Commit Graph

158 Commits

Author SHA1 Message Date
Evgeniy Stepanov
b8837ab8fc [msan] Heuristically instrument unknown intrinsics.
This changes adds shadow and origin propagation for unknown intrinsics
by examining the arguments and ModRef behaviour. For now, only 3 classes
of intrinsics are handled:
- those that look like simple SIMD store
- those that look like simple SIMD load
- those that don't have memory effects and look like arithmetic/logic/whatever
  operation on simple types.


git-svn-id: https://llvm.org/svn/llvm-project/llvm/trunk@170530 91177308-0d34-0410-b5e6-96231b3b80d8
2012-12-19 11:22:04 +00:00
Evgeniy Stepanov
63cca4e2fd [msan] Origin stores and loads do not need explicit alignment.
Origin address is always 4 byte aligned, and the access type is always i32.


git-svn-id: https://llvm.org/svn/llvm-project/llvm/trunk@170199 91177308-0d34-0410-b5e6-96231b3b80d8
2012-12-14 13:43:11 +00:00
Alexey Samsonov
1afbb51796 Improve debug info generated with enabled AddressSanitizer.
When ASan replaces <alloca instruction> with
<offset into a common large alloca>, it should also patch
llvm.dbg.declare calls and replace debug info descriptors to mark
that we've replaced alloca with a value that stores an address
of the user variable, not the user variable itself.

See PR11818 for more context.


git-svn-id: https://llvm.org/svn/llvm-project/llvm/trunk@169984 91177308-0d34-0410-b5e6-96231b3b80d8
2012-12-12 14:31:53 +00:00
Evgeniy Stepanov
4031b194ac [msan] Do not store origin for clean values.
Instead of unconditionally storing origin with every application store,
only do this when the shadow of the stored value is != 0.

This change also delays instrumentation of stores until after the walk over
function's instructions, because adding new basic blocks confuses InstVisitor.

We only keep 1 origin value per 4 bytes of application memory. This change
fixes the bug when a store of a single clean byte wiped the origin for the
whole 4-byte area.

Since stores of uninitialized values are relatively uncommon, this change
improves performance of track-origins mode by 5% median and by up to 47% on
specs.


git-svn-id: https://llvm.org/svn/llvm-project/llvm/trunk@169490 91177308-0d34-0410-b5e6-96231b3b80d8
2012-12-06 11:41:03 +00:00
Evgeniy Stepanov
1e3b656be5 [msan] Instrument bswap intrinsic.
git-svn-id: https://llvm.org/svn/llvm-project/llvm/trunk@169383 91177308-0d34-0410-b5e6-96231b3b80d8
2012-12-05 14:39:55 +00:00
Evgeniy Stepanov
61cac0619a [msan] Change linkage type of __msan_track_origins.
LinkOnceODRLinkage globals may be removed in GlobalOpt if not used in the
current module.


git-svn-id: https://llvm.org/svn/llvm-project/llvm/trunk@169377 91177308-0d34-0410-b5e6-96231b3b80d8
2012-12-05 12:49:41 +00:00
Evgeniy Stepanov
f76bd101fe Improve MSan tests.
git-svn-id: https://llvm.org/svn/llvm-project/llvm/trunk@169256 91177308-0d34-0410-b5e6-96231b3b80d8
2012-12-04 11:42:05 +00:00
Alexey Samsonov
f985f44b13 ASan: add initial support for handling llvm.lifetime intrinsics in ASan - emit calls into runtime library that poison memory for local variables when their lifetime is over and unpoison memory when their lifetime begins.
git-svn-id: https://llvm.org/svn/llvm-project/llvm/trunk@169200 91177308-0d34-0410-b5e6-96231b3b80d8
2012-12-04 01:34:23 +00:00
Evgeniy Stepanov
98c63d0e1c [msan] Tests for vector manipulation instructions.
git-svn-id: https://llvm.org/svn/llvm-project/llvm/trunk@168997 91177308-0d34-0410-b5e6-96231b3b80d8
2012-11-30 12:12:20 +00:00
Evgeniy Stepanov
84af05e1ba [msan] Propagate shadow through (x<0) and (x>=0) comparisons.
This is a special case of signed relational comparison where result
only depends on the sign of x.


git-svn-id: https://llvm.org/svn/llvm-project/llvm/trunk@168881 91177308-0d34-0410-b5e6-96231b3b80d8
2012-11-29 14:25:47 +00:00
Evgeniy Stepanov
3a10b49781 [msan] Fix shadow & origin store & load alignment.
This change ensures that shadow memory accesses have the same alignment
as corresponding app memory accesses.


git-svn-id: https://llvm.org/svn/llvm-project/llvm/trunk@168880 91177308-0d34-0410-b5e6-96231b3b80d8
2012-11-29 14:05:53 +00:00
Evgeniy Stepanov
323c3acf51 [msan] Add a test for r168873.
git-svn-id: https://llvm.org/svn/llvm-project/llvm/trunk@168877 91177308-0d34-0410-b5e6-96231b3b80d8
2012-11-29 13:11:09 +00:00
Evgeniy Stepanov
f29865d9bb [msan] Update tests (broken in r168873).
git-svn-id: https://llvm.org/svn/llvm-project/llvm/trunk@168874 91177308-0d34-0410-b5e6-96231b3b80d8
2012-11-29 12:43:56 +00:00
Evgeniy Stepanov
aa4f97d6ed Initial commit of MemorySanitizer.
Compiler pass only.


git-svn-id: https://llvm.org/svn/llvm-project/llvm/trunk@168866 91177308-0d34-0410-b5e6-96231b3b80d8
2012-11-29 09:57:20 +00:00
Kostya Serebryany
5085eb80ab [asan] when checking the noreturn attribute on the call, also check it on the callee
git-svn-id: https://llvm.org/svn/llvm-project/llvm/trunk@168861 91177308-0d34-0410-b5e6-96231b3b80d8
2012-11-29 08:57:20 +00:00
Kostya Serebryany
1416edc30a [asan] Split AddressSanitizer into two passes (FunctionPass, ModulePass), LLVM part. This requires a clang part which will follow.
git-svn-id: https://llvm.org/svn/llvm-project/llvm/trunk@168781 91177308-0d34-0410-b5e6-96231b3b80d8
2012-11-28 10:31:36 +00:00
Dmitry Vyukov
b10675ef14 tsan: instrument atomic nand operation
git-svn-id: https://llvm.org/svn/llvm-project/llvm/trunk@168684 91177308-0d34-0410-b5e6-96231b3b80d8
2012-11-27 08:09:25 +00:00
Dmitry Vyukov
6702e53926 [tsan] add fail order to compare_exchange
git-svn-id: https://llvm.org/svn/llvm-project/llvm/trunk@168586 91177308-0d34-0410-b5e6-96231b3b80d8
2012-11-26 11:36:19 +00:00
Kostya Serebryany
407790604b [asan] don't instrument linker-initialized globals even with external linkage in -asan-initialization-order mode
git-svn-id: https://llvm.org/svn/llvm-project/llvm/trunk@168367 91177308-0d34-0410-b5e6-96231b3b80d8
2012-11-20 13:11:32 +00:00
Kostya Serebryany
ca23d43084 [asan] make sure that linker-initialized globals (non-extern) are not instrumented even in -asan-initialization-order mode. This time with a test
git-svn-id: https://llvm.org/svn/llvm-project/llvm/trunk@168366 91177308-0d34-0410-b5e6-96231b3b80d8
2012-11-20 13:00:01 +00:00
Dmitry Vyukov
c2e9ca15fb tsan: switch to new memory_order constants (ABI compatible)
git-svn-id: https://llvm.org/svn/llvm-project/llvm/trunk@167615 91177308-0d34-0410-b5e6-96231b3b80d8
2012-11-09 14:12:16 +00:00
Dmitry Vyukov
9f8a90b3ce tsan: instrument all atomics (including fetch_add, exchange, cas, etc)
git-svn-id: https://llvm.org/svn/llvm-project/llvm/trunk@167612 91177308-0d34-0410-b5e6-96231b3b80d8
2012-11-09 12:55:36 +00:00
Kostya Serebryany
a5f54f1443 [asan] don't instrument globals that we've created ourselves (reduces the binary size a bit)
git-svn-id: https://llvm.org/svn/llvm-project/llvm/trunk@167230 91177308-0d34-0410-b5e6-96231b3b80d8
2012-11-01 13:42:40 +00:00
Kostya Serebryany
bd0052a0f2 [asan] make sure asan erases old unused allocas after it created a new one. This became important after the recent move from ModulePass to FunctionPass because no cleanup is happening after asan pass any more.
git-svn-id: https://llvm.org/svn/llvm-project/llvm/trunk@166267 91177308-0d34-0410-b5e6-96231b3b80d8
2012-10-19 06:20:53 +00:00
Kostya Serebryany
2611eeda98 [asan] fix a test
git-svn-id: https://llvm.org/svn/llvm-project/llvm/trunk@165938 91177308-0d34-0410-b5e6-96231b3b80d8
2012-10-15 14:30:30 +00:00
Dmitry Vyukov
6afc7cbdfe tsan: update the test for new atomic enums
git-svn-id: https://llvm.org/svn/llvm-project/llvm/trunk@165109 91177308-0d34-0410-b5e6-96231b3b80d8
2012-10-03 13:19:20 +00:00
Dmitry Vyukov
03fe214515 tsan: update the test for new atomic enums
git-svn-id: https://llvm.org/svn/llvm-project/llvm/trunk@165108 91177308-0d34-0410-b5e6-96231b3b80d8
2012-10-03 13:13:54 +00:00
Sylvestre Ledru
94c22716d6 Revert 'Fix a typo 'iff' => 'if''. iff is an abreviation of if and only if. See: http://en.wikipedia.org/wiki/If_and_only_if Commit 164767
git-svn-id: https://llvm.org/svn/llvm-project/llvm/trunk@164768 91177308-0d34-0410-b5e6-96231b3b80d8
2012-09-27 10:14:43 +00:00
Sylvestre Ledru
7e2c793a2b Fix a typo 'iff' => 'if'
git-svn-id: https://llvm.org/svn/llvm-project/llvm/trunk@164767 91177308-0d34-0410-b5e6-96231b3b80d8
2012-09-27 09:59:43 +00:00
Kostya Serebryany
9b9f87a87a [asan] add code to detect global initialization fiasco in C/C++. The sub-pass is off by default for now. Patch by Reid Watson. Note: this patch changes the interface between LLVM and compiler-rt parts of asan. The corresponding patch to compiler-rt will follow.
git-svn-id: https://llvm.org/svn/llvm-project/llvm/trunk@162268 91177308-0d34-0410-b5e6-96231b3b80d8
2012-08-21 08:24:25 +00:00
Kostya Serebryany
e60da02281 [asan] insert crash basic blocks inline as opposed to inserting them at the end of the function. This doesn't seem to fix or break anything, but is considered to be more friendly to downstream passes (test change)
git-svn-id: https://llvm.org/svn/llvm-project/llvm/trunk@161871 91177308-0d34-0410-b5e6-96231b3b80d8
2012-08-14 14:05:50 +00:00
Nuno Lopes
6e699bf38d revert r160742: it's breaking CMake build
original commit msg:
MemoryBuiltins: add support to determine the size of strdup'ed non-constant strings

git-svn-id: https://llvm.org/svn/llvm-project/llvm/trunk@160751 91177308-0d34-0410-b5e6-96231b3b80d8
2012-07-25 18:49:28 +00:00
Nuno Lopes
e3094283e3 MemoryBuiltins: add support to determine the size of strdup'ed non-constant strings
git-svn-id: https://llvm.org/svn/llvm-project/llvm/trunk@160742 91177308-0d34-0410-b5e6-96231b3b80d8
2012-07-25 17:29:22 +00:00
Nuno Lopes
c606c3ff91 baby steps toward fixing some problems with inbound GEPs that overflow, as discussed 2 months ago or so.
Make sure we do not emit index computations with NSW flags so that we dont get an undef value if the GEP overflows

git-svn-id: https://llvm.org/svn/llvm-project/llvm/trunk@160589 91177308-0d34-0410-b5e6-96231b3b80d8
2012-07-20 23:07:40 +00:00
Nuno Lopes
78435f6bb7 move the bounds checking pass to the instrumentation folder, where it belongs. I dunno why in the world I dropped it in the Scalar folder in the first place.
No functionality change.

git-svn-id: https://llvm.org/svn/llvm-project/llvm/trunk@160587 91177308-0d34-0410-b5e6-96231b3b80d8
2012-07-20 22:39:33 +00:00
Kostya Serebryany
f7b08226eb [asan] make sure that the crash callbacks do not get merged (Chandler's idea: insert an empty InlineAsm). Change the order in which the new BBs are inserted: the slow path BB is insert between old BBs, the crash BB is inserted at the end. Don't create an empty BB (introduced by recent commits). Update the test. The experimental code that does manual crash callback merge will most likely be deleted later.
git-svn-id: https://llvm.org/svn/llvm-project/llvm/trunk@160544 91177308-0d34-0410-b5e6-96231b3b80d8
2012-07-20 09:54:50 +00:00
Kostya Serebryany
c0ed3e548c [asan] refactor instrumentation to allow merging the crash callbacks (not fully implemented yet, no functionality change except the BB order)
git-svn-id: https://llvm.org/svn/llvm-project/llvm/trunk@160284 91177308-0d34-0410-b5e6-96231b3b80d8
2012-07-16 16:15:40 +00:00
Chandler Carruth
349f14c72c Revert r160254 temporarily.
It turns out that ASan relied on the at-the-end block insertion order to
(purely by happenstance) disable some LLVM optimizations, which in turn
start firing when the ordering is made more "normal". These
optimizations in turn merge many of the instrumentation reporting calls
which breaks the return address based error reporting in ASan.

We're looking at several different options for fixing this.

git-svn-id: https://llvm.org/svn/llvm-project/llvm/trunk@160256 91177308-0d34-0410-b5e6-96231b3b80d8
2012-07-16 10:01:02 +00:00
Chandler Carruth
c3c8db9d25 Teach AddressSanitizer to create basic blocks in a more natural order.
This is particularly useful to the backend code generators which try to
process things in the incoming function order.

Also, cleanup some uses of IRBuilder to be a bit simpler and more clear.

git-svn-id: https://llvm.org/svn/llvm-project/llvm/trunk@160254 91177308-0d34-0410-b5e6-96231b3b80d8
2012-07-16 08:58:53 +00:00
Chandler Carruth
2f58533d1e Add a basic test for AddressSanitizer. This is just a bare-bones
functionality test.

In general, unless the functionality is substantially separated, we
should lump more basic testing into this file. The test running
infrastructure likes having a few test files with more comprehensive
testing within them.

git-svn-id: https://llvm.org/svn/llvm-project/llvm/trunk@160253 91177308-0d34-0410-b5e6-96231b3b80d8
2012-07-16 08:56:46 +00:00
Kostya Serebryany
e6cf2e0bd0 [asan] instrument cmpxchg and atomicrmw
git-svn-id: https://llvm.org/svn/llvm-project/llvm/trunk@157683 91177308-0d34-0410-b5e6-96231b3b80d8
2012-05-30 09:04:06 +00:00
Kostya Serebryany
e507922779 [tsan] Atomic support for ThreadSanitizer, patch by Dmitry Vyukov
git-svn-id: https://llvm.org/svn/llvm-project/llvm/trunk@155698 91177308-0d34-0410-b5e6-96231b3b80d8
2012-04-27 07:31:53 +00:00
Kostya Serebryany
cff60c1409 [tsan] two more compile-time optimizations:
- don't isntrument reads from constant globals.
Saves ~1.5% of instrumented instructions on CPU2006
(counting static instructions, not their execution).
- don't insrument reads from vtable (which is a global constant too).
Saves ~5%.

I did not measure the run-time impact of this,
but it is certainly non-negative.




git-svn-id: https://llvm.org/svn/llvm-project/llvm/trunk@154444 91177308-0d34-0410-b5e6-96231b3b80d8
2012-04-10 22:29:17 +00:00
Kostya Serebryany
2076af0184 [tsan] compile-time instrumentation: do not instrument a read if
a write to the same temp follows in the same BB.
Also add stats printing.

On Spec CPU2006 this optimization saves roughly 4% of instrumented reads
(which is 3% of all instrumented accesses):
Writes            : 161216
Reads             : 446458
Reads-before-write: 18295



git-svn-id: https://llvm.org/svn/llvm-project/llvm/trunk@154418 91177308-0d34-0410-b5e6-96231b3b80d8
2012-04-10 18:18:56 +00:00
Kostya Serebryany
52eb699220 [tsan] treat vtable pointer updates in a special way (requires tbaa); fix a bug (forgot to return true after instrumenting); make sure the tsan tests are run
git-svn-id: https://llvm.org/svn/llvm-project/llvm/trunk@153448 91177308-0d34-0410-b5e6-96231b3b80d8
2012-03-26 17:35:03 +00:00
Kostya Serebryany
1778513fa5 [asan] move x86-specific test to a separate X86 directory with a custom lit.local.cfg file
git-svn-id: https://llvm.org/svn/llvm-project/llvm/trunk@152567 91177308-0d34-0410-b5e6-96231b3b80d8
2012-03-12 18:49:11 +00:00
Eli Bendersky
0f0c411079 Replace all instances of dg.exp file with lit.local.cfg, since all tests are run with LIT now and now Dejagnu. dg.exp is no longer needed.
Patch reviewed by Daniel Dunbar. It will be followed by additional cleanup patches.




git-svn-id: https://llvm.org/svn/llvm-project/llvm/trunk@150664 91177308-0d34-0410-b5e6-96231b3b80d8
2012-02-16 06:28:33 +00:00
Kostya Serebryany
747c02c768 [asan] fix asan-vs-gvn.ll test (it did not actually check much before this change)
git-svn-id: https://llvm.org/svn/llvm-project/llvm/trunk@150441 91177308-0d34-0410-b5e6-96231b3b80d8
2012-02-14 00:02:35 +00:00
Kostya Serebryany
60ebb1947f ThreadSanitizer, a race detector. First LLVM commit.
Clang patch (flags) will follow shortly.
The run-time library will also follow, but not immediately.


git-svn-id: https://llvm.org/svn/llvm-project/llvm/trunk@150423 91177308-0d34-0410-b5e6-96231b3b80d8
2012-02-13 22:50:51 +00:00
Kostya Serebryany
95e3cf44a9 [asan] unpoison the stack before every noreturn call. Fixes asan issue 37. llvm part
git-svn-id: https://llvm.org/svn/llvm-project/llvm/trunk@150102 91177308-0d34-0410-b5e6-96231b3b80d8
2012-02-08 21:36:17 +00:00
Kostya Serebryany
0ca032b03d The patch resolves the conflict between AddressSanitizer and load widening (GVN).
The problem initially reported by Mozilla folks (http://code.google.com/p/address-sanitizer/issues/detail?id=20),
but it also prevents us from enabling LLVM bootstrap with AddressSanitizer.


git-svn-id: https://llvm.org/svn/llvm-project/llvm/trunk@149925 91177308-0d34-0410-b5e6-96231b3b80d8
2012-02-06 22:48:56 +00:00
Kostya Serebryany
0307b9a885 [asan] enable asan only for the functions that have Attribute::AddressSafety
git-svn-id: https://llvm.org/svn/llvm-project/llvm/trunk@148846 91177308-0d34-0410-b5e6-96231b3b80d8
2012-01-24 19:34:43 +00:00
Kostya Serebryany
091523c648 [asan] one more test for asan instrumentation: (*a)++ should be instrumented only once.
git-svn-id: https://llvm.org/svn/llvm-project/llvm/trunk@147509 91177308-0d34-0410-b5e6-96231b3b80d8
2012-01-04 01:02:14 +00:00
Kostya Serebryany
478a4d997a [asan] add a test for instrumenting globals
git-svn-id: https://llvm.org/svn/llvm-project/llvm/trunk@146718 91177308-0d34-0410-b5e6-96231b3b80d8
2011-12-16 01:28:19 +00:00
Kostya Serebryany
d2703dec27 [asan] do not instrument threadlocal globals, this is buggy
git-svn-id: https://llvm.org/svn/llvm-project/llvm/trunk@145092 91177308-0d34-0410-b5e6-96231b3b80d8
2011-11-23 02:10:54 +00:00
Kostya Serebryany
5a3a9c9371 [asan] workaround for reg alloc bug 11395: don't instrument functions with large chunks of inline assembler
git-svn-id: https://llvm.org/svn/llvm-project/llvm/trunk@144962 91177308-0d34-0410-b5e6-96231b3b80d8
2011-11-18 01:41:06 +00:00
Kostya Serebryany
7cf2a04361 fall back to explicit list of allowed linkages when instrumenting globals in asan; add a test check that asan does not touch linkonce_odr
git-svn-id: https://llvm.org/svn/llvm-project/llvm/trunk@144933 91177308-0d34-0410-b5e6-96231b3b80d8
2011-11-17 23:14:59 +00:00
Kostya Serebryany
800e03f598 AddressSanitizer, first commit (compiler module only)
git-svn-id: https://llvm.org/svn/llvm-project/llvm/trunk@144758 91177308-0d34-0410-b5e6-96231b3b80d8
2011-11-16 01:35:23 +00:00