Commit Graph

512 Commits

Author SHA1 Message Date
Anna Zaks e732ce4dff Revert "[asan] LLVM: Switch to using dynamic shadow offset on iOS"
This reverts commit abe77a118615cd90b0d7f127e4797096afa2b394.

Revert as these changes broke a Chromium buildbot.

llvm-svn: 283348
2016-10-05 17:42:02 +00:00
Anna Zaks ef97d2c589 [asan] LLVM: Switch to using dynamic shadow offset on iOS
The VM layout is not stable between iOS version releases, so switch to dynamic shadow offset.

This is the LLVM counterpart of https://reviews.llvm.org/D25218

Differential Revision: https://reviews.llvm.org/D25219

llvm-svn: 283239
2016-10-04 19:02:29 +00:00
Mehdi Amini 117296c0a0 Use StringRef in Pass/PassManager APIs (NFC)
llvm-svn: 283004
2016-10-01 02:56:57 +00:00
Mehdi Amini 6610b01a27 [ASAN] Add the binder globals on Darwin to llvm.compiler.used to avoid LTO dead-stripping
The binder is in a specific section that "reverse" the edges in a
regular dead-stripping: the binder is live as long as a global it
references is live.

This is a big hammer that prevents LLVM from dead-stripping these,
while still allowing linker dead-stripping (with special knowledge
of the section).

Differential Revision: https://reviews.llvm.org/D24673

llvm-svn: 282988
2016-10-01 00:05:34 +00:00
Etienne Bergeron 0ca0568604 [asan] Support dynamic shadow address instrumentation
Summary:
This patch is adding the support for a shadow memory with
dynamically allocated address range.

The compiler-rt needs to export a symbol containing the shadow
memory range.

This is required to support ASAN on windows 64-bits.

Reviewers: kcc, rnk, vitalybuka

Subscribers: zaks.anna, kubabrecka, dberris, llvm-commits, chrisha

Differential Revision: https://reviews.llvm.org/D23354

llvm-svn: 282881
2016-09-30 17:46:32 +00:00
Etienne Bergeron 7f0e315327 [compiler-rt] fix typo in option description [NFC]
llvm-svn: 282163
2016-09-22 14:57:24 +00:00
Nico Weber a489438849 revert 281908 because 281909 got reverted
llvm-svn: 282097
2016-09-21 18:25:43 +00:00
Adrian Prantl 12fa3b3911 ASAN: Don't drop debug info attachements for global variables.
This is a follow-up to r281284. Global Variables now can have
!dbg attachements, so ASAN should clone these when generating a
sanitized copy of a global variable.

<rdar://problem/24899262>

llvm-svn: 281994
2016-09-20 18:28:42 +00:00
Etienne Bergeron 6ba5176862 [asan] Support dynamic shadow address instrumentation
Summary:
This patch is adding the support for a shadow memory with
dynamically allocated address range.

The compiler-rt needs to export a symbol containing the shadow
memory range.

This is required to support ASAN on windows 64-bits.

Reviewers: kcc, rnk, vitalybuka

Subscribers: kubabrecka, dberris, llvm-commits, chrisha

Differential Revision: https://reviews.llvm.org/D23354

llvm-svn: 281908
2016-09-19 15:58:38 +00:00
Vitaly Buka 6c7a0bc3d9 Revert "[asan] Avoid lifetime analysis for allocas with can be in ambiguous state"
This approach is not good enough. Working on the new solution.

This reverts commit r280907.

llvm-svn: 281689
2016-09-16 01:38:46 +00:00
Vitaly Buka 4670ae5f61 Revert "[asan] Add flag to allow lifetime analysis of problematic allocas"
This approach is not good enough. Working on the new solution.

This reverts commit r281126.

llvm-svn: 281688
2016-09-16 01:38:43 +00:00
Etienne Bergeron 78582b2ada [compiler-rt] Changing function prototype returning unused value
Summary: The return value of `maybeInsertAsanInitAtFunctionEntry` is ignored.

Reviewers: rnk

Subscribers: llvm-commits, chrisha, dberris

Differential Revision: https://reviews.llvm.org/D24568

llvm-svn: 281620
2016-09-15 15:45:05 +00:00
Etienne Bergeron 52e4743e24 Fix silly mistake introduced here : https://reviews.llvm.org/D24566
Asan bots are currently broken without this patch.

llvm-svn: 281618
2016-09-15 15:35:59 +00:00
Etienne Bergeron c0669ce984 address comments from: https://reviews.llvm.org/D24566
using startswith instead of find.

llvm-svn: 281617
2016-09-15 15:19:19 +00:00
Etienne Bergeron 752f8839a4 [compiler-rt] Avoid instrumenting sanitizer functions
Summary:
Function __asan_default_options is called by __asan_init before the
shadow memory got initialized. Instrumenting that function may lead
to flaky execution.

As the __asan_default_options is provided by users, we cannot expect
them to add the appropriate function atttributes to avoid
instrumentation.

Reviewers: kcc, rnk

Subscribers: dberris, chrisha, llvm-commits

Differential Revision: https://reviews.llvm.org/D24566

llvm-svn: 281503
2016-09-14 17:18:37 +00:00
Etienne Bergeron 9bd4281006 Fix typo in comment [NFC]
llvm-svn: 281492
2016-09-14 15:59:32 +00:00
Kuba Brecka a1ea64a044 [asan] Enable -asan-use-private-alias on Darwin/Mach-O, add test for ODR false positive with LTO (llvm part)
The '-asan-use-private-alias’ option (disabled by default) option is currently only enabled for Linux and ELF, but it also works on Darwin and Mach-O. This option also fixes a known problem with LTO on Darwin (https://github.com/google/sanitizers/issues/647). This patch enables the support for Darwin (but still keeps it off by default) and adds the LTO test case.

Differential Revision: https://reviews.llvm.org/D24292

llvm-svn: 281470
2016-09-14 14:06:33 +00:00
Vitaly Buka 3ac3aa50f6 [asan] Add flag to allow lifetime analysis of problematic allocas
Summary:
Could be useful for comparison when we suspect that alloca was skipped
because of this.

Reviewers: eugenis

Subscribers: llvm-commits

Differential Revision: https://reviews.llvm.org/D24437

llvm-svn: 281126
2016-09-10 01:06:11 +00:00
Vitaly Buka 58a81c6540 [asan] Avoid lifetime analysis for allocas with can be in ambiguous state
Summary:
C allows to jump over variables declaration so lifetime.start can be
avoid before variable usage. To avoid false-positives on such rare cases
we detect them and remove from lifetime analysis.

PR27453
PR28267

Reviewers: eugenis

Subscribers: llvm-commits

Differential Revision: https://reviews.llvm.org/D24321

llvm-svn: 280907
2016-09-08 06:27:58 +00:00
Vitaly Buka c5e53b2a53 Revert "[asan] Avoid lifetime analysis for allocas with can be in ambiguous state"
Fails on Windows.

This reverts commit r280880.

llvm-svn: 280883
2016-09-07 23:37:15 +00:00
Vitaly Buka 2ca05b07d6 [asan] Avoid lifetime analysis for allocas with can be in ambiguous state
Summary:
C allows to jump over variables declaration so lifetime.start can be
avoid before variable usage. To avoid false-positives on such rare cases
we detect them and remove from lifetime analysis.

PR27453
PR28267

Reviewers: eugenis

Subscribers: llvm-commits

Differential Revision: https://reviews.llvm.org/D24321

llvm-svn: 280880
2016-09-07 23:18:23 +00:00
Vitaly Buka 3c4f6bf654 [asan] Enable new stack poisoning with store instruction by default
Reviewers: eugenis

Subscribers: llvm-commits

Differential Revision: https://reviews.llvm.org/D23968

llvm-svn: 279993
2016-08-29 19:28:34 +00:00
Vitaly Buka 793913c7eb Use store operation to poison allocas for lifetime analysis.
Summary:
Calling __asan_poison_stack_memory and __asan_unpoison_stack_memory for small
variables is too expensive.

Code is disabled by default and can be enabled by -asan-experimental-poisoning.

PR27453

Reviewers: eugenis

Subscribers: llvm-commits

Differential Revision: https://reviews.llvm.org/D23947

llvm-svn: 279984
2016-08-29 18:17:21 +00:00
Vitaly Buka db331d8be7 [asan] Separate calculation of ShadowBytes from calculating ASanStackFrameLayout
Summary: No functional changes, just refactoring to make D23947 simpler.

Reviewers: eugenis

Subscribers: llvm-commits

Differential Revision: https://reviews.llvm.org/D23954

llvm-svn: 279982
2016-08-29 17:41:29 +00:00
Vitaly Buka 0672a27bb5 [asan] Use 1 byte aligned stores to poison shadow memory
Summary: r279379 introduced crash on arm 32bit bot. I suspect this is alignment issue.

Reviewers: eugenis

Subscribers: llvm-commits, aemerson

Differential Revision: https://reviews.llvm.org/D23762

llvm-svn: 279413
2016-08-22 04:16:14 +00:00
Vitaly Buka 1f9e135023 [asan] Minimize code size by using __asan_set_shadow_* for large blocks
Summary:
We can insert function call instead of multiple store operation.
Current default is blocks larger than 64 bytes.
Changes are hidden behind -asan-experimental-poisoning flag.

PR27453

Differential Revision: https://reviews.llvm.org/D23711

llvm-svn: 279383
2016-08-20 20:23:50 +00:00
Vitaly Buka 3455b9b8bc [asan] Initialize __asan_set_shadow_* callbacks
Summary:
Callbacks are not being used yet.

PR27453

Reviewers: kcc, eugenis

Subscribers: llvm-commits

Differential Revision: https://reviews.llvm.org/D23634

llvm-svn: 279380
2016-08-20 18:34:39 +00:00
Vitaly Buka 186280daa5 [asan] Optimize store size in FunctionStackPoisoner::poisonRedZones
Summary: Reduce store size to avoid leading and trailing zeros.

Reviewers: kcc, eugenis

Subscribers: llvm-commits

Differential Revision: https://reviews.llvm.org/D23648

llvm-svn: 279379
2016-08-20 18:34:36 +00:00
Vitaly Buka 5b4f12176c [asan] Cleanup instrumentation of dynamic allocas
Summary:
Extract instrumenting dynamic allocas into separate method.
Rename asan-instrument-allocas -> asan-instrument-dynamic-allocas

Differential Revision: https://reviews.llvm.org/D23707

llvm-svn: 279376
2016-08-20 17:22:27 +00:00
Vitaly Buka f9fd63ad39 [asan] Add support of lifetime poisoning into ComputeASanStackFrameLayout
Summary:
We are going to combine poisoning of red zones and scope poisoning.

PR27453

Reviewers: kcc, eugenis

Subscribers: llvm-commits

Differential Revision: https://reviews.llvm.org/D23623

llvm-svn: 279373
2016-08-20 16:48:24 +00:00
Vitaly Buka e149b392a8 Revert "[asan] Add support of lifetime poisoning into ComputeASanStackFrameLayout"
This reverts commit r279020.

Speculative revert in hope to fix asan test on arm.

llvm-svn: 279332
2016-08-19 22:12:58 +00:00
Vitaly Buka 170dede75d Revert "[asan] Optimize store size in FunctionStackPoisoner::poisonRedZones"
This reverts commit r279178.

Speculative revert in hope to fix asan crash on arm.

llvm-svn: 279277
2016-08-19 17:15:38 +00:00
Vitaly Buka c8f4d69c82 Revert "[asan] Fix size of shadow incorrectly calculated in r279178"
This reverts commit r279222.

Speculative revert in hope to fix asan crash on arm.

llvm-svn: 279276
2016-08-19 17:15:33 +00:00
Vitaly Buka b81960a6c8 [asan] Fix size of shadow incorrectly calculated in r279178
Summary: r279178 generates 8 times more stores than necessary.

Reviewers: eugenis

Subscribers: llvm-commits

Differential Revision: https://reviews.llvm.org/D23708

llvm-svn: 279222
2016-08-19 08:33:53 +00:00
Vitaly Buka aa654292bd [asan] Optimize store size in FunctionStackPoisoner::poisonRedZones
Summary: Reduce store size to avoid leading and trailing zeros.

Reviewers: kcc, eugenis

Subscribers: llvm-commits

Differential Revision: https://reviews.llvm.org/D23648

llvm-svn: 279178
2016-08-18 23:51:15 +00:00
Vitaly Buka d5ec14989d [asan] Add support of lifetime poisoning into ComputeASanStackFrameLayout
Summary:
We are going to combine poisoning of red zones and scope poisoning.

PR27453

Reviewers: kcc, eugenis

Subscribers: llvm-commits

Differential Revision: https://reviews.llvm.org/D23623

llvm-svn: 279020
2016-08-18 00:56:58 +00:00
Vitaly Buka 1ce73ef11c [Asan] Unpoison red zones even if use-after-scope was disabled with runtime flag
Summary: PR27453

Reviewers: eugenis

Subscribers: llvm-commits

Differential Revision: https://reviews.llvm.org/D23481

llvm-svn: 278818
2016-08-16 16:24:10 +00:00
Vitaly Buka 21a9e573ed [asan] Add const into few methods
Summary: No functional changes

Reviewers: eugenis

Subscribers: llvm-commits

Differential Revision: https://reviews.llvm.org/D22899

llvm-svn: 277069
2016-07-28 22:50:50 +00:00
Vitaly Buka e3a032a740 Unpoison stack before resume instruction
Summary:
Clang inserts cleanup code before resume similar way as before return instruction.
This makes asan poison local variables causing false use-after-scope reports.

__asan_handle_no_return does not help here as it was executed before
llvm.lifetime.end inserted into resume block.

To avoid false report we need to unpoison stack for resume same way as for return.

PR27453

Reviewers: kcc, eugenis

Differential Revision: https://reviews.llvm.org/D22661

llvm-svn: 276480
2016-07-22 22:04:38 +00:00
Vitaly Buka 53054a7024 Fix detection of stack-use-after scope for char arrays.
Summary:
Clang inserts GetElementPtrInst so findAllocaForValue was not
able to find allocas.

PR27453

Reviewers: kcc, eugenis

Differential Revision: https://reviews.llvm.org/D22657

llvm-svn: 276374
2016-07-22 00:56:17 +00:00
Ryan Govostes e51401bdab [asan] Add a hidden option for Mach-O global metadata liveness tracking
llvm-svn: 274578
2016-07-05 21:53:08 +00:00
Kuba Brecka 7d03ce480a [asan] fix false dynamic-stack-buffer-overflow report with constantly-sized dynamic allocas, LLVM part
See the bug report at https://github.com/google/sanitizers/issues/691. When a dynamic alloca has a constant size, ASan instrumentation will treat it as a regular dynamic alloca (insert calls to poison and unpoison), but the backend will turn it into a regular stack variable. The poisoning/unpoisoning is then broken. This patch will treat such allocas as static.

Differential Revision: http://reviews.llvm.org/D21509

llvm-svn: 273888
2016-06-27 15:57:08 +00:00
Benjamin Kramer 135f735af1 Apply clang-tidy's modernize-loop-convert to most of lib/Transforms.
Only minor manual fixes. No functionality change intended.

llvm-svn: 273808
2016-06-26 12:28:59 +00:00
Vedant Kumar f5ac6d49e4 [asan] Do not instrument accesses to profiling globals
It's only useful to asan-itize profiling globals while debugging llvm's
profiling instrumentation passes. Enabling asan along with instrprof or
gcov instrumentation shouldn't incur extra overhead.

This patch is in the same spirit as r264805 and r273202, which disabled
tsan instrumentation of instrprof/gcov globals.

Differential Revision: http://reviews.llvm.org/D21541

llvm-svn: 273444
2016-06-22 17:30:58 +00:00
Anna Zaks 644d9d3a44 [asan] Do not instrument pointers with address space attributes
Do not instrument pointers with address space attributes since we cannot track
them anyway. Instrumenting them results in false positives in ASan and a
compiler crash in TSan. (The compiler should not crash in any case, but that's
a different problem.)

llvm-svn: 273339
2016-06-22 00:15:52 +00:00
Etienne Bergeron 70684f9422 This is part of the effort for asan to support Windows 64 bit.
The large offset is being tested on Windows 10 (which has larger usable
virtual address space than Windows 8 or earlier)

Patch by:  Wei Wang
Differential Revision: http://reviews.llvm.org/D21523

llvm-svn: 273269
2016-06-21 15:07:29 +00:00
Marcin Koscielnicki 3feda222c6 [sanitizers] Disable target-specific lowering of string functions.
CodeGen has hooks that allow targets to emit specialized code instead
of calls to memcmp, memchr, strcpy, stpcpy, strcmp, strlen, strnlen.
When ASan/MSan/TSan/ESan is in use, this sidesteps its interceptors, resulting
in uninstrumented memory accesses.  To avoid that, make these sanitizers
mark the calls as nobuiltin.

Differential Revision: http://reviews.llvm.org/D19781

llvm-svn: 273083
2016-06-18 10:10:37 +00:00
Peter Collingbourne 96efdd6107 IR: Introduce local_unnamed_addr attribute.
If a local_unnamed_addr attribute is attached to a global, the address
is known to be insignificant within the module. It is distinct from the
existing unnamed_addr attribute in that it only describes a local property
of the module rather than a global property of the symbol.

This attribute is intended to be used by the code generator and LTO to allow
the linker to decide whether the global needs to be in the symbol table. It is
possible to exclude a global from the symbol table if three things are true:
- This attribute is present on every instance of the global (which means that
  the normal rule that the global must have a unique address can be broken without
  being observable by the program by performing comparisons against the global's
  address)
- The global has linkonce_odr linkage (which means that each linkage unit must have
  its own copy of the global if it requires one, and the copy in each linkage unit
  must be the same)
- It is a constant or a function (which means that the program cannot observe that
  the unique-address rule has been broken by writing to the global)

Although this attribute could in principle be computed from the module
contents, LTO clients (i.e. linkers) will normally need to be able to compute
this property as part of symbol resolution, and it would be inefficient to
materialize every module just to compute it.

See:
http://lists.llvm.org/pipermail/llvm-commits/Week-of-Mon-20160509/356401.html
http://lists.llvm.org/pipermail/llvm-commits/Week-of-Mon-20160516/356738.html
for earlier discussion.

Part of the fix for PR27553.

Differential Revision: http://reviews.llvm.org/D20348

llvm-svn: 272709
2016-06-14 21:01:22 +00:00
Vitaly Buka b451f1bdf6 Make sure that not interesting allocas are not instrumented.
Summary:
We failed to unpoison uninteresting allocas on return as unpoisoning is part of
main instrumentation which skips such allocas.

Added check -asan-instrument-allocas for dynamic allocas. If instrumentation of
dynamic allocas is disabled it will not will not be unpoisoned.

PR27453

Reviewers: kcc, eugenis

Subscribers: llvm-commits

Differential Revision: http://reviews.llvm.org/D21207

llvm-svn: 272341
2016-06-09 23:31:59 +00:00
Vitaly Buka 79b75d3d11 Unpoison stack memory in use-after-return + use-after-scope mode
Summary:
We still want to unpoison full stack even in use-after-return as it can be disabled at runtime.

PR27453

Reviewers: eugenis, kcc

Subscribers: llvm-commits

Differential Revision: http://reviews.llvm.org/D21202

llvm-svn: 272334
2016-06-09 23:05:35 +00:00
Vitaly Buka 7b8ed4f223 [asan] Rename *UAR* into *UseAfterReturn*
Summary:
To improve readability.

PR27453

Reviewers: kcc, eugenis, aizatsky

Subscribers: llvm-commits

Differential Revision: http://reviews.llvm.org/D20761

llvm-svn: 271447
2016-06-02 00:06:42 +00:00
Vitaly Buka 1e75fa4ad8 [asan] Add option to enable asan-use-after-scope from clang.
Clang will have -fsanitize-address-use-after-scope flag.

PR27453

Reviewers: kcc, eugenis, aizatsky

Subscribers: llvm-commits

Differential Revision: http://reviews.llvm.org/D20750

llvm-svn: 271067
2016-05-27 22:55:10 +00:00
Benjamin Kramer f6f815bf39 Use StringRef::startswith instead of find(...) == 0.
It's faster and easier to read.

llvm-svn: 271018
2016-05-27 16:54:57 +00:00
Rafael Espindola 83658d6e7a Return a StringRef from getSection.
This is similar to how getName is handled.

llvm-svn: 269218
2016-05-11 18:21:59 +00:00
Ryan Govostes 6194ae69fe Fix whitespace and line wrapping. NFC.
llvm-svn: 268725
2016-05-06 11:22:11 +00:00
Ryan Govostes 3f37df0326 [asan] add option to set shadow mapping offset
Allowing overriding the default ASAN shadow mapping offset with the
-asan-shadow-offset option, and allow zero to be specified for both offset and
scale.

Patch by Aaron Carroll <aaronc@apple.com>.

llvm-svn: 268724
2016-05-06 10:25:22 +00:00
Ryan Govostes 8c21be6b3e Revert "[asan] add option to set shadow mapping offset"
This reverts commit ba89768f97b1d4326acb5e33c14eb23a05c7bea7.

llvm-svn: 268588
2016-05-05 01:27:04 +00:00
Ryan Govostes 097c5b051c [asan] add option to set shadow mapping offset
Allowing overriding the default ASAN shadow mapping offset with the
-asan-shadow-offset option, and allow zero to be specified for both offset and
scale.

llvm-svn: 268586
2016-05-05 01:14:39 +00:00
Marcin Koscielnicki 57290f934a [ASan] Add shadow offset for SystemZ.
SystemZ on Linux currently has 53-bit address space.  In theory, the hardware
could support a full 64-bit address space, but that's not supported due to
kernel limitations (it'd require 5-level page tables), and there are no plans
for that.  The default process layout stays within first 4TB of address space
(to avoid creating 4-level page tables), so any offset >= (1 << 42) is fine.
Let's use 1 << 52 here, ie. exactly half the address space.

I've originally used 7 << 50 (uses top 1/8th of the address space), but ASan
runtime assumes there's some space after the shadow area.  While this is
fixable, it's simpler to avoid the issue entirely.

Also, I've originally wanted to have the shadow aligned to 1/8th the address
space, so that we can use OR like X86 to assemble the offset.  I no longer
think it's a good idea, since using ADD enables us to load the constant just
once and use it with register + register indexed addressing.

Differential Revision: http://reviews.llvm.org/D19650

llvm-svn: 268161
2016-04-30 09:57:34 +00:00
Mike Aizatsky 243b71fd8b Fixed flag description
Summary:
asan-use-after-return control feature we call use-after-return or
stack-use-after-return.

Reviewers: kcc, aizatsky, eugenis

Subscribers: llvm-commits

Differential Revision: http://reviews.llvm.org/D19284

llvm-svn: 267064
2016-04-21 22:00:13 +00:00
Kostya Serebryany a83bfeac9d Rename asan-check-lifetime into asan-stack-use-after-scope
Summary:
This is done for consistency with asan-use-after-return.
I see no other users than tests.

Reviewers: aizatsky, kcc

Differential Revision: http://reviews.llvm.org/D19306

llvm-svn: 266906
2016-04-20 20:02:58 +00:00
Mehdi Amini b550cb1750 [NFC] Header cleanup
Removed some unused headers, replaced some headers with forward class declarations.

Found using simple scripts like this one:
clear && ack --cpp -l '#include "llvm/ADT/IndexedMap.h"' | xargs grep -L 'IndexedMap[<]' | xargs grep -n --color=auto 'IndexedMap'

Patch by Eugene Kosov <claprix@yandex.ru>

Differential Revision: http://reviews.llvm.org/D19219

From: Mehdi Amini <mehdi.amini@apple.com>
llvm-svn: 266595
2016-04-18 09:17:29 +00:00
Aaron Ballman ef0fe1eed8 Silencing warnings from MSVC 2015 Update 2. All of these changes silence "C4334 '<<': result of 32-bit shift implicitly converted to 64 bits (was 64-bit shift intended?)". NFC.
llvm-svn: 264929
2016-03-30 21:30:00 +00:00
Ryan Govostes 653f9d0273 [asan] Support dead code stripping on Mach-O platforms
On OS X El Capitan and iOS 9, the linker supports a new section
attribute, live_support, which allows dead stripping to remove dead
globals along with the ASAN metadata about them.

With this change __asan_global structures are emitted in a new
__DATA,__asan_globals section on Darwin.

Additionally, there is a __DATA,__asan_liveness section with the
live_support attribute. Each entry in this section is simply a tuple
that binds together the liveness of a global variable and its ASAN
metadata structure. Thus the metadata structure will be alive if and
only if the global it references is also alive.

Review: http://reviews.llvm.org/D16737
llvm-svn: 264645
2016-03-28 20:28:57 +00:00
Pete Cooper adebb9379a Remove llvm::getDISubprogram in favor of Function::getSubprogram
llvm::getDISubprogram walks the instructions in a function, looking for one in the scope of the current function, so that it can find the !dbg entry for the subprogram itself.

Now that !dbg is attached to functions, this should not be necessary. This patch changes all uses to just query the subprogram directly on the function.

Ideally this should be NFC, but in reality its possible that a function:

has no !dbg (in which case there's likely a bug somewhere in an opt pass), or
that none of the instructions had a scope referencing the function, so we used to not find the !dbg on the function but now we will

Reviewed by Duncan Exon Smith.

Differential Revision: http://reviews.llvm.org/D18074

llvm-svn: 263184
2016-03-11 02:14:16 +00:00
Anna Zaks 40148f1716 [asan] Do not instrument globals in the special "LLVM" sections
llvm-svn: 261794
2016-02-24 22:12:18 +00:00
Maxim Ostapenko b1e3f60fb9 [asan] Introduce new hidden -asan-use-private-alias option.
As discussed in https://github.com/google/sanitizers/issues/398, with current
implementation of poisoning globals we can have some CHECK failures or false
positives in case of mixing instrumented and non-instrumented code due to ASan
poisons innocent globals from non-sanitized binary/library. We can use private
aliases to avoid such errors. In addition, to preserve ODR violation detection,
we introduce new __odr_asan_gen_XXX symbol for each instrumented global that
indicates if this global was already registered. To detect ODR violation in
runtime, we should only check the value of indicator and report an error if it
isn't equal to zero.

Differential Revision: http://reviews.llvm.org/D15642

llvm-svn: 260075
2016-02-08 08:30:57 +00:00
Anna Zaks 3b50e70bbe [asan] Add iOS support to AddressSanitzier
Differential Revision: http://reviews.llvm.org/D15625

llvm-svn: 259586
2016-02-02 22:05:07 +00:00
Manuel Jacob 5f6eaac611 GlobalValue: use getValueType() instead of getType()->getPointerElementType().
Reviewers: mjacob

Subscribers: jholewinski, arsenm, dsanders, dblaikie

Patch by Eduard Burtescu.

Differential Revision: http://reviews.llvm.org/D16260

llvm-svn: 257999
2016-01-16 20:30:46 +00:00
Keno Fischer e03fae4f1c [ASAN] Add doFinalization to reset state
Summary: If the same pass manager is used for multiple modules ASAN
complains about GlobalsMD being initialized twice. Fix this by
resetting GlobalsMD in a new doFinalization method to allow this
use case.

Reviewers: kcc

Subscribers: llvm-commits

Differential Revision: http://reviews.llvm.org/D14962

llvm-svn: 254851
2015-12-05 14:42:34 +00:00
Yury Gribov 6ff0a66b09 [asan] Fix dynamic allocas unpoisoning on PowerPC64.
For PowerPC64 we cannot just pass SP extracted from @llvm.stackrestore to
_asan_allocas_unpoison due to specific ABI requirements
(http://refspecs.linuxfoundation.org/ELF/ppc64/PPC-elf64abi.html#DYNAM-STACK).
This patch adds the value returned by @llvm.get.dynamic.area.offset to
extracted from @llvm.stackrestore stack pointer, so dynamic allocas unpoisoning
stuff would work correctly on PowerPC64.

Patch by Max Ostapenko.

Differential Revision: http://reviews.llvm.org/D15108

llvm-svn: 254707
2015-12-04 09:19:14 +00:00
Davide Italiano c807f487f7 Follow up to r253591. Turn into an assertion.
Reported by: David Blaikie.

llvm-svn: 253605
2015-11-19 21:50:08 +00:00
Davide Italiano 193c4edffb [AddressSanitizer] assert(false) -> llvm_unreachable and remove return.
llvm-svn: 253591
2015-11-19 19:28:23 +00:00
Yury Gribov d7731988ef [ASan] Enable optional ASan recovery.
Differential Revision: http://reviews.llvm.org/D14242

llvm-svn: 252719
2015-11-11 10:36:49 +00:00
Adhemerval Zanella 35891fe6aa [sanitizer] Use same shadow offset for ASAN on aarch64
This patch makes ASAN for aarch64 use the same shadow offset for all
currently supported VMAs (39 and 42 bits).  The shadow offset is the
same for 39-bit (36).  Similar to ppc64 port, aarch64 transformation
also requires to use an add instead of 'or' for 42-bit VMA.

llvm-svn: 252495
2015-11-09 18:03:48 +00:00
Alexey Samsonov 55fda1be94 [ASan] Disable instrumentation for inalloca variables.
inalloca variables were not treated as static allocas, therefore didn't
participate in regular stack instrumentation. We don't want them to
participate in dynamic alloca instrumentation as well.

llvm-svn: 252213
2015-11-05 21:18:41 +00:00
Alexey Samsonov 145b0fd2a0 Refactor: Simplify boolean conditional return statements in lib/Transforms/Instrumentation
Summary: Use clang-tidy to simplify boolean conditional return statements.

Differential Revision: http://reviews.llvm.org/D9996

Patch by Richard (legalize@xmission.com)!

llvm-svn: 251318
2015-10-26 18:06:40 +00:00
Alexey Samsonov f4fb5f500c [ASan] Enable instrumentation of dynamic allocas by default.
llvm-svn: 251056
2015-10-22 20:07:28 +00:00
Alexey Samsonov 8daaf8b09b [ASan] Minor fixes to dynamic allocas handling:
* Don't instrument promotable dynamic allocas:
  We already have a test that checks that promotable dynamic allocas are
  ignored, as well as static promotable allocas. Make sure this test will
  still pass if/when we enable dynamic alloca instrumentation by default.

* Handle lifetime intrinsics before handling dynamic allocas:
  lifetime intrinsics may refer to dynamic allocas, so we need to emit
  instrumentation before these dynamic allocas would be replaced.

Differential Revision: http://reviews.llvm.org/D12704

llvm-svn: 251045
2015-10-22 19:51:59 +00:00
Keno Fischer a010cfa592 Fix missing INITIALIZE_PASS_DEPENDENCY for AddressSanitizer
Summary: In r231241, TargetLibraryInfoWrapperPass was added to
`getAnalysisUsage` for `AddressSanitizer`, but the corresponding
`INITIALIZE_PASS_DEPENDENCY` was not added.

Reviewers: dvyukov, chandlerc, kcc

Subscribers: kcc, llvm-commits

Differential Revision: http://reviews.llvm.org/D13629

llvm-svn: 250813
2015-10-20 10:13:55 +00:00
Duncan P. N. Exon Smith e82c286fba Instrumentation: Remove ilist iterator implicit conversions, NFC
llvm-svn: 250186
2015-10-13 17:39:10 +00:00
Evgeniy Stepanov 5fe279e727 Add Triple::isAndroid().
This is a simple refactoring that replaces Triple.getEnvironment()
checks for Android with Triple.isAndroid().

llvm-svn: 249750
2015-10-08 21:21:24 +00:00
Hans Wennborg 083ca9bb32 Fix Clang-tidy modernize-use-nullptr warnings in source directories and generated files; other minor cleanups.
Patch by Eugene Zelenko!

Differential Revision: http://reviews.llvm.org/D13321

llvm-svn: 249482
2015-10-06 23:24:35 +00:00
Alexey Samsonov c1603b6493 [ASan] Don't instrument globals in .preinit_array/.init_array/.fini_array
These sections contain pointers to function that should be invoked
during startup/shutdown by __libc_csu_init and __libc_csu_fini.
Instrumenting these globals will append redzone to them, which will be
filled with zeroes. This will cause null pointer dereference at runtime.

Merge ASan regression tests for globals that should be ignored by
instrumentation pass.

llvm-svn: 247734
2015-09-15 23:05:48 +00:00
Adhemerval Zanella e00b497242 [asan] Add ASAN support for AArch64 42-bit VMA
This patch adds support for asan on aarch64-linux with 42-bit VMA
(current default config for 64K pagesize kernels).  The support is
enabled by defining the SANITIZER_AARCH64_VMA to 42 at build time
for both clang/llvm and compiler-rt.  The default VMA is 39 bits.

llvm-svn: 245594
2015-08-20 18:30:40 +00:00
Craig Topper e3dcce9700 De-constify pointers to Type since they can't be modified. NFC
This was already done in most places a while ago. This just fixes the ones that crept in over time.

llvm-svn: 243842
2015-08-01 22:20:21 +00:00
Alexey Samsonov 869a5ff37f [ASan] Disable dynamic alloca and UAR detection in presence of returns_twice calls.
Summary:
returns_twice (most importantly, setjmp) functions are
optimization-hostile: if local variable is promoted to register, and is
changed between setjmp() and longjmp() calls, this update will be
undone. This is the reason why "man setjmp" advises to mark all these
locals as "volatile".

This can not be enough for ASan, though: when it replaces static alloca
with dynamic one, optionally called if UAR mode is enabled, it adds a
whole lot of SSA values, and computations of local variable addresses,
that can involve virtual registers, and cause unexpected behavior, when
these registers are restored from buffer saved in setjmp.

To fix this, just disable dynamic alloca and UAR tricks whenever we see
a returns_twice call in the function.

Reviewers: rnk

Subscribers: llvm-commits, kcc

Differential Revision: http://reviews.llvm.org/D11495

llvm-svn: 243561
2015-07-29 19:36:08 +00:00
Evgeniy Stepanov 4d81f86d97 [asan] Remove special case mapping on Android/AArch64.
ASan shadow on Android starts at address 0 for both historic and
performance reasons. This is possible because the platform mandates
-pie, which makes lower memory region always available.

This is not such a good idea on 64-bit platforms because of MAP_32BIT
incompatibility.

This patch changes Android/AArch64 mapping to be the same as that of
Linux/AAarch64.

llvm-svn: 243548
2015-07-29 18:22:25 +00:00
Kuba Brecka 45dbffdc3d [asan] Rename the ABI versioning symbol to '__asan_version_mismatch_check' instead of abusing '__asan_init'
We currently version `__asan_init` and when the ABI version doesn't match, the linker gives a `undefined reference to '__asan_init_v5'` message. From this, it might not be obvious that it's actually a version mismatch error. This patch makes the error message much clearer by changing the name of the undefined symbol to be `__asan_version_mismatch_check_xxx` (followed by the version string). We obviously don't want the initializer to be named like that, so it's a separate symbol that is used only for the purpose of version checking.

Reviewed at http://reviews.llvm.org/D11004

llvm-svn: 243003
2015-07-23 10:54:06 +00:00
Kuba Brecka 8ec94ead7d [asan] Improve moving of non-instrumented allocas
In r242510, non-instrumented allocas are now moved into the first basic block.  This patch limits that to only move allocas that are present *after* the first instrumented one (i.e. only move allocas up).  A testcase was updated to show behavior in these two cases.  Without the patch, an alloca could be moved down, and could cause an invalid IR.

Differential Revision: http://reviews.llvm.org/D11339

llvm-svn: 242883
2015-07-22 10:25:38 +00:00
Reid Kleckner 2f907557c3 Re-land 242726 to use RAII to do cleanup
The LooksLikeCodeInBug11395() codepath was returning without clearing
the ProcessedAllocas cache.

llvm-svn: 242809
2015-07-21 17:40:14 +00:00
Nico Weber f00afcc79b Revert 242726, it broke ASan on OS X.
llvm-svn: 242792
2015-07-21 15:48:53 +00:00
Reid Kleckner 87d03450a5 Don't try to instrument allocas used by outlined SEH funclets
Summary:
Arguments to llvm.localescape must be static allocas. They must be at
some statically known offset from the frame or stack pointer so that
other functions can access them with localrecover.

If we ever want to instrument these, we can use more indirection to
recover the addresses of these local variables. We can do it during
clang irgen or with the asan module pass.

Reviewers: eugenis

Subscribers: llvm-commits

Differential Revision: http://reviews.llvm.org/D11307

llvm-svn: 242726
2015-07-20 22:49:44 +00:00
Evgeniy Stepanov 9cb08f823f [asan] Fix shadow mapping on Android/AArch64.
Instrumentation and the runtime library were in disagreement about
ASan shadow offset on Android/AArch64.

This fixes a large number of existing tests on Android/AArch64.

llvm-svn: 242595
2015-07-17 23:51:18 +00:00
Kuba Brecka 7f54753180 [asan] Add a comment explaining why non-instrumented allocas are moved.
Addition to r242510.

llvm-svn: 242561
2015-07-17 19:20:21 +00:00
Kuba Brecka 37a5ffaca0 [asan] Fix invalid debug info for promotable allocas
Since r230724 ("Skip promotable allocas to improve performance at -O0"), there is a regression in the generated debug info for those non-instrumented variables. When inspecting such a variable's value in LLDB, you often get garbage instead of the actual value. ASan instrumentation is inserted before the creation of the non-instrumented alloca. The only allocas that are considered standard stack variables are the ones declared in the first basic-block, but the initial instrumentation setup in the function breaks that invariant.

This patch makes sure uninstrumented allocas stay in the first BB.

Differential Revision: http://reviews.llvm.org/D11179

llvm-svn: 242510
2015-07-17 06:29:57 +00:00
Alexey Samsonov 773e8c3966 [ASan] Use llvm::getDISubprogram() to get function entry debug location.
It can be more robust than copying debug info from first non-alloca
instruction in the entry basic block. We use the same strategy in
coverage instrumentation.

llvm-svn: 240738
2015-06-26 00:00:47 +00:00
Anna Zaks 785c075786 [asan] Do not instrument special purpose LLVM sections.
Do not instrument globals that are placed in sections containing "__llvm"
in their name.

This fixes a bug in ASan / PGO interoperability. ASan interferes with LLVM's
PGO, which places its globals into a special section, which is memcpy-ed by
the linker as a whole. When those goals are instrumented, ASan's memcpy wrapper
reports an issue.

http://reviews.llvm.org/D10541

llvm-svn: 240723
2015-06-25 23:35:48 +00:00
Anna Zaks 4f652b69b1 [asan] Don't run stack malloc on functions containing inline assembly.
It makes LLVM run out of registers even on 64-bit platforms. For example, the
following test case fails on darwin.

clang -cc1 -O0 -triple x86_64-apple-macosx10.10.0 -emit-obj -fsanitize=address -mstackrealign -o ~/tmp/ex.o -x c ex.c
error: inline assembly requires more registers than available

void TestInlineAssembly(const unsigned char *S, unsigned int pS, unsigned char *D, unsigned int pD, unsigned int h) {

unsigned int sr = 4, pDiffD = pD - 5;
unsigned int pDiffS = (pS << 1) - 5;
char flagSA = ((pS & 15) == 0),
flagDA = ((pD & 15) == 0);
asm volatile (
  "mov %0,  %%"PTR_REG("si")"\n"
  "mov %2,  %%"PTR_REG("cx")"\n"
  "mov %1,  %%"PTR_REG("di")"\n"
  "mov %8,  %%"PTR_REG("ax")"\n"
  :
  : "m" (S), "m" (D), "m" (pS), "m" (pDiffS), "m" (pDiffD), "m" (sr), "m" (flagSA), "m" (flagDA), "m" (h)
  : "%"PTR_REG("si"), "%"PTR_REG("di"), "%"PTR_REG("ax"), "%"PTR_REG("cx"), "%"PTR_REG("dx"), "memory"
);
}

http://reviews.llvm.org/D10719

llvm-svn: 240722
2015-06-25 23:35:45 +00:00
Alexander Potapenko b9b73ef906 [ASan] Initial support for Kernel AddressSanitizer
This patch adds initial support for the -fsanitize=kernel-address flag to Clang.
Right now it's quite restricted: only out-of-line instrumentation is supported, globals are not instrumented, some GCC kasan flags are not supported.
Using this patch I am able to build and boot the KASan tree with LLVMLinux patches from github.com/ramosian-glider/kasan/tree/kasan_llvmlinux.
To disable KASan instrumentation for a certain function attribute((no_sanitize("kernel-address"))) can be used.

llvm-svn: 240131
2015-06-19 12:19:07 +00:00
Alexander Potapenko f90556efb8 [ASan] format AddressSanitizer.cpp with `clang-format -style=Google`, NFC
llvm-svn: 239601
2015-06-12 11:27:06 +00:00
Anna Zaks 119046098a [asan] Prevent __attribute__((annotate)) triggering errors on Darwin
The following code triggers a fatal error in the compiler instrumentation
of ASan on Darwin because we place the attribute into llvm.metadata section,
which does not have the proper MachO section name.

void foo() __attribute__((annotate("custom")));
void foo() {;}

This commit reorders the checks so that we skip everything in llvm.metadata
first. It also removes the hard failure in case the section name does not
parse. That check will be done lower in the compilation pipeline anyway.

(Reviewed in http://reviews.llvm.org/D9093.)

llvm-svn: 239379
2015-06-09 00:58:08 +00:00
Yury Gribov 781bce2b94 [ASan] Fix previous commit. Patch by Max Ostapenko!
llvm-svn: 238403
2015-05-28 08:03:28 +00:00
Yury Gribov 98b18599a6 [ASan] New approach to dynamic allocas unpoisoning. Patch by Max Ostapenko!
Differential Revision: http://reviews.llvm.org/D7098

llvm-svn: 238402
2015-05-28 07:51:49 +00:00
David Blaikie ff6409d096 Simplify IRBuilder::CreateCall* by using ArrayRef+initializer_list/braced init only
llvm-svn: 237624
2015-05-18 22:13:54 +00:00
Pete Cooper 833f34d837 Convert PHI getIncomingValue() to foreach over incoming_values(). NFC.
We already had a method to iterate over all the incoming values of a PHI.  This just changes all eligible code to use it.

Ineligible code included anything which cared about the index, or was also trying to get the i'th incoming BB.

llvm-svn: 237169
2015-05-12 20:05:31 +00:00
Ismail Pazarbasi 09c3709e75 ASan: Use `createSanitizerCtor` to create ctor, and call `__asan_init`
Reviewers: kcc, samsonov

Subscribers: llvm-commits

Differential Revision: http://reviews.llvm.org/D8778

llvm-svn: 236777
2015-05-07 21:40:46 +00:00
Duncan P. N. Exon Smith a9308c49ef IR: Give 'DI' prefix to debug info metadata
Finish off PR23080 by renaming the debug info IR constructs from `MD*`
to `DI*`.  The last of the `DIDescriptor` classes were deleted in
r235356, and the last of the related typedefs removed in r235413, so
this has all baked for about a week.

Note: If you have out-of-tree code (like a frontend), I recommend that
you get everything compiling and tests passing with the *previous*
commit before updating to this one.  It'll be easier to keep track of
what code is using the `DIDescriptor` hierarchy and what you've already
updated, and I think you're extremely unlikely to insert bugs.  YMMV of
course.

Back to *this* commit: I did this using the rename-md-di-nodes.sh
upgrade script I've attached to PR23080 (both code and testcases) and
filtered through clang-format-diff.py.  I edited the tests for
test/Assembler/invalid-generic-debug-node-*.ll by hand since the columns
were off-by-three.  It should work on your out-of-tree testcases (and
code, if you've followed the advice in the previous paragraph).

Some of the tests are in badly named files now (e.g.,
test/Assembler/invalid-mdcompositetype-missing-tag.ll should be
'dicompositetype'); I'll come back and move the files in a follow-up
commit.

llvm-svn: 236120
2015-04-29 16:38:44 +00:00
Benjamin Kramer 619c4e57ba Reduce dyn_cast<> to isa<> or cast<> where possible.
No functional change intended.

llvm-svn: 234586
2015-04-10 11:24:51 +00:00
Ismail Pazarbasi 198d6d53e2 Move `checkInterfaceFunction` to ModuleUtils
Summary:
Instead of making a local copy of `checkInterfaceFunction` for each
sanitizer, move the function in a common place.

Reviewers: kcc, samsonov

Subscribers: llvm-commits

Differential Revision: http://reviews.llvm.org/D8775

llvm-svn: 234220
2015-04-06 21:09:08 +00:00
Reid Kleckner 92b9c6e6fe [ASan] Don't use stack malloc for 32-bit functions using inline asm
This prevents us from running out of registers in the backend.

Introducing stack malloc calls prevents the backend from recognizing the
inline asm operands as stack objects. When the backend recognizes a
stack object, it doesn't need to materialize the address of the memory
in a physical register. Instead it generates a simple SP-based memory
operand. Introducing a stack malloc forces the backend to find a free
register for every memory operand. 32-bit x86 simply doesn't have enough
registers for this to succeed in most cases.

Reviewers: kcc, samsonov

Differential Revision: http://reviews.llvm.org/D8790

llvm-svn: 233979
2015-04-02 21:44:55 +00:00
David Blaikie 4a2e73b066 [opaque pointer type] API migration for GEP constant factories
Require the pointee type to be passed explicitly and assert that it is
correct. For now it's possible to pass nullptr here (and I've done so in
a few places in this patch) but eventually that will be disallowed once
all clients have been updated or removed. It'll be a long road to get
all the way there... but if you have the cahnce to update your callers
to pass the type explicitly without depending on a pointer's element
type, that would be a good thing to do soon and a necessary thing to do
eventually.

llvm-svn: 233938
2015-04-02 18:55:32 +00:00
Anna Zaks bf28d3aa33 [asan] Speed up isInterestingAlloca check
We make many redundant calls to isInterestingAlloca in the AddressSanitzier
pass. This is especially inefficient for allocas that have many uses. Let's
cache the results to speed up compilation.

The compile time improvements depend on the input. I did not see much
difference on benchmarks; however, I have a test case where compile time
goes from minutes to under a second.

llvm-svn: 233397
2015-03-27 18:52:01 +00:00
Benjamin Kramer 799003bf8c Re-sort includes with sort-includes.py and insert raw_ostream.h where it's used.
llvm-svn: 232998
2015-03-23 19:32:43 +00:00
Kostya Serebryany b1870a64cf [asan] remove redundant ifndefs. NFC
llvm-svn: 232521
2015-03-17 19:13:23 +00:00
Dmitry Vyukov 618d580ec9 asan: optimization experiments
The experiments can be used to evaluate potential optimizations that remove
instrumentation (assess false negatives). Instead of completely removing
some instrumentation, you set Exp to a non-zero value (mask of optimization
experiments that want to remove instrumentation of this instruction).
If Exp is non-zero, this pass will emit special calls into runtime
(e.g. __asan_report_exp_load1 instead of __asan_report_load1). These calls
make runtime terminate the program in a special way (with a different
exit status). Then you run the new compiler on a buggy corpus, collect
the special terminations (ideally, you don't see them at all -- no false
negatives) and make the decision on the optimization.

The exact reaction to experiments in runtime is not implemented in this patch.
It will be defined and implemented in a subsequent patch.

http://reviews.llvm.org/D8198

llvm-svn: 232502
2015-03-17 16:59:19 +00:00
Gabor Horvath fee043439c [llvm] Replacing asserts with static_asserts where appropriate
Summary:
This patch consists of the suggestions of clang-tidy/misc-static-assert check.


Reviewers: alexfh

Reviewed By: alexfh

Subscribers: xazax.hun, llvm-commits

Differential Revision: http://reviews.llvm.org/D8343

llvm-svn: 232366
2015-03-16 09:53:42 +00:00
Dmitry Vyukov ee842385ad asan: fix overflows in isSafeAccess
As pointed out in http://reviews.llvm.org/D7583
The current checks can cause overflows when object size/access offset cross Quintillion bytes.

http://reviews.llvm.org/D8193

llvm-svn: 232358
2015-03-16 08:04:26 +00:00
Mehdi Amini a28d91d81b DataLayout is mandatory, update the API to reflect it with references.
Summary:
Now that the DataLayout is a mandatory part of the module, let's start
cleaning the codebase. This patch is a first attempt at doing that.

This patch is not exactly NFC as for instance some places were passing
a nullptr instead of the DataLayout, possibly just because there was a
default value on the DataLayout argument to many functions in the API.
Even though it is not purely NFC, there is no change in the
validation.

I turned as many pointer to DataLayout to references, this helped
figuring out all the places where a nullptr could come up.

I had initially a local version of this patch broken into over 30
independant, commits but some later commit were cleaning the API and
touching part of the code modified in the previous commits, so it
seemed cleaner without the intermediate state.

Test Plan:

Reviewers: echristo

Subscribers: llvm-commits

From: Mehdi Amini <mehdi.amini@apple.com>
llvm-svn: 231740
2015-03-10 02:37:25 +00:00
Mehdi Amini 46a43556db Make DataLayout Non-Optional in the Module
Summary:
DataLayout keeps the string used for its creation.

As a side effect it is no longer needed in the Module.
This is "almost" NFC, the string is no longer
canonicalized, you can't rely on two "equals" DataLayout
having the same string returned by getStringRepresentation().

Get rid of DataLayoutPass: the DataLayout is in the Module

The DataLayout is "per-module", let's enforce this by not
duplicating it more than necessary.
One more step toward non-optionality of the DataLayout in the
module.

Make DataLayout Non-Optional in the Module

Module->getDataLayout() will never returns nullptr anymore.

Reviewers: echristo

Subscribers: resistor, llvm-commits, jholewinski

Differential Revision: http://reviews.llvm.org/D7992

From: Mehdi Amini <mehdi.amini@apple.com>
llvm-svn: 231270
2015-03-04 18:43:29 +00:00
Dmitry Vyukov b37b95ed3e asan: do not instrument direct inbounds accesses to stack variables
Do not instrument direct accesses to stack variables that can be
proven to be inbounds, e.g. accesses to fields of structs on stack.

But it eliminates 33% of instrumentation on webrtc/modules_unittests
(number of memory accesses goes down from 290152 to 193998) and
reduces binary size by 15% (from 74M to 64M) and improved compilation time by 6-12%.

The optimization is guarded by asan-opt-stack flag that is off by default.

http://reviews.llvm.org/D7583

llvm-svn: 231241
2015-03-04 13:27:53 +00:00
Anna Zaks 8ed1d8196b [asan] Skip promotable allocas to improve performance at -O0
Currently, the ASan executables built with -O0 are unnecessarily slow.
The main reason is that ASan instrumentation pass inserts redundant
checks around promotable allocas. These allocas do not get instrumented
under -O1 because they get converted to virtual registered by mem2reg.
With this patch, ASan instrumentation pass will only instrument non
promotable allocas, giving us a speedup of 39% on a collection of
benchmarks with -O0. (There is no measurable speedup at -O1.)

llvm-svn: 230724
2015-02-27 03:12:36 +00:00
Kuba Brecka f5875d3026 Fix alloca_instruments_all_paddings.cc test to work under higher -O levels (llvm part)
When AddressSanitizer only a single dynamic alloca and no static allocas, due to an early exit from FunctionStackPoisoner::poisonStack we forget to unpoison the dynamic alloca.  This patch fixes that.

Reviewed at http://reviews.llvm.org/D7810

llvm-svn: 230316
2015-02-24 09:47:05 +00:00
Alexey Samsonov 19763c48df [ASan] Enable -asan-stack-dynamic-alloca by default.
By default, store all local variables in dynamic alloca instead of
static one. It reduces the stack space usage in use-after-return mode
(dynamic alloca will not be called if the local variables are stored
in a fake stack), and improves the debug info quality for local
variables (they will not be described relatively to %rbp/%rsp, which
are assumed to be clobbered by function calls).

llvm-svn: 228336
2015-02-05 19:39:20 +00:00
Renato Golin af213728cc Adding AArch64 support to ASan instrumentation
For the time being, it is still hardcoded to support only the 39 VA bits
variant, I plan to work on supporting 42 and 48 VA bits variants, but I
don't have access to such hardware at the moment.

Patch by Chrystophe Lyon.

llvm-svn: 227965
2015-02-03 11:20:45 +00:00
Kumar Sukhani 9559a5c05e [asan][mips] Fix MIPS64 Asan mapping
llvm-svn: 227684
2015-01-31 10:43:18 +00:00
Adrian Prantl 3e2659eb92 Inliner: Use replaceDbgDeclareForAlloca() instead of splicing the
instruction and generalize it to optionally dereference the variable.
Follow-up to r227544.

llvm-svn: 227604
2015-01-30 19:37:48 +00:00
Timur Iskhodzhanov b4b6b74079 [ASan/Win] Move the shadow to 0x30000000
llvm-svn: 226809
2015-01-22 12:24:21 +00:00
Timur Iskhodzhanov 00ede84084 [ASan] Move the shadow on Windows 32-bit from 0x20000000 to 0x40000000
llvm-svn: 225641
2015-01-12 17:38:58 +00:00
Alexey Samsonov 4b7f413e3e [ASan] Change fake stack and local variables handling.
This commit changes the way we get fake stack from ASan runtime
(to find use-after-return errors) and the way we represent local
variables:
  - __asan_stack_malloc function now returns pointer to newly allocated
    fake stack frame, or NULL if frame cannot be allocated. It doesn't
    take pointer to real stack as an input argument, it is calculated
    inside the runtime.
  - __asan_stack_free function doesn't take pointer to real stack as
    an input argument. Now this function is never called if fake stack
    frame wasn't allocated.
  - __asan_init version is bumped to reflect changes in the ABI.
  - new flag "-asan-stack-dynamic-alloca" allows to store all the
    function local variables in a dynamic alloca, instead of the static
    one. It reduces the stack space usage in use-after-return mode
    (dynamic alloca will not be called if the local variables are stored
    in a fake stack), and improves the debug info quality for local
    variables (they will not be described relatively to %rbp/%rsp, which
    are assumed to be clobbered by function calls). This flag is turned
    off by default for now, but I plan to turn it on after more
    testing.

llvm-svn: 224062
2014-12-11 21:53:03 +00:00
Duncan P. N. Exon Smith 5bf8fef580 IR: Split Metadata from Value
Split `Metadata` away from the `Value` class hierarchy, as part of
PR21532.  Assembly and bitcode changes are in the wings, but this is the
bulk of the change for the IR C++ API.

I have a follow-up patch prepared for `clang`.  If this breaks other
sub-projects, I apologize in advance :(.  Help me compile it on Darwin
I'll try to fix it.  FWIW, the errors should be easy to fix, so it may
be simpler to just fix it yourself.

This breaks the build for all metadata-related code that's out-of-tree.
Rest assured the transition is mechanical and the compiler should catch
almost all of the problems.

Here's a quick guide for updating your code:

  - `Metadata` is the root of a class hierarchy with three main classes:
    `MDNode`, `MDString`, and `ValueAsMetadata`.  It is distinct from
    the `Value` class hierarchy.  It is typeless -- i.e., instances do
    *not* have a `Type`.

  - `MDNode`'s operands are all `Metadata *` (instead of `Value *`).

  - `TrackingVH<MDNode>` and `WeakVH` referring to metadata can be
    replaced with `TrackingMDNodeRef` and `TrackingMDRef`, respectively.

    If you're referring solely to resolved `MDNode`s -- post graph
    construction -- just use `MDNode*`.

  - `MDNode` (and the rest of `Metadata`) have only limited support for
    `replaceAllUsesWith()`.

    As long as an `MDNode` is pointing at a forward declaration -- the
    result of `MDNode::getTemporary()` -- it maintains a side map of its
    uses and can RAUW itself.  Once the forward declarations are fully
    resolved RAUW support is dropped on the ground.  This means that
    uniquing collisions on changing operands cause nodes to become
    "distinct".  (This already happened fairly commonly, whenever an
    operand went to null.)

    If you're constructing complex (non self-reference) `MDNode` cycles,
    you need to call `MDNode::resolveCycles()` on each node (or on a
    top-level node that somehow references all of the nodes).  Also,
    don't do that.  Metadata cycles (and the RAUW machinery needed to
    construct them) are expensive.

  - An `MDNode` can only refer to a `Constant` through a bridge called
    `ConstantAsMetadata` (one of the subclasses of `ValueAsMetadata`).

    As a side effect, accessing an operand of an `MDNode` that is known
    to be, e.g., `ConstantInt`, takes three steps: first, cast from
    `Metadata` to `ConstantAsMetadata`; second, extract the `Constant`;
    third, cast down to `ConstantInt`.

    The eventual goal is to introduce `MDInt`/`MDFloat`/etc. and have
    metadata schema owners transition away from using `Constant`s when
    the type isn't important (and they don't care about referring to
    `GlobalValue`s).

    In the meantime, I've added transitional API to the `mdconst`
    namespace that matches semantics with the old code, in order to
    avoid adding the error-prone three-step equivalent to every call
    site.  If your old code was:

        MDNode *N = foo();
        bar(isa             <ConstantInt>(N->getOperand(0)));
        baz(cast            <ConstantInt>(N->getOperand(1)));
        bak(cast_or_null    <ConstantInt>(N->getOperand(2)));
        bat(dyn_cast        <ConstantInt>(N->getOperand(3)));
        bay(dyn_cast_or_null<ConstantInt>(N->getOperand(4)));

    you can trivially match its semantics with:

        MDNode *N = foo();
        bar(mdconst::hasa               <ConstantInt>(N->getOperand(0)));
        baz(mdconst::extract            <ConstantInt>(N->getOperand(1)));
        bak(mdconst::extract_or_null    <ConstantInt>(N->getOperand(2)));
        bat(mdconst::dyn_extract        <ConstantInt>(N->getOperand(3)));
        bay(mdconst::dyn_extract_or_null<ConstantInt>(N->getOperand(4)));

    and when you transition your metadata schema to `MDInt`:

        MDNode *N = foo();
        bar(isa             <MDInt>(N->getOperand(0)));
        baz(cast            <MDInt>(N->getOperand(1)));
        bak(cast_or_null    <MDInt>(N->getOperand(2)));
        bat(dyn_cast        <MDInt>(N->getOperand(3)));
        bay(dyn_cast_or_null<MDInt>(N->getOperand(4)));

  - A `CallInst` -- specifically, intrinsic instructions -- can refer to
    metadata through a bridge called `MetadataAsValue`.  This is a
    subclass of `Value` where `getType()->isMetadataTy()`.

    `MetadataAsValue` is the *only* class that can legally refer to a
    `LocalAsMetadata`, which is a bridged form of non-`Constant` values
    like `Argument` and `Instruction`.  It can also refer to any other
    `Metadata` subclass.

(I'll break all your testcases in a follow-up commit, when I propagate
this change to assembly.)

llvm-svn: 223802
2014-12-09 18:38:53 +00:00
Kuba Brecka 1001bb533b Recommit of r223513 and r223514.
Reviewed at http://reviews.llvm.org/D6488

llvm-svn: 223532
2014-12-05 22:19:18 +00:00
Kuba Brecka 086e34bef8 Reverting r223513 and r223514.
llvm-svn: 223520
2014-12-05 21:32:46 +00:00
Kuba Brecka 1e21378a37 AddressSanitizer - Don't instrument globals from cstring_literals sections. (llvm part)
Reviewed at http://reviews.llvm.org/D6488

llvm-svn: 223513
2014-12-05 21:04:43 +00:00
Yury Gribov 3ae427d811 [asan] Change dynamic alloca instrumentation to only consider allocas that are dominating all exits from function.
Reviewed in http://reviews.llvm.org/D6412

llvm-svn: 222991
2014-12-01 08:47:58 +00:00
Simon Pilgrim a279410ede Tidied up target triple OS detection. NFC
Use Triple::isOS*() helper functions where possible.

llvm-svn: 222622
2014-11-22 19:12:10 +00:00
Kostya Serebryany 60ef25bd54 [asan] remove old experimental code
llvm-svn: 222586
2014-11-21 22:34:29 +00:00
Kostya Serebryany ea2cb6f616 [asan] add statistic counter to dynamic alloca instrumentation
llvm-svn: 222573
2014-11-21 21:25:18 +00:00
Yury Gribov 55441bb601 [asan] Add new hidden compile-time flag asan-instrument-allocas to sanitize variable-sized dynamic allocas. Patch by Max Ostapenko.
Reviewed at http://reviews.llvm.org/D6055

llvm-svn: 222519
2014-11-21 10:29:50 +00:00
David Blaikie 70573dcd9f Update SetVector to rely on the underlying set's insert to return a pair<iterator, bool>
This is to be consistent with StringSet and ultimately with the standard
library's associative container insert function.

This lead to updating SmallSet::insert to return pair<iterator, bool>,
and then to update SmallPtrSet::insert to return pair<iterator, bool>,
and then to update all the existing users of those functions...

llvm-svn: 222334
2014-11-19 07:49:26 +00:00
Kostya Serebryany cb45b126fb [asan] add experimental basic-block tracing to asan-coverage; also fix -fsanitize-coverage=3 which was broken by r221718
llvm-svn: 222290
2014-11-19 00:22:58 +00:00
David Blaikie a92765ca32 Fix 80 cols caught by the linter...
We have a linter running in our build now?

llvm-svn: 221957
2014-11-14 00:41:42 +00:00
Reid Kleckner 971c3ea67b Use nullptr instead of NULL for variadic sentinels
Windows defines NULL to 0, which when used as an argument to a variadic
function, is not a null pointer constant. As a result, Clang's
-Wsentinel fires on this code. Using '0' would be wrong on most 64-bit
platforms, but both MSVC and Clang make it work on Windows. Sidestep the
issue with nullptr.

llvm-svn: 221940
2014-11-13 22:55:19 +00:00
Kostya Serebryany 231bd088d8 [asan] adding ShadowOffset64 for mips64, patch by Kumar Sukhani
llvm-svn: 221725
2014-11-11 23:02:57 +00:00
Kostya Serebryany 29a18dcbc5 Move asan-coverage into a separate phase.
Summary:
This change moves asan-coverage instrumentation
into a separate Module pass.
The other part of the change in clang introduces a new flag
-fsanitize-coverage=N.
Another small patch will update tests in compiler-rt.

With this patch no functionality change is expected except for the flag name.
The following changes will make the coverage instrumentation work with tsan/msan

Test Plan: Run regression tests, chromium.

Reviewers: nlewycky, samsonov

Reviewed By: nlewycky, samsonov

Subscribers: llvm-commits

Differential Revision: http://reviews.llvm.org/D6152

llvm-svn: 221718
2014-11-11 22:14:37 +00:00
Duncan P. N. Exon Smith de36e8040f Revert "IR: MDNode => Value"
Instead, we're going to separate metadata from the Value hierarchy.  See
PR21532.

This reverts commit r221375.
This reverts commit r221373.
This reverts commit r221359.
This reverts commit r221167.
This reverts commit r221027.
This reverts commit r221024.
This reverts commit r221023.
This reverts commit r220995.
This reverts commit r220994.

llvm-svn: 221711
2014-11-11 21:30:22 +00:00
Rafael Espindola b7a4505a3f Base check on the section name, not the variable name.
The variable is private, so the name should not be relied on. Also, the
linker uses the sections, so asan should too when trying to avoid causing
the linker problems.

llvm-svn: 221480
2014-11-06 20:01:34 +00:00
Duncan P. N. Exon Smith c5754a65e6 IR: MDNode => Value: NamedMDNode::getOperator()
Change `NamedMDNode::getOperator()` from returning `MDNode *` to
returning `Value *`.  To reduce boilerplate at some call sites, add a
`getOperatorAsMDNode()` for named metadata that's expected to only
return `MDNode` -- for now, that's everything, but debug node named
metadata (such as llvm.dbg.cu and llvm.dbg.sp) will soon change.  This
is part of PR21433.

Note that there's a follow-up patch to clang for the API change.

llvm-svn: 221375
2014-11-05 18:16:03 +00:00
Kostya Serebryany c5bd9810cc [asan] [mips] changed ShadowOffset32 for systems having 16kb PageSize; patch by Kumar Sukhani
llvm-svn: 221288
2014-11-04 19:46:15 +00:00
Kostya Serebryany ea48bdc702 [asan] do not treat inline asm calls as indirect calls
llvm-svn: 220985
2014-10-31 18:38:23 +00:00
Kostya Serebryany 001ea5fe15 [asan] fix caller-calee instrumentation to emit new cache for every call site
llvm-svn: 220973
2014-10-31 17:11:27 +00:00
Kostya Serebryany 4f8f0c5aa2 [asan] experimental tracing for indirect calls, llvm part.
llvm-svn: 220699
2014-10-27 18:13:56 +00:00
Bob Wilson 9868d71ffe Use triple's isiOS() and isOSDarwin() methods.
These methods are already used in lots of places. This makes things more
consistent. NFC.

llvm-svn: 219386
2014-10-09 05:43:30 +00:00
Kostya Serebryany 34ddf8725c [asan] don't instrument module CTORs that may be run before asan.module_ctor. This fixes asan running together -coverage
llvm-svn: 218421
2014-09-24 22:41:55 +00:00
Kostya Serebryany 3175521844 [asan] fix debug info produced for asan-coverage=2
llvm-svn: 217106
2014-09-03 23:24:18 +00:00
Kostya Serebryany 351b078b6d [asan] add -asan-coverage=3: instrument all blocks and critical edges.
llvm-svn: 217098
2014-09-03 22:37:37 +00:00
Kostya Serebryany ad23852ac3 [asan] Assign a low branch weight to ASan's slow path, patch by Jonas Wagner. This speeds up asan (at least on SPEC) by 1%-5% or more. Also fix lint in dfsan.
llvm-svn: 216972
2014-09-02 21:46:51 +00:00
Craig Topper 3af9722529 Fix some cases were ArrayRefs were being passed by reference. Also remove 'const' from some other ArrayRef uses since its implicitly const already.
llvm-svn: 216524
2014-08-27 05:25:00 +00:00
Alexey Samsonov d9ad5cec0c [ASan] Use metadata to pass source-level information from Clang to ASan.
Instead of creating global variables for source locations and global names,
just create metadata nodes and strings. They will be transformed into actual
globals in the instrumentation pass (if necessary). This approach is more
flexible:
1) we don't have to ensure that our custom globals survive all the optimizations
2) if globals are discarded for some reason, we will simply ignore metadata for them
   and won't have to erase corresponding globals
3) metadata for source locations can be reused for other purposes: e.g. we may
   attach source location metadata to alloca instructions and provide better descriptions
   for stack variables in ASan error reports.

No functionality change.

llvm-svn: 214604
2014-08-02 00:35:50 +00:00
Alexey Samsonov bad4d0c38a [ASan] Fix comments about __sanitizer_cov function
llvm-svn: 213673
2014-07-22 17:46:09 +00:00
Alexey Samsonov 535b6f9361 [ASan] Don't instrument load/stores with !nosanitize metadata.
This is used to avoid instrumentation of instructions added by UBSan
in Clang frontend (see r213291). This fixes PR20085.

Reviewed in http://reviews.llvm.org/D4544.

llvm-svn: 213292
2014-07-17 18:48:12 +00:00
Alexey Samsonov 15c9669615 [ASan] Collect unmangled names of global variables in Clang to print them in error reports.
Currently ASan instrumentation pass creates a string with global name
for each instrumented global (to include global names in the error report). Global
name is already mangled at this point, and we may not be able to demangle it
at runtime (e.g. there is no __cxa_demangle on Android).

Instead, create a string with fully qualified global name in Clang, and pass it
to ASan instrumentation pass in llvm.asan.globals metadata. If there is no metadata
for some global, ASan will use the original algorithm.

This fixes https://code.google.com/p/address-sanitizer/issues/detail?id=264.

llvm-svn: 212872
2014-07-12 00:42:52 +00:00
Alexey Samsonov 08f022ae84 [ASan] Introduce a struct representing the layout of metadata entry in llvm.asan.globals.
No functionality change.

llvm-svn: 212850
2014-07-11 22:36:02 +00:00
Timur Iskhodzhanov e40fb373ef [ASan/Win] Don't instrument COMDAT globals. Properly fixes PR20244.
llvm-svn: 212596
2014-07-09 08:35:33 +00:00
Timur Iskhodzhanov a4212c244a [ASan/Win] Don't instrument private COMDAT globals until PR20244 is properly fixed
llvm-svn: 212530
2014-07-08 13:18:58 +00:00
Alexey Samsonov c94285a1a0 [ASan] Completely remove sanitizer blacklist file from instrumentation pass.
All blacklisting logic is now moved to the frontend (Clang).
If a function (or source file it is in) is blacklisted, it doesn't
get sanitize_address attribute and is therefore not instrumented.
If a global variable (or source file it is in) is blacklisted, it is
reported to be blacklisted by the entry in llvm.asan.globals metadata,
and is not modified by the instrumentation.

The latter may lead to certain false positives - not all the globals
created by Clang are described in llvm.asan.globals metadata (e.g,
RTTI descriptors are not), so we may start reporting errors on them
even if "module" they appear in is blacklisted. We assume it's fine
to take such risk:
  1) errors on these globals are rare and usually indicate wild memory access
  2) we can lazily add descriptors for these globals into llvm.asan.globals
     lazily.

llvm-svn: 212505
2014-07-08 00:50:49 +00:00
Alexey Samsonov 0c5ecdd053 Remove non-static field initializer to appease MSVC
llvm-svn: 212212
2014-07-02 20:25:42 +00:00
Alexey Samsonov 4f319cca42 [ASan] Print exact source location of global variables in error reports.
See https://code.google.com/p/address-sanitizer/issues/detail?id=299 for the
original feature request.

Introduce llvm.asan.globals metadata, which Clang (or any other frontend)
may use to report extra information about global variables to ASan
instrumentation pass in the backend. This metadata replaces
llvm.asan.dynamically_initialized_globals that was used to detect init-order
bugs. llvm.asan.globals contains the following data for each global:
  1) source location (file/line/column info);
  2) whether it is dynamically initialized;
  3) whether it is blacklisted (shouldn't be instrumented).

Source location data is then emitted in the binary and can be picked up
by ASan runtime in case it needs to print error report involving some global.
For example:

  0x... is located 4 bytes to the right of global variable 'C::array' defined in '/path/to/file:17:8' (0x...) of size 40

These source locations are printed even if the binary doesn't have any
debug info.

This is an ABI-breaking change. ASan initialization is renamed to
__asan_init_v4(). Pre-built libraries compiled with older Clang will not work
with the fresh runtime.

llvm-svn: 212188
2014-07-02 16:54:41 +00:00
Alexey Samsonov e595e1ade0 Remove top-level Clang -fsanitize= flags for optional ASan features.
Init-order and use-after-return modes can currently be enabled
by runtime flags. use-after-scope mode is not really working at the
moment.

The only problem I see is that users won't be able to disable extra
instrumentation for init-order and use-after-scope by a top-level Clang flag.
But this instrumentation was implicitly enabled for quite a while and
we didn't hear from users hurt by it.

llvm-svn: 210924
2014-06-13 17:53:44 +00:00
Rafael Espindola a6e9c3e43a Remove system_error.h.
This is a minimal change to remove the header. I will remove the occurrences
of "using std::error_code" in a followup patch.

llvm-svn: 210803
2014-06-12 17:38:55 +00:00
Evgeniy Stepanov 493df136d9 [asancov] Fix coverage line info some more.
Now it should always point to the opening brace of the function (in
-asan-coverage=1 mode).

llvm-svn: 210266
2014-06-05 14:34:45 +00:00
Evgeniy Stepanov 19f75fc947 [asan] Fix coverage instrumentation with -asan-globals=0.
llvm-svn: 210103
2014-06-03 14:16:00 +00:00
Alexey Samsonov 6d8bab82df Remove sanitizer blacklist from ASan/TSan/MSan function passes.
Instrumentation passes now use attributes
address_safety/thread_safety/memory_safety which are added by Clang frontend.
Clang parses the blacklist file and adds the attributes accordingly.

Currently blacklist is still used in ASan module pass to disable instrumentation
for certain global variables. We should fix this as well by collecting the
set of globals we're going to instrument in Clang and passing it to ASan
in metadata (as we already do for dynamically-initialized globals and init-order
checking).

This change also removes -tsan-blacklist and -msan-blacklist LLVM commandline
flags in favor of -fsanitize-blacklist= Clang flag.

llvm-svn: 210038
2014-06-02 18:08:27 +00:00
Alexey Samsonov ea4269e7a8 [ASan] Behave the same for functions w/o sanitize_address attribute and blacklisted functions
llvm-svn: 209946
2014-05-31 00:33:05 +00:00
Alexey Samsonov a02e66499b Use range-based for loops in ASan, TSan and MSan
llvm-svn: 209834
2014-05-29 18:40:48 +00:00
Alexey Samsonov dea76ee889 [ASan] Hoist blacklisting globals from init-order checking to Clang.
Clang knows about the sanitizer blacklist and it makes no sense to
add global to the list of llvm.asan.dynamically_initialized_globals if it
will be blacklisted in the instrumentation pass anyway. Instead, we should
do as much blacklisting as possible (if not all) in the frontend.

llvm-svn: 209790
2014-05-29 01:44:13 +00:00
Alexey Samsonov 1f64750258 Fix typo in variable name
llvm-svn: 209784
2014-05-29 01:10:14 +00:00
Alexey Samsonov 96e239f564 [ASan] Use llvm.global_ctors to insert init-order checking calls into ASan runtime.
Don't assume that dynamically initialized globals are all initialized from
_GLOBAL__<module_name>I_ function. Instead, scan the llvm.global_ctors and
insert poison/unpoison calls to each function there.

Patch by Nico Weber!

llvm-svn: 209780
2014-05-29 00:51:15 +00:00
Evgeniy Stepanov 386b58d056 [asancov] Don't emit extra runtime calls when compiling without coverage.
llvm-svn: 209721
2014-05-28 09:26:46 +00:00
Evgeniy Stepanov 47b1a95f1c [asancov] Emit an initializer passing number of coverage code locations in each module.
llvm-svn: 209654
2014-05-27 12:39:31 +00:00
Kostya Serebryany 4d237a8503 [asan] decrease asan-instrumentation-with-call-threshold from 10000 to 7000, see PR17409
llvm-svn: 209623
2014-05-26 11:57:16 +00:00
Kostya Serebryany c7895a83d2 [asan] properly instrument memory accesses that have small alignment (smaller than min(8,size)) by making two checks instead of one. This may slowdown some cases, e.g. long long on 32-bit or wide loads produced after loop unrolling. The benefit is higher sencitivity.
llvm-svn: 209508
2014-05-23 11:52:07 +00:00
Evgeniy Stepanov ed31ca4bdc [asan] Fix compiler warnings.
llvm-svn: 208769
2014-05-14 10:56:19 +00:00
Evgeniy Stepanov aaf4bb2394 [asan] Set debug location in ASan function prologue.
Most importantly, it gives debug location info to the coverage callback.

This change also removes 2 cases of unnecessary setDebugLoc when IRBuilder
is created with the same debug location.

llvm-svn: 208767
2014-05-14 10:30:15 +00:00
Nico Weber ba8a99cf77 Fix ASan init function detection after clang r208128.
llvm-svn: 208141
2014-05-06 23:17:26 +00:00
Timur Iskhodzhanov 9dbc206303 [ASan/Win] Fix issue 305 -- don't instrument .CRT initializer/terminator callbacks
See https://code.google.com/p/address-sanitizer/issues/detail?id=305
Reviewed at http://reviews.llvm.org/D3607

llvm-svn: 207968
2014-05-05 14:28:38 +00:00
Craig Topper f40110f4d8 [C++] Use 'nullptr'. Transforms edition.
llvm-svn: 207196
2014-04-25 05:29:35 +00:00
Alexander Potapenko a51e483846 [ASan] Move the shadow range on 32-bit iOS (and iOS Simulator)
to 0x40000000-0x60000000 to avoid address space clash with system libraries.
The solution has been proposed by tahabekireren@gmail.com in https://code.google.com/p/address-sanitizer/issues/detail?id=210
This is also known to fix some Chromium iOS tests.

llvm-svn: 207002
2014-04-23 17:14:45 +00:00
Evgeniy Stepanov 119cb2eed5 Fix handling of missing DataLayout in sanitizers.
Pass::doInitialization is supposed to return False when it did not
change the program, not when a fatal error occurs.

llvm-svn: 206975
2014-04-23 12:51:32 +00:00
Kostya Serebryany c9a2c17ad3 [asan] Support outline instrumentation for wide types and delete dead code, patch by Yuri Gribov
llvm-svn: 206883
2014-04-22 11:19:45 +00:00
Chandler Carruth 964daaaf19 [Modules] Fix potential ODR violations by sinking the DEBUG_TYPE
definition below all of the header #include lines, lib/Transforms/...
edition.

This one is tricky for two reasons. We again have a couple of passes
that define something else before the includes as well. I've sunk their
name macros with the DEBUG_TYPE.

Also, InstCombine contains headers that need DEBUG_TYPE, so now those
headers #define and #undef DEBUG_TYPE around their code, leaving them
well formed modular headers. Fixing these headers was a large motivation
for all of these changes, as "leaky" macros of this form are hard on the
modules implementation.

llvm-svn: 206844
2014-04-22 02:55:47 +00:00
Kostya Serebryany 35e538312a [asan] add a run-time flag detect_container_overflow=true/false
llvm-svn: 206756
2014-04-21 14:35:00 +00:00
Kostya Serebryany 94c81ca8e1 [asan] instead of inserting inline instrumentation around memset/memcpy/memmove, replace the intrinsic with __asan_memset/etc. This makes the memset/etc handling more complete and consistent with what we do in msan. It may slowdown some cases (when the intrinsic was actually inlined) and speedup other cases (when it was not inlined)
llvm-svn: 206746
2014-04-21 11:50:42 +00:00
Kostya Serebryany 94f57d199a [asan] temporary disable generating __asan_loadN/__asan_storeN
llvm-svn: 206741
2014-04-21 10:28:13 +00:00
Kostya Serebryany 86332c010f [asan] insert __asan_loadN/__asan_storeN as out-lined asan checks, llvm part
llvm-svn: 206734
2014-04-21 07:10:43 +00:00
Kostya Serebryany 22e8810838 [asan] one more workaround for PR17409: don't do BB-level coverage instrumentation if there are more than N (=1500) basic blocks. This makes ASanCoverage work on libjpeg_turbo/jchuff.c used by Chrome, which has 1824 BBs
llvm-svn: 206564
2014-04-18 08:02:42 +00:00
Kostya Serebryany 0c02d26d6b [asan] add two new hidden compile-time flags for asan: asan-instrumentation-with-call-threshold and asan-memory-access-callback-prefix. This is part of the workaround for PR17409 (instrument huge functions with callbacks instead of inlined code). These flags will also help us experiment with kasan (kernel-asan) and clang
llvm-svn: 206383
2014-04-16 12:12:19 +00:00
David Blaikie ceec2bdaa5 Implement depth_first and inverse_depth_first range factory functions.
Also updated as many loops as I could find using df_begin/idf_begin -
strangely I found no uses of idf_begin. Is that just used out of tree?

Also a few places couldn't use df_begin because either they used the
member functions of the depth first iterators or had specific ordering
constraints (I added a comment in the latter case).

Based on a patch by Jim Grosbach. (Jim - you just had iterator_range<T>
where you needed iterator_range<idf_iterator<T>>)

llvm-svn: 206016
2014-04-11 01:50:01 +00:00
Nuno Lopes 31617266ea remove a bunch of unused private methods
found with a smarter version of -Wunused-member-function that I'm playwing with.
Appologies in advance if I removed someone's WIP code.

 include/llvm/CodeGen/MachineSSAUpdater.h            |    1 
 include/llvm/IR/DebugInfo.h                         |    3 
 lib/CodeGen/MachineSSAUpdater.cpp                   |   10 --
 lib/CodeGen/PostRASchedulerList.cpp                 |    1 
 lib/CodeGen/SelectionDAG/SelectionDAGBuilder.cpp    |   10 --
 lib/IR/DebugInfo.cpp                                |   12 --
 lib/MC/MCAsmStreamer.cpp                            |    2 
 lib/Support/YAMLParser.cpp                          |   39 ---------
 lib/TableGen/TGParser.cpp                           |   16 ---
 lib/TableGen/TGParser.h                             |    1 
 lib/Target/AArch64/AArch64TargetTransformInfo.cpp   |    9 --
 lib/Target/ARM/ARMCodeEmitter.cpp                   |   12 --
 lib/Target/ARM/ARMFastISel.cpp                      |   84 --------------------
 lib/Target/Mips/MipsCodeEmitter.cpp                 |   11 --
 lib/Target/Mips/MipsConstantIslandPass.cpp          |   12 --
 lib/Target/NVPTX/NVPTXISelDAGToDAG.cpp              |   21 -----
 lib/Target/NVPTX/NVPTXISelDAGToDAG.h                |    2 
 lib/Target/PowerPC/PPCFastISel.cpp                  |    1 
 lib/Transforms/Instrumentation/AddressSanitizer.cpp |    2 
 lib/Transforms/Instrumentation/BoundsChecking.cpp   |    2 
 lib/Transforms/Instrumentation/MemorySanitizer.cpp  |    1 
 lib/Transforms/Scalar/LoopIdiomRecognize.cpp        |    8 -
 lib/Transforms/Scalar/SCCP.cpp                      |    1 
 utils/TableGen/CodeEmitterGen.cpp                   |    2 
 24 files changed, 2 insertions(+), 261 deletions(-)

llvm-svn: 204560
2014-03-23 17:09:26 +00:00
Alexander Potapenko 04969e8b31 [ASan] Do not instrument globals from the llvm.metadata section.
Fixes https://code.google.com/p/address-sanitizer/issues/detail?id=279.

llvm-svn: 204331
2014-03-20 10:48:34 +00:00