Lines Matching refs:Value
37 /// The default value of shadow is 0, which means "clean" (not poisoned).
52 /// They are stored in a second shadow mapping, one 4-byte value for 4 bytes
58 /// value associated with them. If these bytes contain uninitialized data
64 /// avoids storing origin to memory when a fully initialized value is stored.
70 /// Ideally, every atomic store of application value should update the
81 /// ordered such that the load will get either the value that was stored, or
82 /// some later value (which is always clean).
89 /// value. It implements the store part as a simple atomic store by storing a
332 /// \brief Thread-local shadow storage for function return value.
334 /// \brief Thread-local origin storage for function return value.
342 /// \brief Thread-local space used to pass origin value to the UMR reporting
347 Value *WarningFn;
349 Value *MaybeWarningFn[kNumberOfAccessSizes];
350 Value *MaybeStoreOriginFn[kNumberOfAccessSizes];
352 /// \brief Run-time helper that generates a new origin value for a stack
354 Value *MsanSetAllocaOrigin4Fn;
356 Value *MsanPoisonStackFn;
358 /// uninitialized value and returns an updated origin id encoding this info.
359 Value *MsanChainOriginFn;
361 Value *MemmoveFn, *MemcpyFn, *MemsetFn;
607 ValueMap<Value*, Value*> ShadowMap, OriginMap;
619 Value *Shadow;
620 Value *Origin;
622 ShadowOriginAndInsertPoint(Value *S, Value *O, Instruction *I)
644 Value *updateOrigin(Value *V, IRBuilder<> &IRB) {
649 Value *originToIntptr(IRBuilder<> &IRB, Value *Origin) {
658 /// \brief Fill memory range with the given origin value.
659 void paintOrigin(IRBuilder<> &IRB, Value *Origin, Value *OriginPtr,
670 Value *IntptrOrigin = originToIntptr(IRB, Origin);
671 Value *IntptrOriginPtr =
674 Value *Ptr = i ? IRB.CreateConstGEP1_32(MS.IntptrTy, IntptrOriginPtr, i)
683 Value *GEP =
690 void storeOrigin(IRBuilder<> &IRB, Value *Addr, Value *Shadow, Value *Origin,
700 Value *ConvertedShadow = convertToShadowTyNoVec(Shadow, IRB);
714 Value *Fn = MS.MaybeStoreOriginFn[SizeIndex];
715 Value *ConvertedShadow2 = IRB.CreateZExt(
721 Value *Cmp = IRB.CreateICmpNE(
738 Value *Val = SI.getValueOperand();
739 Value *Addr = SI.getPointerOperand();
740 Value *Shadow = SI.isAtomic() ? getCleanShadow(Val) : getShadow(Val);
741 Value *ShadowPtr = getShadowPtr(Addr, Shadow->getType(), IRB);
758 void materializeOneCheck(Instruction *OrigIns, Value *Shadow, Value *Origin,
762 Value *ConvertedShadow = convertToShadowTyNoVec(Shadow, IRB);
769 IRB.CreateStore(Origin ? (Value *)Origin : (Value *)IRB.getInt32(0),
786 Value *Fn = MS.MaybeWarningFn[SizeIndex];
787 Value *ConvertedShadow2 =
791 : (Value *)IRB.getInt32(0)});
793 Value *Cmp = IRB.CreateICmpNE(ConvertedShadow,
801 IRB.CreateStore(Origin ? (Value *)Origin : (Value *)IRB.getInt32(0),
813 Value *Shadow = ShadowData.Shadow;
814 Value *Origin = ShadowData.Origin;
826 // blocks, such nodes will not have any shadow value associated with them.
858 // Insert shadow value checks.
864 /// \brief Compute the shadow type that corresponds to a given Value.
865 Type *getShadowTy(Value *V) {
907 /// \brief Convert a shadow value to it's flattened variant.
908 Value *convertToShadowTyNoVec(Value *V, IRBuilder<> &IRB) {
919 Value *getShadowPtrOffset(Value *Addr, IRBuilder<> &IRB) {
920 Value *OffsetLong = IRB.CreatePointerCast(Addr, MS.IntptrTy);
938 Value *getShadowPtr(Value *Addr, Type *ShadowTy,
940 Value *ShadowLong = getShadowPtrOffset(Addr, IRB);
953 Value *getOriginPtr(Value *Addr, IRBuilder<> &IRB, unsigned Alignment) {
954 Value *OriginLong = getShadowPtrOffset(Addr, IRB);
972 Value *getShadowPtrForArgument(Value *A, IRBuilder<> &IRB,
974 Value *Base = IRB.CreatePointerCast(MS.ParamTLS, MS.IntptrTy);
981 Value *getOriginPtrForArgument(Value *A, IRBuilder<> &IRB,
984 Value *Base = IRB.CreatePointerCast(MS.ParamOriginTLS, MS.IntptrTy);
991 Value *getShadowPtrForRetval(Value *A, IRBuilder<> &IRB) {
992 Value *Base = IRB.CreatePointerCast(MS.RetvalTLS, MS.IntptrTy);
998 Value *getOriginPtrForRetval(IRBuilder<> &IRB) {
1003 /// \brief Set SV to be the shadow value for V.
1004 void setShadow(Value *V, Value *SV) {
1009 /// \brief Set Origin to be the origin value for V.
1010 void setOrigin(Value *V, Value *Origin) {
1017 /// \brief Create a clean shadow value for a given value.
1019 /// Clean shadow (all zeroes) means all bits of the value are defined
1021 Constant *getCleanShadow(Value *V) {
1047 /// \brief Create a dirty shadow for a given value.
1048 Constant *getPoisonedShadow(Value *V) {
1056 Value *getCleanOrigin() {
1060 /// \brief Get the shadow value for a given Value.
1062 /// This function either returns the value set earlier with setShadow,
1064 Value *getShadow(Value *V) {
1068 Value *Shadow = ShadowMap[V];
1072 assert(Shadow && "No shadow for a value");
1077 Value *AllOnes = PoisonUndef ? getPoisonedShadow(V) : getCleanShadow(V);
1084 Value **ShadowPtr = &ShadowMap[V];
1102 Value *Base = getShadowPtrForArgument(&FArg, EntryIRB, ArgOffset);
1119 Value *Cpy = EntryIRB.CreateMemCpy(
1138 Value *OriginPtr =
1155 Value *getShadow(Instruction *I, int i) {
1159 /// \brief Get the origin for a value.
1160 Value *getOrigin(Value *V) {
1165 "Unexpected value type in getOrigin()");
1166 Value *Origin = OriginMap[V];
1172 Value *getOrigin(Instruction *I, int i) {
1179 /// UMR warning in runtime if the shadow value is not 0.
1180 void insertShadowCheck(Value *Shadow, Value *Origin, Instruction *OrigIns) {
1195 /// UMR warning in runtime if the value is not fully defined.
1196 void insertShadowCheck(Value *Val, Instruction *OrigIns) {
1198 Value *Shadow, *Origin;
1255 Value *Addr = I.getPointerOperand();
1257 Value *ShadowPtr = getShadowPtr(Addr, ShadowTy, IRB);
1294 Value *Addr = I.getOperand(0);
1295 Value *ShadowPtr = getShadowPtr(Addr, I.getType(), IRB);
1402 /// is defined and 0, then neither the value not definedness of the
1406 // "And" of 0 and a poisoned value results in unpoisoned value.
1411 Value *S1 = getShadow(&I, 0);
1412 Value *S2 = getShadow(&I, 1);
1413 Value *V1 = I.getOperand(0);
1414 Value *V2 = I.getOperand(1);
1419 Value *S1S2 = IRB.CreateAnd(S1, S2);
1420 Value *V1S2 = IRB.CreateAnd(V1, S2);
1421 Value *S1V2 = IRB.CreateAnd(S1, V2);
1428 // "Or" of 1 and a poisoned value results in unpoisoned value.
1433 Value *S1 = getShadow(&I, 0);
1434 Value *S2 = getShadow(&I, 1);
1435 Value *V1 = IRB.CreateNot(I.getOperand(0));
1436 Value *V2 = IRB.CreateNot(I.getOperand(1));
1441 Value *S1S2 = IRB.CreateAnd(S1, S2);
1442 Value *V1S2 = IRB.CreateAnd(V1, S2);
1443 Value *S1V2 = IRB.CreateAnd(S1, V2);
1465 Value *Shadow;
1466 Value *Origin;
1475 Combiner &Add(Value *OpShadow, Value *OpOrigin) {
1492 // No point in adding something that might result in 0 origin value.
1494 Value *FlatShadow = MSV->convertToShadowTyNoVec(OpShadow, IRB);
1495 Value *Cond =
1504 /// \brief Add an application value to the mix.
1505 Combiner &Add(Value *V) {
1506 Value *OpShadow = MSV->getShadow(V);
1507 Value *OpOrigin = MSV->MS.TrackOrigins ? MSV->getOrigin(V) : nullptr;
1549 Value *CreateShadowCast(IRBuilder<> &IRB, Value *V, Type *dstTy,
1559 Value *V1 = IRB.CreateBitCast(V, Type::getIntNTy(*MS.C, srcSizeInBits));
1560 Value *V2 =
1566 /// \brief Cast an application value to the type of its own shadow.
1567 Value *CreateAppToShadowCast(IRBuilder<> &IRB, Value *V) {
1596 Value *OtherArg) {
1669 Value *A = I.getOperand(0);
1670 Value *B = I.getOperand(1);
1671 Value *Sa = getShadow(A);
1672 Value *Sb = getShadow(B);
1683 Value *C = IRB.CreateXor(A, B);
1684 Value *Sc = IRB.CreateOr(Sa, Sb);
1690 Value *Zero = Constant::getNullValue(Sc->getType());
1691 Value *MinusOne = Constant::getAllOnesValue(Sc->getType());
1692 Value *Si =
1701 value of V, taking into account V's
1703 Value *getLowestPossibleValue(IRBuilder<> &IRB, Value *A, Value *Sa,
1707 Value *SaOtherBits = IRB.CreateLShr(IRB.CreateShl(Sa, 1), 1);
1708 Value *SaSignBit = IRB.CreateXor(Sa, SaOtherBits);
1718 /// \brief Build the highest possible value of V, taking into account V's
1720 Value *getHighestPossibleValue(IRBuilder<> &IRB, Value *A, Value *Sa,
1724 Value *SaOtherBits = IRB.CreateLShr(IRB.CreateShl(Sa, 1), 1);
1725 Value *SaSignBit = IRB.CreateXor(Sa, SaOtherBits);
1742 Value *A = I.getOperand(0);
1743 Value *B = I.getOperand(1);
1744 Value *Sa = getShadow(A);
1745 Value *Sb = getShadow(B);
1757 Value *S1 = IRB.CreateICmp(I.getPredicate(),
1760 Value *S2 = IRB.CreateICmp(I.getPredicate(),
1763 Value *Si = IRB.CreateXor(S1, S2);
1774 Value *op = nullptr;
1792 Value *Shadow = IRB.CreateICmpSLT(getShadow(op), getCleanShadow(op),
1838 Value *S1 = getShadow(&I, 0);
1839 Value *S2 = getShadow(&I, 1);
1840 Value *S2Conv = IRB.CreateSExt(IRB.CreateICmpNE(S2, getCleanShadow(S2)),
1842 Value *V2 = I.getOperand(1);
1843 Value *Shift = IRB.CreateBinOp(I.getOpcode(), S1, V2);
1911 Value* Addr = I.getArgOperand(0);
1912 Value *Shadow = getShadow(&I, 1);
1913 Value *ShadowPtr = getShadowPtr(Addr, Shadow->getType(), IRB);
1935 Value *Addr = I.getArgOperand(0);
1939 Value *ShadowPtr = getShadowPtr(Addr, ShadowTy, IRB);
2031 Value *Op = I.getArgOperand(0);
2048 // In most cases conversion involves floating-point value which may trigger a
2053 // return a fully initialized value.
2056 Value *CopyOp, *ConvertOp;
2080 Value *ConvertShadow = getShadow(ConvertOp);
2081 Value *AggShadow = nullptr;
2086 Value *MoreShadow = IRB.CreateExtractElement(
2101 Value *ResultShadow = getShadow(CopyOp);
2118 Value *Lower64ShadowExtend(IRBuilder<> &IRB, Value *S, Type *T) {
2122 Value *S2 = IRB.CreateICmpNE(S, getCleanShadow(S));
2126 Value *VariableShadowExtend(IRBuilder<> &IRB, Value *S) {
2129 Value *S2 = IRB.CreateICmpNE(S, getCleanShadow(S));
2145 Value *S1 = getShadow(&I, 0);
2146 Value *S2 = getShadow(&I, 1);
2147 Value
2149 Value *V1 = I.getOperand(0);
2150 Value *V2 = I.getOperand(1);
2151 Value *Shift = IRB.CreateCall(I.getCalledValue(),
2207 Value *S1 = getShadow(&I, 0);
2208 Value *S2 = getShadow(&I, 1);
2219 Value *S1_ext = IRB.CreateSExt(
2221 Value *S2_ext = IRB.CreateSExt(
2232 Value *S =
2248 Value *S = IRB.CreateOr(getShadow(&I, 0), getShadow(&I, 1));
2264 Value *S = IRB.CreateOr(getShadow(&I, 0), getShadow(&I, 1));
2460 Value *A = *ArgIt;
2467 Value *Store = nullptr;
2471 Value *ArgShadow = getShadow(A);
2472 Value *ArgShadowBase = getShadowPtrForArgument(A, IRB, ArgOffset);
2517 Value *Base = getShadowPtrForRetval(&I, IRBBefore);
2538 Value *RetvalShadow =
2546 bool isAMustTailRetVal(Value *RetVal) {
2558 Value *RetVal = I.getReturnValue();
2562 Value *ShadowPtr = getShadowPtrForRetval(RetVal, IRB);
2565 Value *Shadow = getCleanShadow(RetVal);
2568 Value *Shadow = getShadow(RetVal);
2603 Value *ShadowBase = getShadowPtr(&I, Type::getInt8PtrTy(*MS.C), IRB);
2604 Value *PoisonValue = IRB.getInt8(PoisonStack ? ClPoisonStackPattern : 0);
2617 Value *Descr =
2632 Value *B = I.getCondition();
2633 Value *C = I.getTrueValue();
2634 Value *D = I.getFalseValue();
2635 Value *Sb = getShadow(B);
2636 Value *Sc = getShadow(C);
2637 Value *Sd = getShadow(D);
2640 Value *Sa0 = IRB.CreateSelect(B, Sc, Sd);
2641 Value *Sa1;
2660 Value *Sa = IRB.CreateSelect(Sb, Sa1, Sa0, "_msprop_select");
2704 Value *Agg = I.getAggregateOperand();
2706 Value *AggShadow = getShadow(Agg);
2708 Value *ResShadow = IRB.CreateExtractValue(AggShadow, I.getIndices());
2717 Value *AggShadow = getShadow(I.getAggregateOperand());
2718 Value *InsShadow = getShadow(I.getInsertedValueOperand());
2721 Value *Res = IRB.CreateInsertValue(AggShadow, InsShadow, I.getIndices());
2773 Value *VAArgTLSCopy;
2774 Value *VAArgOverflowSize;
2785 ArgKind classifyArgument(Value* arg) {
2812 Value *A = *ArgIt;
2820 Value *Base = getShadowPtrForVAArgument(RealTy, IRB, OverflowOffset);
2830 Value *Base;
2854 Value *getShadowPtrForVAArgument(Type *Ty, IRBuilder<> &IRB,
2856 Value *Base = IRB.CreatePointerCast(MS.VAArgTLS, MS.IntptrTy);
2867 Value *VAListTag = I.getArgOperand(0);
2868 Value *ShadowPtr = MSV.getShadowPtr(VAListTag, IRB.getInt8Ty(), IRB);
2880 Value *VAListTag = I.getArgOperand(0);
2881 Value *ShadowPtr = MSV.getShadowPtr(VAListTag, IRB.getInt8Ty(), IRB);
2897 Value *CopySize =
2909 Value *VAListTag = OrigInst->getArgOperand(0);
2911 Value *RegSaveAreaPtrPtr =
2916 Value *RegSaveAreaPtr = IRB.CreateLoad(RegSaveAreaPtrPtr);
2917 Value *RegSaveAreaShadowPtr =
2922 Value *OverflowArgAreaPtrPtr =
2927 Value *OverflowArgAreaPtr = IRB.CreateLoad(OverflowArgAreaPtrPtr);
2928 Value *OverflowArgAreaShadowPtr =
2930 Value *SrcPtr = IRB.CreateConstGEP1_32(IRB.getInt8Ty(), VAArgTLSCopy,
2942 Value *VAArgTLSCopy;
2943 Value *VAArgSize;
2957 Value *A = *ArgIt;
2958 Value *Base;
2979 Value *getShadowPtrForVAArgument(Type *Ty, IRBuilder<> &IRB,
2981 Value *Base = IRB.CreatePointerCast(MS.VAArgTLS, MS.IntptrTy);
2990 Value *VAListTag = I.getArgOperand(0);
2991 Value *ShadowPtr = MSV.getShadowPtr(VAListTag, IRB.getInt8Ty(), IRB);
2998 Value *VAListTag = I.getArgOperand(0);
2999 Value *ShadowPtr = MSV.getShadowPtr(VAListTag, IRB.getInt8Ty(), IRB);
3011 Value *CopySize = IRB.CreateAdd(ConstantInt::get(MS.IntptrTy, 0),
3026 Value *VAListTag = OrigInst->getArgOperand(0);
3027 Value *RegSaveAreaPtrPtr =
3030 Value *RegSaveAreaPtr = IRB.CreateLoad(RegSaveAreaPtrPtr);
3031 Value *RegSaveAreaShadowPtr =
3055 Value *VAArgTLSCopy;
3056 Value *VAArgOverflowSize;
3067 ArgKind classifyArgument(Value* arg) {
3094 Value *A = *ArgIt;
3100 Value *Base;
3124 Value *getShadowPtrForVAArgument(Type *Ty, IRBuilder<> &IRB,
3126 Value *Base = IRB.CreatePointerCast(MS.VAArgTLS, MS.IntptrTy);
3135 Value *VAListTag = I.getArgOperand(0);
3136 Value *ShadowPtr = MSV.getShadowPtr(VAListTag, IRB.getInt8Ty(), IRB);
3145 Value *VAListTag = I.getArgOperand(0);
3146 Value *ShadowPtr = MSV.getShadowPtr(VAListTag, IRB.getInt8Ty(), IRB);
3154 Value* getVAField64(IRBuilder<> &IRB, Value *VAListTag, int offset) {
3155 Value *SaveAreaPtrPtr =
3164 Value* getVAField32(IRBuilder<> &IRB, Value *VAListTag, int offset) {
3165 Value *SaveAreaPtr =
3170 Value *SaveArea32 = IRB.CreateLoad(SaveAreaPtr);
3182 Value *CopySize =
3189 Value *GrArgSize = ConstantInt::get(MS.IntptrTy, kAArch64GrArgSize);
3190 Value *VrArgSize = ConstantInt::get(MS.IntptrTy, kAArch64VrArgSize);
3198 Value *VAListTag = OrigInst->getArgOperand(0);
3210 // the __{gr,vr}_offs value (since they are stores based on incoming
3214 Value *StackSaveAreaPtr = getVAField64(IRB, VAListTag, 0);
3217 Value *GrTopSaveAreaPtr = getVAField64(IRB, VAListTag, 8);
3218 Value *GrOffSaveArea = getVAField32(IRB, VAListTag, 24);
3220 Value *GrRegSaveAreaPtr = IRB.CreateAdd(GrTopSaveAreaPtr, GrOffSaveArea);
3223 Value *VrTopSaveAreaPtr = getVAField64(IRB, VAListTag, 16);
3224 Value *VrOffSaveArea = getVAField32(IRB, VAListTag, 28);
3226 Value *VrRegSaveAreaPtr = IRB.CreateAdd(VrTopSaveAreaPtr, VrOffSaveArea);
3232 Value *GrRegSaveAreaShadowPtrOff =
3235 Value *GrRegSaveAreaShadowPtr =
3238 Value *GrSrcPtr = IRB.CreateInBoundsGEP(IRB.getInt8Ty(), VAArgTLSCopy,
3240 Value *GrCopySize = IRB.CreateSub(GrArgSize, GrRegSaveAreaShadowPtrOff);
3245 Value *VrRegSaveAreaShadowPtrOff =
3248 Value *VrRegSaveAreaShadowPtr =
3251 Value *VrSrcPtr = IRB.CreateInBoundsGEP(
3256 Value *VrCopySize = IRB.CreateSub(VrArgSize, VrRegSaveAreaShadowPtrOff);
3261 Value *StackSaveAreaShadowPtr =
3264 Value *StackSrcPtr =
