
IRBuilder<> IRB(M.getContext());		IRBuilder<> IRB(M.getContext());
FunctionType *FnTy = FunctionType::get(IRB.getVoidTy(), false);		FunctionType *FnTy = FunctionType::get(IRB.getVoidTy(), false);

▲ Show 20 Lines • Show All 60 Lines • ▼ Show 20 Lines	llvm::collectUsedGlobalVariables(Module &M, SmallPtrSetImpl<GlobalValue *> &Set,
const ConstantArray *Init = cast<ConstantArray>(GV->getInitializer());		const ConstantArray *Init = cast<ConstantArray>(GV->getInitializer());
for (unsigned I = 0, E = Init->getNumOperands(); I != E; ++I) {		for (unsigned I = 0, E = Init->getNumOperands(); I != E; ++I) {
Value *Op = Init->getOperand(I);		Value *Op = Init->getOperand(I);
GlobalValue *G = cast<GlobalValue>(Op->stripPointerCastsNoFollowAliases());		GlobalValue *G = cast<GlobalValue>(Op->stripPointerCastsNoFollowAliases());
Set.insert(G);		Set.insert(G);
}		}
return GV;		return GV;
}		}

		// Validate the result of Module::getOrInsertFunction called for an interface
		// function of sanitizer. If the instrumented module defines a function
		// with the same name, their prototypes must match, otherwise
		// getOrInsertFunction returns a bitcast.
		Function *llvm::checkInterfaceFunction(StringRef Sanitizer,
		Constant *FuncOrBitcast) {
		if (isa<Function>(FuncOrBitcast))
		return cast<Function>(FuncOrBitcast);
		FuncOrBitcast->dump();
		std::string Err;
		raw_string_ostream Stream(Err);
		Stream << Sanitizer << " interface function redefined: " << *FuncOrBitcast;
		kccUnsubmitted Not Done Reply Inline Actions You can just print "Sanitizer interface function" to make the code simpler. kcc: You can just print "Sanitizer interface function" to make the code simpler.
		report_fatal_error(Err);
		}

		Function *llvm::createSanitizerCtor(Module &M, StringRef Sanitizer,
		llvm::StringRef CtorName,
		llvm::StringRef InitName,
		llvm::ArrayRef<Type *> InitType,
		llvm::ArrayRef<Value *> InitArgs,
		llvm::Function **InitFunctionPtr) {
		assert(!InitName.empty() && "Expected init function name");
		Function *Ctor = Function::Create(
		FunctionType::get(Type::getVoidTy(M.getContext()), false),
		GlobalValue::InternalLinkage, CtorName, &M);
		BasicBlock *CtorBB = BasicBlock::Create(M.getContext(), "", Ctor);
		IRBuilder<> IRB(ReturnInst::Create(M.getContext(), CtorBB));
		Function *InitFunction = checkInterfaceFunction(
		Sanitizer,
		M.getOrInsertFunction(InitName,
		FunctionType::get(IRB.getVoidTy(), InitType, false),
		AttributeSet()));
		InitFunction->setLinkage(Function::ExternalLinkage);
		IRB.CreateCall(InitFunction, InitArgs);
		if (InitFunctionPtr)
		*InitFunctionPtr = InitFunction;
		return Ctor;
		}

		Function *llvm::createSanitizerCtor(Module &M, StringRef Sanitizer,
		llvm::StringRef CtorName,
		llvm::StringRef InitName,
		llvm::Function **InitFunctionPtr) {
		return llvm::createSanitizerCtor(M, Sanitizer, CtorName, InitName, {}, {},
		InitFunctionPtr);
		}