src - FreeBSD source tree

diff options


context:
space:
mode:

author	Dimitry Andric <dim@FreeBSD.org>	2019-08-20 20:50:12 +0000
committer	Dimitry Andric <dim@FreeBSD.org>	2019-08-20 20:50:12 +0000
commit	e6d1592492a3a379186bfb02bd0f4eda0669c0d5 (patch)
tree	599ab169a01f1c86eda9adc774edaedde2f2db5b /lib/Transforms/Instrumentation/DataFlowSanitizer.cpp
parent	1a56a5ead7a2e84bee8240f5f6b033b5f1707154 (diff)

vendor/llvm/llvm-trunk-r366426

Diffstat (limited to 'lib/Transforms/Instrumentation/DataFlowSanitizer.cpp')

-rw-r--r--

lib/Transforms/Instrumentation/DataFlowSanitizer.cpp

171

1 files changed, 100 insertions, 71 deletions

diff --git a/lib/Transforms/Instrumentation/DataFlowSanitizer.cpp b/lib/Transforms/Instrumentation/DataFlowSanitizer.cpp
index 4c3c6c9added..2279c1bcb6a8 100644
--- a/lib/Transforms/Instrumentation/DataFlowSanitizer.cpp
+++ b/lib/Transforms/Instrumentation/DataFlowSanitizer.cpp

@@ -1,9 +1,8 @@

//===- DataFlowSanitizer.cpp - dynamic data flow analysis -----------------===//

-// The LLVM Compiler Infrastructure

-//

-// This file is distributed under the University of Illinois Open Source

-// License. See LICENSE.TXT for details.

+// Part of the LLVM Project, under the Apache License v2.0 with LLVM Exceptions.

+// See https://llvm.org/LICENSE.txt for license information.

+// SPDX-License-Identifier: Apache-2.0 WITH LLVM-exception

//===----------------------------------------------------------------------===//

@@ -333,6 +332,8 @@ class DataFlowSanitizer : public ModulePass {

Constant *RetvalTLS;

void *(*GetArgTLSPtr)();

void *(*GetRetvalTLSPtr)();

+ FunctionType *GetArgTLSTy;

+ FunctionType *GetRetvalTLSTy;

Constant *GetArgTLS;

Constant *GetRetvalTLS;

Constant *ExternalShadowMask;

@@ -342,13 +343,13 @@ class DataFlowSanitizer : public ModulePass {

FunctionType *DFSanSetLabelFnTy;

FunctionType *DFSanNonzeroLabelFnTy;

FunctionType *DFSanVarargWrapperFnTy;

- Constant *DFSanUnionFn;

- Constant *DFSanCheckedUnionFn;

- Constant *DFSanUnionLoadFn;

- Constant *DFSanUnimplementedFn;

- Constant *DFSanSetLabelFn;

- Constant *DFSanNonzeroLabelFn;

- Constant *DFSanVarargWrapperFn;

+ FunctionCallee DFSanUnionFn;

+ FunctionCallee DFSanCheckedUnionFn;

+ FunctionCallee DFSanUnionLoadFn;

+ FunctionCallee DFSanUnimplementedFn;

+ FunctionCallee DFSanSetLabelFn;

+ FunctionCallee DFSanNonzeroLabelFn;

+ FunctionCallee DFSanVarargWrapperFn;

MDNode *ColdCallWeights;

DFSanABIList ABIList;

DenseMap<Value *, Function *> UnwrappedFnMap;

@@ -436,6 +437,7 @@ public:

}

void visitOperandShadowInst(Instruction &I);

+ void visitUnaryOperator(UnaryOperator &UO);

void visitBinaryOperator(BinaryOperator &BO);

void visitCastInst(CastInst &CI);

void visitCmpInst(CmpInst &CI);

@@ -581,17 +583,17 @@ bool DataFlowSanitizer::doInitialization(Module &M) {

if (GetArgTLSPtr) {

Type *ArgTLSTy = ArrayType::get(ShadowTy, 64);

ArgTLS = nullptr;

+ GetArgTLSTy = FunctionType::get(PointerType::getUnqual(ArgTLSTy), false);

GetArgTLS = ConstantExpr::getIntToPtr(

ConstantInt::get(IntptrTy, uintptr_t(GetArgTLSPtr)),

- PointerType::getUnqual(

- FunctionType::get(PointerType::getUnqual(ArgTLSTy), false)));

+ PointerType::getUnqual(GetArgTLSTy));

}

if (GetRetvalTLSPtr) {

RetvalTLS = nullptr;

+ GetRetvalTLSTy = FunctionType::get(PointerType::getUnqual(ShadowTy), false);

GetRetvalTLS = ConstantExpr::getIntToPtr(

ConstantInt::get(IntptrTy, uintptr_t(GetRetvalTLSPtr)),

- PointerType::getUnqual(

- FunctionType::get(PointerType::getUnqual(ShadowTy), false)));

+ PointerType::getUnqual(GetRetvalTLSTy));

}

ColdCallWeights = MDBuilder(*Ctx).createBranchWeights(1, 1000);

@@ -678,8 +680,8 @@ DataFlowSanitizer::buildWrapperFunction(Function *F, StringRef NewFName,

Constant *DataFlowSanitizer::getOrBuildTrampolineFunction(FunctionType *FT,

StringRef FName) {

FunctionType *FTT = getTrampolineFunctionType(FT);

- Constant *C = Mod->getOrInsertFunction(FName, FTT);

- Function *F = dyn_cast<Function>(C);

+ FunctionCallee C = Mod->getOrInsertFunction(FName, FTT);

+ Function *F = dyn_cast<Function>(C.getCallee());

if (F && F->isDeclaration()) {

F->setLinkage(GlobalValue::LinkOnceODRLinkage);

BasicBlock *BB = BasicBlock::Create(*Ctx, "entry", F);

@@ -687,7 +689,7 @@ Constant *DataFlowSanitizer::getOrBuildTrampolineFunction(FunctionType *FT,

Function::arg_iterator AI = F->arg_begin(); ++AI;

for (unsigned N = FT->getNumParams(); N != 0; ++AI, --N)

Args.push_back(&*AI);

- CallInst *CI = CallInst::Create(&*F->arg_begin(), Args, "", BB);

+ CallInst *CI = CallInst::Create(FT, &*F->arg_begin(), Args, "", BB);

ReturnInst *RI;

if (FT->getReturnType()->isVoidTy())

RI = ReturnInst::Create(*Ctx, BB);

@@ -704,7 +706,7 @@ Constant *DataFlowSanitizer::getOrBuildTrampolineFunction(FunctionType *FT,

&*std::prev(F->arg_end()), RI);

}

- return C;

+ return cast<Constant>(C.getCallee());

}

bool DataFlowSanitizer::runOnModule(Module &M) {

@@ -726,35 +728,51 @@ bool DataFlowSanitizer::runOnModule(Module &M) {

ExternalShadowMask =

Mod->getOrInsertGlobal(kDFSanExternShadowPtrMask, IntptrTy);

- DFSanUnionFn = Mod->getOrInsertFunction("__dfsan_union", DFSanUnionFnTy);

- if (Function *F = dyn_cast<Function>(DFSanUnionFn)) {

- F->addAttribute(AttributeList::FunctionIndex, Attribute::NoUnwind);

- F->addAttribute(AttributeList::FunctionIndex, Attribute::ReadNone);

- F->addAttribute(AttributeList::ReturnIndex, Attribute::ZExt);

- F->addParamAttr(0, Attribute::ZExt);

- F->addParamAttr(1, Attribute::ZExt);

+ {

+ AttributeList AL;

+ AL = AL.addAttribute(M.getContext(), AttributeList::FunctionIndex,

+ Attribute::NoUnwind);

+ AL = AL.addAttribute(M.getContext(), AttributeList::FunctionIndex,

+ Attribute::ReadNone);

+ AL = AL.addAttribute(M.getContext(), AttributeList::ReturnIndex,

+ Attribute::ZExt);

+ AL = AL.addParamAttribute(M.getContext(), 0, Attribute::ZExt);

+ AL = AL.addParamAttribute(M.getContext(), 1, Attribute::ZExt);

+ DFSanUnionFn =

+ Mod->getOrInsertFunction("__dfsan_union", DFSanUnionFnTy, AL);

}

- DFSanCheckedUnionFn = Mod->getOrInsertFunction("dfsan_union", DFSanUnionFnTy);

- if (Function *F = dyn_cast<Function>(DFSanCheckedUnionFn)) {

- F->addAttribute(AttributeList::FunctionIndex, Attribute::NoUnwind);

- F->addAttribute(AttributeList::FunctionIndex, Attribute::ReadNone);

- F->addAttribute(AttributeList::ReturnIndex, Attribute::ZExt);

- F->addParamAttr(0, Attribute::ZExt);

- F->addParamAttr(1, Attribute::ZExt);

+ {

+ AttributeList AL;

+ AL = AL.addAttribute(M.getContext(), AttributeList::FunctionIndex,

+ Attribute::NoUnwind);

+ AL = AL.addAttribute(M.getContext(), AttributeList::FunctionIndex,

+ Attribute::ReadNone);

+ AL = AL.addAttribute(M.getContext(), AttributeList::ReturnIndex,

+ Attribute::ZExt);

+ AL = AL.addParamAttribute(M.getContext(), 0, Attribute::ZExt);

+ AL = AL.addParamAttribute(M.getContext(), 1, Attribute::ZExt);

+ DFSanCheckedUnionFn =

+ Mod->getOrInsertFunction("dfsan_union", DFSanUnionFnTy, AL);

}

- DFSanUnionLoadFn =

- Mod->getOrInsertFunction("__dfsan_union_load", DFSanUnionLoadFnTy);

- if (Function *F = dyn_cast<Function>(DFSanUnionLoadFn)) {

- F->addAttribute(AttributeList::FunctionIndex, Attribute::NoUnwind);

- F->addAttribute(AttributeList::FunctionIndex, Attribute::ReadOnly);

- F->addAttribute(AttributeList::ReturnIndex, Attribute::ZExt);

+ {

+ AttributeList AL;

+ AL = AL.addAttribute(M.getContext(), AttributeList::FunctionIndex,

+ Attribute::NoUnwind);

+ AL = AL.addAttribute(M.getContext(), AttributeList::FunctionIndex,

+ Attribute::ReadOnly);

+ AL = AL.addAttribute(M.getContext(), AttributeList::ReturnIndex,

+ Attribute::ZExt);

+ DFSanUnionLoadFn =

+ Mod->getOrInsertFunction("__dfsan_union_load", DFSanUnionLoadFnTy, AL);

}

DFSanUnimplementedFn =

Mod->getOrInsertFunction("__dfsan_unimplemented", DFSanUnimplementedFnTy);

- DFSanSetLabelFn =

- Mod->getOrInsertFunction("__dfsan_set_label", DFSanSetLabelFnTy);

- if (Function *F = dyn_cast<Function>(DFSanSetLabelFn)) {

- F->addParamAttr(0, Attribute::ZExt);

+ {

+ AttributeList AL;

+ AL = AL.addParamAttribute(M.getContext(), 0, Attribute::ZExt);

+ DFSanSetLabelFn =

+ Mod->getOrInsertFunction("__dfsan_set_label", DFSanSetLabelFnTy, AL);

}

DFSanNonzeroLabelFn =

Mod->getOrInsertFunction("__dfsan_nonzero_label", DFSanNonzeroLabelFnTy);

@@ -765,13 +783,13 @@ bool DataFlowSanitizer::runOnModule(Module &M) {

SmallPtrSet<Function *, 2> FnsWithNativeABI;

for (Function &i : M) {

if (!i.isIntrinsic() &&

- &i != DFSanUnionFn &&

- &i != DFSanCheckedUnionFn &&

- &i != DFSanUnionLoadFn &&

- &i != DFSanUnimplementedFn &&

- &i != DFSanSetLabelFn &&

- &i != DFSanNonzeroLabelFn &&

- &i != DFSanVarargWrapperFn)

+ &i != DFSanUnionFn.getCallee()->stripPointerCasts() &&

+ &i != DFSanCheckedUnionFn.getCallee()->stripPointerCasts() &&

+ &i != DFSanUnionLoadFn.getCallee()->stripPointerCasts() &&

+ &i != DFSanUnimplementedFn.getCallee()->stripPointerCasts() &&

+ &i != DFSanSetLabelFn.getCallee()->stripPointerCasts() &&

+ &i != DFSanNonzeroLabelFn.getCallee()->stripPointerCasts() &&

+ &i != DFSanVarargWrapperFn.getCallee()->stripPointerCasts())

FnsToInstrument.push_back(&i);

}

@@ -982,7 +1000,7 @@ Value *DFSanFunction::getArgTLSPtr() {

return ArgTLSPtr = DFS.ArgTLS;

IRBuilder<> IRB(&F->getEntryBlock().front());

- return ArgTLSPtr = IRB.CreateCall(DFS.GetArgTLS, {});

+ return ArgTLSPtr = IRB.CreateCall(DFS.GetArgTLSTy, DFS.GetArgTLS, {});

}

Value *DFSanFunction::getRetvalTLS() {

@@ -992,12 +1010,14 @@ Value *DFSanFunction::getRetvalTLS() {

return RetvalTLSPtr = DFS.RetvalTLS;

IRBuilder<> IRB(&F->getEntryBlock().front());

- return RetvalTLSPtr = IRB.CreateCall(DFS.GetRetvalTLS, {});

+ return RetvalTLSPtr =

+ IRB.CreateCall(DFS.GetRetvalTLSTy, DFS.GetRetvalTLS, {});

}

Value *DFSanFunction::getArgTLS(unsigned Idx, Instruction *Pos) {

IRBuilder<> IRB(Pos);

- return IRB.CreateConstGEP2_64(getArgTLSPtr(), 0, Idx);

+ return IRB.CreateConstGEP2_64(ArrayType::get(DFS.ShadowTy, 64),

+ getArgTLSPtr(), 0, Idx);

}

Value *DFSanFunction::getShadow(Value *V) {

@@ -1015,7 +1035,8 @@ Value *DFSanFunction::getShadow(Value *V) {

DFS.ArgTLS ? &*F->getEntryBlock().begin()

: cast<Instruction>(ArgTLSPtr)->getNextNode();

IRBuilder<> IRB(ArgTLSPos);

- Shadow = IRB.CreateLoad(getArgTLS(A->getArgNo(), ArgTLSPos));

+ Shadow =

+ IRB.CreateLoad(DFS.ShadowTy, getArgTLS(A->getArgNo(), ArgTLSPos));

break;

}

case DataFlowSanitizer::IA_Args: {

@@ -1165,15 +1186,15 @@ Value *DFSanFunction::loadShadow(Value *Addr, uint64_t Size, uint64_t Align,

const auto i = AllocaShadowMap.find(AI);

if (i != AllocaShadowMap.end()) {

IRBuilder<> IRB(Pos);

- return IRB.CreateLoad(i->second);

+ return IRB.CreateLoad(DFS.ShadowTy, i->second);

}

uint64_t ShadowAlign = Align * DFS.ShadowWidth / 8;

- SmallVector<Value *, 2> Objs;

+ SmallVector<const Value *, 2> Objs;

GetUnderlyingObjects(Addr, Objs, Pos->getModule()->getDataLayout());

bool AllConstants = true;

- for (Value *Obj : Objs) {

+ for (const Value *Obj : Objs) {

if (isa<Function>(Obj) || isa<BlockAddress>(Obj))

continue;

if (isa<GlobalVariable>(Obj) && cast<GlobalVariable>(Obj)->isConstant())

@@ -1190,7 +1211,7 @@ Value *DFSanFunction::loadShadow(Value *Addr, uint64_t Size, uint64_t Align,

case 0:

return DFS.ZeroShadow;

case 1: {

- LoadInst *LI = new LoadInst(ShadowAddr, "", Pos);

+ LoadInst *LI = new LoadInst(DFS.ShadowTy, ShadowAddr, "", Pos);

LI->setAlignment(ShadowAlign);

return LI;

}

@@ -1198,8 +1219,9 @@ Value *DFSanFunction::loadShadow(Value *Addr, uint64_t Size, uint64_t Align,

IRBuilder<> IRB(Pos);

Value *ShadowAddr1 = IRB.CreateGEP(DFS.ShadowTy, ShadowAddr,

ConstantInt::get(DFS.IntptrTy, 1));

- return combineShadows(IRB.CreateAlignedLoad(ShadowAddr, ShadowAlign),

- IRB.CreateAlignedLoad(ShadowAddr1, ShadowAlign), Pos);

+ return combineShadows(

+ IRB.CreateAlignedLoad(DFS.ShadowTy, ShadowAddr, ShadowAlign),

+ IRB.CreateAlignedLoad(DFS.ShadowTy, ShadowAddr1, ShadowAlign), Pos);

}

if (!AvoidNewBlocks && Size % (64 / DFS.ShadowWidth) == 0) {

@@ -1218,7 +1240,8 @@ Value *DFSanFunction::loadShadow(Value *Addr, uint64_t Size, uint64_t Align,

IRBuilder<> IRB(Pos);

Value *WideAddr =

IRB.CreateBitCast(ShadowAddr, Type::getInt64PtrTy(*DFS.Ctx));

- Value *WideShadow = IRB.CreateAlignedLoad(WideAddr, ShadowAlign);

+ Value *WideShadow =

+ IRB.CreateAlignedLoad(IRB.getInt64Ty(), WideAddr, ShadowAlign);

Value *TruncShadow = IRB.CreateTrunc(WideShadow, DFS.ShadowTy);

Value *ShlShadow = IRB.CreateShl(WideShadow, DFS.ShadowWidth);

Value *ShrShadow = IRB.CreateLShr(WideShadow, 64 - DFS.ShadowWidth);

@@ -1251,7 +1274,8 @@ Value *DFSanFunction::loadShadow(Value *Addr, uint64_t Size, uint64_t Align,

IRBuilder<> NextIRB(NextBB);

WideAddr = NextIRB.CreateGEP(Type::getInt64Ty(*DFS.Ctx), WideAddr,

ConstantInt::get(DFS.IntptrTy, 1));

- Value *NextWideShadow = NextIRB.CreateAlignedLoad(WideAddr, ShadowAlign);

+ Value *NextWideShadow = NextIRB.CreateAlignedLoad(NextIRB.getInt64Ty(),

+ WideAddr, ShadowAlign);

ShadowsEq = NextIRB.CreateICmpEQ(WideShadow, NextWideShadow);

LastBr->setSuccessor(0, NextBB);

LastBr = NextIRB.CreateCondBr(ShadowsEq, FallbackBB, FallbackBB);

@@ -1375,6 +1399,10 @@ void DFSanVisitor::visitStoreInst(StoreInst &SI) {

DFSF.storeShadow(SI.getPointerOperand(), Size, Align, Shadow, &SI);

}

+void DFSanVisitor::visitUnaryOperator(UnaryOperator &UO) {

+ visitOperandShadowInst(UO);

void DFSanVisitor::visitBinaryOperator(BinaryOperator &BO) {

visitOperandShadowInst(BO);

}

@@ -1470,7 +1498,7 @@ void DFSanVisitor::visitMemTransferInst(MemTransferInst &I) {

DestShadow = IRB.CreateBitCast(DestShadow, Int8Ptr);

SrcShadow = IRB.CreateBitCast(SrcShadow, Int8Ptr);

auto *MTI = cast<MemTransferInst>(

- IRB.CreateCall(I.getCalledValue(),

+ IRB.CreateCall(I.getFunctionType(), I.getCalledValue(),

{DestShadow, SrcShadow, LenShadow, I.getVolatileCst()}));

if (ClPreserveAlignment) {

MTI->setDestAlignment(I.getDestAlignment() * (DFSF.DFS.ShadowWidth / 8));

@@ -1513,7 +1541,7 @@ void DFSanVisitor::visitCallSite(CallSite CS) {

// Calls to this function are synthesized in wrappers, and we shouldn't

// instrument them.

- if (F == DFSF.DFS.DFSanVarargWrapperFn)

+ if (F == DFSF.DFS.DFSanVarargWrapperFn.getCallee()->stripPointerCasts())

return;

IRBuilder<> IRB(CS.getInstruction());

@@ -1546,9 +1574,9 @@ void DFSanVisitor::visitCallSite(CallSite CS) {

TransformedFunction CustomFn = DFSF.DFS.getCustomFunctionType(FT);

std::string CustomFName = "__dfsw_";

CustomFName += F->getName();

- Constant *CustomF = DFSF.DFS.Mod->getOrInsertFunction(

+ FunctionCallee CustomF = DFSF.DFS.Mod->getOrInsertFunction(

CustomFName, CustomFn.TransformedType);

- if (Function *CustomFn = dyn_cast<Function>(CustomF)) {

+ if (Function *CustomFn = dyn_cast<Function>(CustomF.getCallee())) {

CustomFn->copyAttributesFrom(F);

// Custom functions returning non-void will write to the return label.

@@ -1628,7 +1656,8 @@ void DFSanVisitor::visitCallSite(CallSite CS) {

}

if (!FT->getReturnType()->isVoidTy()) {

- LoadInst *LabelLoad = IRB.CreateLoad(DFSF.LabelReturnAlloca);

+ LoadInst *LabelLoad =

+ IRB.CreateLoad(DFSF.DFS.ShadowTy, DFSF.LabelReturnAlloca);

DFSF.setShadow(CustomCI, LabelLoad);

}

@@ -1666,7 +1695,7 @@ void DFSanVisitor::visitCallSite(CallSite CS) {

if (DFSF.DFS.getInstrumentedABI() == DataFlowSanitizer::IA_TLS) {

IRBuilder<> NextIRB(Next);

- LoadInst *LI = NextIRB.CreateLoad(DFSF.getRetvalTLS());

+ LoadInst *LI = NextIRB.CreateLoad(DFSF.DFS.ShadowTy, DFSF.getRetvalTLS());

DFSF.SkipInsts.insert(LI);

DFSF.setShadow(CS.getInstruction(), LI);

DFSF.NonZeroChecks.push_back(LI);

@@ -1706,10 +1735,10 @@ void DFSanVisitor::visitCallSite(CallSite CS) {

CallSite NewCS;

if (InvokeInst *II = dyn_cast<InvokeInst>(CS.getInstruction())) {

- NewCS = IRB.CreateInvoke(Func, II->getNormalDest(), II->getUnwindDest(),

- Args);

+ NewCS = IRB.CreateInvoke(NewFT, Func, II->getNormalDest(),

+ II->getUnwindDest(), Args);

} else {

- NewCS = IRB.CreateCall(Func, Args);

+ NewCS = IRB.CreateCall(NewFT, Func, Args);

}

NewCS.setCallingConv(CS.getCallingConv());

NewCS.setAttributes(CS.getAttributes().removeAttributes(