[llvm-branch-commits] [llvm] [clang] [TySan] A Type Sanitizer (Clang) (PR #76260)
Florian Hahn via llvm-branch-commits
llvm-branch-commits at lists.llvm.org
Fri Dec 22 11:18:40 PST 2023
https://github.com/fhahn created https://github.com/llvm/llvm-project/pull/76260
This patch introduces the runtime components of a type sanitizer: a sanitizer for type-based aliasing violations.
C/C++ have type-based aliasing rules, and LLVM's optimizer can exploit these given TBAA metadata added by Clang. Roughly, a pointer of given type cannot be used to access an object of a different type (with, of course, certain exceptions). Unfortunately, there's a lot of code in the wild that violates these rules (e.g. for type punning), and such code often must be built with -fno-strict-aliasing. Performance is often sacrificed as a result. Part of the problem is the difficulty of finding TBAA violations. Hopefully, this sanitizer will help.
The Clang changes seems mostly formulaic, the one specific change being that when the TBAA sanitizer is enabled, TBAA is always generated, even at -O0.
Clang's TBAA representation currently has a problem representing unions, as demonstrated by the one XFAIL'd test in the runtime patch. We'll update the TBAA representation to fix this, and at the same time, update the sanitizer.
Based on https://reviews.llvm.org/D32199.
More information about the llvm-branch-commits
mailing list