[PATCH] D77619: [AddressSanitizer] Instrument byval call arguments

Jann Horn via Phabricator via llvm-commits llvm-commits at lists.llvm.org
Mon Apr 27 00:29:28 PDT 2020


thejh updated this revision to Diff 260224.
thejh added a comment.

resend patch to trigger new build


Repository:
  rG LLVM Github Monorepo

CHANGES SINCE LAST ACTION
  https://reviews.llvm.org/D77619/new/

https://reviews.llvm.org/D77619

Files:
  llvm/lib/Transforms/Instrumentation/AddressSanitizer.cpp
  llvm/lib/Transforms/Instrumentation/HWAddressSanitizer.cpp
  llvm/test/Instrumentation/AddressSanitizer/byval-args.ll


Index: llvm/test/Instrumentation/AddressSanitizer/byval-args.ll
===================================================================
--- /dev/null
+++ llvm/test/Instrumentation/AddressSanitizer/byval-args.ll
@@ -0,0 +1,18 @@
+; RUN: opt < %s -asan -S | FileCheck %s
+; Test that for call instructions, the by-value arguments are instrumented.
+
+target datalayout = "e-m:e-p270:32:32-p271:32:32-p272:64:64-i64:64-f80:128-n8:16:32:64-S128"
+target triple = "x86_64-unknown-linux-gnu"
+
+%struct.bar = type { %struct.foo }
+%struct.foo = type { i8*, i8*, i8* }
+define dso_local void @func2(%struct.foo* %foo) sanitize_address {
+; CHECK-LABEL: @func2
+  tail call void @func1(%struct.foo* byval(%struct.foo) align 8 %foo) #2
+; CHECK: call void @__asan_report_load
+  ret void
+; CHECK: ret void
+}
+declare dso_local void @func1(%struct.foo* byval(%struct.foo) align 8)
+
+!0 = !{i32 1, !"wchar_size", i32 4}
Index: llvm/lib/Transforms/Instrumentation/HWAddressSanitizer.cpp
===================================================================
--- llvm/lib/Transforms/Instrumentation/HWAddressSanitizer.cpp
+++ llvm/lib/Transforms/Instrumentation/HWAddressSanitizer.cpp
@@ -97,6 +97,10 @@
     cl::desc("instrument atomic instructions (rmw, cmpxchg)"), cl::Hidden,
     cl::init(true));
 
+static cl::opt<bool> ClInstrumentByval("hwasan-instrument-byval",
+                                       cl::desc("instrument byval arguments"),
+                                       cl::Hidden, cl::init(true));
+
 static cl::opt<bool> ClRecover(
     "hwasan-recover",
     cl::desc("Enable recovery mode (continue-after-error)."),
@@ -549,6 +553,14 @@
       return;
     Interesting.emplace_back(I, XCHG->getPointerOperandIndex(), true,
                              XCHG->getCompareOperand()->getType(), 0);
+  } else if (auto CI = dyn_cast<CallInst>(I)) {
+    for (unsigned ArgNo = 0; ArgNo < CI->getNumArgOperands(); ArgNo++) {
+      if (!ClInstrumentByval || !CI->isByValArgument(ArgNo) ||
+          ignoreAccess(CI->getArgOperand(ArgNo)))
+        continue;
+      Type *Ty = CI->getParamByValType(ArgNo);
+      Interesting.emplace_back(I, ArgNo, false, Ty, 1);
+    }
   }
 }
 
Index: llvm/lib/Transforms/Instrumentation/AddressSanitizer.cpp
===================================================================
--- llvm/lib/Transforms/Instrumentation/AddressSanitizer.cpp
+++ llvm/lib/Transforms/Instrumentation/AddressSanitizer.cpp
@@ -213,6 +213,11 @@
     cl::desc("instrument atomic instructions (rmw, cmpxchg)"), cl::Hidden,
     cl::init(true));
 
+static cl::opt<bool>
+    ClInstrumentByval("asan-instrument-byval",
+                      cl::desc("instrument byval call arguments"), cl::Hidden,
+                      cl::init(true));
+
 static cl::opt<bool> ClAlwaysSlowPath(
     "asan-always-slow-path",
     cl::desc("use instrumentation with slow path for all accesses"), cl::Hidden,
@@ -1414,6 +1419,14 @@
         Alignment = (unsigned)AlignmentConstant->getZExtValue();
       Value *Mask = CI->getOperand(2 + OpOffset);
       Interesting.emplace_back(I, OpOffset, IsWrite, Ty, Alignment, Mask);
+    } else {
+      for (unsigned ArgNo = 0; ArgNo < CI->getNumArgOperands(); ArgNo++) {
+        if (!ClInstrumentByval || !CI->isByValArgument(ArgNo) ||
+            ignoreAccess(CI->getArgOperand(ArgNo)))
+          continue;
+        Type *Ty = CI->getParamByValType(ArgNo);
+        Interesting.emplace_back(I, ArgNo, false, Ty, 1);
+      }
     }
   }
 }


-------------- next part --------------
A non-text attachment was scrubbed...
Name: D77619.260224.patch
Type: text/x-patch
Size: 3480 bytes
Desc: not available
URL: <http://lists.llvm.org/pipermail/llvm-commits/attachments/20200427/09e6271f/attachment.bin>


More information about the llvm-commits mailing list