Info on byval attributes

LLVM developers,

I was wondering if the program would still be safe if I strip the
byval attributes from the parameters in the entire bitcode.

LLVM language reference manual states that "The attribute implies that
a hidden copy of the pointee is made between the caller and the
callee, so the callee is unable to modify the value in the callee.
This attribute is only valid on LLVM pointer arguments."

Is there a way I can avoid the byval attribute by a custom
transformation? I was thinking of a custom transformation that
introduces an alloca and maintains the hidden copy of the pointee?

Thanks,
Santosh

LLVM developers,

I was wondering if the program would still be safe if I strip the
byval attributes from the parameters in the entire bitcode.

Can you explain why you want to remove the byval attribute? It is far better if you can handle code with the byval argument instead of trying to strip it away.

If it's for memory safety checking in SoftBound, it might help to know that SAFECode treats byval arguments as local alloca's in the callee; it registers the bounds of the byval argument on function entry.

LLVM language reference manual states that "The attribute implies that
a hidden copy of the pointee is made between the caller and the
callee, so the callee is unable to modify the value in the callee.
This attribute is only valid on LLVM pointer arguments."

Is there a way I can avoid the byval attribute by a custom
transformation? I was thinking of a custom transformation that
introduces an alloca and maintains the hidden copy of the pointee?

I would think that you could have either the caller or callee make a copy of the pointed-to memory object. However, there are some gotchas to consider:

1) You will probably need to remove byval from both call sites and function arguments. I'm not sure how the code generator inserts the hidden alloca and copy, and it wouldn't surprise me if different code generators do it differently.

2) You need to handle indirect call sites.

3) You may have ABI compliance issues with functions that escape to external code (either because they have externally visible linkage or because their address is taken and passed to external code).

Whatever your project is, supporting byval is probably a more robust solution than trying to remove byval from code.

-- John T.

Hi Santosh,

I was wondering if the program would still be safe if I strip the
byval attributes from the parameters in the entire bitcode.

no. For example, any writes performed by the callee to the byval
argument can't be seen by the caller when the call returns, but that
would no longer be true if you drop byval.

LLVM language reference manual states that "The attribute implies that
a hidden copy of the pointee is made between the caller and the
callee, so the callee is unable to modify the value in the callee.
This attribute is only valid on LLVM pointer arguments."

Is there a way I can avoid the byval attribute by a custom
transformation? I was thinking of a custom transformation that
introduces an alloca and maintains the hidden copy of the pointee?

This would change the ABI so is only possible if the function is not externally
visible (has internal linkage and does not have its address taken).

Ciao, Duncan.