[llvm] 1067f21 - [sancov] Don't instrument calls to bitcast funcs: they're not indirect.
Ahmed Bougacha via llvm-commits
llvm-commits at lists.llvm.org
Mon Mar 7 12:44:04 PST 2022
Author: Ahmed Bougacha
Date: 2022-03-07T12:43:37-08:00
New Revision: 1067f2177aa69dca0b9ffef57f5017c28cf9aed3
URL: https://github.com/llvm/llvm-project/commit/1067f2177aa69dca0b9ffef57f5017c28cf9aed3
DIFF: https://github.com/llvm/llvm-project/commit/1067f2177aa69dca0b9ffef57f5017c28cf9aed3.diff
LOG: [sancov] Don't instrument calls to bitcast funcs: they're not indirect.
Currently, when instrumenting indirect calls, this uses
CallBase::getCalledFunction to determine whether a given callsite is
eligible.
However, that returns null if:
this is an indirect function invocation or the function signature
does not match the call signature.
So, we end up instrumenting direct calls where the callee is a bitcast
ConstantExpr, even though we presumably don't need to.
Use isIndirectCall to ignore those funky direct calls.
Differential Revision: https://reviews.llvm.org/D119594
Added:
Modified:
llvm/lib/Transforms/Instrumentation/SanitizerCoverage.cpp
llvm/test/Instrumentation/SanitizerCoverage/trace-pc-guard.ll
Removed:
################################################################################
diff --git a/llvm/lib/Transforms/Instrumentation/SanitizerCoverage.cpp b/llvm/lib/Transforms/Instrumentation/SanitizerCoverage.cpp
index d5e52a9549fdd..18d79069b391e 100644
--- a/llvm/lib/Transforms/Instrumentation/SanitizerCoverage.cpp
+++ b/llvm/lib/Transforms/Instrumentation/SanitizerCoverage.cpp
@@ -695,7 +695,7 @@ void ModuleSanitizerCoverage::instrumentFunction(
for (auto &Inst : BB) {
if (Options.IndirectCalls) {
CallBase *CB = dyn_cast<CallBase>(&Inst);
- if (CB && !CB->getCalledFunction())
+ if (CB && CB->isIndirectCall())
IndirCalls.push_back(&Inst);
}
if (Options.TraceCmp) {
diff --git a/llvm/test/Instrumentation/SanitizerCoverage/trace-pc-guard.ll b/llvm/test/Instrumentation/SanitizerCoverage/trace-pc-guard.ll
index 307e285b0b4df..b36b8c785a821 100644
--- a/llvm/test/Instrumentation/SanitizerCoverage/trace-pc-guard.ll
+++ b/llvm/test/Instrumentation/SanitizerCoverage/trace-pc-guard.ll
@@ -6,22 +6,26 @@
; COMDAT: $foo = comdat nodeduplicate
; COMDAT: $CallViaVptr = comdat nodeduplicate
+; COMDAT: $DirectBitcastCall = comdat nodeduplicate
; ELF: @__sancov_gen_ = private global [3 x i32] zeroinitializer, section "__sancov_guards", comdat($foo), align 4{{$}}
; ELF-NEXT: @__sancov_gen_.1 = private global [1 x i32] zeroinitializer, section "__sancov_guards", comdat($CallViaVptr), align 4{{$}}
+; ELF-NEXT: @__sancov_gen_.2 = private global [1 x i32] zeroinitializer, section "__sancov_guards", comdat($DirectBitcastCall), align 4{{$}}
; MACHO: @__sancov_gen_ = private global [3 x i32] zeroinitializer, section "__DATA,__sancov_guards", align 4{{$}}
; MACHO-NEXT: @__sancov_gen_.1 = private global [1 x i32] zeroinitializer, section "__DATA,__sancov_guards", align 4{{$}}
+; MACHO-NEXT: @__sancov_gen_.2 = private global [1 x i32] zeroinitializer, section "__DATA,__sancov_guards", align 4{{$}}
; WIN: @__sancov_gen_ = private global [3 x i32] zeroinitializer, section ".SCOV$GM", comdat($foo), align 4{{$}}
; WIN-NEXT: @__sancov_gen_.1 = private global [1 x i32] zeroinitializer, section ".SCOV$GM", comdat($CallViaVptr), align 4{{$}}
+; WIN-NEXT: @__sancov_gen_.2 = private global [1 x i32] zeroinitializer, section ".SCOV$GM", comdat($DirectBitcastCall), align 4{{$}}
; ELF: @llvm.used = appending global [1 x i8*] [i8* bitcast (void ()* @sancov.module_ctor_trace_pc_guard to i8*)]
-; ELF: @llvm.compiler.used = appending global [2 x i8*] [i8* bitcast ([3 x i32]* @__sancov_gen_ to i8*), i8* bitcast ([1 x i32]* @__sancov_gen_.1 to i8*)], section "llvm.metadata"
-; MACHO: @llvm.used = appending global [3 x i8*] [i8* bitcast (void ()* @sancov.module_ctor_trace_pc_guard to i8*), i8* bitcast ([3 x i32]* @__sancov_gen_ to i8*), i8* bitcast ([1 x i32]* @__sancov_gen_.1 to i8*)]
+; ELF: @llvm.compiler.used = appending global [3 x i8*] [i8* bitcast ([3 x i32]* @__sancov_gen_ to i8*), i8* bitcast ([1 x i32]* @__sancov_gen_.1 to i8*), i8* bitcast ([1 x i32]* @__sancov_gen_.2 to i8*)], section "llvm.metadata"
+; MACHO: @llvm.used = appending global [4 x i8*] [i8* bitcast (void ()* @sancov.module_ctor_trace_pc_guard to i8*), i8* bitcast ([3 x i32]* @__sancov_gen_ to i8*), i8* bitcast ([1 x i32]* @__sancov_gen_.1 to i8*), i8* bitcast ([1 x i32]* @__sancov_gen_.2 to i8*)]
; MACHO-NOT: @llvm.compiler.used =
; WIN: @llvm.used = appending global [1 x i8*] [i8* bitcast (void ()* @sancov.module_ctor_trace_pc_guard to i8*)], section "llvm.metadata"
-; WIN-NEXT: @llvm.compiler.used = appending global [2 x i8*] [i8* bitcast ([3 x i32]* @__sancov_gen_ to i8*), i8* bitcast ([1 x i32]* @__sancov_gen_.1 to i8*)], section "llvm.metadata"
+; WIN-NEXT: @llvm.compiler.used = appending global [3 x i8*] [i8* bitcast ([3 x i32]* @__sancov_gen_ to i8*), i8* bitcast ([1 x i32]* @__sancov_gen_.1 to i8*), i8* bitcast ([1 x i32]* @__sancov_gen_.2 to i8*)], section "llvm.metadata"
; CHECK-LABEL: define void @foo
; CHECK: call void @__sanitizer_cov_trace_pc
@@ -58,6 +62,18 @@ entry:
ret void
}
+; CHECK-LABEL: define void @DirectBitcastCall
+; CHECK-NEXT: call void @__sanitizer_cov_trace_pc_guard
+; CHECK-NEXT: call void bitcast (i32 ()* @direct_callee to void ()*)()
+; CHECK-NEXT: ret void
+
+declare i32 @direct_callee()
+
+define void @DirectBitcastCall() sanitize_address {
+ call void bitcast (i32 ()* @direct_callee to void ()*)()
+ ret void
+}
+
; ELF-LABEL: define internal void @sancov.module_ctor_trace_pc_guard() #2 comdat {
; MACHO-LABEL: define internal void @sancov.module_ctor_trace_pc_guard() #2 {
More information about the llvm-commits
mailing list