summaryrefslogtreecommitdiffstats
path: root/llvm/lib/Transforms/Instrumentation/AddressSanitizer.cpp
Commit message (Collapse)AuthorAgeFilesLines
* [asan] fix a pair of silly typosKostya Serebryany2014-02-271-2/+2
| | | | llvm-svn: 202391
* [asan] disable asan-detect-invalid-pointer-pair (was enabled by mistake)Kostya Serebryany2014-02-271-1/+1
| | | | llvm-svn: 202390
* [asan] *experimental* implementation of invalid-pointer-pair detector (finds ↵Kostya Serebryany2014-02-271-0/+56
| | | | | | when two unrelated pointers are compared or subtracted). This implementation has both false positives and false negatives and is not tuned for performance. A bug report for a proper implementation will follow. llvm-svn: 202389
* Make DataLayout a plain object, not a pass.Rafael Espindola2014-02-251-5/+9
| | | | | | | Instead, have a DataLayoutPass that holds one. This will allow parts of LLVM don't don't handle passes to also use DataLayout. llvm-svn: 202168
* Make some DataLayout pointers const.Rafael Espindola2014-02-241-2/+2
| | | | | | No functionality change. Just reduces the noise of an upcoming patch. llvm-svn: 202087
* [asan] simplify the code that compute the shadow offset; get rid of two ↵Kostya Serebryany2014-02-241-46/+26
| | | | | | internal flags that allowed to override it. The tests pass, but still this change might break asan on some platform not covered by tests. If you see this, please submit a fix with a test. llvm-svn: 202033
* Rename many DataLayout variables from TD to DL.Rafael Espindola2014-02-211-12/+12
| | | | | | | | | I am really sorry for the noise, but the current state where some parts of the code use TD (from the old name: TargetData) and other parts use DL makes it hard to write a patch that changes where those variables come from and how they are passed along. llvm-svn: 201827
* Add back r201608, r201622, r201624 and r201625Rafael Espindola2014-02-191-11/+5
| | | | | | | | | | | | | | r201608 made llvm corretly handle private globals with MachO. r201622 fixed a bug in it and r201624 and r201625 were changes for using private linkage, assuming that llvm would do the right thing. They all got reverted because r201608 introduced a crash in LTO. This patch includes a fix for that. The issue was that TargetLoweringObjectFile now has to be initialized before we can mangle names of private globals. This is trivially true during the normal codegen pipeline (the asm printer does it), but LTO has to do it manually. llvm-svn: 201700
* This reverts commit r201625 and r201624.Rafael Espindola2014-02-191-5/+11
| | | | | | | Since r201608 got reverted, it is not safe to use private linkage in these cases until it is committed back. llvm-svn: 201688
* Now that llvm always does the right thing with private, use it.Rafael Espindola2014-02-191-11/+5
| | | | llvm-svn: 201625
* [asan] support for FreeBSD, LLVM part. patch by Viktor KutuzovKostya Serebryany2014-02-101-2/+7
| | | | llvm-svn: 201067
* Fix known typosAlp Toker2014-01-241-1/+1
| | | | | | | Sweep the codebase for common typos. Includes some changes to visible function names that were misspelt. llvm-svn: 200018
* [asan] extend asan-coverage (still experimental).Kostya Serebryany2014-01-171-31/+48
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | - add a mode for collecting per-block coverage (-asan-coverage=2). So far the implementation is naive (all blocks are instrumented), the performance overhead on top of asan could be as high as 30%. - Make sure the one-time calls to __sanitizer_cov are moved to function buttom, which in turn required to copy the original debug info into the call insn. Here is the performance data on SPEC 2006 (train data, comparing asan with asan-coverage={0,1,2}): asan+cov0 asan+cov1 diff 0-1 asan+cov2 diff 0-2 diff 1-2 400.perlbench, 65.60, 65.80, 1.00, 76.20, 1.16, 1.16 401.bzip2, 65.10, 65.50, 1.01, 75.90, 1.17, 1.16 403.gcc, 1.64, 1.69, 1.03, 2.04, 1.24, 1.21 429.mcf, 21.90, 22.60, 1.03, 23.20, 1.06, 1.03 445.gobmk, 166.00, 169.00, 1.02, 205.00, 1.23, 1.21 456.hmmer, 88.30, 87.90, 1.00, 91.00, 1.03, 1.04 458.sjeng, 210.00, 222.00, 1.06, 258.00, 1.23, 1.16 462.libquantum, 1.73, 1.75, 1.01, 2.11, 1.22, 1.21 464.h264ref, 147.00, 152.00, 1.03, 160.00, 1.09, 1.05 471.omnetpp, 115.00, 116.00, 1.01, 140.00, 1.22, 1.21 473.astar, 133.00, 131.00, 0.98, 142.00, 1.07, 1.08 483.xalancbmk, 118.00, 120.00, 1.02, 154.00, 1.31, 1.28 433.milc, 19.80, 20.00, 1.01, 20.10, 1.02, 1.01 444.namd, 16.20, 16.20, 1.00, 17.60, 1.09, 1.09 447.dealII, 41.80, 42.20, 1.01, 43.50, 1.04, 1.03 450.soplex, 7.51, 7.82, 1.04, 8.25, 1.10, 1.05 453.povray, 14.00, 14.40, 1.03, 15.80, 1.13, 1.10 470.lbm, 33.30, 34.10, 1.02, 34.10, 1.02, 1.00 482.sphinx3, 12.40, 12.30, 0.99, 13.00, 1.05, 1.06 llvm-svn: 199488
* [asan] Remove -fsanitize-address-zero-base-shadow command lineEvgeniy Stepanov2014-01-161-22/+14
| | | | | | | | | | | | | | | | flag from clang, and disable zero-base shadow support on all platforms where it is not the default behavior. - It is completely unused, as far as we know. - It is ABI-incompatible with non-zero-base shadow, which means all objects in a process must be built with the same setting. Failing to do so results in a segmentation fault at runtime. - It introduces a backward dependency of compiler-rt on user code, which is uncommon and complicates testing. This is the LLVM part of a larger change. llvm-svn: 199371
* [ASan] Fix the test for __asan_gen_ globals and actually fix ↵Alexander Potapenko2013-12-251-2/+2
| | | | | | | | http://llvm.org/bugs/show_bug.cgi?id=17976 by setting the correct linkage (as stated in the bug). llvm-svn: 198018
* [ASan] Make sure none of the __asan_gen_ global strings end up in the symbol ↵Alexander Potapenko2013-12-251-10/+21
| | | | | | | | | table, add a test. This should fix http://llvm.org/bugs/show_bug.cgi?id=17976 Another test checking for the global variables' locations and prefixes on Darwin will be committed separately. llvm-svn: 198017
* [asan] don't unpoison redzones on function exit in use-after-return mode.Kostya Serebryany2013-12-231-15/+24
| | | | | | | | | | | | | | | | | | | | | | | | Summary: Before this change the instrumented code before Ret instructions looked like: <Unpoison Frame Redzones> if (Frame != OriginalFrame) // I.e. Frame is fake <Poison Complete Frame> Now the instrumented code looks like: if (Frame != OriginalFrame) // I.e. Frame is fake <Poison Complete Frame> else <Unpoison Frame Redzones> Reviewers: eugenis Reviewed By: eugenis CC: llvm-commits Differential Revision: http://llvm-reviews.chandlerc.com/D2458 llvm-svn: 197907
* [asan] produce fewer stores when poisoning stack shadowKostya Serebryany2013-12-231-20/+19
| | | | llvm-svn: 197904
* Add an explicit insert point argument to SplitBlockAndInsertIfThen.Evgeniy Stepanov2013-12-191-8/+6
| | | | | | | | Currently SplitBlockAndInsertIfThen requires that branch condition is an Instruction itself, which is very inconvenient, because it is sometimes an Operator, or even a Constant. llvm-svn: 197677
* [asan] Fix the coverage.cc test broken by r196939Reid Kleckner2013-12-101-1/+13
| | | | | | | | | | | | | | | | It was failing because ASan was adding all of the following to one function: - dynamic alloca - stack realignment - inline asm This patch avoids making the static alloca dynamic when coverage is used. ASan should probably not be inserting empty inline asm blobs to inhibit duplicate tail elimination. llvm-svn: 196973
* [asan] rewrite asan's stack frame layoutKostya Serebryany2013-12-061-145/+68
| | | | | | | | | | | | | | | | | | | | | | | | | | | Summary: Rewrite asan's stack frame layout. First, most of the stack layout logic is moved into a separte file to make it more testable and (potentially) useful for other projects. Second, make the frames more compact by using adaptive redzones (smaller for small objects, larger for large objects). Third, try to minimized gaps due to large alignments (this is hypothetical since today we don't see many stack vars aligned by more than 32). The frames indeed become more compact, but I'll still need to run more benchmarks before committing, but I am sking for review now to get early feedback. This change will be accompanied by a trivial change in compiler-rt tests to match the new frame sizes. Reviewers: samsonov, dvyukov Reviewed By: samsonov CC: llvm-commits Differential Revision: http://llvm-reviews.chandlerc.com/D2324 llvm-svn: 196568
* [ASan] Fix PR17867 - make sure ASan doesn't crash if use-after-scope and ↵Alexey Samsonov2013-11-181-6/+6
| | | | | | use-after-return are combined. llvm-svn: 195014
* [asan] use GlobalValue::PrivateLinkage for coverage guard to save quite a ↵Kostya Serebryany2013-11-151-1/+1
| | | | | | bit of code size llvm-svn: 194800
* Reapply "[asan] Poor man's coverage that works with ASan"Bob Wilson2013-11-151-0/+52
| | | | | | | | I was able to successfully run a bootstrapped LTO build of clang with r194701, so this change does not seem to be the cause of our failing buildbots. llvm-svn: 194789
* Revert "[asan] Poor man's coverage that works with ASan"Bob Wilson2013-11-151-52/+0
| | | | | | | | | This reverts commit 194701. Apple's bootstrapped LTO builds have been failing, and this change (along with compiler-rt 194702-194704) is the only thing on the blamelist. I will either reappy these changes or help debug the problem, depending on whether this fixes the buildbots. llvm-svn: 194780
* [asan] Poor man's coverage that works with ASanKostya Serebryany2013-11-141-0/+52
| | | | llvm-svn: 194701
* [asan] Optimize accesses to global arrays with constant indexKostya Serebryany2013-10-161-6/+33
| | | | | | | | | | | | | | | | | | | | Summary: Given a global array G[N], which is declared in this CU and has static initializer avoid instrumenting accesses like G[i], where 'i' is a constant and 0<=i<N. Also add a bit of stats. This eliminates ~1% of instrumentations on SPEC2006 and also partially helps when asan is being run together with coverage. Reviewers: samsonov Reviewed By: samsonov CC: llvm-commits Differential Revision: http://llvm-reviews.chandlerc.com/D1947 llvm-svn: 192794
* Remove several unused variables.Rafael Espindola2013-10-011-2/+1
| | | | | | Patch by Alp Toker. llvm-svn: 191757
* [asan] call __asan_stack_malloc_N only if use-after-return detection is ↵Kostya Serebryany2013-09-181-1/+22
| | | | | | enabled with the run-time option llvm-svn: 190939
* ifndef NDEBUG-out an asserts-only constant committed in r190863David Blaikie2013-09-181-0/+2
| | | | llvm-svn: 190905
* [asan] inline the calls to __asan_stack_free_* with small sizes. Yet another ↵Kostya Serebryany2013-09-171-3/+48
| | | | | | 10%-20% speedup for use-after-return llvm-svn: 190863
* [asan] refactor the use-after-return API so that the size class is computed ↵Kostya Serebryany2013-09-101-10/+32
| | | | | | at compile time instead of at run-time. llvm part llvm-svn: 190407
* Add SpecialCaseList::createOrDie() factory and use it in sanitizer passesAlexey Samsonov2013-08-121-2/+2
| | | | llvm-svn: 188169
* Mark obviously const methods. Also use reference for parameters when possible.Jakub Staszak2013-08-091-8/+8
| | | | llvm-svn: 188103
* Change the linkage of these global values to 'internal'.Bill Wendling2013-08-061-4/+7
| | | | | | | | | | | | | | | | | | The globals being generated here were given the 'private' linkage type. However, this caused them to end up in different sections with the wrong prefix. E.g., they would be in the __TEXT,__const section with an 'L' prefix instead of an 'l' (lowercase ell) prefix. The problem is that the linker will eat a literal label with 'L'. If a weak symbol is then placed into the __TEXT,__const section near that literal, then it cannot distinguish between the literal and the weak symbol. Part of the problems here was introduced because the address sanitizer converted some C strings into constant initializers with trailing nuls. (Thus putting them in the __const section with the wrong prefix.) The others were variables that the address sanitizer created but simply had the wrong linkage type. llvm-svn: 187827
* 80-colsAlexey Samsonov2013-08-051-1/+2
| | | | llvm-svn: 187725
* [PowerPC] Support powerpc64le as a syntax-checking target.Bill Schmidt2013-07-261-1/+2
| | | | | | | | | | | | | | | | | | | | | | | This patch provides basic support for powerpc64le as an LLVM target. However, use of this target will not actually generate little-endian code. Instead, use of the target will cause the correct little-endian built-in defines to be generated, so that code that tests for __LITTLE_ENDIAN__, for example, will be correctly parsed for syntax-only testing. Code generation will otherwise be the same as powerpc64 (big-endian), for now. The patch leaves open the possibility of creating a little-endian PowerPC64 back end, but there is no immediate intent to create such a thing. The LLVM portions of this patch simply add ppc64le coverage everywhere that ppc64 coverage currently exists. There is nothing of any import worth testing until such time as little-endian code generation is implemented. In the corresponding Clang patch, there is a new test case variant to ensure that correct built-in defines for little-endian code are generated. llvm-svn: 187179
* Add 'const' qualifiers to static const char* variables.Craig Topper2013-07-161-19/+20
| | | | llvm-svn: 186371
* Implement categories for special case lists.Peter Collingbourne2013-07-091-1/+1
| | | | | | | | | | | | | | | | | | | | | | | | A special case list can now specify categories for specific globals, which can be used to instruct an instrumentation pass to treat certain functions or global variables in a specific way, such as by omitting certain aspects of instrumentation while keeping others, or informing the instrumentation pass that a specific uninstrumentable function has certain semantics, thus allowing the pass to instrument callers according to those semantics. For example, AddressSanitizer now uses the "init" category instead of global-init prefixes for globals whose initializers should not be instrumented, but which in all other respects should be instrumented. The motivating use case is DataFlowSanitizer, which will have a number of different categories for uninstrumentable functions, such as "functional" which specifies that a function has pure functional semantics, or "discard" which indicates that a function's return value should not be labelled. Differential Revision: http://llvm-reviews.chandlerc.com/D1092 llvm-svn: 185978
* Rename BlackList class to SpecialCaseList and move it to Transforms/Utils.Peter Collingbourne2013-07-091-5/+5
| | | | | | Differential Revision: http://llvm-reviews.chandlerc.com/D1089 llvm-svn: 185975
* [asan] workaround for PR16277: don't instrument AllocaInstr with alignment ↵Kostya Serebryany2013-06-261-1/+2
| | | | | | more than the redzone size llvm-svn: 184928
* [asan] add option -asan-keep-uninstrumented-functionsKostya Serebryany2013-06-261-4/+47
| | | | llvm-svn: 184927
* [asan] ASan Linux MIPS32 support (llvm part), patch by Jyun-Yan YKostya Serebryany2013-06-031-1/+10
| | | | llvm-svn: 183104
* Replace Count{Leading,Trailing}Zeros_{32,64} with count{Leading,Trailing}Zeros.Michael J. Spencer2013-05-241-1/+1
| | | | llvm-svn: 182680
* Remove unused #include.Bill Wendling2013-05-201-1/+0
| | | | llvm-svn: 182315
* [ASan] Change the ABI of __asan_before_dynamic_init function: now it takes ↵Alexey Samsonov2013-03-261-17/+13
| | | | | | pointer to private string with module name. This string serves as a unique module ID in ASan runtime. LLVM part llvm-svn: 178013
* [asan] Change the way we report the alloca frame on stack-buff-overflow.Kostya Serebryany2013-03-221-8/+15
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Before: the function name was stored by the compiler as a constant string and the run-time was printing it. Now: the PC is stored instead and the run-time prints the full symbolized frame. This adds a couple of instructions into every function with non-empty stack frame, but also reduces the binary size because we store less strings (I saw 2% size reduction). This change bumps the asan ABI version to v3. llvm part. Example of report (now): ==31711==ERROR: AddressSanitizer: stack-buffer-overflow on address 0x7fffa77cf1c5 at pc 0x41feb0 bp 0x7fffa77cefb0 sp 0x7fffa77cefa8 READ of size 1 at 0x7fffa77cf1c5 thread T0 #0 0x41feaf in Frame0(int, char*, char*, char*) stack-oob-frames.cc:20 #1 0x41f7ff in Frame1(int, char*, char*) stack-oob-frames.cc:24 #2 0x41f477 in Frame2(int, char*) stack-oob-frames.cc:28 #3 0x41f194 in Frame3(int) stack-oob-frames.cc:32 #4 0x41eee0 in main stack-oob-frames.cc:38 #5 0x7f0c5566f76c (/lib/x86_64-linux-gnu/libc.so.6+0x2176c) #6 0x41eb1c (/usr/local/google/kcc/llvm_cmake/a.out+0x41eb1c) Address 0x7fffa77cf1c5 is located in stack of thread T0 at offset 293 in frame #0 0x41f87f in Frame0(int, char*, char*, char*) stack-oob-frames.cc:12 <<<<<<<<<<<<<< this is new This frame has 6 object(s): [32, 36) 'frame.addr' [96, 104) 'a.addr' [160, 168) 'b.addr' [224, 232) 'c.addr' [288, 292) 's' [352, 360) 'd' llvm-svn: 177724
* [asan] when creating string constants, set unnamed_attr and align 1 so that ↵Kostya Serebryany2013-03-181-1/+4
| | | | | | equal strings are merged by the linker. Observed up to 1% binary size reduction. Thanks to Anton Korobeynikov for the suggestion llvm-svn: 177264
* [asan] while generating the description of a global variable, emit the ↵Kostya Serebryany2013-03-181-7/+8
| | | | | | module name in a separate field, thus not duplicating this information if every description. This decreases the binary size (observed up to 3%). https://code.google.com/p/address-sanitizer/issues/detail?id=168 . This changes the asan API version. llvm-part llvm-svn: 177254
* [asan] don't instrument functions with available_externally linkage. This ↵Kostya Serebryany2013-03-181-0/+1
| | | | | | saves a bit of compile time and reduces the number of redundant global strings generated by asan (https://code.google.com/p/address-sanitizer/issues/detail?id=167) llvm-svn: 177250
OpenPOWER on IntegriCloud