This is an archive of the discontinued LLVM Phabricator instance.

Differential D16174

Introduce sanstats tool and llvm::CreateSanitizerStatReport function.
ClosedPublic

Authored by pcc on Jan 13 2016, 8:12 PM.

Details

Reviewers
kcc
krasin
eugenis
Commits
rGf0f5e870831f: Introduce sanstats tool and llvm::CreateSanitizerStatReport function.
rL257970: Introduce sanstats tool and llvm::CreateSanitizerStatReport function.
Summary

This is part of a new statistics gathering feature for the sanitizers.
See clang/docs/SanitizerStats.rst for further info and docs.

Diff Detail

Event Timeline

pcc updated this revision to Diff 44829.Jan 13 2016, 8:12 PM
pcc retitled this revision from to Introduce sanstats tool and llvm::CreateSanitizerStatReport function..
pcc updated this object.
pcc added reviewers: kcc, eugenis.
pcc added a subscriber: llvm-commits.
pcc added a reviewer: krasin.Jan 14 2016, 10:45 AM
krasin1 added a subscriber: krasin1.Jan 14 2016, 11:12 AM
krasin1 added inline comments.
lib/Transforms/Utils/SanitizerStats.cpp
54

Is that a correct error handling for the unknown format? Should we warn the user? May be even fail hard?

tools/sanstats/sanstats.cpp
42

This expression is hard to read. For example, I had to think thrice, if it increments Begin or the value that Begin points to.

Please, split it into a few lines, like:

while (Begin < End && Pos != Size) {

Result |= uint64_t(uint8_t(*Begin)) << (Pos * 8);
Begin++;
Pos++;

}

Also, if that's a hot function, I would recommend to consider a faster implementation that will read the required number of bytes at once, and then swap the bytes with one of the standard helper functions. If this function is rarely called, feel free to leave it as is (modulo my comment above)

48

isn't a reimplementation of strnlen?

66

At this point Begin could be greater than End. May be check in the previous line?
Alternatively, make ReadLE to accept a pointer to Begin and let it to update it.

127

I highly suggest to check Begin < End and optionally check that Begin == End after the loop.

Otherwise, it's not hard to imaging that a tiny mistake somewhere would just Begin slightly past End and then we'll have to read after the end of the buffer until SEGFAULT stops this heroic attempt to overflow uintptr.

pcc updated this revision to Diff 44919.Jan 14 2016, 1:14 PM
pcc marked an inline comment as done.
  • Address review comments
lib/Transforms/Utils/SanitizerStats.cpp
54

It would probably be appropriate to call report_fatal_error here.

tools/sanstats/sanstats.cpp
48

Yes, but strnlen is not part of the C standard, and I think it's clearer to be explicit.

66

At this point Begin could be greater than End. May be check in the previous line?

We defend against this in ReadLE.

Alternatively, make ReadLE to accept a pointer to Begin and let it to update it.

I considered this, but it's harder to distinguish between short reads and EOF this way.

127

I added an assertion that should catch this.

krasin accepted this revision.Jan 14 2016, 1:22 PM
krasin edited edge metadata.

LGTM

This revision is now accepted and ready to land.Jan 14 2016, 1:22 PM
pcc updated this revision to Diff 44935.Jan 14 2016, 3:32 PM
pcc edited edge metadata.
  • Switch to an alternative in-memory representation that avoids the need for linker magic
eugenis accepted this revision.Jan 15 2016, 2:01 PM
eugenis edited edge metadata.
Closed by commit rL257970: Introduce sanstats tool and llvm::CreateSanitizerStatReport function. (authored by pcc). · Explain WhyJan 15 2016, 4:35 PM
This revision was automatically updated to reflect the committed changes.

Revision Contents

PathSize
include/
llvm/
Transforms/
Utils/
39 lines
lib/
Transforms/
Utils/
1 line
63 lines
test/
1 line
1 line
tools/
sanstats/
208 lines
tools/
2 lines
sanstats/
8 lines
17 lines
134 lines

Diff 44829

include/llvm/Transforms/Utils/SanitizerStats.h

  • This file was added.
//===- SanitizerStats.h - Sanitizer statistics gathering -------*- C++ -*-===//
//
// The LLVM Compiler Infrastructure
//
// This file is distributed under the University of Illinois Open Source
// License. See LICENSE.TXT for details.
//
//===----------------------------------------------------------------------===//
//
// Declares functions and data structures for sanitizer statistics gathering.
//
//===----------------------------------------------------------------------===//
#ifndef LLVM_TRANSFORMS_UTILS_SANITIZERSTATS_H
#define LLVM_TRANSFORMS_UTILS_SANITIZERSTATS_H
#include "llvm/IR/IRBuilder.h"
namespace llvm {
// Number of bits in data that are used for the sanitizer kind. Needs to match
// __sanitizer::kKindBits in compiler-rt/lib/stats/stats.h
enum { kSanitizerStatKindBits = 3 };
enum SanitizerStatKind {
SanStat_CFI_VCall,
SanStat_CFI_NVCall,
SanStat_CFI_DerivedCast,
SanStat_CFI_UnrelatedCast,
SanStat_CFI_ICall,
};
/// Generates code into B that increments a location-specific counter tagged
/// with the given sanitizer kind SK.
void CreateSanitizerStatReport(IRBuilder<> &B, SanitizerStatKind SK);
}
#endif

lib/Transforms/Utils/CMakeLists.txt

Show All 24 Linesadd_llvm_library(LLVMTransformUtils
LoopVersioning.cpp LoopVersioning.cpp
LowerInvoke.cpp LowerInvoke.cpp
LowerSwitch.cpp LowerSwitch.cpp
Mem2Reg.cpp Mem2Reg.cpp
MetaRenamer.cpp MetaRenamer.cpp
ModuleUtils.cpp ModuleUtils.cpp
PromoteMemoryToRegister.cpp PromoteMemoryToRegister.cpp
SSAUpdater.cpp SSAUpdater.cpp
SanitizerStats.cpp
SimplifyCFG.cpp SimplifyCFG.cpp
SimplifyIndVar.cpp SimplifyIndVar.cpp
SimplifyInstructions.cpp SimplifyInstructions.cpp
SimplifyLibCalls.cpp SimplifyLibCalls.cpp
SplitModule.cpp SplitModule.cpp
SymbolRewriter.cpp SymbolRewriter.cpp
UnifyFunctionExitNodes.cpp UnifyFunctionExitNodes.cpp
Utils.cpp Utils.cpp
ValueMapper.cpp ValueMapper.cpp
ADDITIONAL_HEADER_DIRS ADDITIONAL_HEADER_DIRS
${LLVM_MAIN_INCLUDE_DIR}/llvm/Transforms ${LLVM_MAIN_INCLUDE_DIR}/llvm/Transforms
${LLVM_MAIN_INCLUDE_DIR}/llvm/Transforms/Utils ${LLVM_MAIN_INCLUDE_DIR}/llvm/Transforms/Utils
) )
add_dependencies(LLVMTransformUtils intrinsics_gen) add_dependencies(LLVMTransformUtils intrinsics_gen)

lib/Transforms/Utils/SanitizerStats.cpp

  • This file was added.
//===- SanitizerStats.cpp - Sanitizer statistics gathering ----------------===//
//
// The LLVM Compiler Infrastructure
//
// This file is distributed under the University of Illinois Open Source
// License. See LICENSE.TXT for details.
//
//===----------------------------------------------------------------------===//
//
// Implements code generation for sanitizer statistics gathering.
//
//===----------------------------------------------------------------------===//
#include "llvm/Transforms/Utils/SanitizerStats.h"
#include "llvm/ADT/Triple.h"
#include "llvm/IR/Constants.h"
#include "llvm/IR/DerivedTypes.h"
#include "llvm/IR/GlobalVariable.h"
#include "llvm/IR/IRBuilder.h"
#include "llvm/IR/Module.h"
using namespace llvm;
void llvm::CreateSanitizerStatReport(IRBuilder<> &B, SanitizerStatKind SK) {
Function *F = B.GetInsertBlock()->getParent();
Module *M = F->getParent();
PointerType *Int8PtrTy = B.getInt8PtrTy();
IntegerType *IntPtrTy = B.getIntPtrTy(M->getDataLayout());
ArrayType *StatsTy = ArrayType::get(Int8PtrTy, 2);
auto GV = new GlobalVariable(
*M, StatsTy, false, GlobalValue::PrivateLinkage,
ConstantArray::get(
StatsTy, {Constant::getNullValue(Int8PtrTy),
ConstantExpr::getIntToPtr(
ConstantInt::get(
IntPtrTy, uint64_t(SK) << (IntPtrTy->getBitWidth() -
kSanitizerStatKindBits)),
Int8PtrTy)}));
GV->setComdat(F->getComdat());
// See compiler-rt/lib/stats/stats_client.cc for the rationale behind each
// section name.
switch (Triple(M->getTargetTriple()).getObjectFormat()) {
case Triple::COFF:
GV->setSection("san_stat$u");
break;
case Triple::ELF:
GV->setSection("san_stat");
break;
case Triple::MachO:
GV->setSection("__DATA,san_stat");
break;
case Triple::UnknownObjectFormat:
break;
krasin1Unsubmitted
Not Done
ReplyInline Actions

Is that a correct error handling for the unknown format? Should we warn the user? May be even fail hard?

krasin1: Is that a correct error handling for the unknown format? Should we warn the user? May be even…
pccAuthorUnsubmitted
Not Done
ReplyInline Actions

It would probably be appropriate to call report_fatal_error here.

pcc: It would probably be appropriate to call `report_fatal_error` here.
}
FunctionType *StatReportTy =
FunctionType::get(B.getVoidTy(), Int8PtrTy, false);
Constant *StatReport = M->getOrInsertFunction(
"__sanitizer_stat_report", StatReportTy);
B.CreateCall(StatReport, ConstantExpr::getBitCast(GV, Int8PtrTy));
}

test/CMakeLists.txt

Show First 20 LinesShow All 55 Lines▼ Show 20 Linesset(LLVM_TEST_DEPENDS
llvm-size llvm-size
llvm-split llvm-split
llvm-symbolizer llvm-symbolizer
llvm-tblgen llvm-tblgen
not not
obj2yaml obj2yaml
opt opt
sancov sancov
sanstats
verify-uselistorder verify-uselistorder
yaml-bench yaml-bench
yaml2obj yaml2obj
) )
# If Intel JIT events are supported, depend on a tool that tests the listener. # If Intel JIT events are supported, depend on a tool that tests the listener.
if( LLVM_USE_INTEL_JITEVENTS ) if( LLVM_USE_INTEL_JITEVENTS )
set(LLVM_TEST_DEPENDS ${LLVM_TEST_DEPENDS} llvm-jitlistener) set(LLVM_TEST_DEPENDS ${LLVM_TEST_DEPENDS} llvm-jitlistener)
▲ Show 20 LinesShow All 62 LinesShow Last 20 Lines

test/lit.cfg

Show First 20 LinesShow All 276 Lines▼ Show 20 Linesfor pattern in [r"\bbugpoint\b(?!-)",
r"\bllvm-split\b", r"\bllvm-split\b",
r"\bllvm-tblgen\b", r"\bllvm-tblgen\b",
r"\bllvm-c-test\b", r"\bllvm-c-test\b",
NOJUNK + r"\bllvm-symbolizer\b", NOJUNK + r"\bllvm-symbolizer\b",
NOJUNK + r"\bopt\b", NOJUNK + r"\bopt\b",
r"\bFileCheck\b", r"\bFileCheck\b",
r"\bobj2yaml\b", r"\bobj2yaml\b",
NOJUNK + r"\bsancov\b", NOJUNK + r"\bsancov\b",
NOJUNK + r"\bsanstats\b",
r"\byaml2obj\b", r"\byaml2obj\b",
r"\byaml-bench\b", r"\byaml-bench\b",
r"\bverify-uselistorder\b", r"\bverify-uselistorder\b",
# Handle these specially as they are strings searched # Handle these specially as they are strings searched
# for during testing. # for during testing.
r"\| \bcount\b", r"\| \bcount\b",
r"\| \bnot\b"]: r"\| \bnot\b"]:
tool_name, tool_path, tool_pipe = find_tool_substitution(pattern) tool_name, tool_path, tool_pipe = find_tool_substitution(pattern)
▲ Show 20 LinesShow All 191 LinesShow Last 20 Lines

test/tools/sanstats/elf.test

  • This file was added.
# RUN: yaml2obj -format=elf %s > %t1.o
# RUN: yaml2obj -format=elf %s > %t2.o
# RUN: echo -ne "\x04" > %t.stats
# RUN: echo -ne "%t1.o\x00" >> %t.stats
# RUN: echo -ne "\x01\x00\x00\x00\x01\x00\x00\x00" >> %t.stats
# RUN: echo -ne "\x11\x00\x00\x00\x02\x00\x00\x20" >> %t.stats
# RUN: echo -ne "\x21\x00\x00\x00\x03\x00\x00\x40" >> %t.stats
# RUN: echo -ne "\x01\x00\x00\x00\x04\x00\x00\x60" >> %t.stats
# RUN: echo -ne "\x11\x00\x00\x00\x05\x00\x00\x80" >> %t.stats
# RUN: echo -ne "\x21\x00\x00\x00\x06\x00\x00\xa0" >> %t.stats
# RUN: echo -ne "\x00\x00\x00\x00\x00\x00\x00\x00" >> %t.stats
# RUN: echo -ne "%t2.o\x00" >> %t.stats
# RUN: echo -ne "\x21\x00\x00\x00\x07\x00\x00\x00" >> %t.stats
# RUN: echo -ne "\x11\x00\x00\x00\x08\x00\x00\x20" >> %t.stats
# RUN: echo -ne "\x01\x00\x00\x00\x09\x00\x00\x40" >> %t.stats
# RUN: echo -ne "\x21\x00\x00\x00\x0a\x00\x00\x60" >> %t.stats
# RUN: echo -ne "\x11\x00\x00\x00\x0b\x00\x00\x80" >> %t.stats
# RUN: echo -ne "\x01\x00\x00\x00\x0c\x00\x00\xa0" >> %t.stats
# RUN: echo -ne "\x00\x00\x00\x00\x00\x00\x00\x00" >> %t.stats
# RUN: sanstats %t.stats | FileCheck %s
# CHECK: /tmp/f.c:1 f1 cfi-vcall 1
# CHECK: /tmp/f.c:2 f2 cfi-nvcall 2
# CHECK: /tmp/f.c:3 f3 cfi-derived-cast 3
# CHECK: /tmp/f.c:1 f1 cfi-unrelated-cast 4
# CHECK: /tmp/f.c:2 f2 cfi-icall 5
# CHECK: /tmp/f.c:3 f3 <unknown> 6
# CHECK: /tmp/f.c:3 f3 cfi-vcall 7
# CHECK: /tmp/f.c:2 f2 cfi-nvcall 8
# CHECK: /tmp/f.c:1 f1 cfi-derived-cast 9
# CHECK: /tmp/f.c:3 f3 cfi-unrelated-cast 10
# CHECK: /tmp/f.c:2 f2 cfi-icall 11
# CHECK: /tmp/f.c:1 f1 <unknown> 12
---
FileHeader:
Class: ELFCLASS64
Data: ELFDATA2LSB
Type: ET_REL
Machine: EM_X86_64
Sections:
- Name: .text
Type: SHT_PROGBITS
Flags: [ SHF_ALLOC, SHF_EXECINSTR ]
AddressAlign: 0x0000000000000010
Content: 554889E55DC3662E0F1F840000000000554889E55DC3662E0F1F840000000000554889E55DC3
- Name: .debug_str
Type: SHT_PROGBITS
Flags: [ SHF_MERGE, SHF_STRINGS ]
AddressAlign: 0x0000000000000001
Content: 636C616E672076657273696F6E20332E382E3020287472756E6B203235353339332920286C6C766D2F7472756E6B203235353734352900662E63002F746D7000663100663200663300
- Name: .debug_loc
Type: SHT_PROGBITS
AddressAlign: 0x0000000000000001
Content: ''
- Name: .debug_abbrev
Type: SHT_PROGBITS
AddressAlign: 0x0000000000000001
Content: 011101250E1305030E10171B0E110112060000022E00110112064018030E3A0B3B0B3F19000000
- Name: .debug_info
Type: SHT_PROGBITS
AddressAlign: 0x0000000000000001
Content: 660000000400000000000801000000000C0000000000000000000000000000000000000000002600000002000000000000000006000000015600000000010102000000000000000006000000015600000000010202000000000000000006000000015600000000010300
- Name: .rela.debug_info
Type: SHT_RELA
Link: .symtab
AddressAlign: 0x0000000000000008
Info: .debug_info
Relocations:
- Offset: 0x0000000000000006
Symbol: ''
Type: R_X86_64_32
- Offset: 0x000000000000000C
Symbol: ''
Type: R_X86_64_32
- Offset: 0x0000000000000012
Symbol: ''
Type: R_X86_64_32
Addend: 55
- Offset: 0x0000000000000016
Symbol: ''
Type: R_X86_64_32
- Offset: 0x000000000000001A
Symbol: ''
Type: R_X86_64_32
Addend: 59
- Offset: 0x000000000000001E
Symbol: ''
Type: R_X86_64_64
- Offset: 0x000000000000002B
Symbol: ''
Type: R_X86_64_64
- Offset: 0x0000000000000039
Symbol: ''
Type: R_X86_64_32
Addend: 64
- Offset: 0x0000000000000040
Symbol: ''
Type: R_X86_64_64
Addend: 16
- Offset: 0x000000000000004E
Symbol: ''
Type: R_X86_64_32
Addend: 67
- Offset: 0x0000000000000055
Symbol: ''
Type: R_X86_64_64
Addend: 32
- Offset: 0x0000000000000063
Symbol: ''
Type: R_X86_64_32
Addend: 70
- Name: .debug_ranges
Type: SHT_PROGBITS
AddressAlign: 0x0000000000000001
Content: ''
- Name: .debug_pubnames
Type: SHT_PROGBITS
AddressAlign: 0x0000000000000001
Content: 230000000200000000006A0000002A0000006631003F0000006632005400000066330000000000
- Name: .rela.debug_pubnames
Type: SHT_RELA
Link: .symtab
AddressAlign: 0x0000000000000008
Info: .debug_pubnames
Relocations:
- Offset: 0x0000000000000006
Symbol: ''
Type: R_X86_64_32
- Name: .comment
Type: SHT_PROGBITS
Flags: [ SHF_MERGE, SHF_STRINGS ]
AddressAlign: 0x0000000000000001
Content: 00636C616E672076657273696F6E20332E382E3020287472756E6B203235353339332920286C6C766D2F7472756E6B203235353734352900
- Name: .note.GNU-stack
Type: SHT_PROGBITS
AddressAlign: 0x0000000000000001
Content: ''
- Name: .eh_frame
Type: SHT_X86_64_UNWIND
Flags: [ SHF_ALLOC ]
AddressAlign: 0x0000000000000008
Content: 1400000000000000017A5200017810011B0C070890010000180000001C000000000000000600000000410E108602430D060000001800000038000000000000000600000000410E108602430D060000001C00000054000000000000000600000000410E108602430D0600000000000000
- Name: .rela.eh_frame
Type: SHT_RELA
Link: .symtab
AddressAlign: 0x0000000000000008
Info: .eh_frame
Relocations:
- Offset: 0x0000000000000020
Symbol: ''
Type: R_X86_64_PC32
- Offset: 0x000000000000003C
Symbol: ''
Type: R_X86_64_PC32
Addend: 16
- Offset: 0x0000000000000058
Symbol: ''
Type: R_X86_64_PC32
Addend: 32
- Name: .debug_line
Type: SHT_PROGBITS
AddressAlign: 0x0000000000000001
Content: 4300000002001A0000000101FB0E0D00010101010000000100000100662E630000000000000902000000000000000001050C0A4A0500BB050C0A4A0500BB050C0A4A0202000101
- Name: .rela.debug_line
Type: SHT_RELA
Link: .symtab
AddressAlign: 0x0000000000000008
Info: .debug_line
Relocations:
- Offset: 0x0000000000000027
Symbol: ''
Type: R_X86_64_64
Symbols:
Local:
- Name: f.c
Type: STT_FILE
- Type: STT_SECTION
Section: .text
- Type: STT_SECTION
Section: .debug_str
- Type: STT_SECTION
Section: .debug_abbrev
- Type: STT_SECTION
Section: .debug_info
- Type: STT_SECTION
Section: .debug_line
Global:
- Name: f1
Type: STT_FUNC
Section: .text
Size: 0x0000000000000006
- Name: f2
Type: STT_FUNC
Section: .text
Value: 0x0000000000000010
Size: 0x0000000000000006
- Name: f3
Type: STT_FUNC
Section: .text
Value: 0x0000000000000020
Size: 0x0000000000000006
...

tools/Makefile

Show All 27 Lines
# in parallel builds. Please retain this ordering. # in parallel builds. Please retain this ordering.
DIRS := llvm-config DIRS := llvm-config
PARALLEL_DIRS := opt llvm-as llvm-dis llc llvm-ar llvm-nm llvm-link \ PARALLEL_DIRS := opt llvm-as llvm-dis llc llvm-ar llvm-nm llvm-link \
lli llvm-extract llvm-mc bugpoint llvm-bcanalyzer llvm-diff \ lli llvm-extract llvm-mc bugpoint llvm-bcanalyzer llvm-diff \
llvm-objdump llvm-readobj llvm-rtdyld \ llvm-objdump llvm-readobj llvm-rtdyld \
llvm-dwarfdump llvm-cov llvm-size llvm-stress llvm-mcmarkup \ llvm-dwarfdump llvm-cov llvm-size llvm-stress llvm-mcmarkup \
llvm-profdata llvm-symbolizer obj2yaml yaml2obj llvm-c-test \ llvm-profdata llvm-symbolizer obj2yaml yaml2obj llvm-c-test \
llvm-cxxdump verify-uselistorder dsymutil llvm-pdbdump \ llvm-cxxdump verify-uselistorder dsymutil llvm-pdbdump \
llvm-split sancov llvm-dwp llvm-split sancov sanstats llvm-dwp
# If Intel JIT Events support is configured, build an extra tool to test it. # If Intel JIT Events support is configured, build an extra tool to test it.
ifeq ($(USE_INTEL_JITEVENTS), 1) ifeq ($(USE_INTEL_JITEVENTS), 1)
PARALLEL_DIRS += llvm-jitlistener PARALLEL_DIRS += llvm-jitlistener
endif endif
# Let users override the set of tools to build from the command line. # Let users override the set of tools to build from the command line.
ifdef ONLY_TOOLS ifdef ONLY_TOOLS
Show All 37 Lines

tools/sanstats/CMakeLists.txt

  • This file was added.
set(LLVM_LINK_COMPONENTS
Support
Symbolize
)
add_llvm_tool(sanstats
sanstats.cpp
)

tools/sanstats/Makefile

  • This file was added.
##===- tools/sanstats/Makefile -----------------------------*- Makefile -*-===##
#
# The LLVM Compiler Infrastructure
#
# This file is distributed under the University of Illinois Open Source
# License. See LICENSE.TXT for details.
#
##===----------------------------------------------------------------------===##
LEVEL := ../..
TOOLNAME := sanstats
LINK_COMPONENTS := Support Symbolize
# This tool has no plugins, optimize startup time.
TOOL_NO_EXPORTS := 1
include $(LEVEL)/Makefile.common

tools/sanstats/sanstats.cpp

  • This file was added.
//===- sanstats.cpp - Sanitizer statistics dumper -------------------------===//
//
// The LLVM Compiler Infrastructure
//
// This file is distributed under the University of Illinois Open Source
// License. See LICENSE.TXT for details.
//
//===----------------------------------------------------------------------===//
//
// This tool dumps statistics information from files in the format produced
// by clang's -fsanitize-stats feature.
//
//===----------------------------------------------------------------------===//
#include "llvm/DebugInfo/Symbolize/Symbolize.h"
#include "llvm/Support/CommandLine.h"
#include "llvm/Support/ErrorOr.h"
#include "llvm/Support/MemoryBuffer.h"
#include "llvm/Transforms/Utils/SanitizerStats.h"
#include <stdint.h>
using namespace llvm;
static cl::opt<std::string> ClInputFile(cl::Positional, cl::Required,
cl::desc("<filename>"));
static cl::opt<bool> ClDemangle("demangle", cl::init(false),
cl::desc("Print demangled function name."));
inline uint64_t KindFromData(uint64_t Data, char SizeofPtr) {
return Data >> (SizeofPtr * 8 - kSanitizerStatKindBits);
}
inline uint64_t CountFromData(uint64_t Data, char SizeofPtr) {
return Data & ((1ull << (SizeofPtr * 8 - kSanitizerStatKindBits)) - 1);
}
uint64_t ReadLE(char Size, const char *Begin, const char *End) {
uint64_t Result = 0;
char Pos = 0;
while (Begin < End && Pos != Size)
Result |= uint64_t(uint8_t(*Begin++)) << (Pos++ * 8);
krasin1Unsubmitted
Done
ReplyInline Actions

This expression is hard to read. For example, I had to think thrice, if it increments Begin or the value that Begin points to.

Please, split it into a few lines, like:

while (Begin < End && Pos != Size) {

Result |= uint64_t(uint8_t(*Begin)) << (Pos * 8);
Begin++;
Pos++;

}

Also, if that's a hot function, I would recommend to consider a faster implementation that will read the required number of bytes at once, and then swap the bytes with one of the standard helper functions. If this function is rarely called, feel free to leave it as is (modulo my comment above)

krasin1: This expression is hard to read. For example, I had to think thrice, if it increments Begin or…
return Result;
}
const char *ReadModule(char SizeofPtr, const char *Begin, const char *End) {
const char *FilenameBegin = Begin;
while (Begin != End && *Begin)
krasin1Unsubmitted
Not Done
ReplyInline Actions

isn't a reimplementation of strnlen?

krasin1: isn't a reimplementation of strnlen?
pccAuthorUnsubmitted
Not Done
ReplyInline Actions

Yes, but strnlen is not part of the C standard, and I think it's clearer to be explicit.

pcc: Yes, but strnlen is not part of the C standard, and I think it's clearer to be explicit.
++Begin;
if (Begin == End)
return 0;
StringRef Filename(FilenameBegin, Begin - FilenameBegin);
++Begin;
if (Begin == End)
return 0;
symbolize::LLVMSymbolizer::Options SymbolizerOptions;
SymbolizerOptions.Demangle = ClDemangle;
SymbolizerOptions.UseSymbolTable = true;
symbolize::LLVMSymbolizer Symbolizer(SymbolizerOptions);
while (1) {
uint64_t Addr = ReadLE(SizeofPtr, Begin, End);
Begin += SizeofPtr;
uint64_t Data = ReadLE(SizeofPtr, Begin, End);
krasin1Unsubmitted
Not Done
ReplyInline Actions

At this point Begin could be greater than End. May be check in the previous line?
Alternatively, make ReadLE to accept a pointer to Begin and let it to update it.

krasin1: At this point Begin could be greater than End. May be check in the previous line? Alternatively…
pccAuthorUnsubmitted
Not Done
ReplyInline Actions

At this point Begin could be greater than End. May be check in the previous line?

We defend against this in ReadLE.

Alternatively, make ReadLE to accept a pointer to Begin and let it to update it.

I considered this, but it's harder to distinguish between short reads and EOF this way.

pcc: > At this point Begin could be greater than End. May be check in the previous line? We defend…
Begin += SizeofPtr;
if (Begin > End)
return 0;
if (Addr == 0 && Data == 0)
return Begin;
if (Begin == End)
return 0;
ErrorOr<DILineInfo> LineInfo = Symbolizer.symbolizeCode(Filename, Addr);
if (LineInfo) {
llvm::outs() << LineInfo->FileName << ':' << LineInfo->Line << ' '
<< LineInfo->FunctionName << ' ';
} else {
llvm::outs() << "<error> ";
}
switch (KindFromData(Data, SizeofPtr)) {
case SanStat_CFI_VCall:
llvm::outs() << "cfi-vcall";
break;
case SanStat_CFI_NVCall:
llvm::outs() << "cfi-nvcall";
break;
case SanStat_CFI_DerivedCast:
llvm::outs() << "cfi-derived-cast";
break;
case SanStat_CFI_UnrelatedCast:
llvm::outs() << "cfi-unrelated-cast";
break;
case SanStat_CFI_ICall:
llvm::outs() << "cfi-icall";
break;
default:
llvm::outs() << "<unknown>";
break;
}
llvm::outs() << " " << CountFromData(Data, SizeofPtr) << '\n';
}
}
int main(int argc, char **argv) {
cl::ParseCommandLineOptions(argc, argv,
"Sanitizer Statistics Processing Tool");
ErrorOr<std::unique_ptr<MemoryBuffer>> MBOrErr =
MemoryBuffer::getFile(ClInputFile, -1, false);
if (!MBOrErr) {
errs() << argv[0] << ": " << ClInputFile << ": "
<< MBOrErr.getError().message() << '\n';
return 1;
}
std::unique_ptr<MemoryBuffer> MB = std::move(MBOrErr.get());
const char *Begin = MB->getBufferStart(), *End = MB->getBufferEnd();
if (Begin == End) {
errs() << argv[0] << ": " << ClInputFile << ": short read\n";
return 1;
}
char SizeofPtr = *Begin++;
while (Begin != End) {
krasin1Unsubmitted
Not Done
ReplyInline Actions

I highly suggest to check Begin < End and optionally check that Begin == End after the loop.

Otherwise, it's not hard to imaging that a tiny mistake somewhere would just Begin slightly past End and then we'll have to read after the end of the buffer until SEGFAULT stops this heroic attempt to overflow uintptr.

krasin1: I highly suggest to check Begin < End and optionally check that Begin == End after the loop.
pccAuthorUnsubmitted
Not Done
ReplyInline Actions

I added an assertion that should catch this.

pcc: I added an assertion that should catch this.
Begin = ReadModule(SizeofPtr, Begin, End);
if (Begin == 0) {
errs() << argv[0] << ": " << ClInputFile << ": short read\n";
return 1;
}
}
}