LLVM API Documentation

Functions | Variables
DataFlowSanitizer.cpp File Reference
#include "llvm/Transforms/Instrumentation.h"
#include "llvm/ADT/DenseMap.h"
#include "llvm/ADT/DenseSet.h"
#include "llvm/ADT/DepthFirstIterator.h"
#include "llvm/ADT/StringExtras.h"
#include "llvm/Analysis/ValueTracking.h"
#include "llvm/IR/Dominators.h"
#include "llvm/IR/IRBuilder.h"
#include "llvm/IR/InlineAsm.h"
#include "llvm/IR/InstVisitor.h"
#include "llvm/IR/LLVMContext.h"
#include "llvm/IR/MDBuilder.h"
#include "llvm/IR/Type.h"
#include "llvm/IR/Value.h"
#include "llvm/Pass.h"
#include "llvm/Support/CommandLine.h"
#include "llvm/Support/SpecialCaseList.h"
#include "llvm/Transforms/Utils/BasicBlockUtils.h"
#include "llvm/Transforms/Utils/Local.h"
#include <algorithm>
#include <iterator>
#include <set>
#include <utility>
Include dependency graph for DataFlowSanitizer.cpp:

Go to the source code of this file.

Functions

 INITIALIZE_PASS (DataFlowSanitizer,"dfsan","DataFlowSanitizer: dynamic data flow analysis.", false, false) ModulePass *llvm

Variables

static cl::opt< boolClPreserveAlignment ("dfsan-preserve-alignment", cl::desc("respect alignment requirements provided by input IR"), cl::Hidden, cl::init(false))
static cl::opt< std::string > ClABIListFile ("dfsan-abilist", cl::desc("File listing native ABI functions and how the pass treats them"), cl::Hidden)
static cl::opt< boolClArgsABI ("dfsan-args-abi", cl::desc("Use the argument ABI rather than the TLS ABI"), cl::Hidden)
static cl::opt< boolClCombinePointerLabelsOnLoad ("dfsan-combine-pointer-labels-on-load", cl::desc("Combine the label of the pointer with the label of the data when ""loading from memory."), cl::Hidden, cl::init(true))
static cl::opt< boolClCombinePointerLabelsOnStore ("dfsan-combine-pointer-labels-on-store", cl::desc("Combine the label of the pointer with the label of the data when ""storing in memory."), cl::Hidden, cl::init(false))
static cl::opt< boolClDebugNonzeroLabels ("dfsan-debug-nonzero-labels", cl::desc("Insert calls to __dfsan_nonzero_label on observing a parameter, ""load or return with a nonzero label"), cl::Hidden)

Detailed Description

This file is a part of DataFlowSanitizer, a generalised dynamic data flow analysis.

Unlike other Sanitizer tools, this tool is not designed to detect a specific class of bugs on its own. Instead, it provides a generic dynamic data flow analysis framework to be used by clients to help detect application-specific issues within their own code.

The analysis is based on automatic propagation of data flow labels (also known as taint labels) through a program as it performs computation. Each byte of application memory is backed by two bytes of shadow memory which hold the label. On Linux/x86_64, memory is laid out as follows:

+--------------------+ 0x800000000000 (top of memory) | application memory | +--------------------+ 0x700000008000 (kAppAddr) | | | unused | | | +--------------------+ 0x200200000000 (kUnusedAddr) | union table | +--------------------+ 0x200000000000 (kUnionTableAddr) | shadow memory | +--------------------+ 0x000000010000 (kShadowAddr) | reserved by kernel | +--------------------+ 0x000000000000

To derive a shadow memory address from an application memory address, bits 44-46 are cleared to bring the address into the range [0x000000008000,0x100000000000). Then the address is shifted left by 1 to account for the double byte representation of shadow labels and move the address into the shadow memory range. See the function DataFlowSanitizer::getShadowAddress below.

For more information, please refer to the design document: http://clang.llvm.org/docs/DataFlowSanitizerDesign.html

Definition in file DataFlowSanitizer.cpp.

Function Documentation

INITIALIZE_PASS ( DataFlowSanitizer  ,
"dfsan"  ,
"DataFlowSanitizer: dynamic data flow analysis."  ,
false  ,
false   
)

Definition at line 346 of file DataFlowSanitizer.cpp.

Variable Documentation

cl::opt<std::string> ClABIListFile("dfsan-abilist", cl::desc("File listing native ABI functions and how the pass treats them"), cl::Hidden) [static]
cl::opt<bool> ClArgsABI("dfsan-args-abi", cl::desc("Use the argument ABI rather than the TLS ABI"), cl::Hidden) [static]
cl::opt<bool> ClCombinePointerLabelsOnLoad("dfsan-combine-pointer-labels-on-load", cl::desc("Combine the label of the pointer with the label of the data when ""loading from memory."), cl::Hidden, cl::init(true)) [static]
cl::opt<bool> ClCombinePointerLabelsOnStore("dfsan-combine-pointer-labels-on-store", cl::desc("Combine the label of the pointer with the label of the data when ""storing in memory."), cl::Hidden, cl::init(false)) [static]
cl::opt<bool> ClDebugNonzeroLabels("dfsan-debug-nonzero-labels", cl::desc("Insert calls to __dfsan_nonzero_label on observing a parameter, ""load or return with a nonzero label"), cl::Hidden) [static]
cl::opt<bool> ClPreserveAlignment("dfsan-preserve-alignment", cl::desc("respect alignment requirements provided by input IR"), cl::Hidden, cl::init(false)) [static]

Generated on Thu Sep 18 2014 03:49:13 for LLVM by Doxygen1.7.6.1
Copyright © 2003-2014 University of Illinois at Urbana-Champaign. All Rights Reserved.