Skip to content

Commit 084b20d

Browse files
keeskees
committed
[sancov] Include dynamic stack allocations in stack-depth tracing
The stack-depth instrumentation was being placed only after all constant-sized stack allocations, and did not take into account dynamically sized allocations. Move the instrumentation after the last alloca present in the Entry Basic Block.
1 parent 6a332db commit 084b20d

File tree

3 files changed

+21
-17
lines changed

3 files changed

+21
-17
lines changed

clang/docs/SanitizerCoverage.rst

Lines changed: 0 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -421,10 +421,6 @@ prototype is:
421421
extern "C"
422422
void __sanitize_cov_stack_depth(void);
423423

424-
Note that, currently, dynamically sized stacks are not tracked by
425-
instrumentation correctly, as it is inserted too early. This means
426-
that only constant sized stack allocations are currently tracked.
427-
428424
Gated Trace Callbacks
429425
=====================
430426

llvm/lib/Transforms/Instrumentation/SanitizerCoverage.cpp

Lines changed: 11 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -1042,8 +1042,6 @@ void ModuleSanitizerCoverage::InjectCoverageAtBlock(Function &F, BasicBlock &BB,
10421042
if (IsEntryBB) {
10431043
if (auto SP = F.getSubprogram())
10441044
EntryLoc = DILocation::get(SP->getContext(), SP->getScopeLine(), 0, SP);
1045-
// FIXME: stack-depth does not correctly instrument dynamic allocas.
1046-
//
10471045
// Keep static allocas and llvm.localescape calls in the entry block. Even
10481046
// if we aren't splitting the block, it's nice for allocas to be before
10491047
// calls.
@@ -1094,6 +1092,17 @@ void ModuleSanitizerCoverage::InjectCoverageAtBlock(Function &F, BasicBlock &BB,
10941092
}
10951093
if (Options.StackDepth && IsEntryBB && !IsLeafFunc) {
10961094
Module *M = F.getParent();
1095+
1096+
// Find an insertion point after last "alloca".
1097+
llvm::Instruction *InsertBefore = NULL;
1098+
for (auto &I : BB) {
1099+
if (llvm::isa<llvm::AllocaInst>(I))
1100+
InsertBefore = I.getNextNode(); // Move past the "alloca".
1101+
}
1102+
// But only use it if we actually found an "alloca".
1103+
if (InsertBefore)
1104+
IRB.SetInsertPoint(InsertBefore);
1105+
10971106
if (Options.StackDepthCallbackMin) {
10981107
// In callback mode, only add call when stack depth reaches minimum.
10991108
const DataLayout &DL = M->getDataLayout();

llvm/test/Instrumentation/SanitizerCoverage/stack-depth-callback.ll

Lines changed: 10 additions & 11 deletions
Original file line numberDiff line numberDiff line change
@@ -202,13 +202,13 @@ entry:
202202
define i32 @alloc0_32xDyn(i32 %input) {
203203
; COMMON-LABEL: define i32 @alloc0_32xDyn(i32 %input) {
204204
; COMMON-NEXT: entry:
205+
; COMMON-NEXT: [[VAR:%.*]] = alloca i8, i32 %input, align 4
205206
; CB1-NEXT: call void @__sanitizer_cov_stack_depth()
206207
; CB8-NEXT: call void @__sanitizer_cov_stack_depth()
207208
; CB16-NEXT: call void @__sanitizer_cov_stack_depth()
208209
; CB32-NEXT: call void @__sanitizer_cov_stack_depth()
209210
; CB64-NEXT: call void @__sanitizer_cov_stack_depth()
210211
; CB128-NEXT: call void @__sanitizer_cov_stack_depth()
211-
; COMMON-NEXT: [[VAR:%.*]] = alloca i8, i32 %input, align 4
212212
; COMMON-NEXT: [[CALL:%.*]] = call i32 @foo()
213213
; COMMON-NEXT: ret i32 [[CALL]]
214214
entry:
@@ -225,22 +225,21 @@ entry:
225225
; return foo();
226226
; }
227227
define dso_local i32 @dynamic_alloca(i32 noundef %0) #0 {
228-
; COMMON-LABEL: define dso_local i32 @dynamic_alloca(i32 noundef %0) {
229-
; COMMON-NEXT: [[VAR:%.*]] = alloca i32, align 4
230-
; COMMON-NEXT: [[VAR:%.*]] = alloca ptr, align 8
231-
; COMMON-NEXT: [[VAR:%.*]] = alloca i64, align 8
232-
; CB1-NEXT: call void @__sanitizer_cov_stack_depth()
233-
; CB8-NEXT: call void @__sanitizer_cov_stack_depth()
234-
; CB16-NEXT: call void @__sanitizer_cov_stack_depth()
235-
; CB32-NEXT: call void @__sanitizer_cov_stack_depth()
236-
; CB64-NEXT: call void @__sanitizer_cov_stack_depth()
237-
; CB128-NEXT: call void @__sanitizer_cov_stack_depth()
238228
%2 = alloca i32, align 4
239229
%3 = alloca ptr, align 8
240230
%4 = alloca i64, align 8
241231
store i32 %0, ptr %2, align 4
242232
%5 = load i32, ptr %2, align 4
243233
%6 = zext i32 %5 to i64
234+
; COMMON-LABEL: %7 = call ptr @llvm.stacksave
235+
; COMMON-NEXT: store ptr %7, ptr %3, align 8
236+
; COMMON-NEXT: [[VAR:%.*]] = alloca i32, i64 %6, align 16
237+
; CB1-NEXT: call void @__sanitizer_cov_stack_depth()
238+
; CB8-NEXT: call void @__sanitizer_cov_stack_depth()
239+
; CB16-NEXT: call void @__sanitizer_cov_stack_depth()
240+
; CB32-NEXT: call void @__sanitizer_cov_stack_depth()
241+
; CB64-NEXT: call void @__sanitizer_cov_stack_depth()
242+
; CB128-NEXT: call void @__sanitizer_cov_stack_depth()
244243
%7 = call ptr @llvm.stacksave.p0()
245244
store ptr %7, ptr %3, align 8
246245
%8 = alloca i32, i64 %6, align 16

0 commit comments

Comments
 (0)