mirror of
https://github.com/capstone-engine/llvm-capstone.git
synced 2024-12-01 01:31:26 +00:00
9a954c6935
The 'counted_by' attribute is used on flexible array members. The
argument for the attribute is the name of the field member in the same
structure holding the count of elements in the flexible array. This
information can be used to improve the results of the array bound sanitizer
and the '__builtin_dynamic_object_size' builtin.
This example specifies the that the flexible array member 'array' has the
number of elements allocated for it in 'count':
struct bar;
struct foo {
size_t count;
/* ... */
struct bar *array[] __attribute__((counted_by(count)));
};
This establishes a relationship between 'array' and 'count', specifically
that 'p->array' must have *at least* 'p->count' number of elements available.
It's the user's responsibility to ensure that this relationship is maintained
through changes to the structure.
In the following, the allocated array erroneously has fewer elements than
what's specified by 'p->count'. This would result in an out-of-bounds access not
not being detected:
struct foo *p;
void foo_alloc(size_t count) {
p = malloc(MAX(sizeof(struct foo),
offsetof(struct foo, array[0]) + count *
sizeof(struct bar *)));
p->count = count + 42;
}
The next example updates 'p->count', breaking the relationship requirement that
'p->array' must have at least 'p->count' number of elements available:
struct foo *p;
void foo_alloc(size_t count) {
p = malloc(MAX(sizeof(struct foo),
offsetof(struct foo, array[0]) + count *
sizeof(struct bar *)));
p->count = count + 42;
}
void use_foo(int index) {
p->count += 42;
p->array[index] = 0; /* The sanitizer cannot properly check this access */
}
Reviewed By: nickdesaulniers, aaron.ballman
Differential Revision: https://reviews.llvm.org/D148381
|
||
|---|---|---|
| .. | ||
| Targets | ||
| ABIInfo.cpp | ||
| ABIInfo.h | ||
| ABIInfoImpl.cpp | ||
| ABIInfoImpl.h | ||
| Address.h | ||
| BackendUtil.cpp | ||
| CGAtomic.cpp | ||
| CGBlocks.cpp | ||
| CGBlocks.h | ||
| CGBuilder.h | ||
| CGBuiltin.cpp | ||
| CGCall.cpp | ||
| CGCall.h | ||
| CGClass.cpp | ||
| CGCleanup.cpp | ||
| CGCleanup.h | ||
| CGCoroutine.cpp | ||
| CGCUDANV.cpp | ||
| CGCUDARuntime.cpp | ||
| CGCUDARuntime.h | ||
| CGCXX.cpp | ||
| CGCXXABI.cpp | ||
| CGCXXABI.h | ||
| CGDebugInfo.cpp | ||
| CGDebugInfo.h | ||
| CGDecl.cpp | ||
| CGDeclCXX.cpp | ||
| CGException.cpp | ||
| CGExpr.cpp | ||
| CGExprAgg.cpp | ||
| CGExprComplex.cpp | ||
| CGExprConstant.cpp | ||
| CGExprCXX.cpp | ||
| CGExprScalar.cpp | ||
| CGGPUBuiltin.cpp | ||
| CGHLSLRuntime.cpp | ||
| CGHLSLRuntime.h | ||
| CGLoopInfo.cpp | ||
| CGLoopInfo.h | ||
| CGNonTrivialStruct.cpp | ||
| CGObjC.cpp | ||
| CGObjCGNU.cpp | ||
| CGObjCMac.cpp | ||
| CGObjCRuntime.cpp | ||
| CGObjCRuntime.h | ||
| CGOpenCLRuntime.cpp | ||
| CGOpenCLRuntime.h | ||
| CGOpenMPRuntime.cpp | ||
| CGOpenMPRuntime.h | ||
| CGOpenMPRuntimeGPU.cpp | ||
| CGOpenMPRuntimeGPU.h | ||
| CGRecordLayout.h | ||
| CGRecordLayoutBuilder.cpp | ||
| CGStmt.cpp | ||
| CGStmtOpenMP.cpp | ||
| CGValue.h | ||
| CGVTables.cpp | ||
| CGVTables.h | ||
| CGVTT.cpp | ||
| CMakeLists.txt | ||
| CodeGenABITypes.cpp | ||
| CodeGenAction.cpp | ||
| CodeGenFunction.cpp | ||
| CodeGenFunction.h | ||
| CodeGenModule.cpp | ||
| CodeGenModule.h | ||
| CodeGenPGO.cpp | ||
| CodeGenPGO.h | ||
| CodeGenTBAA.cpp | ||
| CodeGenTBAA.h | ||
| CodeGenTypeCache.h | ||
| CodeGenTypes.cpp | ||
| CodeGenTypes.h | ||
| ConstantEmitter.h | ||
| ConstantInitBuilder.cpp | ||
| CoverageMappingGen.cpp | ||
| CoverageMappingGen.h | ||
| EHScopeStack.h | ||
| ItaniumCXXABI.cpp | ||
| MacroPPCallbacks.cpp | ||
| MacroPPCallbacks.h | ||
| MicrosoftCXXABI.cpp | ||
| ModuleBuilder.cpp | ||
| ObjectFilePCHContainerOperations.cpp | ||
| PatternInit.cpp | ||
| PatternInit.h | ||
| README.txt | ||
| SanitizerMetadata.cpp | ||
| SanitizerMetadata.h | ||
| SwiftCallingConv.cpp | ||
| TargetInfo.cpp | ||
| TargetInfo.h | ||
| VarBypassDetector.cpp | ||
| VarBypassDetector.h | ||
IRgen optimization opportunities. //===---------------------------------------------------------------------===// The common pattern of -- short x; // or char, etc (x == 10) -- generates an zext/sext of x which can easily be avoided. //===---------------------------------------------------------------------===// Bitfields accesses can be shifted to simplify masking and sign extension. For example, if the bitfield width is 8 and it is appropriately aligned then is is a lot shorter to just load the char directly. //===---------------------------------------------------------------------===// It may be worth avoiding creation of alloca's for formal arguments for the common situation where the argument is never written to or has its address taken. The idea would be to begin generating code by using the argument directly and if its address is taken or it is stored to then generate the alloca and patch up the existing code. In theory, the same optimization could be a win for block local variables as long as the declaration dominates all statements in the block. NOTE: The main case we care about this for is for -O0 -g compile time performance, and in that scenario we will need to emit the alloca anyway currently to emit proper debug info. So this is blocked by being able to emit debug information which refers to an LLVM temporary, not an alloca. //===---------------------------------------------------------------------===// We should try and avoid generating basic blocks which only contain jumps. At -O0, this penalizes us all the way from IRgen (malloc & instruction overhead), all the way down through code generation and assembly time. On 176.gcc:expr.ll, it looks like over 12% of basic blocks are just direct branches! //===---------------------------------------------------------------------===//