hwasan: Compatibility fixes for short granules.

We can't use short granules with stack instrumentation when targeting older API levels because the rest of the system won't understand the short granule tags stored in shadow memory. Moreover, we need to be able to let old binaries (which won't understand short granule tags) run on a new system that supports short granule tags. Such binaries will call the __hwasan_tag_mismatch function when their outlined checks fail. We can compensate for the binary's lack of support for short granules by implementing the short granule part of the check in the __hwasan_tag_mismatch function. Unfortunately we can't do anything about inline checks, but I don't believe that we can generate these by default on aarch64, nor did we do so when the ABI was fixed. A new function, __hwasan_tag_mismatch_v2, is introduced that lets code targeting the new runtime avoid redoing the short granule check. Because tag mismatches are rare this isn't important from a performance perspective; the main benefit is that it introduces a symbol dependency that prevents binaries targeting the new runtime from running on older (i.e. incompatible) runtimes. Differential Revision: https://reviews.llvm.org/D68059 llvm-svn: 373035
author: Peter Collingbourne <peter@pcc.me.uk> 2019-09-27 01:02:10 +0000
committer: Peter Collingbourne <peter@pcc.me.uk> 2019-09-27 01:02:10 +0000
commit: c336557f0238dba72718e499bb345d0dd87305fc (patch)
tree: e4e28be592b4447219c84abe5cc03f2b5a99b5c8 /llvm/lib/Transforms
parent: d5d62a99a91391f7dd6f18cb1e8f2cb7ab06ded6 (diff)
download: bcm5719-llvm-c336557f0238dba72718e499bb345d0dd87305fc.tar.gz
bcm5719-llvm-c336557f0238dba72718e499bb345d0dd87305fc.zip
1 files changed, 18 insertions, 5 deletions
diff --git a/llvm/lib/Transforms/Instrumentation/HWAddressSanitizer.cpp b/llvm/lib/Transforms/Instrumentation/HWAddressSanitizer.cpp
index df7606dfa24..2bc127bc982 100644
--- a/llvm/lib/Transforms/Instrumentation/HWAddressSanitizer.cpp
+++ b/llvm/lib/Transforms/Instrumentation/HWAddressSanitizer.cpp
@@ -166,6 +166,11 @@ static cl::opt<bool>
                             cl::desc("instrument landing pads"), cl::Hidden,
                             cl::init(false), cl::ZeroOrMore);
 
+static cl::opt<bool> ClUseShortGranules(
+    "hwasan-use-short-granules",
+    cl::desc("use short granules in allocas and outlined checks"), cl::Hidden,
+    cl::init(false), cl::ZeroOrMore);
+
 static cl::opt<bool> ClInstrumentPersonalityFunctions(
     "hwasan-instrument-personality-functions",
     cl::desc("instrument personality functions"), cl::Hidden, cl::init(false),
@@ -269,6 +274,7 @@ private:
 
   bool CompileKernel;
   bool Recover;
+  bool UseShortGranules;
   bool InstrumentLandingPads;
 
   Function *HwasanCtorFunction;
@@ -372,11 +378,14 @@ void HWAddressSanitizer::initializeModule() {
   HwasanCtorFunction = nullptr;
 
   // Older versions of Android do not have the required runtime support for
-  // global or personality function instrumentation. On other platforms we
-  // currently require using the latest version of the runtime.
+  // short granules, global or personality function instrumentation. On other
+  // platforms we currently require using the latest version of the runtime.
   bool NewRuntime =
       !TargetTriple.isAndroid() || !TargetTriple.isAndroidVersionLT(30);
 
+  UseShortGranules =
+      ClUseShortGranules.getNumOccurrences() ? ClUseShortGranules : NewRuntime;
+
   // If we don't have personality function support, fall back to landing pads.
   InstrumentLandingPads = ClInstrumentLandingPads.getNumOccurrences()
                               ? ClInstrumentLandingPads
@@ -608,9 +617,11 @@ void HWAddressSanitizer::instrumentMemAccessInline(Value *Ptr, bool IsWrite,
       TargetTriple.isOSBinFormatELF() && !Recover) {
     Module *M = IRB.GetInsertBlock()->getParent()->getParent();
     Ptr = IRB.CreateBitCast(Ptr, Int8PtrTy);
-    IRB.CreateCall(
-        Intrinsic::getDeclaration(M, Intrinsic::hwasan_check_memaccess),
-        {shadowBase(), Ptr, ConstantInt::get(Int32Ty, AccessInfo)});
+    IRB.CreateCall(Intrinsic::getDeclaration(
+                       M, UseShortGranules
+                              ? Intrinsic::hwasan_check_memaccess_shortgranules
+                              : Intrinsic::hwasan_check_memaccess),
+                   {shadowBase(), Ptr, ConstantInt::get(Int32Ty, AccessInfo)});
     return;
   }
 
@@ -763,6 +774,8 @@ static uint64_t getAllocaSizeInBytes(const AllocaInst &AI) {
 bool HWAddressSanitizer::tagAlloca(IRBuilder<> &IRB, AllocaInst *AI,
                                    Value *Tag, size_t Size) {
   size_t AlignedSize = alignTo(Size, Mapping.getObjectAlignment());
+  if (!UseShortGranules)
+    Size = AlignedSize;
 
   Value *JustTag = IRB.CreateTrunc(Tag, IRB.getInt8Ty());
   if (ClInstrumentWithCalls) {
author	Peter Collingbourne <peter@pcc.me.uk>	2019-09-27 01:02:10 +0000
committer	Peter Collingbourne <peter@pcc.me.uk>	2019-09-27 01:02:10 +0000
commit	c336557f0238dba72718e499bb345d0dd87305fc (patch)
tree	e4e28be592b4447219c84abe5cc03f2b5a99b5c8 /llvm/lib/Transforms
parent	d5d62a99a91391f7dd6f18cb1e8f2cb7ab06ded6 (diff)
download	bcm5719-llvm-c336557f0238dba72718e499bb345d0dd87305fc.tar.gz bcm5719-llvm-c336557f0238dba72718e499bb345d0dd87305fc.zip