1 //===-- asan_asm_test.cc --------------------------------------------------===//
2 //
3 //                     The LLVM Compiler Infrastructure
4 //
5 // This file is distributed under the University of Illinois Open Source
6 // License. See LICENSE.TXT for details.
7 //
8 //===----------------------------------------------------------------------===//
9 //
10 // This file is a part of AddressSanitizer, an address sanity checker.
11 //
12 //===----------------------------------------------------------------------===//
13 #include "asan_test_utils.h"
14 
15 #if defined(__linux__)
16 
17 #if defined(__x86_64__) || (defined(__i386__) && defined(__SSE2__))
18 
19 #include <emmintrin.h>
20 
21 namespace {
22 
23 template<typename T> void asm_write(T *ptr, T val);
24 template<typename T> T asm_read(T *ptr);
25 template<typename T> void asm_rep_movs(T *dst, T *src, size_t n);
26 
27 } // End of anonymous namespace
28 
29 #endif // defined(__x86_64__) || (defined(__i386__) && defined(__SSE2__))
30 
31 #if defined(__x86_64__)
32 
33 namespace {
34 
35 #define DECLARE_ASM_WRITE(Type, Size, Mov, Reg)        \
36 template<> void asm_write<Type>(Type *ptr, Type val) { \
37   __asm__(                                             \
38     Mov " %[val], (%[ptr])  \n\t"                      \
39     :                                                  \
40     : [ptr] "r" (ptr), [val] Reg (val)                 \
41     : "memory"                                         \
42   );                                                   \
43 }
44 
45 #define DECLARE_ASM_READ(Type, Size, Mov, Reg)     \
46 template<> Type asm_read<Type>(Type *ptr) {        \
47   Type res;                                        \
48   __asm__(                                         \
49     Mov " (%[ptr]), %[res]  \n\t"                  \
50     : [res] Reg (res)                              \
51     : [ptr] "r" (ptr)                              \
52     : "memory"                                     \
53   );                                               \
54   return res;                                      \
55 }
56 
57 #define DECLARE_ASM_REP_MOVS(Type, Movs)                                       \
58   template <> void asm_rep_movs<Type>(Type * dst, Type * src, size_t size) {   \
59     __asm__("rep " Movs " \n\t"                                                \
60             :                                                                  \
61             : "D"(dst), "S"(src), "c"(size)                                    \
62             : "rsi", "rdi", "rcx", "memory");                                  \
63   }
64 
65 DECLARE_ASM_WRITE(U8, "8", "movq", "r");
66 DECLARE_ASM_READ(U8, "8", "movq", "=r");
67 DECLARE_ASM_REP_MOVS(U8, "movsq");
68 
69 } // End of anonymous namespace
70 
71 #endif // defined(__x86_64__)
72 
73 #if defined(__i386__) && defined(__SSE2__)
74 
75 namespace {
76 
77 #define DECLARE_ASM_WRITE(Type, Size, Mov, Reg)        \
78 template<> void asm_write<Type>(Type *ptr, Type val) { \
79   __asm__(                                             \
80     Mov " %[val], (%[ptr])  \n\t"                      \
81     :                                                  \
82     : [ptr] "r" (ptr), [val] Reg (val)                 \
83     : "memory"                                         \
84   );                                                   \
85 }
86 
87 #define DECLARE_ASM_READ(Type, Size, Mov, Reg)     \
88 template<> Type asm_read<Type>(Type *ptr) {        \
89   Type res;                                        \
90   __asm__(                                         \
91     Mov " (%[ptr]), %[res]  \n\t"                  \
92     : [res] Reg (res)                              \
93     : [ptr] "r" (ptr)                              \
94     : "memory"                                     \
95   );                                               \
96   return res;                                      \
97 }
98 
99 #define DECLARE_ASM_REP_MOVS(Type, Movs)                                       \
100   template <> void asm_rep_movs<Type>(Type * dst, Type * src, size_t size) {   \
101     __asm__("rep " Movs " \n\t"                                                \
102             :                                                                  \
103             : "D"(dst), "S"(src), "c"(size)                                    \
104             : "esi", "edi", "ecx", "memory");                                  \
105   }
106 
107 } // End of anonymous namespace
108 
109 #endif  // defined(__i386__) && defined(__SSE2__)
110 
111 #if defined(__x86_64__) || (defined(__i386__) && defined(__SSE2__))
112 
113 namespace {
114 
115 DECLARE_ASM_WRITE(U1, "1", "movb", "r");
116 DECLARE_ASM_WRITE(U2, "2", "movw", "r");
117 DECLARE_ASM_WRITE(U4, "4", "movl", "r");
118 DECLARE_ASM_WRITE(__m128i, "16", "movaps", "x");
119 
120 DECLARE_ASM_READ(U1, "1", "movb", "=r");
121 DECLARE_ASM_READ(U2, "2", "movw", "=r");
122 DECLARE_ASM_READ(U4, "4", "movl", "=r");
123 DECLARE_ASM_READ(__m128i, "16", "movaps", "=x");
124 
125 DECLARE_ASM_REP_MOVS(U1, "movsb");
126 DECLARE_ASM_REP_MOVS(U2, "movsw");
127 DECLARE_ASM_REP_MOVS(U4, "movsl");
128 
TestAsmWrite(const char * DeathPattern)129 template<typename T> void TestAsmWrite(const char *DeathPattern) {
130   T *buf = new T;
131   EXPECT_DEATH(asm_write(&buf[1], static_cast<T>(0)), DeathPattern);
132   T var = 0x12;
133   asm_write(&var, static_cast<T>(0x21));
134   ASSERT_EQ(static_cast<T>(0x21), var);
135   delete buf;
136 }
137 
TestAsmWrite(const char * DeathPattern)138 template<> void TestAsmWrite<__m128i>(const char *DeathPattern) {
139   char *buf = new char[16];
140   char *p = buf + 16;
141   if (((uintptr_t) p % 16) != 0)
142     p = buf + 8;
143   assert(((uintptr_t) p % 16) == 0);
144   __m128i val = _mm_set1_epi16(0x1234);
145   EXPECT_DEATH(asm_write<__m128i>((__m128i*) p, val), DeathPattern);
146   __m128i var = _mm_set1_epi16(0x4321);
147   asm_write(&var, val);
148   ASSERT_EQ(0x1234, _mm_extract_epi16(var, 0));
149   delete [] buf;
150 }
151 
TestAsmRead(const char * DeathPattern)152 template<typename T> void TestAsmRead(const char *DeathPattern) {
153   T *buf = new T;
154   EXPECT_DEATH(asm_read(&buf[1]), DeathPattern);
155   T var = 0x12;
156   ASSERT_EQ(static_cast<T>(0x12), asm_read(&var));
157   delete buf;
158 }
159 
TestAsmRead(const char * DeathPattern)160 template<> void TestAsmRead<__m128i>(const char *DeathPattern) {
161   char *buf = new char[16];
162   char *p = buf + 16;
163   if (((uintptr_t) p % 16) != 0)
164     p = buf + 8;
165   assert(((uintptr_t) p % 16) == 0);
166   EXPECT_DEATH(asm_read<__m128i>((__m128i*) p), DeathPattern);
167   __m128i val = _mm_set1_epi16(0x1234);
168   ASSERT_EQ(0x1234, _mm_extract_epi16(asm_read(&val), 0));
169   delete [] buf;
170 }
171 
AsmLoad(U4 * a)172 U4 AsmLoad(U4 *a) {
173   U4 r;
174   __asm__("movl (%[a]), %[r]  \n\t" : [r] "=r" (r) : [a] "r" (a) : "memory");
175   return r;
176 }
177 
AsmStore(U4 r,U4 * a)178 void AsmStore(U4 r, U4 *a) {
179   __asm__("movl %[r], (%[a])  \n\t" : : [a] "r" (a), [r] "r" (r) : "memory");
180 }
181 
182 template <typename T>
TestAsmRepMovs(const char * DeathPatternRead,const char * DeathPatternWrite)183 void TestAsmRepMovs(const char *DeathPatternRead,
184                     const char *DeathPatternWrite) {
185   T src_good[4] = { 0x0, 0x1, 0x2, 0x3 };
186   T dst_good[4] = {};
187   asm_rep_movs(dst_good, src_good, 4);
188   ASSERT_EQ(static_cast<T>(0x0), dst_good[0]);
189   ASSERT_EQ(static_cast<T>(0x1), dst_good[1]);
190   ASSERT_EQ(static_cast<T>(0x2), dst_good[2]);
191   ASSERT_EQ(static_cast<T>(0x3), dst_good[3]);
192 
193   T dst_bad[3];
194   EXPECT_DEATH(asm_rep_movs(dst_bad, src_good, 4), DeathPatternWrite);
195 
196   T src_bad[3] = { 0x0, 0x1, 0x2 };
197   EXPECT_DEATH(asm_rep_movs(dst_good, src_bad, 4), DeathPatternRead);
198 
199   T* dp = dst_bad + 4;
200   T* sp = src_bad + 4;
201   asm_rep_movs(dp, sp, 0);
202 }
203 
204 } // End of anonymous namespace
205 
TEST(AddressSanitizer,asm_load_store)206 TEST(AddressSanitizer, asm_load_store) {
207   U4* buf = new U4[2];
208   EXPECT_DEATH(AsmLoad(&buf[3]), "READ of size 4");
209   EXPECT_DEATH(AsmStore(0x1234, &buf[3]), "WRITE of size 4");
210   delete [] buf;
211 }
212 
TEST(AddressSanitizer,asm_rw)213 TEST(AddressSanitizer, asm_rw) {
214   TestAsmWrite<U1>("WRITE of size 1");
215   TestAsmWrite<U2>("WRITE of size 2");
216   TestAsmWrite<U4>("WRITE of size 4");
217 #if defined(__x86_64__)
218   TestAsmWrite<U8>("WRITE of size 8");
219 #endif // defined(__x86_64__)
220   TestAsmWrite<__m128i>("WRITE of size 16");
221 
222   TestAsmRead<U1>("READ of size 1");
223   TestAsmRead<U2>("READ of size 2");
224   TestAsmRead<U4>("READ of size 4");
225 #if defined(__x86_64__)
226   TestAsmRead<U8>("READ of size 8");
227 #endif // defined(__x86_64__)
228   TestAsmRead<__m128i>("READ of size 16");
229 }
230 
TEST(AddressSanitizer,asm_flags)231 TEST(AddressSanitizer, asm_flags) {
232   long magic = 0x1234;
233   long r = 0x0;
234 
235 #if defined(__x86_64__) && !defined(__ILP32__)
236   __asm__("xorq %%rax, %%rax  \n\t"
237           "movq (%[p]), %%rax \n\t"
238           "sete %%al          \n\t"
239           "movzbq %%al, %[r]  \n\t"
240           : [r] "=r"(r)
241           : [p] "r"(&magic)
242           : "rax", "memory");
243 #else
244   __asm__("xorl %%eax, %%eax  \n\t"
245           "movl (%[p]), %%eax \n\t"
246           "sete %%al          \n\t"
247           "movzbl %%al, %[r]  \n\t"
248           : [r] "=r"(r)
249           : [p] "r"(&magic)
250           : "eax", "memory");
251 #endif // defined(__x86_64__) && !defined(__ILP32__)
252 
253   ASSERT_EQ(0x1, r);
254 }
255 
TEST(AddressSanitizer,asm_rep_movs)256 TEST(AddressSanitizer, asm_rep_movs) {
257   TestAsmRepMovs<U1>("READ of size 1", "WRITE of size 1");
258   TestAsmRepMovs<U2>("READ of size 2", "WRITE of size 2");
259   TestAsmRepMovs<U4>("READ of size 4", "WRITE of size 4");
260 #if defined(__x86_64__)
261   TestAsmRepMovs<U8>("READ of size 8", "WRITE of size 8");
262 #endif  // defined(__x86_64__)
263 }
264 
265 #endif // defined(__x86_64__) || (defined(__i386__) && defined(__SSE2__))
266 
267 #endif // defined(__linux__)
268