llvm.org GIT mirror llvm / e330b7d
Make sure that not interesting allocas are not instrumented. Summary: We failed to unpoison uninteresting allocas on return as unpoisoning is part of main instrumentation which skips such allocas. Added check -asan-instrument-allocas for dynamic allocas. If instrumentation of dynamic allocas is disabled it will not will not be unpoisoned. PR27453 Reviewers: kcc, eugenis Subscribers: llvm-commits Differential Revision: http://reviews.llvm.org/D21207 git-svn-id: https://llvm.org/svn/llvm-project/llvm/trunk@272341 91177308-0d34-0410-b5e6-96231b3b80d8 Vitaly Buka 4 years ago
2 changed file(s) with 33 addition(s) and 4 deletion(s). Raw diff Collapse all Expand all
744744 return;
745745 // Find alloca instruction that corresponds to llvm.lifetime argument.
746746 AllocaInst *AI = findAllocaForValue(II.getArgOperand(1));
747 if (!AI) return;
747 if (!AI || !ASan.isInterestingAlloca(*AI))
748 return;
748749 bool DoPoison = (ID == Intrinsic::lifetime_end);
749750 AllocaPoisonCall APC = {&II, AI, SizeValue, DoPoison};
750751 AllocaPoisonCallVec.push_back(APC);
19831984 assert(AllocaVec.size() > 0 || DynamicAllocaVec.size() > 0);
19841985
19851986 // Insert poison calls for lifetime intrinsics for alloca.
1986 bool HavePoisonedAllocas = false;
1987 bool HavePoisonedStaticAllocas = false;
19871988 for (const auto &APC : AllocaPoisonCallVec) {
19881989 assert(APC.InsBefore);
19891990 assert(APC.AI);
1991 assert(ASan.isInterestingAlloca(*APC.AI));
1992 bool IsDynamicAlloca = ASan.isDynamicAlloca(*APC.AI);
1993 if (!ClInstrumentAllocas && IsDynamicAlloca)
1994 continue;
1995
19901996 IRBuilder<> IRB(APC.InsBefore);
19911997 poisonAlloca(APC.AI, APC.Size, IRB, APC.DoPoison);
1992 HavePoisonedAllocas |= APC.DoPoison;
1998 // Dynamic allocas will be unpoisoned unconditionally below in
1999 // unpoisonDynamicAllocas.
2000 // Flag that we need unpoison static allocas.
2001 HavePoisonedStaticAllocas |= (APC.DoPoison && !IsDynamicAlloca);
19932002 }
19942003
19952004 if (ClInstrumentAllocas && DynamicAllocaVec.size() > 0) {
21362145 poisonRedZones(L.ShadowBytes, IRB, ShadowBase, true);
21372146
21382147 auto UnpoisonStack = [&](IRBuilder<> &IRB) {
2139 if (HavePoisonedAllocas) {
2148 if (HavePoisonedStaticAllocas) {
21402149 // If we poisoned some allocas in llvm.lifetime analysis,
21412150 // unpoison whole stack frame now.
21422151 poisonAlloca(LocalStackBase, LocalStackSize, IRB, false);
0 ; Test hanlding of llvm.lifetime intrinsics.
11 ; RUN: opt < %s -asan -asan-module -asan-use-after-scope -asan-use-after-return=0 -S | FileCheck %s
2 ; RUN: opt < %s -asan -asan-module -asan-use-after-scope -asan-use-after-return=0 -asan-instrument-allocas=0 -S | FileCheck %s --check-prefix=CHECK-NO-DYNAMIC
23
34 target datalayout = "e-p:64:64:64-i1:8:8-i8:8:8-i16:16:16-i32:32:32-i64:64:64-f32:32:32-f64:64:64-v64:64:64-v128:128:128-a0:0:64-s0:64:64-f80:128:128-n8:16:32:64-S128"
45 target triple = "x86_64-unknown-linux-gnu"
4647 call void @llvm.lifetime.start(i64 40, i8* %arr.ptr)
4748 store volatile i8 0, i8* %arr.ptr
4849 ; CHECK: call void @__asan_unpoison_stack_memory(i64 %{{[^ ]+}}, i64 40)
50 ; CHECK-NO-DYNAMIC-NOT: call void @__asan_unpoison_stack_memory(i64 %{{[^ ]+}}, i64 40)
4951 call void @llvm.lifetime.end(i64 40, i8* %arr.ptr)
5052 ; CHECK: call void @__asan_poison_stack_memory(i64 %{{[^ ]+}}, i64 40)
53 ; CHECK-NO-DYNAMIC-NOT: call void @__asan_poison_stack_memory(i64 %{{[^ ]+}}, i64 40)
5154
5255 ; One more lifetime start/end for the same variable %i.
5356 call void @llvm.lifetime.start(i64 4, i8* %i.ptr)
8689 ; CHECK: ret void
8790 ret void
8891 }
92
93 define void @zero_sized(i64 %a) #0 {
94 ; CHECK-LABEL: define void @zero_sized(i64 %a)
95
96 entry:
97 %a.addr = alloca i64, align 8
98 %b = alloca [0 x i8], align 1
99 store i64 %a, i64* %a.addr, align 8
100 %0 = bitcast [0 x i8]* %b to i8*
101 call void @llvm.lifetime.start(i64 0, i8* %0) #2
102 ; CHECK-NOT: call void @__asan_unpoison_stack_memory
103 %1 = bitcast [0 x i8]* %b to i8*
104 call void @llvm.lifetime.end(i64 0, i8* %1) #2
105 ; CHECK-NOT: call void @__asan_poison_stack_memory
106
107 ret void
108 }