Teach AddressSanitizer to create basic blocks in a more natural order.

This is particularly useful to the backend code generators which try to process things in the incoming function order. Also, cleanup some uses of IRBuilder to be a bit simpler and more clear. git-svn-id: https://llvm.org/svn/llvm-project/llvm/trunk@160254 91177308-0d34-0410-b5e6-96231b3b80d8
2024-12-04 10:04:33 +00:00 · 2012-07-16 08:58:53 +00:00 · 2012-07-16 08:58:53 +00:00 · c3c8db9d25
commit c3c8db9d25
parent 2f58533d1e
2 changed files with 27 additions and 29 deletions
--- a/lib/Transforms/Instrumentation/AddressSanitizer.cpp
+++ b/lib/Transforms/Instrumentation/AddressSanitizer.cpp
@ -230,17 +230,17 @@ static GlobalVariable *createPrivateGlobalForString(Module &M, StringRef Str) {
 // Returns the ThenBlock's terminator.
 static BranchInst *splitBlockAndInsertIfThen(Value *Cmp) {
  Instruction *SplitBefore = cast<Instruction>(Cmp)->getNextNode();
-  BasicBlock *Head = SplitBefore->getParent();
-  BasicBlock *Tail = Head->splitBasicBlock(SplitBefore);
-  TerminatorInst *HeadOldTerm = Head->getTerminator();
-  LLVMContext &C = Head->getParent()->getParent()->getContext();
-  BasicBlock *ThenBlock = BasicBlock::Create(C, "", Head->getParent());
-  BranchInst *HeadNewTerm =
-    BranchInst::Create(/*ifTrue*/ThenBlock, /*ifFalse*/Tail, Cmp);
-  ReplaceInstWithInst(HeadOldTerm, HeadNewTerm);

-  BranchInst *CheckTerm = BranchInst::Create(Tail, ThenBlock);
-  return CheckTerm;
+  // Create three basic blocks, with the middle block empty, by splitting twice.
+  BasicBlock *Head = SplitBefore->getParent();
+  BasicBlock *Then = Head->splitBasicBlock(SplitBefore);
+  BasicBlock *Tail = Then->splitBasicBlock(SplitBefore);
+
+  TerminatorInst *HeadOldTerm = Head->getTerminator();
+  IRBuilder<>(HeadOldTerm).CreateCondBr(Cmp, Then, Tail);
+  HeadOldTerm->eraseFromParent();
+
+  return cast<BranchInst>(Then->getTerminator());
 }

 Value *AddressSanitizer::memToShadow(Value *Shadow, IRBuilder<> &IRB) {
@ -387,28 +387,28 @@ void AddressSanitizer::instrumentAddress(Instruction *OrigIns,
  Value *Cmp = IRB.CreateICmpNE(ShadowValue, CmpVal);

  Instruction *CheckTerm = splitBlockAndInsertIfThen(Cmp);
-  IRBuilder<> IRB2(CheckTerm);
+  IRB.SetInsertPoint(CheckTerm);

  size_t Granularity = 1 << MappingScale;
  if (TypeSize < 8 * Granularity) {
    // Addr & (Granularity - 1)
-    Value *LastAccessedByte = IRB2.CreateAnd(
+    Value *LastAccessedByte = IRB.CreateAnd(
        AddrLong, ConstantInt::get(IntptrTy, Granularity - 1));
    // (Addr & (Granularity - 1)) + size - 1
    if (TypeSize / 8 > 1)
-      LastAccessedByte = IRB2.CreateAdd(
+      LastAccessedByte = IRB.CreateAdd(
          LastAccessedByte, ConstantInt::get(IntptrTy, TypeSize / 8 - 1));
    // (uint8_t) ((Addr & (Granularity-1)) + size - 1)
-    LastAccessedByte = IRB2.CreateIntCast(
+    LastAccessedByte = IRB.CreateIntCast(
        LastAccessedByte, IRB.getInt8Ty(), false);
    // ((uint8_t) ((Addr & (Granularity-1)) + size - 1)) >= ShadowValue
-    Value *Cmp2 = IRB2.CreateICmpSGE(LastAccessedByte, ShadowValue);
+    Value *Cmp2 = IRB.CreateICmpSGE(LastAccessedByte, ShadowValue);

    CheckTerm = splitBlockAndInsertIfThen(Cmp2);
+    IRB.SetInsertPoint(CheckTerm);
  }

-  IRBuilder<> IRB1(CheckTerm);
-  Instruction *Crash = generateCrashCode(IRB1, AddrLong, IsWrite, TypeSize);
+  Instruction *Crash = generateCrashCode(IRB, AddrLong, IsWrite, TypeSize);
  Crash->setDebugLoc(OrigIns->getDebugLoc());
  ReplaceInstWithInst(CheckTerm, new UnreachableInst(*C));
 }
--- a/test/Instrumentation/AddressSanitizer/basic.ll
+++ b/test/Instrumentation/AddressSanitizer/basic.ll
@ -16,11 +16,6 @@ define i32 @test_load(i32* %a) address_safety {
 ; CHECK:   icmp ne i8
 ; CHECK:   br i1 %{{.*}}, label %{{.*}}, label %{{.*}}
 ;
-; The actual load comes next because ASan adds the last instrumentation block
-; to the end of the function.
-; CHECK:   %tmp1 = load i32* %a
-; CHECK:   ret i32 %tmp1
-;
 ; First instrumentation block refines the shadow test.
 ; CHECK:   and i64 %[[LOAD_ADDR]], 7
 ; CHECK:   add i64 %{{.*}}, 3
@ -28,9 +23,13 @@ define i32 @test_load(i32* %a) address_safety {
 ; CHECK:   icmp sge i8 %{{.*}}, %[[LOAD_SHADOW]]
 ; CHECK:   br i1 %{{.*}}, label %{{.*}}, label %{{.*}}
 ;
-; Final instrumentation block reports the error.
+; Second instrumentation block reports the error.
 ; CHECK:   call void @__asan_report_load4(i64 %[[LOAD_ADDR]]) noreturn
 ; CHECK:   unreachable
+;
+; Finally the instrumented load.
+; CHECK:   %tmp1 = load i32* %a
+; CHECK:   ret i32 %tmp1

 entry:
  %tmp1 = load i32* %a
@ -48,11 +47,6 @@ define void @test_store(i32* %a) address_safety {
 ; CHECK:   icmp ne i8
 ; CHECK:   br i1 %{{.*}}, label %{{.*}}, label %{{.*}}
 ;
-; The actual store comes next because ASan adds the last instrumentation block
-; to the end of the function.
-; CHECK:   store i32 42, i32* %a
-; CHECK:   ret void
-;
 ; First instrumentation block refines the shadow test.
 ; CHECK:   and i64 %[[STORE_ADDR]], 7
 ; CHECK:   add i64 %{{.*}}, 3
@ -60,9 +54,13 @@ define void @test_store(i32* %a) address_safety {
 ; CHECK:   icmp sge i8 %{{.*}}, %[[STORE_SHADOW]]
 ; CHECK:   br i1 %{{.*}}, label %{{.*}}, label %{{.*}}
 ;
-; Final instrumentation block reports the error.
+; Second instrumentation block reports the error.
 ; CHECK:   call void @__asan_report_store4(i64 %[[STORE_ADDR]]) noreturn
 ; CHECK:   unreachable
+;
+; Finally the instrumented store.
+; CHECK:   store i32 42, i32* %a
+; CHECK:   ret void

 entry:
  store i32 42, i32* %a