review.tizen.org Git - platform/upstream/llvm.git/commit

author	Jianzhou Zhao <jianzhouzh@google.com>
	Wed, 21 Apr 2021 04:54:29 +0000 (04:54 +0000)
committer	Jianzhou Zhao <jianzhouzh@google.com>
	Thu, 22 Apr 2021 16:25:24 +0000 (16:25 +0000)
commit	7fdf270965584a3b63ffed85d3c1ef20b3510668
tree	935e300c3634a86403f129e03c7324b4f96be039	tree \| snapshot
parent	5dfbcc5ae953b786f493ce5e9d78a4b5c5e55229	commit \| diff

[dfsan] Track origin at loads

    The first version of origin tracking tracks only memory stores. Although
    this is sufficient for understanding correct flows, it is hard to figure
    out where an undefined value is read from. To find reading undefined values,
    we still have to do a reverse binary search from the last store in the chain
    with printing and logging at possible code paths. This is
    quite inefficient.

    Tracking memory load instructions can help this case. The main issues of
    tracking loads are performance and code size overheads.

    With tracking only stores, the code size overhead is 38%,
    memory overhead is 1x, and cpu overhead is 3x. In practice #load is much
    larger than #store, so both code size and cpu overhead increases. The
    first blocker is code size overhead: link fails if we inline tracking
    loads. The workaround is using external function calls to propagate
    metadata. This is also the workaround ASan uses. The cpu overhead
    is ~10x. This is a trade off between debuggability and performance,
    and will be used only when debugging cases that tracking only stores
    is not enough.

Reviewed By: gbalats

Differential Revision: https://reviews.llvm.org/D100967

compiler-rt/lib/dfsan/dfsan.cpp		diff \| blob \| history
compiler-rt/test/dfsan/origin_track_ld.c	[new file with mode: 0644]	blob
llvm/lib/Transforms/Instrumentation/DataFlowSanitizer.cpp		diff \| blob \| history
llvm/test/Instrumentation/DataFlowSanitizer/basic.ll		diff \| blob \| history
llvm/test/Instrumentation/DataFlowSanitizer/origin_track_load.ll	[new file with mode: 0644]	blob