[LLVMdev] Getting the memory address of all operands on an expression

[Abhinash Jain]

How to get memory address of all operands which constitutes an expression ?

eg. a=b+c; (want to know the memory address of b and c)...... Since I want
this at run time, So at assembly level this expression will become something
like as follows:-

Load r1, M[b]

Load r2, M[c]

r3=r1+r2

store M[a],r3

Now what i want to do is that, at every store instruction, I should get the
memory address of all the operands which have constituted that expression.
i.e. when am about to store at M[a], so with the help of r3, I should get
the memory address of b & c.

Have already gone through some basics of "use-def" thing but being novice to
LLVM, am not been able to write the pass for it. Hence need help on writing
the pass for it.




--
View this message in context: http://llvm.1065342.n5.nabble.com/Getting-the-memory-address-of-all-operands-on-an-expression-tp58435.html
Sent from the LLVM - Dev mailing list archive at Nabble.com.
_______________________________________________
LLVM Developers mailing list
LLV...@cs.uiuc.edu http://llvm.cs.uiuc.edu
http://lists.cs.uiuc.edu/mailman/listinfo/llvmdev

[Duncan Sands]

Hi Abhinash,

On 10/06/13 23:05, Abhinash Jain wrote:
> How to get memory address of all operands which constitutes an expression ?

in LLVM IR, the operands of most expression are registers, so don't have a
memory address. In short, you can't always succeed. However in cases where
the operands do come from memory in a fairly direct way, you can find out what
the memory is using the GetUnderlyingObject or GetUnderlyingObjects methods.

Ciao, Duncan.

[Abhinash Jain]

> in LLVM IR, the operands of most expression are registers, so don't have a
memory address.

Yes I agree with your this statement,
But before becoming part of the expressions, the registers will actually
fetch some value from memory, through Load operations.
as shown in example "r3=r1+r2" will be the expression, where registers such
as r1 and r2 contains (fetch) the values from the memory address b and c
resp. .
I want to know the way through which i can get this memory address of b and
c (in hexadecimal format).





--
View this message in context: http://llvm.1065342.n5.nabble.com/Getting-the-memory-address-of-all-operands-on-an-expression-tp58435p58583.html

[Sean Silva]

On Mon, Jun 17, 2013 at 11:49 PM, Abhinash Jain <om...@mailinator.com> wrote:

But before becoming part of the expressions, the registers will actually
fetch some value from memory, through Load operations.

 

This is not true; the virtual registers need not be loaded from memory. You may find <http://llvm.org/docs/FAQ.html#what-api-do-i-use-to-store-a-value-to-one-of-the-virtual-registers-in-llvm-ir-s-ssa-representation> helpful.

-- Sean Silva

[Abhinash Jain]

In short if suppose i have some expression as a=b+c-d*e, and with the help
of LLVM pass i want to make a string like this:-

"[Hexadecimal address of 'b'] [opcode of +] [Hexadecimal address of 'c']
[opcode of -] [Hexadecimal address of 'd'] [opcode of *] [Hexadecimal
address of 'e']".

Than how can i make it................



--
View this message in context: http://llvm.1065342.n5.nabble.com/Getting-the-memory-address-of-all-operands-on-an-expression-tp58435p58616.html

[Duncan Sands]

On 19/06/13 03:12, Abhinash Jain wrote:
> In short if suppose i have some expression as a=b+c-d*e, and with the help
> of LLVM pass i want to make a string like this:-
>
> "[Hexadecimal address of 'b'] [opcode of +] [Hexadecimal address of 'c']
> [opcode of -] [Hexadecimal address of 'd'] [opcode of *] [Hexadecimal
> address of 'e']".
>
> Than how can i make it................

You can't, because addresses are only known at run-time, while passes are run at
compile time. If you are running the program using the JIT then you can try to
extract the info at run-time from the internal JIT data structures.

Ciao, Duncan.

[Duncan Sands]

If it is loaded from memory you may be able to get hold of the load instruction
using GetUnderlyingObject or GetUnderlyingObjects
(see include/llvm/Analysis/ValueTracking.h), as I think I mentioned already in
my first reply.

Ciao, Duncan.

[Abhinash Jain]

> You can't, because addresses are only known at run-time, while passes are
run at compile time.

Actually I want to pass this string as an argument to a function (let say it
will just print it in on stdout), and this function will be called before
every store instruction at runtime.



--
View this message in context: http://llvm.1065342.n5.nabble.com/Getting-the-memory-address-of-all-operands-on-an-expression-tp58435p58621.html

Sent from the LLVM - Dev mailing list archive at Nabble.com.

[David Chisnall]

On 10 Jun 2013, at 22:05, Abhinash Jain <om...@mailinator.com> wrote:

> So at assembly level this expression will become something
> like as follows:-
>
> Load r1, M[b]
>
> Load r2, M[c]
>
> r3=r1+r2
>
> store M[a],r3

Your question is predicated on the assumption that this is true, when in fact it is not guaranteed. Values in LLVM IR registers may be on the stack. Or they may be in registers. Or they not exist at all at the end of the optimisation pipeline, because even simple things like constant folding and common subexpression elimination may end up making them redundant. If a value only ever exists in a register, then taking its address has no meaning.

If you want to guarantee that it is in memory, then you should manipulate it as a pointer. It must be created with a malloc() call, an alloca instruction, or a global value. You can then do an inttoptr on the pointer.

If it is passed as a scalar function parameter, however, then even this doesn't guarantee that you'll get a sensible value. Arguments are often passed in registers and so even if you spill it to the stack and then take the address of the stack slot (alloca, store, ptrtoint, call printf, load), then you will get a number, but it will not be meaningful.

It sounds like you are trying to do taint tracking, in which case you should look at some of the related work in this area. I know of at least two other projects that have implemented taint tracking in LLVM.

David