[Recycler] Add asan/msan annotations.

This enables use after free and uninit memory checking for memory returned by a recycler. SelectionDAG currently relies on the opcode of a free'd node being ISD::DELETED_NODE, so poke a hole in the asan poison for SDNode opcodes. This means that we won't find some issues, but only in SDag. llvm-svn: 300868
2017-04-20 18:29:37 +00:00 · 2017-04-20 18:29:37 +00:00 · 997fd5eeb4
parent 58dadd59d9
commit 997fd5eeb4
3 changed files with 13 additions and 2 deletions
--- a/llvm/include/llvm/Support/ArrayRecycler.h
+++ b/llvm/include/llvm/Support/ArrayRecycler.h
@ -48,12 +48,16 @@ template <class T, size_t Align = alignof(T)> class ArrayRecycler {
    if (!Entry)
      return nullptr;
    Bucket[Idx] = Entry->Next;
+    __msan_allocated_memory(Entry, Capacity::get(Idx).getSize());
+    __asan_unpoison_memory_region(Entry, Capacity::get(Idx).getSize());
    return reinterpret_cast<T*>(Entry);
  }

  // Add an entry to the free list at Bucket[Idx].
  void push(unsigned Idx, T *Ptr) {
    assert(Ptr && "Cannot recycle NULL pointer");
+    __asan_poison_memory_region(Ptr, Capacity::get(Idx).getSize());
+    __asan_unpoison_memory_region(Ptr, sizeof(FreeList));
    FreeList *Entry = reinterpret_cast<FreeList*>(Ptr);
    if (Idx >= Bucket.size())
      Bucket.resize(size_t(Idx) + 1);
--- a/llvm/include/llvm/Support/Recycler.h
+++ b/llvm/include/llvm/Support/Recycler.h
@ -43,10 +43,14 @@ class Recycler {
  FreeNode *pop_val() {
    auto *Val = FreeList;
    FreeList = FreeList->Next;
+    __msan_allocated_memory(Val, Size);
+    __asan_unpoison_memory_region(Val, Size);
    return Val;
  }

  void push(FreeNode *N) {
+    __asan_poison_memory_region(N, Size);
+    __asan_unpoison_memory_region(N, sizeof(FreeNode));
    N->Next = FreeList;
    FreeList = N;
  }
--- a/llvm/lib/CodeGen/SelectionDAG/SelectionDAG.cpp
+++ b/llvm/lib/CodeGen/SelectionDAG/SelectionDAG.cpp
@ -639,12 +639,15 @@ void SelectionDAG::DeallocateNode(SDNode *N) {
  // If we have operands, deallocate them.
  removeOperands(N);

+  NodeAllocator.Deallocate(AllNodes.remove(N));
+
  // Set the opcode to DELETED_NODE to help catch bugs when node
  // memory is reallocated.
+  // FIXME: There are places in SDag that have grown a dependency on the opcode
+  // value in the released node.
+  __asan_unpoison_memory_region(&N->NodeType, sizeof(N->NodeType));
  N->NodeType = ISD::DELETED_NODE;

-  NodeAllocator.Deallocate(AllNodes.remove(N));
-
  // If any of the SDDbgValue nodes refer to this SDNode, invalidate
  // them and forget about that node.
  DbgInfo->erase(N);