Hi, вторник, 22 ноября 2016 г., 17:48:21 UTC+3 пользователь Park Kit написал: > > Hi Sagar, Maxim, > > Appreciated for your try and comments. > > @Sagar, your steps are bit different from what I followed so will give it > a try to build. This confirms at least ASAN works for cross-compile on MIPS > and which is great. > > @Maxim, you're right on 2) and that's what I did. Have you used the > buildroot to build cross-compile GCC on MIPS or used GCC package only? What > version have you used? Would you mind showing command lines to configure > and to build it? >
Yes, I've used cross buildroot. It can be quite simply built manually, I've used this pretty nice instruction: http://preshing.com/20141119/how-to-build-a-gcc-cross-compiler/. The components I used: * current trunk GCC * current trunk binutils * current trunk Linux headers * Glibc 2.20 The only difference I've needed is a local patch for Glibc (I used 2.20) to fix build error (the patch is attached). I'm also attaching the patch I used to enable ASan in GCC for MIPS (you can apply it on step 7). Once you've built toolchain, you can simple test: $ mips-linux-gcc *-fsanitize=address * <gcc_tree_location>/gcc/testsuite/c-c++-common/asan/heap-overflow-1.c *-fstack-protector* $ qemu-mips -L $SYSROOT -R 0 ./a.out ================================================================= ==9453==ERROR: AddressSanitizer: heap-buffer-overflow on address 0x42c007ba at pc 0x00400a94 bp 0x407ffca0 sp 0x407ffcc8 READ of size 1 at 0x42c007ba thread T0 #0 0x400a8c (/home/max/build/mips/gcc/a.out+0x400a8c) #1 0x40e5a36c (/opt/cross/mips//mips-linux/lib/libc.so.6+0x1936c) 0x42c007ba is located 0 bytes to the right of 10-byte region [0x42c007b0,0x42c007ba) allocated by thread T0 here: #0 0x4093fe9c (/opt/cross/mips//mips-linux/lib/libasan.so.4+0x107e9c) #1 0x4009e4 (/home/max/build/mips/gcc/a.out+0x4009e4) #2 0x40e5a36c (/opt/cross/mips//mips-linux/lib/libc.so.6+0x1936c) SUMMARY: AddressSanitizer: heap-buffer-overflow (/home/max/build/mips/gcc/a.out+0x400a8c) Shadow bytes around the buggy address: 0x130200a0: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa 0x130200b0: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa 0x130200c0: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa 0x130200d0: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa 0x130200e0: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa =>0x130200f0: fa fa fa fa fa fa 00[02]fa fa fa fa fa fa fa fa 0x13020100: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa 0x13020110: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa 0x13020120: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa 0x13020130: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa 0x13020140: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa Shadow byte legend (one shadow byte represents 8 application bytes): Addressable: 00 Partially addressable: 01 02 03 04 05 06 07 Heap left redzone: fa Freed heap region: fd Stack left redzone: f1 Stack mid redzone: f2 Stack right redzone: f3 Stack after return: f5 Stack use after scope: f8 Global redzone: f9 Global init order: f6 Poisoned by user: f7 Container overflow: fc Array cookie: ac Intra object redzone: bb ASan internal: fe Left alloca redzone: ca Right alloca redzone: cb ==9453==ABORTING Note that I've added *-fstack-protector *flag to avoid "*cc1: warning: -fsanitize=address and -fsanitize=kernel-address are not supported for this target" *error on compilation step. This is weird, but for some reason GCC folks use this flag to control *FRAME_GROWS_DOWNWARD *macro om MIPS. GCC's ASan doesn't support targets with *FRAME_GROWS_DOWNWARD == 0 *so I just added *-fstack-protector *as a workaround. > > Keep you posted on further tries. Many thanks > Kit > > 2016년 11월 19일 토요일 오전 11시 19분 34초 UTC, sagar....@imgtec.com 님의 말: >> >> Hi Park, >> >> *Following are the steps for building LLVM and compiler-rt for target >> MIPS (Host=x86, Target=MIPS):* >> >> 1. Install prerequisites with "sudo apt-get install cmake ninja-build >> gcc-5-mipsel-linux-gnu g++-5-mipsel-linux-gnu >> gcc-5-multilib-mipsel-linux-gnu g++-5-multilib-mipsel-linux-gnu >> binutils-mipsel-linux-gnu libgcc1-mipsel-cross libstdc++6-mipsel-cross" >> 2. Checkout llvm. >> 3. Checkout clang in /llvm/tools/ >> 4. Build LLVM cross compiler which targets MIPS. >> 1. Run "cmake -G Ninja ../llvm >> -DCMAKE_INSTALL_PREFIX=<path-to-install-dir> >> -DCMAKE_BUILD_TYPE=Release >> -DCMAKE_INSTALL_PREFIX=<install-dir> >> -DLLVM_DEFAULT_TARGET_TRIPLE=mipsel-linux-gnu -DLLVM_TARGET_ARCH=Mips >> -DLLVM_TARGETS_TO_BUILD=Mips" in a build directory. >> 2. Run "ninja; ninja install" >> 5. Checkout compiler-rt >> 6. Build compiler-rt in a separate build directory using the just >> built llvm cross compiler. >> 1. Run "cmake -G Ninja ../compiler-rt/ >> -DCMAKE_C_COMPILER=<path-to-where-llvm-was-installed>/bin/clang >> -DCMAKE_CXX_COMPILER=<path-to-where-llvm-was-installed>/bin/clang++ >> -DCMAKE_BUILD_TYPE=Release >> -DLLVM_CONFIG_PATH=<path-to-where-llvm-was-installed>//bin/llvm-config >> >> -DCOMPILER_RT_INSTALL_PATH=<path-to-where-llvm-was-installed>//lib/clang/4.0.0 >> >> -DCMAKE_C_FLAGS="-I/usr/mipsel-linux-gnu/include/ >> -Wl,-L/usr/mipsel-linux-gnu/lib/" >> -DCMAKE_CXX_FLAGS="-I/usr/mipsel-linux-gnu/include/ >> -Wl,-L/usr/mipsel-linux-gnu/lib/"" in a separate build directory. >> 2. Run "ninja; ninja install" >> >> You can also use the GCC cross tool chain instead of the just built LLVM >> cross tool chain to build the compiler-rt sources. >> >> *Running a simple test from the ASAN test suite:* >> >> $ <path-to-where-llvm-was-installed>/bin/clang -fsanitize=address >> -Wl,--dynamic-linker=/usr/mipsel-linux-gnu/lib/ld.so.1 use-after-free.cc >> >> $ qemu-mipsel -cpu 74Kf -E LD_LIBRARY_PATH=/usr/mipsel-linux-gnu/lib/ >> a.out >> ================================================================= >> ==1487==ERROR: AddressSanitizer: heap-use-after-free on address >> 0x74d007b5 at pc 0x0052d518 bp 0x76fff5c0 sp 0x76fff5e4 >> READ of size 1 at 0x74d007b5 thread T0 >> #0 0x52d510 (/home/slt/Tests/a.out+0x52d510) >> #1 0x76535bd4 (/usr/mipsel-linux-gnu/lib/libc.so.6+0x19bd4) >> >> 0x74d007b5 is located 5 bytes inside of 10-byte region >> [0x74d007b0,0x74d007ba) >> freed by thread T0 here: >> #0 0x4f4124 (/home/slt/Tests/a.out+0x4f4124) >> #1 0x52d4a8 (/home/slt/Tests/a.out+0x52d4a8) >> #2 0x76535bd4 (/usr/mipsel-linux-gnu/lib/libc.so.6+0x19bd4) >> >> previously allocated by thread T0 here: >> #0 0x4f4580 (/home/slt/Tests/a.out+0x4f4580) >> #1 0x52d498 (/home/slt/Tests/a.out+0x52d498) >> #2 0x76535bd4 (/usr/mipsel-linux-gnu/lib/libc.so.6+0x19bd4) >> >> SUMMARY: AddressSanitizer: heap-use-after-free >> (/home/slt/Tests/a.out+0x52d510) >> Shadow bytes around the buggy address: >> 0x194400a0: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa >> 0x194400b0: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa >> 0x194400c0: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa >> 0x194400d0: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa >> 0x194400e0: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa >> =>0x194400f0: fa fa fa fa fa fa[fd]fd fa fa fa fa fa fa fa fa >> 0x19440100: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa >> 0x19440110: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa >> 0x19440120: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa >> 0x19440130: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa >> 0x19440140: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa >> Shadow byte legend (one shadow byte represents 8 application bytes): >> Addressable: 00 >> Partially addressable: 01 02 03 04 05 06 07 >> Heap left redzone: fa >> Freed heap region: fd >> Stack left redzone: f1 >> Stack mid redzone: f2 >> Stack right redzone: f3 >> Stack after return: f5 >> Stack use after scope: f8 >> Global redzone: f9 >> Global init order: f6 >> Poisoned by user: f7 >> Container overflow: fc >> Array cookie: ac >> Intra object redzone: bb >> ASan internal: fe >> Left alloca redzone: ca >> Right alloca redzone: cb >> ==1487==ABORTING >> >> *To cross build a complete LLVM toolchain which will run on MIPS and >> target to MIPS **(Host=MIPS, Target=MIPS):* >> >> 1. Install prerequisites with "sudo apt-get install cmake ninja-build >> gcc-5-mipsel-linux-gnu g++-5-mipsel-linux-gnu >> gcc-5-multilib-mipsel-linux-gnu g++-5-multilib-mipsel-linux-gnu >> binutils-mipsel-linux-gnu libgcc1-mipsel-cross libstdc++6-mipsel-cross" >> 2. Checkout llvm >> 3. Checkout clang in /llvm/tools/ >> 4. Checkout compiler-rt in /llvm/projects/ >> 5. Run "cmake -G Ninja ../llvm >> -DCMAKE_INSTALL_PREFIX=<path-to-install-dir> -DCMAKE_BUILD_TYPE=Release >> -DCMAKE_CROSSCOMPILING=True >> -DLLVM_TABLEGEN=<path-to-host-bin>/llvm-tblgen >> -DCLANG_TABLEGEN=<path-to-host-bin>/clang-tblgen >> -DLLVM_HOST_TRIPLE=mipsel-linux-gnu >> -DLLVM_DEFAULT_TARGET_TRIPLE=mipsel-linux-gnu -DLLVM_TARGET_ARCH=Mips >> -DLLVM_TARGETS_TO_BUILD=Mips >> -DCMAKE_C_COMPILER="/usr/bin/mipsel-linux-gnu-gcc-5" >> -DCMAKE_CXX_COMPILER="/usr/bin/mipsel-linux-gnu-g++-5" >> -DCMAKE_ASM_COMPILER="/usr/bin/mipsel-linux-gnu-gcc-5" >> -DCMAKE_C_FLAGS="-mips32 -mabi=32" -DCMAKE_CXX_FLAGS="-mips32 -mabi=32"" >> in >> a build directory. >> 6. Run "ninja; ninja install" >> >> But "ninja install" does not copy the sanitizer runtime libs in the >> install directory. So you will have to copy them to the install directory >> manually. >> >> >> Regarding GCC's ASAN support for MIPS, as Maxim said we will have to add >> support for it following the steps he mentioned. >> >> >> Regards, >> >> Sagar >> >> >> >> On Wednesday, November 16, 2016 at 1:13:06 PM UTC+5:30, Park Kit wrote: >>> >>> Hi Sagar, >>> >>> Many thanks for a reply. Although I am seeking to have GCC cross compile >>> working, it would be great to know that ASAN builds for mips on clang. >>> >>> Looking forward to good news on that. >>> >>> Many thanks >>> Kit >>> >>> 2016년 11월 15일 화요일 오후 6시 56분 48초 UTC, sagar....@imgtec.com 님의 말: >>>> >>>> Hi Park, >>>> >>>> Sorry for the delay. >>>> >>>> In order to run ASAN on mips, we always did a native build of >>>> compiler-rt on a real mips hardware. We never tried the cross build of >>>> compiler-rt. >>>> >>>> However, since you need the cross build, I will give it a try and get >>>> back to you as soon as I get success. >>>> >>>> Regards, >>>> Sagar >>>> >>>> On Tuesday, November 15, 2016 at 1:59:15 PM UTC+5:30, Park Kit wrote: >>>>> >>>>> Hi all, >>>>> >>>>> Could anyone please give me some pointers to try? >>>>> >>>>> 2016년 10월 15일 토요일 오전 1시 21분 6초 UTC+1, kcc 님의 말: >>>>>> >>>>>> Sagar, Simon, >>>>>> Could you please consult on ASAN for MIPS? >>>>>> >>>>>> On Fri, Oct 14, 2016 at 3:04 PM, Park Kit <keite...@gmail.com> wrote: >>>>>> >>>>>>> Correction. ASN means ASAN of course. :-) >>>>>>> >>>>>>> -- >>>>>>> You received this message because you are subscribed to the Google >>>>>>> Groups "address-sanitizer" group. >>>>>>> To unsubscribe from this group and stop receiving emails from it, >>>>>>> send an email to address-saniti...@googlegroups.com. >>>>>>> For more options, visit https://groups.google.com/d/optout. >>>>>>> >>>>>> >>>>>> -- You received this message because you are subscribed to the Google Groups "address-sanitizer" group. To unsubscribe from this group and stop receiving emails from it, send an email to address-sanitizer+unsubscr...@googlegroups.com. For more options, visit https://groups.google.com/d/optout.
diff --git a/gcc/config/mips/linux-common.h b/gcc/config/mips/linux-common.h index 8429a7c..f28c820 100644 --- a/gcc/config/mips/linux-common.h +++ b/gcc/config/mips/linux-common.h @@ -27,6 +27,9 @@ along with GCC; see the file COPYING3. If not see ANDROID_TARGET_OS_CPP_BUILTINS(); \ } while (0) +#undef ASAN_CC1_SPEC +#define ASAN_CC1_SPEC "%{fsanitize=*:-funwind-tables}" + #undef LINK_SPEC #define LINK_SPEC \ LINUX_OR_ANDROID_LD (GNU_USER_TARGET_LINK_SPEC, \ @@ -34,12 +37,12 @@ along with GCC; see the file COPYING3. If not see #undef SUBTARGET_CC1_SPEC #define SUBTARGET_CC1_SPEC \ - LINUX_OR_ANDROID_CC (GNU_USER_TARGET_CC1_SPEC, \ - GNU_USER_TARGET_CC1_SPEC " " ANDROID_CC1_SPEC) + LINUX_OR_ANDROID_CC (GNU_USER_TARGET_CC1_SPEC " " ASAN_CC1_SPEC, \ + GNU_USER_TARGET_CC1_SPEC " " ASAN_CC1_SPEC " " ANDROID_CC1_SPEC) #undef CC1PLUS_SPEC #define CC1PLUS_SPEC \ - LINUX_OR_ANDROID_CC ("", ANDROID_CC1PLUS_SPEC) + LINUX_OR_ANDROID_CC (ASAN_CC1_SPEC "", ASAN_CC1_SPEC " " ANDROID_CC1PLUS_SPEC) #undef LIB_SPEC #define LIB_SPEC \ diff --git a/gcc/config/mips/linux.h b/gcc/config/mips/linux.h index dc51c45..7ab6c71 100644 --- a/gcc/config/mips/linux.h +++ b/gcc/config/mips/linux.h @@ -50,3 +50,10 @@ along with GCC; see the file COPYING3. If not see #define GNU_USER_DYNAMIC_LINKERN32 \ CHOOSE_DYNAMIC_LINKER (GLIBC_DYNAMIC_LINKERN32, UCLIBC_DYNAMIC_LINKERN32, \ BIONIC_DYNAMIC_LINKERN32, MUSL_DYNAMIC_LINKERN32) + +#undef ASAN_CC1_SPEC +#define ASAN_CC1_SPEC "%{%:sanitize(address):-funwind-tables}" + +#undef CC1_SPEC +#define CC1_SPEC GNU_USER_TARGET_CC1_SPEC ASAN_CC1_SPEC + diff --git a/gcc/config/mips/mips.c b/gcc/config/mips/mips.c index d6464c5..7eefdfd 100644 --- a/gcc/config/mips/mips.c +++ b/gcc/config/mips/mips.c @@ -491,6 +491,7 @@ static int mips_base_move_loop_invariants; /* flag_move_loop_invariants */ static int mips_base_align_loops; /* align_loops */ static int mips_base_align_jumps; /* align_jumps */ static int mips_base_align_functions; /* align_functions */ +static unsigned HOST_WIDE_INT mips_asan_shadow_offset (void); /* Index [M][R] is true if register R is allowed to hold a value of mode M. */ bool mips_hard_regno_mode_ok[(int) MAX_MACHINE_MODE][FIRST_PSEUDO_REGISTER]; @@ -22488,6 +22489,17 @@ mips_promote_function_mode (const_tree type ATTRIBUTE_UNUSED, #undef TARGET_HARD_REGNO_SCRATCH_OK #define TARGET_HARD_REGNO_SCRATCH_OK mips_hard_regno_scratch_ok +#undef TARGET_ASAN_SHADOW_OFFSET +#define TARGET_ASAN_SHADOW_OFFSET mips_asan_shadow_offset + struct gcc_target targetm = TARGET_INITIALIZER; +/* Implement the TARGET_ASAN_SHADOW_OFFSET hook. */ + +static unsigned HOST_WIDE_INT +mips_asan_shadow_offset (void) +{ + return 0x0aaa0000L; +} + #include "gt-mips.h" diff --git a/libsanitizer/configure.tgt b/libsanitizer/configure.tgt index 8d884f4..db21669 100644 --- a/libsanitizer/configure.tgt +++ b/libsanitizer/configure.tgt @@ -34,6 +34,8 @@ case "${target}" in ;; sparc*-*-linux*) ;; + mips*-*-linux*) + ;; arm*-*-linux*) ;; aarch64*-*-linux*)
diff --git a/sysdeps/unix/sysv/linux/mips/vfork.S b/sysdeps/unix/sysv/linux/mips/vfork.S index 2c1a747..eea8687 100644 --- a/sysdeps/unix/sysv/linux/mips/vfork.S +++ b/sysdeps/unix/sysv/linux/mips/vfork.S @@ -106,6 +106,8 @@ L(error): #endif END(__vfork) +#if !defined NOT_IN_libc libc_hidden_def(__vfork) weak_alias (__vfork, vfork) strong_alias (__vfork, __libc_vfork) +#endif diff --git a/sysdeps/unix/sysv/linux/sparc/sparc32/vfork.S b/sysdeps/unix/sysv/linux/sparc/sparc32/vfork.S index 549769a..f371fd8 100644 --- a/sysdeps/unix/sysv/linux/sparc/sparc32/vfork.S +++ b/sysdeps/unix/sysv/linux/sparc/sparc32/vfork.S @@ -44,6 +44,8 @@ ENTRY(__vfork) nop END(__vfork) +#ifdef IS_IN_libc libc_hidden_def (__vfork) weak_alias (__vfork, vfork) strong_alias (__vfork, __libc_vfork) +#endif diff --git a/sysdeps/unix/sysv/linux/sparc/sparc64/vfork.S b/sysdeps/unix/sysv/linux/sparc/sparc64/vfork.S index 6d0628b..c4ac487 100644 --- a/sysdeps/unix/sysv/linux/sparc/sparc64/vfork.S +++ b/sysdeps/unix/sysv/linux/sparc/sparc64/vfork.S @@ -44,6 +44,8 @@ ENTRY(__vfork) nop END(__vfork) +#ifdef IS_IN_libc libc_hidden_def (__vfork) weak_alias (__vfork, vfork) strong_alias (__vfork, __libc_vfork) +#endif