This is an archive of the discontinued LLVM Phabricator instance.

Differential D143921

[debug-info][codegen] Prevent creation of self-referential SP node
ClosedPublic

Authored by fdeazeve on Feb 13 2023, 8:30 AM.

Details

Reviewers
jdoerfert
aprantl
dblaikie
Group Reviewers
debug-info
Commits
rG997dc7e00f49: [debug-info][codegen] Prevent creation of self-referential SP node
Summary

The function CGDebugInfo::EmitFunctionDecl is supposed to create a
declaration -- never a _definition_ -- of a subprogram. This is made
evident by the fact that the SPFlags never have the "Declaration" bit
set by that function.

However, when EmitFunctionDecl calls DIBuilder::createFunction, it
still tries to fill the "Declaration" argument by passing it the result
of getFunctionDeclaration(D). This will query an internal cache of
previously created declarations and, for most code paths, we return
nullptr; all is good.

However, as reported in [0], there are pathological cases in which we
attempt to recreate a declaration, so the cache query succeeds,
resulting in a subprogram declaration whose declaration field points to
another declaration. Through a series of RAUWs, the declaration field
ends up pointing to the SP itself. Self-referential MDNodes can't be
unique, which causes the verifier to fail (declarations must be
unique).

We can argue that the caller should check the cache first, but this is
not a correctness issue (declarations are unique anyway). The bug is
that CGDebugInfo::EmitFunctionDecl should always pass nullptr to the
declaration argument of DIBuilder::createFunction, expressing the fact
that declarations don't point to other declarations. AFAICT this is not
something for which any reasonable meaning exists.

This seems a lot like a copy-paste mistake that has survived for ~10
years, since other places in this file have the exact same call almost
token-by-token.

I've tested this by compiling LLVMSupport with and without the patch, O2
and O0, and comparing the dwarfdump of the lib. The dumps are identical
modulo the attributes decl_file/producer/comp_dir.

[0]: https://github.com/llvm/llvm-project/issues/59241

Diff Detail

Event Timeline

fdeazeve created this revision.Feb 13 2023, 8:30 AM
Herald added a project: Restricted Project. · View Herald TranscriptFeb 13 2023, 8:30 AM
Herald added subscribers: jdoerfert, hiraditya. · View Herald Transcript
fdeazeve requested review of this revision.Feb 13 2023, 8:30 AM
Herald added a reviewer: jdoerfert. · View Herald TranscriptFeb 13 2023, 8:30 AM
Herald added projects: Restricted Project, Restricted Project. · View Herald Transcript
Herald added subscribers: llvm-commits, cfe-commits, sstefan1. · View Herald Transcript
fdeazeve added reviewers: debug-info, aprantl, dblaikie.Feb 13 2023, 8:32 AM
fdeazeve added a comment.Feb 13 2023, 8:35 AM

Any testing suggestions here? I can use what we have on GH (cpp -> codegen test), but I'm not sure if there's a finer grained test we could use.

ayermolo added a subscriber: ayermolo.Feb 13 2023, 8:36 AM
Harbormaster completed remote builds in B213441: Diff 497000.Feb 13 2023, 9:35 AM
weiwang added a subscriber: weiwang.Feb 13 2023, 9:48 AM
aprantl accepted this revision.Feb 13 2023, 1:03 PM
aprantl added inline comments.
llvm/lib/IR/Verifier.cpp
1404

Can you a new test for this?

This revision is now accepted and ready to land.Feb 13 2023, 1:03 PM
aprantl added a comment.Feb 13 2023, 3:58 PM
In D143921#4123218, @fdeazeve wrote:

Any testing suggestions here? I can use what we have on GH (cpp -> codegen test), but I'm not sure if there's a finer grained test we could use.

I was thinking of a very small IR test similar to llvm/test/Verifier/disubprogram-name-match-only.ll.

fdeazeve updated this revision to Diff 497321.Feb 14 2023, 7:20 AM

Added verifier test

fdeazeve added a comment.Feb 14 2023, 7:21 AM
In D143921#4124533, @aprantl wrote:
In D143921#4123218, @fdeazeve wrote:

Any testing suggestions here? I can use what we have on GH (cpp -> codegen test), but I'm not sure if there's a finer grained test we could use.

I was thinking of a very small IR test similar to llvm/test/Verifier/disubprogram-name-match-only.ll.

Yup, good idea, this should be enough! Added.

aprantl accepted this revision.Feb 14 2023, 8:51 AM

Test looks good!

Harbormaster completed remote builds in B213659: Diff 497321.Feb 14 2023, 9:13 AM
fdeazeve updated this revision to Diff 497713.Feb 15 2023, 9:47 AM

Fixed clang format issue

Harbormaster completed remote builds in B213924: Diff 497713.Feb 15 2023, 10:49 AM
This revision was landed with ongoing or failed builds.Feb 20 2023, 11:23 AM
Closed by commit rG997dc7e00f49: [debug-info][codegen] Prevent creation of self-referential SP node (authored by fdeazeve). · Explain Why
This revision was automatically updated to reflect the committed changes.
fdeazeve added a commit: rG997dc7e00f49: [debug-info][codegen] Prevent creation of self-referential SP node.

Revision Contents

PathSize
clang/
lib/
CodeGen/
7 lines
llvm/
docs/
17 lines
lib/
IR/
2 lines
test/
Verifier/
17 lines

Diff 498919

clang/lib/CodeGen/CGDebugInfo.cpp

Show First 20 LinesShow All 4,219 Lines▼ Show 20 Linesvoid CGDebugInfo::EmitFunctionDecl(GlobalDecl GD, SourceLocation Loc,
unsigned LineNo = getLineNumber(Loc); unsigned LineNo = getLineNumber(Loc);
unsigned ScopeLine = 0; unsigned ScopeLine = 0;
llvm::DISubprogram::DISPFlags SPFlags = llvm::DISubprogram::SPFlagZero; llvm::DISubprogram::DISPFlags SPFlags = llvm::DISubprogram::SPFlagZero;
if (CGM.getLangOpts().Optimize) if (CGM.getLangOpts().Optimize)
SPFlags |= llvm::DISubprogram::SPFlagOptimized; SPFlags |= llvm::DISubprogram::SPFlagOptimized;
llvm::DINodeArray Annotations = CollectBTFDeclTagAnnotations(D); llvm::DINodeArray Annotations = CollectBTFDeclTagAnnotations(D);
llvm::DISubroutineType *STy = getOrCreateFunctionType(D, FnType, Unit); llvm::DISubroutineType *STy = getOrCreateFunctionType(D, FnType, Unit);
llvm::DISubprogram *SP = llvm::DISubprogram *SP = DBuilder.createFunction(
DBuilder.createFunction(FDContext, Name, LinkageName, Unit, LineNo, STy, FDContext, Name, LinkageName, Unit, LineNo, STy, ScopeLine, Flags,
ScopeLine, Flags, SPFlags, TParamsArray.get(), SPFlags, TParamsArray.get(), nullptr, nullptr, Annotations);
getFunctionDeclaration(D), nullptr, Annotations);
// Preserve btf_decl_tag attributes for parameters of extern functions // Preserve btf_decl_tag attributes for parameters of extern functions
// for BPF target. The parameters created in this loop are attached as // for BPF target. The parameters created in this loop are attached as
// DISubprogram's retainedNodes in the subsequent finalizeSubprogram call. // DISubprogram's retainedNodes in the subsequent finalizeSubprogram call.
if (IsDeclForCallSite && CGM.getTarget().getTriple().isBPF()) { if (IsDeclForCallSite && CGM.getTarget().getTriple().isBPF()) {
if (auto *FD = dyn_cast<FunctionDecl>(D)) { if (auto *FD = dyn_cast<FunctionDecl>(D)) {
llvm::DITypeRefArray ParamTypes = STy->getTypeArray(); llvm::DITypeRefArray ParamTypes = STy->getTypeArray();
unsigned ArgNo = 1; unsigned ArgNo = 1;
▲ Show 20 LinesShow All 1,534 LinesShow Last 20 Lines

llvm/docs/LangRef.rst

  • This file is larger than 256 KB, so syntax highlighting is disabled by default.
Show First 20 LinesShow All 5,770 Lines▼ Show 20 Lines
metadata. A unique ``DISubprogram`` may be attached to a function declaration metadata. A unique ``DISubprogram`` may be attached to a function declaration
used for call site debug info. The ``retainedNodes:`` field is a list of used for call site debug info. The ``retainedNodes:`` field is a list of
:ref:`variables <DILocalVariable>` and :ref:`labels <DILabel>` that must be :ref:`variables <DILocalVariable>` and :ref:`labels <DILabel>` that must be
retained, even if their IR counterparts are optimized out of the IR. The retained, even if their IR counterparts are optimized out of the IR. The
``type:`` field must point at an :ref:`DISubroutineType`. ``type:`` field must point at an :ref:`DISubroutineType`.
.. _DISubprogramDeclaration: .. _DISubprogramDeclaration:
When ``isDefinition: false``, subprograms describe a declaration in the type When ``spFlags: DISPFlagDefinition`` is not present, subprograms describe a
tree as opposed to a definition of a function. If the scope is a composite declaration in the type tree as opposed to a definition of a function. In this
type with an ODR ``identifier:`` and that does not set ``flags: DIFwdDecl``, case, the ``declaration`` field must be empty. If the scope is a composite type
then the subprogram declaration is uniqued based only on its ``linkageName:`` with an ODR ``identifier:`` and that does not set ``flags: DIFwdDecl``, then
and ``scope:``. the subprogram declaration is uniqued based only on its ``linkageName:`` and
``scope:``.
.. code-block:: text .. code-block:: text
define void @_Z3foov() !dbg !0 { define void @_Z3foov() !dbg !0 {
... ...
} }
!0 = distinct !DISubprogram(name: "foo", linkageName: "_Zfoov", scope: !1, !0 = distinct !DISubprogram(name: "foo", linkageName: "_Zfoov", scope: !1,
file: !2, line: 7, type: !3, isLocal: true, file: !2, line: 7, type: !3,
isDefinition: true, scopeLine: 8, spFlags: DISPFlagDefinition | DISPFlagLocalToUnit,
containingType: !4, scopeLine: 8, containingType: !4,
virtuality: DW_VIRTUALITY_pure_virtual, virtuality: DW_VIRTUALITY_pure_virtual,
virtualIndex: 10, flags: DIFlagPrototyped, virtualIndex: 10, flags: DIFlagPrototyped,
isOptimized: true, unit: !5, templateParams: !6, isOptimized: true, unit: !5, templateParams: !6,
declaration: !7, retainedNodes: !8, declaration: !7, retainedNodes: !8,
thrownTypes: !9) thrownTypes: !9)
.. _DILexicalBlock: .. _DILexicalBlock:
▲ Show 20 LinesShow All 20,994 LinesShow Last 20 Lines

llvm/lib/IR/Verifier.cpp

  • This file is larger than 256 KB, so syntax highlighting is disabled by default.
Show First 20 LinesShow All 1,394 Lines▼ Show 20 Lines if (N.isDefinition()) {
CheckDI(N.isDistinct(), "subprogram definitions must be distinct", &N); CheckDI(N.isDistinct(), "subprogram definitions must be distinct", &N);
CheckDI(Unit, "subprogram definitions must have a compile unit", &N); CheckDI(Unit, "subprogram definitions must have a compile unit", &N);
CheckDI(isa<DICompileUnit>(Unit), "invalid unit type", &N, Unit); CheckDI(isa<DICompileUnit>(Unit), "invalid unit type", &N, Unit);
if (N.getFile()) if (N.getFile())
verifySourceDebugInfo(*N.getUnit(), *N.getFile()); verifySourceDebugInfo(*N.getUnit(), *N.getFile());
} else { } else {
// Subprogram declarations (part of the type hierarchy). // Subprogram declarations (part of the type hierarchy).
CheckDI(!Unit, "subprogram declarations must not have a compile unit", &N); CheckDI(!Unit, "subprogram declarations must not have a compile unit", &N);
CheckDI(!N.getRawDeclaration(),
"subprogram declaration must not have a declaration field");
aprantlUnsubmitted
Not Done
ReplyInline Actions

Can you a new test for this?

aprantl: Can you a new test for this?
} }
if (auto *RawThrownTypes = N.getRawThrownTypes()) { if (auto *RawThrownTypes = N.getRawThrownTypes()) {
auto *ThrownTypes = dyn_cast<MDTuple>(RawThrownTypes); auto *ThrownTypes = dyn_cast<MDTuple>(RawThrownTypes);
CheckDI(ThrownTypes, "invalid thrown types list", &N, RawThrownTypes); CheckDI(ThrownTypes, "invalid thrown types list", &N, RawThrownTypes);
for (Metadata *Op : ThrownTypes->operands()) for (Metadata *Op : ThrownTypes->operands())
CheckDI(Op && isa<DIType>(Op), "invalid thrown type", &N, ThrownTypes, CheckDI(Op && isa<DIType>(Op), "invalid thrown type", &N, ThrownTypes,
Op); Op);
▲ Show 20 LinesShow All 5,501 LinesShow Last 20 Lines

llvm/test/Verifier/disubprogram_declaration.ll

  • This file was added.
; RUN: llvm-as -disable-output <%s 2>&1| FileCheck %s
declare !dbg !12 i32 @declared_only()
!llvm.module.flags = !{!2}
!llvm.dbg.cu = !{!5}
!2 = !{i32 2, !"Debug Info Version", i32 3}
!5 = distinct !DICompileUnit(language: DW_LANG_C_plus_plus_14, file: !6, producer: "clang", emissionKind: FullDebug)
!6 = !DIFile(filename: "a.cpp", directory: "/")
!7 = !{}
!11 = !DISubroutineType(types: !7)
!12 = !DISubprogram(name: "declared_only", scope: !6, file: !6, line: 2, type: !11, spFlags: DISPFlagOptimized, retainedNodes: !7, declaration: !13)
!13 = !DISubprogram(name: "declared_only", scope: !6, file: !6, line: 2, type: !11, spFlags: DISPFlagOptimized, retainedNodes: !7)
; CHECK: subprogram declaration must not have a declaration field
; CHECK: warning: ignoring invalid debug info