From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: (qmail 14117 invoked by alias); 17 Oct 2014 07:52:59 -0000 Mailing-List: contact gcc-patches-help@gcc.gnu.org; run by ezmlm Precedence: bulk List-Id: List-Archive: List-Post: List-Help: Sender: gcc-patches-owner@gcc.gnu.org Received: (qmail 14103 invoked by uid 89); 17 Oct 2014 07:52:58 -0000 Authentication-Results: sourceware.org; auth=none X-Virus-Found: No X-Spam-SWARE-Status: No, score=-1.9 required=5.0 tests=AWL,BAYES_00,RP_MATCHES_RCVD,SPF_HELO_PASS autolearn=ham version=3.3.2 X-HELO: mailout4.w1.samsung.com Received: from mailout4.w1.samsung.com (HELO mailout4.w1.samsung.com) (210.118.77.14) by sourceware.org (qpsmtpd/0.93/v0.84-503-g423c35a) with (DES-CBC3-SHA encrypted) ESMTPS; Fri, 17 Oct 2014 07:52:55 +0000 Received: from eucpsbgm2.samsung.com (unknown [203.254.199.245]) by mailout4.w1.samsung.com (Oracle Communications Messaging Server 7u4-24.01(7.0.4.24.0) 64bit (built Nov 17 2011)) with ESMTP id <0NDK00ADTWOPGM10@mailout4.w1.samsung.com> for gcc-patches@gcc.gnu.org; Fri, 17 Oct 2014 08:55:37 +0100 (BST) Received: from eusync1.samsung.com ( [203.254.199.211]) by eucpsbgm2.samsung.com (EUCPMTA) with SMTP id 38.7B.15956.2DAC0445; Fri, 17 Oct 2014 08:52:50 +0100 (BST) Received: from [106.109.9.145] by eusync1.samsung.com (Oracle Communications Messaging Server 7u4-23.01(7.0.4.23.0) 64bit (built Aug 10 2011)) with ESMTPA id <0NDK00M55WK1IZ40@eusync1.samsung.com>; Fri, 17 Oct 2014 08:52:50 +0100 (BST) Message-id: <5440CADD.6060100@samsung.com> Date: Fri, 17 Oct 2014 07:59:00 -0000 From: Yury Gribov User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:31.0) Gecko/20100101 Thunderbird/31.1.2 MIME-version: 1.0 To: GCC Patches Cc: Konstantin Serebryany , Dmitry Vyukov , Andrey Ryabinin Subject: [PATCHv4][Kasan] Allow to override Asan shadow offset from command line References: <540DBD37.9060702@samsung.com> <5416B566.2000601@samsung.com> <5429951B.90900@samsung.com> In-reply-to: <5429951B.90900@samsung.com> Content-type: multipart/mixed; boundary=------------000903070301090204000900 X-IsSubscribed: yes X-SW-Source: 2014-10/txt/msg01664.txt.bz2 This is a multi-part message in MIME format. --------------000903070301090204000900 Content-Type: text/plain; charset=utf-8; format=flowed Content-Transfer-Encoding: 7bit Content-length: 701 Hi all, On 09/29/2014 09:21 PM, Yury Gribov wrote: >>> Kasan developers has asked for an option to override offset of Asan >>> shadow memory region. This should simplify experimenting with memory >>> layouts on 64-bit architectures. > > New patch which checks that -fasan-shadow-offset is only enabled for > -fsanitize=kernel-address. I (unfortunately) can't make this --param > because this can be a 64-bit value. > > Bootstrapped and regtested on x64. New patchset that adds strtoull to libiberty (blind copy-paste of already existing strtoul.c) and uses it to parse -fasan-shadow-offset (to avoid problem with compiling for 64-bit target a 32-bit host). Bootstrapped and regtested on x64. -Y --------------000903070301090204000900 Content-Type: text/x-patch; name="0001-Add-strtoull-to-libiberty.patch" Content-Transfer-Encoding: 7bit Content-Disposition: inline; filename="0001-Add-strtoull-to-libiberty.patch" Content-length: 4175 >From 0225b7878bbb5b803814646d089824d016316fef Mon Sep 17 00:00:00 2001 From: Yury Gribov Date: Thu, 16 Oct 2014 18:31:10 +0400 Subject: [PATCH 1/2] Add strtoull to libiberty. 2014-10-17 Yury Gribov libiberty/ * strtoull.c: New file. --- libiberty/strtoull.c | 119 ++++++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 119 insertions(+) create mode 100644 libiberty/strtoull.c diff --git a/libiberty/strtoull.c b/libiberty/strtoull.c new file mode 100644 index 0000000..c92a4a3 --- /dev/null +++ b/libiberty/strtoull.c @@ -0,0 +1,119 @@ +/* + * Copyright (c) 2014 Regents of the University of California. + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. [rescinded 22 July 1999] + * 4. Neither the name of the University nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#ifdef HAVE_CONFIG_H +#include "config.h" +#endif +#ifdef HAVE_LIMITS_H +#include +#endif +#ifdef HAVE_SYS_PARAM_H +#include +#endif +#include +#ifdef NEED_DECLARATION_ERRNO +extern int errno; +#endif +#if 0 +#include +#endif +#include "ansidecl.h" +#include "safe-ctype.h" + +#ifdef HAVE_LONG_LONG + +#ifndef ULLONG_MAX +#define ULLONG_MAX ((unsigned long long)(~0L)) /* 0xFFFFFFFFFFFFFFFF */ +#endif + +/* + * Convert a string to an unsigned long long integer. + * + * Ignores `locale' stuff. Assumes that the upper and lower case + * alphabets and digits are each contiguous. + */ +unsigned long long +strtoull(const char *nptr, char **endptr, register int base) +{ + register const char *s = nptr; + register unsigned long long acc; + register int c; + register unsigned long long cutoff; + register int neg = 0, any, cutlim; + + /* + * See strtol for comments as to the logic used. + */ + do { + c = *s++; + } while (ISSPACE(c)); + if (c == '-') { + neg = 1; + c = *s++; + } else if (c == '+') + c = *s++; + if ((base == 0 || base == 16) && + c == '0' && (*s == 'x' || *s == 'X')) { + c = s[1]; + s += 2; + base = 16; + } + if (base == 0) + base = c == '0' ? 8 : 10; + cutoff = (unsigned long long)ULLONG_MAX / (unsigned long long)base; + cutlim = (unsigned long long)ULLONG_MAX % (unsigned long long)base; + for (acc = 0, any = 0;; c = *s++) { + if (ISDIGIT(c)) + c -= '0'; + else if (ISALPHA(c)) + c -= ISUPPER(c) ? 'A' - 10 : 'a' - 10; + else + break; + if (c >= base) + break; + if (any < 0 || acc > cutoff || (acc == cutoff && c > cutlim)) + any = -1; + else { + any = 1; + acc *= base; + acc += c; + } + } + if (any < 0) { + acc = ULLONG_MAX; + errno = ERANGE; + } else if (neg) + acc = -acc; + if (endptr != 0) + *endptr = (char *) (any ? s - 1 : nptr); + return (acc); +} + +#endif /* ifdef HAVE_LONG_LONG */ -- 1.7.9.5 --------------000903070301090204000900 Content-Type: text/x-patch; name="0002-Allow-to-override-Asan-shadow-offset.patch" Content-Transfer-Encoding: 7bit Content-Disposition: inline; filename="0002-Allow-to-override-Asan-shadow-offset.patch" Content-length: 7975 >From 6c9ad20bdcfc0fbf7ccb8e2700ef7dce52a34c64 Mon Sep 17 00:00:00 2001 From: Yury Gribov Date: Fri, 29 Aug 2014 11:58:03 +0400 Subject: [PATCH 2/2] Allow to override Asan shadow offset. 2014-10-17 Yury Gribov gcc/ * asan.c (set_asan_shadow_offset): New function. (asan_shadow_offset): Likewise. (asan_emit_stack_protection): Call asan_shadow_offset. (build_shadow_mem_access): Likewise. * asan.h (set_asan_shadow_offset): Declare. * common.opt (fasan-shadow-offset): New option. * doc/invoke.texi (fasan-shadow-offset): Describe new option. * opts-global.c (handle_common_deferred_options): Handle -fasan-shadow-offset. * opts.c (common_handle_option): Likewise. gcc/testsuite/ * c-c++-common/asan/shadow-offset-1.c: New test. --- gcc/asan.c | 43 +++++++++++++++++++-- gcc/asan.h | 4 +- gcc/common.opt | 4 ++ gcc/doc/invoke.texi | 8 +++- gcc/opts-global.c | 9 +++++ gcc/opts.c | 4 ++ gcc/testsuite/c-c++-common/asan/shadow-offset-1.c | 11 ++++++ 7 files changed, 78 insertions(+), 5 deletions(-) create mode 100644 gcc/testsuite/c-c++-common/asan/shadow-offset-1.c diff --git a/gcc/asan.c b/gcc/asan.c index 2a61a82..8bd4db9 100644 --- a/gcc/asan.c +++ b/gcc/asan.c @@ -238,6 +238,43 @@ along with GCC; see the file COPYING3. If not see A destructor function that calls the runtime asan library function _asan_unregister_globals is also installed. */ +static unsigned HOST_WIDE_INT asan_shadow_offset_value; +static bool asan_shadow_offset_computed; + +/* Sets shadow offset to value in string VAL. */ + +bool +set_asan_shadow_offset (const char *val) +{ + char *endp; + + errno = 0; +#ifdef HAVE_LONG_LONG + asan_shadow_offset_value = strtoull (val, &endp, 0); +#else + asan_shadow_offset_value = strtoul (val, &endp, 0); +#endif + if (!(*val != '\0' && *endp == '\0' && errno == 0)) + return false; + + asan_shadow_offset_computed = true; + + return true; +} + +/* Returns Asan shadow offset. */ + +static unsigned HOST_WIDE_INT +asan_shadow_offset () +{ + if (!asan_shadow_offset_computed) + { + asan_shadow_offset_computed = true; + asan_shadow_offset_value = targetm.asan_shadow_offset (); + } + return asan_shadow_offset_value; +} + alias_set_type asan_shadow_set = -1; /* Pointer types to 1 resp. 2 byte integers in shadow memory. A separate @@ -1124,7 +1161,7 @@ asan_emit_stack_protection (rtx base, rtx pbase, unsigned int alignb, NULL_RTX, 1, OPTAB_DIRECT); shadow_base = plus_constant (Pmode, shadow_base, - targetm.asan_shadow_offset () + asan_shadow_offset () + (base_align_bias >> ASAN_SHADOW_SHIFT)); gcc_assert (asan_shadow_set != -1 && (ASAN_RED_ZONE_SIZE >> ASAN_SHADOW_SHIFT) == 4); @@ -1503,7 +1540,7 @@ insert_if_then_before_iter (gimple cond, } /* Build - (base_addr >> ASAN_SHADOW_SHIFT) + targetm.asan_shadow_offset (). */ + (base_addr >> ASAN_SHADOW_SHIFT) + asan_shadow_offset (). */ static tree build_shadow_mem_access (gimple_stmt_iterator *gsi, location_t location, @@ -1520,7 +1557,7 @@ build_shadow_mem_access (gimple_stmt_iterator *gsi, location_t location, gimple_set_location (g, location); gsi_insert_after (gsi, g, GSI_NEW_STMT); - t = build_int_cst (uintptr_type, targetm.asan_shadow_offset ()); + t = build_int_cst (uintptr_type, asan_shadow_offset ()); g = gimple_build_assign_with_ops (PLUS_EXPR, make_ssa_name (uintptr_type, NULL), gimple_assign_lhs (g), t); diff --git a/gcc/asan.h b/gcc/asan.h index 198433f..eadf029 100644 --- a/gcc/asan.h +++ b/gcc/asan.h @@ -36,7 +36,7 @@ extern gimple_stmt_iterator create_cond_insert_point extern alias_set_type asan_shadow_set; /* Shadow memory is found at - (address >> ASAN_SHADOW_SHIFT) + targetm.asan_shadow_offset (). */ + (address >> ASAN_SHADOW_SHIFT) + asan_shadow_offset (). */ #define ASAN_SHADOW_SHIFT 3 /* Red zone size, stack and global variables are padded by ASAN_RED_ZONE_SIZE @@ -76,4 +76,6 @@ asan_red_zone_size (unsigned int size) return c ? 2 * ASAN_RED_ZONE_SIZE - c : ASAN_RED_ZONE_SIZE; } +extern bool set_asan_shadow_offset (const char *); + #endif /* TREE_ASAN */ diff --git a/gcc/common.opt b/gcc/common.opt index 5db5e1e..5492d0d 100644 --- a/gcc/common.opt +++ b/gcc/common.opt @@ -879,6 +879,10 @@ fsanitize= Common Driver Report Joined Select what to sanitize +fasan-shadow-offset= +Common Joined RejectNegative Var(common_deferred_options) Defer +-fasan-shadow-offset= Use custom shadow memory offset. + fsanitize-recover Common Report Var(flag_sanitize_recover) Init(1) After diagnosing undefined behavior attempt to continue execution diff --git a/gcc/doc/invoke.texi b/gcc/doc/invoke.texi index 6bc09d6..3b53dfa 100644 --- a/gcc/doc/invoke.texi +++ b/gcc/doc/invoke.texi @@ -297,7 +297,7 @@ Objective-C and Objective-C++ Dialects}. @xref{Debugging Options,,Options for Debugging Your Program or GCC}. @gccoptlist{-d@var{letters} -dumpspecs -dumpmachine -dumpversion @gol -fsanitize=@var{style} -fsanitize-recover @gol --fsanitize-undefined-trap-on-error @gol +-fasan-shadow-offset=@var{string} -fsanitize-undefined-trap-on-error @gol -fdbg-cnt-list -fdbg-cnt=@var{counter-value-list} @gol -fdisable-ipa-@var{pass_name} @gol -fdisable-rtl-@var{pass_name} @gol @@ -5629,6 +5629,12 @@ While @option{-ftrapv} causes traps for signed overflows to be emitted, @option{-fsanitize=undefined} gives a diagnostic message. This currently works only for the C family of languages. +@item -fasan-shadow-offset=@var{string} +@opindex fasan-shadow-offset +This option forces GCC to use custom shadow offset in AddressSanitizer checks. +It is useful for experimenting with different shadow memory layouts in +Kernel AddressSanitizer. + @item -fsanitize-recover @opindex fsanitize-recover By default @option{-fsanitize=undefined} sanitization (and its suboptions diff --git a/gcc/opts-global.c b/gcc/opts-global.c index 111884b..81c899c 100644 --- a/gcc/opts-global.c +++ b/gcc/opts-global.c @@ -42,6 +42,7 @@ along with GCC; see the file COPYING3. If not see #include "toplev.h" #include "tree-pass.h" #include "context.h" +#include "asan.h" typedef const char *const_char_p; /* For DEF_VEC_P. */ @@ -426,6 +427,14 @@ handle_common_deferred_options (void) stack_limit_rtx = gen_rtx_SYMBOL_REF (Pmode, ggc_strdup (opt->arg)); break; + case OPT_fasan_shadow_offset_: + if (!(flag_sanitize & SANITIZE_KERNEL_ADDRESS)) + error ("-fasan-shadow-offset should only be used " + "with -fsanitize=kernel-address"); + if (!set_asan_shadow_offset (opt->arg)) + error ("unrecognized shadow offset %qs", opt->arg); + break; + default: gcc_unreachable (); } diff --git a/gcc/opts.c b/gcc/opts.c index dc8ddf4..89d4f0e 100644 --- a/gcc/opts.c +++ b/gcc/opts.c @@ -1584,6 +1584,10 @@ common_handle_option (struct gcc_options *opts, break; } + case OPT_fasan_shadow_offset_: + /* Deferred. */ + break; + case OPT_O: case OPT_Os: case OPT_Ofast: diff --git a/gcc/testsuite/c-c++-common/asan/shadow-offset-1.c b/gcc/testsuite/c-c++-common/asan/shadow-offset-1.c new file mode 100644 index 0000000..2ca0fd6 --- /dev/null +++ b/gcc/testsuite/c-c++-common/asan/shadow-offset-1.c @@ -0,0 +1,11 @@ +/* { dg-do compile } */ +/* { dg-options "-fno-sanitize=address -fsanitize=kernel-address --param asan-instrumentation-with-call-threshold=100 -fasan-shadow-offset=12345 -fdump-tree-sanopt" } */ +/* { dg-skip-if "" { *-*-* } { "-flto" } { "" } } */ + +int f (int *p) +{ + return *p; +} + +/* { dg-final { scan-tree-dump "12345" "sanopt" } } */ +/* { dg-final { cleanup-tree-dump "sanopt" } } */ -- 1.7.9.5 --------------000903070301090204000900--