[PATCH] D55117: [HWASAN] Instrument memory intrinsics
Eugene Leviant via Phabricator via llvm-commits
llvm-commits at lists.llvm.org
Fri Nov 30 04:07:41 PST 2018
evgeny777 created this revision.
evgeny777 added reviewers: kcc, eugenis, samsonov.
Patch replaces memory intrinsics with corresponding libc calls when specific option is set. The memset and friends can be either hooked by the runtime or libc itself can be sanitized
The patch lacks test case - I'll implement one if the whole thing makes sense.
https://reviews.llvm.org/D55117
Files:
lib/Transforms/Instrumentation/HWAddressSanitizer.cpp
Index: lib/Transforms/Instrumentation/HWAddressSanitizer.cpp
===================================================================
--- lib/Transforms/Instrumentation/HWAddressSanitizer.cpp
+++ lib/Transforms/Instrumentation/HWAddressSanitizer.cpp
@@ -121,6 +121,11 @@
cl::desc("Enable KernelHWAddressSanitizer instrumentation"),
cl::Hidden, cl::init(false));
+static cl::opt<bool>
+ ClInstrumentMemIntrinsics("hwasan-instrument-mem-intrinsics",
+ cl::desc("instrument memory intrinsics"),
+ cl::Hidden, cl::init(false));
+
// These flags allow to change the shadow mapping and control how shadow memory
// is accessed. The shadow mapping looks like:
// Shadow = (Mem >> scale) + offset
@@ -182,6 +187,7 @@
void instrumentMemAccessInline(Value *PtrLong, bool IsWrite,
unsigned AccessSizeIndex,
Instruction *InsertBefore);
+ void instrumentMemIntrinsic(MemIntrinsic *MI);
bool instrumentMemAccess(Instruction *I);
Value *isInterestingMemoryAccess(Instruction *I, bool *IsWrite,
uint64_t *TypeSize, unsigned *Alignment,
@@ -539,12 +545,44 @@
IRB.CreateCall(Asm, PtrLong);
}
+void HWAddressSanitizer::instrumentMemIntrinsic(MemIntrinsic *MI) {
+ IRBuilder<> IRB(MI);
+ Module *M = MI->getParent()->getParent()->getParent();
+ if (isa<MemTransferInst>(MI)) {
+ auto *F = isa<MemMoveInst>(MI)
+ ? M->getOrInsertFunction("memmove", IRB.getInt8PtrTy(),
+ IRB.getInt8PtrTy(),
+ IRB.getInt8PtrTy(), IntptrTy)
+ : M->getOrInsertFunction("memcpy", IRB.getInt8PtrTy(),
+ IRB.getInt8PtrTy(),
+ IRB.getInt8PtrTy(), IntptrTy);
+ IRB.CreateCall(
+ F, {IRB.CreatePointerCast(MI->getOperand(0), IRB.getInt8PtrTy()),
+ IRB.CreatePointerCast(MI->getOperand(1), IRB.getInt8PtrTy()),
+ IRB.CreateIntCast(MI->getOperand(2), IntptrTy, false)});
+ } else if (isa<MemSetInst>(MI)) {
+ IRB.CreateCall(
+ M->getOrInsertFunction("memset", IRB.getInt8PtrTy(), IRB.getInt8PtrTy(),
+ IRB.getInt32Ty(), IntptrTy),
+ {IRB.CreatePointerCast(MI->getOperand(0), IRB.getInt8PtrTy()),
+ IRB.CreateIntCast(MI->getOperand(1), IRB.getInt32Ty(), false),
+ IRB.CreateIntCast(MI->getOperand(2), IntptrTy, false)});
+ }
+ MI->eraseFromParent();
+}
+
bool HWAddressSanitizer::instrumentMemAccess(Instruction *I) {
LLVM_DEBUG(dbgs() << "Instrumenting: " << *I << "\n");
bool IsWrite = false;
unsigned Alignment = 0;
uint64_t TypeSize = 0;
Value *MaybeMask = nullptr;
+
+ if (ClInstrumentMemIntrinsics && isa<MemIntrinsic>(I)) {
+ instrumentMemIntrinsic(cast<MemIntrinsic>(I));
+ return true;
+ }
+
Value *Addr =
isInterestingMemoryAccess(I, &IsWrite, &TypeSize, &Alignment, &MaybeMask);
-------------- next part --------------
A non-text attachment was scrubbed...
Name: D55117.176083.patch
Type: text/x-patch
Size: 3077 bytes
Desc: not available
URL: <http://lists.llvm.org/pipermail/llvm-commits/attachments/20181130/5f906b82/attachment.bin>
More information about the llvm-commits
mailing list