[ASan] Use stack safety analysis to optimize allocas instrumentation.

kstoimenov · vitalybuka · commit d6e1e0a0190d · 2022-07-26T18:48:16.000-07:00
Added alloca optimization which was missed during the implemenation of D112098. Reviewed By: vitalybuka Differential Revision: https://reviews.llvm.org/D130503
diff --git a/llvm/lib/Transforms/Instrumentation/AddressSanitizer.cpp b/llvm/lib/Transforms/Instrumentation/AddressSanitizer.cpp
@@ -1232,7 +1232,9 @@ bool AddressSanitizer::isInterestingAlloca(const AllocaInst &AI) {
        // dynamic alloca instrumentation for them as well.
        !AI.isUsedWithInAlloca() &&
        // swifterror allocas are register promoted by ISel
-       !AI.isSwiftError());
+       !AI.isSwiftError() &&
+       // safe allocas are not interesting
+       !(SSGI && SSGI->isSafe(AI)));
 
   ProcessedAllocas[&AI] = IsInteresting;
   return IsInteresting;
diff --git a/llvm/test/Instrumentation/AddressSanitizer/asan-stack-safety.ll b/llvm/test/Instrumentation/AddressSanitizer/asan-stack-safety.ll
@@ -6,7 +6,7 @@
 ; CHECK-LABEL: define i32 @load
 define i32 @load() sanitize_address {
   %buf = alloca [10 x i8], align 1
-  ; CHECK: call i64 @__asan_stack_malloc
+  ; NOSAFETY: call i64 @__asan_stack_malloc
   %arrayidx = getelementptr inbounds [10 x i8], [10 x i8]* %buf, i64 0, i64 0
   %1 = load i8, i8* %arrayidx, align 1
   ; NOSAFETY: call void @__asan_load1
@@ -16,17 +16,30 @@ define i32 @load() sanitize_address {
 ; CHECK-LABEL: define i32 @store
 define i32 @store() sanitize_address {
   %buf = alloca [10 x i8], align 1
-  ; CHECK: call i64 @__asan_stack_malloc
+  ; NOSAFETY: call i64 @__asan_stack_malloc
   %arrayidx = getelementptr inbounds [10 x i8], [10 x i8]* %buf, i64 0, i64 0
   store i8 0, i8* %arrayidx
   ; NOSAFETY: call void @__asan_store1
   ret i32 0
 }
 
+; CHECK-LABEL: define i32 @unsafe_alloca
+define i32 @unsafe_alloca(i32 %i) sanitize_address {
+  %buf.sroa.0 = alloca [10 x i8], align 4
+  ; CHECK: call i64 @__asan_stack_malloc
+  %ptr = getelementptr [10 x i8], [10 x i8]* %buf.sroa.0, i32 %i, i32 0
+  store volatile i8 0, i8* %ptr, align 4
+  ; CHECK: call void @__asan_store1
+  %ptr2 = getelementptr [10 x i8], [10 x i8]* %buf.sroa.0, i32 0, i32 0
+  store volatile i8 0, i8* %ptr2, align 4
+  ; NOSAFETY: call void @__asan_store1
+  ret i32 0
+}
+
 ; CHECK-LABEL: define void @atomicrmw
 define void @atomicrmw() sanitize_address {
   %buf = alloca [10 x i8], align 1
-  ; CHECK: call i64 @__asan_stack_malloc
+  ; NOSAFETY: call i64 @__asan_stack_malloc
   %arrayidx = getelementptr inbounds [10 x i8], [10 x i8]* %buf, i64 0, i64 0
   %1 = atomicrmw add i8* %arrayidx, i8 1 seq_cst
   ; NOSAFETY: call void @__asan_store1
@@ -36,7 +49,7 @@ define void @atomicrmw() sanitize_address {
 ; CHECK-LABEL: define void @cmpxchg
 define void @cmpxchg(i8 %compare_to, i8 %new_value) sanitize_address {
   %buf = alloca [10 x i8], align 1
-  ; CHECK: call i64 @__asan_stack_malloc
+  ; NOSAFETY: call i64 @__asan_stack_malloc
   %arrayidx = getelementptr inbounds [10 x i8], [10 x i8]* %buf, i64 0, i64 0
   %1 = cmpxchg i8* %arrayidx, i8 %compare_to, i8 %new_value seq_cst seq_cst
   ; NOSAFETY: call void @__asan_store1
