This is an archive of the discontinued LLVM Phabricator instance.

Differential D96977

[dfsan] Instrument origin variable and function definitions
ClosedPublic

Authored by stephan.yichao.zhao on Feb 18 2021, 10:32 AM.

Details

Reviewers
morehouse
Commits
rG7e658b2fdccc: [dfsan] Instrument origin variable and function definitions
Summary

This is a part of https://reviews.llvm.org/D95835.

Diff Detail

Unit TestsFailed

TimeTest
2,350 msx64 debian > libarcher.races::task-two.c

Event Timeline

stephan.yichao.zhao created this revision.Feb 18 2021, 10:32 AM
Herald added a subscriber: hiraditya. · View Herald TranscriptFeb 18 2021, 10:32 AM
stephan.yichao.zhao requested review of this revision.Feb 18 2021, 10:32 AM
Herald added a project: Restricted Project. · View Herald TranscriptFeb 18 2021, 10:32 AM
Herald added a subscriber: llvm-commits. · View Herald Transcript
stephan.yichao.zhao added a subscriber: Restricted Project.Feb 18 2021, 10:32 AM
Harbormaster completed remote builds in B89757: Diff 324699.Feb 18 2021, 11:45 AM
morehouse added inline comments.Feb 18 2021, 2:41 PM
llvm/lib/Transforms/Instrumentation/DataFlowSanitizer.cpp
482

Can this be constant instead of a function?

llvm/test/Instrumentation/DataFlowSanitizer/basic.ll
11

IIRC, even with --check-prefix, the CHECK lines are still verified. So don't we get a failure for the line above this one (track_origins = 0)?

stephan.yichao.zhao updated this revision to Diff 324782.Feb 18 2021, 2:53 PM
stephan.yichao.zhao marked 2 inline comments as done.

update

llvm/lib/Transforms/Instrumentation/DataFlowSanitizer.cpp
482

Thank you. Replaced by kNumOfElementsInArgOrgTLS;

llvm/test/Instrumentation/DataFlowSanitizer/basic.ll
11

Hm, I found FileCheck ignores CHECK if --check-prefix is used.
But the problem is that we may want to rename the last one with prefix CHECK_NO_ORIGIN.

Updated.

gbalats added inline comments.Feb 18 2021, 3:01 PM
llvm/lib/Transforms/Instrumentation/DataFlowSanitizer.cpp
335

Is this tied to ShadowWidthBits? With fast8, how would this change?

llvm/test/Instrumentation/DataFlowSanitizer/basic.ll
2–3

You could use --check-prefixes to merge these.

morehouse accepted this revision.Feb 18 2021, 3:03 PM
morehouse added inline comments.
llvm/test/Instrumentation/DataFlowSanitizer/basic.ll
2–3
11

Interesting, I guess I've been doing it wrong then. Thanks for informing!

This revision is now accepted and ready to land.Feb 18 2021, 3:03 PM
stephan.yichao.zhao updated this revision to Diff 324787.Feb 18 2021, 3:08 PM
stephan.yichao.zhao marked 3 inline comments as done.

replaced by --check-prefixes

llvm/lib/Transforms/Instrumentation/DataFlowSanitizer.cpp
335

Origin tracking always uses 4-byte.
Every 4 user byte shares one 4-byte origin. So its memory overhead is always 1x.

Origin is like a hash value, 32bit gives us enough hash space.
It would not be changed in 8-bit mode.

llvm/test/Instrumentation/DataFlowSanitizer/basic.ll
2–3

Done. Thank you.

2–3

Thank you. The two comments match exactly. :)

This revision was landed with ongoing or failed builds.Feb 18 2021, 3:50 PM
Closed by commit rG7e658b2fdccc: [dfsan] Instrument origin variable and function definitions (authored by Jianzhou Zhao <jianzhouzh@google.com>). · Explain Why
This revision was automatically updated to reflect the committed changes.
Jianzhou Zhao <jianzhouzh@google.com> added a commit: rG7e658b2fdccc: [dfsan] Instrument origin variable and function definitions.
Harbormaster completed remote builds in B89811: Diff 324787.Feb 18 2021, 5:11 PM
Harbormaster completed remote builds in B89807: Diff 324782.

Revision Contents

PathSize
llvm/
lib/
Transforms/
Instrumentation/
108 lines
test/
Instrumentation/
DataFlowSanitizer/
43 lines

Diff 324699

llvm/lib/Transforms/Instrumentation/DataFlowSanitizer.cpp

Show First 20 LinesShow All 195 Lines▼ Show 20 Lines
// Controls whether the pass tracks the control flow of select instructions. // Controls whether the pass tracks the control flow of select instructions.
static cl::opt<bool> ClTrackSelectControlFlow( static cl::opt<bool> ClTrackSelectControlFlow(
"dfsan-track-select-control-flow", "dfsan-track-select-control-flow",
cl::desc("Propagate labels from condition values of select instructions " cl::desc("Propagate labels from condition values of select instructions "
"to results."), "to results."),
cl::Hidden, cl::init(true)); cl::Hidden, cl::init(true));
// Controls how to track origins.
// * 0: do not track origins.
// * 1: track origins at memory store operations.
// * 2: TODO: track origins at memory store operations and callsites.
static cl::opt<int> ClTrackOrigins("dfsan-track-origins",
cl::desc("Track origins of labels"),
cl::Hidden, cl::init(0));
static StringRef GetGlobalTypeString(const GlobalValue &G) { static StringRef GetGlobalTypeString(const GlobalValue &G) {
// Types of GlobalVariables are always pointer types. // Types of GlobalVariables are always pointer types.
Type *GType = G.getValueType(); Type *GType = G.getValueType();
// For now we support excluding struct types only. // For now we support excluding struct types only.
if (StructType *SGType = dyn_cast<StructType>(GType)) { if (StructType *SGType = dyn_cast<StructType>(GType)) {
if (!SGType->isLiteral()) if (!SGType->isLiteral())
return SGType->getName(); return SGType->getName();
} }
▲ Show 20 LinesShow All 104 Lines▼ Show 20 Lines return AttributeList::get(
CallSiteAttrs.getRetAttributes(), CallSiteAttrs.getRetAttributes(),
llvm::makeArrayRef(ArgumentAttributes)); llvm::makeArrayRef(ArgumentAttributes));
} }
class DataFlowSanitizer { class DataFlowSanitizer {
friend struct DFSanFunction; friend struct DFSanFunction;
friend class DFSanVisitor; friend class DFSanVisitor;
enum { ShadowWidthBits = 16, ShadowWidthBytes = ShadowWidthBits / 8 }; enum {
ShadowWidthBits = 16,
ShadowWidthBytes = ShadowWidthBits / 8,
OriginWidthBits = 32,
gbalatsUnsubmitted
Done
ReplyInline Actions

Is this tied to ShadowWidthBits? With fast8, how would this change?

gbalats: Is this tied to ShadowWidthBits? With fast8, how would this change?
stephan.yichao.zhaoAuthorUnsubmitted
Done
ReplyInline Actions

Origin tracking always uses 4-byte.
Every 4 user byte shares one 4-byte origin. So its memory overhead is always 1x.

Origin is like a hash value, 32bit gives us enough hash space.
It would not be changed in 8-bit mode.

stephan.yichao.zhao: Origin tracking always uses 4-byte. Every 4 user byte shares one 4-byte origin. So its memory…
OriginWidthBytes = OriginWidthBits / 8
};
/// Which ABI should be used for instrumented functions? /// Which ABI should be used for instrumented functions?
enum InstrumentedABI { enum InstrumentedABI {
/// Argument and return value labels are passed through additional /// Argument and return value labels are passed through additional
/// arguments and by modifying the return type. /// arguments and by modifying the return type.
IA_Args, IA_Args,
/// Argument and return value labels are passed through TLS variables /// Argument and return value labels are passed through TLS variables
Show All 24 Lines enum WrapperKind {
/// extra pointer argument to return the shadow. This allows the wrapped /// extra pointer argument to return the shadow. This allows the wrapped
/// form of the function type to be expressed in C. /// form of the function type to be expressed in C.
WK_Custom WK_Custom
}; };
Module *Mod; Module *Mod;
LLVMContext *Ctx; LLVMContext *Ctx;
Type *Int8Ptr; Type *Int8Ptr;
IntegerType *OriginTy;
PointerType *OriginPtrTy;
/// The shadow type for all primitive types and vector types. /// The shadow type for all primitive types and vector types.
IntegerType *PrimitiveShadowTy; IntegerType *PrimitiveShadowTy;
PointerType *PrimitiveShadowPtrTy; PointerType *PrimitiveShadowPtrTy;
IntegerType *IntptrTy; IntegerType *IntptrTy;
ConstantInt *ZeroPrimitiveShadow; ConstantInt *ZeroPrimitiveShadow;
ConstantInt *ShadowPtrMask; ConstantInt *ShadowPtrMask;
ConstantInt *ShadowPtrMul; ConstantInt *ShadowPtrMul;
Constant *ArgTLS; Constant *ArgTLS;
ArrayType *ArgOriginTLSTy;
Constant *ArgOriginTLS;
Constant *RetvalTLS; Constant *RetvalTLS;
Constant *RetvalOriginTLS;
Constant *ExternalShadowMask; Constant *ExternalShadowMask;
FunctionType *DFSanUnionFnTy; FunctionType *DFSanUnionFnTy;
FunctionType *DFSanUnionLoadFnTy; FunctionType *DFSanUnionLoadFnTy;
FunctionType *DFSanLoadLabelAndOriginFnTy;
FunctionType *DFSanUnimplementedFnTy; FunctionType *DFSanUnimplementedFnTy;
FunctionType *DFSanSetLabelFnTy; FunctionType *DFSanSetLabelFnTy;
FunctionType *DFSanNonzeroLabelFnTy; FunctionType *DFSanNonzeroLabelFnTy;
FunctionType *DFSanVarargWrapperFnTy; FunctionType *DFSanVarargWrapperFnTy;
FunctionType *DFSanCmpCallbackFnTy; FunctionType *DFSanCmpCallbackFnTy;
FunctionType *DFSanLoadStoreCallbackFnTy; FunctionType *DFSanLoadStoreCallbackFnTy;
FunctionType *DFSanMemTransferCallbackFnTy; FunctionType *DFSanMemTransferCallbackFnTy;
FunctionType *DFSanChainOriginFnTy;
FunctionType *DFSanMemOriginTransferFnTy;
FunctionType *DFSanMaybeStoreOriginFnTy;
FunctionCallee DFSanUnionFn; FunctionCallee DFSanUnionFn;
FunctionCallee DFSanCheckedUnionFn; FunctionCallee DFSanCheckedUnionFn;
FunctionCallee DFSanUnionLoadFn; FunctionCallee DFSanUnionLoadFn;
FunctionCallee DFSanUnionLoadFast16LabelsFn; FunctionCallee DFSanUnionLoadFast16LabelsFn;
FunctionCallee DFSanLoadLabelAndOriginFn;
FunctionCallee DFSanUnimplementedFn; FunctionCallee DFSanUnimplementedFn;
FunctionCallee DFSanSetLabelFn; FunctionCallee DFSanSetLabelFn;
FunctionCallee DFSanNonzeroLabelFn; FunctionCallee DFSanNonzeroLabelFn;
FunctionCallee DFSanVarargWrapperFn; FunctionCallee DFSanVarargWrapperFn;
FunctionCallee DFSanLoadCallbackFn; FunctionCallee DFSanLoadCallbackFn;
FunctionCallee DFSanStoreCallbackFn; FunctionCallee DFSanStoreCallbackFn;
FunctionCallee DFSanMemTransferCallbackFn; FunctionCallee DFSanMemTransferCallbackFn;
FunctionCallee DFSanCmpCallbackFn; FunctionCallee DFSanCmpCallbackFn;
SmallPtrSet<Value *, 12> DFSanRuntimeFunctions; FunctionCallee DFSanChainOriginFn;
FunctionCallee DFSanMemOriginTransferFn;
FunctionCallee DFSanMaybeStoreOriginFn;
SmallPtrSet<Value *, 16> DFSanRuntimeFunctions;
MDNode *ColdCallWeights; MDNode *ColdCallWeights;
DFSanABIList ABIList; DFSanABIList ABIList;
DenseMap<Value *, Function *> UnwrappedFnMap; DenseMap<Value *, Function *> UnwrappedFnMap;
AttrBuilder ReadOnlyNoneAttrs; AttrBuilder ReadOnlyNoneAttrs;
bool DFSanRuntimeShadowMask = false; bool DFSanRuntimeShadowMask = false;
Value *getShadowAddress(Value *Addr, Instruction *Pos); Value *getShadowAddress(Value *Addr, Instruction *Pos);
bool isInstrumented(const Function *F); bool isInstrumented(const Function *F);
bool isInstrumented(const GlobalAlias *GA); bool isInstrumented(const GlobalAlias *GA);
FunctionType *getArgsFunctionType(FunctionType *T); FunctionType *getArgsFunctionType(FunctionType *T);
FunctionType *getTrampolineFunctionType(FunctionType *T); FunctionType *getTrampolineFunctionType(FunctionType *T);
TransformedFunction getCustomFunctionType(FunctionType *T); TransformedFunction getCustomFunctionType(FunctionType *T);
InstrumentedABI getInstrumentedABI(); InstrumentedABI getInstrumentedABI();
WrapperKind getWrapperKind(Function *F); WrapperKind getWrapperKind(Function *F);
void addGlobalNamePrefix(GlobalValue *GV); void addGlobalNamePrefix(GlobalValue *GV);
Function *buildWrapperFunction(Function *F, StringRef NewFName, Function *buildWrapperFunction(Function *F, StringRef NewFName,
GlobalValue::LinkageTypes NewFLink, GlobalValue::LinkageTypes NewFLink,
FunctionType *NewFT); FunctionType *NewFT);
Constant *getOrBuildTrampolineFunction(FunctionType *FT, StringRef FName); Constant *getOrBuildTrampolineFunction(FunctionType *FT, StringRef FName);
void initializeCallbackFunctions(Module &M); void initializeCallbackFunctions(Module &M);
void initializeRuntimeFunctions(Module &M); void initializeRuntimeFunctions(Module &M);
bool init(Module &M); bool init(Module &M);
/// Returns whether the pass tracks origins. Support only fast16 mode in TLS
/// ABI mode.
bool shouldTrackOrigins();
/// Returns whether the pass tracks labels for struct fields and array /// Returns whether the pass tracks labels for struct fields and array
/// indices. Support only fast16 mode in TLS ABI mode. /// indices. Support only fast16 mode in TLS ABI mode.
bool shouldTrackFieldsAndIndices(); bool shouldTrackFieldsAndIndices();
/// Returns a zero constant with the shadow type of OrigTy. /// Returns a zero constant with the shadow type of OrigTy.
/// ///
/// getZeroShadow({T1,T2,...}) = {getZeroShadow(T1),getZeroShadow(T2,...} /// getZeroShadow({T1,T2,...}) = {getZeroShadow(T1),getZeroShadow(T2,...}
/// getZeroShadow([n x T]) = [n x getZeroShadow(T)] /// getZeroShadow([n x T]) = [n x getZeroShadow(T)]
Show All 15 Linesclass DataFlowSanitizer {
/// getShadowTy(other type) = i16 /// getShadowTy(other type) = i16
/// ///
/// Note that a shadow type is always i16 when shouldTrackFieldsAndIndices /// Note that a shadow type is always i16 when shouldTrackFieldsAndIndices
/// returns false. /// returns false.
Type *getShadowTy(Type *OrigTy); Type *getShadowTy(Type *OrigTy);
/// Returns the shadow type of of V's type. /// Returns the shadow type of of V's type.
Type *getShadowTy(Value *V); Type *getShadowTy(Value *V);
uint64_t numOfElementsInArgOrgTLS();
morehouseUnsubmitted
Done
ReplyInline Actions

Can this be constant instead of a function?

morehouse: Can this be constant instead of a function?
stephan.yichao.zhaoAuthorUnsubmitted
Done
ReplyInline Actions

Thank you. Replaced by kNumOfElementsInArgOrgTLS;

stephan.yichao.zhao: Thank you. Replaced by kNumOfElementsInArgOrgTLS;
public: public:
DataFlowSanitizer(const std::vector<std::string> &ABIListFiles); DataFlowSanitizer(const std::vector<std::string> &ABIListFiles);
bool runImpl(Module &M); bool runImpl(Module &M);
}; };
struct DFSanFunction { struct DFSanFunction {
DataFlowSanitizer &DFS; DataFlowSanitizer &DFS;
▲ Show 20 LinesShow All 205 Lines▼ Show 20 Lines if (!isa<ArrayType>(T) && !isa<StructType>(T)) {
if (const ConstantInt *CI = dyn_cast<ConstantInt>(V)) if (const ConstantInt *CI = dyn_cast<ConstantInt>(V))
return CI->isZero(); return CI->isZero();
return false; return false;
} }
return isa<ConstantAggregateZero>(V); return isa<ConstantAggregateZero>(V);
} }
bool DataFlowSanitizer::shouldTrackOrigins() {
return ClTrackOrigins && getInstrumentedABI() == DataFlowSanitizer::IA_TLS &&
ClFast16Labels;
}
bool DataFlowSanitizer::shouldTrackFieldsAndIndices() { bool DataFlowSanitizer::shouldTrackFieldsAndIndices() {
return getInstrumentedABI() == DataFlowSanitizer::IA_TLS && ClFast16Labels; return getInstrumentedABI() == DataFlowSanitizer::IA_TLS && ClFast16Labels;
} }
Constant *DataFlowSanitizer::getZeroShadow(Type *OrigTy) { Constant *DataFlowSanitizer::getZeroShadow(Type *OrigTy) {
if (!shouldTrackFieldsAndIndices()) if (!shouldTrackFieldsAndIndices())
return ZeroPrimitiveShadow; return ZeroPrimitiveShadow;
▲ Show 20 LinesShow All 138 Lines▼ Show 20 Linesbool DataFlowSanitizer::init(Module &M) {
bool IsAArch64 = TargetTriple.getArch() == Triple::aarch64 || bool IsAArch64 = TargetTriple.getArch() == Triple::aarch64 ||
TargetTriple.getArch() == Triple::aarch64_be; TargetTriple.getArch() == Triple::aarch64_be;
const DataLayout &DL = M.getDataLayout(); const DataLayout &DL = M.getDataLayout();
Mod = &M; Mod = &M;
Ctx = &M.getContext(); Ctx = &M.getContext();
Int8Ptr = Type::getInt8PtrTy(*Ctx); Int8Ptr = Type::getInt8PtrTy(*Ctx);
OriginTy = IntegerType::get(*Ctx, OriginWidthBits);
OriginPtrTy = PointerType::getUnqual(OriginTy);
PrimitiveShadowTy = IntegerType::get(*Ctx, ShadowWidthBits); PrimitiveShadowTy = IntegerType::get(*Ctx, ShadowWidthBits);
PrimitiveShadowPtrTy = PointerType::getUnqual(PrimitiveShadowTy); PrimitiveShadowPtrTy = PointerType::getUnqual(PrimitiveShadowTy);
IntptrTy = DL.getIntPtrType(*Ctx); IntptrTy = DL.getIntPtrType(*Ctx);
ZeroPrimitiveShadow = ConstantInt::getSigned(PrimitiveShadowTy, 0); ZeroPrimitiveShadow = ConstantInt::getSigned(PrimitiveShadowTy, 0);
ShadowPtrMul = ConstantInt::getSigned(IntptrTy, ShadowWidthBytes); ShadowPtrMul = ConstantInt::getSigned(IntptrTy, ShadowWidthBytes);
if (IsX86_64) if (IsX86_64)
ShadowPtrMask = ConstantInt::getSigned(IntptrTy, ~0x700000000000LL); ShadowPtrMask = ConstantInt::getSigned(IntptrTy, ~0x700000000000LL);
else if (IsMIPS64) else if (IsMIPS64)
ShadowPtrMask = ConstantInt::getSigned(IntptrTy, ~0xF000000000LL); ShadowPtrMask = ConstantInt::getSigned(IntptrTy, ~0xF000000000LL);
// AArch64 supports multiple VMAs and the shadow mask is set at runtime. // AArch64 supports multiple VMAs and the shadow mask is set at runtime.
else if (IsAArch64) else if (IsAArch64)
DFSanRuntimeShadowMask = true; DFSanRuntimeShadowMask = true;
else else
report_fatal_error("unsupported triple"); report_fatal_error("unsupported triple");
Type *DFSanUnionArgs[2] = {PrimitiveShadowTy, PrimitiveShadowTy}; Type *DFSanUnionArgs[2] = {PrimitiveShadowTy, PrimitiveShadowTy};
DFSanUnionFnTy = DFSanUnionFnTy =
FunctionType::get(PrimitiveShadowTy, DFSanUnionArgs, /*isVarArg=*/false); FunctionType::get(PrimitiveShadowTy, DFSanUnionArgs, /*isVarArg=*/false);
Type *DFSanUnionLoadArgs[2] = {PrimitiveShadowPtrTy, IntptrTy}; Type *DFSanUnionLoadArgs[2] = {PrimitiveShadowPtrTy, IntptrTy};
DFSanUnionLoadFnTy = FunctionType::get(PrimitiveShadowTy, DFSanUnionLoadArgs, DFSanUnionLoadFnTy = FunctionType::get(PrimitiveShadowTy, DFSanUnionLoadArgs,
/*isVarArg=*/false); /*isVarArg=*/false);
Type *DFSanLoadLabelAndOriginArgs[2] = {Int8Ptr, IntptrTy};
DFSanLoadLabelAndOriginFnTy =
FunctionType::get(IntegerType::get(*Ctx, 64), DFSanLoadLabelAndOriginArgs,
/*isVarArg=*/false);
DFSanUnimplementedFnTy = FunctionType::get( DFSanUnimplementedFnTy = FunctionType::get(
Type::getVoidTy(*Ctx), Type::getInt8PtrTy(*Ctx), /*isVarArg=*/false); Type::getVoidTy(*Ctx), Type::getInt8PtrTy(*Ctx), /*isVarArg=*/false);
Type *DFSanSetLabelArgs[3] = {PrimitiveShadowTy, Type::getInt8PtrTy(*Ctx), Type *DFSanSetLabelArgs[3] = {PrimitiveShadowTy, Type::getInt8PtrTy(*Ctx),
IntptrTy}; IntptrTy};
DFSanSetLabelFnTy = FunctionType::get(Type::getVoidTy(*Ctx), DFSanSetLabelFnTy = FunctionType::get(Type::getVoidTy(*Ctx),
DFSanSetLabelArgs, /*isVarArg=*/false); DFSanSetLabelArgs, /*isVarArg=*/false);
DFSanNonzeroLabelFnTy = DFSanNonzeroLabelFnTy =
FunctionType::get(Type::getVoidTy(*Ctx), None, /*isVarArg=*/false); FunctionType::get(Type::getVoidTy(*Ctx), None, /*isVarArg=*/false);
DFSanVarargWrapperFnTy = FunctionType::get( DFSanVarargWrapperFnTy = FunctionType::get(
Type::getVoidTy(*Ctx), Type::getInt8PtrTy(*Ctx), /*isVarArg=*/false); Type::getVoidTy(*Ctx), Type::getInt8PtrTy(*Ctx), /*isVarArg=*/false);
DFSanCmpCallbackFnTy = DFSanCmpCallbackFnTy =
FunctionType::get(Type::getVoidTy(*Ctx), PrimitiveShadowTy, FunctionType::get(Type::getVoidTy(*Ctx), PrimitiveShadowTy,
/*isVarArg=*/false); /*isVarArg=*/false);
DFSanChainOriginFnTy =
FunctionType::get(OriginTy, OriginTy, /*isVarArg=*/false);
Type *DFSanMaybeStoreOriginArgs[4] = {IntegerType::get(*Ctx, ShadowWidthBits),
Int8Ptr, IntptrTy, OriginTy};
DFSanMaybeStoreOriginFnTy = FunctionType::get(
Type::getVoidTy(*Ctx), DFSanMaybeStoreOriginArgs, /*isVarArg=*/false);
Type *DFSanMemOriginTransferArgs[3] = {Int8Ptr, Int8Ptr, IntptrTy};
DFSanMemOriginTransferFnTy = FunctionType::get(
Type::getVoidTy(*Ctx), DFSanMemOriginTransferArgs, /*isVarArg=*/false);
Type *DFSanLoadStoreCallbackArgs[2] = {PrimitiveShadowTy, Int8Ptr}; Type *DFSanLoadStoreCallbackArgs[2] = {PrimitiveShadowTy, Int8Ptr};
DFSanLoadStoreCallbackFnTy = DFSanLoadStoreCallbackFnTy =
FunctionType::get(Type::getVoidTy(*Ctx), DFSanLoadStoreCallbackArgs, FunctionType::get(Type::getVoidTy(*Ctx), DFSanLoadStoreCallbackArgs,
/*isVarArg=*/false); /*isVarArg=*/false);
Type *DFSanMemTransferCallbackArgs[2] = {PrimitiveShadowPtrTy, IntptrTy}; Type *DFSanMemTransferCallbackArgs[2] = {PrimitiveShadowPtrTy, IntptrTy};
DFSanMemTransferCallbackFnTy = DFSanMemTransferCallbackFnTy =
FunctionType::get(Type::getVoidTy(*Ctx), DFSanMemTransferCallbackArgs, FunctionType::get(Type::getVoidTy(*Ctx), DFSanMemTransferCallbackArgs,
/*isVarArg=*/false); /*isVarArg=*/false);
▲ Show 20 LinesShow All 163 Lines▼ Show 20 Lines AL = AL.addAttribute(M.getContext(), AttributeList::FunctionIndex,
Attribute::NoUnwind); Attribute::NoUnwind);
AL = AL.addAttribute(M.getContext(), AttributeList::FunctionIndex, AL = AL.addAttribute(M.getContext(), AttributeList::FunctionIndex,
Attribute::ReadOnly); Attribute::ReadOnly);
AL = AL.addAttribute(M.getContext(), AttributeList::ReturnIndex, AL = AL.addAttribute(M.getContext(), AttributeList::ReturnIndex,
Attribute::ZExt); Attribute::ZExt);
DFSanUnionLoadFast16LabelsFn = Mod->getOrInsertFunction( DFSanUnionLoadFast16LabelsFn = Mod->getOrInsertFunction(
"__dfsan_union_load_fast16labels", DFSanUnionLoadFnTy, AL); "__dfsan_union_load_fast16labels", DFSanUnionLoadFnTy, AL);
} }
{
AttributeList AL;
AL = AL.addAttribute(M.getContext(), AttributeList::FunctionIndex,
Attribute::NoUnwind);
AL = AL.addAttribute(M.getContext(), AttributeList::FunctionIndex,
Attribute::ReadOnly);
AL = AL.addAttribute(M.getContext(), AttributeList::ReturnIndex,
Attribute::ZExt);
DFSanLoadLabelAndOriginFn = Mod->getOrInsertFunction(
"__dfsan_load_label_and_origin", DFSanLoadLabelAndOriginFnTy, AL);
}
DFSanUnimplementedFn = DFSanUnimplementedFn =
Mod->getOrInsertFunction("__dfsan_unimplemented", DFSanUnimplementedFnTy); Mod->getOrInsertFunction("__dfsan_unimplemented", DFSanUnimplementedFnTy);
{ {
AttributeList AL; AttributeList AL;
AL = AL.addParamAttribute(M.getContext(), 0, Attribute::ZExt); AL = AL.addParamAttribute(M.getContext(), 0, Attribute::ZExt);
DFSanSetLabelFn = DFSanSetLabelFn =
Mod->getOrInsertFunction("__dfsan_set_label", DFSanSetLabelFnTy, AL); Mod->getOrInsertFunction("__dfsan_set_label", DFSanSetLabelFnTy, AL);
} }
DFSanNonzeroLabelFn = DFSanNonzeroLabelFn =
Mod->getOrInsertFunction("__dfsan_nonzero_label", DFSanNonzeroLabelFnTy); Mod->getOrInsertFunction("__dfsan_nonzero_label", DFSanNonzeroLabelFnTy);
DFSanVarargWrapperFn = Mod->getOrInsertFunction("__dfsan_vararg_wrapper", DFSanVarargWrapperFn = Mod->getOrInsertFunction("__dfsan_vararg_wrapper",
DFSanVarargWrapperFnTy); DFSanVarargWrapperFnTy);
{
AttributeList AL;
AL = AL.addParamAttribute(M.getContext(), 0, Attribute::ZExt);
AL = AL.addAttribute(M.getContext(), AttributeList::ReturnIndex,
Attribute::ZExt);
DFSanChainOriginFn = Mod->getOrInsertFunction("__dfsan_chain_origin",
DFSanChainOriginFnTy, AL);
}
DFSanMemOriginTransferFn = Mod->getOrInsertFunction(
"__dfsan_mem_origin_transfer", DFSanMemOriginTransferFnTy);
{
AttributeList AL;
AL = AL.addParamAttribute(M.getContext(), 0, Attribute::ZExt);
AL = AL.addParamAttribute(M.getContext(), 3, Attribute::ZExt);
DFSanMaybeStoreOriginFn = Mod->getOrInsertFunction(
"__dfsan_maybe_store_origin", DFSanMaybeStoreOriginFnTy, AL);
}
DFSanRuntimeFunctions.insert(DFSanUnionFn.getCallee()->stripPointerCasts()); DFSanRuntimeFunctions.insert(DFSanUnionFn.getCallee()->stripPointerCasts());
DFSanRuntimeFunctions.insert( DFSanRuntimeFunctions.insert(
DFSanCheckedUnionFn.getCallee()->stripPointerCasts()); DFSanCheckedUnionFn.getCallee()->stripPointerCasts());
DFSanRuntimeFunctions.insert( DFSanRuntimeFunctions.insert(
DFSanUnionLoadFn.getCallee()->stripPointerCasts()); DFSanUnionLoadFn.getCallee()->stripPointerCasts());
DFSanRuntimeFunctions.insert( DFSanRuntimeFunctions.insert(
DFSanUnionLoadFast16LabelsFn.getCallee()->stripPointerCasts()); DFSanUnionLoadFast16LabelsFn.getCallee()->stripPointerCasts());
DFSanRuntimeFunctions.insert( DFSanRuntimeFunctions.insert(
DFSanLoadLabelAndOriginFn.getCallee()->stripPointerCasts());
DFSanRuntimeFunctions.insert(
DFSanUnimplementedFn.getCallee()->stripPointerCasts()); DFSanUnimplementedFn.getCallee()->stripPointerCasts());
DFSanRuntimeFunctions.insert( DFSanRuntimeFunctions.insert(
DFSanSetLabelFn.getCallee()->stripPointerCasts()); DFSanSetLabelFn.getCallee()->stripPointerCasts());
DFSanRuntimeFunctions.insert( DFSanRuntimeFunctions.insert(
DFSanNonzeroLabelFn.getCallee()->stripPointerCasts()); DFSanNonzeroLabelFn.getCallee()->stripPointerCasts());
DFSanRuntimeFunctions.insert( DFSanRuntimeFunctions.insert(
DFSanVarargWrapperFn.getCallee()->stripPointerCasts()); DFSanVarargWrapperFn.getCallee()->stripPointerCasts());
DFSanRuntimeFunctions.insert( DFSanRuntimeFunctions.insert(
DFSanLoadCallbackFn.getCallee()->stripPointerCasts()); DFSanLoadCallbackFn.getCallee()->stripPointerCasts());
DFSanRuntimeFunctions.insert( DFSanRuntimeFunctions.insert(
DFSanStoreCallbackFn.getCallee()->stripPointerCasts()); DFSanStoreCallbackFn.getCallee()->stripPointerCasts());
DFSanRuntimeFunctions.insert( DFSanRuntimeFunctions.insert(
DFSanMemTransferCallbackFn.getCallee()->stripPointerCasts()); DFSanMemTransferCallbackFn.getCallee()->stripPointerCasts());
DFSanRuntimeFunctions.insert( DFSanRuntimeFunctions.insert(
DFSanCmpCallbackFn.getCallee()->stripPointerCasts()); DFSanCmpCallbackFn.getCallee()->stripPointerCasts());
DFSanRuntimeFunctions.insert(
DFSanChainOriginFn.getCallee()->stripPointerCasts());
DFSanRuntimeFunctions.insert(
DFSanMemOriginTransferFn.getCallee()->stripPointerCasts());
DFSanRuntimeFunctions.insert(
DFSanMaybeStoreOriginFn.getCallee()->stripPointerCasts());
} }
// Initializes event callback functions and declare them in the module // Initializes event callback functions and declare them in the module
void DataFlowSanitizer::initializeCallbackFunctions(Module &M) { void DataFlowSanitizer::initializeCallbackFunctions(Module &M) {
DFSanLoadCallbackFn = Mod->getOrInsertFunction("__dfsan_load_callback", DFSanLoadCallbackFn = Mod->getOrInsertFunction("__dfsan_load_callback",
DFSanLoadStoreCallbackFnTy); DFSanLoadStoreCallbackFnTy);
DFSanStoreCallbackFn = Mod->getOrInsertFunction("__dfsan_store_callback", DFSanStoreCallbackFn = Mod->getOrInsertFunction("__dfsan_store_callback",
DFSanLoadStoreCallbackFnTy); DFSanLoadStoreCallbackFnTy);
DFSanMemTransferCallbackFn = Mod->getOrInsertFunction( DFSanMemTransferCallbackFn = Mod->getOrInsertFunction(
"__dfsan_mem_transfer_callback", DFSanMemTransferCallbackFnTy); "__dfsan_mem_transfer_callback", DFSanMemTransferCallbackFnTy);
DFSanCmpCallbackFn = DFSanCmpCallbackFn =
Mod->getOrInsertFunction("__dfsan_cmp_callback", DFSanCmpCallbackFnTy); Mod->getOrInsertFunction("__dfsan_cmp_callback", DFSanCmpCallbackFnTy);
} }
uint64_t DataFlowSanitizer::numOfElementsInArgOrgTLS() {
return kArgTLSSize / OriginWidthBytes;
}
bool DataFlowSanitizer::runImpl(Module &M) { bool DataFlowSanitizer::runImpl(Module &M) {
init(M); init(M);
if (ABIList.isIn(M, "skip")) if (ABIList.isIn(M, "skip"))
return false; return false;
const unsigned InitialGlobalSize = M.global_size(); const unsigned InitialGlobalSize = M.global_size();
const unsigned InitialModuleSize = M.size(); const unsigned InitialModuleSize = M.size();
Show All 12 Linesbool DataFlowSanitizer::runImpl(Module &M) {
// These globals must be kept in sync with the ones in dfsan.cpp. // These globals must be kept in sync with the ones in dfsan.cpp.
ArgTLS = getOrInsertGlobal( ArgTLS = getOrInsertGlobal(
"__dfsan_arg_tls", "__dfsan_arg_tls",
ArrayType::get(Type::getInt64Ty(*Ctx), kArgTLSSize / 8)); ArrayType::get(Type::getInt64Ty(*Ctx), kArgTLSSize / 8));
RetvalTLS = getOrInsertGlobal( RetvalTLS = getOrInsertGlobal(
"__dfsan_retval_tls", "__dfsan_retval_tls",
ArrayType::get(Type::getInt64Ty(*Ctx), kRetvalTLSSize / 8)); ArrayType::get(Type::getInt64Ty(*Ctx), kRetvalTLSSize / 8));
ArgOriginTLSTy = ArrayType::get(OriginTy, numOfElementsInArgOrgTLS());
ArgOriginTLS = getOrInsertGlobal("__dfsan_arg_origin_tls", ArgOriginTLSTy);
RetvalOriginTLS = getOrInsertGlobal("__dfsan_retval_origin_tls", OriginTy);
(void)Mod->getOrInsertGlobal("__dfsan_track_origins", OriginTy, [&] {
Changed = true;
return new GlobalVariable(
M, OriginTy, true, GlobalValue::WeakODRLinkage,
ConstantInt::getSigned(OriginTy, shouldTrackOrigins()),
"__dfsan_track_origins");
});
ExternalShadowMask = ExternalShadowMask =
Mod->getOrInsertGlobal(kDFSanExternShadowPtrMask, IntptrTy); Mod->getOrInsertGlobal(kDFSanExternShadowPtrMask, IntptrTy);
initializeCallbackFunctions(M); initializeCallbackFunctions(M);
initializeRuntimeFunctions(M); initializeRuntimeFunctions(M);
std::vector<Function *> FnsToInstrument; std::vector<Function *> FnsToInstrument;
▲ Show 20 LinesShow All 1,171 LinesShow Last 20 Lines

llvm/test/Instrumentation/DataFlowSanitizer/basic.ll

  • This file was added.
; RUN: opt < %s -dfsan -S | FileCheck %s --check-prefix=CHECK
; RUN: opt < %s -dfsan -dfsan-track-origins=1 -dfsan-fast-16-labels=true -S | FileCheck %s --check-prefix=CHECK_ORIGIN
target datalayout = "e-p:64:64:64-i1:8:8-i8:8:8-i16:16:16-i32:32:32-i64:64:64-f32:32:32-f64:64:64-v64:64:64-v128:128:128-a0:0:64-s0:64:64-f80:128:128-n8:16:32:64-S128"
gbalatsUnsubmitted
Done
ReplyInline Actions
- ; RUN: opt < %s -dfsan -S | FileCheck %s --check-prefix=CHECK --check-prefix=CHECK_NO_ORIGIN
- ; RUN: opt < %s -dfsan -dfsan-track-origins=1 -dfsan-fast-16-labels=true -S | FileCheck %s --check-prefix=CHECK --check-prefix=CHECK_ORIGIN
+ ; RUN: opt < %s -dfsan -S | FileCheck %s --check-prefixes=CHECK,CHECK_NO_ORIGIN
+ ; RUN: opt < %s -dfsan -dfsan-track-origins=1 -dfsan-fast-16-labels=true -S | FileCheck %s --check-prefixes=CHECK,CHECK_ORIGIN
target datalayout = "e-p:64:64:64-i1:8:8-i8:8:8-i16:16:16-i32:32:32-i64:64:64-f32:32:32-f64:64:64-v64:64:64-v128:128:128-a0:0:64-s0:64:64-f80:128:128-n8:16:32:64-S128"

You could use --check-prefixes to merge these.

gbalats: You could use --check-prefixes to merge these.
stephan.yichao.zhaoAuthorUnsubmitted
Done
ReplyInline Actions

Done. Thank you.

stephan.yichao.zhao: Done. Thank you.
morehouseUnsubmitted
Done
ReplyInline Actions
- ; RUN: opt < %s -dfsan -S | FileCheck %s --check-prefix=CHECK --check-prefix=CHECK_NO_ORIGIN
- ; RUN: opt < %s -dfsan -dfsan-track-origins=1 -dfsan-fast-16-labels=true -S | FileCheck %s --check-prefix=CHECK --check-prefix=CHECK_ORIGIN
+ ; RUN: opt < %s -dfsan -S | FileCheck %s --check-prefixes=CHECK,CHECK_NO_ORIGIN
+ ; RUN: opt < %s -dfsan -dfsan-track-origins=1 -dfsan-fast-16-labels=true -S | FileCheck %s --check-prefixes=CHECK,CHECK_ORIGIN
target datalayout = "e-p:64:64:64-i1:8:8-i8:8:8-i16:16:16-i32:32:32-i64:64:64-f32:32:32-f64:64:64-v64:64:64-v128:128:128-a0:0:64-s0:64:64-f80:128:128-n8:16:32:64-S128"
morehouse:
stephan.yichao.zhaoAuthorUnsubmitted
Done
ReplyInline Actions

Thank you. The two comments match exactly. :)

stephan.yichao.zhao: Thank you. The two comments match exactly. :)
target triple = "x86_64-unknown-linux-gnu"
; CHECK: @__dfsan_arg_tls = external thread_local(initialexec) global [100 x i64]
; CHECK: @__dfsan_retval_tls = external thread_local(initialexec) global [100 x i64]
; CHECK: @__dfsan_arg_origin_tls = external thread_local(initialexec) global [200 x i32]
; CHECK: @__dfsan_retval_origin_tls = external thread_local(initialexec) global i32
; CHECK: @__dfsan_track_origins = weak_odr constant i32 0
; CHECK_ORIGIN: @__dfsan_track_origins = weak_odr constant i32 1
morehouseUnsubmitted
Done
ReplyInline Actions

IIRC, even with --check-prefix, the CHECK lines are still verified. So don't we get a failure for the line above this one (track_origins = 0)?

morehouse: IIRC, even with `--check-prefix`, the `CHECK` lines are still verified. So don't we get a…
stephan.yichao.zhaoAuthorUnsubmitted
Done
ReplyInline Actions

Hm, I found FileCheck ignores CHECK if --check-prefix is used.
But the problem is that we may want to rename the last one with prefix CHECK_NO_ORIGIN.

Updated.

stephan.yichao.zhao: Hm, I found FileCheck ignores CHECK if [[ https://llvm.org/docs/CommandGuide/FileCheck.
morehouseUnsubmitted
Not Done
ReplyInline Actions

Interesting, I guess I've been doing it wrong then. Thanks for informing!

morehouse: Interesting, I guess I've been doing it wrong then. Thanks for informing!
; CHECK: @__dfsan_shadow_ptr_mask = external global i64
; CHECK: declare void @__dfsan_load_callback(i16, i8*)
; CHECK: declare void @__dfsan_store_callback(i16, i8*)
; CHECK: declare void @__dfsan_mem_transfer_callback(i16*, i64)
; CHECK: declare void @__dfsan_cmp_callback(i16)
; CHECK: ; Function Attrs: nounwind readnone
; CHECK-NEXT: declare zeroext i16 @__dfsan_union(i16 zeroext, i16 zeroext) #0
; CHECK: ; Function Attrs: nounwind readnone
; CHECK-NEXT: declare zeroext i16 @dfsan_union(i16 zeroext, i16 zeroext) #0
; CHECK: ; Function Attrs: nounwind readonly
; CHECK-NEXT: declare zeroext i16 @__dfsan_union_load(i16*, i64) #1
; CHECK: ; Function Attrs: nounwind readonly
; CHECK-NEXT: declare zeroext i16 @__dfsan_union_load_fast16labels(i16*, i64) #1
; CHECK: ; Function Attrs: nounwind readonly
; CHECK-NEXT: declare zeroext i64 @__dfsan_load_label_and_origin(i8*, i64) #1
; CHECK: declare void @__dfsan_unimplemented(i8*)
; CHECK: declare void @__dfsan_set_label(i16 zeroext, i8*, i64)
; CHECK: declare void @__dfsan_nonzero_label()
; CHECK: declare void @__dfsan_vararg_wrapper(i8*)
; CHECK: declare zeroext i32 @__dfsan_chain_origin(i32 zeroext)
; CHECK: declare void @__dfsan_mem_origin_transfer(i8*, i8*, i64)
; CHECK: declare void @__dfsan_maybe_store_origin(i16 zeroext, i8*, i64, i32 zeroext)
define void @foo() {
ret void
}