diff options
| author | Benjamin Kramer <benny.kra@googlemail.com> | 2017-04-20 18:29:37 +0000 |
|---|---|---|
| committer | Benjamin Kramer <benny.kra@googlemail.com> | 2017-04-20 18:29:37 +0000 |
| commit | 997fd5eeb4f3c568590e8af6c82ab06b944bc3e5 (patch) | |
| tree | 761ef78904f202e3504d68ab46439dab98f6c024 /llvm | |
| parent | 58dadd59d94468250109b85737c41650f82409f3 (diff) | |
| download | bcm5719-llvm-997fd5eeb4f3c568590e8af6c82ab06b944bc3e5.tar.gz bcm5719-llvm-997fd5eeb4f3c568590e8af6c82ab06b944bc3e5.zip | |
[Recycler] Add asan/msan annotations.
This enables use after free and uninit memory checking for memory
returned by a recycler. SelectionDAG currently relies on the opcode of a
free'd node being ISD::DELETED_NODE, so poke a hole in the asan poison
for SDNode opcodes. This means that we won't find some issues, but only
in SDag.
llvm-svn: 300868
Diffstat (limited to 'llvm')
| -rw-r--r-- | llvm/include/llvm/Support/ArrayRecycler.h | 4 | ||||
| -rw-r--r-- | llvm/include/llvm/Support/Recycler.h | 4 | ||||
| -rw-r--r-- | llvm/lib/CodeGen/SelectionDAG/SelectionDAG.cpp | 7 |
3 files changed, 13 insertions, 2 deletions
diff --git a/llvm/include/llvm/Support/ArrayRecycler.h b/llvm/include/llvm/Support/ArrayRecycler.h index 4698f12b3bb..b4222ca92c7 100644 --- a/llvm/include/llvm/Support/ArrayRecycler.h +++ b/llvm/include/llvm/Support/ArrayRecycler.h @@ -48,12 +48,16 @@ template <class T, size_t Align = alignof(T)> class ArrayRecycler { if (!Entry) return nullptr; Bucket[Idx] = Entry->Next; + __msan_allocated_memory(Entry, Capacity::get(Idx).getSize()); + __asan_unpoison_memory_region(Entry, Capacity::get(Idx).getSize()); return reinterpret_cast<T*>(Entry); } // Add an entry to the free list at Bucket[Idx]. void push(unsigned Idx, T *Ptr) { assert(Ptr && "Cannot recycle NULL pointer"); + __asan_poison_memory_region(Ptr, Capacity::get(Idx).getSize()); + __asan_unpoison_memory_region(Ptr, sizeof(FreeList)); FreeList *Entry = reinterpret_cast<FreeList*>(Ptr); if (Idx >= Bucket.size()) Bucket.resize(size_t(Idx) + 1); diff --git a/llvm/include/llvm/Support/Recycler.h b/llvm/include/llvm/Support/Recycler.h index 1523aad38d4..dc8b246ebf2 100644 --- a/llvm/include/llvm/Support/Recycler.h +++ b/llvm/include/llvm/Support/Recycler.h @@ -43,10 +43,14 @@ class Recycler { FreeNode *pop_val() { auto *Val = FreeList; FreeList = FreeList->Next; + __msan_allocated_memory(Val, Size); + __asan_unpoison_memory_region(Val, Size); return Val; } void push(FreeNode *N) { + __asan_poison_memory_region(N, Size); + __asan_unpoison_memory_region(N, sizeof(FreeNode)); N->Next = FreeList; FreeList = N; } diff --git a/llvm/lib/CodeGen/SelectionDAG/SelectionDAG.cpp b/llvm/lib/CodeGen/SelectionDAG/SelectionDAG.cpp index ad169d33fd1..523f409e6b2 100644 --- a/llvm/lib/CodeGen/SelectionDAG/SelectionDAG.cpp +++ b/llvm/lib/CodeGen/SelectionDAG/SelectionDAG.cpp @@ -639,12 +639,15 @@ void SelectionDAG::DeallocateNode(SDNode *N) { // If we have operands, deallocate them. removeOperands(N); + NodeAllocator.Deallocate(AllNodes.remove(N)); + // Set the opcode to DELETED_NODE to help catch bugs when node // memory is reallocated. + // FIXME: There are places in SDag that have grown a dependency on the opcode + // value in the released node. + __asan_unpoison_memory_region(&N->NodeType, sizeof(N->NodeType)); N->NodeType = ISD::DELETED_NODE; - NodeAllocator.Deallocate(AllNodes.remove(N)); - // If any of the SDDbgValue nodes refer to this SDNode, invalidate // them and forget about that node. DbgInfo->erase(N); |
