[PATCH] D114870: [MemoryLocation] Support memset_chk in getForArgument.

Florian Hahn via Phabricator via llvm-commits llvm-commits at lists.llvm.org
Wed Dec 1 06:17:52 PST 2021 

fhahn created this revision.
fhahn added reviewers: ab, xbolva00, efriedma, jdoerfert.
Herald added a subscriber: hiraditya.
fhahn requested review of this revision.
Herald added a project: LLVM.

The size argument for memset_chk is an upper bound for the size of the
pointer argument. memset_chk may write less than the specified length,
if it exceeds the specified max size and aborts.


Repository:
  rG LLVM Github Monorepo

https://reviews.llvm.org/D114870

Files:
  llvm/lib/Analysis/MemoryLocation.cpp
  llvm/test/Analysis/BasicAA/libfuncs.ll


Index: llvm/test/Analysis/BasicAA/libfuncs.ll
===================================================================
--- llvm/test/Analysis/BasicAA/libfuncs.ll
+++ llvm/test/Analysis/BasicAA/libfuncs.ll
@@ -183,7 +183,7 @@
 ; CHECK:       Just Mod (MustAlias):  Ptr: i8* %a	<->  %res = tail call i8* @__memset_chk(i8* %a, i32 0, i64 4, i64 %n)
 ; CHECK-NEXT:  Just Mod:  Ptr: i8* %res	<->  %res = tail call i8* @__memset_chk(i8* %a, i32 0, i64 4, i64 %n)
 ; CHECK-NEXT:  Just Mod:  Ptr: i8* %a.gep.1	<->  %res = tail call i8* @__memset_chk(i8* %a, i32 0, i64 4, i64 %n)
-; CHECK-NEXT:  Just Mod:  Ptr: i8* %a.gep.5	<->  %res = tail call i8* @__memset_chk(i8* %a, i32 0, i64 4, i64 %n)
+; CHECK-NEXT:  NoModRef:  Ptr: i8* %a.gep.5	<->  %res = tail call i8* @__memset_chk(i8* %a, i32 0, i64 4, i64 %n)
 ;
 entry:
   %res = tail call i8* @__memset_chk(i8* %a, i32 0, i64 4, i64 %n)
Index: llvm/lib/Analysis/MemoryLocation.cpp
===================================================================
--- llvm/lib/Analysis/MemoryLocation.cpp
+++ llvm/lib/Analysis/MemoryLocation.cpp
@@ -213,6 +213,16 @@
   LibFunc F;
   if (TLI && TLI->getLibFunc(*Call, F) && TLI->has(F)) {
     switch (F) {
+    case LibFunc_memset_chk: {
+      assert(ArgIdx == 0 && "Invalid argument index for memset_chk");
+      LocationSize Size = LocationSize::afterPointer();
+      if (const auto *Len = dyn_cast<ConstantInt>(Call->getArgOperand(2))) {
+        // memset_chk writes at most Len bytes. It may write less, if it exceed
+        // the specified max size and aborts.
+        Size = LocationSize::upperBound(Len->getZExtValue());
+      }
+      return MemoryLocation(Arg, Size, AATags);
+    }
     case LibFunc_memset_pattern16:
       assert((ArgIdx == 0 || ArgIdx == 1) &&
              "Invalid argument index for memset_pattern16");


-------------- next part --------------
A non-text attachment was scrubbed...
Name: D114870.391000.patch
Type: text/x-patch
Size: 1819 bytes
Desc: not available
URL: <http://lists.llvm.org/pipermail/llvm-commits/attachments/20211201/f637da2d/attachment.bin>

More information about the llvm-commits mailing list