This is leftover from older version of HWASAN.
The current HWASAN assumes that the new stack
frames are tagged with zeroes, which make getNextTagWithCall
or StackTag ^ TagMaskByte unusable.
Reviewed By: kstoimenov, eugenis
Differential Revision: https://reviews.llvm.org/D149220
cl::desc("detect use after scope within function"),
cl::Hidden, cl::init(false));
-static cl::opt<bool> ClUARRetagToZero(
- "hwasan-uar-retag-to-zero",
- cl::desc("Clear alloca tags before returning from the function to allow "
- "non-instrumented and instrumented function calls mix. When set "
- "to false, allocas are retagged before returning from the "
- "function to detect use after return."),
- cl::Hidden, cl::init(true));
-
static cl::opt<bool> ClGenerateTagsWithCalls(
"hwasan-generate-tags-with-calls",
cl::desc("generate new tags with runtime library calls"), cl::Hidden,
Value *getStackBaseTag(IRBuilder<> &IRB);
Value *getAllocaTag(IRBuilder<> &IRB, Value *StackTag, AllocaInst *AI,
unsigned AllocaNo);
- Value *getUARTag(IRBuilder<> &IRB, Value *StackTag);
+ Value *getUARTag(IRBuilder<> &IRB);
Value *getHwasanThreadSlotPtr(IRBuilder<> &IRB, Type *Ty);
Value *applyTagMask(IRBuilder<> &IRB, Value *OldTag);
ConstantInt::get(IntptrTy, retagMask(AllocaNo)));
}
-Value *HWAddressSanitizer::getUARTag(IRBuilder<> &IRB, Value *StackTag) {
- if (ClUARRetagToZero)
- return ConstantInt::get(IntptrTy, 0);
- if (ClGenerateTagsWithCalls)
- return getNextTagWithCall(IRB);
- return IRB.CreateXor(StackTag, ConstantInt::get(IntptrTy, TagMaskByte));
+Value *HWAddressSanitizer::getUARTag(IRBuilder<> &IRB) {
+ return ConstantInt::get(IntptrTy, 0);
}
// Add a tag to an address.
auto TagEnd = [&](Instruction *Node) {
IRB.SetInsertPoint(Node);
- Value *UARTag = getUARTag(IRB, StackTag);
+ Value *UARTag = getUARTag(IRB);
// When untagging, use the `AlignedSize` because we need to set the tags
// for the entire alloca to zero. If we used `Size` here, we would
// keep the last granule tagged, and store zero in the last byte of the
;
; RUN: opt < %s -passes=hwasan -hwasan-with-ifunc=1 -S | FileCheck %s --check-prefixes=DYNAMIC-SHADOW
; RUN: opt < %s -passes=hwasan -hwasan-mapping-offset=0 -S | FileCheck %s --check-prefixes=ZERO-BASED-SHADOW
-; RUN: opt < %s -passes=hwasan -hwasan-with-ifunc=1 -hwasan-uar-retag-to-zero=0 -S | FileCheck %s --check-prefixes=DYNAMIC-SHADOW-UAR-TAGS
target datalayout = "e-m:e-i8:8:32-i16:16:32-i64:64-i128:128-n32:64-S128"
target triple = "riscv64-unknown-linux"
; ZERO-BASED-SHADOW-NEXT: call void @llvm.memset.p0.i64(ptr align 1 [[TMP15]], i8 0, i64 1, i1 false), !dbg [[DBG14]]
; ZERO-BASED-SHADOW-NEXT: ret void, !dbg [[DBG14]]
;
-; DYNAMIC-SHADOW-UAR-TAGS-LABEL: define void @test_alloca
-; DYNAMIC-SHADOW-UAR-TAGS-SAME: () #[[ATTR0:[0-9]+]] personality ptr @__hwasan_personality_thunk !dbg [[DBG7:![0-9]+]] {
-; DYNAMIC-SHADOW-UAR-TAGS-NEXT: entry:
-; DYNAMIC-SHADOW-UAR-TAGS-NEXT: [[DOTHWASAN_SHADOW:%.*]] = call ptr asm "", "=r,0"(ptr @__hwasan_shadow)
-; DYNAMIC-SHADOW-UAR-TAGS-NEXT: [[TMP0:%.*]] = call ptr @llvm.frameaddress.p0(i32 0)
-; DYNAMIC-SHADOW-UAR-TAGS-NEXT: [[TMP1:%.*]] = ptrtoint ptr [[TMP0]] to i64
-; DYNAMIC-SHADOW-UAR-TAGS-NEXT: [[TMP2:%.*]] = lshr i64 [[TMP1]], 20
-; DYNAMIC-SHADOW-UAR-TAGS-NEXT: [[HWASAN_STACK_BASE_TAG:%.*]] = xor i64 [[TMP1]], [[TMP2]]
-; DYNAMIC-SHADOW-UAR-TAGS-NEXT: [[X:%.*]] = alloca { i32, [12 x i8] }, align 16
-; DYNAMIC-SHADOW-UAR-TAGS-NEXT: [[TMP3:%.*]] = xor i64 [[HWASAN_STACK_BASE_TAG]], 0, !dbg [[DBG10:![0-9]+]]
-; DYNAMIC-SHADOW-UAR-TAGS-NEXT: [[TMP4:%.*]] = ptrtoint ptr [[X]] to i64, !dbg [[DBG10]]
-; DYNAMIC-SHADOW-UAR-TAGS-NEXT: [[TMP5:%.*]] = shl i64 [[TMP3]], 56, !dbg [[DBG10]]
-; DYNAMIC-SHADOW-UAR-TAGS-NEXT: [[TMP6:%.*]] = or i64 [[TMP4]], [[TMP5]], !dbg [[DBG10]]
-; DYNAMIC-SHADOW-UAR-TAGS-NEXT: [[X_HWASAN:%.*]] = inttoptr i64 [[TMP6]] to ptr, !dbg [[DBG10]]
-; DYNAMIC-SHADOW-UAR-TAGS-NEXT: [[TMP7:%.*]] = trunc i64 [[TMP3]] to i8, !dbg [[DBG10]]
-; DYNAMIC-SHADOW-UAR-TAGS-NEXT: [[TMP8:%.*]] = ptrtoint ptr [[X]] to i64, !dbg [[DBG10]]
-; DYNAMIC-SHADOW-UAR-TAGS-NEXT: [[TMP9:%.*]] = lshr i64 [[TMP8]], 4, !dbg [[DBG10]]
-; DYNAMIC-SHADOW-UAR-TAGS-NEXT: [[TMP10:%.*]] = getelementptr i8, ptr [[DOTHWASAN_SHADOW]], i64 [[TMP9]], !dbg [[DBG10]]
-; DYNAMIC-SHADOW-UAR-TAGS-NEXT: [[TMP11:%.*]] = getelementptr i8, ptr [[TMP10]], i32 0, !dbg [[DBG10]]
-; DYNAMIC-SHADOW-UAR-TAGS-NEXT: store i8 4, ptr [[TMP11]], align 1, !dbg [[DBG10]]
-; DYNAMIC-SHADOW-UAR-TAGS-NEXT: [[TMP12:%.*]] = getelementptr i8, ptr [[X]], i32 15, !dbg [[DBG10]]
-; DYNAMIC-SHADOW-UAR-TAGS-NEXT: store i8 [[TMP7]], ptr [[TMP12]], align 1, !dbg [[DBG10]]
-; DYNAMIC-SHADOW-UAR-TAGS-NEXT: call void @llvm.dbg.value(metadata !DIArgList(ptr [[X]], ptr [[X]]), metadata [[META11:![0-9]+]], metadata !DIExpression(DW_OP_LLVM_arg, 0, DW_OP_LLVM_tag_offset, 0, DW_OP_LLVM_arg, 1, DW_OP_LLVM_tag_offset, 0, DW_OP_plus, DW_OP_deref)), !dbg [[DBG10]]
-; DYNAMIC-SHADOW-UAR-TAGS-NEXT: call void @use32(ptr nonnull [[X_HWASAN]]), !dbg [[DBG13:![0-9]+]]
-; DYNAMIC-SHADOW-UAR-TAGS-NEXT: [[TMP13:%.*]] = xor i64 [[HWASAN_STACK_BASE_TAG]], 255, !dbg [[DBG14:![0-9]+]]
-; DYNAMIC-SHADOW-UAR-TAGS-NEXT: [[TMP14:%.*]] = trunc i64 [[TMP13]] to i8, !dbg [[DBG14]]
-; DYNAMIC-SHADOW-UAR-TAGS-NEXT: [[TMP15:%.*]] = ptrtoint ptr [[X]] to i64, !dbg [[DBG14]]
-; DYNAMIC-SHADOW-UAR-TAGS-NEXT: [[TMP16:%.*]] = lshr i64 [[TMP15]], 4, !dbg [[DBG14]]
-; DYNAMIC-SHADOW-UAR-TAGS-NEXT: [[TMP17:%.*]] = getelementptr i8, ptr [[DOTHWASAN_SHADOW]], i64 [[TMP16]], !dbg [[DBG14]]
-; DYNAMIC-SHADOW-UAR-TAGS-NEXT: call void @llvm.memset.p0.i64(ptr align 1 [[TMP17]], i8 [[TMP14]], i64 1, i1 false), !dbg [[DBG14]]
-; DYNAMIC-SHADOW-UAR-TAGS-NEXT: ret void, !dbg [[DBG14]]
-;
entry:
%x = alloca i32, align 4
call void @llvm.dbg.value(metadata !DIArgList(ptr %x, ptr %x), metadata !22, metadata !DIExpression(DW_OP_LLVM_arg, 0, DW_OP_LLVM_arg, 1, DW_OP_plus, DW_OP_deref)), !dbg !21
; NOTE: Assertions have been autogenerated by utils/update_test_checks.py UTC_ARGS: --version 2
; Test alloca instrumentation.
;
-; RUN: opt < %s -passes=hwasan -S | FileCheck %s --check-prefixes=NO-UAR-TAGS
-; RUN: opt < %s -passes=hwasan -hwasan-uar-retag-to-zero=0 -S | FileCheck %s --check-prefixes=UAR-TAGS
+; RUN: opt < %s -passes=hwasan -S | FileCheck %s
target datalayout = "e-m:e-i8:8:32-i16:16:32-i64:64-i128:128-n32:64-S128"
target triple = "x86_64-unknown-linux-gnu"
declare void @use32(ptr)
define void @test_alloca() sanitize_hwaddress {
-; NO-UAR-TAGS-LABEL: define void @test_alloca
-; NO-UAR-TAGS-SAME: () #[[ATTR0:[0-9]+]] personality ptr @__hwasan_personality_thunk {
-; NO-UAR-TAGS-NEXT: entry:
-; NO-UAR-TAGS-NEXT: [[DOTHWASAN_SHADOW:%.*]] = call ptr asm "", "=r,0"(ptr null)
-; NO-UAR-TAGS-NEXT: [[TMP0:%.*]] = call ptr @llvm.frameaddress.p0(i32 0)
-; NO-UAR-TAGS-NEXT: [[TMP1:%.*]] = ptrtoint ptr [[TMP0]] to i64
-; NO-UAR-TAGS-NEXT: [[TMP2:%.*]] = lshr i64 [[TMP1]], 20
-; NO-UAR-TAGS-NEXT: [[TMP3:%.*]] = xor i64 [[TMP1]], [[TMP2]]
-; NO-UAR-TAGS-NEXT: [[HWASAN_STACK_BASE_TAG:%.*]] = and i64 [[TMP3]], 63
-; NO-UAR-TAGS-NEXT: [[X:%.*]] = alloca { i32, [12 x i8] }, align 16
-; NO-UAR-TAGS-NEXT: [[TMP4:%.*]] = xor i64 [[HWASAN_STACK_BASE_TAG]], 0
-; NO-UAR-TAGS-NEXT: [[TMP5:%.*]] = ptrtoint ptr [[X]] to i64
-; NO-UAR-TAGS-NEXT: [[TMP6:%.*]] = shl i64 [[TMP4]], 57
-; NO-UAR-TAGS-NEXT: [[TMP7:%.*]] = or i64 [[TMP5]], [[TMP6]]
-; NO-UAR-TAGS-NEXT: [[X_HWASAN:%.*]] = inttoptr i64 [[TMP7]] to ptr
-; NO-UAR-TAGS-NEXT: [[TMP8:%.*]] = trunc i64 [[TMP4]] to i8
-; NO-UAR-TAGS-NEXT: call void @__hwasan_tag_memory(ptr [[X]], i8 [[TMP8]], i64 16)
-; NO-UAR-TAGS-NEXT: call void @use32(ptr nonnull [[X_HWASAN]])
-; NO-UAR-TAGS-NEXT: call void @__hwasan_tag_memory(ptr [[X]], i8 0, i64 16)
-; NO-UAR-TAGS-NEXT: ret void
-;
-; UAR-TAGS-LABEL: define void @test_alloca
-; UAR-TAGS-SAME: () #[[ATTR0:[0-9]+]] personality ptr @__hwasan_personality_thunk {
-; UAR-TAGS-NEXT: entry:
-; UAR-TAGS-NEXT: [[DOTHWASAN_SHADOW:%.*]] = call ptr asm "", "=r,0"(ptr null)
-; UAR-TAGS-NEXT: [[TMP0:%.*]] = call ptr @llvm.frameaddress.p0(i32 0)
-; UAR-TAGS-NEXT: [[TMP1:%.*]] = ptrtoint ptr [[TMP0]] to i64
-; UAR-TAGS-NEXT: [[TMP2:%.*]] = lshr i64 [[TMP1]], 20
-; UAR-TAGS-NEXT: [[TMP3:%.*]] = xor i64 [[TMP1]], [[TMP2]]
-; UAR-TAGS-NEXT: [[HWASAN_STACK_BASE_TAG:%.*]] = and i64 [[TMP3]], 63
-; UAR-TAGS-NEXT: [[X:%.*]] = alloca { i32, [12 x i8] }, align 16
-; UAR-TAGS-NEXT: [[TMP4:%.*]] = xor i64 [[HWASAN_STACK_BASE_TAG]], 0
-; UAR-TAGS-NEXT: [[TMP5:%.*]] = ptrtoint ptr [[X]] to i64
-; UAR-TAGS-NEXT: [[TMP6:%.*]] = shl i64 [[TMP4]], 57
-; UAR-TAGS-NEXT: [[TMP7:%.*]] = or i64 [[TMP5]], [[TMP6]]
-; UAR-TAGS-NEXT: [[X_HWASAN:%.*]] = inttoptr i64 [[TMP7]] to ptr
-; UAR-TAGS-NEXT: [[TMP8:%.*]] = trunc i64 [[TMP4]] to i8
-; UAR-TAGS-NEXT: call void @__hwasan_tag_memory(ptr [[X]], i8 [[TMP8]], i64 16)
-; UAR-TAGS-NEXT: call void @use32(ptr nonnull [[X_HWASAN]])
-; UAR-TAGS-NEXT: [[TMP9:%.*]] = xor i64 [[HWASAN_STACK_BASE_TAG]], 63
-; UAR-TAGS-NEXT: [[TMP10:%.*]] = trunc i64 [[TMP9]] to i8
-; UAR-TAGS-NEXT: call void @__hwasan_tag_memory(ptr [[X]], i8 [[TMP10]], i64 16)
-; UAR-TAGS-NEXT: ret void
+; CHECK-LABEL: define void @test_alloca
+; CHECK-SAME: () #[[ATTR0:[0-9]+]] personality ptr @__hwasan_personality_thunk {
+; CHECK-NEXT: entry:
+; CHECK-NEXT: [[DOTHWASAN_SHADOW:%.*]] = call ptr asm "", "=r,0"(ptr null)
+; CHECK-NEXT: [[TMP0:%.*]] = call ptr @llvm.frameaddress.p0(i32 0)
+; CHECK-NEXT: [[TMP1:%.*]] = ptrtoint ptr [[TMP0]] to i64
+; CHECK-NEXT: [[TMP2:%.*]] = lshr i64 [[TMP1]], 20
+; CHECK-NEXT: [[TMP3:%.*]] = xor i64 [[TMP1]], [[TMP2]]
+; CHECK-NEXT: [[HWASAN_STACK_BASE_TAG:%.*]] = and i64 [[TMP3]], 63
+; CHECK-NEXT: [[X:%.*]] = alloca { i32, [12 x i8] }, align 16
+; CHECK-NEXT: [[TMP4:%.*]] = xor i64 [[HWASAN_STACK_BASE_TAG]], 0
+; CHECK-NEXT: [[TMP5:%.*]] = ptrtoint ptr [[X]] to i64
+; CHECK-NEXT: [[TMP6:%.*]] = shl i64 [[TMP4]], 57
+; CHECK-NEXT: [[TMP7:%.*]] = or i64 [[TMP5]], [[TMP6]]
+; CHECK-NEXT: [[X_HWASAN:%.*]] = inttoptr i64 [[TMP7]] to ptr
+; CHECK-NEXT: [[TMP8:%.*]] = trunc i64 [[TMP4]] to i8
+; CHECK-NEXT: call void @__hwasan_tag_memory(ptr [[X]], i8 [[TMP8]], i64 16)
+; CHECK-NEXT: call void @use32(ptr nonnull [[X_HWASAN]])
+; CHECK-NEXT: call void @__hwasan_tag_memory(ptr [[X]], i8 0, i64 16)
+; CHECK-NEXT: ret void
;
entry:
%x = alloca i32, align 4
;
; RUN: opt < %s -passes=hwasan -hwasan-with-ifunc=1 -S | FileCheck %s --check-prefixes=DYNAMIC-SHADOW
; RUN: opt < %s -passes=hwasan -hwasan-mapping-offset=0 -S | FileCheck %s --check-prefixes=ZERO-BASED-SHADOW
-; RUN: opt < %s -passes=hwasan -hwasan-with-ifunc=1 -hwasan-uar-retag-to-zero=0 -S | FileCheck %s --check-prefixes=DYNAMIC-SHADOW-UAR-TAGS
target datalayout = "e-m:e-i8:8:32-i16:16:32-i64:64-i128:128-n32:64-S128"
target triple = "aarch64--linux-android10000"
; ZERO-BASED-SHADOW-NEXT: call void @llvm.memset.p0.i64(ptr align 1 [[TMP15]], i8 0, i64 1, i1 false), !dbg [[DBG14]]
; ZERO-BASED-SHADOW-NEXT: ret void, !dbg [[DBG14]]
;
-; DYNAMIC-SHADOW-UAR-TAGS-LABEL: define void @test_alloca
-; DYNAMIC-SHADOW-UAR-TAGS-SAME: () #[[ATTR0:[0-9]+]] personality ptr @__hwasan_personality_thunk !dbg [[DBG7:![0-9]+]] {
-; DYNAMIC-SHADOW-UAR-TAGS-NEXT: entry:
-; DYNAMIC-SHADOW-UAR-TAGS-NEXT: [[DOTHWASAN_SHADOW:%.*]] = call ptr asm "", "=r,0"(ptr @__hwasan_shadow)
-; DYNAMIC-SHADOW-UAR-TAGS-NEXT: [[TMP0:%.*]] = call ptr @llvm.frameaddress.p0(i32 0)
-; DYNAMIC-SHADOW-UAR-TAGS-NEXT: [[TMP1:%.*]] = ptrtoint ptr [[TMP0]] to i64
-; DYNAMIC-SHADOW-UAR-TAGS-NEXT: [[TMP2:%.*]] = lshr i64 [[TMP1]], 20
-; DYNAMIC-SHADOW-UAR-TAGS-NEXT: [[HWASAN_STACK_BASE_TAG:%.*]] = xor i64 [[TMP1]], [[TMP2]]
-; DYNAMIC-SHADOW-UAR-TAGS-NEXT: [[X:%.*]] = alloca { i32, [12 x i8] }, align 16
-; DYNAMIC-SHADOW-UAR-TAGS-NEXT: [[TMP3:%.*]] = xor i64 [[HWASAN_STACK_BASE_TAG]], 0, !dbg [[DBG10:![0-9]+]]
-; DYNAMIC-SHADOW-UAR-TAGS-NEXT: [[TMP4:%.*]] = ptrtoint ptr [[X]] to i64, !dbg [[DBG10]]
-; DYNAMIC-SHADOW-UAR-TAGS-NEXT: [[TMP5:%.*]] = shl i64 [[TMP3]], 56, !dbg [[DBG10]]
-; DYNAMIC-SHADOW-UAR-TAGS-NEXT: [[TMP6:%.*]] = or i64 [[TMP4]], [[TMP5]], !dbg [[DBG10]]
-; DYNAMIC-SHADOW-UAR-TAGS-NEXT: [[X_HWASAN:%.*]] = inttoptr i64 [[TMP6]] to ptr, !dbg [[DBG10]]
-; DYNAMIC-SHADOW-UAR-TAGS-NEXT: [[TMP7:%.*]] = trunc i64 [[TMP3]] to i8, !dbg [[DBG10]]
-; DYNAMIC-SHADOW-UAR-TAGS-NEXT: [[TMP8:%.*]] = ptrtoint ptr [[X]] to i64, !dbg [[DBG10]]
-; DYNAMIC-SHADOW-UAR-TAGS-NEXT: [[TMP9:%.*]] = lshr i64 [[TMP8]], 4, !dbg [[DBG10]]
-; DYNAMIC-SHADOW-UAR-TAGS-NEXT: [[TMP10:%.*]] = getelementptr i8, ptr [[DOTHWASAN_SHADOW]], i64 [[TMP9]], !dbg [[DBG10]]
-; DYNAMIC-SHADOW-UAR-TAGS-NEXT: [[TMP11:%.*]] = getelementptr i8, ptr [[TMP10]], i32 0, !dbg [[DBG10]]
-; DYNAMIC-SHADOW-UAR-TAGS-NEXT: store i8 4, ptr [[TMP11]], align 1, !dbg [[DBG10]]
-; DYNAMIC-SHADOW-UAR-TAGS-NEXT: [[TMP12:%.*]] = getelementptr i8, ptr [[X]], i32 15, !dbg [[DBG10]]
-; DYNAMIC-SHADOW-UAR-TAGS-NEXT: store i8 [[TMP7]], ptr [[TMP12]], align 1, !dbg [[DBG10]]
-; DYNAMIC-SHADOW-UAR-TAGS-NEXT: call void @llvm.dbg.value(metadata !DIArgList(ptr [[X]], ptr [[X]]), metadata [[META11:![0-9]+]], metadata !DIExpression(DW_OP_LLVM_arg, 0, DW_OP_LLVM_tag_offset, 0, DW_OP_LLVM_arg, 1, DW_OP_LLVM_tag_offset, 0, DW_OP_plus, DW_OP_deref)), !dbg [[DBG10]]
-; DYNAMIC-SHADOW-UAR-TAGS-NEXT: call void @use32(ptr nonnull [[X_HWASAN]]), !dbg [[DBG13:![0-9]+]]
-; DYNAMIC-SHADOW-UAR-TAGS-NEXT: [[TMP13:%.*]] = xor i64 [[HWASAN_STACK_BASE_TAG]], 255, !dbg [[DBG14:![0-9]+]]
-; DYNAMIC-SHADOW-UAR-TAGS-NEXT: [[TMP14:%.*]] = trunc i64 [[TMP13]] to i8, !dbg [[DBG14]]
-; DYNAMIC-SHADOW-UAR-TAGS-NEXT: [[TMP15:%.*]] = ptrtoint ptr [[X]] to i64, !dbg [[DBG14]]
-; DYNAMIC-SHADOW-UAR-TAGS-NEXT: [[TMP16:%.*]] = lshr i64 [[TMP15]], 4, !dbg [[DBG14]]
-; DYNAMIC-SHADOW-UAR-TAGS-NEXT: [[TMP17:%.*]] = getelementptr i8, ptr [[DOTHWASAN_SHADOW]], i64 [[TMP16]], !dbg [[DBG14]]
-; DYNAMIC-SHADOW-UAR-TAGS-NEXT: call void @llvm.memset.p0.i64(ptr align 1 [[TMP17]], i8 [[TMP14]], i64 1, i1 false), !dbg [[DBG14]]
-; DYNAMIC-SHADOW-UAR-TAGS-NEXT: ret void, !dbg [[DBG14]]
-;
entry:
%x = alloca i32, align 4
call void @llvm.dbg.value(metadata !DIArgList(ptr %x, ptr %x), metadata !22, metadata !DIExpression(DW_OP_LLVM_arg, 0, DW_OP_LLVM_arg, 1, DW_OP_plus, DW_OP_deref)), !dbg !21
projects / platform / upstream / llvm.git / commitdiff