Download Raw Diff

Details

Reviewers

MaskRay
aaron.ballman
erichkeane

Commits

rG3b1fd19357be: [CodeGen] Diagnose and reject non-function ifunc resolvers

Summary

Signed-off-by: Itay Bookstein <ibookstein@gmail.com>

Diff Detail

Repository: rG LLVM Github Monorepo

Event Timeline

ibookstein requested review of this revision.Oct 30 2021, 4:39 AM

ibookstein created this revision.

Herald added a project: Restricted Project. · View Herald TranscriptOct 30 2021, 4:39 AM

Herald added a subscriber: cfe-commits. · View Herald Transcript

Harbormaster completed remote builds in B131571: Diff 383577.Oct 30 2021, 5:11 AM

clang-format

Harbormaster completed remote builds in B131635: Diff 383661.Oct 31 2021, 11:52 AM

One thing that surprises me is that the test changes are in Sema but the code changes are in CodeGen. I see that this test actually emits LLVM IR. Should it be moved (as an NFC change)?

erichkeane added a subscriber: erichkeane.Nov 3 2021, 7:33 AM

erichkeane added inline comments.

clang/lib/CodeGen/CodeGenModule.cpp
315–316	Can you explain a bit better how this change here works? The previous version appears to have done quite a bit of work in the loop to look through aliases/ifuncs, and it seems we don't do that anymore?
392	What is the purpose of changing this from checking the declaration to the IR? It seems that this is something we should be able to catch at the AST level and not have to revert to IR checks like this.
clang/test/Sema/attr-ifunc.c
16 ↗	(On Diff #383661)	Did we lose this previous error? We still want that to happen, right?

ibookstein added inline comments.Nov 5 2021, 1:22 AM

clang/lib/CodeGen/CodeGenModule.cpp
315–316	Previously this function would have drilled through an arbitrary ifunc->alias->ifunc->alias interleaving structure. This is sort of peculiar since for alias->ifunc it would return the resolver (rather than the aliasee, which is the ifunc itself), and for ifunc->ifunc (which is invalid anyway) it would return the second ifunc's resolver. In this change I want it to stop at the first non-alias object it encounters, and for ifuncs diagnose when the type of such an object is incorrect. That is exactly what the `GlobalValue::getAliaseeObject()` function does - it pierces through aliases in a loop. In essence, in an alias->ifunc->alias->... chain there should always be 0 or 1 ifuncs, and if there's an ifunc the last object should be a resolver function (and not a global variable or an ifunc). If you were to try the following code snippet, you'll see that it asserts/crashes clang prior to this patch: int g_var; void foo(void) __attribute__((ifunc("g_var")));
392	Inside `checkAliasedGlobal` I wanted to save on a parameter (`D`) since then I would just be passing it redundantly because the information is already available on the `Alias`. Here I wanted the check to be an exact copy of the check inside `checkAliasedGlobal` for consistency. I don't mind changing that at at all, I guess I just don't see why I should prefer one over the other :)
clang/test/Sema/attr-ifunc.c
16 ↗	(On Diff #383661)	One of the two errors (the one on `f2_b`) is enough, IMO. There's some lopsidedness in this 'cycle' diagnosis because I consider the ifunc 'hop' to be special - it is no longer treated as a plain alias to loop into. This case is the `if (FinalGV == GV)` in the `getAliasedGlobal` implementation above. It's also possible to diagnose this as "resolver of ifunc cannot be ifunc" (if I remove that condition).

Explanations make sense to me, I'm generally in favor with the 1 concern.

clang/lib/CodeGen/CodeGenModule.cpp
392	The CFE (particularly when doing checks, but even when generating code) should be doing as much based on the AST rather than the IR, as it makes us a bit more fragile/dependent on the form of the IR. So typcially we try to avoid determining types/etc from IR. Note we break this rule a bunch, but it is currently burning us on opaque-ptr for example.

Changed to using D->hasAttr<IFuncAttr>() and passing that
bool into the checkAliasedGlobal function.

Harbormaster completed remote builds in B132792: Diff 385211.Nov 5 2021, 4:18 PM

Nicer param order for checkAliasedGlobal..

Harbormaster completed remote builds in B132793: Diff 385212.Nov 5 2021, 4:45 PM

erichkeane accepted this revision.Nov 8 2021, 5:51 AM

This revision is now accepted and ready to land.Nov 8 2021, 5:51 AM

clang-format + fastforward rebase

Harbormaster completed remote builds in B133052: Diff 385541.Nov 8 2021, 10:33 AM

In D112868#3105942, @aaron.ballman wrote:

One thing that surprises me is that the test changes are in Sema but the code changes are in CodeGen. I see that this test actually emits LLVM IR. Should it be moved (as an NFC change)?

Echo this question. Otherwise the new behavior looks good to me.

move attr-ifunc.c test to codegen

Harbormaster completed remote builds in B133096: Diff 385603.Nov 8 2021, 12:53 PM

move test from Sema to CodeGen (trying to make arcanist send multiple
separate commits..?)

Harbormaster completed remote builds in B133099: Diff 385606.Nov 8 2021, 1:01 PM

ibookstein added a child revision: D113431: [clang][test][NFC] Move attr-ifunc.c test from Sema to CodeGen.Nov 8 2021, 1:06 PM

ibookstein removed a child revision: D113431: [clang][test][NFC] Move attr-ifunc.c test from Sema to CodeGen.Nov 8 2021, 1:13 PM

ibookstein added a parent revision: D113431: [clang][test][NFC] Move attr-ifunc.c test from Sema to CodeGen.

rebase fix after adding parent NFC commits

I assume that dancing with GlobalValue makes this difficult to implement in lib/Sema.

Harbormaster completed remote builds in B133329: Diff 385926.Nov 9 2021, 1:09 PM

Yeah, it's real ugly from a CFE/LLVM separation POV. I also can't avoid seeing it as a duplication of the verifier's logic. But emitting diagnoses is better than asserting/crashing...
For the recursion, maybe an equivalent of getAliaseeObject on GlobalDecl-s could work? For the rest - not steeped in the code enough to say...

Closed by commit rG3b1fd19357be: [CodeGen] Diagnose and reject non-function ifunc resolvers (authored by ibookstein). · Explain WhyNov 9 2021, 1:51 PM

This revision was automatically updated to reflect the committed changes.

ibookstein added a commit: rG3b1fd19357be: [CodeGen] Diagnose and reject non-function ifunc resolvers.

Diff 385967

clang/lib/CodeGen/CodeGenModule.cpp

Show First 20 Lines • Show All 306 Lines • ▼ Show 20 Lines	for (auto &I : GlobalValReplacements) {

GV->replaceAllUsesWith(C);		GV->replaceAllUsesWith(C);
GV->eraseFromParent();		GV->eraseFromParent();
}		}
}		}

// This is only used in aliases that we created and we know they have a		// This is only used in aliases that we created and we know they have a
// linear structure.		// linear structure.
static const llvm::GlobalValue getAliasedGlobal(const llvm::GlobalValue GV) {		static const llvm::GlobalValue getAliasedGlobal(const llvm::GlobalValue GV) {
llvm::SmallPtrSet<const llvm::GlobalValue *, 4> Visited;
for (;;) {
if (!GV \|\| !Visited.insert(GV).second)
return nullptr;

const llvm::Constant *C;		const llvm::Constant *C;
		erichkeaneUnsubmitted Not Done Reply Inline Actions Can you explain a bit better how this change here works? The previous version appears to have done quite a bit of work in the loop to look through aliases/ifuncs, and it seems we don't do that anymore? erichkeane: Can you explain a bit better how this change here works? The previous version appears to have…
		ibooksteinAuthorUnsubmitted Done Reply Inline Actions Previously this function would have drilled through an arbitrary ifunc->alias->ifunc->alias interleaving structure. This is sort of peculiar since for alias->ifunc it would return the resolver (rather than the aliasee, which is the ifunc itself), and for ifunc->ifunc (which is invalid anyway) it would return the second ifunc's resolver. In this change I want it to stop at the first non-alias object it encounters, and for ifuncs diagnose when the type of such an object is incorrect. That is exactly what the `GlobalValue::getAliaseeObject()` function does - it pierces through aliases in a loop. In essence, in an alias->ifunc->alias->... chain there should always be 0 or 1 ifuncs, and if there's an ifunc the last object should be a resolver function (and not a global variable or an ifunc). If you were to try the following code snippet, you'll see that it asserts/crashes clang prior to this patch: int g_var; void foo(void) __attribute__((ifunc("g_var"))); ibookstein: Previously this function would have drilled through an arbitrary ifunc->alias->ifunc->alias…
if (auto *GA = dyn_cast<llvm::GlobalAlias>(GV))		if (auto *GA = dyn_cast<llvm::GlobalAlias>(GV))
C = GA->getAliasee();		C = GA->getAliasee();
else if (auto *GI = dyn_cast<llvm::GlobalIFunc>(GV))		else if (auto *GI = dyn_cast<llvm::GlobalIFunc>(GV))
C = GI->getResolver();		C = GI->getResolver();
else		else
return GV;		return GV;

GV = dyn_cast<llvm::GlobalValue>(C->stripPointerCasts());		const auto *AliaseeGV = dyn_cast<llvm::GlobalValue>(C->stripPointerCasts());
		if (!AliaseeGV)
		return nullptr;

		const llvm::GlobalValue *FinalGV = AliaseeGV->getAliaseeObject();
		if (FinalGV == GV)
		return nullptr;

		return FinalGV;
}		}

		static bool checkAliasedGlobal(DiagnosticsEngine &Diags,
		SourceLocation Location, bool IsIFunc,
		const llvm::GlobalValue *Alias,
		const llvm::GlobalValue *&GV) {
		GV = getAliasedGlobal(Alias);
		if (!GV) {
		Diags.Report(Location, diag::err_cyclic_alias) << IsIFunc;
		return false;
		}

		if (GV->isDeclaration()) {
		Diags.Report(Location, diag::err_alias_to_undefined) << IsIFunc << IsIFunc;
		return false;
		}

		if (IsIFunc) {
		// Check resolver function type.
		const auto *F = dyn_cast<llvm::Function>(GV);
		if (!F) {
		Diags.Report(Location, diag::err_alias_to_undefined)
		<< IsIFunc << IsIFunc;
		return false;
		}

		llvm::FunctionType *FTy = F->getFunctionType();
		if (!FTy->getReturnType()->isPointerTy()) {
		Diags.Report(Location, diag::err_ifunc_resolver_return);
		return false;
		}
		}

		return true;
}		}

void CodeGenModule::checkAliases() {		void CodeGenModule::checkAliases() {
// Check if the constructed aliases are well formed. It is really unfortunate		// Check if the constructed aliases are well formed. It is really unfortunate
// that we have to do this in CodeGen, but we only construct mangled names		// that we have to do this in CodeGen, but we only construct mangled names
// and aliases during codegen.		// and aliases during codegen.
bool Error = false;		bool Error = false;
DiagnosticsEngine &Diags = getDiags();		DiagnosticsEngine &Diags = getDiags();
for (const GlobalDecl &GD : Aliases) {		for (const GlobalDecl &GD : Aliases) {
const auto *D = cast<ValueDecl>(GD.getDecl());		const auto *D = cast<ValueDecl>(GD.getDecl());
SourceLocation Location;		SourceLocation Location;
bool IsIFunc = D->hasAttr<IFuncAttr>();		bool IsIFunc = D->hasAttr<IFuncAttr>();
if (const Attr *A = D->getDefiningAttr())		if (const Attr *A = D->getDefiningAttr())
Location = A->getLocation();		Location = A->getLocation();
else		else
llvm_unreachable("Not an alias or ifunc?");		llvm_unreachable("Not an alias or ifunc?");

StringRef MangledName = getMangledName(GD);		StringRef MangledName = getMangledName(GD);
llvm::GlobalValue *Alias = GetGlobalValue(MangledName);		llvm::GlobalValue *Alias = GetGlobalValue(MangledName);
const llvm::GlobalValue *GV = getAliasedGlobal(Alias);		const llvm::GlobalValue *GV = nullptr;
if (!GV) {		if (!checkAliasedGlobal(Diags, Location, IsIFunc, Alias, GV)) {
Error = true;		Error = true;
Diags.Report(Location, diag::err_cyclic_alias) << IsIFunc;		continue;
} else if (GV->isDeclaration()) {
Error = true;
Diags.Report(Location, diag::err_alias_to_undefined)
<< IsIFunc << IsIFunc;
} else if (IsIFunc) {
// Check resolver function type.
llvm::FunctionType *FTy = dyn_cast<llvm::FunctionType>(
GV->getType()->getPointerElementType());
assert(FTy);
if (!FTy->getReturnType()->isPointerTy())
Diags.Report(Location, diag::err_ifunc_resolver_return);
}		}

llvm::Constant *Aliasee =		llvm::Constant *Aliasee =
		erichkeaneUnsubmitted Not Done Reply Inline Actions What is the purpose of changing this from checking the declaration to the IR? It seems that this is something we should be able to catch at the AST level and not have to revert to IR checks like this. erichkeane: What is the purpose of changing this from checking the declaration to the IR? It seems that…
		ibooksteinAuthorUnsubmitted Done Reply Inline Actions Inside `checkAliasedGlobal` I wanted to save on a parameter (`D`) since then I would just be passing it redundantly because the information is already available on the `Alias`. Here I wanted the check to be an exact copy of the check inside `checkAliasedGlobal` for consistency. I don't mind changing that at at all, I guess I just don't see why I should prefer one over the other :) ibookstein: Inside `checkAliasedGlobal` I wanted to save on a parameter (`D`) since then I would just be…
		erichkeaneUnsubmitted Not Done Reply Inline Actions The CFE (particularly when doing checks, but even when generating code) should be doing as much based on the AST rather than the IR, as it makes us a bit more fragile/dependent on the form of the IR. So typcially we try to avoid determining types/etc from IR. Note we break this rule a bunch, but it is currently burning us on opaque-ptr for example. erichkeane: The CFE (particularly when doing checks, but even when generating code) should be doing as much…
IsIFunc ? cast<llvm::GlobalIFunc>(Alias)->getResolver()		IsIFunc ? cast<llvm::GlobalIFunc>(Alias)->getResolver()
: cast<llvm::GlobalAlias>(Alias)->getAliasee();		: cast<llvm::GlobalAlias>(Alias)->getAliasee();

llvm::GlobalValue *AliaseeGV;		llvm::GlobalValue *AliaseeGV;
if (auto CE = dyn_cast<llvm::ConstantExpr>(Aliasee))		if (auto CE = dyn_cast<llvm::ConstantExpr>(Aliasee))
AliaseeGV = cast<llvm::GlobalValue>(CE->getOperand(0));		AliaseeGV = cast<llvm::GlobalValue>(CE->getOperand(0));
else		else
AliaseeGV = cast<llvm::GlobalValue>(Aliasee);		AliaseeGV = cast<llvm::GlobalValue>(Aliasee);
▲ Show 20 Lines • Show All 6,102 Lines • Show Last 20 Lines

clang/test/CodeGen/attr-ifunc.c

	// RUN: %clang_cc1 -triple x86_64-windows -fsyntax-only -verify %s			// RUN: %clang_cc1 -triple x86_64-windows -fsyntax-only -verify %s
	// RUN: %clang_cc1 -triple x86_64-linux -fsyntax-only -verify -emit-llvm-only -DCHECK_ALIASES %s			// RUN: %clang_cc1 -triple x86_64-linux -fsyntax-only -verify -emit-llvm-only -DCHECK_ALIASES %s
	// RUN: %clang_cc1 -triple x86_64-linux -fsyntax-only -verify -emit-llvm-only %s			// RUN: %clang_cc1 -triple x86_64-linux -fsyntax-only -verify -emit-llvm-only %s

	#if defined(_WIN32)			#if defined(_WIN32)
	void foo() {}			void foo() {}
	void bar() __attribute__((ifunc("foo")));			void bar() __attribute__((ifunc("foo")));
	// expected-warning@-1 {{unknown attribute 'ifunc' ignored}}			// expected-warning@-1 {{unknown attribute 'ifunc' ignored}}

	#else			#else
	#if defined(CHECK_ALIASES)			#if defined(CHECK_ALIASES)
	void *f1_ifunc();			void *f1_ifunc();
	void f1() __attribute__((ifunc("f1_ifunc")));			void f1() __attribute__((ifunc("f1_ifunc")));
	// expected-error@-1 {{ifunc must point to a defined function}}			// expected-error@-1 {{ifunc must point to a defined function}}

	void *f2_a() __attribute__((ifunc("f2_b")));			void *f2_a() __attribute__((alias("f2_b")));
	// expected-error@-1 {{ifunc definition is part of a cycle}}
	void *f2_b() __attribute__((ifunc("f2_a")));			void *f2_b() __attribute__((ifunc("f2_a")));
	// expected-error@-1 {{ifunc definition is part of a cycle}}			// expected-error@-1 {{ifunc definition is part of a cycle}}

	void *f3_a() __attribute__((ifunc("f3_b")));			void *f3_a() __attribute__((ifunc("f3_b")));
	// expected-warning@-1 {{ifunc will always resolve to f3_c even if weak definition of f3_b is overridden}}			// expected-warning@-1 {{ifunc will always resolve to f3_c even if weak definition of f3_b is overridden}}
	void *f3_b() __attribute__((weak, alias("f3_c")));			void *f3_b() __attribute__((weak, alias("f3_c")));
	void *f3_c() { return 0; }			void *f3_c() { return 0; }

	void f4_ifunc() {}			void f4_ifunc() {}
	void f4() __attribute__((ifunc("f4_ifunc")));			void f4() __attribute__((ifunc("f4_ifunc")));
	// expected-error@-1 {{ifunc resolver function must return a pointer}}			// expected-error@-1 {{ifunc resolver function must return a pointer}}

				int f5_resolver_gvar;
				void f5() __attribute__((ifunc("f5_resolver_gvar")));
				// expected-error@-1 {{ifunc must point to a defined function}}

				void *f6_resolver_resolver() { return 0; }
				void *f6_resolver() __attribute__((ifunc("f6_resolver_resolver")));
				void f6() __attribute__((ifunc("f6_resolver")));
				// expected-error@-1 {{ifunc must point to a defined function}}

	#else			#else
	void f1a() __asm("f1");			void f1a() __asm("f1");
	void f1a() {}			void f1a() {}
	// expected-note@-1 {{previous definition is here}}			// expected-note@-1 {{previous definition is here}}
	void f1() __attribute__((ifunc("f1_ifunc")));			void f1() __attribute__((ifunc("f1_ifunc")));
	// expected-error@-1 {{definition with same mangled name 'f1' as another definition}}			// expected-error@-1 {{definition with same mangled name 'f1' as another definition}}
	void *f1_ifunc() { return 0; }			void *f1_ifunc() { return 0; }

	void *f6_ifunc(int i);			void *f6_ifunc(int i);
	void __attribute__((ifunc("f6_ifunc"))) f6() {}			void __attribute__((ifunc("f6_ifunc"))) f6() {}
	// expected-error@-1 {{definition 'f6' cannot also be an ifunc}}			// expected-error@-1 {{definition 'f6' cannot also be an ifunc}}

	#endif			#endif
	#endif			#endif

This is an archive of the discontinued LLVM Phabricator instance.

[CodeGen] Diagnose and reject non-function ifunc resolvers
ClosedPublic

Details

Diff Detail

Event Timeline

Revision Contents

Diff 385967

clang/lib/CodeGen/CodeGenModule.cpp

clang/test/CodeGen/attr-ifunc.c

This is an archive of the discontinued LLVM Phabricator instance.

[CodeGen] Diagnose and reject non-function ifunc resolversClosedPublic

Details

Diff Detail

Event Timeline

Revision Contents

Diff 385967

clang/lib/CodeGen/CodeGenModule.cpp

clang/test/CodeGen/attr-ifunc.c

[CodeGen] Diagnose and reject non-function ifunc resolvers
ClosedPublic