From: Vitaly Buka Date: Tue, 18 Oct 2016 18:04:59 +0000 (+0000) Subject: [asan] Make -asan-experimental-poisoning the only behavior X-Git-Url: http://review.tizen.org/git/?a=commitdiff_plain;h=8e1906ea7ef0db4890b4a9dd25ab2e0e8debfd9a;p=platform%2Fupstream%2Fllvm.git [asan] Make -asan-experimental-poisoning the only behavior Reviewers: eugenis Subscribers: llvm-commits Differential Revision: https://reviews.llvm.org/D25735 llvm-svn: 284505 --- diff --git a/llvm/lib/Transforms/Instrumentation/AddressSanitizer.cpp b/llvm/lib/Transforms/Instrumentation/AddressSanitizer.cpp index f08672a..e158302 100644 --- a/llvm/lib/Transforms/Instrumentation/AddressSanitizer.cpp +++ b/llvm/lib/Transforms/Instrumentation/AddressSanitizer.cpp @@ -187,10 +187,6 @@ static cl::opt ClUseAfterReturn("asan-use-after-return", static cl::opt ClUseAfterScope("asan-use-after-scope", cl::desc("Check stack-use-after-scope"), cl::Hidden, cl::init(false)); -static cl::opt ClExperimentalPoisoning( - "asan-experimental-poisoning", - cl::desc("Enable experimental red zones and scope poisoning"), cl::Hidden, - cl::init(true)); // This flag may need to be replaced with -f[no]asan-globals. static cl::opt ClGlobals("asan-globals", cl::desc("Handle global objects"), cl::Hidden, @@ -2042,15 +2038,13 @@ void FunctionStackPoisoner::initializeCallbacks(Module &M) { IntptrTy, IntptrTy, nullptr)); } - if (ClExperimentalPoisoning) { - for (size_t Val : {0x00, 0xf1, 0xf2, 0xf3, 0xf5, 0xf8}) { - std::ostringstream Name; - Name << kAsanSetShadowPrefix; - Name << std::setw(2) << std::setfill('0') << std::hex << Val; - AsanSetShadowFunc[Val] = - checkSanitizerInterfaceFunction(M.getOrInsertFunction( - Name.str(), IRB.getVoidTy(), IntptrTy, IntptrTy, nullptr)); - } + for (size_t Val : {0x00, 0xf1, 0xf2, 0xf3, 0xf5, 0xf8}) { + std::ostringstream Name; + Name << kAsanSetShadowPrefix; + Name << std::setw(2) << std::setfill('0') << std::hex << Val; + AsanSetShadowFunc[Val] = + checkSanitizerInterfaceFunction(M.getOrInsertFunction( + Name.str(), IRB.getVoidTy(), IntptrTy, IntptrTy, nullptr)); } AsanAllocaPoisonFunc = checkSanitizerInterfaceFunction(M.getOrInsertFunction( @@ -2261,12 +2255,7 @@ void FunctionStackPoisoner::processStaticAllocas() { assert(ASan.isInterestingAlloca(*APC.AI)); assert(APC.AI->isStaticAlloca()); - if (ClExperimentalPoisoning) { - AllocaToSVDMap[APC.AI] = nullptr; - } else { - IRBuilder<> IRB(APC.InsBefore); - poisonAlloca(APC.AI, APC.Size, IRB, APC.DoPoison); - } + AllocaToSVDMap[APC.AI] = nullptr; } SmallVector SVD; @@ -2392,7 +2381,7 @@ void FunctionStackPoisoner::processStaticAllocas() { // As bytes we can use either the same or just red zones only. copyToShadow(ShadowAfterScope, ShadowAfterScope, IRB, ShadowBase); - if (ClExperimentalPoisoning && !StaticAllocaPoisonCallVec.empty()) { + if (!StaticAllocaPoisonCallVec.empty()) { // Complete AllocaToSVDMap for (const auto &Desc : SVD) { auto It = AllocaToSVDMap.find(Desc.AI); @@ -2420,18 +2409,6 @@ void FunctionStackPoisoner::processStaticAllocas() { } SmallVector ShadowClean(ShadowAfterScope.size(), 0); - - auto UnpoisonStack = [&](IRBuilder<> &IRB) { - // Do this always as poisonAlloca can be disabled with - // detect_stack_use_after_scope=0. - copyToShadow(ShadowAfterScope, ShadowClean, IRB, ShadowBase); - if (!ClExperimentalPoisoning && !StaticAllocaPoisonCallVec.empty()) { - // If we poisoned some allocas in llvm.lifetime analysis, - // unpoison whole stack frame now. - poisonAlloca(LocalStackBase, LocalStackSize, IRB, false); - } - }; - SmallVector ShadowAfterReturn; // (Un)poison the stack before all ret instructions. @@ -2480,9 +2457,9 @@ void FunctionStackPoisoner::processStaticAllocas() { } IRBuilder<> IRBElse(ElseTerm); - UnpoisonStack(IRBElse); + copyToShadow(ShadowAfterScope, ShadowClean, IRBElse, ShadowBase); } else { - UnpoisonStack(IRBRet); + copyToShadow(ShadowAfterScope, ShadowClean, IRBRet, ShadowBase); } } diff --git a/llvm/test/Instrumentation/AddressSanitizer/stack-poisoning-experimental-be.ll b/llvm/test/Instrumentation/AddressSanitizer/stack-poisoning-experimental-be.ll index b561b3e..ef2f0d3 100644 --- a/llvm/test/Instrumentation/AddressSanitizer/stack-poisoning-experimental-be.ll +++ b/llvm/test/Instrumentation/AddressSanitizer/stack-poisoning-experimental-be.ll @@ -1,17 +1,11 @@ ; Test check the following function parts: ENTRY, LIFE (lifetime), FAKE (fake stack) and EXIT. -; Test each part can have prefix: no prefix (regular), UAS (use-after-scope), EXP (new poisoning) and UAS-EXP (use-after-scope with new poisoning) +; Test each part can have prefix: no prefix (regular), UAS (use-after-scope) ; Regular stack poisoning. -; RUN: opt < %s -asan -asan-module -asan-experimental-poisoning=0 -asan-use-after-scope=0 -S | FileCheck --check-prefixes=CHECK,ENTRY,LIFE,FAKE,EXIT %s +; RUN: opt < %s -asan -asan-module -asan-use-after-scope=0 -S | FileCheck --check-prefixes=CHECK,ENTRY,LIFE,FAKE-EXP,EXIT %s -; Optimized poisoning. Only fake stack part is different from the first test. -; RUN: opt < %s -asan -asan-module -asan-experimental-poisoning=1 -asan-use-after-scope=0 -S | FileCheck --check-prefixes=CHECK,ENTRY,LIFE,FAKE-EXP,EXIT %s - -; Regular stack poisoning with stack-use-after-scope. Only lifetime checks are different from the first test. -; RUN: opt < %s -asan -asan-module -asan-experimental-poisoning=0 -asan-use-after-scope=1 -S | FileCheck --check-prefixes=CHECK,ENTRY,LIFE-UAS,FAKE,EXIT %s - -; Optimized poisoning with stack-use-after-scope. -; RUN: opt < %s -asan -asan-module -asan-experimental-poisoning=1 -asan-use-after-scope=1 -S | FileCheck --check-prefixes=CHECK,ENTRY-UAS-EXP,LIFE-UAS-EXP,FAKE-EXP,EXIT-EXP %s +; Stack poisoning with stack-use-after-scope. +; RUN: opt < %s -asan -asan-module -asan-use-after-scope=1 -S | FileCheck --check-prefixes=CHECK,ENTRY-UAS-EXP,LIFE-UAS-EXP,FAKE-EXP,EXIT-EXP %s target datalayout = "E-m:e-i64:64-n32:64" target triple = "powerpc64-unknown-linux-gnu" @@ -101,8 +95,6 @@ entry: call void @llvm.lifetime.start(i64 650, i8* %xx) - ; LIFE-UAS: call void @__asan_unpoison_stack_memory(i64 %{{[0-9]+}}, i64 [[SIZE:650]]) - ; 0000... ; ENTRY-UAS-EXP-NEXT: [[OFFSET:%[0-9]+]] = add i64 [[SHADOW_BASE]], 4 ; ENTRY-UAS-EXP-NEXT: call void @__asan_set_shadow_00(i64 [[OFFSET]], i64 81) @@ -117,8 +109,6 @@ entry: ; CHECK-NEXT: call void @Foo(i8* %xx) call void @llvm.lifetime.end(i64 650, i8* %xx) - ; LIFE-UAS: call void @__asan_poison_stack_memory(i64 %{{[0-9]+}}, i64 [[SIZE]]) - ; ENTRY-UAS-EXP-NEXT: [[OFFSET:%[0-9]+]] = add i64 [[SHADOW_BASE]], 4 ; ENTRY-UAS-EXP-NEXT: call void @__asan_set_shadow_f8(i64 [[OFFSET]], i64 82) @@ -126,8 +116,6 @@ entry: call void @llvm.lifetime.start(i64 13, i8* %yy) - ; LIFE-UAS: call void @__asan_unpoison_stack_memory(i64 %{{[0-9]+}}, i64 [[SIZE:13]]) - ; 0005 ; ENTRY-UAS-EXP-NEXT: [[OFFSET:%[0-9]+]] = add i64 [[SHADOW_BASE]], 102 ; ENTRY-UAS-EXP-NEXT: [[PTR:%[0-9]+]] = inttoptr i64 [[OFFSET]] to [[TYPE:i16]]* @@ -139,8 +127,6 @@ entry: ; CHECK-NEXT: call void @Foo(i8* %yy) call void @llvm.lifetime.end(i64 13, i8* %yy) - ; LIFE-UAS: call void @__asan_poison_stack_memory(i64 %{{[0-9]+}}, i64 [[SIZE]]) - ; F8F8 ; ENTRY-UAS-EXP-NEXT: [[OFFSET:%[0-9]+]] = add i64 [[SHADOW_BASE]], 102 ; ENTRY-UAS-EXP-NEXT: [[PTR:%[0-9]+]] = inttoptr i64 [[OFFSET]] to [[TYPE:i16]]* @@ -150,8 +136,6 @@ entry: call void @llvm.lifetime.start(i64 40, i8* %zz) - ; LIFE-UAS: call void @__asan_unpoison_stack_memory(i64 %{{[0-9]+}}, i64 [[SIZE:40]]) - ; 00000000 ; ENTRY-UAS-EXP-NEXT: [[OFFSET:%[0-9]+]] = add i64 [[SHADOW_BASE]], 106 ; ENTRY-UAS-EXP-NEXT: [[PTR:%[0-9]+]] = inttoptr i64 [[OFFSET]] to [[TYPE:i32]]* @@ -167,8 +151,6 @@ entry: ; CHECK-NEXT: call void @Foo(i8* %zz) call void @llvm.lifetime.end(i64 40, i8* %zz) - ; LIFE-UAS: call void @__asan_poison_stack_memory(i64 %{{[0-9]+}}, i64 [[SIZE]]) - ; F8F8F8F8 ; ENTRY-UAS-EXP-NEXT: [[OFFSET:%[0-9]+]] = add i64 [[SHADOW_BASE]], 106 ; ENTRY-UAS-EXP-NEXT: [[PTR:%[0-9]+]] = inttoptr i64 [[OFFSET]] to [[TYPE:i32]]* @@ -180,89 +162,8 @@ entry: ; CHECK-NEXT: call void @llvm.lifetime.end(i64 40, i8* %zz) - ; CHECK-LABEL: