maxjhandsome
/
llvm-project
forked from OSchip/llvm-project
1
0
Fork 0
Code Issues Pull Requests Packages Releases Wiki Activity

[ASan] Fixed null pointer bug introduced in D112098. 

Also added some more test to cover the "else if" part.

Reviewed By: RKSimon

Differential Revision: https://reviews.llvm.org/D118645
This commit is contained in:
Kirill Stoimenov 2022-01-31 20:51:03 +00:00
parent b79e2a1ccd
commit a5dd6c7419
2 changed files with 35 additions and 7 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

12
llvm/lib/Transforms/Instrumentation/AddressSanitizer.cpp
View File

@ -1527,22 +1527,22 @@ void AddressSanitizer::getInterestingMemoryOperands(
return; return;
if (LoadInst *LI = dyn_cast<LoadInst>(I)) { if (LoadInst *LI = dyn_cast<LoadInst>(I)) {
if (!ClInstrumentReads || ignoreAccess(LI, LI->getPointerOperand())) if (!ClInstrumentReads || ignoreAccess(I, LI->getPointerOperand()))
return; return;
Interesting.emplace_back(I, LI->getPointerOperandIndex(), false, Interesting.emplace_back(I, LI->getPointerOperandIndex(), false,
LI->getType(), LI->getAlign()); LI->getType(), LI->getAlign());
} else if (StoreInst *SI = dyn_cast<StoreInst>(I)) { } else if (StoreInst *SI = dyn_cast<StoreInst>(I)) {
if (!ClInstrumentWrites || ignoreAccess(LI, SI->getPointerOperand())) if (!ClInstrumentWrites || ignoreAccess(I, SI->getPointerOperand()))
return; return;
Interesting.emplace_back(I, SI->getPointerOperandIndex(), true, Interesting.emplace_back(I, SI->getPointerOperandIndex(), true,
SI->getValueOperand()->getType(), SI->getAlign()); SI->getValueOperand()->getType(), SI->getAlign());
} else if (AtomicRMWInst *RMW = dyn_cast<AtomicRMWInst>(I)) { } else if (AtomicRMWInst *RMW = dyn_cast<AtomicRMWInst>(I)) {
if (!ClInstrumentAtomics || ignoreAccess(LI, RMW->getPointerOperand())) if (!ClInstrumentAtomics || ignoreAccess(I, RMW->getPointerOperand()))
return; return;
Interesting.emplace_back(I, RMW->getPointerOperandIndex(), true, Interesting.emplace_back(I, RMW->getPointerOperandIndex(), true,
RMW->getValOperand()->getType(), None); RMW->getValOperand()->getType(), None);
} else if (AtomicCmpXchgInst *XCHG = dyn_cast<AtomicCmpXchgInst>(I)) { } else if (AtomicCmpXchgInst *XCHG = dyn_cast<AtomicCmpXchgInst>(I)) {
if (!ClInstrumentAtomics || ignoreAccess(LI, XCHG->getPointerOperand())) if (!ClInstrumentAtomics || ignoreAccess(I, XCHG->getPointerOperand()))
return; return;
Interesting.emplace_back(I, XCHG->getPointerOperandIndex(), true, Interesting.emplace_back(I, XCHG->getPointerOperandIndex(), true,
XCHG->getCompareOperand()->getType(), None); XCHG->getCompareOperand()->getType(), None);
@ -1556,7 +1556,7 @@ void AddressSanitizer::getInterestingMemoryOperands(
return; return;
auto BasePtr = CI->getOperand(OpOffset); auto BasePtr = CI->getOperand(OpOffset);
if (ignoreAccess(LI, BasePtr)) if (ignoreAccess(I, BasePtr))
return; return;
Type *Ty = IsWrite ? CI->getArgOperand(0)->getType() : CI->getType(); Type *Ty = IsWrite ? CI->getArgOperand(0)->getType() : CI->getType();
MaybeAlign Alignment = Align(1); MaybeAlign Alignment = Align(1);
@ -1568,7 +1568,7 @@ void AddressSanitizer::getInterestingMemoryOperands(
} else { } else {
for (unsigned ArgNo = 0; ArgNo < CI->arg_size(); ArgNo++) { for (unsigned ArgNo = 0; ArgNo < CI->arg_size(); ArgNo++) {
if (!ClInstrumentByval || !CI->isByValArgument(ArgNo) || if (!ClInstrumentByval || !CI->isByValArgument(ArgNo) ||
ignoreAccess(LI, CI->getArgOperand(ArgNo))) ignoreAccess(I, CI->getArgOperand(ArgNo)))
continue; continue;
Type *Ty = CI->getParamByValType(ArgNo); Type *Ty = CI->getParamByValType(ArgNo);
Interesting.emplace_back(I, ArgNo, false, Ty, Align(1)); Interesting.emplace_back(I, ArgNo, false, Ty, Align(1));

30
llvm/test/Instrumentation/AddressSanitizer/asan-stack-safety.ll
View File

@ -9,11 +9,39 @@
; RUN: opt < %s -S -enable-new-pm=1 -asan-instrumentation-with-call-threshold=0 \ ; RUN: opt < %s -S -enable-new-pm=1 -asan-instrumentation-with-call-threshold=0 \
; RUN: -passes='asan-pipeline' -asan-use-stack-safety=1 -o - | FileCheck %s --check-prefixes=SAFETY ; RUN: -passes='asan-pipeline' -asan-use-stack-safety=1 -o - | FileCheck %s --check-prefixes=SAFETY
; NOSAFETY: call void @__asan_load1 ; NOSAFETY: call void @__asan_load1
; NOSAFETY: call void @__asan_store1
; NOSAFETY: call void @__asan_store1
; NOSAFETY: call void @__asan_store1
; SAFETY-NOT: call void @__asan_load1 ; SAFETY-NOT: call void @__asan_load1
; SAFETY-NOT: call void @__asan_store1
; SAFETY-NOT: call void @__asan_store1
; SAFETY-NOT: call void @__asan_store1
define i32 @stack-safety() sanitize_address { define i32 @load() sanitize_address {
%buf = alloca [10 x i8], align 1 %buf = alloca [10 x i8], align 1
%arrayidx = getelementptr inbounds [10 x i8], [10 x i8]* %buf, i64 0, i64 0 %arrayidx = getelementptr inbounds [10 x i8], [10 x i8]* %buf, i64 0, i64 0
%1 = load i8, i8* %arrayidx, align 1 %1 = load i8, i8* %arrayidx, align 1
ret i32 0 ret i32 0
} }
define i32 @store() sanitize_address {
%buf = alloca [10 x i8], align 1
%arrayidx = getelementptr inbounds [10 x i8], [10 x i8]* %buf, i64 0, i64 0
store i8 0, i8* %arrayidx
ret i32 0
}
define void @atomicrmw() sanitize_address {
%buf = alloca [10 x i8], align 1
%arrayidx = getelementptr inbounds [10 x i8], [10 x i8]* %buf, i64 0, i64 0
%1 = atomicrmw add i8* %arrayidx, i8 1 seq_cst
ret void
}
define void @cmpxchg(i8 %compare_to, i8 %new_value) sanitize_address {
%buf = alloca [10 x i8], align 1
%arrayidx = getelementptr inbounds [10 x i8], [10 x i8]* %buf, i64 0, i64 0
%1 = cmpxchg i8* %arrayidx, i8 %compare_to, i8 %new_value seq_cst seq_cst
ret void
}