This is an archive of the discontinued LLVM Phabricator instance.

Differential D97570

[dfsan] Propagate origin tracking at load
ClosedPublic

Authored by stephan.yichao.zhao on Feb 26 2021, 12:08 PM.

Details

Reviewers
morehouse
gbalats
Commits
rGd866b9c99d0a: [dfsan] Propagate origin tracking at load
Summary

This is a part of https://reviews.llvm.org/D95835.

One issue is about origin load optimization: see the
comments of useCallbackLoadLabelAndOrigin

@gbalats This change may have some conflicts with your 8bit change. PTAL the change at visitLoad.

Diff Detail

Event Timeline

stephan.yichao.zhao created this revision.Feb 26 2021, 12:08 PM
Herald added a subscriber: hiraditya. · View Herald TranscriptFeb 26 2021, 12:08 PM
stephan.yichao.zhao requested review of this revision.Feb 26 2021, 12:08 PM
Herald added a project: Restricted Project. · View Herald TranscriptFeb 26 2021, 12:08 PM
Herald added a subscriber: llvm-commits. · View Herald Transcript
Harbormaster completed remote builds in B91091: Diff 326764.Feb 26 2021, 3:46 PM
gbalats added inline comments.Mar 1 2021, 11:58 AM
llvm/lib/Transforms/Instrumentation/DataFlowSanitizer.cpp
578–580

I think it would be cleaner if we retained the older function (with its older return value) and introduced a new one:
loadShadowAndOrigin

1964–1968

Add assertion before returning to check that !ShouldTrackOrigins => Shadows.empty() && Origins.empty()

1965–1966

Shouldn't this be guarded by ShouldTrackOrigins flag? Even if it turns out to be a noop (when Shadows, Origins is empty), it's a little confusing for the reader.

2055–2057

Could instead use the flag, based on the assertion above.

2098

Is the initialization required here given the next line?

morehouse added inline comments.Mar 1 2021, 3:32 PM
llvm/lib/Transforms/Instrumentation/DataFlowSanitizer.cpp
578–580

+1

1910
2047

What does "non-scaped" mean?

llvm/test/Instrumentation/DataFlowSanitizer/origin_ldst.ll
244

Nit: s/LABLE/LABEL

stephan.yichao.zhao updated this revision to Diff 327328.Mar 1 2021, 5:06 PM
stephan.yichao.zhao marked 6 inline comments as done.

update

llvm/lib/Transforms/Instrumentation/DataFlowSanitizer.cpp
578–580

That would be great. I had also considered this.
At some points, loading origins depends on loading shadows.
One is loadFast16ShadowFast, using both shadows and origins to create some select instructions.
The other is by DFSanLoadLabelAndOriginFn.
So it is not straightforward to call loadShadow from loadShadowAndOrigin.

1964–1968

combineOrigins has a similar assert. Added a "if (ShouldTrackOrigins) {" here to improve readability.

2047

replaced by non-escaped, for alloca pointers are not used outside the function.

2098

Thank you.

Harbormaster completed remote builds in B91481: Diff 327328.Mar 1 2021, 11:09 PM
morehouse accepted this revision.Mar 2 2021, 7:46 AM

LGTM

This revision is now accepted and ready to land.Mar 2 2021, 7:46 AM
gbalats added inline comments.Mar 2 2021, 11:06 AM
llvm/lib/Transforms/Instrumentation/DataFlowSanitizer.cpp
2177–2178

Initialization seems redundant given the std::tie below.

llvm/test/Instrumentation/DataFlowSanitizer/origin_ldst.ll
22

Can these i16 expressions be generalized as in https://reviews.llvm.org/D97723 so that it requires fewer changes when we also have fast8 support?

stephan.yichao.zhao updated this revision to Diff 327570.Mar 2 2021, 1:46 PM
stephan.yichao.zhao marked an inline comment as done.

updated test cases to use meta data

stephan.yichao.zhao updated this revision to Diff 327579.Mar 2 2021, 1:56 PM

updated test cases

Harbormaster completed remote builds in B91659: Diff 327570.Mar 2 2021, 5:36 PM
gbalats accepted this revision.Mar 2 2021, 6:18 PM

LGTM

Harbormaster completed remote builds in B91669: Diff 327579.Mar 2 2021, 6:44 PM
stephan.yichao.zhao updated this revision to Diff 327656.Mar 2 2021, 8:29 PM

updated test cases

This revision was landed with ongoing or failed builds.Mar 2 2021, 8:33 PM
Closed by commit rGd866b9c99d0a: [dfsan] Propagate origin tracking at load (authored by Jianzhou Zhao <jianzhouzh@google.com>). · Explain Why
This revision was automatically updated to reflect the committed changes.
Jianzhou Zhao <jianzhouzh@google.com> added a commit: rGd866b9c99d0a: [dfsan] Propagate origin tracking at load.
Jianzhou Zhao <jianzhouzh@google.com> mentioned this in rGac4c1760b21c: Fix the build error caused by D97570.Mar 2 2021, 8:48 PM
Harbormaster completed remote builds in B91721: Diff 327656.Mar 3 2021, 12:18 AM

Revision Contents

PathSize
llvm/
lib/
Transforms/
Instrumentation/
191 lines
test/
Instrumentation/
DataFlowSanitizer/
251 lines

Diff 327659

llvm/lib/Transforms/Instrumentation/DataFlowSanitizer.cpp

Show First 20 LinesShow All 82 Lines▼ Show 20 Lines
#include "llvm/IR/MDBuilder.h" #include "llvm/IR/MDBuilder.h"
#include "llvm/IR/Module.h" #include "llvm/IR/Module.h"
#include "llvm/IR/PassManager.h" #include "llvm/IR/PassManager.h"
#include "llvm/IR/Type.h" #include "llvm/IR/Type.h"
#include "llvm/IR/User.h" #include "llvm/IR/User.h"
#include "llvm/IR/Value.h" #include "llvm/IR/Value.h"
#include "llvm/InitializePasses.h" #include "llvm/InitializePasses.h"
#include "llvm/Pass.h" #include "llvm/Pass.h"
#include "llvm/Support/Alignment.h"
#include "llvm/Support/Casting.h" #include "llvm/Support/Casting.h"
#include "llvm/Support/CommandLine.h" #include "llvm/Support/CommandLine.h"
#include "llvm/Support/ErrorHandling.h" #include "llvm/Support/ErrorHandling.h"
#include "llvm/Support/SpecialCaseList.h" #include "llvm/Support/SpecialCaseList.h"
#include "llvm/Support/VirtualFileSystem.h" #include "llvm/Support/VirtualFileSystem.h"
#include "llvm/Transforms/Instrumentation.h" #include "llvm/Transforms/Instrumentation.h"
#include "llvm/Transforms/Utils/BasicBlockUtils.h" #include "llvm/Transforms/Utils/BasicBlockUtils.h"
#include "llvm/Transforms/Utils/Local.h" #include "llvm/Transforms/Utils/Local.h"
▲ Show 20 LinesShow All 328 Lines▼ Show 20 Linesclass DataFlowSanitizer {
MDNode *ColdCallWeights; MDNode *ColdCallWeights;
DFSanABIList ABIList; DFSanABIList ABIList;
DenseMap<Value *, Function *> UnwrappedFnMap; DenseMap<Value *, Function *> UnwrappedFnMap;
AttrBuilder ReadOnlyNoneAttrs; AttrBuilder ReadOnlyNoneAttrs;
bool DFSanRuntimeShadowMask = false; bool DFSanRuntimeShadowMask = false;
Value *getShadowOffset(Value *Addr, IRBuilder<> &IRB); Value *getShadowOffset(Value *Addr, IRBuilder<> &IRB);
Value *getShadowAddress(Value *Addr, Instruction *Pos); Value *getShadowAddress(Value *Addr, Instruction *Pos);
// std::pair<Value *, Value *> std::pair<Value *, Value *>
// getShadowOriginAddress(Value *Addr, Align InstAlignment, Instruction *Pos); getShadowOriginAddress(Value *Addr, Align InstAlignment, Instruction *Pos);
bool isInstrumented(const Function *F); bool isInstrumented(const Function *F);
bool isInstrumented(const GlobalAlias *GA); bool isInstrumented(const GlobalAlias *GA);
FunctionType *getArgsFunctionType(FunctionType *T); FunctionType *getArgsFunctionType(FunctionType *T);
FunctionType *getTrampolineFunctionType(FunctionType *T); FunctionType *getTrampolineFunctionType(FunctionType *T);
TransformedFunction getCustomFunctionType(FunctionType *T); TransformedFunction getCustomFunctionType(FunctionType *T);
InstrumentedABI getInstrumentedABI(); InstrumentedABI getInstrumentedABI();
WrapperKind getWrapperKind(Function *F); WrapperKind getWrapperKind(Function *F);
void addGlobalNamePrefix(GlobalValue *GV); void addGlobalNamePrefix(GlobalValue *GV);
▲ Show 20 LinesShow All 56 Lines▼ Show 20 Linesstruct DFSanFunction {
DominatorTree DT; DominatorTree DT;
DataFlowSanitizer::InstrumentedABI IA; DataFlowSanitizer::InstrumentedABI IA;
bool IsNativeABI; bool IsNativeABI;
AllocaInst *LabelReturnAlloca = nullptr; AllocaInst *LabelReturnAlloca = nullptr;
AllocaInst *OriginReturnAlloca = nullptr; AllocaInst *OriginReturnAlloca = nullptr;
DenseMap<Value *, Value *> ValShadowMap; DenseMap<Value *, Value *> ValShadowMap;
DenseMap<Value *, Value *> ValOriginMap; DenseMap<Value *, Value *> ValOriginMap;
DenseMap<AllocaInst *, AllocaInst *> AllocaShadowMap; DenseMap<AllocaInst *, AllocaInst *> AllocaShadowMap;
DenseMap<AllocaInst *, AllocaInst *> AllocaOriginMap;
std::vector<std::pair<PHINode *, PHINode *>> PHIFixups; std::vector<std::pair<PHINode *, PHINode *>> PHIFixups;
DenseSet<Instruction *> SkipInsts; DenseSet<Instruction *> SkipInsts;
std::vector<Value *> NonZeroChecks; std::vector<Value *> NonZeroChecks;
bool AvoidNewBlocks; bool AvoidNewBlocks;
struct CachedShadow { struct CachedShadow {
BasicBlock *Block; // The block where Shadow is defined. BasicBlock *Block; // The block where Shadow is defined.
Value *Shadow; Value *Shadow;
▲ Show 20 LinesShow All 50 Lines▼ Show 20 Linesstruct DFSanFunction {
/// Generates IR to compute the union of the two given shadows, inserting it /// Generates IR to compute the union of the two given shadows, inserting it
/// before Pos. The combined value is with primitive type. /// before Pos. The combined value is with primitive type.
Value *combineShadows(Value *V1, Value *V2, Instruction *Pos); Value *combineShadows(Value *V1, Value *V2, Instruction *Pos);
/// Combines the shadow values of V1 and V2, then converts the combined value /// Combines the shadow values of V1 and V2, then converts the combined value
/// with primitive type into a shadow value with the original type T. /// with primitive type into a shadow value with the original type T.
Value *combineShadowsThenConvert(Type *T, Value *V1, Value *V2, Value *combineShadowsThenConvert(Type *T, Value *V1, Value *V2,
Instruction *Pos); Instruction *Pos);
Value *combineOperandShadows(Instruction *Inst); Value *combineOperandShadows(Instruction *Inst);
Value *loadShadow(Value *ShadowAddr, uint64_t Size, uint64_t Align, std::pair<Value *, Value *> loadShadowOrigin(Value *ShadowAddr, uint64_t Size,
Align InstAlignment,
Instruction *Pos); Instruction *Pos);
gbalatsUnsubmitted
Not Done
ReplyInline Actions

I think it would be cleaner if we retained the older function (with its older return value) and introduced a new one:
loadShadowAndOrigin

gbalats: I think it would be cleaner if we retained the older function (with its older return value) and…
stephan.yichao.zhaoAuthorUnsubmitted
Done
ReplyInline Actions

That would be great. I had also considered this.
At some points, loading origins depends on loading shadows.
One is loadFast16ShadowFast, using both shadows and origins to create some select instructions.
The other is by DFSanLoadLabelAndOriginFn.
So it is not straightforward to call loadShadow from loadShadowAndOrigin.

stephan.yichao.zhao: That would be great. I had also considered this. At some points, loading origins depends on…
morehouseUnsubmitted
Not Done
ReplyInline Actions

+1

morehouse: +1
void storePrimitiveShadow(Value *Addr, uint64_t Size, Align Alignment, void storePrimitiveShadow(Value *Addr, uint64_t Size, Align Alignment,
Value *PrimitiveShadow, Instruction *Pos); Value *PrimitiveShadow, Instruction *Pos);
/// Applies PrimitiveShadow to all primitive subtypes of T, returning /// Applies PrimitiveShadow to all primitive subtypes of T, returning
/// the expanded shadow value. /// the expanded shadow value.
/// ///
/// EFP({T1,T2, ...}, PS) = {EFP(T1,PS),EFP(T2,PS),...} /// EFP({T1,T2, ...}, PS) = {EFP(T1,PS),EFP(T2,PS),...}
/// EFP([n x T], PS) = [n x EFP(T,PS)] /// EFP([n x T], PS) = [n x EFP(T,PS)]
/// EFP(other types, PS) = PS /// EFP(other types, PS) = PS
Show All 25 Linesprivate:
/// Returns the shadow value of an argument A. /// Returns the shadow value of an argument A.
Value *getShadowForTLSArgument(Argument *A); Value *getShadowForTLSArgument(Argument *A);
/// The fast path of loading shadow in legacy mode. /// The fast path of loading shadow in legacy mode.
Value *loadLegacyShadowFast(Value *ShadowAddr, uint64_t Size, Value *loadLegacyShadowFast(Value *ShadowAddr, uint64_t Size,
Align ShadowAlign, Instruction *Pos); Align ShadowAlign, Instruction *Pos);
/// The fast path of loading shadow in fast-16-label mode. /// The fast path of loading shadow in fast-16-label mode.
Value *loadFast16ShadowFast(Value *ShadowAddr, uint64_t Size, std::pair<Value *, Value *>
Align ShadowAlign, Instruction *Pos); loadFast16ShadowFast(Value *ShadowAddr, Value *OriginAddr, uint64_t Size,
Align ShadowAlign, Align OriginAlign, Value *FirstOrigin,
Instruction *Pos);
Align getOriginAlign(Align InstAlignment);
/// Because 4 contiguous bytes share one 4-byte origin, the most accurate load
/// is __dfsan_load_label_and_origin. This function returns the union of all
/// labels and the origin of the first taint label. However this is an
/// additional call with many instructions. To ensure common cases are fast,
/// checks if it is possible to load labels and origins without using the
/// callback function.
bool useCallbackLoadLabelAndOrigin(uint64_t Size, Align InstAlignment);
}; };
class DFSanVisitor : public InstVisitor<DFSanVisitor> { class DFSanVisitor : public InstVisitor<DFSanVisitor> {
public: public:
DFSanFunction &DFSF; DFSanFunction &DFSF;
DFSanVisitor(DFSanFunction &DFSF) : DFSF(DFSF) {} DFSanVisitor(DFSanFunction &DFSF) : DFSF(DFSF) {}
▲ Show 20 LinesShow All 1,050 Lines▼ Show 20 LinesValue *DataFlowSanitizer::getShadowOffset(Value *Addr, IRBuilder<> &IRB) {
Value *ShadowPtrMaskValue; Value *ShadowPtrMaskValue;
if (DFSanRuntimeShadowMask) if (DFSanRuntimeShadowMask)
ShadowPtrMaskValue = IRB.CreateLoad(IntptrTy, ExternalShadowMask); ShadowPtrMaskValue = IRB.CreateLoad(IntptrTy, ExternalShadowMask);
else else
ShadowPtrMaskValue = ShadowPtrMask; ShadowPtrMaskValue = ShadowPtrMask;
return IRB.CreateAnd(IRB.CreatePtrToInt(Addr, IntptrTy), return IRB.CreateAnd(IRB.CreatePtrToInt(Addr, IntptrTy),
IRB.CreatePtrToInt(ShadowPtrMaskValue, IntptrTy)); IRB.CreatePtrToInt(ShadowPtrMaskValue, IntptrTy));
} }
/*
std::pair<Value *, Value *> std::pair<Value *, Value *>
DataFlowSanitizer::getShadowOriginAddress(Value *Addr, Align InstAlignment, DataFlowSanitizer::getShadowOriginAddress(Value *Addr, Align InstAlignment,
Instruction *Pos) { Instruction *Pos) {
// Returns ((Addr & shadow_mask) + origin_base) & ~4UL // Returns ((Addr & shadow_mask) + origin_base) & ~4UL
IRBuilder<> IRB(Pos); IRBuilder<> IRB(Pos);
Value *ShadowOffset = getShadowOffset(Addr, IRB); Value *ShadowOffset = getShadowOffset(Addr, IRB);
Value *ShadowPtr = IRB.CreateIntToPtr( Value *ShadowPtr = IRB.CreateIntToPtr(
IRB.CreateMul(ShadowOffset, ShadowPtrMul), PrimitiveShadowPtrTy); IRB.CreateMul(ShadowOffset, ShadowPtrMul), PrimitiveShadowPtrTy);
Value *OriginPtr = nullptr; Value *OriginPtr = nullptr;
if (shouldTrackOrigins()) { if (shouldTrackOrigins()) {
Value *OriginLong = IRB.CreateAdd(ShadowOffset, OriginBase); Value *OriginLong = IRB.CreateAdd(ShadowOffset, OriginBase);
const Align Alignment = llvm::assumeAligned(InstAlignment.value()); const Align Alignment = llvm::assumeAligned(InstAlignment.value());
// When alignment is >= 4, Addr must be aligned to 4, otherwise it is UB. // When alignment is >= 4, Addr must be aligned to 4, otherwise it is UB.
// So Mask is unnecessary. // So Mask is unnecessary.
if (Alignment < MinOriginAlignment) { if (Alignment < MinOriginAlignment) {
uint64_t Mask = MinOriginAlignment.value() - 1; uint64_t Mask = MinOriginAlignment.value() - 1;
OriginLong = IRB.CreateAnd(OriginLong, ConstantInt::get(IntptrTy, ~Mask)); OriginLong = IRB.CreateAnd(OriginLong, ConstantInt::get(IntptrTy, ~Mask));
} }
OriginPtr = IRB.CreateIntToPtr(OriginLong, OriginPtrTy); OriginPtr = IRB.CreateIntToPtr(OriginLong, OriginPtrTy);
} }
return {ShadowPtr, OriginPtr}; return {ShadowPtr, OriginPtr};
} }
*/
Value *DataFlowSanitizer::getShadowAddress(Value *Addr, Instruction *Pos) { Value *DataFlowSanitizer::getShadowAddress(Value *Addr, Instruction *Pos) {
// Returns (Addr & shadow_mask) x 2 // Returns (Addr & shadow_mask) x 2
IRBuilder<> IRB(Pos); IRBuilder<> IRB(Pos);
Value *ShadowOffset = getShadowOffset(Addr, IRB); Value *ShadowOffset = getShadowOffset(Addr, IRB);
return IRB.CreateIntToPtr(IRB.CreateMul(ShadowOffset, ShadowPtrMul), return IRB.CreateIntToPtr(IRB.CreateMul(ShadowOffset, ShadowPtrMul),
PrimitiveShadowPtrTy); PrimitiveShadowPtrTy);
} }
▲ Show 20 LinesShow All 158 Lines▼ Show 20 Linesvoid DFSanVisitor::visitInstOperandOrigins(Instruction &I) {
DFSF.setOrigin(&I, CombinedOrigin); DFSF.setOrigin(&I, CombinedOrigin);
} }
Align DFSanFunction::getShadowAlign(Align InstAlignment) { Align DFSanFunction::getShadowAlign(Align InstAlignment) {
const Align Alignment = ClPreserveAlignment ? InstAlignment : Align(1); const Align Alignment = ClPreserveAlignment ? InstAlignment : Align(1);
return Align(Alignment.value() * DFS.ShadowWidthBytes); return Align(Alignment.value() * DFS.ShadowWidthBytes);
} }
Value *DFSanFunction::loadFast16ShadowFast(Value *ShadowAddr, uint64_t Size, Align DFSanFunction::getOriginAlign(Align InstAlignment) {
Align ShadowAlign, const Align Alignment = llvm::assumeAligned(InstAlignment.value());
Instruction *Pos) { return Align(std::max(kMinOriginAlignment, Alignment));
}
bool DFSanFunction::useCallbackLoadLabelAndOrigin(uint64_t Size,
Align InstAlignment) {
assert(Size != 0);
// * if Size == 1, it is sufficient to load its origin aligned at 4.
// * if Size == 2, we assume most cases Addr % 2 == 0, so it is sufficient to
// load its origin aligned at 4. If not, although origins may be lost, it
morehouseUnsubmitted
Done
ReplyInline Actions
// * if Size == 2, we assume most cases Addr % 2 == 0, so it is sufficient to
- // load its origin aligned at 4. If not, althought origins may be lost, it
+ // load its origin aligned at 4. If not, although origins may be lost, it
// should not happen very often.
morehouse:
// should not happen very often.
// * if align >= 4, Addr must be aligned to 4, otherwise it is UB. When
// Size % 4 == 0, it is more efficient to load origins without callbacks.
// * Otherwise we use __dfsan_load_label_and_origin.
// This should ensure that common cases run efficiently.
if (Size <= 2)
return false;
const Align Alignment = llvm::assumeAligned(InstAlignment.value());
if (Alignment >= kMinOriginAlignment &&
Size % (64 / DFS.ShadowWidthBits) == 0)
return false;
return true;
}
std::pair<Value *, Value *> DFSanFunction::loadFast16ShadowFast(
Value *ShadowAddr, Value *OriginAddr, uint64_t Size, Align ShadowAlign,
Align OriginAlign, Value *FirstOrigin, Instruction *Pos) {
// First OR all the WideShadows, then OR individual shadows within the // First OR all the WideShadows, then OR individual shadows within the
// combined WideShadow. This is fewer instructions than ORing shadows // combined WideShadow. This is fewer instructions than ORing shadows
// individually. // individually.
const bool ShouldTrackOrigins = DFS.shouldTrackOrigins();
std::vector<Value *> Shadows;
std::vector<Value *> Origins;
IRBuilder<> IRB(Pos); IRBuilder<> IRB(Pos);
Value *WideAddr = Value *WideAddr =
IRB.CreateBitCast(ShadowAddr, Type::getInt64PtrTy(*DFS.Ctx)); IRB.CreateBitCast(ShadowAddr, Type::getInt64PtrTy(*DFS.Ctx));
Value *CombinedWideShadow = Value *CombinedWideShadow =
IRB.CreateAlignedLoad(IRB.getInt64Ty(), WideAddr, ShadowAlign); IRB.CreateAlignedLoad(IRB.getInt64Ty(), WideAddr, ShadowAlign);
if (ShouldTrackOrigins) {
Shadows.push_back(CombinedWideShadow);
Origins.push_back(FirstOrigin);
}
for (uint64_t Ofs = 64 / DFS.ShadowWidthBits; Ofs != Size; for (uint64_t Ofs = 64 / DFS.ShadowWidthBits; Ofs != Size;
Ofs += 64 / DFS.ShadowWidthBits) { Ofs += 64 / DFS.ShadowWidthBits) {
WideAddr = IRB.CreateGEP(Type::getInt64Ty(*DFS.Ctx), WideAddr, WideAddr = IRB.CreateGEP(Type::getInt64Ty(*DFS.Ctx), WideAddr,
ConstantInt::get(DFS.IntptrTy, 1)); ConstantInt::get(DFS.IntptrTy, 1));
Value *NextWideShadow = Value *NextWideShadow =
IRB.CreateAlignedLoad(IRB.getInt64Ty(), WideAddr, ShadowAlign); IRB.CreateAlignedLoad(IRB.getInt64Ty(), WideAddr, ShadowAlign);
CombinedWideShadow = IRB.CreateOr(CombinedWideShadow, NextWideShadow); CombinedWideShadow = IRB.CreateOr(CombinedWideShadow, NextWideShadow);
if (ShouldTrackOrigins) {
Shadows.push_back(NextWideShadow);
OriginAddr = IRB.CreateGEP(DFS.OriginTy, OriginAddr,
ConstantInt::get(DFS.IntptrTy, 1));
Origins.push_back(
IRB.CreateAlignedLoad(DFS.OriginTy, OriginAddr, OriginAlign));
}
} }
for (unsigned Width = 32; Width >= DFS.ShadowWidthBits; Width >>= 1) { for (unsigned Width = 32; Width >= DFS.ShadowWidthBits; Width >>= 1) {
Value *ShrShadow = IRB.CreateLShr(CombinedWideShadow, Width); Value *ShrShadow = IRB.CreateLShr(CombinedWideShadow, Width);
CombinedWideShadow = IRB.CreateOr(CombinedWideShadow, ShrShadow); CombinedWideShadow = IRB.CreateOr(CombinedWideShadow, ShrShadow);
} }
return IRB.CreateTrunc(CombinedWideShadow, DFS.PrimitiveShadowTy); return {IRB.CreateTrunc(CombinedWideShadow, DFS.PrimitiveShadowTy),
ShouldTrackOrigins
? combineOrigins(Shadows, Origins, Pos,
gbalatsUnsubmitted
Done
ReplyInline Actions

Shouldn't this be guarded by ShouldTrackOrigins flag? Even if it turns out to be a noop (when Shadows, Origins is empty), it's a little confusing for the reader.

gbalats: Shouldn't this be guarded by ShouldTrackOrigins flag? Even if it turns out to be a noop (when…
ConstantInt::getSigned(IRB.getInt64Ty(), 0))
: DFS.ZeroOrigin};
gbalatsUnsubmitted
Not Done
ReplyInline Actions

Add assertion before returning to check that !ShouldTrackOrigins => Shadows.empty() && Origins.empty()

gbalats: Add assertion before returning to check that !ShouldTrackOrigins => Shadows.empty() && Origins.
stephan.yichao.zhaoAuthorUnsubmitted
Done
ReplyInline Actions

combineOrigins has a similar assert. Added a "if (ShouldTrackOrigins) {" here to improve readability.

stephan.yichao.zhao: combineOrigins has a similar assert. Added a "if (ShouldTrackOrigins) {" here to improve…
} }
Value *DFSanFunction::loadLegacyShadowFast(Value *ShadowAddr, uint64_t Size, Value *DFSanFunction::loadLegacyShadowFast(Value *ShadowAddr, uint64_t Size,
Align ShadowAlign, Align ShadowAlign,
Instruction *Pos) { Instruction *Pos) {
// Fast path for the common case where each byte has identical shadow: load // Fast path for the common case where each byte has identical shadow: load
// shadow 64 bits at a time, fall out to a __dfsan_union_load call if any // shadow 64 bits at a time, fall out to a __dfsan_union_load call if any
// shadow is non-equal. // shadow is non-equal.
▲ Show 20 LinesShow All 56 Lines▼ Show 20 LinesValue *DFSanFunction::loadLegacyShadowFast(Value *ShadowAddr, uint64_t Size,
Shadow->addIncoming(FallbackCall, FallbackBB); Shadow->addIncoming(FallbackCall, FallbackBB);
Shadow->addIncoming(TruncShadow, LastBr->getParent()); Shadow->addIncoming(TruncShadow, LastBr->getParent());
return Shadow; return Shadow;
} }
// Generates IR to load shadow corresponding to bytes [Addr, Addr+Size), where // Generates IR to load shadow corresponding to bytes [Addr, Addr+Size), where
// Addr has alignment Align, and take the union of each of those shadows. The // Addr has alignment Align, and take the union of each of those shadows. The
// returned shadow always has primitive type. // returned shadow always has primitive type.
Value *DFSanFunction::loadShadow(Value *Addr, uint64_t Size, uint64_t Align, std::pair<Value *, Value *> DFSanFunction::loadShadowOrigin(Value *Addr,
uint64_t Size,
Align InstAlignment,
Instruction *Pos) { Instruction *Pos) {
const bool ShouldTrackOrigins = DFS.shouldTrackOrigins();
// Non-escaped loads.
morehouseUnsubmitted
Done
ReplyInline Actions

What does "non-scaped" mean?

morehouse: What does "non-scaped" mean?
stephan.yichao.zhaoAuthorUnsubmitted
Done
ReplyInline Actions

replaced by non-escaped, for alloca pointers are not used outside the function.

stephan.yichao.zhao: replaced by non-escaped, for alloca pointers are not used outside the function.
if (AllocaInst *AI = dyn_cast<AllocaInst>(Addr)) { if (AllocaInst *AI = dyn_cast<AllocaInst>(Addr)) {
const auto I = AllocaShadowMap.find(AI); const auto SI = AllocaShadowMap.find(AI);
if (I != AllocaShadowMap.end()) { if (SI != AllocaShadowMap.end()) {
IRBuilder<> IRB(Pos); IRBuilder<> IRB(Pos);
return IRB.CreateLoad(DFS.PrimitiveShadowTy, I->second); Value *ShadowLI = IRB.CreateLoad(DFS.PrimitiveShadowTy, SI->second);
const auto OI = AllocaOriginMap.find(AI);
assert(!ShouldTrackOrigins || OI != AllocaOriginMap.end());
return {ShadowLI, ShouldTrackOrigins
? IRB.CreateLoad(DFS.OriginTy, OI->second)
: nullptr};
gbalatsUnsubmitted
Done
ReplyInline Actions
assert(!ShouldTrackOrigins || OI != AllocaOriginMap.end());
- return {ShadowLI, OI != AllocaOriginMap.end()
+ return {ShadowLI, ShouldTrackOrigins
? IRB.CreateLoad(DFS.OriginTy, OI->second)
: nullptr};
}
}

Could instead use the flag, based on the assertion above.

gbalats: Could instead use the flag, based on the assertion above.
} }
} }
const llvm::Align ShadowAlign(Align * DFS.ShadowWidthBytes); // Load from constant addresses.
SmallVector<const Value *, 2> Objs; SmallVector<const Value *, 2> Objs;
getUnderlyingObjects(Addr, Objs); getUnderlyingObjects(Addr, Objs);
bool AllConstants = true; bool AllConstants = true;
for (const Value *Obj : Objs) { for (const Value *Obj : Objs) {
if (isa<Function>(Obj) || isa<BlockAddress>(Obj)) if (isa<Function>(Obj) || isa<BlockAddress>(Obj))
continue; continue;
if (isa<GlobalVariable>(Obj) && cast<GlobalVariable>(Obj)->isConstant()) if (isa<GlobalVariable>(Obj) && cast<GlobalVariable>(Obj)->isConstant())
continue; continue;
AllConstants = false; AllConstants = false;
break; break;
} }
if (AllConstants) if (AllConstants)
return DFS.ZeroPrimitiveShadow; return {DFS.ZeroPrimitiveShadow,
ShouldTrackOrigins ? DFS.ZeroOrigin : nullptr};
if (Size == 0)
return {DFS.ZeroPrimitiveShadow,
ShouldTrackOrigins ? DFS.ZeroOrigin : nullptr};
// Use callback to load if this is not an optimizable case for origin
// tracking.
if (ShouldTrackOrigins &&
useCallbackLoadLabelAndOrigin(Size, InstAlignment)) {
IRBuilder<> IRB(Pos);
CallInst *Call =
IRB.CreateCall(DFS.DFSanLoadLabelAndOriginFn,
{IRB.CreatePointerCast(Addr, IRB.getInt8PtrTy()),
ConstantInt::get(DFS.IntptrTy, Size)});
Call->addAttribute(AttributeList::ReturnIndex, Attribute::ZExt);
return {IRB.CreateTrunc(IRB.CreateLShr(Call, DFS.OriginWidthBits),
DFS.PrimitiveShadowTy),
IRB.CreateTrunc(Call, DFS.OriginTy)};
}
// Other cases that support loading shadows or origins in a fast way.
Value *ShadowAddr, *OriginAddr;
gbalatsUnsubmitted
Done
ReplyInline Actions

Is the initialization required here given the next line?

gbalats: Is the initialization required here given the next line?
stephan.yichao.zhaoAuthorUnsubmitted
Done
ReplyInline Actions

Thank you.

stephan.yichao.zhao: Thank you.
std::tie(ShadowAddr, OriginAddr) =
DFS.getShadowOriginAddress(Addr, InstAlignment, Pos);
const Align ShadowAlign = getShadowAlign(InstAlignment);
const Align OriginAlign = getOriginAlign(InstAlignment);
Value *Origin = nullptr;
if (ShouldTrackOrigins) {
IRBuilder<> IRB(Pos);
Origin = IRB.CreateAlignedLoad(DFS.OriginTy, OriginAddr, OriginAlign);
}
Value *ShadowAddr = DFS.getShadowAddress(Addr, Pos);
switch (Size) { switch (Size) {
case 0:
return DFS.ZeroPrimitiveShadow;
case 1: { case 1: {
LoadInst *LI = new LoadInst(DFS.PrimitiveShadowTy, ShadowAddr, "", Pos); LoadInst *LI = new LoadInst(DFS.PrimitiveShadowTy, ShadowAddr, "", Pos);
LI->setAlignment(ShadowAlign); LI->setAlignment(ShadowAlign);
return LI; return {LI, Origin};
} }
case 2: { case 2: {
IRBuilder<> IRB(Pos); IRBuilder<> IRB(Pos);
Value *ShadowAddr1 = IRB.CreateGEP(DFS.PrimitiveShadowTy, ShadowAddr, Value *ShadowAddr1 = IRB.CreateGEP(DFS.PrimitiveShadowTy, ShadowAddr,
ConstantInt::get(DFS.IntptrTy, 1)); ConstantInt::get(DFS.IntptrTy, 1));
return combineShadows( Value *Load =
IRB.CreateAlignedLoad(DFS.PrimitiveShadowTy, ShadowAddr, ShadowAlign), IRB.CreateAlignedLoad(DFS.PrimitiveShadowTy, ShadowAddr, ShadowAlign);
IRB.CreateAlignedLoad(DFS.PrimitiveShadowTy, ShadowAddr1, ShadowAlign), Value *Load1 =
Pos); IRB.CreateAlignedLoad(DFS.PrimitiveShadowTy, ShadowAddr1, ShadowAlign);
return {combineShadows(Load, Load1, Pos), Origin};
} }
} }
if (ClFast16Labels && Size % (64 / DFS.ShadowWidthBits) == 0) if (ClFast16Labels && Size % (64 / DFS.ShadowWidthBits) == 0)
return loadFast16ShadowFast(ShadowAddr, Size, ShadowAlign, Pos); return loadFast16ShadowFast(ShadowAddr, OriginAddr, Size, ShadowAlign,
OriginAlign, Origin, Pos);
if (!AvoidNewBlocks && Size % (64 / DFS.ShadowWidthBits) == 0) if (!AvoidNewBlocks && Size % (64 / DFS.ShadowWidthBits) == 0)
return loadLegacyShadowFast(ShadowAddr, Size, ShadowAlign, Pos); return {loadLegacyShadowFast(ShadowAddr, Size, ShadowAlign, Pos), Origin};
IRBuilder<> IRB(Pos); IRBuilder<> IRB(Pos);
FunctionCallee &UnionLoadFn = FunctionCallee &UnionLoadFn =
ClFast16Labels ? DFS.DFSanUnionLoadFast16LabelsFn : DFS.DFSanUnionLoadFn; ClFast16Labels ? DFS.DFSanUnionLoadFast16LabelsFn : DFS.DFSanUnionLoadFn;
CallInst *FallbackCall = IRB.CreateCall( CallInst *FallbackCall = IRB.CreateCall(
UnionLoadFn, {ShadowAddr, ConstantInt::get(DFS.IntptrTy, Size)}); UnionLoadFn, {ShadowAddr, ConstantInt::get(DFS.IntptrTy, Size)});
FallbackCall->addAttribute(AttributeList::ReturnIndex, Attribute::ZExt); FallbackCall->addAttribute(AttributeList::ReturnIndex, Attribute::ZExt);
return FallbackCall; return {FallbackCall, Origin};
} }
static AtomicOrdering addAcquireOrdering(AtomicOrdering AO) { static AtomicOrdering addAcquireOrdering(AtomicOrdering AO) {
switch (AO) { switch (AO) {
case AtomicOrdering::NotAtomic: case AtomicOrdering::NotAtomic:
return AtomicOrdering::NotAtomic; return AtomicOrdering::NotAtomic;
case AtomicOrdering::Unordered: case AtomicOrdering::Unordered:
case AtomicOrdering::Monotonic: case AtomicOrdering::Monotonic:
case AtomicOrdering::Acquire: case AtomicOrdering::Acquire:
return AtomicOrdering::Acquire; return AtomicOrdering::Acquire;
case AtomicOrdering::Release: case AtomicOrdering::Release:
case AtomicOrdering::AcquireRelease: case AtomicOrdering::AcquireRelease:
return AtomicOrdering::AcquireRelease; return AtomicOrdering::AcquireRelease;
case AtomicOrdering::SequentiallyConsistent: case AtomicOrdering::SequentiallyConsistent:
return AtomicOrdering::SequentiallyConsistent; return AtomicOrdering::SequentiallyConsistent;
} }
llvm_unreachable("Unknown ordering"); llvm_unreachable("Unknown ordering");
} }
void DFSanVisitor::visitLoadInst(LoadInst &LI) { void DFSanVisitor::visitLoadInst(LoadInst &LI) {
auto &DL = LI.getModule()->getDataLayout(); auto &DL = LI.getModule()->getDataLayout();
uint64_t Size = DL.getTypeStoreSize(LI.getType()); uint64_t Size = DL.getTypeStoreSize(LI.getType());
if (Size == 0) { if (Size == 0) {
DFSF.setShadow(&LI, DFSF.DFS.getZeroShadow(&LI)); DFSF.setShadow(&LI, DFSF.DFS.getZeroShadow(&LI));
DFSF.setOrigin(&LI, DFSF.DFS.ZeroOrigin);
return; return;
} }
// When an application load is atomic, increase atomic ordering between // When an application load is atomic, increase atomic ordering between
// atomic application loads and stores to ensure happen-before order; load // atomic application loads and stores to ensure happen-before order; load
// shadow data after application data; store zero shadow data before // shadow data after application data; store zero shadow data before
// application data. This ensure shadow loads return either labels of the // application data. This ensure shadow loads return either labels of the
// initial application data or zeros. // initial application data or zeros.
if (LI.isAtomic()) if (LI.isAtomic())
LI.setOrdering(addAcquireOrdering(LI.getOrdering())); LI.setOrdering(addAcquireOrdering(LI.getOrdering()));
Align Alignment = ClPreserveAlignment ? LI.getAlign() : Align(1);
Instruction *Pos = LI.isAtomic() ? LI.getNextNode() : &LI; Instruction *Pos = LI.isAtomic() ? LI.getNextNode() : &LI;
gbalatsUnsubmitted
Done
ReplyInline Actions

Initialization seems redundant given the std::tie below.

gbalats: Initialization seems redundant given the std::tie below.
Value *PrimitiveShadow = std::vector<Value *> Shadows;
DFSF.loadShadow(LI.getPointerOperand(), Size, Alignment.value(), Pos); std::vector<Value *> Origins;
Value *PrimitiveShadow, *Origin;
std::tie(PrimitiveShadow, Origin) =
DFSF.loadShadowOrigin(LI.getPointerOperand(), Size, LI.getAlign(), Pos);
const bool ShouldTrackOrigins = DFSF.DFS.shouldTrackOrigins();
if (ShouldTrackOrigins) {
Shadows.push_back(PrimitiveShadow);
Origins.push_back(Origin);
}
if (ClCombinePointerLabelsOnLoad) { if (ClCombinePointerLabelsOnLoad) {
Value *PtrShadow = DFSF.getShadow(LI.getPointerOperand()); Value *PtrShadow = DFSF.getShadow(LI.getPointerOperand());
PrimitiveShadow = DFSF.combineShadows(PrimitiveShadow, PtrShadow, Pos); PrimitiveShadow = DFSF.combineShadows(PrimitiveShadow, PtrShadow, Pos);
if (ShouldTrackOrigins) {
Shadows.push_back(PtrShadow);
Origins.push_back(DFSF.getOrigin(LI.getPointerOperand()));
}
} }
if (!DFSF.DFS.isZeroShadow(PrimitiveShadow)) if (!DFSF.DFS.isZeroShadow(PrimitiveShadow))
DFSF.NonZeroChecks.push_back(PrimitiveShadow); DFSF.NonZeroChecks.push_back(PrimitiveShadow);
Value *Shadow = Value *Shadow =
DFSF.expandFromPrimitiveShadow(LI.getType(), PrimitiveShadow, Pos); DFSF.expandFromPrimitiveShadow(LI.getType(), PrimitiveShadow, Pos);
DFSF.setShadow(&LI, Shadow); DFSF.setShadow(&LI, Shadow);
if (ShouldTrackOrigins) {
DFSF.setOrigin(&LI, DFSF.combineOrigins(Shadows, Origins, Pos));
}
if (ClEventCallbacks) { if (ClEventCallbacks) {
IRBuilder<> IRB(Pos); IRBuilder<> IRB(Pos);
Value *Addr8 = IRB.CreateBitCast(LI.getPointerOperand(), DFSF.DFS.Int8Ptr); Value *Addr8 = IRB.CreateBitCast(LI.getPointerOperand(), DFSF.DFS.Int8Ptr);
IRB.CreateCall(DFSF.DFS.DFSanLoadCallbackFn, {PrimitiveShadow, Addr8}); IRB.CreateCall(DFSF.DFS.DFSanLoadCallbackFn, {PrimitiveShadow, Addr8});
} }
} }
void DFSanFunction::storeZeroPrimitiveShadow(Value *Addr, uint64_t Size, void DFSanFunction::storeZeroPrimitiveShadow(Value *Addr, uint64_t Size,
▲ Show 20 LinesShow All 221 Lines▼ Show 20 Lines for (User *U : I.users()) {
} }
AllLoadsStores = false; AllLoadsStores = false;
break; break;
} }
if (AllLoadsStores) { if (AllLoadsStores) {
IRBuilder<> IRB(&I); IRBuilder<> IRB(&I);
DFSF.AllocaShadowMap[&I] = IRB.CreateAlloca(DFSF.DFS.PrimitiveShadowTy); DFSF.AllocaShadowMap[&I] = IRB.CreateAlloca(DFSF.DFS.PrimitiveShadowTy);
if (DFSF.DFS.shouldTrackOrigins()) {
DFSF.AllocaOriginMap[&I] =
IRB.CreateAlloca(DFSF.DFS.OriginTy, nullptr, "_dfsa");
}
} }
DFSF.setShadow(&I, DFSF.DFS.ZeroPrimitiveShadow); DFSF.setShadow(&I, DFSF.DFS.ZeroPrimitiveShadow);
DFSF.setOrigin(&I, DFSF.DFS.ZeroOrigin);
} }
void DFSanVisitor::visitSelectInst(SelectInst &I) { void DFSanVisitor::visitSelectInst(SelectInst &I) {
Value *CondShadow = DFSF.getShadow(I.getCondition()); Value *CondShadow = DFSF.getShadow(I.getCondition());
Value *TrueShadow = DFSF.getShadow(I.getTrueValue()); Value *TrueShadow = DFSF.getShadow(I.getTrueValue());
Value *FalseShadow = DFSF.getShadow(I.getFalseValue()); Value *FalseShadow = DFSF.getShadow(I.getFalseValue());
Value *ShadowSel = nullptr; Value *ShadowSel = nullptr;
const bool ShouldTrackOrigins = DFSF.DFS.shouldTrackOrigins(); const bool ShouldTrackOrigins = DFSF.DFS.shouldTrackOrigins();
▲ Show 20 LinesShow All 520 LinesShow Last 20 Lines

llvm/test/Instrumentation/DataFlowSanitizer/origin_ldst.ll

  • This file was added.
; RUN: opt < %s -dfsan -dfsan-track-origins=1 -dfsan-fast-16-labels=true -S | FileCheck %s --check-prefixes=CHECK_META,CHECK
; RUN: opt < %s -dfsan -dfsan-track-origins=1 -dfsan-fast-16-labels=true -dfsan-combine-pointer-labels-on-load=false -S | FileCheck %s --check-prefixes=CHECK_META,NO_COMBINE_LOAD_PTR
target datalayout = "e-p:64:64:64-i1:8:8-i8:8:8-i16:16:16-i32:32:32-i64:64:64-f32:32:32-f64:64:64-v64:64:64-v128:128:128-a0:0:64-s0:64:64-f80:128:128-n8:16:32:64-S128"
target triple = "x86_64-unknown-linux-gnu"
; CHECK_META: @__dfsan_shadow_width_bits = weak_odr constant i32 [[#SBITS:]]
; CHECK_META: @__dfsan_shadow_width_bytes = weak_odr constant i32 [[#SBYTES:]]
define {} @load0({}* %p) {
; CHECK: @"dfs$load0"
; CHECK-NEXT: %a = load {}, {}* %p, align 1
; CHECK-NEXT: store {} zeroinitializer, {}* bitcast ([100 x i64]* @__dfsan_retval_tls to {}*), align [[#SBYTES]]
; CHECK-NEXT: store i32 0, i32* @__dfsan_retval_origin_tls, align 4
; CHECK-NEXT: ret {} %a
%a = load {}, {}* %p
ret {} %a
}
define i16 @load_non_escaped_alloca() {
; CHECK: @"dfs$load_non_escaped_alloca"
; CHECK: [[S_ALLOCA:%.*]] = alloca i[[#SBITS]], align [[#SBYTES]]
gbalatsUnsubmitted
Not Done
ReplyInline Actions

Can these i16 expressions be generalized as in https://reviews.llvm.org/D97723 so that it requires fewer changes when we also have fast8 support?

gbalats: Can these i16 expressions be generalized as in https://reviews.llvm.org/D97723 so that it…
; CHECK: [[O_ALLOCA:%.*]] = alloca i32, align 4
; CHECK: [[SHADOW:%.*]] = load i[[#SBITS]], i[[#SBITS]]* [[S_ALLOCA]], align [[#SBYTES]]
; CHECK: [[ORIGIN:%.*]] = load i32, i32* [[O_ALLOCA]], align 4
; CHECK: %a = load i16, i16* %p, align 2
; CHECK: store i[[#SBITS]] [[SHADOW]], i[[#SBITS]]* bitcast ([100 x i64]* @__dfsan_retval_tls to i[[#SBITS]]*), align [[#SBYTES]]
; CHECK: store i32 [[ORIGIN]], i32* @__dfsan_retval_origin_tls, align 4
%p = alloca i16
%a = load i16, i16* %p
ret i16 %a
}
define i16* @load_escaped_alloca() {
; CHECK: @"dfs$load_escaped_alloca"
; CHECK: [[INTP:%.*]] = ptrtoint i[[#SBITS]]* %p to i64
; CHECK: [[OFFSET:%.*]] = and i64 [[INTP]], -123145302310913
; CHECK: [[SHADOW_ADDR:%.*]] = mul i64 [[OFFSET]], 2
; CHECK: [[SHADOW_PTR0:%.*]] = inttoptr i64 [[SHADOW_ADDR]] to i[[#SBITS]]*
; CHECK: [[ORIGIN_OFFSET:%.*]] = add i64 [[OFFSET]], 35184372088832
; CHECK: [[ORIGIN_ADDR:%.*]] = and i64 [[ORIGIN_OFFSET]], -4
; CHECK: [[ORIGIN_PTR:%.*]] = inttoptr i64 [[ORIGIN_ADDR]] to i32*
; CHECK: {{%.*}} = load i32, i32* [[ORIGIN_PTR]], align 4
; CHECK: [[SHADOW_PTR1:%.*]] = getelementptr i[[#SBITS]], i[[#SBITS]]* [[SHADOW_PTR0]], i64 1
; CHECK: [[SHADOW0:%.*]] = load i[[#SBITS]], i[[#SBITS]]* [[SHADOW_PTR0]], align [[#SBYTES]]
; CHECK: [[SHADOW1:%.*]] = load i[[#SBITS]], i[[#SBITS]]* [[SHADOW_PTR1]], align [[#SBYTES]]
; CHECK: {{%.*}} = or i[[#SBITS]] [[SHADOW0]], [[SHADOW1]]
; CHECK: %a = load i16, i16* %p, align 2
; CHECK: store i[[#SBITS]] 0, i[[#SBITS]]* bitcast ([100 x i64]* @__dfsan_retval_tls to i[[#SBITS]]*), align [[#SBYTES]]
; CHECK: store i32 0, i32* @__dfsan_retval_origin_tls, align 4
%p = alloca i16
%a = load i16, i16* %p
ret i16* %p
}
@X = constant i1 1
define i1 @load_global() {
; CHECK: @"dfs$load_global"
; CHECK: %a = load i1, i1* @X, align 1
; CHECK: store i[[#SBITS]] 0, i[[#SBITS]]* bitcast ([100 x i64]* @__dfsan_retval_tls to i[[#SBITS]]*), align [[#SBYTES]]
; CHECK: store i32 0, i32* @__dfsan_retval_origin_tls, align 4
%a = load i1, i1* @X
ret i1 %a
}
define i1 @load1(i1* %p) {
; CHECK: @"dfs$load1"
; CHECK: [[PO:%.*]] = load i32, i32* getelementptr inbounds ([200 x i32], [200 x i32]* @__dfsan_arg_origin_tls, i64 0, i64 0), align 4
; CHECK: [[PS:%.*]] = load i[[#SBITS]], i[[#SBITS]]* bitcast ([100 x i64]* @__dfsan_arg_tls to i[[#SBITS]]*), align [[#SBYTES]]
; CHECK: [[INTP:%.*]] = ptrtoint {{.*}} %p to i64
; CHECK: [[OFFSET:%.*]] = and i64 [[INTP]], -123145302310913
; CHECK: [[SHADOW_ADDR:%.*]] = mul i64 [[OFFSET]], 2
; CHECK: [[SHADOW_PTR:%.*]] = inttoptr i64 [[SHADOW_ADDR]] to i[[#SBITS]]*
; CHECK: [[ORIGIN_OFFSET:%.*]] = add i64 [[OFFSET]], 35184372088832
; CHECK: [[ORIGIN_ADDR:%.*]] = and i64 [[ORIGIN_OFFSET]], -4
; CHECK: [[ORIGIN_PTR:%.*]] = inttoptr i64 [[ORIGIN_ADDR]] to i32*
; CHECK: [[AO:%.*]] = load i32, i32* [[ORIGIN_PTR]], align 4
; CHECK: [[AS:%.*]] = load i[[#SBITS]], i[[#SBITS]]* [[SHADOW_PTR]], align [[#SBYTES]]
; CHECK: [[RS:%.*]] = or i[[#SBITS]] [[AS]], [[PS]]
; CHECK: [[PS_NZ:%.*]] = icmp ne i[[#SBITS]] [[PS]], 0
; CHECK: [[RO:%.*]] = select i1 [[PS_NZ]], i32 [[PO]], i32 [[AO]]
; CHECK: %a = load i1, i1* %p, align 1
; CHECK: store i[[#SBITS]] [[RS]], i[[#SBITS]]* bitcast ([100 x i64]* @__dfsan_retval_tls to i[[#SBITS]]*), align [[#SBYTES]]
; CHECK: store i32 [[RO]], i32* @__dfsan_retval_origin_tls, align 4
%a = load i1, i1* %p
ret i1 %a
}
define i16 @load16(i1 %i, i16* %p) {
; CHECK: @"dfs$load16"
; CHECK: [[PO:%.*]] = load i32, i32* getelementptr inbounds ([200 x i32], [200 x i32]* @__dfsan_arg_origin_tls, i64 0, i64 1), align 4
; CHECK: [[PS:%.*]] = load i[[#SBITS]], i[[#SBITS]]* inttoptr (i64 add (i64 ptrtoint ([100 x i64]* @__dfsan_arg_tls to i64), i64 2) to i[[#SBITS]]*), align [[#SBYTES]]
; CHECK: [[INTP:%.*]] = ptrtoint {{.*}} %p to i64
; CHECK: [[OFFSET:%.*]] = and i64 [[INTP]], -123145302310913
; CHECK: [[SHADOW_ADDR:%.*]] = mul i64 [[OFFSET]], 2
; CHECK: [[SHADOW_PTR0:%.*]] = inttoptr i64 [[SHADOW_ADDR]] to i[[#SBITS]]*
; CHECK: [[ORIGIN_OFFSET:%.*]] = add i64 [[OFFSET]], 35184372088832
; CHECK: [[ORIGIN_ADDR:%.*]] = and i64 [[ORIGIN_OFFSET]], -4
; CHECK: [[ORIGIN_PTR:%.*]] = inttoptr i64 [[ORIGIN_ADDR]] to i32*
; CHECK: [[AO:%.*]] = load i32, i32* [[ORIGIN_PTR]], align 4
; CHECK: [[SHADOW_PTR1:%.*]] = getelementptr i[[#SBITS]], i[[#SBITS]]* [[SHADOW_PTR0]], i64 1
; CHECK: [[SHADOW0:%.*]] = load i[[#SBITS]], i[[#SBITS]]* [[SHADOW_PTR0]], align [[#SBYTES]]
; CHECK: [[SHADOW1:%.*]] = load i[[#SBITS]], i[[#SBITS]]* [[SHADOW_PTR1]], align [[#SBYTES]]
; CHECK: [[AS:%.*]] = or i[[#SBITS]] [[SHADOW0]], [[SHADOW1]]
; CHECK: [[RS:%.*]] = or i[[#SBITS]] [[AS]], [[PS]]
; CHECK: [[PS_NZ:%.*]] = icmp ne i[[#SBITS]] [[PS]], 0
; CHECK: [[RO:%.*]] = select i1 [[PS_NZ]], i32 [[PO]], i32 [[AO]]
; CHECK: %a = load i16, i16* %p, align 2
; CHECK: store i[[#SBITS]] [[RS]], i[[#SBITS]]* bitcast ([100 x i64]* @__dfsan_retval_tls to i[[#SBITS]]*), align [[#SBYTES]]
; CHECK: store i32 [[RO]], i32* @__dfsan_retval_origin_tls, align 4
%a = load i16, i16* %p
ret i16 %a
}
define i32 @load32(i32* %p) {
; CHECK: @"dfs$load32"
; NO_COMBINE_LOAD_PTR: @"dfs$load32"
; NO_COMBINE_LOAD_PTR: [[INTP:%.*]] = ptrtoint i32* %p to i64
; NO_COMBINE_LOAD_PTR: [[OFFSET:%.*]] = and i64 [[INTP]], -123145302310913
; NO_COMBINE_LOAD_PTR: [[SHADOW_ADDR:%.*]] = mul i64 [[OFFSET]], 2
; NO_COMBINE_LOAD_PTR: [[SHADOW_PTR:%.*]] = inttoptr i64 [[SHADOW_ADDR]] to i[[#SBITS]]*
; NO_COMBINE_LOAD_PTR: [[ORIGIN_ADDR:%.*]] = add i64 [[OFFSET]], 35184372088832
; NO_COMBINE_LOAD_PTR: [[ORIGIN_PTR:%.*]] = inttoptr i64 [[ORIGIN_ADDR]] to i32*
; NO_COMBINE_LOAD_PTR: [[AO:%.*]] = load i32, i32* [[ORIGIN_PTR]], align 4
; NO_COMBINE_LOAD_PTR: [[SHADOW_PTR64:%.*]] = bitcast i[[#SBITS]]* [[SHADOW_PTR]] to i64*
; NO_COMBINE_LOAD_PTR: [[SHADOW64:%.*]] = load i64, i64* [[SHADOW_PTR64]], align [[#SBYTES]]
; NO_COMBINE_LOAD_PTR: [[SHADOW64_H32:%.*]] = lshr i64 [[SHADOW64]], 32
; NO_COMBINE_LOAD_PTR: [[SHADOW64_HL32:%.*]] = or i64 [[SHADOW64]], [[SHADOW64_H32]]
; NO_COMBINE_LOAD_PTR: [[SHADOW64_HL32_H16:%.*]] = lshr i64 [[SHADOW64_HL32]], 16
; NO_COMBINE_LOAD_PTR: [[SHADOW64_HL32_HL16:%.*]] = or i64 [[SHADOW64_HL32]], [[SHADOW64_HL32_H16]]
; NO_COMBINE_LOAD_PTR: [[SHADOW:%.*]] = trunc i64 [[SHADOW64_HL32_HL16]] to i[[#SBITS]]
; NO_COMBINE_LOAD_PTR: %a = load i32, i32* %p, align 4
; NO_COMBINE_LOAD_PTR: store i[[#SBITS]] [[SHADOW]], i[[#SBITS]]* bitcast ([100 x i64]* @__dfsan_retval_tls to i[[#SBITS]]*), align [[#SBYTES]]
; NO_COMBINE_LOAD_PTR: store i32 [[AO]], i32* @__dfsan_retval_origin_tls, align 4
%a = load i32, i32* %p
ret i32 %a
}
define i64 @load64(i64* %p) {
; CHECK: @"dfs$load64"
; NO_COMBINE_LOAD_PTR: @"dfs$load64"
; NO_COMBINE_LOAD_PTR: [[INTP:%.*]] = ptrtoint i64* %p to i64
; NO_COMBINE_LOAD_PTR: [[OFFSET:%.*]] = and i64 [[INTP]], -123145302310913
; NO_COMBINE_LOAD_PTR: [[SHADOW_ADDR:%.*]] = mul i64 [[OFFSET]], 2
; NO_COMBINE_LOAD_PTR: [[SHADOW_PTR:%.*]] = inttoptr i64 [[SHADOW_ADDR]] to i[[#SBITS]]*
; NO_COMBINE_LOAD_PTR: [[ORIGIN_ADDR:%.*]] = add i64 [[OFFSET]], 35184372088832
; NO_COMBINE_LOAD_PTR: [[ORIGIN_PTR_0:%.*]] = inttoptr i64 [[ORIGIN_ADDR]] to i32*
; NO_COMBINE_LOAD_PTR: [[ORIGIN_0:%.*]] = load i32, i32* [[ORIGIN_PTR_0]], align 8
; NO_COMBINE_LOAD_PTR: [[SHADOW_PTR_0:%.*]] = bitcast i[[#SBITS]]* [[SHADOW_PTR]] to i64*
; NO_COMBINE_LOAD_PTR: [[SHADOW_0:%.*]] = load i64, i64* [[SHADOW_PTR_0]], align [[#SBYTES]]
; NO_COMBINE_LOAD_PTR: [[SHADOW_PTR_1:%.*]] = getelementptr i64, i64* [[SHADOW_PTR_0]], i64 1
; NO_COMBINE_LOAD_PTR: [[SHADOW_1:%.*]] = load i64, i64* [[SHADOW_PTR_1]], align [[#SBYTES]]
; NO_COMBINE_LOAD_PTR: [[SHADOW64:%.*]] = or i64 [[SHADOW_0]], [[SHADOW_1]]
; NO_COMBINE_LOAD_PTR: [[ORIGIN_PTR_1:%.*]] = getelementptr i32, i32* [[ORIGIN_PTR_0]], i64 1
; NO_COMBINE_LOAD_PTR: [[ORIGIN_1:%.*]] = load i32, i32* [[ORIGIN_PTR_1]], align 8
; NO_COMBINE_LOAD_PTR: [[SHADOW64_H32:%.*]] = lshr i64 [[SHADOW64]], 32
; NO_COMBINE_LOAD_PTR: [[SHADOW64_HL32:%.*]] = or i64 [[SHADOW64]], [[SHADOW64_H32]]
; NO_COMBINE_LOAD_PTR: [[SHADOW64_HL32_H16:%.*]] = lshr i64 [[SHADOW64_HL32]], 16
; NO_COMBINE_LOAD_PTR: [[SHADOW64_HL32_HL16:%.*]] = or i64 [[SHADOW64_HL32]], [[SHADOW64_HL32_H16]]
; NO_COMBINE_LOAD_PTR: [[SHADOW:%.*]] = trunc i64 [[SHADOW64_HL32_HL16]] to i[[#SBITS]]
; NO_COMBINE_LOAD_PTR: [[SHADOW_1_NZ:%.*]] = icmp ne i64 [[SHADOW_1]], 0
; NO_COMBINE_LOAD_PTR: [[ORIGIN:%.*]] = select i1 [[SHADOW_1_NZ]], i32 [[ORIGIN_1]], i32 [[ORIGIN_0]]
; NO_COMBINE_LOAD_PTR: %a = load i64, i64* %p, align 8
; NO_COMBINE_LOAD_PTR: store i[[#SBITS]] [[SHADOW]], i[[#SBITS]]* bitcast ([100 x i64]* @__dfsan_retval_tls to i[[#SBITS]]*), align [[#SBYTES]]
; NO_COMBINE_LOAD_PTR: store i32 [[ORIGIN]], i32* @__dfsan_retval_origin_tls, align 4
%a = load i64, i64* %p
ret i64 %a
}
define i64 @load64_align2(i64* %p) {
; CHECK: @"dfs$load64_align2"
; NO_COMBINE_LOAD_PTR: @"dfs$load64_align2"
; NO_COMBINE_LOAD_PTR-NEXT: [[INTP:%.*]] = bitcast i64* %p to i8*
; NO_COMBINE_LOAD_PTR-NEXT: [[LABEL_ORIGIN:%.*]] = call zeroext i64 @__dfsan_load_label_and_origin(i8* [[INTP]], i64 8)
; NO_COMBINE_LOAD_PTR-NEXT: [[LABEL_ORIGIN_H32:%.*]] = lshr i64 [[LABEL_ORIGIN]], 32
; NO_COMBINE_LOAD_PTR-NEXT: [[LABEL:%.*]] = trunc i64 [[LABEL_ORIGIN_H32]] to i[[#SBITS]]
; NO_COMBINE_LOAD_PTR-NEXT: [[ORIGIN:%.*]] = trunc i64 [[LABEL_ORIGIN]] to i32
; NO_COMBINE_LOAD_PTR-NEXT: %a = load i64, i64* %p, align [[#SBYTES]]
; NO_COMBINE_LOAD_PTR-NEXT: store i[[#SBITS]] [[LABEL]], i[[#SBITS]]* bitcast ([100 x i64]* @__dfsan_retval_tls to i[[#SBITS]]*), align [[#SBYTES]]
; NO_COMBINE_LOAD_PTR-NEXT: store i32 [[ORIGIN]], i32* @__dfsan_retval_origin_tls, align 4
%a = load i64, i64* %p, align 2
ret i64 %a
}
define i92 @load92(i92* %p) {
; CHECK: @"dfs$load92"
; NO_COMBINE_LOAD_PTR: @"dfs$load92"
; NO_COMBINE_LOAD_PTR: [[INTP:%.*]] = ptrtoint i92* %p to i64
; NO_COMBINE_LOAD_PTR: [[OFFSET:%.*]] = and i64 [[INTP]], -123145302310913
; NO_COMBINE_LOAD_PTR: [[SHADOW_ADDR:%.*]] = mul i64 [[OFFSET]], 2
; NO_COMBINE_LOAD_PTR: [[SHADOW_PTR:%.*]] = inttoptr i64 [[SHADOW_ADDR]] to i[[#SBITS]]*
; NO_COMBINE_LOAD_PTR: [[ORIGIN_ADDR:%.*]] = add i64 [[OFFSET]], 35184372088832
; NO_COMBINE_LOAD_PTR: [[ORIGIN_PTR_0:%.*]] = inttoptr i64 [[ORIGIN_ADDR]] to i32*
; NO_COMBINE_LOAD_PTR: [[ORIGIN_0:%.*]] = load i32, i32* [[ORIGIN_PTR_0]], align 8
; NO_COMBINE_LOAD_PTR: [[SHADOW_PTR_0:%.*]] = bitcast i[[#SBITS]]* [[SHADOW_PTR]] to i64*
; NO_COMBINE_LOAD_PTR: [[SHADOW_0:%.*]] = load i64, i64* [[SHADOW_PTR_0]], align [[#SBYTES]]
; NO_COMBINE_LOAD_PTR: [[SHADOW_PTR_1:%.*]] = getelementptr i64, i64* [[SHADOW_PTR_0]], i64 1
; NO_COMBINE_LOAD_PTR: [[SHADOW_1:%.*]] = load i64, i64* [[SHADOW_PTR_1]], align [[#SBYTES]]
; NO_COMBINE_LOAD_PTR: [[SHADOW_01:%.*]] = or i64 [[SHADOW_0]], [[SHADOW_1]]
; NO_COMBINE_LOAD_PTR: [[ORIGIN_PTR_1:%.*]] = getelementptr i32, i32* [[ORIGIN_PTR_0]], i64 1
; NO_COMBINE_LOAD_PTR: [[ORIGIN_1:%.*]] = load i32, i32* [[ORIGIN_PTR_1]], align 8
; NO_COMBINE_LOAD_PTR: [[SHADOW_PTR_2:%.*]] = getelementptr i64, i64* [[SHADOW_PTR_1]], i64 1
; NO_COMBINE_LOAD_PTR: [[SHADOW_2:%.*]] = load i64, i64* [[SHADOW_PTR_2]], align [[#SBYTES]]
; NO_COMBINE_LOAD_PTR: [[SHADOW64:%.*]] = or i64 [[SHADOW_01]], [[SHADOW_2]]
; NO_COMBINE_LOAD_PTR: [[ORIGIN_PTR_2:%.*]] = getelementptr i32, i32* [[ORIGIN_PTR_1]], i64 1
; NO_COMBINE_LOAD_PTR: [[ORIGIN_2:%.*]] = load i32, i32* [[ORIGIN_PTR_2]], align 8
; NO_COMBINE_LOAD_PTR: [[SHADOW64_H32:%.*]] = lshr i64 [[SHADOW64]], 32
; NO_COMBINE_LOAD_PTR: [[SHADOW64_HL32:%.*]] = or i64 [[SHADOW64]], [[SHADOW64_H32]]
; NO_COMBINE_LOAD_PTR: [[SHADOW64_HL32_H16:%.*]] = lshr i64 [[SHADOW64_HL32]], 16
; NO_COMBINE_LOAD_PTR: [[SHADOW64_HL32_HL16:%.*]] = or i64 [[SHADOW64_HL32]], [[SHADOW64_HL32_H16]]
; NO_COMBINE_LOAD_PTR: [[SHADOW:%.*]] = trunc i64 [[SHADOW64_HL32_HL16]] to i[[#SBITS]]
; NO_COMBINE_LOAD_PTR: [[SHADOW_1_NZ:%.*]] = icmp ne i64 [[SHADOW_1]], 0
; NO_COMBINE_LOAD_PTR: [[ORIGIN_10:%.*]] = select i1 [[SHADOW_1_NZ]], i32 [[ORIGIN_1]], i32 [[ORIGIN_0]]
; NO_COMBINE_LOAD_PTR: [[SHADOW_2_NZ:%.*]] = icmp ne i64 [[SHADOW_2]], 0
; NO_COMBINE_LOAD_PTR: [[ORIGIN:%.*]] = select i1 [[SHADOW_2_NZ]], i32 [[ORIGIN_2]], i32 [[ORIGIN_10]]
; NO_COMBINE_LOAD_PTR: %a = load i92, i92* %p, align 8
; NO_COMBINE_LOAD_PTR: store i[[#SBITS]] [[SHADOW]], i[[#SBITS]]* bitcast ([100 x i64]* @__dfsan_retval_tls to i[[#SBITS]]*), align [[#SBYTES]]
; NO_COMBINE_LOAD_PTR: store i32 [[ORIGIN]], i32* @__dfsan_retval_origin_tls, align 4
%a = load i92, i92* %p
ret i92 %a
}
define i17 @load17(i17* %p) {
; CHECK: @"dfs$load17"
; NO_COMBINE_LOAD_PTR: @"dfs$load17"
; NO_COMBINE_LOAD_PTR-NEXT: [[INTP:%.*]] = bitcast i17* %p to i8*
; NO_COMBINE_LOAD_PTR-NEXT: [[LABEL_ORIGIN:%.*]] = call zeroext i64 @__dfsan_load_label_and_origin(i8* [[INTP]], i64 3)
; NO_COMBINE_LOAD_PTR-NEXT: [[LABEL_ORIGIN_H32:%.*]] = lshr i64 [[LABEL_ORIGIN]], 32
; NO_COMBINE_LOAD_PTR-NEXT: [[LABEL:%.*]] = trunc i64 [[LABEL_ORIGIN_H32]] to i[[#SBITS]]
; NO_COMBINE_LOAD_PTR-NEXT: [[ORIGIN:%.*]] = trunc i64 [[LABEL_ORIGIN]] to i32
morehouseUnsubmitted
Done
ReplyInline Actions

Nit: s/LABLE/LABEL

morehouse: Nit: s/LABLE/LABEL
; NO_COMBINE_LOAD_PTR-NEXT: %a = load i17, i17* %p, align 4
; NO_COMBINE_LOAD_PTR-NEXT: store i[[#SBITS]] [[LABEL]], i[[#SBITS]]* bitcast ([100 x i64]* @__dfsan_retval_tls to i[[#SBITS]]*), align [[#SBYTES]]
; NO_COMBINE_LOAD_PTR-NEXT: store i32 [[ORIGIN]], i32* @__dfsan_retval_origin_tls, align 4
%a = load i17, i17* %p, align 4
ret i17 %a
}