[llvm] [hwasan] Invalidate DominatorTreeAnalysis after each function is sanitized (PR #66935)
Thurston Dang via llvm-commits
llvm-commits at lists.llvm.org
Tue Sep 26 09:38:29 PDT 2023
https://github.com/thurstond updated https://github.com/llvm/llvm-project/pull/66935
>From f090932f2edc6f35cec9b16c3adffe53e8c14091 Mon Sep 17 00:00:00 2001
From: Thurston Dang <thurston at google.com>
Date: Wed, 20 Sep 2023 18:11:22 +0000
Subject: [PATCH 1/5] [hwasan] Invalidate DominatorTreeAnalysis after each
function is sanitized
HWAddressSanitizerPass::run sanitizes functions one by one. The sanitization of each function - which may split blocks via insertShadowTagCheck - may result in some cached analyses are invalid. This matters because sanitizeFunction(F', FAM) may indirectly call the global stack safety analysis, hence we need to make sure the analyses of F are up to date.
Bug report: https://github.com/llvm/llvm-project/issues/66934
---
.../Transforms/Instrumentation/HWAddressSanitizer.cpp | 10 +++++++++-
1 file changed, 9 insertions(+), 1 deletion(-)
diff --git a/llvm/lib/Transforms/Instrumentation/HWAddressSanitizer.cpp b/llvm/lib/Transforms/Instrumentation/HWAddressSanitizer.cpp
index 29770ece9c61eb2..1dc550ba8b54ea6 100644
--- a/llvm/lib/Transforms/Instrumentation/HWAddressSanitizer.cpp
+++ b/llvm/lib/Transforms/Instrumentation/HWAddressSanitizer.cpp
@@ -430,8 +430,16 @@ PreservedAnalyses HWAddressSanitizerPass::run(Module &M,
HWAddressSanitizer HWASan(M, Options.CompileKernel, Options.Recover, SSI);
auto &FAM = MAM.getResult<FunctionAnalysisManagerModuleProxy>(M).getManager();
- for (Function &F : M)
+ for (Function &F : M) {
HWASan.sanitizeFunction(F, FAM);
+ // After sanitizing F - which may split blocks via insertShadowTagCheck -
+ // some cached analyses are invalid. This matters because
+ // sanitizeFunction(F', FAM) may indirectly call the global stack safety
+ // analysis, hence we need to make sure the analyses of F are up to date.
+ PreservedAnalyses PA = PreservedAnalyses::all();
+ PA.abandon<DominatorTreeAnalysis>();
+ FAM.invalidate(F, PA);
+ }
PreservedAnalyses PA = PreservedAnalyses::none();
// GlobalsAA is considered stateless and does not get invalidated unless
>From 6d80d16e30b7a1c0c65a94f912cb2bd0f049536f Mon Sep 17 00:00:00 2001
From: Thurston Dang <thurston at google.com>
Date: Thu, 21 Sep 2023 19:53:18 +0000
Subject: [PATCH 2/5] [hwasan] Update DominatorTreeAnalysis and LoopAnalysis
incrementally
This patch incrementally updates the DominatorTreeAnalysis and
LoopAnalysis whenever SplitBlockAndInsertIfThen is called, which fixes
the following issue:
Suppose we have two functions, F and G. HWAddressSanitizerPass::run
will first sanitize F, which potentially makes the analyses of F out of
date. When G is then sanitized, it may call the global stack safety
analysis, which can crash if the analysis of F is stale.
Additionally, since the DominatorTreeAnalysis and LoopAnalysis are now
incrementally updated, they do not need to be abandoned at the end of
the pass.
Bug report: https://github.com/llvm/llvm-project/issues/66934
---
.../Instrumentation/HWAddressSanitizer.cpp | 80 +++++++++++--------
1 file changed, 46 insertions(+), 34 deletions(-)
diff --git a/llvm/lib/Transforms/Instrumentation/HWAddressSanitizer.cpp b/llvm/lib/Transforms/Instrumentation/HWAddressSanitizer.cpp
index 1dc550ba8b54ea6..ab7e7c23c4a5c2f 100644
--- a/llvm/lib/Transforms/Instrumentation/HWAddressSanitizer.cpp
+++ b/llvm/lib/Transforms/Instrumentation/HWAddressSanitizer.cpp
@@ -17,6 +17,7 @@
#include "llvm/ADT/SmallVector.h"
#include "llvm/ADT/StringExtras.h"
#include "llvm/ADT/StringRef.h"
+#include "llvm/Analysis/DomTreeUpdater.h"
#include "llvm/Analysis/GlobalsModRef.h"
#include "llvm/Analysis/PostDominators.h"
#include "llvm/Analysis/StackSafetyAnalysis.h"
@@ -303,17 +304,20 @@ class HWAddressSanitizer {
Value *memToShadow(Value *Shadow, IRBuilder<> &IRB);
int64_t getAccessInfo(bool IsWrite, unsigned AccessSizeIndex);
- ShadowTagCheckInfo insertShadowTagCheck(Value *Ptr,
- Instruction *InsertBefore);
+ ShadowTagCheckInfo insertShadowTagCheck(Value *Ptr, Instruction *InsertBefore,
+ DomTreeUpdater *DTU, LoopInfo *LI);
void instrumentMemAccessOutline(Value *Ptr, bool IsWrite,
unsigned AccessSizeIndex,
- Instruction *InsertBefore);
+ Instruction *InsertBefore,
+ DomTreeUpdater *DTU, LoopInfo *LI);
void instrumentMemAccessInline(Value *Ptr, bool IsWrite,
unsigned AccessSizeIndex,
- Instruction *InsertBefore);
+ Instruction *InsertBefore, DomTreeUpdater *DTU,
+ LoopInfo *LI);
bool ignoreMemIntrinsic(MemIntrinsic *MI);
void instrumentMemIntrinsic(MemIntrinsic *MI);
- bool instrumentMemAccess(InterestingMemoryOperand &O);
+ bool instrumentMemAccess(InterestingMemoryOperand &O, DomTreeUpdater *DTU,
+ LoopInfo *LI);
bool ignoreAccess(Instruction *Inst, Value *Ptr);
void getInterestingMemoryOperands(
Instruction *I, SmallVectorImpl<InterestingMemoryOperand> &Interesting);
@@ -430,18 +434,14 @@ PreservedAnalyses HWAddressSanitizerPass::run(Module &M,
HWAddressSanitizer HWASan(M, Options.CompileKernel, Options.Recover, SSI);
auto &FAM = MAM.getResult<FunctionAnalysisManagerModuleProxy>(M).getManager();
- for (Function &F : M) {
+ for (Function &F : M)
HWASan.sanitizeFunction(F, FAM);
- // After sanitizing F - which may split blocks via insertShadowTagCheck -
- // some cached analyses are invalid. This matters because
- // sanitizeFunction(F', FAM) may indirectly call the global stack safety
- // analysis, hence we need to make sure the analyses of F are up to date.
- PreservedAnalyses PA = PreservedAnalyses::all();
- PA.abandon<DominatorTreeAnalysis>();
- FAM.invalidate(F, PA);
- }
PreservedAnalyses PA = PreservedAnalyses::none();
+ // DominatorTreeAnalysis and LoopAnalysis are incrementally updated
+ // throughout this pass whenever SplitBlockAndInsertIfThen is called.
+ PA.preserve<DominatorTreeAnalysis>();
+ PA.preserve<LoopAnalysis>();
// GlobalsAA is considered stateless and does not get invalidated unless
// explicitly invalidated; PreservedAnalyses::none() is not enough. Sanitizers
// make changes that require GlobalsAA to be invalidated.
@@ -869,8 +869,8 @@ int64_t HWAddressSanitizer::getAccessInfo(bool IsWrite,
}
HWAddressSanitizer::ShadowTagCheckInfo
-HWAddressSanitizer::insertShadowTagCheck(Value *Ptr,
- Instruction *InsertBefore) {
+HWAddressSanitizer::insertShadowTagCheck(Value *Ptr, Instruction *InsertBefore,
+ DomTreeUpdater *DTU, LoopInfo *LI) {
ShadowTagCheckInfo R;
IRBuilder<> IRB(InsertBefore);
@@ -889,21 +889,24 @@ HWAddressSanitizer::insertShadowTagCheck(Value *Ptr,
TagMismatch = IRB.CreateAnd(TagMismatch, TagNotIgnored);
}
- R.TagMismatchTerm =
- SplitBlockAndInsertIfThen(TagMismatch, InsertBefore, false,
- MDBuilder(*C).createBranchWeights(1, 100000));
+ R.TagMismatchTerm = SplitBlockAndInsertIfThen(
+ TagMismatch, InsertBefore, false,
+ MDBuilder(*C).createBranchWeights(1, 100000), DTU, LI);
return R;
}
void HWAddressSanitizer::instrumentMemAccessOutline(Value *Ptr, bool IsWrite,
unsigned AccessSizeIndex,
- Instruction *InsertBefore) {
+ Instruction *InsertBefore,
+ DomTreeUpdater *DTU,
+ LoopInfo *LI) {
assert(!UsePageAliases);
const int64_t AccessInfo = getAccessInfo(IsWrite, AccessSizeIndex);
if (InlineFastPath)
- InsertBefore = insertShadowTagCheck(Ptr, InsertBefore).TagMismatchTerm;
+ InsertBefore =
+ insertShadowTagCheck(Ptr, InsertBefore, DTU, LI).TagMismatchTerm;
IRBuilder<> IRB(InsertBefore);
Module *M = IRB.GetInsertBlock()->getParent()->getParent();
@@ -917,18 +920,20 @@ void HWAddressSanitizer::instrumentMemAccessOutline(Value *Ptr, bool IsWrite,
void HWAddressSanitizer::instrumentMemAccessInline(Value *Ptr, bool IsWrite,
unsigned AccessSizeIndex,
- Instruction *InsertBefore) {
+ Instruction *InsertBefore,
+ DomTreeUpdater *DTU,
+ LoopInfo *LI) {
assert(!UsePageAliases);
const int64_t AccessInfo = getAccessInfo(IsWrite, AccessSizeIndex);
- ShadowTagCheckInfo TCI = insertShadowTagCheck(Ptr, InsertBefore);
+ ShadowTagCheckInfo TCI = insertShadowTagCheck(Ptr, InsertBefore, DTU, LI);
IRBuilder<> IRB(TCI.TagMismatchTerm);
Value *OutOfShortGranuleTagRange =
IRB.CreateICmpUGT(TCI.MemTag, ConstantInt::get(Int8Ty, 15));
Instruction *CheckFailTerm = SplitBlockAndInsertIfThen(
OutOfShortGranuleTagRange, TCI.TagMismatchTerm, !Recover,
- MDBuilder(*C).createBranchWeights(1, 100000));
+ MDBuilder(*C).createBranchWeights(1, 100000), DTU, LI);
IRB.SetInsertPoint(TCI.TagMismatchTerm);
Value *PtrLowBits = IRB.CreateTrunc(IRB.CreateAnd(TCI.PtrLong, 15), Int8Ty);
@@ -936,9 +941,8 @@ void HWAddressSanitizer::instrumentMemAccessInline(Value *Ptr, bool IsWrite,
PtrLowBits, ConstantInt::get(Int8Ty, (1 << AccessSizeIndex) - 1));
Value *PtrLowBitsOOB = IRB.CreateICmpUGE(PtrLowBits, TCI.MemTag);
SplitBlockAndInsertIfThen(PtrLowBitsOOB, TCI.TagMismatchTerm, false,
- MDBuilder(*C).createBranchWeights(1, 100000),
- (DomTreeUpdater *)nullptr, nullptr,
- CheckFailTerm->getParent());
+ MDBuilder(*C).createBranchWeights(1, 100000), DTU,
+ LI, CheckFailTerm->getParent());
IRB.SetInsertPoint(TCI.TagMismatchTerm);
Value *InlineTagAddr = IRB.CreateOr(TCI.AddrLong, 15);
@@ -946,9 +950,8 @@ void HWAddressSanitizer::instrumentMemAccessInline(Value *Ptr, bool IsWrite,
Value *InlineTag = IRB.CreateLoad(Int8Ty, InlineTagAddr);
Value *InlineTagMismatch = IRB.CreateICmpNE(TCI.PtrTag, InlineTag);
SplitBlockAndInsertIfThen(InlineTagMismatch, TCI.TagMismatchTerm, false,
- MDBuilder(*C).createBranchWeights(1, 100000),
- (DomTreeUpdater *)nullptr, nullptr,
- CheckFailTerm->getParent());
+ MDBuilder(*C).createBranchWeights(1, 100000), DTU,
+ LI, CheckFailTerm->getParent());
IRB.SetInsertPoint(CheckFailTerm);
InlineAsm *Asm;
@@ -1023,7 +1026,9 @@ void HWAddressSanitizer::instrumentMemIntrinsic(MemIntrinsic *MI) {
MI->eraseFromParent();
}
-bool HWAddressSanitizer::instrumentMemAccess(InterestingMemoryOperand &O) {
+bool HWAddressSanitizer::instrumentMemAccess(InterestingMemoryOperand &O,
+ DomTreeUpdater *DTU,
+ LoopInfo *LI) {
Value *Addr = O.getPtr();
LLVM_DEBUG(dbgs() << "Instrumenting: " << O.getInsn() << "\n");
@@ -1044,9 +1049,11 @@ bool HWAddressSanitizer::instrumentMemAccess(InterestingMemoryOperand &O) {
IRB.CreateCall(HwasanMemoryAccessCallback[O.IsWrite][AccessSizeIndex],
Args);
} else if (OutlinedChecks) {
- instrumentMemAccessOutline(Addr, O.IsWrite, AccessSizeIndex, O.getInsn());
+ instrumentMemAccessOutline(Addr, O.IsWrite, AccessSizeIndex, O.getInsn(),
+ DTU, LI);
} else {
- instrumentMemAccessInline(Addr, O.IsWrite, AccessSizeIndex, O.getInsn());
+ instrumentMemAccessInline(Addr, O.IsWrite, AccessSizeIndex, O.getInsn(),
+ DTU, LI);
}
} else {
SmallVector<Value *, 3> Args{
@@ -1550,8 +1557,13 @@ void HWAddressSanitizer::sanitizeFunction(Function &F,
}
}
+ DominatorTree &DT = FAM.getResult<DominatorTreeAnalysis>(F);
+ PostDominatorTree &PDT = FAM.getResult<PostDominatorTreeAnalysis>(F);
+ DomTreeUpdater DTU(DT, PDT, DomTreeUpdater::UpdateStrategy::Lazy);
+ LoopInfo &LI = FAM.getResult<LoopAnalysis>(F);
for (auto &Operand : OperandsToInstrument)
- instrumentMemAccess(Operand);
+ instrumentMemAccess(Operand, &DTU, &LI);
+ DTU.flush();
if (ClInstrumentMemIntrinsics && !IntrinToInstrument.empty()) {
for (auto *Inst : IntrinToInstrument)
>From 2bb24e16872e8a034a82fea4919da3c111608f57 Mon Sep 17 00:00:00 2001
From: Thurston Dang <thurston at google.com>
Date: Thu, 21 Sep 2023 21:12:12 +0000
Subject: [PATCH 3/5] [hwasan] Update DominatorTreeAnalysis and LoopAnalysis
incrementally
This patch incrementally updates the DominatorTreeAnalysis and
LoopAnalysis whenever SplitBlockAndInsertIfThen is called, which fixes
the following issue:
Suppose we have two functions, F and G. HWAddressSanitizerPass::run
will first sanitize F, which potentially makes the analyses of F out of
date. When G is then sanitized, it may call the global stack safety
analysis, which can crash if the analysis of F is stale.
Additionally, since the DominatorTreeAnalysis and LoopAnalysis are now
incrementally updated, they do not need to be abandoned at the end of
the pass.
Bug report: https://github.com/llvm/llvm-project/issues/66934
---
.../Transforms/Instrumentation/HWAddressSanitizer.cpp | 9 +++------
1 file changed, 3 insertions(+), 6 deletions(-)
diff --git a/llvm/lib/Transforms/Instrumentation/HWAddressSanitizer.cpp b/llvm/lib/Transforms/Instrumentation/HWAddressSanitizer.cpp
index ab7e7c23c4a5c2f..6a6351f1218b0bb 100644
--- a/llvm/lib/Transforms/Instrumentation/HWAddressSanitizer.cpp
+++ b/llvm/lib/Transforms/Instrumentation/HWAddressSanitizer.cpp
@@ -1535,10 +1535,10 @@ void HWAddressSanitizer::sanitizeFunction(Function &F,
Mapping.WithFrameRecord &&
!SInfo.AllocasToInstrument.empty());
+ DominatorTree &DT = FAM.getResult<DominatorTreeAnalysis>(F);
+ PostDominatorTree &PDT = FAM.getResult<PostDominatorTreeAnalysis>(F);
+ LoopInfo &LI = FAM.getResult<LoopAnalysis>(F);
if (!SInfo.AllocasToInstrument.empty()) {
- const DominatorTree &DT = FAM.getResult<DominatorTreeAnalysis>(F);
- const PostDominatorTree &PDT = FAM.getResult<PostDominatorTreeAnalysis>(F);
- const LoopInfo &LI = FAM.getResult<LoopAnalysis>(F);
Value *StackTag = getStackBaseTag(EntryIRB);
Value *UARTag = getUARTag(EntryIRB);
instrumentStack(SInfo, StackTag, UARTag, DT, PDT, LI);
@@ -1557,10 +1557,7 @@ void HWAddressSanitizer::sanitizeFunction(Function &F,
}
}
- DominatorTree &DT = FAM.getResult<DominatorTreeAnalysis>(F);
- PostDominatorTree &PDT = FAM.getResult<PostDominatorTreeAnalysis>(F);
DomTreeUpdater DTU(DT, PDT, DomTreeUpdater::UpdateStrategy::Lazy);
- LoopInfo &LI = FAM.getResult<LoopAnalysis>(F);
for (auto &Operand : OperandsToInstrument)
instrumentMemAccess(Operand, &DTU, &LI);
DTU.flush();
>From 64fbc34a379a46a9b00d27584e6f039aeb987a6a Mon Sep 17 00:00:00 2001
From: Thurston Dang <thurston at google.com>
Date: Thu, 21 Sep 2023 21:29:42 +0000
Subject: [PATCH 4/5] [hwasan] Update (Post-)DominatorTreeAnalysis and
LoopAnalysis incrementally
This patch incrementally updates the DominatorTreeAnalysis,
PostDominatorTreeAnalysis and LoopAnalysis whenever
SplitBlockAndInsertIfThen is called, which fixes the following issue:
Suppose we have two functions, F and G. HWAddressSanitizerPass::run
will first sanitize F, which potentially makes the analyses of F out of
date. When G is then sanitized, it may call the global stack safety
analysis, which can crash if the analysis of F is stale.
Additionally, since the DominatorTreeAnalysis, PostDominatorTreeAnalysis
and LoopAnalysis are now incrementally updated, they do not need to be
abandoned at the end of the pass.
Bug report: https://github.com/llvm/llvm-project/issues/66934
---
llvm/lib/Transforms/Instrumentation/HWAddressSanitizer.cpp | 6 ++++--
1 file changed, 4 insertions(+), 2 deletions(-)
diff --git a/llvm/lib/Transforms/Instrumentation/HWAddressSanitizer.cpp b/llvm/lib/Transforms/Instrumentation/HWAddressSanitizer.cpp
index 6a6351f1218b0bb..060a68396c13d0e 100644
--- a/llvm/lib/Transforms/Instrumentation/HWAddressSanitizer.cpp
+++ b/llvm/lib/Transforms/Instrumentation/HWAddressSanitizer.cpp
@@ -438,9 +438,11 @@ PreservedAnalyses HWAddressSanitizerPass::run(Module &M,
HWASan.sanitizeFunction(F, FAM);
PreservedAnalyses PA = PreservedAnalyses::none();
- // DominatorTreeAnalysis and LoopAnalysis are incrementally updated
- // throughout this pass whenever SplitBlockAndInsertIfThen is called.
+ // DominatorTreeAnalysis, PostDominatorTreeAnalysis, and LoopAnalysis
+ // are incrementally updated throughout this pass whenever
+ // SplitBlockAndInsertIfThen is called.
PA.preserve<DominatorTreeAnalysis>();
+ PA.preserve<PostDominatorTreeAnalysis>();
PA.preserve<LoopAnalysis>();
// GlobalsAA is considered stateless and does not get invalidated unless
// explicitly invalidated; PreservedAnalyses::none() is not enough. Sanitizers
>From bc5e1e289cecd64cc44db8c3d4a8dfcf8fc93087 Mon Sep 17 00:00:00 2001
From: Thurston Dang <thurston at google.com>
Date: Tue, 26 Sep 2023 16:37:16 +0000
Subject: [PATCH 5/5] [hwasan] Update (Post-)DominatorTreeAnalysis and
LoopAnalysis incrementally
This patch incrementally updates the DominatorTreeAnalysis,
PostDominatorTreeAnalysis and LoopAnalysis whenever
SplitBlockAndInsertIfThen is called, which fixes the following issue:
Suppose we have two functions, F and G. HWAddressSanitizerPass::run
will first sanitize F, which potentially makes the analyses of F out of
date. When G is then sanitized, it may call the global stack safety
analysis, which can crash if the analysis of F is stale.
Additionally, since the DominatorTreeAnalysis, PostDominatorTreeAnalysis
and LoopAnalysis are now incrementally updated, they do not need to be
abandoned at the end of the pass.
Bug report: https://github.com/llvm/llvm-project/issues/66934
---
.../Instrumentation/HWAddressSanitizer.cpp | 49 ++++++++++---------
1 file changed, 26 insertions(+), 23 deletions(-)
diff --git a/llvm/lib/Transforms/Instrumentation/HWAddressSanitizer.cpp b/llvm/lib/Transforms/Instrumentation/HWAddressSanitizer.cpp
index 060a68396c13d0e..472b3ac396bded3 100644
--- a/llvm/lib/Transforms/Instrumentation/HWAddressSanitizer.cpp
+++ b/llvm/lib/Transforms/Instrumentation/HWAddressSanitizer.cpp
@@ -305,19 +305,19 @@ class HWAddressSanitizer {
int64_t getAccessInfo(bool IsWrite, unsigned AccessSizeIndex);
ShadowTagCheckInfo insertShadowTagCheck(Value *Ptr, Instruction *InsertBefore,
- DomTreeUpdater *DTU, LoopInfo *LI);
+ DomTreeUpdater &DTU, LoopInfo &LI);
void instrumentMemAccessOutline(Value *Ptr, bool IsWrite,
unsigned AccessSizeIndex,
Instruction *InsertBefore,
- DomTreeUpdater *DTU, LoopInfo *LI);
+ DomTreeUpdater &DTU, LoopInfo &LI);
void instrumentMemAccessInline(Value *Ptr, bool IsWrite,
unsigned AccessSizeIndex,
- Instruction *InsertBefore, DomTreeUpdater *DTU,
- LoopInfo *LI);
+ Instruction *InsertBefore, DomTreeUpdater &DTU,
+ LoopInfo &LI);
bool ignoreMemIntrinsic(MemIntrinsic *MI);
void instrumentMemIntrinsic(MemIntrinsic *MI);
- bool instrumentMemAccess(InterestingMemoryOperand &O, DomTreeUpdater *DTU,
- LoopInfo *LI);
+ bool instrumentMemAccess(InterestingMemoryOperand &O, DomTreeUpdater &DTU,
+ LoopInfo &LI);
bool ignoreAccess(Instruction *Inst, Value *Ptr);
void getInterestingMemoryOperands(
Instruction *I, SmallVectorImpl<InterestingMemoryOperand> &Interesting);
@@ -872,7 +872,7 @@ int64_t HWAddressSanitizer::getAccessInfo(bool IsWrite,
HWAddressSanitizer::ShadowTagCheckInfo
HWAddressSanitizer::insertShadowTagCheck(Value *Ptr, Instruction *InsertBefore,
- DomTreeUpdater *DTU, LoopInfo *LI) {
+ DomTreeUpdater &DTU, LoopInfo &LI) {
ShadowTagCheckInfo R;
IRBuilder<> IRB(InsertBefore);
@@ -893,7 +893,7 @@ HWAddressSanitizer::insertShadowTagCheck(Value *Ptr, Instruction *InsertBefore,
R.TagMismatchTerm = SplitBlockAndInsertIfThen(
TagMismatch, InsertBefore, false,
- MDBuilder(*C).createBranchWeights(1, 100000), DTU, LI);
+ MDBuilder(*C).createBranchWeights(1, 100000), &DTU, &LI);
return R;
}
@@ -901,8 +901,8 @@ HWAddressSanitizer::insertShadowTagCheck(Value *Ptr, Instruction *InsertBefore,
void HWAddressSanitizer::instrumentMemAccessOutline(Value *Ptr, bool IsWrite,
unsigned AccessSizeIndex,
Instruction *InsertBefore,
- DomTreeUpdater *DTU,
- LoopInfo *LI) {
+ DomTreeUpdater &DTU,
+ LoopInfo &LI) {
assert(!UsePageAliases);
const int64_t AccessInfo = getAccessInfo(IsWrite, AccessSizeIndex);
@@ -923,8 +923,8 @@ void HWAddressSanitizer::instrumentMemAccessOutline(Value *Ptr, bool IsWrite,
void HWAddressSanitizer::instrumentMemAccessInline(Value *Ptr, bool IsWrite,
unsigned AccessSizeIndex,
Instruction *InsertBefore,
- DomTreeUpdater *DTU,
- LoopInfo *LI) {
+ DomTreeUpdater &DTU,
+ LoopInfo &LI) {
assert(!UsePageAliases);
const int64_t AccessInfo = getAccessInfo(IsWrite, AccessSizeIndex);
@@ -935,7 +935,7 @@ void HWAddressSanitizer::instrumentMemAccessInline(Value *Ptr, bool IsWrite,
IRB.CreateICmpUGT(TCI.MemTag, ConstantInt::get(Int8Ty, 15));
Instruction *CheckFailTerm = SplitBlockAndInsertIfThen(
OutOfShortGranuleTagRange, TCI.TagMismatchTerm, !Recover,
- MDBuilder(*C).createBranchWeights(1, 100000), DTU, LI);
+ MDBuilder(*C).createBranchWeights(1, 100000), &DTU, &LI);
IRB.SetInsertPoint(TCI.TagMismatchTerm);
Value *PtrLowBits = IRB.CreateTrunc(IRB.CreateAnd(TCI.PtrLong, 15), Int8Ty);
@@ -943,8 +943,8 @@ void HWAddressSanitizer::instrumentMemAccessInline(Value *Ptr, bool IsWrite,
PtrLowBits, ConstantInt::get(Int8Ty, (1 << AccessSizeIndex) - 1));
Value *PtrLowBitsOOB = IRB.CreateICmpUGE(PtrLowBits, TCI.MemTag);
SplitBlockAndInsertIfThen(PtrLowBitsOOB, TCI.TagMismatchTerm, false,
- MDBuilder(*C).createBranchWeights(1, 100000), DTU,
- LI, CheckFailTerm->getParent());
+ MDBuilder(*C).createBranchWeights(1, 100000), &DTU,
+ &LI, CheckFailTerm->getParent());
IRB.SetInsertPoint(TCI.TagMismatchTerm);
Value *InlineTagAddr = IRB.CreateOr(TCI.AddrLong, 15);
@@ -952,8 +952,8 @@ void HWAddressSanitizer::instrumentMemAccessInline(Value *Ptr, bool IsWrite,
Value *InlineTag = IRB.CreateLoad(Int8Ty, InlineTagAddr);
Value *InlineTagMismatch = IRB.CreateICmpNE(TCI.PtrTag, InlineTag);
SplitBlockAndInsertIfThen(InlineTagMismatch, TCI.TagMismatchTerm, false,
- MDBuilder(*C).createBranchWeights(1, 100000), DTU,
- LI, CheckFailTerm->getParent());
+ MDBuilder(*C).createBranchWeights(1, 100000), &DTU,
+ &LI, CheckFailTerm->getParent());
IRB.SetInsertPoint(CheckFailTerm);
InlineAsm *Asm;
@@ -1029,8 +1029,8 @@ void HWAddressSanitizer::instrumentMemIntrinsic(MemIntrinsic *MI) {
}
bool HWAddressSanitizer::instrumentMemAccess(InterestingMemoryOperand &O,
- DomTreeUpdater *DTU,
- LoopInfo *LI) {
+ DomTreeUpdater &DTU,
+ LoopInfo &LI) {
Value *Addr = O.getPtr();
LLVM_DEBUG(dbgs() << "Instrumenting: " << O.getInsn() << "\n");
@@ -1537,10 +1537,10 @@ void HWAddressSanitizer::sanitizeFunction(Function &F,
Mapping.WithFrameRecord &&
!SInfo.AllocasToInstrument.empty());
- DominatorTree &DT = FAM.getResult<DominatorTreeAnalysis>(F);
- PostDominatorTree &PDT = FAM.getResult<PostDominatorTreeAnalysis>(F);
- LoopInfo &LI = FAM.getResult<LoopAnalysis>(F);
if (!SInfo.AllocasToInstrument.empty()) {
+ const DominatorTree &DT = FAM.getResult<DominatorTreeAnalysis>(F);
+ const PostDominatorTree &PDT = FAM.getResult<PostDominatorTreeAnalysis>(F);
+ const LoopInfo &LI = FAM.getResult<LoopAnalysis>(F);
Value *StackTag = getStackBaseTag(EntryIRB);
Value *UARTag = getUARTag(EntryIRB);
instrumentStack(SInfo, StackTag, UARTag, DT, PDT, LI);
@@ -1559,9 +1559,12 @@ void HWAddressSanitizer::sanitizeFunction(Function &F,
}
}
+ DominatorTree *DT = FAM.getCachedResult<DominatorTreeAnalysis>(F);
+ PostDominatorTree *PDT = FAM.getCachedResult<PostDominatorTreeAnalysis>(F);
+ LoopInfo *LI = FAM.getCachedResult<LoopAnalysis>(F);
DomTreeUpdater DTU(DT, PDT, DomTreeUpdater::UpdateStrategy::Lazy);
for (auto &Operand : OperandsToInstrument)
- instrumentMemAccess(Operand, &DTU, &LI);
+ instrumentMemAccess(Operand, DTU, *LI);
DTU.flush();
if (ClInstrumentMemIntrinsics && !IntrinToInstrument.empty()) {
More information about the llvm-commits
mailing list