This is an archive of the discontinued LLVM Phabricator instance.

Differential D19667

[ubsan] Minimize size of data for type_mismatch
AbandonedPublic

Authored by filcab on Apr 28 2016, 9:38 AM.

Details

Reviewers
kcc
samsonov
rsmith
Summary

This patch makes the type_mismatch static data 7 bytes smaller (and it ends up
being 16 bytes smaller due to alignment restrictions, at least on some x86-64
environments).

Currently, I have no binary compatibility for using an older object file
(compiled before this change) with a newer clang. Depending on the compiler-rt
code review, this patch might be updated to better signal to the library that
this object has this new binary format.

Diff Detail

Event Timeline

filcab updated this revision to Diff 55428.Apr 28 2016, 9:38 AM
filcab retitled this revision from to [ubsan] Minimize size of data for type_mismatch.
filcab updated this object.
filcab added reviewers: kcc, samsonov, rsmith.
filcab added a subscriber: cfe-commits.
filcab mentioned this in D19668: [ubsan] Minimize size of data for type_mismatch.Apr 28 2016, 9:41 AM
bcraig added a subscriber: bcraig.Apr 28 2016, 10:11 AM

Is there an associated patch on the consuming side for this data?

filcab added a comment.Apr 28 2016, 10:44 AM

http://reviews.llvm.org/D19668 is the compiler-rt side of the patch.

rsmith accepted this revision.Apr 28 2016, 4:12 PM
rsmith edited edge metadata.
This revision is now accepted and ready to land.Apr 28 2016, 4:12 PM
filcab updated this revision to Diff 56261.May 5 2016, 4:07 AM
filcab edited edge metadata.

Update catch-undef-behavior.c

filcab added a comment.May 13 2016, 8:25 AM

Hi Richard. Just want to double-check something. If we have no alignment value, for this check, can we assume 1?
It seems to me that that shouldn't be a problem, but wanted to double-check.

lib/CodeGen/CGExpr.cpp
587

Would it be acceptable to set AlignVal to 1 if it's 0?

rsmith added inline comments.May 13 2016, 4:50 PM
lib/CodeGen/CGExpr.cpp
587

Yes, that seems fine. The alignment check will never fire if AlignVal is zero (that only happens if the type in question is incomplete, and we don't emit a check for it in that case). Setting it to 1 should prevent the runtime library from thinking that we detected an alignment problem.

It looks like the current patch will emit 255 as the alignment in that case; that also seems fine as a way of indicating "no alignment check". I doubt we'll ever need to deal with a real alignment value of 2^255 :)

filcab updated this revision to Diff 57342.May 16 2016, 6:07 AM

Minor update which never sets an AlignVal to 0.

filcab updated this revision to Diff 57350.May 16 2016, 7:40 AM

Added a version field.

filcab mentioned this in D21289: [ubsan] Version names of handlers.Jun 13 2016, 7:28 AM
filcab mentioned this in D21695: [clang] Version support for UBSan handlers.Jun 24 2016, 12:05 PM
filcab mentioned this in rL289444: [clang] Version support for UBSan handlers.Dec 12 2016, 8:29 AM
filcab abandoned this revision.Dec 15 2016, 7:28 AM

I will post a new patch, using the features from rL289444.

filcab mentioned this in rL291236: [ubsan] Minimize size of data for type_mismatch (Redo of D19667).Jan 6 2017, 6:58 AM

Revision Contents

PathSize
lib/
CodeGen/
13 lines
test/
CodeGen/
10 lines

Diff 57350

lib/CodeGen/CGExpr.cpp

Show First 20 LinesShow All 577 Lines▼ Show 20 Lines if (AlignVal) {
llvm::ConstantInt::get(IntPtrTy, AlignVal - 1)); llvm::ConstantInt::get(IntPtrTy, AlignVal - 1));
llvm::Value *Aligned = llvm::Value *Aligned =
Builder.CreateICmpEQ(Align, llvm::ConstantInt::get(IntPtrTy, 0)); Builder.CreateICmpEQ(Align, llvm::ConstantInt::get(IntPtrTy, 0));
Checks.push_back(std::make_pair(Aligned, SanitizerKind::Alignment)); Checks.push_back(std::make_pair(Aligned, SanitizerKind::Alignment));
} }
} }
if (Checks.size() > 0) { if (Checks.size() > 0) {
// Make sure we're not losing information. Alignment needs to be a power of
// 2
filcabAuthorUnsubmitted
Not Done
ReplyInline Actions

Would it be acceptable to set AlignVal to 1 if it's 0?

filcab: Would it be acceptable to set AlignVal to 1 if it's 0?
rsmithUnsubmitted
Not Done
ReplyInline Actions

Yes, that seems fine. The alignment check will never fire if AlignVal is zero (that only happens if the type in question is incomplete, and we don't emit a check for it in that case). Setting it to 1 should prevent the runtime library from thinking that we detected an alignment problem.

It looks like the current patch will emit 255 as the alignment in that case; that also seems fine as a way of indicating "no alignment check". I doubt we'll ever need to deal with a real alignment value of 2^255 :)

rsmith: Yes, that seems fine. The alignment check will never fire if `AlignVal` is zero (that only…
assert(!AlignVal || (uint64_t)1 << llvm::Log2_64(AlignVal) == AlignVal);
const unsigned TypeMismatchDataVersion = 2;
llvm::Constant *StaticData[] = { llvm::Constant *StaticData[] = {
EmitCheckSourceLocation(Loc), EmitCheckSourceLocation(Loc), EmitCheckTypeDescriptor(Ty),
EmitCheckTypeDescriptor(Ty), llvm::ConstantInt::get(Int8Ty, TypeMismatchDataVersion),
llvm::ConstantInt::get(SizeTy, AlignVal), llvm::ConstantInt::get(Int8Ty, AlignVal ? llvm::Log2_64(AlignVal) : 1),
llvm::ConstantInt::get(Int8Ty, TCK) llvm::ConstantInt::get(Int8Ty, TCK)};
};
EmitCheck(Checks, "type_mismatch", StaticData, Ptr); EmitCheck(Checks, "type_mismatch", StaticData, Ptr);
} }
// If possible, check that the vptr indicates that there is a subobject of // If possible, check that the vptr indicates that there is a subobject of
// type Ty at offset zero within this object. // type Ty at offset zero within this object.
// //
// C++11 [basic.life]p5,6: // C++11 [basic.life]p5,6:
// [For storage which does not refer to an object within its lifetime] // [For storage which does not refer to an object within its lifetime]
▲ Show 20 LinesShow All 3,649 LinesShow Last 20 Lines

test/CodeGen/catch-undef-behavior.c

// RUN: %clang_cc1 -fsanitize=alignment,null,object-size,shift-base,shift-exponent,return,signed-integer-overflow,vla-bound,float-cast-overflow,integer-divide-by-zero,bool,returns-nonnull-attribute,nonnull-attribute -fsanitize-recover=alignment,null,object-size,shift-base,shift-exponent,signed-integer-overflow,vla-bound,float-cast-overflow,integer-divide-by-zero,bool,returns-nonnull-attribute,nonnull-attribute -emit-llvm %s -o - -triple x86_64-linux-gnu | opt -instnamer -S | FileCheck %s --check-prefix=CHECK-COMMON --check-prefix=CHECK-UBSAN // RUN: %clang_cc1 -fsanitize=alignment,null,object-size,shift-base,shift-exponent,return,signed-integer-overflow,vla-bound,float-cast-overflow,integer-divide-by-zero,bool,returns-nonnull-attribute,nonnull-attribute -fsanitize-recover=alignment,null,object-size,shift-base,shift-exponent,signed-integer-overflow,vla-bound,float-cast-overflow,integer-divide-by-zero,bool,returns-nonnull-attribute,nonnull-attribute -emit-llvm %s -o - -triple x86_64-linux-gnu | opt -instnamer -S | FileCheck %s --check-prefix=CHECK-COMMON --check-prefix=CHECK-UBSAN
// RUN: %clang_cc1 -fsanitize-trap=alignment,null,object-size,shift-base,shift-exponent,return,signed-integer-overflow,vla-bound,float-cast-overflow,integer-divide-by-zero,bool,returns-nonnull-attribute,nonnull-attribute -fsanitize-recover=alignment,null,object-size,shift-base,shift-exponent,signed-integer-overflow,vla-bound,float-cast-overflow,integer-divide-by-zero,bool,returns-nonnull-attribute,nonnull-attribute -fsanitize=alignment,null,object-size,shift-base,shift-exponent,return,signed-integer-overflow,vla-bound,float-cast-overflow,integer-divide-by-zero,bool,returns-nonnull-attribute,nonnull-attribute -fsanitize-recover=alignment,null,object-size,shift-base,shift-exponent,signed-integer-overflow,vla-bound,float-cast-overflow,integer-divide-by-zero,bool,returns-nonnull-attribute,nonnull-attribute -emit-llvm %s -o - -triple x86_64-linux-gnu | opt -instnamer -S | FileCheck %s --check-prefix=CHECK-COMMON --check-prefix=CHECK-TRAP // RUN: %clang_cc1 -fsanitize-trap=alignment,null,object-size,shift-base,shift-exponent,return,signed-integer-overflow,vla-bound,float-cast-overflow,integer-divide-by-zero,bool,returns-nonnull-attribute,nonnull-attribute -fsanitize-recover=alignment,null,object-size,shift-base,shift-exponent,signed-integer-overflow,vla-bound,float-cast-overflow,integer-divide-by-zero,bool,returns-nonnull-attribute,nonnull-attribute -fsanitize=alignment,null,object-size,shift-base,shift-exponent,return,signed-integer-overflow,vla-bound,float-cast-overflow,integer-divide-by-zero,bool,returns-nonnull-attribute,nonnull-attribute -fsanitize-recover=alignment,null,object-size,shift-base,shift-exponent,signed-integer-overflow,vla-bound,float-cast-overflow,integer-divide-by-zero,bool,returns-nonnull-attribute,nonnull-attribute -emit-llvm %s -o - -triple x86_64-linux-gnu | opt -instnamer -S | FileCheck %s --check-prefix=CHECK-COMMON --check-prefix=CHECK-TRAP
// RUN: %clang_cc1 -fsanitize=null -fsanitize-recover=null -emit-llvm %s -o - -triple x86_64-linux-gnu | FileCheck %s --check-prefix=CHECK-NULL // RUN: %clang_cc1 -fsanitize=null -fsanitize-recover=null -emit-llvm %s -o - -triple x86_64-linux-gnu | FileCheck %s --check-prefix=CHECK-NULL
// RUN: %clang_cc1 -fsanitize=signed-integer-overflow -emit-llvm %s -o - -triple x86_64-linux-gnu | FileCheck %s --check-prefix=CHECK-OVERFLOW // RUN: %clang_cc1 -fsanitize=signed-integer-overflow -emit-llvm %s -o - -triple x86_64-linux-gnu | FileCheck %s --check-prefix=CHECK-OVERFLOW
// CHECK-UBSAN: @[[INT:.*]] = private unnamed_addr constant { i16, i16, [6 x i8] } { i16 0, i16 11, [6 x i8] c"'int'\00" } // CHECK-UBSAN: @[[INT:.*]] = private unnamed_addr constant { i16, i16, [6 x i8] } { i16 0, i16 11, [6 x i8] c"'int'\00" }
// FIXME: When we only emit each type once, use [[INT]] more below. // FIXME: When we only emit each type once, use [[INT]] more below.
// CHECK-UBSAN: @[[LINE_100:.*]] = private unnamed_addr global {{.*}}, i32 100, i32 5 {{.*}} @[[INT]], i64 4, i8 1 // CHECK-UBSAN: @[[LINE_100:.*]] = private unnamed_addr global {{.*}}, i32 100, i32 5 {{.*}} @[[INT]], i8 2, i8 2, i8 1
// CHECK-UBSAN: @[[LINE_200:.*]] = {{.*}}, i32 200, i32 10 {{.*}}, i64 4, i8 0 // CHECK-UBSAN: @[[LINE_200:.*]] = {{.*}}, i32 200, i32 10 {{.*}}, i8 2, i8 2, i8 0
// CHECK-UBSAN: @[[LINE_300:.*]] = {{.*}}, i32 300, i32 12 {{.*}} @{{.*}}, {{.*}} @{{.*}} // CHECK-UBSAN: @[[LINE_300:.*]] = {{.*}}, i32 300, i32 12 {{.*}} @{{.*}}, {{.*}} @{{.*}}
// CHECK-UBSAN: @[[LINE_400:.*]] = {{.*}}, i32 400, i32 12 {{.*}} @{{.*}}, {{.*}} @{{.*}} // CHECK-UBSAN: @[[LINE_400:.*]] = {{.*}}, i32 400, i32 12 {{.*}} @{{.*}}, {{.*}} @{{.*}}
// CHECK-UBSAN: @[[LINE_500:.*]] = {{.*}}, i32 500, i32 10 {{.*}} @{{.*}}, i64 4, i8 0 } // CHECK-UBSAN: @[[LINE_500:.*]] = {{.*}}, i32 500, i32 10 {{.*}} @{{.*}}, i8 2, i8 2, i8 0 }
// CHECK-UBSAN: @[[LINE_600:.*]] = {{.*}}, i32 600, i32 3 {{.*}} @{{.*}}, i64 4, i8 1 } // CHECK-UBSAN: @[[LINE_600:.*]] = {{.*}}, i32 600, i32 3 {{.*}} @{{.*}}, i8 2, i8 2, i8 1 }
// CHECK-UBSAN: @[[STRUCT_S:.*]] = private unnamed_addr constant { i16, i16, [11 x i8] } { i16 -1, i16 0, [11 x i8] c"'struct S'\00" } // CHECK-UBSAN: @[[STRUCT_S:.*]] = private unnamed_addr constant { i16, i16, [11 x i8] } { i16 -1, i16 0, [11 x i8] c"'struct S'\00" }
// CHECK-UBSAN: @[[LINE_700:.*]] = {{.*}}, i32 700, i32 14 {{.*}} @[[STRUCT_S]], i64 4, i8 3 } // CHECK-UBSAN: @[[LINE_700:.*]] = {{.*}}, i32 700, i32 14 {{.*}} @[[STRUCT_S]], i8 2, i8 2, i8 3 }
// CHECK-UBSAN: @[[LINE_800:.*]] = {{.*}}, i32 800, i32 12 {{.*}} @{{.*}} } // CHECK-UBSAN: @[[LINE_800:.*]] = {{.*}}, i32 800, i32 12 {{.*}} @{{.*}} }
// CHECK-UBSAN: @[[LINE_900:.*]] = {{.*}}, i32 900, i32 11 {{.*}} @{{.*}} } // CHECK-UBSAN: @[[LINE_900:.*]] = {{.*}}, i32 900, i32 11 {{.*}} @{{.*}} }
// CHECK-UBSAN: @[[LINE_1000:.*]] = {{.*}}, i32 1000, i32 10 {{.*}} @{{.*}} } // CHECK-UBSAN: @[[LINE_1000:.*]] = {{.*}}, i32 1000, i32 10 {{.*}} @{{.*}} }
// CHECK-UBSAN: @[[FP16:.*]] = private unnamed_addr constant { i16, i16, [9 x i8] } { i16 1, i16 16, [9 x i8] c"'__fp16'\00" } // CHECK-UBSAN: @[[FP16:.*]] = private unnamed_addr constant { i16, i16, [9 x i8] } { i16 1, i16 16, [9 x i8] c"'__fp16'\00" }
// CHECK-UBSAN: @[[LINE_1100:.*]] = {{.*}}, i32 1100, i32 8 {{.*}} @{{.*}} } // CHECK-UBSAN: @[[LINE_1100:.*]] = {{.*}}, i32 1100, i32 8 {{.*}} @{{.*}} }
// CHECK-UBSAN: @[[LINE_1200:.*]] = {{.*}}, i32 1200, i32 10 {{.*}} @{{.*}} } // CHECK-UBSAN: @[[LINE_1200:.*]] = {{.*}}, i32 1200, i32 10 {{.*}} @{{.*}} }
// CHECK-UBSAN: @[[LINE_1300:.*]] = {{.*}}, i32 1300, i32 10 {{.*}} @{{.*}} } // CHECK-UBSAN: @[[LINE_1300:.*]] = {{.*}}, i32 1300, i32 10 {{.*}} @{{.*}} }
// CHECK-UBSAN: @[[LINE_1400:.*]] = {{.*}}, i32 1400, i32 10 {{.*}} @{{.*}} } // CHECK-UBSAN: @[[LINE_1400:.*]] = {{.*}}, i32 1400, i32 10 {{.*}} @{{.*}} }
▲ Show 20 LinesShow All 408 LinesShow Last 20 Lines