Hi folks. I want to instrument store instructions selectively to sanitize their target operands.
I need to
First, identify instructions that access specific memory address at the LLVM IR and tag those store instructions
Second, pass tags to the LLVM ARM backend and instrument store instructions at the Machine IR.
In the second step, it’s currently infeasible to tag instructions by neither Instruction metadata nor Instruction debuginfo.
Because
Instruction metadata will be removed when lowering LLVM IR to SelectionDAG.
Debuginfo is const value which require no modification.
Another method is to replace store instructions in LLVM IR with LLVM intrinsic functions, and recover intrinsic functions with machine-specific store instructions at the ARM backend. However, it involves selecting the proper machine store instructions which may be tedious and error-prone.
Is there any other method to reach my goal?
Please correct me if anything I stated was wrong. Thank you in advance.
Thank you @tschuett. Sorry for the late reply.
I chose to insert function call before the specific store instructions eventually.
I first declared a custom intrinsic function in the file lnclude/llvm/IR/IntrinsicsARM.td.
Then I inserted a function call before the specific store instruction that I identified, with the help of a pass that works on the LLVM IR.
I want to use a pseudo instruction to replace to my custom intrinsic function call. Can you give me some advice about it? Thank you !
@XiaZhouZero Just curious about the intrinsic approach. How do you make sure that no other instruction will come in between intrinsic and store instruction? Is it guaranteed from LLVM passes that they’ll stay together?