llvm.org GIT mirror llvm / 4527f9a
[ASan] Use dynamic shadow on 32-bit iOS and simulators The VM layout on iOS is not stable between releases. On 64-bit iOS and its derivatives we use a dynamic shadow offset that enables ASan to search for a valid location for the shadow heap on process launch rather than hardcode it. This commit extends that approach for 32-bit iOS plus derivatives and their simulators. rdar://50645192 rdar://51200372 rdar://51767702 Reviewed By: delcypher Differential Revision: https://reviews.llvm.org/D63586 git-svn-id: https://llvm.org/svn/llvm-project/llvm/trunk@364105 91177308-0d34-0410-b5e6-96231b3b80d8 Julian Lettner 3 months ago
2 changed file(s) with 30 addition(s) and 10 deletion(s). Raw diff Collapse all Expand all
9393 static const uint64_t kDefaultShadowOffset64 = 1ULL << 44;
9494 static const uint64_t kDynamicShadowSentinel =
9595 std::numeric_limits::max();
96 static const uint64_t kIOSShadowOffset32 = 1ULL << 30;
97 static const uint64_t kIOSSimShadowOffset32 = 1ULL << 30;
98 static const uint64_t kIOSSimShadowOffset64 = kDefaultShadowOffset64;
9996 static const uint64_t kSmallX86_64ShadowOffsetBase = 0x7FFFFFFF; // < 2G.
10097 static const uint64_t kSmallX86_64ShadowOffsetAlignMask = ~0xFFFULL;
10198 static const uint64_t kLinuxKasan_ShadowOffset64 = 0xdffffc0000000000;
427424 bool IsPPC64 = TargetTriple.getArch() == Triple::ppc64 ||
428425 TargetTriple.getArch() == Triple::ppc64le;
429426 bool IsSystemZ = TargetTriple.getArch() == Triple::systemz;
430 bool IsX86 = TargetTriple.getArch() == Triple::x86;
431427 bool IsX86_64 = TargetTriple.getArch() == Triple::x86_64;
432428 bool IsMIPS32 = TargetTriple.isMIPS32();
433429 bool IsMIPS64 = TargetTriple.isMIPS64();
454450 else if (IsNetBSD)
455451 Mapping.Offset = kNetBSD_ShadowOffset32;
456452 else if (IsIOS)
457 // If we're targeting iOS and x86, the binary is built for iOS simulator.
458 Mapping.Offset = IsX86 ? kIOSSimShadowOffset32 : kIOSShadowOffset32;
453 Mapping.Offset = kDynamicShadowSentinel;
459454 else if (IsWindows)
460455 Mapping.Offset = kWindowsShadowOffset32;
461456 else if (IsMyriad) {
494489 } else if (IsMIPS64)
495490 Mapping.Offset = kMIPS64_ShadowOffset64;
496491 else if (IsIOS)
497 // If we're targeting iOS and x86, the binary is built for iOS simulator.
498 // We are using dynamic shadow offset on the 64-bit devices.
499 Mapping.Offset =
500 IsX86_64 ? kIOSSimShadowOffset64 : kDynamicShadowSentinel;
492 Mapping.Offset = kDynamicShadowSentinel;
501493 else if (IsAArch64)
502494 Mapping.Offset = kAArch64_ShadowOffset64;
503495 else
0 ; Test using dynamic shadow address on darwin
1 ;
2 ; RUN: opt -asan -asan-module -mtriple=arm64_32-apple-watchos --data-layout="e-m:o-p:32:32-i64:64-i128:128-n32:64-S128" -S < %s | FileCheck %s --check-prefixes=CHECK,CHECK-DYNAMIC -DPTR_SIZE=32
3 ; RUN: opt -asan -asan-module -mtriple=armv7k-apple-watchos --data-layout="e-m:o-p:32:32-Fi8-i64:64-a:0:32-n32-S128" -S < %s | FileCheck %s --check-prefixes=CHECK,CHECK-DYNAMIC -DPTR_SIZE=32
4 ; RUN: opt -asan -asan-module -mtriple=arm64-apple-ios --data-layout="e-m:o-i64:64-i128:128-n32:64-S128" -S < %s | FileCheck %s --check-prefixes=CHECK,CHECK-DYNAMIC -DPTR_SIZE=64
5 ; RUN: opt -asan -asan-module -mtriple=armv7s-apple-ios --data-layout="e-m:o-p:32:32-Fi8-f64:32:64-v64:32:64-v128:32:128-a:0:32-n32-S32" -S < %s | FileCheck %s --check-prefixes=CHECK,CHECK-DYNAMIC -DPTR_SIZE=32
6 ; RUN: opt -asan -asan-module -mtriple=i386-apple-watchos-simulator --data-layout="e-m:o-p:32:32-f64:32:64-f80:128-n8:16:32-S128" -S < %s | FileCheck %s --check-prefixes=CHECK,CHECK-DYNAMIC -DPTR_SIZE=32
7 ; RUN: opt -asan -asan-module -mtriple=i386-apple-ios-simulator --data-layout="e-m:o-p:32:32-f64:32:64-f80:128-n8:16:32-S128" -S < %s | FileCheck %s --check-prefixes=CHECK,CHECK-DYNAMIC -DPTR_SIZE=32
8 ; RUN: opt -asan -asan-module -mtriple=x86_64-apple-ios-simulator --data-layout="e-m:o-i64:64-f80:128-n8:16:32:64-S128" -S < %s | FileCheck %s --check-prefixes=CHECK,CHECK-DYNAMIC -DPTR_SIZE=64
9 ;
10 ; // macOS does not use dynamic shadow placement
11 ; RUN: opt -asan -asan-module -mtriple=x86_64-apple-macosx --data-layout="e-m:o-i64:64-f80:128-n8:16:32:64-S128" -S < %s | FileCheck %s --check-prefixes=CHECK,CHECK-NONDYNAMIC -DPTR_SIZE=64
12
13 define i32 @test_load(i32* %a) sanitize_address {
14 ; First instrumentation in the function must be to load the dynamic shadow
15 ; address into a local variable.
16 ; CHECK-LABEL: @test_load
17 ; CHECK: entry:
18 ; CHECK-DYNAMIC-NEXT: %[[SHADOW:[^ ]*]] = load i[[PTR_SIZE]], i[[PTR_SIZE]]* @__asan_shadow_memory_dynamic_address
19 ; CHECK-NONDYNAMIC-NOT: __asan_shadow_memory_dynamic_address
20
21 ; Shadow address is loaded and added into the whole offset computation.
22 ; CHECK-DYNAMIC: add i[[PTR_SIZE]] %{{.*}}, %[[SHADOW]]
23
24 entry:
25 %tmp1 = load i32, i32* %a, align 4
26 ret i32 %tmp1
27 }