2014-03-14 08:58:04 +00:00
|
|
|
//===-- X86AsmInstrumentation.cpp - Instrument X86 inline assembly C++ -*-===//
|
|
|
|
//
|
|
|
|
// The LLVM Compiler Infrastructure
|
|
|
|
//
|
|
|
|
// This file is distributed under the University of Illinois Open Source
|
|
|
|
// License. See LICENSE.TXT for details.
|
|
|
|
//
|
|
|
|
//===----------------------------------------------------------------------===//
|
|
|
|
|
|
|
|
#include "MCTargetDesc/X86BaseInfo.h"
|
|
|
|
#include "X86AsmInstrumentation.h"
|
|
|
|
#include "X86Operand.h"
|
|
|
|
#include "llvm/ADT/StringExtras.h"
|
2014-04-30 14:04:31 +00:00
|
|
|
#include "llvm/ADT/Triple.h"
|
2014-04-23 11:16:03 +00:00
|
|
|
#include "llvm/IR/Function.h"
|
2014-03-14 08:58:04 +00:00
|
|
|
#include "llvm/MC/MCContext.h"
|
|
|
|
#include "llvm/MC/MCInst.h"
|
|
|
|
#include "llvm/MC/MCInstBuilder.h"
|
2014-04-24 13:29:34 +00:00
|
|
|
#include "llvm/MC/MCInstrInfo.h"
|
2014-04-23 11:16:03 +00:00
|
|
|
#include "llvm/MC/MCParser/MCParsedAsmOperand.h"
|
2014-03-14 08:58:04 +00:00
|
|
|
#include "llvm/MC/MCStreamer.h"
|
|
|
|
#include "llvm/MC/MCSubtargetInfo.h"
|
2014-04-23 11:16:03 +00:00
|
|
|
#include "llvm/MC/MCTargetOptions.h"
|
2014-05-07 07:54:11 +00:00
|
|
|
#include "llvm/Support/CommandLine.h"
|
2014-03-14 08:58:04 +00:00
|
|
|
|
|
|
|
namespace llvm {
|
|
|
|
namespace {
|
|
|
|
|
2014-05-07 07:54:11 +00:00
|
|
|
static cl::opt<bool> ClAsanInstrumentAssembly(
|
|
|
|
"asan-instrument-assembly",
|
|
|
|
cl::desc("instrument assembly with AddressSanitizer checks"), cl::Hidden,
|
|
|
|
cl::init(false));
|
|
|
|
|
2014-03-14 08:58:04 +00:00
|
|
|
bool IsStackReg(unsigned Reg) {
|
|
|
|
return Reg == X86::RSP || Reg == X86::ESP || Reg == X86::SP;
|
|
|
|
}
|
|
|
|
|
|
|
|
std::string FuncName(unsigned AccessSize, bool IsWrite) {
|
|
|
|
return std::string("__sanitizer_sanitize_") + (IsWrite ? "store" : "load") +
|
|
|
|
(utostr(AccessSize));
|
|
|
|
}
|
|
|
|
|
|
|
|
class X86AddressSanitizer : public X86AsmInstrumentation {
|
|
|
|
public:
|
2014-04-23 11:16:03 +00:00
|
|
|
X86AddressSanitizer(const MCSubtargetInfo &STI) : STI(STI) {}
|
2014-03-14 08:58:04 +00:00
|
|
|
virtual ~X86AddressSanitizer() {}
|
|
|
|
|
|
|
|
// X86AsmInstrumentation implementation:
|
|
|
|
virtual void InstrumentInstruction(
|
|
|
|
const MCInst &Inst, SmallVectorImpl<MCParsedAsmOperand *> &Operands,
|
2014-04-24 13:29:34 +00:00
|
|
|
MCContext &Ctx, const MCInstrInfo &MII, MCStreamer &Out) override {
|
|
|
|
InstrumentMOV(Inst, Operands, Ctx, MII, Out);
|
2014-03-14 08:58:04 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
// Should be implemented differently in x86_32 and x86_64 subclasses.
|
|
|
|
virtual void InstrumentMemOperandImpl(X86Operand *Op, unsigned AccessSize,
|
|
|
|
bool IsWrite, MCContext &Ctx,
|
|
|
|
MCStreamer &Out) = 0;
|
|
|
|
|
|
|
|
void InstrumentMemOperand(MCParsedAsmOperand *Op, unsigned AccessSize,
|
|
|
|
bool IsWrite, MCContext &Ctx, MCStreamer &Out);
|
|
|
|
void InstrumentMOV(const MCInst &Inst,
|
|
|
|
SmallVectorImpl<MCParsedAsmOperand *> &Operands,
|
2014-04-24 13:29:34 +00:00
|
|
|
MCContext &Ctx, const MCInstrInfo &MII, MCStreamer &Out);
|
2014-03-14 08:58:04 +00:00
|
|
|
void EmitInstruction(MCStreamer &Out, const MCInst &Inst) {
|
|
|
|
Out.EmitInstruction(Inst, STI);
|
|
|
|
}
|
|
|
|
|
|
|
|
protected:
|
2014-04-23 11:16:03 +00:00
|
|
|
const MCSubtargetInfo &STI;
|
2014-03-14 08:58:04 +00:00
|
|
|
};
|
|
|
|
|
|
|
|
void X86AddressSanitizer::InstrumentMemOperand(
|
|
|
|
MCParsedAsmOperand *Op, unsigned AccessSize, bool IsWrite, MCContext &Ctx,
|
|
|
|
MCStreamer &Out) {
|
|
|
|
assert(Op && Op->isMem() && "Op should be a memory operand.");
|
|
|
|
assert((AccessSize & (AccessSize - 1)) == 0 && AccessSize <= 16 &&
|
|
|
|
"AccessSize should be a power of two, less or equal than 16.");
|
|
|
|
|
|
|
|
X86Operand *MemOp = static_cast<X86Operand *>(Op);
|
|
|
|
// FIXME: get rid of this limitation.
|
|
|
|
if (IsStackReg(MemOp->getMemBaseReg()) || IsStackReg(MemOp->getMemIndexReg()))
|
|
|
|
return;
|
|
|
|
|
|
|
|
InstrumentMemOperandImpl(MemOp, AccessSize, IsWrite, Ctx, Out);
|
|
|
|
}
|
|
|
|
|
|
|
|
void X86AddressSanitizer::InstrumentMOV(
|
|
|
|
const MCInst &Inst, SmallVectorImpl<MCParsedAsmOperand *> &Operands,
|
2014-04-24 13:29:34 +00:00
|
|
|
MCContext &Ctx, const MCInstrInfo &MII, MCStreamer &Out) {
|
2014-03-14 08:58:04 +00:00
|
|
|
// Access size in bytes.
|
|
|
|
unsigned AccessSize = 0;
|
2014-04-24 09:56:15 +00:00
|
|
|
|
2014-03-14 08:58:04 +00:00
|
|
|
switch (Inst.getOpcode()) {
|
|
|
|
case X86::MOV8mi:
|
|
|
|
case X86::MOV8mr:
|
|
|
|
case X86::MOV8rm:
|
|
|
|
AccessSize = 1;
|
|
|
|
break;
|
|
|
|
case X86::MOV16mi:
|
|
|
|
case X86::MOV16mr:
|
|
|
|
case X86::MOV16rm:
|
|
|
|
AccessSize = 2;
|
|
|
|
break;
|
|
|
|
case X86::MOV32mi:
|
|
|
|
case X86::MOV32mr:
|
|
|
|
case X86::MOV32rm:
|
|
|
|
AccessSize = 4;
|
|
|
|
break;
|
|
|
|
case X86::MOV64mi32:
|
|
|
|
case X86::MOV64mr:
|
|
|
|
case X86::MOV64rm:
|
|
|
|
AccessSize = 8;
|
|
|
|
break;
|
|
|
|
case X86::MOVAPDmr:
|
|
|
|
case X86::MOVAPSmr:
|
|
|
|
case X86::MOVAPDrm:
|
|
|
|
case X86::MOVAPSrm:
|
|
|
|
AccessSize = 16;
|
|
|
|
break;
|
2014-04-24 09:56:15 +00:00
|
|
|
default:
|
2014-03-14 08:58:04 +00:00
|
|
|
return;
|
2014-04-24 09:56:15 +00:00
|
|
|
}
|
2014-03-14 08:58:04 +00:00
|
|
|
|
2014-04-24 13:29:34 +00:00
|
|
|
const bool IsWrite = MII.get(Inst.getOpcode()).mayStore();
|
2014-04-24 09:56:15 +00:00
|
|
|
for (unsigned Ix = 0; Ix < Operands.size(); ++Ix) {
|
|
|
|
MCParsedAsmOperand *Op = Operands[Ix];
|
|
|
|
if (Op && Op->isMem())
|
|
|
|
InstrumentMemOperand(Op, AccessSize, IsWrite, Ctx, Out);
|
|
|
|
}
|
2014-03-14 08:58:04 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
class X86AddressSanitizer32 : public X86AddressSanitizer {
|
|
|
|
public:
|
2014-04-23 11:16:03 +00:00
|
|
|
X86AddressSanitizer32(const MCSubtargetInfo &STI)
|
|
|
|
: X86AddressSanitizer(STI) {}
|
2014-03-14 08:58:04 +00:00
|
|
|
virtual ~X86AddressSanitizer32() {}
|
|
|
|
|
|
|
|
virtual void InstrumentMemOperandImpl(X86Operand *Op, unsigned AccessSize,
|
|
|
|
bool IsWrite, MCContext &Ctx,
|
|
|
|
MCStreamer &Out) override;
|
|
|
|
};
|
|
|
|
|
|
|
|
void X86AddressSanitizer32::InstrumentMemOperandImpl(
|
|
|
|
X86Operand *Op, unsigned AccessSize, bool IsWrite, MCContext &Ctx,
|
|
|
|
MCStreamer &Out) {
|
|
|
|
// FIXME: emit .cfi directives for correct stack unwinding.
|
|
|
|
EmitInstruction(Out, MCInstBuilder(X86::PUSH32r).addReg(X86::EAX));
|
|
|
|
{
|
|
|
|
MCInst Inst;
|
|
|
|
Inst.setOpcode(X86::LEA32r);
|
|
|
|
Inst.addOperand(MCOperand::CreateReg(X86::EAX));
|
|
|
|
Op->addMemOperands(Inst, 5);
|
|
|
|
EmitInstruction(Out, Inst);
|
|
|
|
}
|
|
|
|
EmitInstruction(Out, MCInstBuilder(X86::PUSH32r).addReg(X86::EAX));
|
|
|
|
{
|
|
|
|
const std::string Func = FuncName(AccessSize, IsWrite);
|
|
|
|
const MCSymbol *FuncSym = Ctx.GetOrCreateSymbol(StringRef(Func));
|
|
|
|
const MCSymbolRefExpr *FuncExpr =
|
|
|
|
MCSymbolRefExpr::Create(FuncSym, MCSymbolRefExpr::VK_PLT, Ctx);
|
|
|
|
EmitInstruction(Out, MCInstBuilder(X86::CALLpcrel32).addExpr(FuncExpr));
|
|
|
|
}
|
|
|
|
EmitInstruction(Out, MCInstBuilder(X86::ADD32ri).addReg(X86::ESP)
|
|
|
|
.addReg(X86::ESP).addImm(4));
|
|
|
|
EmitInstruction(Out, MCInstBuilder(X86::POP32r).addReg(X86::EAX));
|
|
|
|
}
|
|
|
|
|
|
|
|
class X86AddressSanitizer64 : public X86AddressSanitizer {
|
|
|
|
public:
|
2014-04-23 11:16:03 +00:00
|
|
|
X86AddressSanitizer64(const MCSubtargetInfo &STI)
|
|
|
|
: X86AddressSanitizer(STI) {}
|
2014-03-14 08:58:04 +00:00
|
|
|
virtual ~X86AddressSanitizer64() {}
|
|
|
|
|
|
|
|
virtual void InstrumentMemOperandImpl(X86Operand *Op, unsigned AccessSize,
|
|
|
|
bool IsWrite, MCContext &Ctx,
|
|
|
|
MCStreamer &Out) override;
|
|
|
|
};
|
|
|
|
|
2014-05-08 09:55:24 +00:00
|
|
|
void X86AddressSanitizer64::InstrumentMemOperandImpl(X86Operand *Op,
|
|
|
|
unsigned AccessSize,
|
|
|
|
bool IsWrite,
|
|
|
|
MCContext &Ctx,
|
|
|
|
MCStreamer &Out) {
|
2014-03-14 08:58:04 +00:00
|
|
|
// FIXME: emit .cfi directives for correct stack unwinding.
|
2014-05-08 09:55:24 +00:00
|
|
|
|
|
|
|
// Set %rsp below current red zone (128 bytes wide) using LEA instruction to
|
|
|
|
// preserve flags.
|
|
|
|
{
|
|
|
|
MCInst Inst;
|
|
|
|
Inst.setOpcode(X86::LEA64r);
|
|
|
|
Inst.addOperand(MCOperand::CreateReg(X86::RSP));
|
|
|
|
|
|
|
|
const MCExpr *Disp = MCConstantExpr::Create(-128, Ctx);
|
2014-05-09 09:48:03 +00:00
|
|
|
std::unique_ptr<X86Operand> Op(
|
|
|
|
X86Operand::CreateMem(0, Disp, X86::RSP, 0, 1, SMLoc(), SMLoc()));
|
2014-05-08 09:55:24 +00:00
|
|
|
Op->addMemOperands(Inst, 5);
|
|
|
|
EmitInstruction(Out, Inst);
|
|
|
|
}
|
2014-03-14 08:58:04 +00:00
|
|
|
EmitInstruction(Out, MCInstBuilder(X86::PUSH64r).addReg(X86::RDI));
|
|
|
|
{
|
|
|
|
MCInst Inst;
|
|
|
|
Inst.setOpcode(X86::LEA64r);
|
|
|
|
Inst.addOperand(MCOperand::CreateReg(X86::RDI));
|
|
|
|
Op->addMemOperands(Inst, 5);
|
|
|
|
EmitInstruction(Out, Inst);
|
|
|
|
}
|
|
|
|
{
|
|
|
|
const std::string Func = FuncName(AccessSize, IsWrite);
|
|
|
|
const MCSymbol *FuncSym = Ctx.GetOrCreateSymbol(StringRef(Func));
|
|
|
|
const MCSymbolRefExpr *FuncExpr =
|
|
|
|
MCSymbolRefExpr::Create(FuncSym, MCSymbolRefExpr::VK_PLT, Ctx);
|
|
|
|
EmitInstruction(Out, MCInstBuilder(X86::CALL64pcrel32).addExpr(FuncExpr));
|
|
|
|
}
|
|
|
|
EmitInstruction(Out, MCInstBuilder(X86::POP64r).addReg(X86::RDI));
|
2014-05-08 09:55:24 +00:00
|
|
|
|
|
|
|
// Restore old %rsp value.
|
|
|
|
{
|
|
|
|
MCInst Inst;
|
|
|
|
Inst.setOpcode(X86::LEA64r);
|
|
|
|
Inst.addOperand(MCOperand::CreateReg(X86::RSP));
|
|
|
|
|
|
|
|
const MCExpr *Disp = MCConstantExpr::Create(128, Ctx);
|
2014-05-09 09:48:03 +00:00
|
|
|
std::unique_ptr<X86Operand> Op(
|
|
|
|
X86Operand::CreateMem(0, Disp, X86::RSP, 0, 1, SMLoc(), SMLoc()));
|
2014-05-08 09:55:24 +00:00
|
|
|
Op->addMemOperands(Inst, 5);
|
|
|
|
EmitInstruction(Out, Inst);
|
|
|
|
}
|
2014-03-14 08:58:04 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
} // End anonymous namespace
|
|
|
|
|
|
|
|
X86AsmInstrumentation::X86AsmInstrumentation() {}
|
|
|
|
X86AsmInstrumentation::~X86AsmInstrumentation() {}
|
|
|
|
|
|
|
|
void X86AsmInstrumentation::InstrumentInstruction(
|
|
|
|
const MCInst &Inst, SmallVectorImpl<MCParsedAsmOperand *> &Operands,
|
2014-04-24 13:29:34 +00:00
|
|
|
MCContext &Ctx, const MCInstrInfo &MII, MCStreamer &Out) {}
|
2014-03-14 08:58:04 +00:00
|
|
|
|
2014-04-23 11:16:03 +00:00
|
|
|
X86AsmInstrumentation *
|
2014-04-30 14:04:31 +00:00
|
|
|
CreateX86AsmInstrumentation(const MCTargetOptions &MCOptions,
|
|
|
|
const MCContext &Ctx, const MCSubtargetInfo &STI) {
|
|
|
|
Triple T(STI.getTargetTriple());
|
|
|
|
const bool hasCompilerRTSupport = T.isOSLinux();
|
2014-05-07 07:54:11 +00:00
|
|
|
if (ClAsanInstrumentAssembly && hasCompilerRTSupport &&
|
|
|
|
MCOptions.SanitizeAddress) {
|
2014-03-14 08:58:04 +00:00
|
|
|
if ((STI.getFeatureBits() & X86::Mode32Bit) != 0)
|
|
|
|
return new X86AddressSanitizer32(STI);
|
|
|
|
if ((STI.getFeatureBits() & X86::Mode64Bit) != 0)
|
|
|
|
return new X86AddressSanitizer64(STI);
|
|
|
|
}
|
|
|
|
return new X86AsmInstrumentation();
|
|
|
|
}
|
|
|
|
|
|
|
|
} // End llvm namespace
|