forked from OSchip/llvm-project
a22685885d
Summary:
In the LLVM IR, "call" instructions read memory for each byval operand.
For example:
```
$ cat blah.c
struct foo { void *a, *b, *c; };
struct bar { struct foo foo; };
void func1(const struct foo);
void func2(struct bar *bar) { func1(bar->foo); }
$ [...]/bin/clang -S -flto -c blah.c -O2 ; cat blah.s
[...]
define dso_local void @func2(%struct.bar* %bar) local_unnamed_addr #0 {
entry:
%foo = getelementptr inbounds %struct.bar, %struct.bar* %bar, i64 0, i32 0
tail call void @func1(%struct.foo* byval(%struct.foo) align 8 %foo) #2
ret void
}
[...]
$ [...]/bin/clang -S -c blah.c -O2 ; cat blah.s
[...]
func2: # @func2
[...]
subq $24, %rsp
[...]
movq 16(%rdi), %rax
movq %rax, 16(%rsp)
movups (%rdi), %xmm0
movups %xmm0, (%rsp)
callq func1
addq $24, %rsp
[...]
retq
```
Let ASAN instrument these hidden memory accesses.
This is patch 4/4 of a patch series:
https://reviews.llvm.org/D77616 [PATCH 1/4] [AddressSanitizer] Refactor ClDebug{Min,Max} handling
https://reviews.llvm.org/D77617 [PATCH 2/4] [AddressSanitizer] Split out memory intrinsic handling
https://reviews.llvm.org/D77618 [PATCH 3/4] [AddressSanitizer] Refactor: Permit >1 interesting operands per instruction
https://reviews.llvm.org/D77619 [PATCH 4/4] [AddressSanitizer] Instrument byval call arguments
Reviewers: kcc, glider
Reviewed By: glider
Subscribers: hiraditya, dexonsmith, llvm-commits
Tags: #llvm
Differential Revision: https://reviews.llvm.org/D77619
|
||
|---|---|---|
| .. | ||
| AddressSanitizer | ||
| BoundsChecking | ||
| DataFlowSanitizer | ||
| HWAddressSanitizer | ||
| InstrOrderFile | ||
| InstrProfiling | ||
| MemorySanitizer | ||
| PoisonChecking | ||
| SanitizerCoverage | ||
| ThreadSanitizer | ||
| cgprofile.ll | ||