diff options
6 files changed, 24 insertions, 48 deletions
diff --git a/clang/lib/Driver/SanitizerArgs.cpp b/clang/lib/Driver/SanitizerArgs.cpp index a2a1373c8d8..466b18e0f6a 100644 --- a/clang/lib/Driver/SanitizerArgs.cpp +++ b/clang/lib/Driver/SanitizerArgs.cpp @@ -312,13 +312,9 @@ SanitizerArgs::SanitizerArgs(const ToolChain &TC, Add |= FuzzerNoLink; // Enable coverage if the fuzzing flag is set. - if (Add & FuzzerNoLink) { + if (Add & FuzzerNoLink) CoverageFeatures |= CoverageTracePCGuard | CoverageIndirCall | CoverageTraceCmp | CoveragePCTable; - // Due to TLS differences, stack depth tracking is disabled on Mac. - if (!TC.getTriple().isOSDarwin()) - CoverageFeatures |= CoverageStackDepth; - } Kinds |= Add; } else if (Arg->getOption().matches(options::OPT_fno_sanitize_EQ)) { diff --git a/compiler-rt/lib/sanitizer_common/sanitizer_coverage_libcdep_new.cc b/compiler-rt/lib/sanitizer_common/sanitizer_coverage_libcdep_new.cc index 3c5f29b2899..46965676649 100644 --- a/compiler-rt/lib/sanitizer_common/sanitizer_coverage_libcdep_new.cc +++ b/compiler-rt/lib/sanitizer_common/sanitizer_coverage_libcdep_new.cc @@ -211,10 +211,5 @@ SANITIZER_INTERFACE_WEAK_DEF(void, __sanitizer_cov_trace_pc_indir, void) {} SANITIZER_INTERFACE_WEAK_DEF(void, __sanitizer_cov_8bit_counters_init, void) {} SANITIZER_INTERFACE_WEAK_DEF(void, __sanitizer_cov_pcs_init, void) {} } // extern "C" -// Weak definition for code instrumented with -fsanitize-coverage=stack-depth -// and later linked with code containing a strong definition. -// E.g., -fsanitize=fuzzer-no-link -SANITIZER_INTERFACE_ATTRIBUTE SANITIZER_WEAK_ATTRIBUTE -SANITIZER_TLS_INITIAL_EXEC_ATTRIBUTE uptr __sancov_lowest_stack; #endif // !SANITIZER_FUCHSIA diff --git a/compiler-rt/lib/sanitizer_common/sanitizer_internal_defs.h b/compiler-rt/lib/sanitizer_common/sanitizer_internal_defs.h index c7b401d4f10..4b780917fd7 100644 --- a/compiler-rt/lib/sanitizer_common/sanitizer_internal_defs.h +++ b/compiler-rt/lib/sanitizer_common/sanitizer_internal_defs.h @@ -35,14 +35,6 @@ # define SANITIZER_WEAK_ATTRIBUTE __attribute__((weak)) #endif -// Mac handles TLS differently -#if SANITIZER_MAC -# define SANITIZER_TLS_INITIAL_EXEC_ATTRIBUTE -#else -# define SANITIZER_TLS_INITIAL_EXEC_ATTRIBUTE \ - __attribute__((tls_model("initial-exec"))) thread_local -#endif - //--------------------------- WEAK FUNCTIONS ---------------------------------// // When working with weak functions, to simplify the code and make it more // portable, when possible define a default implementation using this macro: diff --git a/compiler-rt/test/fuzzer/deep-recursion.test b/compiler-rt/test/fuzzer/deep-recursion.test index 22475f91263..b99bad4c634 100644 --- a/compiler-rt/test/fuzzer/deep-recursion.test +++ b/compiler-rt/test/fuzzer/deep-recursion.test @@ -1,5 +1,5 @@ # Test that we can find a stack overflow REQUIRES: linux -RUN: %cpp_compiler %S/DeepRecursionTest.cpp -o %t +RUN: %cpp_compiler -fsanitize-coverage=stack-depth %S/DeepRecursionTest.cpp -o %t RUN: not %t -seed=1 -runs=100000000 2>&1 | FileCheck %s CHECK: ERROR: libFuzzer: deadly signal diff --git a/llvm/lib/Transforms/Instrumentation/SanitizerCoverage.cpp b/llvm/lib/Transforms/Instrumentation/SanitizerCoverage.cpp index a3128fd089d..0f2e7772c76 100644 --- a/llvm/lib/Transforms/Instrumentation/SanitizerCoverage.cpp +++ b/llvm/lib/Transforms/Instrumentation/SanitizerCoverage.cpp @@ -25,7 +25,6 @@ #include "llvm/IR/GlobalVariable.h" #include "llvm/IR/IRBuilder.h" #include "llvm/IR/InlineAsm.h" -#include "llvm/IR/IntrinsicInst.h" #include "llvm/IR/Intrinsics.h" #include "llvm/IR/LLVMContext.h" #include "llvm/IR/MDBuilder.h" @@ -201,15 +200,13 @@ private: ArrayRef<GetElementPtrInst *> GepTraceTargets); void InjectTraceForSwitch(Function &F, ArrayRef<Instruction *> SwitchTraceTargets); - bool InjectCoverage(Function &F, ArrayRef<BasicBlock *> AllBlocks, - bool IsLeafFunc = true); + bool InjectCoverage(Function &F, ArrayRef<BasicBlock *> AllBlocks); GlobalVariable *CreateFunctionLocalArrayInSection(size_t NumElements, Function &F, Type *Ty, const char *Section); GlobalVariable *CreatePCArray(Function &F, ArrayRef<BasicBlock *> AllBlocks); void CreateFunctionLocalArrays(Function &F, ArrayRef<BasicBlock *> AllBlocks); - void InjectCoverageAtBlock(Function &F, BasicBlock &BB, size_t Idx, - bool IsLeafFunc = true); + void InjectCoverageAtBlock(Function &F, BasicBlock &BB, size_t Idx); Function *CreateInitCallsForSections(Module &M, const char *InitFunctionName, Type *Ty, const char *Section); std::pair<GlobalVariable *, GlobalVariable *> @@ -494,7 +491,6 @@ bool SanitizerCoverageModule::runOnFunction(Function &F) { &getAnalysis<DominatorTreeWrapperPass>(F).getDomTree(); const PostDominatorTree *PDT = &getAnalysis<PostDominatorTreeWrapperPass>(F).getPostDomTree(); - bool IsLeafFunc = true; for (auto &BB : F) { if (shouldInstrumentBlock(F, &BB, DT, PDT, Options)) @@ -519,14 +515,10 @@ bool SanitizerCoverageModule::runOnFunction(Function &F) { if (Options.TraceGep) if (GetElementPtrInst *GEP = dyn_cast<GetElementPtrInst>(&Inst)) GepTraceTargets.push_back(GEP); - if (Options.StackDepth) - if (isa<InvokeInst>(Inst) || - (isa<CallInst>(Inst) && !isa<IntrinsicInst>(Inst))) - IsLeafFunc = false; - } + } } - InjectCoverage(F, BlocksToInstrument, IsLeafFunc); + InjectCoverage(F, BlocksToInstrument); InjectCoverageForIndirectCalls(F, IndirCalls); InjectTraceForCmp(F, CmpTraceTargets); InjectTraceForSwitch(F, SwitchTraceTargets); @@ -601,12 +593,11 @@ void SanitizerCoverageModule::CreateFunctionLocalArrays( } bool SanitizerCoverageModule::InjectCoverage(Function &F, - ArrayRef<BasicBlock *> AllBlocks, - bool IsLeafFunc) { + ArrayRef<BasicBlock *> AllBlocks) { if (AllBlocks.empty()) return false; CreateFunctionLocalArrays(F, AllBlocks); for (size_t i = 0, N = AllBlocks.size(); i < N; i++) - InjectCoverageAtBlock(F, *AllBlocks[i], i, IsLeafFunc); + InjectCoverageAtBlock(F, *AllBlocks[i], i); return true; } @@ -740,8 +731,7 @@ void SanitizerCoverageModule::InjectTraceForCmp( } void SanitizerCoverageModule::InjectCoverageAtBlock(Function &F, BasicBlock &BB, - size_t Idx, - bool IsLeafFunc) { + size_t Idx) { BasicBlock::iterator IP = BB.getFirstInsertionPt(); bool IsEntryBB = &BB == &F.getEntryBlock(); DebugLoc EntryLoc; @@ -780,7 +770,7 @@ void SanitizerCoverageModule::InjectCoverageAtBlock(Function &F, BasicBlock &BB, SetNoSanitizeMetadata(Load); SetNoSanitizeMetadata(Store); } - if (Options.StackDepth && IsEntryBB && !IsLeafFunc) { + if (Options.StackDepth && IsEntryBB) { // Check stack depth. If it's the deepest so far, record it. Function *GetFrameAddr = Intrinsic::getDeclaration(F.getParent(), Intrinsic::frameaddress); @@ -791,9 +781,7 @@ void SanitizerCoverageModule::InjectCoverageAtBlock(Function &F, BasicBlock &BB, auto IsStackLower = IRB.CreateICmpULT(FrameAddrInt, LowestStack); auto ThenTerm = SplitBlockAndInsertIfThen(IsStackLower, &*IP, false); IRBuilder<> ThenIRB(ThenTerm); - auto Store = ThenIRB.CreateStore(FrameAddrInt, SanCovLowestStack); - SetNoSanitizeMetadata(LowestStack); - SetNoSanitizeMetadata(Store); + ThenIRB.CreateStore(FrameAddrInt, SanCovLowestStack); } } diff --git a/llvm/test/Instrumentation/SanitizerCoverage/stack-depth.ll b/llvm/test/Instrumentation/SanitizerCoverage/stack-depth.ll index 878295cd653..e88741553d5 100644 --- a/llvm/test/Instrumentation/SanitizerCoverage/stack-depth.ll +++ b/llvm/test/Instrumentation/SanitizerCoverage/stack-depth.ll @@ -1,9 +1,9 @@ ; This check verifies that stack depth instrumentation works correctly. ; RUN: opt < %s -sancov -sanitizer-coverage-level=1 \ -; RUN: -sanitizer-coverage-stack-depth -S | FileCheck %s +; RUN: -sanitizer-coverage-stack-depth -S | FileCheck %s --enable-var-scope ; RUN: opt < %s -sancov -sanitizer-coverage-level=3 \ ; RUN: -sanitizer-coverage-stack-depth -sanitizer-coverage-trace-pc-guard \ -; RUN: -S | FileCheck %s +; RUN: -S | FileCheck %s --enable-var-scope target datalayout = "e-m:e-i64:64-f80:128-n8:16:32:64-S128" target triple = "x86_64-unknown-linux-gnu" @@ -14,8 +14,13 @@ target triple = "x86_64-unknown-linux-gnu" define i32 @foo() { entry: ; CHECK-LABEL: define i32 @foo -; CHECK-NOT: call i8* @llvm.frameaddress(i32 0) -; CHECK-NOT: @__sancov_lowest_stack +; CHECK: [[framePtr:%[^ \t]+]] = call i8* @llvm.frameaddress(i32 0) +; CHECK: [[frameInt:%[^ \t]+]] = ptrtoint i8* [[framePtr]] to [[$intType:i[0-9]+]] +; CHECK: [[lowest:%[^ \t]+]] = load [[$intType]], [[$intType]]* @__sancov_lowest_stack +; CHECK: [[cmp:%[^ \t]+]] = icmp ult [[$intType]] [[frameInt]], [[lowest]] +; CHECK: br i1 [[cmp]], label %[[ifLabel:[^ \t]+]], label +; CHECK: <label>:[[ifLabel]]: +; CHECK: store [[$intType]] [[frameInt]], [[$intType]]* @__sancov_lowest_stack ; CHECK: ret i32 7 ret i32 7 @@ -25,12 +30,12 @@ define i32 @bar() { entry: ; CHECK-LABEL: define i32 @bar ; CHECK: [[framePtr:%[^ \t]+]] = call i8* @llvm.frameaddress(i32 0) -; CHECK: [[frameInt:%[^ \t]+]] = ptrtoint i8* [[framePtr]] to [[intType:i[0-9]+]] -; CHECK: [[lowest:%[^ \t]+]] = load [[intType]], [[intType]]* @__sancov_lowest_stack -; CHECK: [[cmp:%[^ \t]+]] = icmp ult [[intType]] [[frameInt]], [[lowest]] +; CHECK: [[frameInt:%[^ \t]+]] = ptrtoint i8* [[framePtr]] to [[$intType]] +; CHECK: [[lowest:%[^ \t]+]] = load [[$intType]], [[$intType]]* @__sancov_lowest_stack +; CHECK: [[cmp:%[^ \t]+]] = icmp ult [[$intType]] [[frameInt]], [[lowest]] ; CHECK: br i1 [[cmp]], label %[[ifLabel:[^ \t]+]], label ; CHECK: <label>:[[ifLabel]]: -; CHECK: store [[intType]] [[frameInt]], [[intType]]* @__sancov_lowest_stack +; CHECK: store [[$intType]] [[frameInt]], [[$intType]]* @__sancov_lowest_stack ; CHECK: %call = call i32 @foo() ; CHECK: ret i32 %call |
