This is an archive of the discontinued LLVM Phabricator instance.

Differential D45331

[StackProtector] Ignore certain intrinsics when calculating sspstrong heuristic.
ClosedPublic

Authored by mattd on Apr 5 2018, 11:33 AM.

Details

Reviewers
void
timshen
Commits
rG13b8331054a4: [StackProtector] Ignore certain intrinsics when calculating sspstrong heuristic.
rL329450: [StackProtector] Ignore certain intrinsics when calculating sspstrong heuristic.
Summary

The 'strong' StackProtector heuristic takes into consideration call instructions.
Certain intrinsics, such as lifetime.start, can cause the
StackProtector to protect functions that do not need to be protected.

Specifically, a volatile variable, (not optimized away), but belonging to a stack
allocation will encourage a llvm.lifetime.start to be inserted during
compilation. Because that intrinsic is a 'call' the strong StackProtector
will see that the alloca'd variable is being passed to a call instruction, and
insert a stack protector. In this case the intrinsic isn't really lowered to a
call. This can cause unnecessary stack checking, at the cost of additional
(wasted) CPU cycles.

In the future we should rely on TargetTransformInfo::isLoweredToCall, but as of
now that routine considers all intrinsics as not being lowerable. That needs
to be corrected, and such a change is on my list of things to get moving on.

As a side note, the updated stack-protector-dbginfo.ll test always seems to
pass. I never see the dbg.declare/dbg.value reaching the
StackProtector::HasAddressTaken, but I don't see any code excluding dbg
intrinsic calls either, so I think it's the safest thing to do.

Diff Detail

Repository
rL LLVM

Event Timeline

mattd created this revision.Apr 5 2018, 11:33 AM
timshen added a comment.Apr 5 2018, 7:50 PM

In the future we should rely on TargetTransformInfo::isLoweredToCall, but as of

now that routine considers all intrinsics as not being lowerable.

Can we just add lifetime intrinsics support into TTI::isLoweredToCall() ? Will it break other things? If it's doable, then the stackprotector just needs to call isLoweredToCall().

mattd added a comment.Apr 6 2018, 8:23 AM
In D45331#1059258, @timshen wrote:

In the future we should rely on TargetTransformInfo::isLoweredToCall, but as of
now that routine considers all intrinsics as not being lowerable.

Can we just add lifetime intrinsics support into TTI::isLoweredToCall() ? Will it break other things? If it's doable, then the stackprotector just needs to call isLoweredToCall().

I'm hesitant to modify isLoweredToCall right now, as I think it will need more work to decide whether a particular intrinsic is lowerable. For now, I figure we just put a
check to avoid counting the lifetime/debug intrinsics in this heuristic. It seems checks similar to the ones in this patch are pretty common throughout the codebase, at least for ignoring debug intrinsics.

timshen accepted this revision.Apr 6 2018, 11:23 AM

Sounds good, as it is not hard to track down and inspect all lifetime intrinsic heuristics in the future for using the improved isLoweredToCall().

This revision is now accepted and ready to land.Apr 6 2018, 11:23 AM
Closed by commit rL329450: [StackProtector] Ignore certain intrinsics when calculating sspstrong heuristic. (authored by mattd). · Explain WhyApr 6 2018, 1:17 PM
This revision was automatically updated to reflect the committed changes.
rob.lougher mentioned this in D53519: [CodeGen] skip lifetime end marker in isInTailCallPosition.Oct 23 2018, 11:11 AM

Revision Contents

PathSize
llvm/
trunk/
lib/
CodeGen/
15 lines
test/
CodeGen/
X86/
18 lines
17 lines

Diff 141409

llvm/trunk/lib/CodeGen/StackProtector.cpp

Show All 30 Lines
#include "llvm/IR/DebugInfo.h" #include "llvm/IR/DebugInfo.h"
#include "llvm/IR/DebugLoc.h" #include "llvm/IR/DebugLoc.h"
#include "llvm/IR/DerivedTypes.h" #include "llvm/IR/DerivedTypes.h"
#include "llvm/IR/Dominators.h" #include "llvm/IR/Dominators.h"
#include "llvm/IR/Function.h" #include "llvm/IR/Function.h"
#include "llvm/IR/IRBuilder.h" #include "llvm/IR/IRBuilder.h"
#include "llvm/IR/Instruction.h" #include "llvm/IR/Instruction.h"
#include "llvm/IR/Instructions.h" #include "llvm/IR/Instructions.h"
#include "llvm/IR/IntrinsicInst.h"
#include "llvm/IR/Intrinsics.h" #include "llvm/IR/Intrinsics.h"
#include "llvm/IR/MDBuilder.h" #include "llvm/IR/MDBuilder.h"
#include "llvm/IR/Module.h" #include "llvm/IR/Module.h"
#include "llvm/IR/Type.h" #include "llvm/IR/Type.h"
#include "llvm/IR/User.h" #include "llvm/IR/User.h"
#include "llvm/Pass.h" #include "llvm/Pass.h"
#include "llvm/Support/Casting.h" #include "llvm/Support/Casting.h"
#include "llvm/Support/CommandLine.h" #include "llvm/Support/CommandLine.h"
▲ Show 20 LinesShow All 130 Lines▼ Show 20 Lines if (ContainsProtectableArray(*I, IsLarge, Strong, true)) {
if (IsLarge) if (IsLarge)
return true; return true;
NeedsProtector = true; NeedsProtector = true;
} }
return NeedsProtector; return NeedsProtector;
} }
static bool isLifetimeInst(const Instruction *I) {
if (const auto Intrinsic = dyn_cast<IntrinsicInst>(I)) {
const auto Id = Intrinsic->getIntrinsicID();
return Id == Intrinsic::lifetime_start || Id == Intrinsic::lifetime_end;
}
return false;
}
bool StackProtector::HasAddressTaken(const Instruction *AI) { bool StackProtector::HasAddressTaken(const Instruction *AI) {
for (const User *U : AI->users()) { for (const User *U : AI->users()) {
if (const StoreInst *SI = dyn_cast<StoreInst>(U)) { if (const StoreInst *SI = dyn_cast<StoreInst>(U)) {
if (AI == SI->getValueOperand()) if (AI == SI->getValueOperand())
return true; return true;
} else if (const PtrToIntInst *SI = dyn_cast<PtrToIntInst>(U)) { } else if (const PtrToIntInst *SI = dyn_cast<PtrToIntInst>(U)) {
if (AI == SI->getOperand(0)) if (AI == SI->getOperand(0))
return true; return true;
} else if (isa<CallInst>(U)) { } else if (const CallInst *CI = dyn_cast<CallInst>(U)) {
// Ignore intrinsics that are not calls. TODO: Use isLoweredToCall().
if (!isa<DbgInfoIntrinsic>(CI) && !isLifetimeInst(CI))
return true; return true;
} else if (isa<InvokeInst>(U)) { } else if (isa<InvokeInst>(U)) {
return true; return true;
} else if (const SelectInst *SI = dyn_cast<SelectInst>(U)) { } else if (const SelectInst *SI = dyn_cast<SelectInst>(U)) {
if (HasAddressTaken(SI)) if (HasAddressTaken(SI))
return true; return true;
} else if (const PHINode *PN = dyn_cast<PHINode>(U)) { } else if (const PHINode *PN = dyn_cast<PHINode>(U)) {
// Keep track of what PHI nodes we have already visited to ensure // Keep track of what PHI nodes we have already visited to ensure
// they are only visited once. // they are only visited once.
▲ Show 20 LinesShow All 323 LinesShow Last 20 Lines

llvm/trunk/test/CodeGen/X86/stack-protector-dbginfo.ll

; RUN: llc -mtriple=x86_64-apple-darwin < %s -o - ; RUN: llc -mtriple=x86_64-apple-darwin < %s -o -
; RUN: llc -mtriple=x86_64-pc-linux-gnu < %s -o - | FileCheck --check-prefix=IGNORE_INTRIN %s
; PR16954 ; PR16954
; ;
; Make sure that when we splice off the end of a machine basic block, we include ; Make sure that when we splice off the end of a machine basic block, we include
; DBG_VALUE MI in the terminator sequence. ; DBG_VALUE MI in the terminator sequence.
@a = external global { i64, [56 x i8] }, align 32 @a = external global { i64, [56 x i8] }, align 32
; Function Attrs: nounwind sspreq ; Function Attrs: nounwind sspreq
define i32 @_Z18read_response_sizev() #0 !dbg !9 { define i32 @_Z18read_response_sizev() #0 !dbg !9 {
entry: entry:
tail call void @llvm.dbg.value(metadata !22, i64 0, metadata !23, metadata !DIExpression()), !dbg !39 tail call void @llvm.dbg.value(metadata !22, i64 0, metadata !23, metadata !DIExpression()), !dbg !39
%0 = load i64, i64* getelementptr inbounds ({ i64, [56 x i8] }, { i64, [56 x i8] }* @a, i32 0, i32 0), align 8, !dbg !40 %0 = load i64, i64* getelementptr inbounds ({ i64, [56 x i8] }, { i64, [56 x i8] }* @a, i32 0, i32 0), align 8, !dbg !40
tail call void @llvm.dbg.value(metadata i32 undef, i64 0, metadata !64, metadata !DIExpression()), !dbg !71 tail call void @llvm.dbg.value(metadata i32 undef, i64 0, metadata !64, metadata !DIExpression()), !dbg !71
%1 = trunc i64 %0 to i32 %1 = trunc i64 %0 to i32
ret i32 %1 ret i32 %1
} }
define i32 @IgnoreIntrinsicTest() #1 {
; IGNORE_INTRIN: IgnoreIntrinsicTest:
%1 = alloca i32, align 4
%2 = bitcast i32* %1 to i8*
call void @llvm.dbg.declare(metadata i32* %1, metadata !73, metadata !DIExpression()), !dbg !74
store volatile i32 1, i32* %1, align 4
%3 = load volatile i32, i32* %1, align 4
%4 = mul nsw i32 %3, 42
ret i32 %4
; IGNORE_INTRIN-NOT: callq __stack_chk_fail
; IGNORE_INTRIN: .cfi_endproc
}
; Function Attrs: nounwind readnone ; Function Attrs: nounwind readnone
declare void @llvm.dbg.value(metadata, i64, metadata, metadata) declare void @llvm.dbg.value(metadata, i64, metadata, metadata)
declare void @llvm.dbg.declare(metadata, metadata, metadata)
attributes #0 = { sspreq } attributes #0 = { sspreq }
!llvm.dbg.cu = !{!0} !llvm.dbg.cu = !{!0}
!llvm.module.flags = !{!21, !72} !llvm.module.flags = !{!21, !72}
!0 = distinct !DICompileUnit(language: DW_LANG_C_plus_plus, producer: "clang version 3.4 ", isOptimized: true, emissionKind: FullDebug, file: !1, enums: !2, retainedTypes: !5, globals: !20, imports: !5) !0 = distinct !DICompileUnit(language: DW_LANG_C_plus_plus, producer: "clang version 3.4 ", isOptimized: true, emissionKind: FullDebug, file: !1, enums: !2, retainedTypes: !5, globals: !20, imports: !5)
!1 = !DIFile(filename: "<unknown>", directory: "/Users/matt/ryan_bug") !1 = !DIFile(filename: "<unknown>", directory: "/Users/matt/ryan_bug")
▲ Show 20 LinesShow All 58 Lines▼ Show 20 Lines
!65 = distinct !DISubprogram(name: "operator()", linkageName: "_ZN3__11AclERKiS2_", line: 1, isLocal: false, isDefinition: true, virtualIndex: 6, flags: DIFlagPrototyped, isOptimized: true, unit: !0, scopeLine: 2, file: !1, scope: !25, type: !47, declaration: !46, variables: !66) !65 = distinct !DISubprogram(name: "operator()", linkageName: "_ZN3__11AclERKiS2_", line: 1, isLocal: false, isDefinition: true, virtualIndex: 6, flags: DIFlagPrototyped, isOptimized: true, unit: !0, scopeLine: 2, file: !1, scope: !25, type: !47, declaration: !46, variables: !66)
!66 = !{!67, !69, !70} !66 = !{!67, !69, !70}
!67 = !DILocalVariable(name: "this", arg: 1, flags: DIFlagArtificial | DIFlagObjectPointer, scope: !65, type: !68) !67 = !DILocalVariable(name: "this", arg: 1, flags: DIFlagArtificial | DIFlagObjectPointer, scope: !65, type: !68)
!68 = !DIDerivedType(tag: DW_TAG_pointer_type, size: 64, align: 64, baseType: !44) !68 = !DIDerivedType(tag: DW_TAG_pointer_type, size: 64, align: 64, baseType: !44)
!69 = !DILocalVariable(name: "p1", line: 1, arg: 2, scope: !65, file: !10, type: !50) !69 = !DILocalVariable(name: "p1", line: 1, arg: 2, scope: !65, file: !10, type: !50)
!70 = !DILocalVariable(name: "", line: 2, arg: 3, scope: !65, file: !10, type: !50) !70 = !DILocalVariable(name: "", line: 2, arg: 3, scope: !65, file: !10, type: !50)
!71 = !DILocation(line: 1, scope: !65, inlinedAt: !40) !71 = !DILocation(line: 1, scope: !65, inlinedAt: !40)
!72 = !{i32 1, !"Debug Info Version", i32 3} !72 = !{i32 1, !"Debug Info Version", i32 3}
!73 = !DILocalVariable(name: "x", scope: !74, file: !1, line: 2, type: !13)
!74 = distinct !DISubprogram(name: "IgnoreIntrinsicTest", linkageName: "IgnoreIntrinsicTest", scope: !1, file: !1, line: 1, type: !13, isLocal: false, isDefinition: true, scopeLine: 1, flags: DIFlagPrototyped, isOptimized: true, unit: !0, variables: !5)
!75 = !DILocation(line: 2, column: 16, scope: !7)

llvm/trunk/test/CodeGen/X86/stack-protector.ll

; RUN: llc -mtriple=i386-pc-linux-gnu < %s -o - | FileCheck --check-prefix=LINUX-I386 %s ; RUN: llc -mtriple=i386-pc-linux-gnu < %s -o - | FileCheck --check-prefix=LINUX-I386 %s
; RUN: llc -mtriple=x86_64-pc-linux-gnu < %s -o - | FileCheck --check-prefix=LINUX-X64 %s ; RUN: llc -mtriple=x86_64-pc-linux-gnu < %s -o - | FileCheck --check-prefix=LINUX-X64 %s
; RUN: llc -code-model=kernel -mtriple=x86_64-pc-linux-gnu < %s -o - | FileCheck --check-prefix=LINUX-KERNEL-X64 %s ; RUN: llc -code-model=kernel -mtriple=x86_64-pc-linux-gnu < %s -o - | FileCheck --check-prefix=LINUX-KERNEL-X64 %s
; RUN: llc -mtriple=x86_64-apple-darwin < %s -o - | FileCheck --check-prefix=DARWIN-X64 %s ; RUN: llc -mtriple=x86_64-apple-darwin < %s -o - | FileCheck --check-prefix=DARWIN-X64 %s
; RUN: llc -mtriple=amd64-pc-openbsd < %s -o - | FileCheck --check-prefix=OPENBSD-AMD64 %s ; RUN: llc -mtriple=amd64-pc-openbsd < %s -o - | FileCheck --check-prefix=OPENBSD-AMD64 %s
; RUN: llc -mtriple=i386-pc-windows-msvc < %s -o - | FileCheck -check-prefix=MSVC-I386 %s ; RUN: llc -mtriple=i386-pc-windows-msvc < %s -o - | FileCheck -check-prefix=MSVC-I386 %s
; RUN: llc -mtriple=x86_64-w64-mingw32 < %s -o - | FileCheck --check-prefix=MINGW-X64 %s ; RUN: llc -mtriple=x86_64-w64-mingw32 < %s -o - | FileCheck --check-prefix=MINGW-X64 %s
; RUN: llc -mtriple=x86_64-pc-linux-gnu < %s -o - | FileCheck --check-prefix=IGNORE_INTRIN %s
%struct.foo = type { [16 x i8] } %struct.foo = type { [16 x i8] }
%struct.foo.0 = type { [4 x i8] } %struct.foo.0 = type { [4 x i8] }
%struct.pair = type { i32, i32 } %struct.pair = type { i32, i32 }
%struct.nest = type { %struct.pair, %struct.pair } %struct.nest = type { %struct.pair, %struct.pair }
%struct.vec = type { <4 x i32> } %struct.vec = type { <4 x i32> }
%class.A = type { [2 x i8] } %class.A = type { [2 x i8] }
%struct.deep = type { %union.anon } %struct.deep = type { %union.anon }
▲ Show 20 LinesShow All 4,060 Lines▼ Show 20 Lines
; OPENBSD-AMD64: .loc 1 4 2 prologue_end ; OPENBSD-AMD64: .loc 1 4 2 prologue_end
; OPENBSD-AMD64: .loc 1 0 0 ; OPENBSD-AMD64: .loc 1 0 0
; OPENBSD-AMD64-NEXT: movl ; OPENBSD-AMD64-NEXT: movl
; OPENBSD-AMD64-NEXT: callq __stack_smash_handler ; OPENBSD-AMD64-NEXT: callq __stack_smash_handler
%0 = alloca [5 x i8], align 1 %0 = alloca [5 x i8], align 1
ret void, !dbg !9 ret void, !dbg !9
} }
define i32 @IgnoreIntrinsicTest() #1 {
; IGNORE_INTRIN: IgnoreIntrinsicTest:
%1 = alloca i32, align 4
%2 = bitcast i32* %1 to i8*
call void @llvm.lifetime.start.p0i8(i64 4, i8* nonnull %2)
store volatile i32 1, i32* %1, align 4
%3 = load volatile i32, i32* %1, align 4
%4 = mul nsw i32 %3, 42
call void @llvm.lifetime.end.p0i8(i64 4, i8* nonnull %2)
ret i32 %4
; IGNORE_INTRIN-NOT: callq __stack_chk_fail
; IGNORE_INTRIN: .cfi_endproc
}
declare double @testi_aux() declare double @testi_aux()
declare i8* @strcpy(i8*, i8*) declare i8* @strcpy(i8*, i8*)
declare i32 @printf(i8*, ...) declare i32 @printf(i8*, ...)
declare void @funcall(i32*) declare void @funcall(i32*)
declare void @funcall2(i32**) declare void @funcall2(i32**)
declare void @funfloat(float*) declare void @funfloat(float*)
declare void @funfloat2(float**) declare void @funfloat2(float**)
declare void @_Z3exceptPi(i32*) declare void @_Z3exceptPi(i32*)
declare i32 @__gxx_personality_v0(...) declare i32 @__gxx_personality_v0(...)
declare i32* @getp() declare i32* @getp()
declare i32 @dummy(...) declare i32 @dummy(...)
declare void @llvm.memcpy.p0i8.p0i8.i64(i8* nocapture, i8* nocapture readonly, i64, i1) declare void @llvm.memcpy.p0i8.p0i8.i64(i8* nocapture, i8* nocapture readonly, i64, i1)
declare void @llvm.lifetime.start.p0i8(i64, i8* nocapture)
declare void @llvm.lifetime.end.p0i8(i64, i8* nocapture)
attributes #0 = { ssp } attributes #0 = { ssp }
attributes #1 = { sspstrong } attributes #1 = { sspstrong }
attributes #2 = { sspreq } attributes #2 = { sspreq }
attributes #3 = { ssp "stack-protector-buffer-size"="33" } attributes #3 = { ssp "stack-protector-buffer-size"="33" }
attributes #4 = { ssp "stack-protector-buffer-size"="5" } attributes #4 = { ssp "stack-protector-buffer-size"="5" }
attributes #5 = { ssp "stack-protector-buffer-size"="6" } attributes #5 = { ssp "stack-protector-buffer-size"="6" }
Show All 14 Lines