forked from OSchip/llvm-project
Revert "[asan] Use dynamic shadow on 32-bit Android" and 3 more.
Revert the following commits: r318369 [asan] Fallback to non-ifunc dynamic shadow on android<22. r318235 [asan] Prevent rematerialization of &__asan_shadow. r317948 [sanitizer] Remove unnecessary attribute hidden. r317943 [asan] Use dynamic shadow on 32-bit Android. MemoryRangeIsAvailable() reads /proc/$PID/maps into an mmap-ed buffer that may overlap with the address range that we plan to use for the dynamic shadow mapping. This is causing random startup crashes. llvm-svn: 318575
This commit is contained in:
parent
c54aa9c844
commit
9d564cdcb0
|
@ -21,7 +21,6 @@ set(ASAN_SOURCES
|
||||||
asan_memory_profile.cc
|
asan_memory_profile.cc
|
||||||
asan_poisoning.cc
|
asan_poisoning.cc
|
||||||
asan_posix.cc
|
asan_posix.cc
|
||||||
asan_premap_shadow.cc
|
|
||||||
asan_report.cc
|
asan_report.cc
|
||||||
asan_rtl.cc
|
asan_rtl.cc
|
||||||
asan_shadow_setup.cc
|
asan_shadow_setup.cc
|
||||||
|
|
|
@ -15,8 +15,6 @@
|
||||||
#ifndef ASAN_INIT_VERSION_H
|
#ifndef ASAN_INIT_VERSION_H
|
||||||
#define ASAN_INIT_VERSION_H
|
#define ASAN_INIT_VERSION_H
|
||||||
|
|
||||||
#include "sanitizer_common/sanitizer_platform.h"
|
|
||||||
|
|
||||||
extern "C" {
|
extern "C" {
|
||||||
// Every time the ASan ABI changes we also change the version number in the
|
// Every time the ASan ABI changes we also change the version number in the
|
||||||
// __asan_init function name. Objects built with incompatible ASan ABI
|
// __asan_init function name. Objects built with incompatible ASan ABI
|
||||||
|
@ -34,12 +32,7 @@ extern "C" {
|
||||||
// v6=>v7: added 'odr_indicator' to __asan_global
|
// v6=>v7: added 'odr_indicator' to __asan_global
|
||||||
// v7=>v8: added '__asan_(un)register_image_globals' functions for dead
|
// v7=>v8: added '__asan_(un)register_image_globals' functions for dead
|
||||||
// stripping support on Mach-O platforms
|
// stripping support on Mach-O platforms
|
||||||
#if SANITIZER_WORDSIZE == 32 && SANITIZER_ANDROID
|
|
||||||
// v8=>v9: 32-bit Android switched to dynamic shadow
|
|
||||||
#define __asan_version_mismatch_check __asan_version_mismatch_check_v9
|
|
||||||
#else
|
|
||||||
#define __asan_version_mismatch_check __asan_version_mismatch_check_v8
|
#define __asan_version_mismatch_check __asan_version_mismatch_check_v8
|
||||||
#endif
|
|
||||||
}
|
}
|
||||||
|
|
||||||
#endif // ASAN_INIT_VERSION_H
|
#endif // ASAN_INIT_VERSION_H
|
||||||
|
|
|
@ -17,7 +17,6 @@
|
||||||
|
|
||||||
#include "asan_interceptors.h"
|
#include "asan_interceptors.h"
|
||||||
#include "asan_internal.h"
|
#include "asan_internal.h"
|
||||||
#include "asan_premap_shadow.h"
|
|
||||||
#include "asan_thread.h"
|
#include "asan_thread.h"
|
||||||
#include "sanitizer_common/sanitizer_flags.h"
|
#include "sanitizer_common/sanitizer_flags.h"
|
||||||
#include "sanitizer_common/sanitizer_freebsd.h"
|
#include "sanitizer_common/sanitizer_freebsd.h"
|
||||||
|
@ -82,41 +81,9 @@ void *AsanDoesNotSupportStaticLinkage() {
|
||||||
return &_DYNAMIC; // defined in link.h
|
return &_DYNAMIC; // defined in link.h
|
||||||
}
|
}
|
||||||
|
|
||||||
#if ASAN_PREMAP_SHADOW
|
|
||||||
uptr FindPremappedShadowStart() {
|
|
||||||
uptr granularity = GetMmapGranularity();
|
|
||||||
uptr shadow_start = reinterpret_cast<uptr>(&__asan_shadow);
|
|
||||||
uptr shadow_size = PremapShadowSize();
|
|
||||||
UnmapOrDie((void *)(shadow_start - granularity), shadow_size + granularity);
|
|
||||||
// MmapNoAccess does not touch TotalMmap, but UnmapOrDie decreases it.
|
|
||||||
// Compensate.
|
|
||||||
IncreaseTotalMmap(shadow_size + granularity);
|
|
||||||
return shadow_start;
|
|
||||||
}
|
|
||||||
#endif
|
|
||||||
|
|
||||||
uptr FindDynamicShadowStart() {
|
uptr FindDynamicShadowStart() {
|
||||||
#if ASAN_PREMAP_SHADOW
|
UNREACHABLE("FindDynamicShadowStart is not available");
|
||||||
if (!PremapShadowFailed())
|
return 0;
|
||||||
return FindPremappedShadowStart();
|
|
||||||
#endif
|
|
||||||
|
|
||||||
uptr granularity = GetMmapGranularity();
|
|
||||||
uptr alignment = granularity * 8;
|
|
||||||
uptr left_padding = granularity;
|
|
||||||
uptr shadow_size = kHighShadowEnd + left_padding;
|
|
||||||
uptr map_size = shadow_size + alignment;
|
|
||||||
|
|
||||||
uptr map_start = (uptr)MmapNoAccess(map_size);
|
|
||||||
CHECK_NE(map_start, ~(uptr)0);
|
|
||||||
|
|
||||||
uptr shadow_start = RoundUpTo(map_start, alignment);
|
|
||||||
UnmapOrDie((void *)map_start, map_size);
|
|
||||||
// MmapNoAccess does not touch TotalMmap, but UnmapOrDie decreases it.
|
|
||||||
// Compensate.
|
|
||||||
IncreaseTotalMmap(map_size);
|
|
||||||
|
|
||||||
return shadow_start;
|
|
||||||
}
|
}
|
||||||
|
|
||||||
void AsanApplyToGlobals(globals_op_fptr op, const void *needle) {
|
void AsanApplyToGlobals(globals_op_fptr op, const void *needle) {
|
||||||
|
|
|
@ -161,7 +161,7 @@ static const u64 kWindowsShadowOffset32 = 3ULL << 28; // 0x30000000
|
||||||
# define SHADOW_OFFSET (0)
|
# define SHADOW_OFFSET (0)
|
||||||
#elif SANITIZER_WORDSIZE == 32
|
#elif SANITIZER_WORDSIZE == 32
|
||||||
# if SANITIZER_ANDROID
|
# if SANITIZER_ANDROID
|
||||||
# define SHADOW_OFFSET __asan_shadow_memory_dynamic_address
|
# define SHADOW_OFFSET (0)
|
||||||
# elif defined(__mips__)
|
# elif defined(__mips__)
|
||||||
# define SHADOW_OFFSET kMIPS32_ShadowOffset32
|
# define SHADOW_OFFSET kMIPS32_ShadowOffset32
|
||||||
# elif SANITIZER_FREEBSD
|
# elif SANITIZER_FREEBSD
|
||||||
|
@ -205,12 +205,6 @@ static const u64 kWindowsShadowOffset32 = 3ULL << 28; // 0x30000000
|
||||||
# endif
|
# endif
|
||||||
#endif
|
#endif
|
||||||
|
|
||||||
#if SANITIZER_ANDROID && defined(__arm__)
|
|
||||||
# define ASAN_PREMAP_SHADOW 1
|
|
||||||
#else
|
|
||||||
# define ASAN_PREMAP_SHADOW 0
|
|
||||||
#endif
|
|
||||||
|
|
||||||
#define SHADOW_GRANULARITY (1ULL << SHADOW_SCALE)
|
#define SHADOW_GRANULARITY (1ULL << SHADOW_SCALE)
|
||||||
#define MEM_TO_SHADOW(mem) (((mem) >> SHADOW_SCALE) + (SHADOW_OFFSET))
|
#define MEM_TO_SHADOW(mem) (((mem) >> SHADOW_SCALE) + (SHADOW_OFFSET))
|
||||||
|
|
||||||
|
|
|
@ -1,78 +0,0 @@
|
||||||
//===-- asan_premap_shadow.cc ---------------------------------------------===//
|
|
||||||
//
|
|
||||||
// The LLVM Compiler Infrastructure
|
|
||||||
//
|
|
||||||
// This file is distributed under the University of Illinois Open Source
|
|
||||||
// License. See LICENSE.TXT for details.
|
|
||||||
//
|
|
||||||
//===----------------------------------------------------------------------===//
|
|
||||||
//
|
|
||||||
// This file is a part of AddressSanitizer, an address sanity checker.
|
|
||||||
//
|
|
||||||
// Reserve shadow memory with an ifunc resolver.
|
|
||||||
//===----------------------------------------------------------------------===//
|
|
||||||
|
|
||||||
#include "asan_mapping.h"
|
|
||||||
|
|
||||||
#if ASAN_PREMAP_SHADOW
|
|
||||||
|
|
||||||
#include "asan_premap_shadow.h"
|
|
||||||
#include "sanitizer_common/sanitizer_posix.h"
|
|
||||||
|
|
||||||
namespace __asan {
|
|
||||||
|
|
||||||
// The code in this file needs to run in an unrelocated binary. It may not
|
|
||||||
// access any external symbol, including its own non-hidden globals.
|
|
||||||
|
|
||||||
// Conservative upper limit.
|
|
||||||
uptr PremapShadowSize() {
|
|
||||||
return GetMaxVirtualAddress() >> SHADOW_SCALE;
|
|
||||||
}
|
|
||||||
|
|
||||||
// Returns an address aligned to 8 pages, such that one page on the left and
|
|
||||||
// PremapShadowSize() bytes on the right of it are mapped r/o.
|
|
||||||
uptr PremapShadow() {
|
|
||||||
uptr granularity = GetMmapGranularity();
|
|
||||||
uptr alignment = granularity * 8;
|
|
||||||
uptr left_padding = granularity;
|
|
||||||
uptr shadow_size = PremapShadowSize();
|
|
||||||
uptr map_size = shadow_size + left_padding + alignment;
|
|
||||||
|
|
||||||
uptr map_start = (uptr)MmapNoAccess(map_size);
|
|
||||||
CHECK_NE(map_start, ~(uptr)0);
|
|
||||||
|
|
||||||
uptr shadow_start = RoundUpTo(map_start + left_padding, alignment);
|
|
||||||
uptr shadow_end = shadow_start + shadow_size;
|
|
||||||
internal_munmap(reinterpret_cast<void *>(map_start),
|
|
||||||
shadow_start - left_padding - map_start);
|
|
||||||
internal_munmap(reinterpret_cast<void *>(shadow_end),
|
|
||||||
map_start + map_size - shadow_end);
|
|
||||||
return shadow_start;
|
|
||||||
}
|
|
||||||
|
|
||||||
bool PremapShadowFailed() {
|
|
||||||
uptr shadow = reinterpret_cast<uptr>(&__asan_shadow);
|
|
||||||
uptr resolver = reinterpret_cast<uptr>(&__asan_premap_shadow);
|
|
||||||
// shadow == resolver is how Android KitKat and older handles ifunc.
|
|
||||||
// shadow == 0 just in case.
|
|
||||||
if (shadow == 0 || shadow == resolver)
|
|
||||||
return true;
|
|
||||||
return false;
|
|
||||||
}
|
|
||||||
} // namespace __asan
|
|
||||||
|
|
||||||
extern "C" {
|
|
||||||
decltype(__asan_shadow)* __asan_premap_shadow() {
|
|
||||||
// The resolver may be called multiple times. Map the shadow just once.
|
|
||||||
static uptr premapped_shadow = 0;
|
|
||||||
if (!premapped_shadow) premapped_shadow = __asan::PremapShadow();
|
|
||||||
return reinterpret_cast<decltype(__asan_shadow)*>(premapped_shadow);
|
|
||||||
}
|
|
||||||
|
|
||||||
// __asan_shadow is a "function" that has the same address as the first byte of
|
|
||||||
// the shadow mapping.
|
|
||||||
INTERFACE_ATTRIBUTE __attribute__((ifunc("__asan_premap_shadow"))) void
|
|
||||||
__asan_shadow();
|
|
||||||
}
|
|
||||||
|
|
||||||
#endif // ASAN_PREMAP_SHADOW
|
|
|
@ -1,30 +0,0 @@
|
||||||
//===-- asan_mapping.h ------------------------------------------*- C++ -*-===//
|
|
||||||
//
|
|
||||||
// The LLVM Compiler Infrastructure
|
|
||||||
//
|
|
||||||
// This file is distributed under the University of Illinois Open Source
|
|
||||||
// License. See LICENSE.TXT for details.
|
|
||||||
//
|
|
||||||
//===----------------------------------------------------------------------===//
|
|
||||||
//
|
|
||||||
// This file is a part of AddressSanitizer, an address sanity checker.
|
|
||||||
//
|
|
||||||
// Premap shadow range with an ifunc resolver.
|
|
||||||
//===----------------------------------------------------------------------===//
|
|
||||||
|
|
||||||
|
|
||||||
#ifndef ASAN_PREMAP_SHADOW_H
|
|
||||||
#define ASAN_PREMAP_SHADOW_H
|
|
||||||
|
|
||||||
#if ASAN_PREMAP_SHADOW
|
|
||||||
namespace __asan {
|
|
||||||
// Conservative upper limit.
|
|
||||||
uptr PremapShadowSize();
|
|
||||||
bool PremapShadowFailed();
|
|
||||||
}
|
|
||||||
#endif
|
|
||||||
|
|
||||||
extern "C" INTERFACE_ATTRIBUTE void __asan_shadow();
|
|
||||||
extern "C" decltype(__asan_shadow)* __asan_premap_shadow();
|
|
||||||
|
|
||||||
#endif // ASAN_PREMAP_SHADOW_H
|
|
|
@ -73,7 +73,6 @@ INLINE uptr GetPageSizeCached() {
|
||||||
return PageSizeCached;
|
return PageSizeCached;
|
||||||
}
|
}
|
||||||
uptr GetMmapGranularity();
|
uptr GetMmapGranularity();
|
||||||
uptr GetMaxVirtualAddress();
|
|
||||||
uptr GetMaxUserVirtualAddress();
|
uptr GetMaxUserVirtualAddress();
|
||||||
// Threads
|
// Threads
|
||||||
tid_t GetTid();
|
tid_t GetTid();
|
||||||
|
|
|
@ -191,10 +191,6 @@ uptr GetMaxUserVirtualAddress() {
|
||||||
return ShadowBounds.memory_limit - 1;
|
return ShadowBounds.memory_limit - 1;
|
||||||
}
|
}
|
||||||
|
|
||||||
uptr GetMaxVirtualAddress() {
|
|
||||||
return GetMaxUserVirtualAddress();
|
|
||||||
}
|
|
||||||
|
|
||||||
static void *DoAnonymousMmapOrDie(uptr size, const char *mem_type,
|
static void *DoAnonymousMmapOrDie(uptr size, const char *mem_type,
|
||||||
bool raw_report, bool die_for_nomem) {
|
bool raw_report, bool die_for_nomem) {
|
||||||
size = RoundUpTo(size, PAGE_SIZE);
|
size = RoundUpTo(size, PAGE_SIZE);
|
||||||
|
|
|
@ -954,7 +954,7 @@ static uptr GetKernelAreaSize() {
|
||||||
}
|
}
|
||||||
#endif // SANITIZER_WORDSIZE == 32
|
#endif // SANITIZER_WORDSIZE == 32
|
||||||
|
|
||||||
uptr GetMaxVirtualAddress() {
|
uptr GetMaxUserVirtualAddress() {
|
||||||
#if SANITIZER_NETBSD && defined(__x86_64__)
|
#if SANITIZER_NETBSD && defined(__x86_64__)
|
||||||
return 0x7f7ffffff000ULL; // (0x00007f8000000000 - PAGE_SIZE)
|
return 0x7f7ffffff000ULL; // (0x00007f8000000000 - PAGE_SIZE)
|
||||||
#elif SANITIZER_WORDSIZE == 64
|
#elif SANITIZER_WORDSIZE == 64
|
||||||
|
@ -978,21 +978,15 @@ uptr GetMaxVirtualAddress() {
|
||||||
# if defined(__s390__)
|
# if defined(__s390__)
|
||||||
return (1ULL << 31) - 1; // 0x7fffffff;
|
return (1ULL << 31) - 1; // 0x7fffffff;
|
||||||
# else
|
# else
|
||||||
return (1ULL << 32) - 1; // 0xffffffff;
|
uptr res = (1ULL << 32) - 1; // 0xffffffff;
|
||||||
|
if (!common_flags()->full_address_space)
|
||||||
|
res -= GetKernelAreaSize();
|
||||||
|
CHECK_LT(reinterpret_cast<uptr>(&res), res);
|
||||||
|
return res;
|
||||||
# endif
|
# endif
|
||||||
#endif // SANITIZER_WORDSIZE
|
#endif // SANITIZER_WORDSIZE
|
||||||
}
|
}
|
||||||
|
|
||||||
uptr GetMaxUserVirtualAddress() {
|
|
||||||
uptr addr = GetMaxVirtualAddress();
|
|
||||||
#if SANITIZER_WORDSIZE == 32 && !defined(__s390__)
|
|
||||||
if (!common_flags()->full_address_space)
|
|
||||||
addr -= GetKernelAreaSize();
|
|
||||||
CHECK_LT(reinterpret_cast<uptr>(&addr), addr);
|
|
||||||
#endif
|
|
||||||
return addr;
|
|
||||||
}
|
|
||||||
|
|
||||||
uptr GetPageSize() {
|
uptr GetPageSize() {
|
||||||
// Android post-M sysconf(_SC_PAGESIZE) crashes if called from .preinit_array.
|
// Android post-M sysconf(_SC_PAGESIZE) crashes if called from .preinit_array.
|
||||||
#if SANITIZER_ANDROID
|
#if SANITIZER_ANDROID
|
||||||
|
|
|
@ -864,10 +864,6 @@ uptr GetMaxUserVirtualAddress() {
|
||||||
#endif // SANITIZER_WORDSIZE
|
#endif // SANITIZER_WORDSIZE
|
||||||
}
|
}
|
||||||
|
|
||||||
uptr GetMaxVirtualAddress() {
|
|
||||||
return GetMaxUserVirtualAddress();
|
|
||||||
}
|
|
||||||
|
|
||||||
uptr FindAvailableMemoryRange(uptr shadow_size,
|
uptr FindAvailableMemoryRange(uptr shadow_size,
|
||||||
uptr alignment,
|
uptr alignment,
|
||||||
uptr left_padding,
|
uptr left_padding,
|
||||||
|
|
|
@ -70,10 +70,6 @@ uptr GetMaxUserVirtualAddress() {
|
||||||
return (uptr)si.lpMaximumApplicationAddress;
|
return (uptr)si.lpMaximumApplicationAddress;
|
||||||
}
|
}
|
||||||
|
|
||||||
uptr GetMaxVirtualAddress() {
|
|
||||||
return GetMaxUserVirtualAddress();
|
|
||||||
}
|
|
||||||
|
|
||||||
bool FileExists(const char *filename) {
|
bool FileExists(const char *filename) {
|
||||||
return ::GetFileAttributesA(filename) != INVALID_FILE_ATTRIBUTES;
|
return ::GetFileAttributesA(filename) != INVALID_FILE_ATTRIBUTES;
|
||||||
}
|
}
|
||||||
|
|
|
@ -137,8 +137,8 @@ static const char *const kAsanUnregisterElfGlobalsName =
|
||||||
static const char *const kAsanPoisonGlobalsName = "__asan_before_dynamic_init";
|
static const char *const kAsanPoisonGlobalsName = "__asan_before_dynamic_init";
|
||||||
static const char *const kAsanUnpoisonGlobalsName = "__asan_after_dynamic_init";
|
static const char *const kAsanUnpoisonGlobalsName = "__asan_after_dynamic_init";
|
||||||
static const char *const kAsanInitName = "__asan_init";
|
static const char *const kAsanInitName = "__asan_init";
|
||||||
static const char *const kAsanVersionCheckNamePrefix =
|
static const char *const kAsanVersionCheckName =
|
||||||
"__asan_version_mismatch_check_v";
|
"__asan_version_mismatch_check_v8";
|
||||||
static const char *const kAsanPtrCmp = "__sanitizer_ptr_cmp";
|
static const char *const kAsanPtrCmp = "__sanitizer_ptr_cmp";
|
||||||
static const char *const kAsanPtrSub = "__sanitizer_ptr_sub";
|
static const char *const kAsanPtrSub = "__sanitizer_ptr_sub";
|
||||||
static const char *const kAsanHandleNoReturnName = "__asan_handle_no_return";
|
static const char *const kAsanHandleNoReturnName = "__asan_handle_no_return";
|
||||||
|
@ -208,18 +208,6 @@ static cl::opt<bool> ClForceDynamicShadow(
|
||||||
cl::desc("Load shadow address into a local variable for each function"),
|
cl::desc("Load shadow address into a local variable for each function"),
|
||||||
cl::Hidden, cl::init(false));
|
cl::Hidden, cl::init(false));
|
||||||
|
|
||||||
static cl::opt<bool>
|
|
||||||
ClWithIfunc("asan-with-ifunc",
|
|
||||||
cl::desc("Access dynamic shadow through an ifunc global on "
|
|
||||||
"platforms that support this"),
|
|
||||||
cl::Hidden, cl::init(true));
|
|
||||||
|
|
||||||
static cl::opt<bool> ClWithIfuncSuppressRemat(
|
|
||||||
"asan-with-ifunc-suppress-remat",
|
|
||||||
cl::desc("Suppress rematerialization of dynamic shadow address by passing "
|
|
||||||
"it through inline asm in prologue."),
|
|
||||||
cl::Hidden, cl::init(true));
|
|
||||||
|
|
||||||
// This flag limits the number of instructions to be instrumented
|
// This flag limits the number of instructions to be instrumented
|
||||||
// in any given BB. Normally, this should be set to unlimited (INT_MAX),
|
// in any given BB. Normally, this should be set to unlimited (INT_MAX),
|
||||||
// but due to http://llvm.org/bugs/show_bug.cgi?id=12652 we temporary
|
// but due to http://llvm.org/bugs/show_bug.cgi?id=12652 we temporary
|
||||||
|
@ -460,14 +448,10 @@ private:
|
||||||
|
|
||||||
/// This struct defines the shadow mapping using the rule:
|
/// This struct defines the shadow mapping using the rule:
|
||||||
/// shadow = (mem >> Scale) ADD-or-OR Offset.
|
/// shadow = (mem >> Scale) ADD-or-OR Offset.
|
||||||
/// If InGlobal is true, then
|
|
||||||
/// extern char __asan_shadow[];
|
|
||||||
/// shadow = (mem >> Scale) + &__asan_shadow
|
|
||||||
struct ShadowMapping {
|
struct ShadowMapping {
|
||||||
int Scale;
|
int Scale;
|
||||||
uint64_t Offset;
|
uint64_t Offset;
|
||||||
bool OrShadowOffset;
|
bool OrShadowOffset;
|
||||||
bool InGlobal;
|
|
||||||
};
|
};
|
||||||
|
|
||||||
} // end anonymous namespace
|
} // end anonymous namespace
|
||||||
|
@ -489,7 +473,6 @@ static ShadowMapping getShadowMapping(Triple &TargetTriple, int LongSize,
|
||||||
TargetTriple.getArch() == Triple::mipsel;
|
TargetTriple.getArch() == Triple::mipsel;
|
||||||
bool IsMIPS64 = TargetTriple.getArch() == Triple::mips64 ||
|
bool IsMIPS64 = TargetTriple.getArch() == Triple::mips64 ||
|
||||||
TargetTriple.getArch() == Triple::mips64el;
|
TargetTriple.getArch() == Triple::mips64el;
|
||||||
bool IsArmOrThumb = TargetTriple.isARM() || TargetTriple.isThumb();
|
|
||||||
bool IsAArch64 = TargetTriple.getArch() == Triple::aarch64;
|
bool IsAArch64 = TargetTriple.getArch() == Triple::aarch64;
|
||||||
bool IsWindows = TargetTriple.isOSWindows();
|
bool IsWindows = TargetTriple.isOSWindows();
|
||||||
bool IsFuchsia = TargetTriple.isOSFuchsia();
|
bool IsFuchsia = TargetTriple.isOSFuchsia();
|
||||||
|
@ -502,8 +485,10 @@ static ShadowMapping getShadowMapping(Triple &TargetTriple, int LongSize,
|
||||||
}
|
}
|
||||||
|
|
||||||
if (LongSize == 32) {
|
if (LongSize == 32) {
|
||||||
|
// Android is always PIE, which means that the beginning of the address
|
||||||
|
// space is always available.
|
||||||
if (IsAndroid)
|
if (IsAndroid)
|
||||||
Mapping.Offset = kDynamicShadowSentinel;
|
Mapping.Offset = 0;
|
||||||
else if (IsMIPS32)
|
else if (IsMIPS32)
|
||||||
Mapping.Offset = kMIPS32_ShadowOffset32;
|
Mapping.Offset = kMIPS32_ShadowOffset32;
|
||||||
else if (IsFreeBSD)
|
else if (IsFreeBSD)
|
||||||
|
@ -567,9 +552,6 @@ static ShadowMapping getShadowMapping(Triple &TargetTriple, int LongSize,
|
||||||
Mapping.OrShadowOffset = !IsAArch64 && !IsPPC64 && !IsSystemZ && !IsPS4CPU &&
|
Mapping.OrShadowOffset = !IsAArch64 && !IsPPC64 && !IsSystemZ && !IsPS4CPU &&
|
||||||
!(Mapping.Offset & (Mapping.Offset - 1)) &&
|
!(Mapping.Offset & (Mapping.Offset - 1)) &&
|
||||||
Mapping.Offset != kDynamicShadowSentinel;
|
Mapping.Offset != kDynamicShadowSentinel;
|
||||||
bool IsAndroidWithIfuncSupport =
|
|
||||||
IsAndroid && !TargetTriple.isAndroidVersionLT(21);
|
|
||||||
Mapping.InGlobal = ClWithIfunc && IsAndroidWithIfuncSupport && IsArmOrThumb;
|
|
||||||
|
|
||||||
return Mapping;
|
return Mapping;
|
||||||
}
|
}
|
||||||
|
@ -692,7 +674,6 @@ private:
|
||||||
DominatorTree *DT;
|
DominatorTree *DT;
|
||||||
Function *AsanHandleNoReturnFunc;
|
Function *AsanHandleNoReturnFunc;
|
||||||
Function *AsanPtrCmpFunction, *AsanPtrSubFunction;
|
Function *AsanPtrCmpFunction, *AsanPtrSubFunction;
|
||||||
Constant *AsanShadowGlobal;
|
|
||||||
|
|
||||||
// These arrays is indexed by AccessIsWrite, Experiment and log2(AccessSize).
|
// These arrays is indexed by AccessIsWrite, Experiment and log2(AccessSize).
|
||||||
Function *AsanErrorCallback[2][2][kNumberOfAccessSizes];
|
Function *AsanErrorCallback[2][2][kNumberOfAccessSizes];
|
||||||
|
@ -765,7 +746,6 @@ private:
|
||||||
size_t MinRedzoneSizeForGlobal() const {
|
size_t MinRedzoneSizeForGlobal() const {
|
||||||
return RedzoneSizeForScale(Mapping.Scale);
|
return RedzoneSizeForScale(Mapping.Scale);
|
||||||
}
|
}
|
||||||
int GetAsanVersion(const Module &M) const;
|
|
||||||
|
|
||||||
GlobalsMetadata GlobalsMD;
|
GlobalsMetadata GlobalsMD;
|
||||||
bool CompileKernel;
|
bool CompileKernel;
|
||||||
|
@ -998,9 +978,8 @@ struct FunctionStackPoisoner : public InstVisitor<FunctionStackPoisoner> {
|
||||||
void visitCallSite(CallSite CS) {
|
void visitCallSite(CallSite CS) {
|
||||||
Instruction *I = CS.getInstruction();
|
Instruction *I = CS.getInstruction();
|
||||||
if (CallInst *CI = dyn_cast<CallInst>(I)) {
|
if (CallInst *CI = dyn_cast<CallInst>(I)) {
|
||||||
HasNonEmptyInlineAsm |= CI->isInlineAsm() &&
|
HasNonEmptyInlineAsm |=
|
||||||
!CI->isIdenticalTo(EmptyInlineAsm.get()) &&
|
CI->isInlineAsm() && !CI->isIdenticalTo(EmptyInlineAsm.get());
|
||||||
I != ASan.LocalDynamicShadow;
|
|
||||||
HasReturnsTwiceCall |= CI->canReturnTwice();
|
HasReturnsTwiceCall |= CI->canReturnTwice();
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
@ -2181,16 +2160,6 @@ bool AddressSanitizerModule::InstrumentGlobals(IRBuilder<> &IRB, Module &M, bool
|
||||||
return true;
|
return true;
|
||||||
}
|
}
|
||||||
|
|
||||||
int AddressSanitizerModule::GetAsanVersion(const Module &M) const {
|
|
||||||
int LongSize = M.getDataLayout().getPointerSizeInBits();
|
|
||||||
bool isAndroid = Triple(M.getTargetTriple()).isAndroid();
|
|
||||||
int Version = 8;
|
|
||||||
// 32-bit Android is one version ahead because of the switch to dynamic
|
|
||||||
// shadow.
|
|
||||||
Version += (LongSize == 32 && isAndroid);
|
|
||||||
return Version;
|
|
||||||
}
|
|
||||||
|
|
||||||
bool AddressSanitizerModule::runOnModule(Module &M) {
|
bool AddressSanitizerModule::runOnModule(Module &M) {
|
||||||
C = &(M.getContext());
|
C = &(M.getContext());
|
||||||
int LongSize = M.getDataLayout().getPointerSizeInBits();
|
int LongSize = M.getDataLayout().getPointerSizeInBits();
|
||||||
|
@ -2204,11 +2173,9 @@ bool AddressSanitizerModule::runOnModule(Module &M) {
|
||||||
|
|
||||||
// Create a module constructor. A destructor is created lazily because not all
|
// Create a module constructor. A destructor is created lazily because not all
|
||||||
// platforms, and not all modules need it.
|
// platforms, and not all modules need it.
|
||||||
std::string VersionCheckName =
|
|
||||||
kAsanVersionCheckNamePrefix + std::to_string(GetAsanVersion(M));
|
|
||||||
std::tie(AsanCtorFunction, std::ignore) = createSanitizerCtorAndInitFunctions(
|
std::tie(AsanCtorFunction, std::ignore) = createSanitizerCtorAndInitFunctions(
|
||||||
M, kAsanModuleCtorName, kAsanInitName, /*InitArgTypes=*/{},
|
M, kAsanModuleCtorName, kAsanInitName, /*InitArgTypes=*/{},
|
||||||
/*InitArgs=*/{}, VersionCheckName);
|
/*InitArgs=*/{}, kAsanVersionCheckName);
|
||||||
|
|
||||||
bool CtorComdat = true;
|
bool CtorComdat = true;
|
||||||
bool Changed = false;
|
bool Changed = false;
|
||||||
|
@ -2307,9 +2274,6 @@ void AddressSanitizer::initializeCallbacks(Module &M) {
|
||||||
EmptyAsm = InlineAsm::get(FunctionType::get(IRB.getVoidTy(), false),
|
EmptyAsm = InlineAsm::get(FunctionType::get(IRB.getVoidTy(), false),
|
||||||
StringRef(""), StringRef(""),
|
StringRef(""), StringRef(""),
|
||||||
/*hasSideEffects=*/true);
|
/*hasSideEffects=*/true);
|
||||||
if (Mapping.InGlobal)
|
|
||||||
AsanShadowGlobal = M.getOrInsertGlobal("__asan_shadow",
|
|
||||||
ArrayType::get(IRB.getInt8Ty(), 0));
|
|
||||||
}
|
}
|
||||||
|
|
||||||
// virtual
|
// virtual
|
||||||
|
@ -2355,25 +2319,9 @@ void AddressSanitizer::maybeInsertDynamicShadowAtFunctionEntry(Function &F) {
|
||||||
return;
|
return;
|
||||||
|
|
||||||
IRBuilder<> IRB(&F.front().front());
|
IRBuilder<> IRB(&F.front().front());
|
||||||
if (Mapping.InGlobal) {
|
Value *GlobalDynamicAddress = F.getParent()->getOrInsertGlobal(
|
||||||
if (ClWithIfuncSuppressRemat) {
|
kAsanShadowMemoryDynamicAddress, IntptrTy);
|
||||||
// An empty inline asm with input reg == output reg.
|
LocalDynamicShadow = IRB.CreateLoad(GlobalDynamicAddress);
|
||||||
// An opaque pointer-to-int cast, basically.
|
|
||||||
InlineAsm *Asm = InlineAsm::get(
|
|
||||||
FunctionType::get(IntptrTy, {AsanShadowGlobal->getType()}, false),
|
|
||||||
StringRef(""), StringRef("=r,0"),
|
|
||||||
/*hasSideEffects=*/false);
|
|
||||||
LocalDynamicShadow =
|
|
||||||
IRB.CreateCall(Asm, {AsanShadowGlobal}, ".asan.shadow");
|
|
||||||
} else {
|
|
||||||
LocalDynamicShadow =
|
|
||||||
IRB.CreatePointerCast(AsanShadowGlobal, IntptrTy, ".asan.shadow");
|
|
||||||
}
|
|
||||||
} else {
|
|
||||||
Value *GlobalDynamicAddress = F.getParent()->getOrInsertGlobal(
|
|
||||||
kAsanShadowMemoryDynamicAddress, IntptrTy);
|
|
||||||
LocalDynamicShadow = IRB.CreateLoad(GlobalDynamicAddress);
|
|
||||||
}
|
|
||||||
}
|
}
|
||||||
|
|
||||||
void AddressSanitizer::markEscapedLocalAllocas(Function &F) {
|
void AddressSanitizer::markEscapedLocalAllocas(Function &F) {
|
||||||
|
|
|
@ -1,47 +0,0 @@
|
||||||
; Test -asan-with-ifunc flag.
|
|
||||||
;
|
|
||||||
; RUN: opt -asan -asan-module -S -asan-with-ifunc=0 < %s | \
|
|
||||||
; RUN: FileCheck %s --check-prefixes=CHECK,CHECK-NOIFUNC
|
|
||||||
; RUN: opt -asan -asan-module -S -asan-with-ifunc=1 -asan-with-ifunc-suppress-remat=0 < %s | \
|
|
||||||
; RUN: FileCheck %s --check-prefixes=CHECK,CHECK-IFUNC
|
|
||||||
; RUN: opt -asan -asan-module -S -asan-with-ifunc=1 -asan-with-ifunc-suppress-remat=1 < %s | \
|
|
||||||
; RUN: FileCheck %s --check-prefixes=CHECK,CHECK-IFUNC-NOREMAT
|
|
||||||
|
|
||||||
; Pre-Lollipop Android does not support ifunc.
|
|
||||||
; RUN: opt -asan -asan-module -S -asan-with-ifunc=1 -asan-with-ifunc-suppress-remat=0 -mtriple=armv7-linux-android20 < %s | \
|
|
||||||
; RUN: FileCheck %s --check-prefixes=CHECK,CHECK-NOIFUNC
|
|
||||||
; RUN: opt -asan -asan-module -S -asan-with-ifunc=1 -asan-with-ifunc-suppress-remat=0 -mtriple=armv7-linux-android < %s | \
|
|
||||||
; RUN: FileCheck %s --check-prefixes=CHECK,CHECK-NOIFUNC
|
|
||||||
; RUN: opt -asan -asan-module -S -asan-with-ifunc=1 -asan-with-ifunc-suppress-remat=0 -mtriple=armv7-linux-android21 < %s | \
|
|
||||||
; RUN: FileCheck %s --check-prefixes=CHECK,CHECK-IFUNC
|
|
||||||
|
|
||||||
target datalayout = "e-m:e-p:32:32-i64:64-v128:64:128-a:0:32-n32-S64"
|
|
||||||
target triple = "armv7--linux-android22"
|
|
||||||
|
|
||||||
; CHECK-IFUNC: @__asan_shadow = external global [0 x i8]
|
|
||||||
; CHECK-NOIFUNC: @__asan_shadow_memory_dynamic_address = external global i32
|
|
||||||
|
|
||||||
define i32 @test_load(i32* %a) sanitize_address {
|
|
||||||
; First instrumentation in the function must be to load the dynamic shadow
|
|
||||||
; address into a local variable.
|
|
||||||
; CHECK-LABEL: @test_load
|
|
||||||
; CHECK: entry:
|
|
||||||
|
|
||||||
; CHECK-IFUNC-NEXT: %[[A:[^ ]*]] = ptrtoint i32* %a to i32
|
|
||||||
; CHECK-IFUNC-NEXT: %[[B:[^ ]*]] = lshr i32 %[[A]], 3
|
|
||||||
; CHECK-IFUNC-NEXT: %[[C:[^ ]*]] = add i32 %[[B]], ptrtoint ([0 x i8]* @__asan_shadow to i32)
|
|
||||||
|
|
||||||
; CHECK-IFUNC-NOREMAT-NEXT: %[[S:[^ ]*]] = call i32 asm "", "=r,0"([0 x i8]* @__asan_shadow)
|
|
||||||
; CHECK-IFUNC-NOREMAT-NEXT: %[[A:[^ ]*]] = ptrtoint i32* %a to i32
|
|
||||||
; CHECK-IFUNC-NOREMAT-NEXT: %[[B:[^ ]*]] = lshr i32 %[[A]], 3
|
|
||||||
; CHECK-IFUNC-NOREMAT-NEXT: %[[C:[^ ]*]] = add i32 %[[B]], %[[S]]
|
|
||||||
|
|
||||||
; CHECK-NOIFUNC-NEXT: %[[SHADOW:[^ ]*]] = load i32, i32* @__asan_shadow_memory_dynamic_address
|
|
||||||
; CHECK-NOIFUNC-NEXT: %[[A:[^ ]*]] = ptrtoint i32* %a to i32
|
|
||||||
; CHECK-NOIFUNC-NEXT: %[[B:[^ ]*]] = lshr i32 %[[A]], 3
|
|
||||||
; CHECK-NOIFUNC-NEXT: %[[C:[^ ]*]] = add i32 %[[B]], %[[SHADOW]]
|
|
||||||
|
|
||||||
entry:
|
|
||||||
%x = load i32, i32* %a, align 4
|
|
||||||
ret i32 %x
|
|
||||||
}
|
|
Loading…
Reference in New Issue