This is an archive of the discontinued LLVM Phabricator instance.

Differential D136078

Use-after-return sanitizer binary metadata
ClosedPublic

Authored by dvyukov on Oct 17 2022, 6:32 AM.

Details

Reviewers
melver
Commits
rGdbe8c2c316c4: Use-after-return sanitizer binary metadata
rGd3c851d3fc8b: Use-after-return sanitizer binary metadata
rGe6aea4a5db09: Use-after-return sanitizer binary metadata
rGa1255dc467f7: Use-after-return sanitizer binary metadata
Summary

Currently per-function metadata consists of:
(start-pc, size, features)

This adds a new UAR feature and if it's set an additional element:
(start-pc, size, features, stack-args-size)

Diff Detail

Event Timeline

dvyukov created this revision.Oct 17 2022, 6:32 AM
Herald added a project: Restricted Project. · View Herald TranscriptOct 17 2022, 6:32 AM
Herald added a subscriber: ormris. · View Herald Transcript
dvyukov requested review of this revision.Oct 17 2022, 6:32 AM
Herald added a project: Restricted Project. · View Herald TranscriptOct 17 2022, 6:32 AM
Herald added subscribers: cfe-commits, MaskRay. · View Herald Transcript
Harbormaster completed remote builds in B192487: Diff 468187.Oct 17 2022, 7:07 AM
dvyukov updated this revision to Diff 468562.Oct 18 2022, 8:28 AM

WIP

Herald added a project: Restricted Project. · View Herald TranscriptOct 18 2022, 8:28 AM
Herald added subscribers: llvm-commits, Enna1, hiraditya. · View Herald Transcript
Harbormaster completed remote builds in B192767: Diff 468562.Oct 18 2022, 10:04 AM
dvyukov updated this revision to Diff 468815.Oct 19 2022, 1:46 AM

WIP

dvyukov updated this revision to Diff 468816.Oct 19 2022, 1:53 AM

WIP

dvyukov edited the summary of this revision. (Show Details)Oct 19 2022, 1:54 AM
dvyukov added a reviewer: melver.
dvyukov added a comment.Oct 19 2022, 1:57 AM

Marco, does this look reasonable? Any high-level comments?

There are lots of plumbing to add a new flag and integrate a new pass, so you can look only at:
llvm/lib/Transforms/Instrumentation/SanitizerBinaryMetadata.cpp
llvm/lib/CodeGen/SanitizerMetadata.cpp

As far as I understand the stack layout is only known in machine passes via MachineFrameInfo,
so I had to add a machine pass.

dvyukov added a comment.Oct 19 2022, 2:05 AM

Unrelated, but looking at the metadata format more closely, I think this can benefit from LEB128-like varlen encoding.
Function size is small.
Features are very small.
Stack args size is small.
Function start (if we encode it from the end of the previous one) is very small as well.
So potentially it can reduce the entry size from 16 bytes to just 4.
I am just thinking if we use 10x more metadata in future, the size can grow from percents of binary to tens of percents.

Harbormaster completed remote builds in B192936: Diff 468816.Oct 19 2022, 3:04 AM
dvyukov updated this revision to Diff 468876.Oct 19 2022, 5:18 AM

take args alignment into account

Harbormaster completed remote builds in B192978: Diff 468876.Oct 19 2022, 5:51 AM
melver added a comment.Oct 19 2022, 12:24 PM
In D136078#3867627, @dvyukov wrote:

Unrelated, but looking at the metadata format more closely, I think this can benefit from LEB128-like varlen encoding.
Function size is small.
Features are very small.
Stack args size is small.
Function start (if we encode it from the end of the previous one) is very small as well.

Function start is currently encoded as a relative relocation (see AsmPrinter). Anything else, including attempting to use a previous function does not work because of section merging, potential discarding of functions by linker (ffunction-sections), etc.

We could implement compression in the linker, which would be the most reliable. Otherwise we can only play with encoding of the aux constants.

So potentially it can reduce the entry size from 16 bytes to just 4.
I am just thinking if we use 10x more metadata in future, the size can grow from percents of binary to tens of percents.

If that's the case, I think the only option is to implement compression in the linker.

llvm/include/llvm/Transforms/Instrumentation.h
153

inline constexpr

But overall, I'd prefer if these wouldn't need to be defined here, but instead in SanitizerBinaryMetadata.h.

Also, re naming "SanitizerMetadata" is already overloaded and we need to stick to SanitizerBinaryMetadata :-/

llvm/lib/CodeGen/SanitizerMetadata.cpp
1 ↗(On Diff #468876)

SanitizerMetadata is already overloaded for other purposes (see clang/lib/CodeGen/SanitizerMetadata.cpp).

(Which is why I had to choose SanitizerBinaryMetadata)

47 ↗(On Diff #468876)

I think you also need to check the target section name matches (in operand 0). Because having !pcsections does not imply SanitizerMetadata enabled.

Perhaps at this point it might make sense to move MetadataInfo to SanitizerBinaryMetadata.h (as SanitizerBinaryMetadataInfo perhaps ... long I know :-/ .. unfortunately "SanitizerMetadata" is already overloaded elsewhere -- SanitizerBinaryMDInfo?).

49 ↗(On Diff #468876)

APInt

llvm/lib/IR/MDBuilder.cpp
176 ↗(On Diff #468876)

This is not great. We still want MDNode interning to work for these.

Doesn't replaceOperandWith() work where you want to replace the operand?

dvyukov updated this revision to Diff 478168.Nov 28 2022, 2:40 AM
dvyukov marked 3 inline comments as done.

rebase and adressed comments

dvyukov marked 2 inline comments as done.Nov 28 2022, 3:11 AM

PTAL

I've named everything consistently as "SanitizeBinaryMetadata",
fixed interning of metadata, and added a test.

Harbormaster completed remote builds in B199705: Diff 478168.Nov 28 2022, 3:13 AM
dvyukov retitled this revision from [RFC] Use-after-return binary metadata. to Use-after-return sanitizer binary metadata.Nov 28 2022, 4:28 AM
dvyukov added inline comments.Nov 28 2022, 5:02 AM
llvm/lib/CodeGen/SanitizerBinaryMetadata.cpp
80

Should this be a new method on MDBuilder?

melver added inline comments.Nov 28 2022, 8:54 AM
llvm/include/llvm/Transforms/Instrumentation/SanitizerBinaryMetadata.h
38

inline constexpr char[]

llvm/lib/CodeGen/SanitizerBinaryMetadata.cpp
80

As discussed, this could just use the MDBuilder, and then extract the operand out of the new MDNode without using the full MDNode.

llvm/lib/Transforms/Instrumentation/SanitizerBinaryMetadata.cpp
239

I think this is no longer PerInstrFeatureMask, but should instead become FeatureMask.

242–245

Comment why also || Options.UAR (because PerInstrFeatureMask setting of UAR bit is deferred?).

252

What if Options.Covered==true?

Will it still emit some UAR metadata or will it emit something it shouldn't?

Should the F.isVarArg() check be done above in if (PerInstrFeatureMask || (Options.UAR && !F.isVarArg()) ? Then you wouldn't need the PerInstrFeatureMask && RequiresCovered change below and it could still just check RequiresCovered as before.

melver added inline comments.Nov 29 2022, 4:29 AM
llvm/test/Instrumentation/SanitizerBinaryMetadata/uar.cpp
1 ↗(On Diff #478168)

For LLVM IR tests, consider if utils/update_test_checks.py and for MIR utils/update_mir_test_checks.py could help.

Ideally, there'd be no .cpp runtime test, but I also think writing the .ll and .mir tests manually is impossible.

dvyukov updated this revision to Diff 478569.Nov 29 2022, 6:41 AM
dvyukov marked 4 inline comments as done.

addressed comments

dvyukov marked an inline comment as done.Nov 29 2022, 6:47 AM
dvyukov added a comment.Nov 29 2022, 6:47 AM

PTAL

llvm/lib/Transforms/Instrumentation/SanitizerBinaryMetadata.cpp
252

What if Options.Covered==true?
Will it still emit some UAR metadata or will it emit something it shouldn't?

If Options.Covered==true && F.isVarArg(), we emit covered metadata with features=0. This looks WAI.

Should the F.isVarArg() check be done above in if (PerInstrFeatureMask || (Options.UAR && !F.isVarArg()) ? Then you wouldn't need the PerInstrFeatureMask && RequiresCovered change below and it could still just check RequiresCovered as before.

It's tricky.
I forgot why I structured the code this way, but I added a new test for all permutations of covered/atomics/uar and it shows the following breakage with your proposed change:

- CHECK-AU: ellipsis: features=1 stack_args=0
+ CHECK-AU: ellipsis: features=3 stack_args=0
llvm/test/Instrumentation/SanitizerBinaryMetadata/covered.cpp
1 ↗(On Diff #478569)

This is the new test.

melver accepted this revision.Nov 29 2022, 7:07 AM

LGTM

llvm/include/llvm/CodeGen/MachinePassRegistry.def
206

I called the LLVM IR pass just "sanmd-module".
So this could just be "machine-sanmd".

llvm/test/Instrumentation/SanitizerBinaryMetadata/common.h
54 ↗(On Diff #478569)

Could make this have its real signature, i.e. add version,start,end args. Then could also check in del that start,end matches, like above.

llvm/test/Instrumentation/SanitizerBinaryMetadata/covered.cpp
1 ↗(On Diff #478569)

Nice!

This revision is now accepted and ready to land.Nov 29 2022, 7:07 AM
melver added inline comments.Nov 29 2022, 7:12 AM
llvm/test/Instrumentation/SanitizerBinaryMetadata/uar.cpp
19 ↗(On Diff #478569)

Is this comment out of place?

dvyukov updated this revision to Diff 478609.Nov 29 2022, 8:08 AM
dvyukov marked 2 inline comments as done.

addressed comments

dvyukov marked an inline comment as done.Nov 29 2022, 8:08 AM
dvyukov added inline comments.
llvm/test/Instrumentation/SanitizerBinaryMetadata/uar.cpp
19 ↗(On Diff #478569)

If a function is completely empty, it won't be marked with UAR feature metadata.
This is super-primitive approximation of the actual analysis we should do (the function has addr-taken/escaped locals/arguments).
So I needed at least somebody for the function.

melver accepted this revision.Nov 29 2022, 8:12 AM
melver added inline comments.
llvm/test/Instrumentation/SanitizerBinaryMetadata/uar.cpp
19 ↗(On Diff #478569)

Ack

This revision was landed with ongoing or failed builds.Nov 29 2022, 8:37 AM
Closed by commit rGa1255dc467f7: Use-after-return sanitizer binary metadata (authored by dvyukov). · Explain Why
This revision was automatically updated to reflect the committed changes.
dvyukov added a commit: rGa1255dc467f7: Use-after-return sanitizer binary metadata.
kazu added a reverting change: rGdbb11309665f: Revert "Use-after-return sanitizer binary metadata".Nov 29 2022, 9:04 AM
melver added inline comments.Nov 29 2022, 9:09 AM
llvm/lib/CodeGen/SanitizerBinaryMetadata.cpp
58

Probably should be getNumOperands()?

https://reviews.llvm.org/rGdbb11309665fdf7d411d25cc8f2e6a0c8f658143

-DLLVM_ENABLE_ASSERTIONS=On will catch it.

Harbormaster completed remote builds in B200044: Diff 478609.Nov 29 2022, 9:56 AM
dvyukov reopened this revision.Nov 30 2022, 12:01 AM
This revision is now accepted and ready to land.Nov 30 2022, 12:01 AM
dvyukov updated this revision to Diff 478826.Nov 30 2022, 12:01 AM

fixed the debug build

This revision was landed with ongoing or failed builds.Nov 30 2022, 12:14 AM
Closed by commit rGe6aea4a5db09: Use-after-return sanitizer binary metadata (authored by dvyukov). · Explain Why
This revision was automatically updated to reflect the committed changes.
dvyukov added a commit: rGe6aea4a5db09: Use-after-return sanitizer binary metadata.
dvyukov added a subscriber: kazu.Nov 30 2022, 12:15 AM

Kazu, thanks for taking care of the revert.

I've fixed the assert and tested with -DLLVM_ENABLE_ASSERTIONS=On.

dvyukov added a reverting change: rG0aedf9d7141f: Revert "Use-after-return sanitizer binary metadata".Nov 30 2022, 12:39 AM
dvyukov reopened this revision.Nov 30 2022, 12:39 AM
This revision is now accepted and ready to land.Nov 30 2022, 12:39 AM
Harbormaster completed remote builds in B200190: Diff 478826.Nov 30 2022, 1:32 AM
dvyukov added a comment.Nov 30 2022, 1:51 AM

FTR ./llvm/test/CodeGen/AMDGPU/llc-pipeline.ll also failed as it hardcodes all passes:
https://lab.llvm.org/buildbot/#/builders/123/builds/14397

dvyukov added a comment.Nov 30 2022, 2:02 AM
In D136078#3959643, @dvyukov wrote:

FTR ./llvm/test/CodeGen/AMDGPU/llc-pipeline.ll also failed as it hardcodes all passes:
https://lab.llvm.org/buildbot/#/builders/123/builds/14397

Also these:

LLVM :: CodeGen/X86/O0-pipeline.ll
LLVM :: CodeGen/X86/opt-pipeline.ll

need to grep for something.

dvyukov updated this revision to Diff 478887.Nov 30 2022, 4:09 AM

moved *.cpp tests to clang/test/
updated tests that hardcode pipeline passes
fixed metadata update

Herald added subscribers: kosarev, pcwang-thead, frasercrmck and 24 others. · View Herald TranscriptNov 30 2022, 4:09 AM
dvyukov added a comment.Nov 30 2022, 4:11 AM

PTAL

moved *.cpp tests to clang/test/
updated tests that hardcode pipeline passes
fixed metadata update

This did not work, it also changed all shared instances:

const auto *NewMD = MDB.createPCSections(
    {{Section.getString(), {Features, IRB.getInt32(Size)}}});
MD->replaceOperandWith(1, NewMD->getOperand(1));

so I changed it to:

F.setMetadata(LLVMContext::MD_pcsections,
              MDB.createPCSections(
                  {{Section.getString(), {Features, IRB.getInt32(Size)}}}));
Harbormaster completed remote builds in B200231: Diff 478887.Nov 30 2022, 5:10 AM
melver requested changes to this revision.Nov 30 2022, 5:21 AM

AFAIK Windows bot will break: https://buildkite.com/llvm-project/premerge-checks/builds/124003#0184c872-af5b-47c0-938c-b31ee8808241

Need to restrict test to Linux only.

This revision now requires changes to proceed.Nov 30 2022, 5:21 AM
dvyukov updated this revision to Diff 478912.Nov 30 2022, 5:28 AM

restrict tests to linux

melver accepted this revision.Nov 30 2022, 5:47 AM
This revision is now accepted and ready to land.Nov 30 2022, 5:47 AM
This revision was landed with ongoing or failed builds.Nov 30 2022, 5:50 AM
Closed by commit rGd3c851d3fc8b: Use-after-return sanitizer binary metadata (authored by dvyukov). · Explain Why
This revision was automatically updated to reflect the committed changes.
dvyukov added a commit: rGd3c851d3fc8b: Use-after-return sanitizer binary metadata.
Harbormaster completed remote builds in B200249: Diff 478912.Nov 30 2022, 6:31 AM
mysterymath added a subscriber: mysterymath.Nov 30 2022, 10:33 AM

Hi, it looks like this change is causing Fuchsia's linux-x64 clang builders to fail: https://luci-milo.appspot.com/ui/p/fuchsia/builders/toolchain.ci/clang-linux-x64/b8796062278266465473/overview

Would you mind taking a look and fixing forward, or that ends up being difficult, reverting until this can be fixed?

aeubanks added a subscriber: aeubanks.Nov 30 2022, 12:56 PM
aeubanks added inline comments.
clang/test/Instrumentation/SanitizerBinaryMetadata/common.h
1–3 ↗(On Diff #478922)

tests in clang/test cannot assume that standard headers are available, the tests should be hermetic. could you revert and reland with a proper test fix?

wolfgangp added a subscriber: wolfgangp.Nov 30 2022, 2:31 PM

covered.cpp and uar.cpp seem to fail on ubuntu bots here.

melver added a reverting change: rGb95646fe7058: Revert "Use-after-return sanitizer binary metadata".Nov 30 2022, 2:38 PM
uabelho added a subscriber: uabelho.Nov 30 2022, 11:07 PM
dvyukov reopened this revision.Dec 1 2022, 8:34 AM
This revision is now accepted and ready to land.Dec 1 2022, 8:34 AM
dvyukov added a comment.Dec 1 2022, 9:08 AM

@melver Re this failure:

******************** TEST 'Clang :: Instrumentation/SanitizerBinaryMetadata/uar.cpp' FAILED ********************
Script:
--
: 'RUN: at line 4';   /home/buildbot/as-worker-91/clang-with-lto-ubuntu/build/stage1/bin/clang --driver-mode=g++ /home/buildbot/as-worker-91/clang-with-lto-ubuntu/llvm-project/clang/test/Instrumentation/SanitizerBinaryMetadata/uar.cpp -o /home/buildbot/as-worker-91/clang-with-lto-ubuntu/build/stage1/tools/clang/test/Instrumentation/SanitizerBinaryMetadata/Output/uar.cpp.tmp -fexperimental-sanitize-metadata=covered,uar && /home/buildbot/as-worker-91/clang-with-lto-ubuntu/build/stage1/tools/clang/test/Instrumentation/SanitizerBinaryMetadata/Output/uar.cpp.tmp | /home/buildbot/as-worker-91/clang-with-lto-ubuntu/build/stage1/bin/FileCheck /home/buildbot/as-worker-91/clang-with-lto-ubuntu/llvm-project/clang/test/Instrumentation/SanitizerBinaryMetadata/uar.cpp
--
Exit Code: 1
Command Output (stderr):
--
/usr/local/bin/ld: sanmd_covered has both ordered [`sanmd_covered[_Z7consumeIjET_RPKcS2_]' in /tmp/lit-tmp-2jisr97l/uar-d5d8d4.o] and unordered [`sanmd_covered[__dummy_sanmd_covered]' in /tmp/lit-tmp-2jisr97l/uar-d5d8d4.o] sections
/usr/local/bin/ld: final link failed: Bad value
clang-16: error: linker command failed with exit code 1 (use -v to see invocation)

https://lab.llvm.org/buildbot/#/builders/124/builds/5759/steps/7/logs/stdio

This looks like a latent issue which is just exposed by the test.

As far as I understand this happens because this dummy variable somehow ends up in an "unordered" section, while other "real" metadata objects end up in "ordered" sections:

void SanitizerBinaryMetadata::createZeroSizedObjectInSection(
    Type *Ty, StringRef SectionSuffix) {
  auto *DummyInit = ConstantAggregateZero::get(ArrayType::get(Ty, 0));
  auto *DummyEntry = new GlobalVariable(Mod, DummyInit->getType(), true,
                                        GlobalVariable::ExternalLinkage,
                                        DummyInit, "__dummy_" + SectionSuffix);
  DummyEntry->setSection(getSectionName(SectionSuffix));
  DummyEntry->setVisibility(GlobalValue::HiddenVisibility);
  if (TargetTriple.supportsCOMDAT())
    DummyEntry->setComdat(Mod.getOrInsertComdat(DummyEntry->getName()));
  // Make sure the section isn't discarded by gc-sections.
  appendToUsed(Mod, DummyEntry);
}

I don't see any method on GlobalVariable to set the section to "ordered".

The only idea I have is to print dummy object in AsmPrinter the same way we print all other metadata objects (then I assume it will have the same properties as other objects).

Do you have any other ideas on how to dead with this?

dvyukov added a comment.Dec 1 2022, 9:14 AM

Re this failure:

project/clang/test/Instrumentation/SanitizerBinaryMetadata/covered.cpp
--
Exit Code: 2

Command Output (stderr):
--
covered.cpp.tmp: /b/s/w/ir/x/w/llvm-llvm-project/clang/test/Instrumentation/SanitizerBinaryMetadata/common.h:22: T consume(const char *&, const char *) [T = unsigned int]: Assertion `pos <= end' failed.
FileCheck error: '<stdin>' is empty.
FileCheck command line:  /b/s/w/ir/x/w/staging/llvm_build/bin/FileCheck -check-prefix=CHECK-A /b/s/w/ir/x/w/llvm-llvm-project/clang/test/Instrumentation/SanitizerBinaryMetadata/covered.cpp

https://logs.chromium.org/logs/fuchsia/buildbucket/cr-buildbucket/8796062278266465473/+/u/clang/test/stdout

Not sure why it run on fuchsia at all and the strange failure mode.
But I hope this will go away when we move tests to compiler-rt.

melver added a comment.Dec 1 2022, 9:35 AM
In D136078#3964100, @dvyukov wrote:

@melver Re this failure:

******************** TEST 'Clang :: Instrumentation/SanitizerBinaryMetadata/uar.cpp' FAILED ********************
Script:
--
: 'RUN: at line 4';   /home/buildbot/as-worker-91/clang-with-lto-ubuntu/build/stage1/bin/clang --driver-mode=g++ /home/buildbot/as-worker-91/clang-with-lto-ubuntu/llvm-project/clang/test/Instrumentation/SanitizerBinaryMetadata/uar.cpp -o /home/buildbot/as-worker-91/clang-with-lto-ubuntu/build/stage1/tools/clang/test/Instrumentation/SanitizerBinaryMetadata/Output/uar.cpp.tmp -fexperimental-sanitize-metadata=covered,uar && /home/buildbot/as-worker-91/clang-with-lto-ubuntu/build/stage1/tools/clang/test/Instrumentation/SanitizerBinaryMetadata/Output/uar.cpp.tmp | /home/buildbot/as-worker-91/clang-with-lto-ubuntu/build/stage1/bin/FileCheck /home/buildbot/as-worker-91/clang-with-lto-ubuntu/llvm-project/clang/test/Instrumentation/SanitizerBinaryMetadata/uar.cpp
--
Exit Code: 1
Command Output (stderr):
--
/usr/local/bin/ld: sanmd_covered has both ordered [`sanmd_covered[_Z7consumeIjET_RPKcS2_]' in /tmp/lit-tmp-2jisr97l/uar-d5d8d4.o] and unordered [`sanmd_covered[__dummy_sanmd_covered]' in /tmp/lit-tmp-2jisr97l/uar-d5d8d4.o] sections
/usr/local/bin/ld: final link failed: Bad value
clang-16: error: linker command failed with exit code 1 (use -v to see invocation)

https://lab.llvm.org/buildbot/#/builders/124/builds/5759/steps/7/logs/stdio

This looks like a latent issue which is just exposed by the test.

As far as I understand this happens because this dummy variable somehow ends up in an "unordered" section, while other "real" metadata objects end up in "ordered" sections:

void SanitizerBinaryMetadata::createZeroSizedObjectInSection(
    Type *Ty, StringRef SectionSuffix) {
  auto *DummyInit = ConstantAggregateZero::get(ArrayType::get(Ty, 0));
  auto *DummyEntry = new GlobalVariable(Mod, DummyInit->getType(), true,
                                        GlobalVariable::ExternalLinkage,
                                        DummyInit, "__dummy_" + SectionSuffix);
  DummyEntry->setSection(getSectionName(SectionSuffix));
  DummyEntry->setVisibility(GlobalValue::HiddenVisibility);
  if (TargetTriple.supportsCOMDAT())
    DummyEntry->setComdat(Mod.getOrInsertComdat(DummyEntry->getName()));
  // Make sure the section isn't discarded by gc-sections.
  appendToUsed(Mod, DummyEntry);
}

I don't see any method on GlobalVariable to set the section to "ordered".

The only idea I have is to print dummy object in AsmPrinter the same way we print all other metadata objects (then I assume it will have the same properties as other objects).

Do you have any other ideas on how to dead with this?

It's strange we've not encountered this elsewhere - this must be some special (old?) linker. I'll investigate...

melver added a comment.EditedDec 2 2022, 2:58 AM

Do you have any other ideas on how to dead with this?

It's strange we've not encountered this elsewhere - this must be some special (old?) linker. I'll investigate...

GNU ld <= 2.35 does not support mixed SHF_LINK_ORDER and non-SHF_LINK_ORDER sections.

This is about the relative order of the section w.r.t. other sections it references (we link it to the function section, see MCObjectFileInfo::getPCSection) when the linker merges the sections. From what I can find, we need to retain SHF_LINK_ORDER to support gc-sections properly.

This is a good summary: https://maskray.me/blog/2021-01-31-metadata-sections-comdat-and-shf-link-order
@MaskRay

I'm going to try and see how I can add the SHF_LINK_ORDER attribute to the section output for the dummy variable.

melver added a comment.Dec 2 2022, 12:54 PM
In D136078#3966187, @melver wrote:

Do you have any other ideas on how to dead with this?

It's strange we've not encountered this elsewhere - this must be some special (old?) linker. I'll investigate...

GNU ld <= 2.35 does not support mixed SHF_LINK_ORDER and non-SHF_LINK_ORDER sections.

This is about the relative order of the section w.r.t. other sections it references (we link it to the function section, see MCObjectFileInfo::getPCSection) when the linker merges the sections. From what I can find, we need to retain SHF_LINK_ORDER to support gc-sections properly.

This is a good summary: https://maskray.me/blog/2021-01-31-metadata-sections-comdat-and-shf-link-order
@MaskRay

I'm going to try and see how I can add the SHF_LINK_ORDER attribute to the section output for the dummy variable.

This should fix it: https://reviews.llvm.org/D139224 - at least whatever I was able to reproduce with the linker version I found (2.31) seems to work.

MaskRay added a comment.Dec 3 2022, 9:09 PM

SanitizerBinaryMetadata::createZeroSizedObjectInSection creates __dummy_*, but why is it needed? (There is no comment.)

melver added a comment.EditedDec 4 2022, 12:36 AM
In D136078#3969061, @MaskRay wrote:

SanitizerBinaryMetadata::createZeroSizedObjectInSection creates __dummy_*, but why is it needed? (There is no comment.)

// Create a 0-sized object in a section, so that the section is not discarded
// if all inputs have been discarded.

We need the __begin and __end markers even if there ends up being no binary metadata.

MaskRay added a comment.Dec 4 2022, 10:16 AM
In D136078#3969091, @melver wrote:
In D136078#3969061, @MaskRay wrote:

SanitizerBinaryMetadata::createZeroSizedObjectInSection creates __dummy_*, but why is it needed? (There is no comment.)

// Create a 0-sized object in a section, so that the section is not discarded
// if all inputs have been discarded.

We need the __begin and __end markers even if there ends up being no binary metadata.

Thanks! I saw the comment associated with createZeroSizedObjectInSection but wasn't so sure if it was only for section based garbage collection.
If that's the case, D139276 ExternalWeakLinkage would be a more size efficient fix.

dvyukov updated this revision to Diff 480051.Dec 5 2022, 4:35 AM

Moved tests to compiler-rt and rebased to HEAD.

Herald added a project: Restricted Project. · View Herald TranscriptDec 5 2022, 4:35 AM
Herald added a subscriber: Restricted Project. · View Herald Transcript
dvyukov added a comment.Dec 5 2022, 4:37 AM

PTAL

melver accepted this revision.Dec 5 2022, 5:19 AM
This revision was landed with ongoing or failed builds.Dec 5 2022, 5:40 AM
Closed by commit rGdbe8c2c316c4: Use-after-return sanitizer binary metadata (authored by dvyukov). · Explain Why
This revision was automatically updated to reflect the committed changes.
dvyukov added a commit: rGdbe8c2c316c4: Use-after-return sanitizer binary metadata.
thakis added a subscriber: thakis.Dec 5 2022, 6:02 AM

This seems to break tests: http://45.33.8.238/linux/93224/step_12.txt

Can you take a look?

dvyukov added a comment.Dec 5 2022, 6:15 AM
In D136078#3970792, @thakis wrote:

This seems to break tests: http://45.33.8.238/linux/93224/step_12.txt

Can you take a look?

Looking.

dvyukov added a comment.Dec 5 2022, 6:18 AM

Fix for:

-- Supported architectures for crt: aarch64
CMake Error at compiler-rt/cmake/config-ix.cmake:244 (message):
  Unsupported architecture: x86_64
Call Stack (most recent call first):
  compiler-rt/cmake/config-ix.cmake:280 (get_target_flags_for_arch)
  compiler-rt/test/metadata/CMakeLists.txt:7 (get_test_cc_for_arch)
-- Configuring incomplete, errors occurred!

https://reviews.llvm.org/D139323

dvyukov mentioned this in D139325: llvm/test/CodeGen/PowerPC: fix up O0-pipeline test.Dec 5 2022, 6:22 AM
dvyukov added a comment.Dec 5 2022, 6:23 AM
In D136078#3970792, @thakis wrote:

This seems to break tests: http://45.33.8.238/linux/93224/step_12.txt

Can you take a look?

Sent a fix: https://reviews.llvm.org/D139325

dvyukov added a comment.Dec 5 2022, 6:28 AM

FTR 2 breakage fixes merged:
https://github.com/llvm/llvm-project/commit/2a05bd212e3e8aaed818ee23464f4d1fe0b0596d
https://github.com/llvm/llvm-project/commit/08742e72a34e835e6fc3c696eabe6045c78d6289

Harbormaster completed remote builds in B201071: Diff 480051.Dec 5 2022, 7:10 AM

Revision Contents

PathSize
clang/
include/
clang/
Basic/
3 lines
2 lines
Driver/
4 lines
lib/
CodeGen/
1 line
Driver/
5 lines
compiler-rt/
test/
2 lines
metadata/
15 lines
75 lines
75 lines
9 lines
14 lines
59 lines
llvm/
include/
llvm/
CodeGen/
1 line
1 line
4 lines
1 line
Transforms/
7 lines
Instrumentation/
21 lines
lib/
CodeGen/
1 line
1 line
78 lines
1 line
Transforms/
Instrumentation/
53 lines
test/
CodeGen/
AArch64/
1 line
1 line
AMDGPU/
5 lines
ARM/
1 line
M68k/
1 line
PowerPC/
1 line
RISCV/
1 line
1 line
X86/
1 line
1 line

Diff 480078

clang/include/clang/Basic/CodeGenOptions.h

Show First 20 LinesShow All 491 Lines▼ Show 20 Lines#include "clang/Basic/CodeGenOptions.def"
bool hasSanitizeCoverage() const { bool hasSanitizeCoverage() const {
return SanitizeCoverageType || SanitizeCoverageIndirectCalls || return SanitizeCoverageType || SanitizeCoverageIndirectCalls ||
SanitizeCoverageTraceCmp || SanitizeCoverageTraceLoads || SanitizeCoverageTraceCmp || SanitizeCoverageTraceLoads ||
SanitizeCoverageTraceStores || SanitizeCoverageControlFlow; SanitizeCoverageTraceStores || SanitizeCoverageControlFlow;
} }
// Check if any one of SanitizeBinaryMetadata* is enabled. // Check if any one of SanitizeBinaryMetadata* is enabled.
bool hasSanitizeBinaryMetadata() const { bool hasSanitizeBinaryMetadata() const {
return SanitizeBinaryMetadataCovered || SanitizeBinaryMetadataAtomics; return SanitizeBinaryMetadataCovered || SanitizeBinaryMetadataAtomics ||
SanitizeBinaryMetadataUAR;
} }
}; };
} // end namespace clang } // end namespace clang
#endif #endif

clang/include/clang/Basic/CodeGenOptions.def

Show First 20 LinesShow All 282 Lines▼ Show 20 Lines
CODEGENOPT(SanitizeCoveragePCTable, 1, 0) ///< Create a PC Table. CODEGENOPT(SanitizeCoveragePCTable, 1, 0) ///< Create a PC Table.
CODEGENOPT(SanitizeCoverageControlFlow, 1, 0) ///< Collect control flow CODEGENOPT(SanitizeCoverageControlFlow, 1, 0) ///< Collect control flow
CODEGENOPT(SanitizeCoverageNoPrune, 1, 0) ///< Disable coverage pruning. CODEGENOPT(SanitizeCoverageNoPrune, 1, 0) ///< Disable coverage pruning.
CODEGENOPT(SanitizeCoverageStackDepth, 1, 0) ///< Enable max stack depth tracing CODEGENOPT(SanitizeCoverageStackDepth, 1, 0) ///< Enable max stack depth tracing
CODEGENOPT(SanitizeCoverageTraceLoads, 1, 0) ///< Enable tracing of loads. CODEGENOPT(SanitizeCoverageTraceLoads, 1, 0) ///< Enable tracing of loads.
CODEGENOPT(SanitizeCoverageTraceStores, 1, 0) ///< Enable tracing of stores. CODEGENOPT(SanitizeCoverageTraceStores, 1, 0) ///< Enable tracing of stores.
CODEGENOPT(SanitizeBinaryMetadataCovered, 1, 0) ///< Emit PCs for covered functions. CODEGENOPT(SanitizeBinaryMetadataCovered, 1, 0) ///< Emit PCs for covered functions.
CODEGENOPT(SanitizeBinaryMetadataAtomics, 1, 0) ///< Emit PCs for atomic operations. CODEGENOPT(SanitizeBinaryMetadataAtomics, 1, 0) ///< Emit PCs for atomic operations.
CODEGENOPT(SanitizeBinaryMetadataUAR, 1, 0) ///< Emit PCs for start of functions
///< that are subject for use-after-return checking.
CODEGENOPT(SanitizeStats , 1, 0) ///< Collect statistics for sanitizers. CODEGENOPT(SanitizeStats , 1, 0) ///< Collect statistics for sanitizers.
CODEGENOPT(SimplifyLibCalls , 1, 1) ///< Set when -fbuiltin is enabled. CODEGENOPT(SimplifyLibCalls , 1, 1) ///< Set when -fbuiltin is enabled.
CODEGENOPT(SoftFloat , 1, 0) ///< -soft-float. CODEGENOPT(SoftFloat , 1, 0) ///< -soft-float.
CODEGENOPT(SpeculativeLoadHardening, 1, 0) ///< Enable speculative load hardening. CODEGENOPT(SpeculativeLoadHardening, 1, 0) ///< Enable speculative load hardening.
CODEGENOPT(FineGrainedBitfieldAccesses, 1, 0) ///< Enable fine-grained bitfield accesses. CODEGENOPT(FineGrainedBitfieldAccesses, 1, 0) ///< Enable fine-grained bitfield accesses.
CODEGENOPT(StrictEnums , 1, 0) ///< Optimize based on strict enum definition. CODEGENOPT(StrictEnums , 1, 0) ///< Optimize based on strict enum definition.
CODEGENOPT(StrictVTablePointers, 1, 0) ///< Optimize based on the strict vtable pointers CODEGENOPT(StrictVTablePointers, 1, 0) ///< Optimize based on the strict vtable pointers
CODEGENOPT(TimePasses , 1, 0) ///< Set when -ftime-report or -ftime-report= is enabled. CODEGENOPT(TimePasses , 1, 0) ///< Set when -ftime-report or -ftime-report= is enabled.
▲ Show 20 LinesShow All 210 LinesShow Last 20 Lines

clang/include/clang/Driver/Options.td

  • This file is larger than 256 KB, so syntax highlighting is disabled by default.
Show First 20 LinesShow All 5,576 Lines▼ Show 20 Lines
def fexperimental_sanitize_metadata_EQ_covered def fexperimental_sanitize_metadata_EQ_covered
: Flag<["-"], "fexperimental-sanitize-metadata=covered">, : Flag<["-"], "fexperimental-sanitize-metadata=covered">,
HelpText<"Emit PCs for code covered with binary analysis sanitizers">, HelpText<"Emit PCs for code covered with binary analysis sanitizers">,
MarshallingInfoFlag<CodeGenOpts<"SanitizeBinaryMetadataCovered">>; MarshallingInfoFlag<CodeGenOpts<"SanitizeBinaryMetadataCovered">>;
def fexperimental_sanitize_metadata_EQ_atomics def fexperimental_sanitize_metadata_EQ_atomics
: Flag<["-"], "fexperimental-sanitize-metadata=atomics">, : Flag<["-"], "fexperimental-sanitize-metadata=atomics">,
HelpText<"Emit PCs for atomic operations used by binary analysis sanitizers">, HelpText<"Emit PCs for atomic operations used by binary analysis sanitizers">,
MarshallingInfoFlag<CodeGenOpts<"SanitizeBinaryMetadataAtomics">>; MarshallingInfoFlag<CodeGenOpts<"SanitizeBinaryMetadataAtomics">>;
def fexperimental_sanitize_metadata_EQ_uar
: Flag<["-"], "fexperimental-sanitize-metadata=uar">,
HelpText<"Emit PCs for start of functions that are subject for use-after-return checking.">,
MarshallingInfoFlag<CodeGenOpts<"SanitizeBinaryMetadataUAR">>;
def fpatchable_function_entry_offset_EQ def fpatchable_function_entry_offset_EQ
: Joined<["-"], "fpatchable-function-entry-offset=">, MetaVarName<"<M>">, : Joined<["-"], "fpatchable-function-entry-offset=">, MetaVarName<"<M>">,
HelpText<"Generate M NOPs before function entry">, HelpText<"Generate M NOPs before function entry">,
MarshallingInfoInt<CodeGenOpts<"PatchableFunctionEntryOffset">>; MarshallingInfoInt<CodeGenOpts<"PatchableFunctionEntryOffset">>;
def fprofile_instrument_EQ : Joined<["-"], "fprofile-instrument=">, def fprofile_instrument_EQ : Joined<["-"], "fprofile-instrument=">,
HelpText<"Enable PGO instrumentation">, Values<"none,clang,llvm,csllvm">, HelpText<"Enable PGO instrumentation">, Values<"none,clang,llvm,csllvm">,
NormalizedValuesScope<"CodeGenOptions">, NormalizedValuesScope<"CodeGenOptions">,
NormalizedValues<["ProfileNone", "ProfileClangInstr", "ProfileIRInstr", "ProfileCSIRInstr"]>, NormalizedValues<["ProfileNone", "ProfileClangInstr", "ProfileIRInstr", "ProfileCSIRInstr"]>,
▲ Show 20 LinesShow All 1,456 LinesShow Last 20 Lines

clang/lib/CodeGen/BackendUtil.cpp

Show First 20 LinesShow All 229 Lines▼ Show 20 LinesgetSancovOptsFromCGOpts(const CodeGenOptions &CGOpts) {
return Opts; return Opts;
} }
static SanitizerBinaryMetadataOptions static SanitizerBinaryMetadataOptions
getSanitizerBinaryMetadataOptions(const CodeGenOptions &CGOpts) { getSanitizerBinaryMetadataOptions(const CodeGenOptions &CGOpts) {
SanitizerBinaryMetadataOptions Opts; SanitizerBinaryMetadataOptions Opts;
Opts.Covered = CGOpts.SanitizeBinaryMetadataCovered; Opts.Covered = CGOpts.SanitizeBinaryMetadataCovered;
Opts.Atomics = CGOpts.SanitizeBinaryMetadataAtomics; Opts.Atomics = CGOpts.SanitizeBinaryMetadataAtomics;
Opts.UAR = CGOpts.SanitizeBinaryMetadataUAR;
return Opts; return Opts;
} }
// Check if ASan should use GC-friendly instrumentation for globals. // Check if ASan should use GC-friendly instrumentation for globals.
// First of all, there is no point if -fdata-sections is off (expect for MachO, // First of all, there is no point if -fdata-sections is off (expect for MachO,
// where this is not a factor). Also, on ELF this feature requires an assembler // where this is not a factor). Also, on ELF this feature requires an assembler
// extension that only works with -integrated-as at the moment. // extension that only works with -integrated-as at the moment.
static bool asanUseGlobalsGC(const Triple &T, const CodeGenOptions &CGOpts) { static bool asanUseGlobalsGC(const Triple &T, const CodeGenOptions &CGOpts) {
▲ Show 20 LinesShow All 1,074 LinesShow Last 20 Lines

clang/lib/Driver/SanitizerArgs.cpp

Show First 20 LinesShow All 98 Lines▼ Show 20 Linesenum CoverageFeature {
CoverageTraceLoads = 1 << 16, CoverageTraceLoads = 1 << 16,
CoverageTraceStores = 1 << 17, CoverageTraceStores = 1 << 17,
CoverageControlFlow = 1 << 18, CoverageControlFlow = 1 << 18,
}; };
enum BinaryMetadataFeature { enum BinaryMetadataFeature {
BinaryMetadataCovered = 1 << 0, BinaryMetadataCovered = 1 << 0,
BinaryMetadataAtomics = 1 << 1, BinaryMetadataAtomics = 1 << 1,
BinaryMetadataUAR = 1 << 2,
}; };
/// Parse a -fsanitize= or -fno-sanitize= argument's values, diagnosing any /// Parse a -fsanitize= or -fno-sanitize= argument's values, diagnosing any
/// invalid components. Returns a SanitizerMask. /// invalid components. Returns a SanitizerMask.
static SanitizerMask parseArgValues(const Driver &D, const llvm::opt::Arg *A, static SanitizerMask parseArgValues(const Driver &D, const llvm::opt::Arg *A,
bool DiagnoseErrors); bool DiagnoseErrors);
/// Parse -f(no-)?sanitize-coverage= flag values, diagnosing any invalid /// Parse -f(no-)?sanitize-coverage= flag values, diagnosing any invalid
▲ Show 20 LinesShow All 1,013 Lines▼ Show 20 Lines addSpecialCaseListOpt(
Args, CmdArgs, "-fsanitize-coverage-allowlist=", CoverageAllowlistFiles); Args, CmdArgs, "-fsanitize-coverage-allowlist=", CoverageAllowlistFiles);
addSpecialCaseListOpt(Args, CmdArgs, "-fsanitize-coverage-ignorelist=", addSpecialCaseListOpt(Args, CmdArgs, "-fsanitize-coverage-ignorelist=",
CoverageIgnorelistFiles); CoverageIgnorelistFiles);
// Translate available BinaryMetadataFeatures to corresponding clang-cc1 // Translate available BinaryMetadataFeatures to corresponding clang-cc1
// flags. Does not depend on any other sanitizers. // flags. Does not depend on any other sanitizers.
const std::pair<int, std::string> BinaryMetadataFlags[] = { const std::pair<int, std::string> BinaryMetadataFlags[] = {
std::make_pair(BinaryMetadataCovered, "covered"), std::make_pair(BinaryMetadataCovered, "covered"),
std::make_pair(BinaryMetadataAtomics, "atomics")}; std::make_pair(BinaryMetadataAtomics, "atomics"),
std::make_pair(BinaryMetadataUAR, "uar")};
for (const auto &F : BinaryMetadataFlags) { for (const auto &F : BinaryMetadataFlags) {
if (BinaryMetadataFeatures & F.first) if (BinaryMetadataFeatures & F.first)
CmdArgs.push_back( CmdArgs.push_back(
Args.MakeArgString("-fexperimental-sanitize-metadata=" + F.second)); Args.MakeArgString("-fexperimental-sanitize-metadata=" + F.second));
} }
if (TC.getTriple().isOSWindows() && needsUbsanRt()) { if (TC.getTriple().isOSWindows() && needsUbsanRt()) {
// Instruct the code generator to embed linker directives in the object file // Instruct the code generator to embed linker directives in the object file
▲ Show 20 LinesShow All 249 Lines▼ Show 20 Lines assert(
A->getOption().matches( A->getOption().matches(
options::OPT_fno_experimental_sanitize_metadata_EQ)); options::OPT_fno_experimental_sanitize_metadata_EQ));
int Features = 0; int Features = 0;
for (int i = 0, n = A->getNumValues(); i != n; ++i) { for (int i = 0, n = A->getNumValues(); i != n; ++i) {
const char *Value = A->getValue(i); const char *Value = A->getValue(i);
int F = llvm::StringSwitch<int>(Value) int F = llvm::StringSwitch<int>(Value)
.Case("covered", BinaryMetadataCovered) .Case("covered", BinaryMetadataCovered)
.Case("atomics", BinaryMetadataAtomics) .Case("atomics", BinaryMetadataAtomics)
.Case("uar", BinaryMetadataUAR)
.Case("all", ~0) .Case("all", ~0)
.Default(0); .Default(0);
if (F == 0 && DiagnoseErrors) if (F == 0 && DiagnoseErrors)
D.Diag(clang::diag::err_drv_unsupported_option_argument) D.Diag(clang::diag::err_drv_unsupported_option_argument)
<< A->getSpelling() << Value; << A->getSpelling() << Value;
Features |= F; Features |= F;
} }
return Features; return Features;
Show All 40 Lines

compiler-rt/test/CMakeLists.txt

Show First 20 LinesShow All 99 Lines▼ Show 20 Lines if(COMPILER_RT_BUILD_ORC)
compiler_rt_Test_runtime(orc) compiler_rt_Test_runtime(orc)
endif() endif()
if(COMPILER_RT_BUILD_CRT) if(COMPILER_RT_BUILD_CRT)
add_subdirectory(crt) add_subdirectory(crt)
endif() endif()
# ShadowCallStack does not yet provide a runtime with compiler-rt, the tests # ShadowCallStack does not yet provide a runtime with compiler-rt, the tests
# include their own minimal runtime # include their own minimal runtime
add_subdirectory(shadowcallstack) add_subdirectory(shadowcallstack)
# These tests are self-contained and don't need an additional runtime.
add_subdirectory(metadata)
endif() endif()
if(COMPILER_RT_STANDALONE_BUILD) if(COMPILER_RT_STANDALONE_BUILD)
# Now that we've traversed all the directories and know all the lit testsuites, # Now that we've traversed all the directories and know all the lit testsuites,
# introduce a rule to run to run all of them. # introduce a rule to run to run all of them.
add_custom_target(compiler-rt-test-depends DEPENDS ${LLVM_COMPILER_RT_LIT_DEPENDS}) add_custom_target(compiler-rt-test-depends DEPENDS ${LLVM_COMPILER_RT_LIT_DEPENDS})
umbrella_lit_testsuite_end(check-compiler-rt) umbrella_lit_testsuite_end(check-compiler-rt)
if(NOT TARGET check-all) if(NOT TARGET check-all)
add_custom_target(check-all) add_custom_target(check-all)
endif() endif()
add_dependencies(check-all check-compiler-rt) add_dependencies(check-all check-compiler-rt)
endif() endif()

compiler-rt/test/metadata/CMakeLists.txt

  • This file was added.
set(TEST_ARCH ${X86_64})
set(METADATA_LIT_SOURCE_DIR ${CMAKE_CURRENT_SOURCE_DIR})
set(METADATA_LIT_BINARY_DIR ${CMAKE_CURRENT_BINARY_DIR})
set(SANITIZER_COMMON_TEST_TARGET_ARCH ${X86_64})
get_test_cc_for_arch(${X86_64} METADATA_TEST_TARGET_CC METADATA_TEST_TARGET_CFLAGS)
configure_lit_site_cfg(
${CMAKE_CURRENT_SOURCE_DIR}/lit.site.cfg.py.in
${CMAKE_CURRENT_BINARY_DIR}/lit.site.cfg.py)
add_lit_testsuite(check-sanmd "Running the SanitizerBinaryMetadata tests"
${CMAKE_CURRENT_BINARY_DIR}
DEPENDS ${SANITIZER_COMMON_LIT_TEST_DEPS})
set_target_properties(check-sanmd PROPERTIES FOLDER "Compiler-RT Misc")

compiler-rt/test/metadata/common.h

  • This file was added.
#include <assert.h>
#include <stdint.h>
#include <stdio.h>
int main() { printf("main\n"); }
typedef unsigned long uptr;
#define FN(X) \
if (pc == reinterpret_cast<uptr>(X)) \
return #X
const char *symbolize(uptr pc) {
FUNCTIONS;
return nullptr;
}
template <typename T> T consume(const char *&pos, const char *end) {
T v = *reinterpret_cast<const T *>(pos);
pos += sizeof(T);
assert(pos <= end);
return v;
}
uint32_t meta_version;
const char *meta_start;
const char *meta_end;
extern "C" {
void __sanitizer_metadata_covered_add(uint32_t version, const char *start,
const char *end) {
printf("metadata add version %u\n", version);
for (const char *pos = start; pos < end;) {
const uptr base = reinterpret_cast<uptr>(pos);
const long offset = (version & (1 << 16)) ? consume<long>(pos, end)
: consume<int>(pos, end);
const uint32_t size = consume<uint32_t>(pos, end);
const uint32_t features = consume<uint32_t>(pos, end);
uint32_t stack_args = 0;
if (features & (1 << 1))
stack_args = consume<uint32_t>(pos, end);
if (const char *name = symbolize(base + offset))
printf("%s: features=%x stack_args=%u\n", name, features, stack_args);
}
meta_version = version;
meta_start = start;
meta_end = end;
}
void __sanitizer_metadata_covered_del(uint32_t version, const char *start,
const char *end) {
assert(version == meta_version);
assert(start == meta_start);
assert(end == meta_end);
}
const char *atomics_start;
const char *atomics_end;
void __sanitizer_metadata_atomics_add(uint32_t version, const char *start,
const char *end) {
assert(version == meta_version);
assert(start);
assert(end >= end);
atomics_start = start;
atomics_end = end;
}
void __sanitizer_metadata_atomics_del(uint32_t version, const char *start,
const char *end) {
assert(version == meta_version);
assert(atomics_start == start);
assert(atomics_end == end);
}
}

compiler-rt/test/metadata/covered.cpp

  • This file was added.
// RUN: %clangxx %s -o %t && %t | FileCheck %s
// RUN: %clangxx %s -o %t -fexperimental-sanitize-metadata=covered && %t | FileCheck -check-prefix=CHECK-C %s
// RUN: %clangxx %s -o %t -fexperimental-sanitize-metadata=atomics && %t | FileCheck -check-prefix=CHECK-A %s
// RUN: %clangxx %s -o %t -fexperimental-sanitize-metadata=uar && %t | FileCheck -check-prefix=CHECK-U %s
// RUN: %clangxx %s -o %t -fexperimental-sanitize-metadata=covered,atomics && %t | FileCheck -check-prefix=CHECK-CA %s
// RUN: %clangxx %s -o %t -fexperimental-sanitize-metadata=covered,uar && %t | FileCheck -check-prefix=CHECK-CU %s
// RUN: %clangxx %s -o %t -fexperimental-sanitize-metadata=atomics,uar && %t | FileCheck -check-prefix=CHECK-AU %s
// RUN: %clangxx %s -o %t -fexperimental-sanitize-metadata=covered,atomics,uar && %t | FileCheck -check-prefix=CHECK-CAU %s
// CHECK-NOT: metadata add
// CHECK: main
// CHECK-NOT: metadata del
// CHECK-C: empty: features=0
// CHECK-A-NOT: empty:
// CHECK-U-NOT: empty:
// CHECK-CA: empty: features=1
// CHECK-CU: empty: features=0
// CHECK-AU-NOT: empty:
// CHECK-CAU: empty: features=1
void empty() {}
// CHECK-C: normal: features=0
// CHECK-A: normal: features=1
// CHECK-U: normal: features=2
// CHECK-CA: normal: features=1
// CHECK-CU: normal: features=2
// CHECK-AU: normal: features=3
// CHECK-CAU:normal: features=3
void normal() {
volatile int x;
x = 0;
}
// CHECK-C: with_atomic: features=0
// CHECK-A: with_atomic: features=1
// CHECK-U: with_atomic: features=2
// CHECK-CA: with_atomic: features=1
// CHECK-CU: with_atomic: features=2
// CHECK-AU: with_atomic: features=3
// CHECK-CAU: with_atomic: features=3
int with_atomic(int *p) { return __atomic_load_n(p, __ATOMIC_RELAXED); }
// CHECK-C: ellipsis: features=0
// CHECK-A: ellipsis: features=1
// CHECK-U-NOT: ellipsis:
// CHECK-CA: ellipsis: features=1
// CHECK-CU: ellipsis: features=0
// CHECK-AU: ellipsis: features=1
// CHECK-CAU: ellipsis: features=1
void ellipsis(int *p, ...) {
volatile int x;
x = 0;
}
// CHECK-C: ellipsis_with_atomic: features=0
// CHECK-A: ellipsis_with_atomic: features=1
// CHECK-U-NOT: ellipsis_with_atomic:
// CHECK-CA: ellipsis_with_atomic: features=1
// CHECK-CU: ellipsis_with_atomic: features=0
// CHECK-AU: ellipsis_with_atomic: features=1
// CHECK-CAU: ellipsis_with_atomic: features=1
int ellipsis_with_atomic(int *p, ...) {
return __atomic_load_n(p, __ATOMIC_RELAXED);
}
#define FUNCTIONS \
FN(empty); \
FN(normal); \
FN(with_atomic); \
FN(ellipsis); \
FN(ellipsis_with_atomic); \
/**/
#include "common.h"

compiler-rt/test/metadata/lit.cfg.py

  • This file was added.
import os
config.name = 'SanitizerBinaryMetadata'
config.test_source_root = os.path.dirname(__file__)
config.suffixes = ['.cpp']
# Binary metadata is currently emited only for ELF binaries
# and sizes of stack arguments depend on the arch.
if config.host_os not in ['Linux'] or config.target_arch not in ['x86_64']:
config.unsupported = True

compiler-rt/test/metadata/lit.site.cfg.py.in

  • This file was added.
@LIT_SITE_CFG_IN_HEADER@
# Tool-specific config options.
config.clang = "@METADATA_TEST_TARGET_CC@"
config.target_cflags = "@METADATA_TEST_TARGET_CFLAGS@"
config.target_arch = "x86_64"
# Load common config for all compiler-rt lit tests.
lit_config.load_config(config, "@COMPILER_RT_BINARY_DIR@/test/lit.common.configured")
# Load tool-specific config that would do the real work.
lit_config.load_config(config, "@METADATA_LIT_SOURCE_DIR@/lit.cfg.py")
config.substitutions.append(("%clangxx ", " " + config.clang + " " + config.target_cflags + " "))

compiler-rt/test/metadata/uar.cpp

  • This file was added.
// RUN: %clangxx %s -o %t -fexperimental-sanitize-metadata=covered,uar && %t | FileCheck %s
// CHECK: metadata add version 1
// CHECK: empty: features=0 stack_args=0
void empty() {}
// CHECK: ellipsis: features=0 stack_args=0
void ellipsis(const char *fmt, ...) {
volatile int x;
x = 1;
}
// CHECK: non_empty_function: features=2 stack_args=0
void non_empty_function() {
// Completely empty functions don't get uar metadata.
volatile int x;
x = 1;
}
// CHECK: no_stack_args: features=2 stack_args=0
void no_stack_args(long a0, long a1, long a2, long a3, long a4, long a5) {
volatile int x;
x = 1;
}
// CHECK: stack_args: features=2 stack_args=16
void stack_args(long a0, long a1, long a2, long a3, long a4, long a5, long a6) {
volatile int x;
x = 1;
}
// CHECK: more_stack_args: features=2 stack_args=32
void more_stack_args(long a0, long a1, long a2, long a3, long a4, long a5,
long a6, long a7, long a8) {
volatile int x;
x = 1;
}
// CHECK: struct_stack_args: features=2 stack_args=144
struct large {
char x[131];
};
void struct_stack_args(large a) {
volatile int x;
x = 1;
}
#define FUNCTIONS \
FN(empty); \
FN(ellipsis); \
FN(non_empty_function); \
FN(no_stack_args); \
FN(stack_args); \
FN(more_stack_args); \
FN(struct_stack_args); \
/**/
#include "common.h"

llvm/include/llvm/CodeGen/CodeGenPassBuilder.h

Show First 20 LinesShow All 920 Lines▼ Show 20 Lines if (TM.Options.EnableIPRA)
// Collect register usage information and produce a register mask of // Collect register usage information and produce a register mask of
// clobbered registers, to be used to optimize call sites. // clobbered registers, to be used to optimize call sites.
addPass(RegUsageInfoCollectorPass()); addPass(RegUsageInfoCollectorPass());
addPass(FuncletLayoutPass()); addPass(FuncletLayoutPass());
addPass(StackMapLivenessPass()); addPass(StackMapLivenessPass());
addPass(LiveDebugValuesPass()); addPass(LiveDebugValuesPass());
addPass(MachineSanitizerBinaryMetadata());
if (TM.Options.EnableMachineOutliner && getOptLevel() != CodeGenOpt::None && if (TM.Options.EnableMachineOutliner && getOptLevel() != CodeGenOpt::None &&
Opt.EnableMachineOutliner != RunOutliner::NeverOutline) { Opt.EnableMachineOutliner != RunOutliner::NeverOutline) {
bool RunOnAllFunctions = bool RunOnAllFunctions =
(Opt.EnableMachineOutliner == RunOutliner::AlwaysOutline); (Opt.EnableMachineOutliner == RunOutliner::AlwaysOutline);
bool AddOutliner = RunOnAllFunctions || TM.Options.SupportsDefaultOutlining; bool AddOutliner = RunOnAllFunctions || TM.Options.SupportsDefaultOutlining;
if (AddOutliner) if (AddOutliner)
addPass(MachineOutlinerPass(RunOnAllFunctions)); addPass(MachineOutlinerPass(RunOnAllFunctions));
▲ Show 20 LinesShow All 213 LinesShow Last 20 Lines

llvm/include/llvm/CodeGen/MachinePassRegistry.def

Show First 20 LinesShow All 197 Lines▼ Show 20 Lines
DUMMY_MACHINE_FUNCTION_PASS("ra-pbqp", RAPBQPPass, ()) DUMMY_MACHINE_FUNCTION_PASS("ra-pbqp", RAPBQPPass, ())
DUMMY_MACHINE_FUNCTION_PASS("legalizer", LegalizerPass, ()) DUMMY_MACHINE_FUNCTION_PASS("legalizer", LegalizerPass, ())
DUMMY_MACHINE_FUNCTION_PASS("irtranslator", IRTranslatorPass, ()) DUMMY_MACHINE_FUNCTION_PASS("irtranslator", IRTranslatorPass, ())
DUMMY_MACHINE_FUNCTION_PASS("regbankselect", RegBankSelectPass, ()) DUMMY_MACHINE_FUNCTION_PASS("regbankselect", RegBankSelectPass, ())
DUMMY_MACHINE_FUNCTION_PASS("instruction-select", InstructionSelectPass, ()) DUMMY_MACHINE_FUNCTION_PASS("instruction-select", InstructionSelectPass, ())
DUMMY_MACHINE_FUNCTION_PASS("reset-machine-function", ResetMachineFunctionPass, ()) DUMMY_MACHINE_FUNCTION_PASS("reset-machine-function", ResetMachineFunctionPass, ())
DUMMY_MACHINE_FUNCTION_PASS("machineverifier", MachineVerifierPass, ()) DUMMY_MACHINE_FUNCTION_PASS("machineverifier", MachineVerifierPass, ())
DUMMY_MACHINE_FUNCTION_PASS("print-machine-cycles", MachineCycleInfoPrinterPass, ()) DUMMY_MACHINE_FUNCTION_PASS("print-machine-cycles", MachineCycleInfoPrinterPass, ())
DUMMY_MACHINE_FUNCTION_PASS("machine-sanmd", MachineSanitizerBinaryMetadata, ())
melverUnsubmitted
Done
ReplyInline Actions

I called the LLVM IR pass just "sanmd-module".
So this could just be "machine-sanmd".

melver: I called the LLVM IR pass just "sanmd-module". So this could just be "machine-sanmd".
#undef DUMMY_MACHINE_FUNCTION_PASS #undef DUMMY_MACHINE_FUNCTION_PASS

llvm/include/llvm/CodeGen/Passes.h

Show First 20 LinesShow All 403 Lines▼ Show 20 Linesnamespace llvm {
/// bundles (created earlier, e.g. during pre-RA scheduling). /// bundles (created earlier, e.g. during pre-RA scheduling).
extern char &FinalizeMachineBundlesID; extern char &FinalizeMachineBundlesID;
/// StackMapLiveness - This pass analyses the register live-out set of /// StackMapLiveness - This pass analyses the register live-out set of
/// stackmap/patchpoint intrinsics and attaches the calculated information to /// stackmap/patchpoint intrinsics and attaches the calculated information to
/// the intrinsic for later emission to the StackMap. /// the intrinsic for later emission to the StackMap.
extern char &StackMapLivenessID; extern char &StackMapLivenessID;
// MachineSanitizerBinaryMetadata - appends/finalizes sanitizer binary
// metadata after llvm SanitizerBinaryMetadata pass.
extern char &MachineSanitizerBinaryMetadataID;
/// RemoveRedundantDebugValues pass. /// RemoveRedundantDebugValues pass.
extern char &RemoveRedundantDebugValuesID; extern char &RemoveRedundantDebugValuesID;
/// MachineCFGPrinter pass. /// MachineCFGPrinter pass.
extern char &MachineCFGPrinterID; extern char &MachineCFGPrinterID;
/// LiveDebugValues pass /// LiveDebugValues pass
extern char &LiveDebugValuesID; extern char &LiveDebugValuesID;
▲ Show 20 LinesShow All 161 LinesShow Last 20 Lines

llvm/include/llvm/InitializePasses.h

Show First 20 LinesShow All 270 Lines▼ Show 20 Lines
void initializeMachineLICMPass(PassRegistry&); void initializeMachineLICMPass(PassRegistry&);
void initializeMachineLoopInfoPass(PassRegistry&); void initializeMachineLoopInfoPass(PassRegistry&);
void initializeMachineModuleInfoWrapperPassPass(PassRegistry &); void initializeMachineModuleInfoWrapperPassPass(PassRegistry &);
void initializeMachineOptimizationRemarkEmitterPassPass(PassRegistry&); void initializeMachineOptimizationRemarkEmitterPassPass(PassRegistry&);
void initializeMachineOutlinerPass(PassRegistry&); void initializeMachineOutlinerPass(PassRegistry&);
void initializeMachinePipelinerPass(PassRegistry&); void initializeMachinePipelinerPass(PassRegistry&);
void initializeMachinePostDominatorTreePass(PassRegistry&); void initializeMachinePostDominatorTreePass(PassRegistry&);
void initializeMachineRegionInfoPassPass(PassRegistry&); void initializeMachineRegionInfoPassPass(PassRegistry&);
void initializeMachineSanitizerBinaryMetadataPass(PassRegistry &);
void initializeMachineSchedulerPass(PassRegistry&); void initializeMachineSchedulerPass(PassRegistry&);
void initializeMachineSinkingPass(PassRegistry&); void initializeMachineSinkingPass(PassRegistry&);
void initializeMachineTraceMetricsPass(PassRegistry&); void initializeMachineTraceMetricsPass(PassRegistry&);
void initializeMachineVerifierPassPass(PassRegistry&); void initializeMachineVerifierPassPass(PassRegistry&);
void initializeMemCpyOptLegacyPassPass(PassRegistry&); void initializeMemCpyOptLegacyPassPass(PassRegistry&);
void initializeMemDepPrinterPass(PassRegistry&); void initializeMemDepPrinterPass(PassRegistry&);
void initializeMemDerefPrinterPass(PassRegistry&); void initializeMemDerefPrinterPass(PassRegistry&);
void initializeMemoryDependenceWrapperPassPass(PassRegistry&); void initializeMemoryDependenceWrapperPassPass(PassRegistry&);
▲ Show 20 LinesShow All 136 LinesShow Last 20 Lines

llvm/include/llvm/Transforms/Instrumentation.h

Show First 20 LinesShow All 144 Lines▼ Show 20 Linesstruct SanitizerCoverageOptions {
bool StackDepth = false; bool StackDepth = false;
bool TraceLoads = false; bool TraceLoads = false;
bool TraceStores = false; bool TraceStores = false;
bool CollectControlFlow = false; bool CollectControlFlow = false;
SanitizerCoverageOptions() = default; SanitizerCoverageOptions() = default;
}; };
/// Options for SanitizerBinaryMetadata.
struct SanitizerBinaryMetadataOptions {
bool Covered = false;
bool Atomics = false;
SanitizerBinaryMetadataOptions() = default;
};
/// Calculate what to divide by to scale counts. /// Calculate what to divide by to scale counts.
melverUnsubmitted
Done
ReplyInline Actions

inline constexpr

But overall, I'd prefer if these wouldn't need to be defined here, but instead in SanitizerBinaryMetadata.h.

Also, re naming "SanitizerMetadata" is already overloaded and we need to stick to SanitizerBinaryMetadata :-/

melver: inline constexpr But overall, I'd prefer if these wouldn't need to be defined here, but…
/// ///
/// Given the maximum count, calculate a divisor that will scale all the /// Given the maximum count, calculate a divisor that will scale all the
/// weights to strictly less than std::numeric_limits<uint32_t>::max(). /// weights to strictly less than std::numeric_limits<uint32_t>::max().
static inline uint64_t calculateCountScale(uint64_t MaxCount) { static inline uint64_t calculateCountScale(uint64_t MaxCount) {
return MaxCount < std::numeric_limits<uint32_t>::max() return MaxCount < std::numeric_limits<uint32_t>::max()
? 1 ? 1
: MaxCount / std::numeric_limits<uint32_t>::max() + 1; : MaxCount / std::numeric_limits<uint32_t>::max() + 1;
} }
Show All 33 Lines

llvm/include/llvm/Transforms/Instrumentation/SanitizerBinaryMetadata.h

Show All 13 Lines
#include "llvm/IR/Function.h" #include "llvm/IR/Function.h"
#include "llvm/IR/Module.h" #include "llvm/IR/Module.h"
#include "llvm/IR/PassManager.h" #include "llvm/IR/PassManager.h"
#include "llvm/Transforms/Instrumentation.h" #include "llvm/Transforms/Instrumentation.h"
namespace llvm { namespace llvm {
struct SanitizerBinaryMetadataOptions {
bool Covered = false;
bool Atomics = false;
bool UAR = false;
SanitizerBinaryMetadataOptions() = default;
};
inline constexpr int kSanitizerBinaryMetadataAtomicsBit = 0;
inline constexpr int kSanitizerBinaryMetadataUARBit = 1;
inline constexpr uint32_t kSanitizerBinaryMetadataNone = 0;
inline constexpr uint32_t kSanitizerBinaryMetadataAtomics =
1 << kSanitizerBinaryMetadataAtomicsBit;
inline constexpr uint32_t kSanitizerBinaryMetadataUAR =
1 << kSanitizerBinaryMetadataUARBit;
inline constexpr char kSanitizerBinaryMetadataCoveredSection[] =
melverUnsubmitted
Done
ReplyInline Actions

inline constexpr char[]

melver: inline constexpr char[]
"sanmd_covered";
inline constexpr char kSanitizerBinaryMetadataAtomicsSection[] =
"sanmd_atomics";
/// Public interface to the SanitizerBinaryMetadata module pass for emitting /// Public interface to the SanitizerBinaryMetadata module pass for emitting
/// metadata for binary analysis sanitizers. /// metadata for binary analysis sanitizers.
// //
/// The pass should be inserted after optimizations. /// The pass should be inserted after optimizations.
class SanitizerBinaryMetadataPass class SanitizerBinaryMetadataPass
: public PassInfoMixin<SanitizerBinaryMetadataPass> { : public PassInfoMixin<SanitizerBinaryMetadataPass> {
public: public:
explicit SanitizerBinaryMetadataPass( explicit SanitizerBinaryMetadataPass(
Show All 11 Lines

llvm/lib/CodeGen/CMakeLists.txt

Show First 20 LinesShow All 191 Lines▼ Show 20 Linesadd_llvm_component_library(LLVMCodeGen
RegUsageInfoCollector.cpp RegUsageInfoCollector.cpp
RegUsageInfoPropagate.cpp RegUsageInfoPropagate.cpp
ReplaceWithVeclib.cpp ReplaceWithVeclib.cpp
ResetMachineFunctionPass.cpp ResetMachineFunctionPass.cpp
RegisterBank.cpp RegisterBank.cpp
RegisterBankInfo.cpp RegisterBankInfo.cpp
SafeStack.cpp SafeStack.cpp
SafeStackLayout.cpp SafeStackLayout.cpp
SanitizerBinaryMetadata.cpp
ScheduleDAG.cpp ScheduleDAG.cpp
ScheduleDAGInstrs.cpp ScheduleDAGInstrs.cpp
ScheduleDAGPrinter.cpp ScheduleDAGPrinter.cpp
ScoreboardHazardRecognizer.cpp ScoreboardHazardRecognizer.cpp
SelectOptimize.cpp SelectOptimize.cpp
ShadowStackGCLowering.cpp ShadowStackGCLowering.cpp
ShrinkWrap.cpp ShrinkWrap.cpp
SjLjEHPrepare.cpp SjLjEHPrepare.cpp
▲ Show 20 LinesShow All 64 LinesShow Last 20 Lines

llvm/lib/CodeGen/CodeGen.cpp

Show First 20 LinesShow All 78 Lines▼ Show 20 Linesvoid llvm::initializeCodeGen(PassRegistry &Registry) {
initializeMachineDominatorTreePass(Registry); initializeMachineDominatorTreePass(Registry);
initializeMachineFunctionPrinterPassPass(Registry); initializeMachineFunctionPrinterPassPass(Registry);
initializeMachineLICMPass(Registry); initializeMachineLICMPass(Registry);
initializeMachineLoopInfoPass(Registry); initializeMachineLoopInfoPass(Registry);
initializeMachineModuleInfoWrapperPassPass(Registry); initializeMachineModuleInfoWrapperPassPass(Registry);
initializeMachineOptimizationRemarkEmitterPassPass(Registry); initializeMachineOptimizationRemarkEmitterPassPass(Registry);
initializeMachineOutlinerPass(Registry); initializeMachineOutlinerPass(Registry);
initializeMachinePipelinerPass(Registry); initializeMachinePipelinerPass(Registry);
initializeMachineSanitizerBinaryMetadataPass(Registry);
initializeModuloScheduleTestPass(Registry); initializeModuloScheduleTestPass(Registry);
initializeMachinePostDominatorTreePass(Registry); initializeMachinePostDominatorTreePass(Registry);
initializeMachineRegionInfoPassPass(Registry); initializeMachineRegionInfoPassPass(Registry);
initializeMachineSchedulerPass(Registry); initializeMachineSchedulerPass(Registry);
initializeMachineSinkingPass(Registry); initializeMachineSinkingPass(Registry);
initializeMachineVerifierPassPass(Registry); initializeMachineVerifierPassPass(Registry);
initializeObjCARCContractLegacyPassPass(Registry); initializeObjCARCContractLegacyPassPass(Registry);
initializeOptimizePHIsPass(Registry); initializeOptimizePHIsPass(Registry);
▲ Show 20 LinesShow All 46 LinesShow Last 20 Lines

llvm/lib/CodeGen/SanitizerBinaryMetadata.cpp

  • This file was added.
//===- SanitizerBinaryMetadata.cpp
//----------------------------------------------===//
//
// Part of the LLVM Project, under the Apache License v2.0 with LLVM Exceptions.
// See https://llvm.org/LICENSE.txt for license information.
// SPDX-License-Identifier: Apache-2.0 WITH LLVM-exception
//
//===----------------------------------------------------------------------===//
//
// This file is a part of SanitizerBinaryMetadata.
//
//===----------------------------------------------------------------------===//
#include "llvm/Transforms/Instrumentation/SanitizerBinaryMetadata.h"
#include "llvm/CodeGen/MachineFrameInfo.h"
#include "llvm/CodeGen/MachineFunction.h"
#include "llvm/CodeGen/MachineFunctionPass.h"
#include "llvm/CodeGen/Passes.h"
#include "llvm/IR/IRBuilder.h"
#include "llvm/IR/MDBuilder.h"
#include "llvm/InitializePasses.h"
#include "llvm/Pass.h"
#include <algorithm>
using namespace llvm;
class MachineSanitizerBinaryMetadata : public MachineFunctionPass {
public:
static char ID;
MachineSanitizerBinaryMetadata();
bool runOnMachineFunction(MachineFunction &F) override;
};
INITIALIZE_PASS(MachineSanitizerBinaryMetadata, "machine-sanmd",
"Machine Sanitizer Binary Metadata", false, false)
char MachineSanitizerBinaryMetadata::ID = 0;
char &llvm::MachineSanitizerBinaryMetadataID =
MachineSanitizerBinaryMetadata::ID;
MachineSanitizerBinaryMetadata::MachineSanitizerBinaryMetadata()
: MachineFunctionPass(ID) {
initializeMachineSanitizerBinaryMetadataPass(
*PassRegistry::getPassRegistry());
}
bool MachineSanitizerBinaryMetadata::runOnMachineFunction(MachineFunction &MF) {
MDNode *MD = MF.getFunction().getMetadata(LLVMContext::MD_pcsections);
if (!MD)
return false;
const auto &Section = *cast<MDString>(MD->getOperand(0));
if (!Section.getString().equals(kSanitizerBinaryMetadataCoveredSection))
return false;
auto &AuxMDs = *cast<MDTuple>(MD->getOperand(1));
// Assume it currently only has features.
assert(AuxMDs.getNumOperands() == 1);
auto *Features = cast<ConstantAsMetadata>(AuxMDs.getOperand(0))->getValue();
melverUnsubmitted
Not Done
ReplyInline Actions

Probably should be getNumOperands()?

https://reviews.llvm.org/rGdbb11309665fdf7d411d25cc8f2e6a0c8f658143

-DLLVM_ENABLE_ASSERTIONS=On will catch it.

melver: Probably should be getNumOperands()? https://reviews.llvm.
if (!Features->getUniqueInteger()[kSanitizerBinaryMetadataUARBit])
return false;
// Calculate size of stack args for the function.
int64_t Size = 0;
uint64_t Align = 0;
const MachineFrameInfo &MFI = MF.getFrameInfo();
for (int i = -1; i >= (int)-MFI.getNumFixedObjects(); --i) {
Size = std::max(Size, MFI.getObjectOffset(i) + MFI.getObjectSize(i));
Align = std::max(Align, MFI.getObjectAlign(i).value());
}
Size = (Size + Align - 1) & ~(Align - 1);
auto &F = MF.getFunction();
IRBuilder<> IRB(F.getContext());
MDBuilder MDB(F.getContext());
// Keep the features and append size of stack args to the metadata.
F.setMetadata(LLVMContext::MD_pcsections,
MDB.createPCSections(
{{Section.getString(), {Features, IRB.getInt32(Size)}}}));
return false;
}
dvyukovAuthorUnsubmitted
Done
ReplyInline Actions

Should this be a new method on MDBuilder?

dvyukov: Should this be a new method on MDBuilder?
melverUnsubmitted
Done
ReplyInline Actions

As discussed, this could just use the MDBuilder, and then extract the operand out of the new MDNode without using the full MDNode.

melver: As discussed, this could just use the MDBuilder, and then extract the operand out of the new…

llvm/lib/CodeGen/TargetPassConfig.cpp

Show First 20 LinesShow All 1,264 Lines▼ Show 20 Lines if (TM->Options.EnableIPRA)
addPass(createRegUsageInfoCollector()); addPass(createRegUsageInfoCollector());
// FIXME: Some backends are incompatible with running the verifier after // FIXME: Some backends are incompatible with running the verifier after
// addPreEmitPass. Maybe only pass "false" here for those targets? // addPreEmitPass. Maybe only pass "false" here for those targets?
addPass(&FuncletLayoutID); addPass(&FuncletLayoutID);
addPass(&StackMapLivenessID); addPass(&StackMapLivenessID);
addPass(&LiveDebugValuesID); addPass(&LiveDebugValuesID);
addPass(&MachineSanitizerBinaryMetadataID);
if (TM->Options.EnableMachineOutliner && getOptLevel() != CodeGenOpt::None && if (TM->Options.EnableMachineOutliner && getOptLevel() != CodeGenOpt::None &&
EnableMachineOutliner != RunOutliner::NeverOutline) { EnableMachineOutliner != RunOutliner::NeverOutline) {
bool RunOnAllFunctions = bool RunOnAllFunctions =
(EnableMachineOutliner == RunOutliner::AlwaysOutline); (EnableMachineOutliner == RunOutliner::AlwaysOutline);
bool AddOutliner = bool AddOutliner =
RunOnAllFunctions || TM->Options.SupportsDefaultOutlining; RunOnAllFunctions || TM->Options.SupportsDefaultOutlining;
if (AddOutliner) if (AddOutliner)
▲ Show 20 LinesShow All 300 LinesShow Last 20 Lines

llvm/lib/Transforms/Instrumentation/SanitizerBinaryMetadata.cpp

Show First 20 LinesShow All 61 Lines▼ Show 20 Linespublic:
const uint32_t FeatureMask; const uint32_t FeatureMask;
static const MetadataInfo Covered; static const MetadataInfo Covered;
static const MetadataInfo Atomics; static const MetadataInfo Atomics;
private: private:
// Forbid construction elsewhere. // Forbid construction elsewhere.
explicit constexpr MetadataInfo(StringRef FunctionPrefix, explicit constexpr MetadataInfo(StringRef FunctionPrefix,
StringRef SectionSuffix, int Feature) StringRef SectionSuffix, uint32_t Feature)
: FunctionPrefix(FunctionPrefix), SectionSuffix(SectionSuffix), : FunctionPrefix(FunctionPrefix), SectionSuffix(SectionSuffix),
FeatureMask(Feature != -1 ? (1u << Feature) : 0) {} FeatureMask(Feature) {}
}; };
const MetadataInfo MetadataInfo::Covered{"__sanitizer_metadata_covered", const MetadataInfo MetadataInfo::Covered{"__sanitizer_metadata_covered",
"sanmd_covered", -1}; kSanitizerBinaryMetadataCoveredSection,
kSanitizerBinaryMetadataNone};
const MetadataInfo MetadataInfo::Atomics{"__sanitizer_metadata_atomics", const MetadataInfo MetadataInfo::Atomics{"__sanitizer_metadata_atomics",
"sanmd_atomics", 0}; kSanitizerBinaryMetadataAtomicsSection,
kSanitizerBinaryMetadataAtomics};
// The only instances of MetadataInfo are the constants above, so a set of // The only instances of MetadataInfo are the constants above, so a set of
// them may simply store pointers to them. To deterministically generate code, // them may simply store pointers to them. To deterministically generate code,
// we need to use a set with stable iteration order, such as SetVector. // we need to use a set with stable iteration order, such as SetVector.
using MetadataInfoSet = SetVector<const MetadataInfo *>; using MetadataInfoSet = SetVector<const MetadataInfo *>;
//===--- Command-line options ---------------------------------------------===// //===--- Command-line options ---------------------------------------------===//
cl::opt<bool> ClEmitCovered("sanitizer-metadata-covered", cl::opt<bool> ClEmitCovered("sanitizer-metadata-covered",
cl::desc("Emit PCs for covered functions."), cl::desc("Emit PCs for covered functions."),
cl::Hidden, cl::init(false)); cl::Hidden, cl::init(false));
cl::opt<bool> ClEmitAtomics("sanitizer-metadata-atomics", cl::opt<bool> ClEmitAtomics("sanitizer-metadata-atomics",
cl::desc("Emit PCs for atomic operations."), cl::desc("Emit PCs for atomic operations."),
cl::Hidden, cl::init(false)); cl::Hidden, cl::init(false));
cl::opt<bool> ClEmitUAR("sanitizer-metadata-uar",
cl::desc("Emit PCs for start of functions that are "
"subject for use-after-return checking"),
cl::Hidden, cl::init(false));
//===--- Statistics -------------------------------------------------------===// //===--- Statistics -------------------------------------------------------===//
STATISTIC(NumMetadataCovered, "Metadata attached to covered functions"); STATISTIC(NumMetadataCovered, "Metadata attached to covered functions");
STATISTIC(NumMetadataAtomics, "Metadata attached to atomics"); STATISTIC(NumMetadataAtomics, "Metadata attached to atomics");
STATISTIC(NumMetadataUAR, "Metadata attached to UAR functions");
//===----------------------------------------------------------------------===// //===----------------------------------------------------------------------===//
// Apply opt overrides. // Apply opt overrides.
SanitizerBinaryMetadataOptions && SanitizerBinaryMetadataOptions &&
transformOptionsFromCl(SanitizerBinaryMetadataOptions &&Opts) { transformOptionsFromCl(SanitizerBinaryMetadataOptions &&Opts) {
Opts.Covered |= ClEmitCovered; Opts.Covered |= ClEmitCovered;
Opts.Atomics |= ClEmitAtomics; Opts.Atomics |= ClEmitAtomics;
Opts.UAR |= ClEmitUAR;
return std::move(Opts); return std::move(Opts);
} }
class SanitizerBinaryMetadata { class SanitizerBinaryMetadata {
public: public:
SanitizerBinaryMetadata(Module &M, SanitizerBinaryMetadataOptions Opts) SanitizerBinaryMetadata(Module &M, SanitizerBinaryMetadataOptions Opts)
: Mod(M), Options(transformOptionsFromCl(std::move(Opts))), : Mod(M), Options(transformOptionsFromCl(std::move(Opts))),
TargetTriple(M.getTargetTriple()), IRB(M.getContext()) { TargetTriple(M.getTargetTriple()), IRB(M.getContext()) {
Show All 24 Linesprivate:
// Determines which set of metadata to collect for this instruction. // Determines which set of metadata to collect for this instruction.
// //
// Returns true if covered metadata is required to unambiguously interpret // Returns true if covered metadata is required to unambiguously interpret
// other metadata. For example, if we are interested in atomics metadata, any // other metadata. For example, if we are interested in atomics metadata, any
// function with memory operations (atomic or not) requires covered metadata // function with memory operations (atomic or not) requires covered metadata
// to determine if a memory operation is atomic or not in modules compiled // to determine if a memory operation is atomic or not in modules compiled
// with SanitizerBinaryMetadata. // with SanitizerBinaryMetadata.
bool runOn(Instruction &I, MetadataInfoSet &MIS, MDBuilder &MDB); bool runOn(Instruction &I, MetadataInfoSet &MIS, MDBuilder &MDB,
uint32_t &FeatureMask);
// Get start/end section marker pointer. // Get start/end section marker pointer.
GlobalVariable *getSectionMarker(const Twine &MarkerName, Type *Ty); GlobalVariable *getSectionMarker(const Twine &MarkerName, Type *Ty);
// Returns the target-dependent section name. // Returns the target-dependent section name.
StringRef getSectionName(StringRef SectionSuffix); StringRef getSectionName(StringRef SectionSuffix);
// Returns the section start marker name. // Returns the section start marker name.
▲ Show 20 LinesShow All 68 Lines▼ Show 20 Linesvoid SanitizerBinaryMetadata::runOn(Function &F, MetadataInfoSet &MIS) {
// Don't touch available_externally functions, their actual body is elsewhere. // Don't touch available_externally functions, their actual body is elsewhere.
if (F.getLinkage() == GlobalValue::AvailableExternallyLinkage) if (F.getLinkage() == GlobalValue::AvailableExternallyLinkage)
return; return;
MDBuilder MDB(F.getContext()); MDBuilder MDB(F.getContext());
// The metadata features enabled for this function, stored along covered // The metadata features enabled for this function, stored along covered
// metadata (if enabled). // metadata (if enabled).
uint32_t PerInstrFeatureMask = getEnabledPerInstructionFeature(); uint32_t FeatureMask = getEnabledPerInstructionFeature();
melverUnsubmitted
Done
ReplyInline Actions

I think this is no longer PerInstrFeatureMask, but should instead become FeatureMask.

melver: I think this is no longer PerInstrFeatureMask, but should instead become FeatureMask.
// Don't emit unnecessary covered metadata for all functions to save space. // Don't emit unnecessary covered metadata for all functions to save space.
bool RequiresCovered = false; bool RequiresCovered = false;
if (PerInstrFeatureMask) { // We can only understand if we need to set UAR feature after looking
// at the instructions. So we need to check instructions even if FeatureMask
// is empty.
if (FeatureMask || Options.UAR) {
melverUnsubmitted
Done
ReplyInline Actions

Comment why also || Options.UAR (because PerInstrFeatureMask setting of UAR bit is deferred?).

melver: Comment why also `|| Options.UAR` (because PerInstrFeatureMask setting of UAR bit is deferred?).
for (BasicBlock &BB : F) for (BasicBlock &BB : F)
for (Instruction &I : BB) for (Instruction &I : BB)
RequiresCovered |= runOn(I, MIS, MDB); RequiresCovered |= runOn(I, MIS, MDB, FeatureMask);
} }
if (F.isVarArg())
FeatureMask &= ~kSanitizerBinaryMetadataUAR;
melverUnsubmitted
Not Done
ReplyInline Actions

What if Options.Covered==true?

Will it still emit some UAR metadata or will it emit something it shouldn't?

Should the F.isVarArg() check be done above in if (PerInstrFeatureMask || (Options.UAR && !F.isVarArg()) ? Then you wouldn't need the PerInstrFeatureMask && RequiresCovered change below and it could still just check RequiresCovered as before.

melver: What if Options.Covered==true? Will it still emit some UAR metadata or will it emit something…
dvyukovAuthorUnsubmitted
Done
ReplyInline Actions

What if Options.Covered==true?
Will it still emit some UAR metadata or will it emit something it shouldn't?

If Options.Covered==true && F.isVarArg(), we emit covered metadata with features=0. This looks WAI.

Should the F.isVarArg() check be done above in if (PerInstrFeatureMask || (Options.UAR && !F.isVarArg()) ? Then you wouldn't need the PerInstrFeatureMask && RequiresCovered change below and it could still just check RequiresCovered as before.

It's tricky.
I forgot why I structured the code this way, but I added a new test for all permutations of covered/atomics/uar and it shows the following breakage with your proposed change:

- CHECK-AU: ellipsis: features=1 stack_args=0
+ CHECK-AU: ellipsis: features=3 stack_args=0
dvyukov: > What if Options.Covered==true? > Will it still emit some UAR metadata or will it emit…
if (FeatureMask & kSanitizerBinaryMetadataUAR)
NumMetadataUAR++;
// Covered metadata is always emitted if explicitly requested, otherwise only // Covered metadata is always emitted if explicitly requested, otherwise only
// if some other metadata requires it to unambiguously interpret it for // if some other metadata requires it to unambiguously interpret it for
// modules compiled with SanitizerBinaryMetadata. // modules compiled with SanitizerBinaryMetadata.
if (Options.Covered || RequiresCovered) { if (Options.Covered || (FeatureMask && RequiresCovered)) {
NumMetadataCovered++; NumMetadataCovered++;
const auto *MI = &MetadataInfo::Covered; const auto *MI = &MetadataInfo::Covered;
MIS.insert(MI); MIS.insert(MI);
const StringRef Section = getSectionName(MI->SectionSuffix); const StringRef Section = getSectionName(MI->SectionSuffix);
// The feature mask will be placed after the size (32 bit) of the function, // The feature mask will be placed after the size (32 bit) of the function,
// so in total one covered entry will use `sizeof(void*) + 4 + 4`. // so in total one covered entry will use `sizeof(void*) + 4 + 4`.
Constant *CFM = IRB.getInt32(PerInstrFeatureMask); Constant *CFM = IRB.getInt32(FeatureMask);
F.setMetadata(LLVMContext::MD_pcsections, F.setMetadata(LLVMContext::MD_pcsections,
MDB.createPCSections({{Section, {CFM}}})); MDB.createPCSections({{Section, {CFM}}}));
} }
} }
bool SanitizerBinaryMetadata::runOn(Instruction &I, MetadataInfoSet &MIS, bool SanitizerBinaryMetadata::runOn(Instruction &I, MetadataInfoSet &MIS,
MDBuilder &MDB) { MDBuilder &MDB, uint32_t &FeatureMask) {
SmallVector<const MetadataInfo *, 1> InstMetadata; SmallVector<const MetadataInfo *, 1> InstMetadata;
bool RequiresCovered = false; bool RequiresCovered = false;
if (Options.UAR) {
for (unsigned i = 0; i < I.getNumOperands(); ++i) {
const Value *V = I.getOperand(i);
// TODO(dvyukov): check if V is an address of alloca/function arg.
// See isSafeAndProfitableToSinkLoad for addr-taken allocas
// and DeadArgumentEliminationPass::removeDeadStuffFromFunction
// for iteration over function args.
if (V) {
RequiresCovered = true;
FeatureMask |= kSanitizerBinaryMetadataUAR;
}
}
}
if (Options.Atomics && I.mayReadOrWriteMemory()) { if (Options.Atomics && I.mayReadOrWriteMemory()) {
auto SSID = getAtomicSyncScopeID(&I); auto SSID = getAtomicSyncScopeID(&I);
if (SSID.has_value() && SSID.value() != SyncScope::SingleThread) { if (SSID.has_value() && SSID.value() != SyncScope::SingleThread) {
NumMetadataAtomics++; NumMetadataAtomics++;
InstMetadata.push_back(&MetadataInfo::Atomics); InstMetadata.push_back(&MetadataInfo::Atomics);
} }
RequiresCovered = true; RequiresCovered = true;
} }
▲ Show 20 LinesShow All 50 LinesShow Last 20 Lines

llvm/test/CodeGen/AArch64/O0-pipeline.ll

Show First 20 LinesShow All 65 Lines▼ Show 20 Lines
; CHECK-NEXT: Insert XRay ops ; CHECK-NEXT: Insert XRay ops
; CHECK-NEXT: Implement the 'patchable-function' attribute ; CHECK-NEXT: Implement the 'patchable-function' attribute
; CHECK-NEXT: Workaround A53 erratum 835769 pass ; CHECK-NEXT: Workaround A53 erratum 835769 pass
; CHECK-NEXT: AArch64 Branch Targets ; CHECK-NEXT: AArch64 Branch Targets
; CHECK-NEXT: Branch relaxation pass ; CHECK-NEXT: Branch relaxation pass
; CHECK-NEXT: Contiguously Lay Out Funclets ; CHECK-NEXT: Contiguously Lay Out Funclets
; CHECK-NEXT: StackMap Liveness Analysis ; CHECK-NEXT: StackMap Liveness Analysis
; CHECK-NEXT: Live DEBUG_VALUE analysis ; CHECK-NEXT: Live DEBUG_VALUE analysis
; CHECK-NEXT: Machine Sanitizer Binary Metadata
; CHECK-NEXT: Insert CFI remember/restore state instructions ; CHECK-NEXT: Insert CFI remember/restore state instructions
; CHECK-NEXT: Unpack machine instruction bundles ; CHECK-NEXT: Unpack machine instruction bundles
; CHECK-NEXT: Lazy Machine Block Frequency Analysis ; CHECK-NEXT: Lazy Machine Block Frequency Analysis
; CHECK-NEXT: Machine Optimization Remark Emitter ; CHECK-NEXT: Machine Optimization Remark Emitter
; CHECK-NEXT: AArch64 Assembly Printer ; CHECK-NEXT: AArch64 Assembly Printer
; CHECK-NEXT: Free MachineFunction ; CHECK-NEXT: Free MachineFunction
define void @f() { define void @f() {
ret void ret void
} }

llvm/test/CodeGen/AArch64/O3-pipeline.ll

Show First 20 LinesShow All 213 Lines▼ Show 20 Lines
; CHECK-NEXT: Machine Copy Propagation Pass ; CHECK-NEXT: Machine Copy Propagation Pass
; CHECK-NEXT: Workaround A53 erratum 835769 pass ; CHECK-NEXT: Workaround A53 erratum 835769 pass
; CHECK-NEXT: AArch64 Branch Targets ; CHECK-NEXT: AArch64 Branch Targets
; CHECK-NEXT: Branch relaxation pass ; CHECK-NEXT: Branch relaxation pass
; CHECK-NEXT: AArch64 Compress Jump Tables ; CHECK-NEXT: AArch64 Compress Jump Tables
; CHECK-NEXT: Contiguously Lay Out Funclets ; CHECK-NEXT: Contiguously Lay Out Funclets
; CHECK-NEXT: StackMap Liveness Analysis ; CHECK-NEXT: StackMap Liveness Analysis
; CHECK-NEXT: Live DEBUG_VALUE analysis ; CHECK-NEXT: Live DEBUG_VALUE analysis
; CHECK-NEXT: Machine Sanitizer Binary Metadata
; CHECK-NEXT: Machine Outliner ; CHECK-NEXT: Machine Outliner
; CHECK-NEXT: FunctionPass Manager ; CHECK-NEXT: FunctionPass Manager
; CHECK-NEXT: Insert CFI remember/restore state instructions ; CHECK-NEXT: Insert CFI remember/restore state instructions
; CHECK-NEXT: Unpack machine instruction bundles ; CHECK-NEXT: Unpack machine instruction bundles
; CHECK-NEXT: Lazy Machine Block Frequency Analysis ; CHECK-NEXT: Lazy Machine Block Frequency Analysis
; CHECK-NEXT: Machine Optimization Remark Emitter ; CHECK-NEXT: Machine Optimization Remark Emitter
; CHECK-NEXT: AArch64 Assembly Printer ; CHECK-NEXT: AArch64 Assembly Printer
; CHECK-NEXT: Free MachineFunction ; CHECK-NEXT: Free MachineFunction
Show All 18 Lines

llvm/test/CodeGen/AMDGPU/llc-pipeline.ll

Show First 20 LinesShow All 134 Lines▼ Show 20 Lines
; GCN-O0-NEXT: MachinePostDominator Tree Construction ; GCN-O0-NEXT: MachinePostDominator Tree Construction
; GCN-O0-NEXT: SI insert wait instructions ; GCN-O0-NEXT: SI insert wait instructions
; GCN-O0-NEXT: Insert required mode register values ; GCN-O0-NEXT: Insert required mode register values
; GCN-O0-NEXT: SI Final Branch Preparation ; GCN-O0-NEXT: SI Final Branch Preparation
; GCN-O0-NEXT: Post RA hazard recognizer ; GCN-O0-NEXT: Post RA hazard recognizer
; GCN-O0-NEXT: Branch relaxation pass ; GCN-O0-NEXT: Branch relaxation pass
; GCN-O0-NEXT: Register Usage Information Collector Pass ; GCN-O0-NEXT: Register Usage Information Collector Pass
; GCN-O0-NEXT: Live DEBUG_VALUE analysis ; GCN-O0-NEXT: Live DEBUG_VALUE analysis
; GCN-O0-NEXT: Machine Sanitizer Binary Metadata
; GCN-O0-NEXT: Function register usage analysis ; GCN-O0-NEXT: Function register usage analysis
; GCN-O0-NEXT: FunctionPass Manager ; GCN-O0-NEXT: FunctionPass Manager
; GCN-O0-NEXT: Lazy Machine Block Frequency Analysis ; GCN-O0-NEXT: Lazy Machine Block Frequency Analysis
; GCN-O0-NEXT: Machine Optimization Remark Emitter ; GCN-O0-NEXT: Machine Optimization Remark Emitter
; GCN-O0-NEXT: AMDGPU Assembly Printer ; GCN-O0-NEXT: AMDGPU Assembly Printer
; GCN-O0-NEXT: Free MachineFunction ; GCN-O0-NEXT: Free MachineFunction
; GCN-O0-NEXT:Pass Arguments: -domtree ; GCN-O0-NEXT:Pass Arguments: -domtree
; GCN-O0-NEXT: FunctionPass Manager ; GCN-O0-NEXT: FunctionPass Manager
▲ Show 20 LinesShow All 248 Lines▼ Show 20 Lines
; GCN-O1-NEXT: SI Insert Hard Clauses ; GCN-O1-NEXT: SI Insert Hard Clauses
; GCN-O1-NEXT: SI Final Branch Preparation ; GCN-O1-NEXT: SI Final Branch Preparation
; GCN-O1-NEXT: SI peephole optimizations ; GCN-O1-NEXT: SI peephole optimizations
; GCN-O1-NEXT: Post RA hazard recognizer ; GCN-O1-NEXT: Post RA hazard recognizer
; GCN-O1-NEXT: AMDGPU Insert Delay ALU ; GCN-O1-NEXT: AMDGPU Insert Delay ALU
; GCN-O1-NEXT: Branch relaxation pass ; GCN-O1-NEXT: Branch relaxation pass
; GCN-O1-NEXT: Register Usage Information Collector Pass ; GCN-O1-NEXT: Register Usage Information Collector Pass
; GCN-O1-NEXT: Live DEBUG_VALUE analysis ; GCN-O1-NEXT: Live DEBUG_VALUE analysis
; GCN-O1-NEXT: Machine Sanitizer Binary Metadata
; GCN-O1-NEXT: Function register usage analysis ; GCN-O1-NEXT: Function register usage analysis
; GCN-O1-NEXT: FunctionPass Manager ; GCN-O1-NEXT: FunctionPass Manager
; GCN-O1-NEXT: Lazy Machine Block Frequency Analysis ; GCN-O1-NEXT: Lazy Machine Block Frequency Analysis
; GCN-O1-NEXT: Machine Optimization Remark Emitter ; GCN-O1-NEXT: Machine Optimization Remark Emitter
; GCN-O1-NEXT: AMDGPU Assembly Printer ; GCN-O1-NEXT: AMDGPU Assembly Printer
; GCN-O1-NEXT: Free MachineFunction ; GCN-O1-NEXT: Free MachineFunction
; GCN-O1-NEXT:Pass Arguments: -domtree ; GCN-O1-NEXT:Pass Arguments: -domtree
; GCN-O1-NEXT: FunctionPass Manager ; GCN-O1-NEXT: FunctionPass Manager
▲ Show 20 LinesShow All 280 Lines▼ Show 20 Lines
; GCN-O1-OPTS-NEXT: SI Insert Hard Clauses ; GCN-O1-OPTS-NEXT: SI Insert Hard Clauses
; GCN-O1-OPTS-NEXT: SI Final Branch Preparation ; GCN-O1-OPTS-NEXT: SI Final Branch Preparation
; GCN-O1-OPTS-NEXT: SI peephole optimizations ; GCN-O1-OPTS-NEXT: SI peephole optimizations
; GCN-O1-OPTS-NEXT: Post RA hazard recognizer ; GCN-O1-OPTS-NEXT: Post RA hazard recognizer
; GCN-O1-OPTS-NEXT: AMDGPU Insert Delay ALU ; GCN-O1-OPTS-NEXT: AMDGPU Insert Delay ALU
; GCN-O1-OPTS-NEXT: Branch relaxation pass ; GCN-O1-OPTS-NEXT: Branch relaxation pass
; GCN-O1-OPTS-NEXT: Register Usage Information Collector Pass ; GCN-O1-OPTS-NEXT: Register Usage Information Collector Pass
; GCN-O1-OPTS-NEXT: Live DEBUG_VALUE analysis ; GCN-O1-OPTS-NEXT: Live DEBUG_VALUE analysis
; GCN-O1-OPTS-NEXT: Machine Sanitizer Binary Metadata
; GCN-O1-OPTS-NEXT: Function register usage analysis ; GCN-O1-OPTS-NEXT: Function register usage analysis
; GCN-O1-OPTS-NEXT: FunctionPass Manager ; GCN-O1-OPTS-NEXT: FunctionPass Manager
; GCN-O1-OPTS-NEXT: Lazy Machine Block Frequency Analysis ; GCN-O1-OPTS-NEXT: Lazy Machine Block Frequency Analysis
; GCN-O1-OPTS-NEXT: Machine Optimization Remark Emitter ; GCN-O1-OPTS-NEXT: Machine Optimization Remark Emitter
; GCN-O1-OPTS-NEXT: AMDGPU Assembly Printer ; GCN-O1-OPTS-NEXT: AMDGPU Assembly Printer
; GCN-O1-OPTS-NEXT: Free MachineFunction ; GCN-O1-OPTS-NEXT: Free MachineFunction
; GCN-O1-OPTS-NEXT:Pass Arguments: -domtree ; GCN-O1-OPTS-NEXT:Pass Arguments: -domtree
; GCN-O1-OPTS-NEXT: FunctionPass Manager ; GCN-O1-OPTS-NEXT: FunctionPass Manager
▲ Show 20 LinesShow All 283 Lines▼ Show 20 Lines
; GCN-O2-NEXT: SI Final Branch Preparation ; GCN-O2-NEXT: SI Final Branch Preparation
; GCN-O2-NEXT: SI peephole optimizations ; GCN-O2-NEXT: SI peephole optimizations
; GCN-O2-NEXT: Post RA hazard recognizer ; GCN-O2-NEXT: Post RA hazard recognizer
; GCN-O2-NEXT: Release VGPRs ; GCN-O2-NEXT: Release VGPRs
; GCN-O2-NEXT: AMDGPU Insert Delay ALU ; GCN-O2-NEXT: AMDGPU Insert Delay ALU
; GCN-O2-NEXT: Branch relaxation pass ; GCN-O2-NEXT: Branch relaxation pass
; GCN-O2-NEXT: Register Usage Information Collector Pass ; GCN-O2-NEXT: Register Usage Information Collector Pass
; GCN-O2-NEXT: Live DEBUG_VALUE analysis ; GCN-O2-NEXT: Live DEBUG_VALUE analysis
; GCN-O2-NEXT: Machine Sanitizer Binary Metadata
; GCN-O2-NEXT: Function register usage analysis ; GCN-O2-NEXT: Function register usage analysis
; GCN-O2-NEXT: FunctionPass Manager ; GCN-O2-NEXT: FunctionPass Manager
; GCN-O2-NEXT: Lazy Machine Block Frequency Analysis ; GCN-O2-NEXT: Lazy Machine Block Frequency Analysis
; GCN-O2-NEXT: Machine Optimization Remark Emitter ; GCN-O2-NEXT: Machine Optimization Remark Emitter
; GCN-O2-NEXT: AMDGPU Assembly Printer ; GCN-O2-NEXT: AMDGPU Assembly Printer
; GCN-O2-NEXT: Free MachineFunction ; GCN-O2-NEXT: Free MachineFunction
; GCN-O2-NEXT:Pass Arguments: -domtree ; GCN-O2-NEXT:Pass Arguments: -domtree
; GCN-O2-NEXT: FunctionPass Manager ; GCN-O2-NEXT: FunctionPass Manager
▲ Show 20 LinesShow All 295 Lines▼ Show 20 Lines
; GCN-O3-NEXT: SI Final Branch Preparation ; GCN-O3-NEXT: SI Final Branch Preparation
; GCN-O3-NEXT: SI peephole optimizations ; GCN-O3-NEXT: SI peephole optimizations
; GCN-O3-NEXT: Post RA hazard recognizer ; GCN-O3-NEXT: Post RA hazard recognizer
; GCN-O3-NEXT: Release VGPRs ; GCN-O3-NEXT: Release VGPRs
; GCN-O3-NEXT: AMDGPU Insert Delay ALU ; GCN-O3-NEXT: AMDGPU Insert Delay ALU
; GCN-O3-NEXT: Branch relaxation pass ; GCN-O3-NEXT: Branch relaxation pass
; GCN-O3-NEXT: Register Usage Information Collector Pass ; GCN-O3-NEXT: Register Usage Information Collector Pass
; GCN-O3-NEXT: Live DEBUG_VALUE analysis ; GCN-O3-NEXT: Live DEBUG_VALUE analysis
; GCN-O3-NEXT: Machine Sanitizer Binary Metadata
; GCN-O3-NEXT: Function register usage analysis ; GCN-O3-NEXT: Function register usage analysis
; GCN-O3-NEXT: FunctionPass Manager ; GCN-O3-NEXT: FunctionPass Manager
; GCN-O3-NEXT: Lazy Machine Block Frequency Analysis ; GCN-O3-NEXT: Lazy Machine Block Frequency Analysis
; GCN-O3-NEXT: Machine Optimization Remark Emitter ; GCN-O3-NEXT: Machine Optimization Remark Emitter
; GCN-O3-NEXT: AMDGPU Assembly Printer ; GCN-O3-NEXT: AMDGPU Assembly Printer
; GCN-O3-NEXT: Free MachineFunction ; GCN-O3-NEXT: Free MachineFunction
; GCN-O3-NEXT:Pass Arguments: -domtree ; GCN-O3-NEXT:Pass Arguments: -domtree
; GCN-O3-NEXT: FunctionPass Manager ; GCN-O3-NEXT: FunctionPass Manager
; GCN-O3-NEXT: Dominator Tree Construction ; GCN-O3-NEXT: Dominator Tree Construction
define void @empty() { define void @empty() {
ret void ret void
} }

llvm/test/CodeGen/ARM/O3-pipeline.ll

Show First 20 LinesShow All 184 Lines▼ Show 20 Lines
; CHECK-NEXT: Unpack machine instruction bundles ; CHECK-NEXT: Unpack machine instruction bundles
; CHECK-NEXT: MachineDominator Tree Construction ; CHECK-NEXT: MachineDominator Tree Construction
; CHECK-NEXT: Machine Natural Loop Construction ; CHECK-NEXT: Machine Natural Loop Construction
; CHECK-NEXT: ARM block placement ; CHECK-NEXT: ARM block placement
; CHECK-NEXT: optimise barriers pass ; CHECK-NEXT: optimise barriers pass
; CHECK-NEXT: Contiguously Lay Out Funclets ; CHECK-NEXT: Contiguously Lay Out Funclets
; CHECK-NEXT: StackMap Liveness Analysis ; CHECK-NEXT: StackMap Liveness Analysis
; CHECK-NEXT: Live DEBUG_VALUE analysis ; CHECK-NEXT: Live DEBUG_VALUE analysis
; CHECK-NEXT: Machine Sanitizer Binary Metadata
; CHECK-NEXT: Machine Outliner ; CHECK-NEXT: Machine Outliner
; CHECK-NEXT: FunctionPass Manager ; CHECK-NEXT: FunctionPass Manager
; CHECK-NEXT: ReachingDefAnalysis ; CHECK-NEXT: ReachingDefAnalysis
; CHECK-NEXT: ARM fix for Cortex-A57 AES Erratum 1742098 ; CHECK-NEXT: ARM fix for Cortex-A57 AES Erratum 1742098
; CHECK-NEXT: ARM Branch Targets ; CHECK-NEXT: ARM Branch Targets
; CHECK-NEXT: MachineDominator Tree Construction ; CHECK-NEXT: MachineDominator Tree Construction
; CHECK-NEXT: ARM constant island placement and branch shortening pass ; CHECK-NEXT: ARM constant island placement and branch shortening pass
; CHECK-NEXT: MachineDominator Tree Construction ; CHECK-NEXT: MachineDominator Tree Construction
; CHECK-NEXT: Machine Natural Loop Construction ; CHECK-NEXT: Machine Natural Loop Construction
; CHECK-NEXT: ReachingDefAnalysis ; CHECK-NEXT: ReachingDefAnalysis
; CHECK-NEXT: ARM Low Overhead Loops pass ; CHECK-NEXT: ARM Low Overhead Loops pass
; CHECK-NEXT: Lazy Machine Block Frequency Analysis ; CHECK-NEXT: Lazy Machine Block Frequency Analysis
; CHECK-NEXT: Machine Optimization Remark Emitter ; CHECK-NEXT: Machine Optimization Remark Emitter
; CHECK-NEXT: ARM Assembly Printer ; CHECK-NEXT: ARM Assembly Printer
; CHECK-NEXT: Free MachineFunction ; CHECK-NEXT: Free MachineFunction

llvm/test/CodeGen/M68k/pipeline.ll

Show First 20 LinesShow All 125 Lines▼ Show 20 Lines
; CHECK-NEXT: Branch Probability Basic Block Placement ; CHECK-NEXT: Branch Probability Basic Block Placement
; CHECK-NEXT: Insert fentry calls ; CHECK-NEXT: Insert fentry calls
; CHECK-NEXT: Insert XRay ops ; CHECK-NEXT: Insert XRay ops
; CHECK-NEXT: Implement the 'patchable-function' attribute ; CHECK-NEXT: Implement the 'patchable-function' attribute
; CHECK-NEXT: M68k MOVEM collapser pass ; CHECK-NEXT: M68k MOVEM collapser pass
; CHECK-NEXT: Contiguously Lay Out Funclets ; CHECK-NEXT: Contiguously Lay Out Funclets
; CHECK-NEXT: StackMap Liveness Analysis ; CHECK-NEXT: StackMap Liveness Analysis
; CHECK-NEXT: Live DEBUG_VALUE analysis ; CHECK-NEXT: Live DEBUG_VALUE analysis
; CHECK-NEXT: Machine Sanitizer Binary Metadata
; CHECK-NEXT: Lazy Machine Block Frequency Analysis ; CHECK-NEXT: Lazy Machine Block Frequency Analysis
; CHECK-NEXT: Machine Optimization Remark Emitter ; CHECK-NEXT: Machine Optimization Remark Emitter
; CHECK-NEXT: M68k Assembly Printer ; CHECK-NEXT: M68k Assembly Printer
; CHECK-NEXT: Free MachineFunction ; CHECK-NEXT: Free MachineFunction

llvm/test/CodeGen/PowerPC/O3-pipeline.ll

Show First 20 LinesShow All 201 Lines▼ Show 20 Lines
; CHECK-NEXT: Insert XRay ops ; CHECK-NEXT: Insert XRay ops
; CHECK-NEXT: Implement the 'patchable-function' attribute ; CHECK-NEXT: Implement the 'patchable-function' attribute
; CHECK-NEXT: PowerPC Pre-Emit Peephole ; CHECK-NEXT: PowerPC Pre-Emit Peephole
; CHECK-NEXT: PowerPC Expand ISEL Generation ; CHECK-NEXT: PowerPC Expand ISEL Generation
; CHECK-NEXT: PowerPC Early-Return Creation ; CHECK-NEXT: PowerPC Early-Return Creation
; CHECK-NEXT: Contiguously Lay Out Funclets ; CHECK-NEXT: Contiguously Lay Out Funclets
; CHECK-NEXT: StackMap Liveness Analysis ; CHECK-NEXT: StackMap Liveness Analysis
; CHECK-NEXT: Live DEBUG_VALUE analysis ; CHECK-NEXT: Live DEBUG_VALUE analysis
; CHECK-NEXT: Machine Sanitizer Binary Metadata
; CHECK-NEXT: PowerPC Expand Atomic ; CHECK-NEXT: PowerPC Expand Atomic
; CHECK-NEXT: PowerPC Branch Selector ; CHECK-NEXT: PowerPC Branch Selector
; CHECK-NEXT: Lazy Machine Block Frequency Analysis ; CHECK-NEXT: Lazy Machine Block Frequency Analysis
; CHECK-NEXT: Machine Optimization Remark Emitter ; CHECK-NEXT: Machine Optimization Remark Emitter
; CHECK-NEXT: Linux PPC Assembly Printer ; CHECK-NEXT: Linux PPC Assembly Printer
; CHECK-NEXT: Free MachineFunction ; CHECK-NEXT: Free MachineFunction
define void @f() { define void @f() {
ret void ret void
} }

llvm/test/CodeGen/RISCV/O0-pipeline.ll

Show First 20 LinesShow All 51 Lines▼ Show 20 Lines
; CHECK-NEXT: Insert fentry calls ; CHECK-NEXT: Insert fentry calls
; CHECK-NEXT: Insert XRay ops ; CHECK-NEXT: Insert XRay ops
; CHECK-NEXT: Implement the 'patchable-function' attribute ; CHECK-NEXT: Implement the 'patchable-function' attribute
; CHECK-NEXT: Branch relaxation pass ; CHECK-NEXT: Branch relaxation pass
; CHECK-NEXT: RISCV Make Compressible ; CHECK-NEXT: RISCV Make Compressible
; CHECK-NEXT: Contiguously Lay Out Funclets ; CHECK-NEXT: Contiguously Lay Out Funclets
; CHECK-NEXT: StackMap Liveness Analysis ; CHECK-NEXT: StackMap Liveness Analysis
; CHECK-NEXT: Live DEBUG_VALUE analysis ; CHECK-NEXT: Live DEBUG_VALUE analysis
; CHECK-NEXT: Machine Sanitizer Binary Metadata
; CHECK-NEXT: RISCV pseudo instruction expansion pass ; CHECK-NEXT: RISCV pseudo instruction expansion pass
; CHECK-NEXT: RISCV atomic pseudo instruction expansion pass ; CHECK-NEXT: RISCV atomic pseudo instruction expansion pass
; CHECK-NEXT: Lazy Machine Block Frequency Analysis ; CHECK-NEXT: Lazy Machine Block Frequency Analysis
; CHECK-NEXT: Machine Optimization Remark Emitter ; CHECK-NEXT: Machine Optimization Remark Emitter
; CHECK-NEXT: RISCV Assembly Printer ; CHECK-NEXT: RISCV Assembly Printer
; CHECK-NEXT: Free MachineFunction ; CHECK-NEXT: Free MachineFunction

llvm/test/CodeGen/RISCV/O3-pipeline.ll

Show First 20 LinesShow All 158 Lines▼ Show 20 Lines
; CHECK-NEXT: Insert fentry calls ; CHECK-NEXT: Insert fentry calls
; CHECK-NEXT: Insert XRay ops ; CHECK-NEXT: Insert XRay ops
; CHECK-NEXT: Implement the 'patchable-function' attribute ; CHECK-NEXT: Implement the 'patchable-function' attribute
; CHECK-NEXT: Branch relaxation pass ; CHECK-NEXT: Branch relaxation pass
; CHECK-NEXT: RISCV Make Compressible ; CHECK-NEXT: RISCV Make Compressible
; CHECK-NEXT: Contiguously Lay Out Funclets ; CHECK-NEXT: Contiguously Lay Out Funclets
; CHECK-NEXT: StackMap Liveness Analysis ; CHECK-NEXT: StackMap Liveness Analysis
; CHECK-NEXT: Live DEBUG_VALUE analysis ; CHECK-NEXT: Live DEBUG_VALUE analysis
; CHECK-NEXT: Machine Sanitizer Binary Metadata
; CHECK-NEXT: Machine Outliner ; CHECK-NEXT: Machine Outliner
; CHECK-NEXT: FunctionPass Manager ; CHECK-NEXT: FunctionPass Manager
; CHECK-NEXT: RISCV pseudo instruction expansion pass ; CHECK-NEXT: RISCV pseudo instruction expansion pass
; CHECK-NEXT: RISCV atomic pseudo instruction expansion pass ; CHECK-NEXT: RISCV atomic pseudo instruction expansion pass
; CHECK-NEXT: Lazy Machine Block Frequency Analysis ; CHECK-NEXT: Lazy Machine Block Frequency Analysis
; CHECK-NEXT: Machine Optimization Remark Emitter ; CHECK-NEXT: Machine Optimization Remark Emitter
; CHECK-NEXT: RISCV Assembly Printer ; CHECK-NEXT: RISCV Assembly Printer
; CHECK-NEXT: Free MachineFunction ; CHECK-NEXT: Free MachineFunction

llvm/test/CodeGen/X86/O0-pipeline.ll

Show First 20 LinesShow All 66 Lines▼ Show 20 Lines
; CHECK-NEXT: X86 vzeroupper inserter ; CHECK-NEXT: X86 vzeroupper inserter
; CHECK-NEXT: Compressing EVEX instrs to VEX encoding when possibl ; CHECK-NEXT: Compressing EVEX instrs to VEX encoding when possibl
; CHECK-NEXT: X86 Discriminate Memory Operands ; CHECK-NEXT: X86 Discriminate Memory Operands
; CHECK-NEXT: X86 Insert Cache Prefetches ; CHECK-NEXT: X86 Insert Cache Prefetches
; CHECK-NEXT: X86 insert wait instruction ; CHECK-NEXT: X86 insert wait instruction
; CHECK-NEXT: Contiguously Lay Out Funclets ; CHECK-NEXT: Contiguously Lay Out Funclets
; CHECK-NEXT: StackMap Liveness Analysis ; CHECK-NEXT: StackMap Liveness Analysis
; CHECK-NEXT: Live DEBUG_VALUE analysis ; CHECK-NEXT: Live DEBUG_VALUE analysis
; CHECK-NEXT: Machine Sanitizer Binary Metadata
; CHECK-NEXT: X86 Speculative Execution Side Effect Suppression ; CHECK-NEXT: X86 Speculative Execution Side Effect Suppression
; CHECK-NEXT: X86 Indirect Thunks ; CHECK-NEXT: X86 Indirect Thunks
; CHECK-NEXT: X86 Return Thunks ; CHECK-NEXT: X86 Return Thunks
; CHECK-NEXT: Check CFA info and insert CFI instructions if needed ; CHECK-NEXT: Check CFA info and insert CFI instructions if needed
; CHECK-NEXT: X86 Load Value Injection (LVI) Ret-Hardening ; CHECK-NEXT: X86 Load Value Injection (LVI) Ret-Hardening
; CHECK-NEXT: Pseudo Probe Inserter ; CHECK-NEXT: Pseudo Probe Inserter
; CHECK-NEXT: Unpack machine instruction bundles ; CHECK-NEXT: Unpack machine instruction bundles
; CHECK-NEXT: Lazy Machine Block Frequency Analysis ; CHECK-NEXT: Lazy Machine Block Frequency Analysis
; CHECK-NEXT: Machine Optimization Remark Emitter ; CHECK-NEXT: Machine Optimization Remark Emitter
; CHECK-NEXT: X86 Assembly Printer ; CHECK-NEXT: X86 Assembly Printer
; CHECK-NEXT: Free MachineFunction ; CHECK-NEXT: Free MachineFunction
define void @f() { define void @f() {
ret void ret void
} }

llvm/test/CodeGen/X86/opt-pipeline.ll

Show First 20 LinesShow All 200 Lines▼ Show 20 Lines
; CHECK-NEXT: X86 LEA Fixup ; CHECK-NEXT: X86 LEA Fixup
; CHECK-NEXT: Compressing EVEX instrs to VEX encoding when possible ; CHECK-NEXT: Compressing EVEX instrs to VEX encoding when possible
; CHECK-NEXT: X86 Discriminate Memory Operands ; CHECK-NEXT: X86 Discriminate Memory Operands
; CHECK-NEXT: X86 Insert Cache Prefetches ; CHECK-NEXT: X86 Insert Cache Prefetches
; CHECK-NEXT: X86 insert wait instruction ; CHECK-NEXT: X86 insert wait instruction
; CHECK-NEXT: Contiguously Lay Out Funclets ; CHECK-NEXT: Contiguously Lay Out Funclets
; CHECK-NEXT: StackMap Liveness Analysis ; CHECK-NEXT: StackMap Liveness Analysis
; CHECK-NEXT: Live DEBUG_VALUE analysis ; CHECK-NEXT: Live DEBUG_VALUE analysis
; CHECK-NEXT: Machine Sanitizer Binary Metadata
; CHECK-NEXT: X86 Speculative Execution Side Effect Suppression ; CHECK-NEXT: X86 Speculative Execution Side Effect Suppression
; CHECK-NEXT: X86 Indirect Thunks ; CHECK-NEXT: X86 Indirect Thunks
; CHECK-NEXT: X86 Return Thunks ; CHECK-NEXT: X86 Return Thunks
; CHECK-NEXT: Check CFA info and insert CFI instructions if needed ; CHECK-NEXT: Check CFA info and insert CFI instructions if needed
; CHECK-NEXT: X86 Load Value Injection (LVI) Ret-Hardening ; CHECK-NEXT: X86 Load Value Injection (LVI) Ret-Hardening
; CHECK-NEXT: Pseudo Probe Inserter ; CHECK-NEXT: Pseudo Probe Inserter
; CHECK-NEXT: Unpack machine instruction bundles ; CHECK-NEXT: Unpack machine instruction bundles
; CHECK-NEXT: Lazy Machine Block Frequency Analysis ; CHECK-NEXT: Lazy Machine Block Frequency Analysis
Show All 13 Lines