-
Kito Cheng authored
AddressSanitizer has supported dynamic shadow offsets since 2016[1], but GCC hasn't implemented this yet because targets using dynamic shadow offsets, such as Fuchsia and iOS, are mostly unsupported in GCC. However, RISC-V 64 switched to dynamic shadow offsets this year[2] because virtual memory space support varies across different RISC-V cores, such as Sv39, Sv48, and Sv57. We realized that the best way to handle this situation is by using a dynamic shadow offset to obtain the offset at runtime. We introduce a new target hook, TARGET_ASAN_DYNAMIC_SHADOW_OFFSET_P, to determine if the target is using a dynamic shadow offset, so this change won't affect the static offset path. Additionally, TARGET_ASAN_SHADOW_OFFSET continues to work even if TARGET_ASAN_DYNAMIC_SHADOW_OFFSET_P is non-zero, ensuring that KASAN functions as expected. This patch set has been verified on the Banana Pi F3, currently one of the most popular RISC-V development boards. All AddressSanitizer-related tests passed without introducing new regressions. It was also verified on AArch64 and x86_64 with no regressions in AddressSanitizer. [1] https://github.com/llvm/llvm-project/commit/130a190bf08a3d955d9db24dac936159dc049e12 [2] https://github.com/llvm/llvm-project/commit/da0c8b275564f814a53a5c19497669ae2d99538d gcc/ChangeLog: * asan.cc (asan_dynamic_shadow_offset_p): New. (asan_shadow_memory_dynamic_address): New. (asan_local_shadow_memory_dynamic_address): New. (get_asan_shadow_memory_dynamic_address_decl): New. (asan_maybe_insert_dynamic_shadow_at_function_entry): New. (asan_emit_stack_protection): Support dynamic shadow offset. (build_shadow_mem_access): Ditto. * asan.h (asan_maybe_insert_dynamic_shadow_at_function_entry): New. * doc/tm.texi (TARGET_ASAN_DYNAMIC_SHADOW_OFFSET_P): New. * doc/tm.texi.in (TARGET_ASAN_DYNAMIC_SHADOW_OFFSET_P): Ditto. * sanopt.cc (pass_sanopt::execute): Handle dynamic shadow offset. * target.def (asan_dynamic_shadow_offset_p): New. * toplev.cc (process_options): Handle dynamic shadow offset.
Kito Cheng authoredAddressSanitizer has supported dynamic shadow offsets since 2016[1], but GCC hasn't implemented this yet because targets using dynamic shadow offsets, such as Fuchsia and iOS, are mostly unsupported in GCC. However, RISC-V 64 switched to dynamic shadow offsets this year[2] because virtual memory space support varies across different RISC-V cores, such as Sv39, Sv48, and Sv57. We realized that the best way to handle this situation is by using a dynamic shadow offset to obtain the offset at runtime. We introduce a new target hook, TARGET_ASAN_DYNAMIC_SHADOW_OFFSET_P, to determine if the target is using a dynamic shadow offset, so this change won't affect the static offset path. Additionally, TARGET_ASAN_SHADOW_OFFSET continues to work even if TARGET_ASAN_DYNAMIC_SHADOW_OFFSET_P is non-zero, ensuring that KASAN functions as expected. This patch set has been verified on the Banana Pi F3, currently one of the most popular RISC-V development boards. All AddressSanitizer-related tests passed without introducing new regressions. It was also verified on AArch64 and x86_64 with no regressions in AddressSanitizer. [1] https://github.com/llvm/llvm-project/commit/130a190bf08a3d955d9db24dac936159dc049e12 [2] https://github.com/llvm/llvm-project/commit/da0c8b275564f814a53a5c19497669ae2d99538d gcc/ChangeLog: * asan.cc (asan_dynamic_shadow_offset_p): New. (asan_shadow_memory_dynamic_address): New. (asan_local_shadow_memory_dynamic_address): New. (get_asan_shadow_memory_dynamic_address_decl): New. (asan_maybe_insert_dynamic_shadow_at_function_entry): New. (asan_emit_stack_protection): Support dynamic shadow offset. (build_shadow_mem_access): Ditto. * asan.h (asan_maybe_insert_dynamic_shadow_at_function_entry): New. * doc/tm.texi (TARGET_ASAN_DYNAMIC_SHADOW_OFFSET_P): New. * doc/tm.texi.in (TARGET_ASAN_DYNAMIC_SHADOW_OFFSET_P): Ditto. * sanopt.cc (pass_sanopt::execute): Handle dynamic shadow offset. * target.def (asan_dynamic_shadow_offset_p): New. * toplev.cc (process_options): Handle dynamic shadow offset.
