[esan] EfficiencySanitizer shadow memory
Summary:
Adds shadow memory mapping support common to all tools to the new
Efficiencysanitizer ("esan") family of tools. This includes:
+ Shadow memory layout and mapping support for 64-bit Linux for any
power-of-2 scale-down (1x, 2x, 4x, 8x, 16x, etc.) that ensures that
shadow(shadow(address)) does not overlap shadow or application
memory.
+ Mmap interception to ensure the application does not map on top of
our shadow memory.
+ Init-time sanity checks for shadow regions.
+ A test of the mmap conflict mechanism.
Reviewers: aizatsky, filcab
Subscribers: filcab, kubabrecka, llvm-commits, vitalybuka, eugenis, kcc, zhaoqin
Differential Revision: http://reviews.llvm.org/D19921
llvm-svn: 269198
2016-05-11 23:47:54 +08:00
|
|
|
// RUN: %clang_esan_frag -O0 %s -o %t 2>&1
|
2016-10-06 17:58:11 +08:00
|
|
|
// RUN: %env_esan_opts=verbosity=1 %run %t 2>&1 | FileCheck --check-prefix=%arch --check-prefix=CHECK %s
|
[esan] EfficiencySanitizer shadow memory
Summary:
Adds shadow memory mapping support common to all tools to the new
Efficiencysanitizer ("esan") family of tools. This includes:
+ Shadow memory layout and mapping support for 64-bit Linux for any
power-of-2 scale-down (1x, 2x, 4x, 8x, 16x, etc.) that ensures that
shadow(shadow(address)) does not overlap shadow or application
memory.
+ Mmap interception to ensure the application does not map on top of
our shadow memory.
+ Init-time sanity checks for shadow regions.
+ A test of the mmap conflict mechanism.
Reviewers: aizatsky, filcab
Subscribers: filcab, kubabrecka, llvm-commits, vitalybuka, eugenis, kcc, zhaoqin
Differential Revision: http://reviews.llvm.org/D19921
llvm-svn: 269198
2016-05-11 23:47:54 +08:00
|
|
|
|
|
|
|
#include <unistd.h>
|
|
|
|
#include <sys/mman.h>
|
|
|
|
#include <stdio.h>
|
|
|
|
|
|
|
|
int main(int argc, char **argv) {
|
2016-10-06 17:58:11 +08:00
|
|
|
#if defined(__mips64)
|
|
|
|
void *Map = mmap((void *)0x0000001600000000ULL, 0x1000, PROT_READ,
|
|
|
|
MAP_ANON|MAP_PRIVATE|MAP_FIXED, -1, 0);
|
|
|
|
#else
|
[esan] EfficiencySanitizer shadow memory
Summary:
Adds shadow memory mapping support common to all tools to the new
Efficiencysanitizer ("esan") family of tools. This includes:
+ Shadow memory layout and mapping support for 64-bit Linux for any
power-of-2 scale-down (1x, 2x, 4x, 8x, 16x, etc.) that ensures that
shadow(shadow(address)) does not overlap shadow or application
memory.
+ Mmap interception to ensure the application does not map on top of
our shadow memory.
+ Init-time sanity checks for shadow regions.
+ A test of the mmap conflict mechanism.
Reviewers: aizatsky, filcab
Subscribers: filcab, kubabrecka, llvm-commits, vitalybuka, eugenis, kcc, zhaoqin
Differential Revision: http://reviews.llvm.org/D19921
llvm-svn: 269198
2016-05-11 23:47:54 +08:00
|
|
|
void *Map = mmap((void *)0x0000016000000000ULL, 0x1000, PROT_READ,
|
|
|
|
MAP_ANON|MAP_PRIVATE|MAP_FIXED, -1, 0);
|
2016-10-06 17:58:11 +08:00
|
|
|
#endif
|
[esan] EfficiencySanitizer shadow memory
Summary:
Adds shadow memory mapping support common to all tools to the new
Efficiencysanitizer ("esan") family of tools. This includes:
+ Shadow memory layout and mapping support for 64-bit Linux for any
power-of-2 scale-down (1x, 2x, 4x, 8x, 16x, etc.) that ensures that
shadow(shadow(address)) does not overlap shadow or application
memory.
+ Mmap interception to ensure the application does not map on top of
our shadow memory.
+ Init-time sanity checks for shadow regions.
+ A test of the mmap conflict mechanism.
Reviewers: aizatsky, filcab
Subscribers: filcab, kubabrecka, llvm-commits, vitalybuka, eugenis, kcc, zhaoqin
Differential Revision: http://reviews.llvm.org/D19921
llvm-svn: 269198
2016-05-11 23:47:54 +08:00
|
|
|
if (Map == (void *)-1)
|
|
|
|
fprintf(stderr, "map failed\n");
|
|
|
|
else
|
|
|
|
fprintf(stderr, "mapped %p\n", Map);
|
2016-10-06 17:58:11 +08:00
|
|
|
#if defined(__mips64)
|
|
|
|
Map = mmap((void *)0x0000001600000000ULL, 0x1000, PROT_READ,
|
|
|
|
MAP_ANON|MAP_PRIVATE, -1, 0);
|
|
|
|
#else
|
[esan] EfficiencySanitizer shadow memory
Summary:
Adds shadow memory mapping support common to all tools to the new
Efficiencysanitizer ("esan") family of tools. This includes:
+ Shadow memory layout and mapping support for 64-bit Linux for any
power-of-2 scale-down (1x, 2x, 4x, 8x, 16x, etc.) that ensures that
shadow(shadow(address)) does not overlap shadow or application
memory.
+ Mmap interception to ensure the application does not map on top of
our shadow memory.
+ Init-time sanity checks for shadow regions.
+ A test of the mmap conflict mechanism.
Reviewers: aizatsky, filcab
Subscribers: filcab, kubabrecka, llvm-commits, vitalybuka, eugenis, kcc, zhaoqin
Differential Revision: http://reviews.llvm.org/D19921
llvm-svn: 269198
2016-05-11 23:47:54 +08:00
|
|
|
Map = mmap((void *)0x0000016000000000ULL, 0x1000, PROT_READ,
|
|
|
|
MAP_ANON|MAP_PRIVATE, -1, 0);
|
2016-10-06 17:58:11 +08:00
|
|
|
#endif
|
[esan] EfficiencySanitizer shadow memory
Summary:
Adds shadow memory mapping support common to all tools to the new
Efficiencysanitizer ("esan") family of tools. This includes:
+ Shadow memory layout and mapping support for 64-bit Linux for any
power-of-2 scale-down (1x, 2x, 4x, 8x, 16x, etc.) that ensures that
shadow(shadow(address)) does not overlap shadow or application
memory.
+ Mmap interception to ensure the application does not map on top of
our shadow memory.
+ Init-time sanity checks for shadow regions.
+ A test of the mmap conflict mechanism.
Reviewers: aizatsky, filcab
Subscribers: filcab, kubabrecka, llvm-commits, vitalybuka, eugenis, kcc, zhaoqin
Differential Revision: http://reviews.llvm.org/D19921
llvm-svn: 269198
2016-05-11 23:47:54 +08:00
|
|
|
fprintf(stderr, "mapped %p\n", Map);
|
|
|
|
// CHECK: in esan::initializeLibrary
|
2016-05-28 08:25:16 +08:00
|
|
|
// (There can be a re-exec for stack limit here.)
|
2016-10-06 17:58:11 +08:00
|
|
|
// x86_64: Shadow scale=2 offset=0x440000000000
|
|
|
|
// x86_64-NEXT: Shadow #0: [110000000000-114000000000) (256GB)
|
|
|
|
// x86_64-NEXT: Shadow #1: [124000000000-12c000000000) (512GB)
|
|
|
|
// x86_64-NEXT: Shadow #2: [148000000000-150000000000) (512GB)
|
|
|
|
// mips64: Shadow scale=2 offset=0x4400000000
|
|
|
|
// mips64-NEXT: Shadow #0: [1140000000-1180000000) (1GB)
|
|
|
|
// mips64-NEXT: Shadow #1: [1380000000-13c0000000) (1GB)
|
|
|
|
// mips64-NEXT: Shadow #2: [14c0000000-1500000000) (1GB)
|
[esan] EfficiencySanitizer shadow memory
Summary:
Adds shadow memory mapping support common to all tools to the new
Efficiencysanitizer ("esan") family of tools. This includes:
+ Shadow memory layout and mapping support for 64-bit Linux for any
power-of-2 scale-down (1x, 2x, 4x, 8x, 16x, etc.) that ensures that
shadow(shadow(address)) does not overlap shadow or application
memory.
+ Mmap interception to ensure the application does not map on top of
our shadow memory.
+ Init-time sanity checks for shadow regions.
+ A test of the mmap conflict mechanism.
Reviewers: aizatsky, filcab
Subscribers: filcab, kubabrecka, llvm-commits, vitalybuka, eugenis, kcc, zhaoqin
Differential Revision: http://reviews.llvm.org/D19921
llvm-svn: 269198
2016-05-11 23:47:54 +08:00
|
|
|
// CHECK-NEXT: mmap conflict: {{.*}}
|
|
|
|
// CHECK-NEXT: map failed
|
|
|
|
// CHECK-NEXT: mmap conflict: {{.*}}
|
|
|
|
// CHECK-NEXT: mapped {{.*}}
|
|
|
|
// CHECK-NEXT: in esan::finalizeLibrary
|
|
|
|
return 0;
|
|
|
|
}
|