Fix detection of stack-use-after scope for char arrays.

vitalybuka · vitalybuka · commit 53054a7024f6 · 2016-07-22T00:56:17.000Z
Summary: Clang inserts GetElementPtrInst so findAllocaForValue was not able to find allocas. PR27453 Reviewers: kcc, eugenis Differential Revision: https://reviews.llvm.org/D22657 llvm-svn: 276374
diff --git a/llvm/lib/Transforms/Instrumentation/AddressSanitizer.cpp b/llvm/lib/Transforms/Instrumentation/AddressSanitizer.cpp
@@ -2286,6 +2286,10 @@ AllocaInst *FunctionStackPoisoner::findAllocaForValue(Value *V) {
         return nullptr;
       Res = IncValueAI;
     }
+  } else if (GetElementPtrInst *EP = dyn_cast<GetElementPtrInst>(V)) {
+    Res = findAllocaForValue(EP->getPointerOperand());
+  } else {
+    DEBUG(dbgs() << "Alloca search canceled on unknown instruction: " << *V << "\n");
   }
   if (Res) AllocaForValue[V] = Res;
   return Res;
diff --git a/llvm/test/Instrumentation/AddressSanitizer/lifetime.ll b/llvm/test/Instrumentation/AddressSanitizer/lifetime.ll
@@ -91,6 +91,26 @@ bb1:
   ret void
 }
 
+; Check that arguments of lifetime may come from getelementptr nodes.
+define void @getelementptr_args() sanitize_address{
+  ; CHECK-LABEL: define void @getelementptr_args
+entry:
+  %x = alloca [1024 x i8], align 16
+  %d = alloca i8*, align 8
+
+  %0 = getelementptr inbounds [1024 x i8], [1024 x i8]* %x, i64 0, i64 0
+  call void @llvm.lifetime.start(i64 1024, i8* %0)
+  ; CHECK: __asan_unpoison_stack_memory
+
+  store i8* %0, i8** %d, align 8
+
+  call void @llvm.lifetime.end(i64 1024, i8* %0)
+  ; CHECK: __asan_poison_stack_memory
+
+  ret void
+  ; CHECK: __asan_unpoison_stack_memory
+}
+
 define void @zero_sized(i64 %a) #0 {
 ; CHECK-LABEL: define void @zero_sized(i64 %a)
 

Original file line number	Diff line number	Diff line change
`@@ -2286,6 +2286,10 @@ AllocaInst FunctionStackPoisoner::findAllocaForValue(Value V) {`
`2286`	`2286`	`return nullptr;`
`2287`	`2287`	`Res = IncValueAI;`
`2288`	`2288`	`}`
	`2289`	`+ } else if (GetElementPtrInst *EP = dyn_cast<GetElementPtrInst>(V)) {`
	`2290`	`+ Res = findAllocaForValue(EP->getPointerOperand());`
	`2291`	`+ } else {`
	`2292`	`+ DEBUG(dbgs() << "Alloca search canceled on unknown instruction: " << *V << "\n");`
`2289`	`2293`	`}`
`2290`	`2294`	`if (Res) AllocaForValue[V] = Res;`
`2291`	`2295`	`return Res;`