This is an archive of the discontinued LLVM Phabricator instance.

Paths

Table of Contentst

-
clang/
-
lib/CodeGen/
-
CodeGen/
-
CGCoroutine.cpp
1/2
CGExpr.cpp
1/2
CodeGenFunction.h
-
test/CodeGenCoroutines/
-
CodeGenCoroutines/
-
pr59181.cpp

Differential D144680

[Coroutines] Avoid creating conditional cleanup markers in suspend block
ClosedPublic

Authored by weiwang on Feb 23 2023, 3:00 PM.

Download Raw Diff

Details

Reviewers

ChuanqiXu
bruno

Commits

rGce7eb2e05544: [Coroutines] Avoid creating conditional cleanup markers in suspend block

Summary

We shouldn't access coro frame after returning from await_suspend() and before llvm.coro.suspend().
Make sure we always hoist conditional cleanup markers when inside the await.suspend block.

Fix https://github.com/llvm/llvm-project/issues/59181

Diff Detail

Repository: rG LLVM Github Monorepo

Event Timeline

weiwang created this revision.Feb 23 2023, 3:00 PM

Herald added a project: Restricted Project. · View Herald TranscriptFeb 23 2023, 3:00 PM

Herald added subscribers: ChuanqiXu, hoy, wenlei. · View Herald Transcript

weiwang requested review of this revision.Feb 23 2023, 3:00 PM

Herald added a project: Restricted Project. · View Herald TranscriptFeb 23 2023, 3:00 PM

Herald added a subscriber: cfe-commits. · View Herald Transcript

weiwang edited the summary of this revision. (Show Details)Feb 23 2023, 3:13 PM

weiwang added a reviewer: ChuanqiXu.

weiwang edited the summary of this revision. (Show Details)Feb 23 2023, 3:17 PM

weiwang added a reviewer: bruno.

Thanks for working on this Wei!

Can you please add a testcase?

clang/lib/CodeGen/CodeGenFunction.h
336	Should this live inside CGCoroData instead?

Harbormaster completed remote builds in B215612: Diff 499993.Feb 23 2023, 3:58 PM

The test should be required here.

clang/lib/CodeGen/CGExpr.cpp
544–547	We should add comment to explain why we add a forward path for coroutines.

BTW, what is the conclusion for the concern about sanitizers? Would change make sanitizers to perform false positive diagnostics?

In D144680#4149149, @ChuanqiXu wrote:

BTW, what is the conclusion for the concern about sanitizers? Would change make sanitizers to perform false positive diagnostics?

This change is limited to the await.suspend block, which only does codegen for awaiter.await_suspend(coroutine_handle<p>::from_promise(p)). In this case, I think the only asan check removed by the change is the conditional marker for cleanup the temporary coroutine_handler used as the parameter of await_suspend, so my understanding is that it shouldn't affect asan diagnostic.

To show the difference it makes to the source from issue #59181

Before:

%ref.tmp25 = alloca %"struct.std::__1::coroutine_handle.6", align 8
...
// asan check inserted here
bool cond_cleanup_marker = false;

if (cond) {
    // get awaiter
    ...

    if (!awaiter.await_ready()) {
        call void @llvm.lifetime.start.p0(i64 8, ptr %ref.tmp25)
        
        // asan check inserted here
	cond_cleanup_marker = true;
	
        // store handler to %ref.tmp25
	...
	
        awaiter.await_suspend();

        // asan check inserted here
	if (cond_cleanup_marker)
	    call void @llvm.lifetime.end.p0(i64 8, ptr %ref.tmp25)
        call i8 @llvm.coro.suspend(...)
	...
    }
    ...
} else {
    ... 
}
...
lpad:
    ...
    // asan check inserted here
    if (cond_cleanup_marker)
        call void @llvm.lifetime.end.p0(i64 8, ptr %ref.tmp25)

The issue is only reproduced in -O0, because `cond_cleanup_marker is optimized away in -O1 or up opt level.

After:

%ref.tmp25 = alloca %"struct.std::__1::coroutine_handle.6", align 8
...

call void @llvm.lifetime.start.p0(i64 8, ptr %ref.tmp25)

if (cond) {
    ...
    if (!awaiter.await_ready()) {
        // store handler to %ref.tmp25
	...

	awaiter.await_suspend();
	call void @llvm.lifetime.end.p0(i64 8, ptr %ref.tmp25)
	call i8 @llvm.coro.suspend(...)
	...
    }
    ...
} else {
    ... 
}
...
lpad:
    call void @llvm.lifetime.end.p0(i64 8, ptr %ref.tmp25)

This also matches with the IR without asan.

clang/lib/CodeGen/CGExpr.cpp
544–547	Will do
clang/lib/CodeGen/CodeGenFunction.h
336	`CGCoroData` is forward declared here, so it does not know what's inside.

add test case and some comments

LGTM, then.

This revision is now accepted and ready to land.Feb 27 2023, 6:29 PM

Harbormaster completed remote builds in B216348: Diff 500958.Feb 27 2023, 7:07 PM

add target triple

Harbormaster completed remote builds in B216517: Diff 501205.Feb 28 2023, 10:15 AM

This revision was landed with ongoing or failed builds.Feb 28 2023, 3:31 PM

Closed by commit rGce7eb2e05544: [Coroutines] Avoid creating conditional cleanup markers in suspend block (authored by weiwang). · Explain Why

This revision was automatically updated to reflect the committed changes.

weiwang added a commit: rGce7eb2e05544: [Coroutines] Avoid creating conditional cleanup markers in suspend block.

Revision Contents

Path

Size

clang/

lib/

CodeGen/

CGCoroutine.cpp

2 lines

CGExpr.cpp

12 lines

CodeGenFunction.h

5 lines

test/

CodeGenCoroutines/

pr59181.cpp

60 lines

Diff 501311

clang/lib/CodeGen/CGCoroutine.cpp

Show First 20 Lines • Show All 192 Lines • ▼ Show 20 Lines	static LValueOrRValue emitSuspendExpression(CodeGenFunction &CGF, CGCoroData &Coro,
// Otherwise, emit suspend logic.		// Otherwise, emit suspend logic.
CGF.EmitBlock(SuspendBlock);		CGF.EmitBlock(SuspendBlock);

auto &Builder = CGF.Builder;		auto &Builder = CGF.Builder;
llvm::Function *CoroSave = CGF.CGM.getIntrinsic(llvm::Intrinsic::coro_save);		llvm::Function *CoroSave = CGF.CGM.getIntrinsic(llvm::Intrinsic::coro_save);
auto *NullPtr = llvm::ConstantPointerNull::get(CGF.CGM.Int8PtrTy);		auto *NullPtr = llvm::ConstantPointerNull::get(CGF.CGM.Int8PtrTy);
auto *SaveCall = Builder.CreateCall(CoroSave, {NullPtr});		auto *SaveCall = Builder.CreateCall(CoroSave, {NullPtr});

		CGF.CurCoro.InSuspendBlock = true;
auto *SuspendRet = CGF.EmitScalarExpr(S.getSuspendExpr());		auto *SuspendRet = CGF.EmitScalarExpr(S.getSuspendExpr());
		CGF.CurCoro.InSuspendBlock = false;
if (SuspendRet != nullptr && SuspendRet->getType()->isIntegerTy(1)) {		if (SuspendRet != nullptr && SuspendRet->getType()->isIntegerTy(1)) {
// Veto suspension if requested by bool returning await_suspend.		// Veto suspension if requested by bool returning await_suspend.
BasicBlock *RealSuspendBlock =		BasicBlock *RealSuspendBlock =
CGF.createBasicBlock(Prefix + Twine(".suspend.bool"));		CGF.createBasicBlock(Prefix + Twine(".suspend.bool"));
CGF.Builder.CreateCondBr(SuspendRet, RealSuspendBlock, ReadyBlock);		CGF.Builder.CreateCondBr(SuspendRet, RealSuspendBlock, ReadyBlock);
CGF.EmitBlock(RealSuspendBlock);		CGF.EmitBlock(RealSuspendBlock);
}		}

▲ Show 20 Lines • Show All 529 Lines • Show Last 20 Lines

clang/lib/CodeGen/CGExpr.cpp

Show First 20 Lines • Show All 535 Lines • ▼ Show 20 Lines	if (auto *Var = dyn_cast<llvm::GlobalVariable>(

case SD_FullExpression: {		case SD_FullExpression: {
if (!ShouldEmitLifetimeMarkers)		if (!ShouldEmitLifetimeMarkers)
break;		break;

// Avoid creating a conditional cleanup just to hold an llvm.lifetime.end		// Avoid creating a conditional cleanup just to hold an llvm.lifetime.end
// marker. Instead, start the lifetime of a conditional temporary earlier		// marker. Instead, start the lifetime of a conditional temporary earlier
// so that it's unconditional. Don't do this with sanitizers which need		// so that it's unconditional. Don't do this with sanitizers which need
// more precise lifetime marks.		// more precise lifetime marks. However when inside an "await.suspend"
		// block, we should always avoid conditional cleanup because it creates
		// boolean marker that lives across await_suspend, which can destroy coro
		// frame.
		ChuanqiXuUnsubmitted Not Done Reply Inline Actions We should add comment to explain why we add a forward path for coroutines. ChuanqiXu: We should add comment to explain why we add a forward path for coroutines.
		weiwangAuthorUnsubmitted Done Reply Inline Actions Will do weiwang: Will do
ConditionalEvaluation *OldConditional = nullptr;		ConditionalEvaluation *OldConditional = nullptr;
CGBuilderTy::InsertPoint OldIP;		CGBuilderTy::InsertPoint OldIP;
if (isInConditionalBranch() && !E->getType().isDestructedType() &&		if (isInConditionalBranch() && !E->getType().isDestructedType() &&
!SanOpts.has(SanitizerKind::HWAddress) &&		((!SanOpts.has(SanitizerKind::HWAddress) &&
!SanOpts.has(SanitizerKind::Memory) &&		!SanOpts.has(SanitizerKind::Memory) &&
!CGM.getCodeGenOpts().SanitizeAddressUseAfterScope) {		!CGM.getCodeGenOpts().SanitizeAddressUseAfterScope) \|\|
		inSuspendBlock())) {
OldConditional = OutermostConditional;		OldConditional = OutermostConditional;
OutermostConditional = nullptr;		OutermostConditional = nullptr;

OldIP = Builder.saveIP();		OldIP = Builder.saveIP();
llvm::BasicBlock *Block = OldConditional->getStartingBlock();		llvm::BasicBlock *Block = OldConditional->getStartingBlock();
Builder.restoreIP(CGBuilderTy::InsertPoint(		Builder.restoreIP(CGBuilderTy::InsertPoint(
Block, llvm::BasicBlock::iterator(Block->back())));		Block, llvm::BasicBlock::iterator(Block->back())));
}		}
▲ Show 20 Lines • Show All 5,110 Lines • Show Last 20 Lines

clang/lib/CodeGen/CodeGenFunction.h

Show First 20 Lines • Show All 327 Lines • ▼ Show 20 Lines	public:
/// Save Parameter Decl for coroutine.		/// Save Parameter Decl for coroutine.
llvm::SmallVector<const ParmVarDecl *, 4> FnArgs;		llvm::SmallVector<const ParmVarDecl *, 4> FnArgs;

// Holds coroutine data if the current function is a coroutine. We use a		// Holds coroutine data if the current function is a coroutine. We use a
// wrapper to manage its lifetime, so that we don't have to define CGCoroData		// wrapper to manage its lifetime, so that we don't have to define CGCoroData
// in this header.		// in this header.
struct CGCoroInfo {		struct CGCoroInfo {
std::unique_ptr<CGCoroData> Data;		std::unique_ptr<CGCoroData> Data;
		bool InSuspendBlock = false;
		brunoUnsubmitted Not Done Reply Inline Actions Should this live inside CGCoroData instead? bruno: Should this live inside CGCoroData instead?
		weiwangAuthorUnsubmitted Done Reply Inline Actions `CGCoroData` is forward declared here, so it does not know what's inside. weiwang: `CGCoroData` is forward declared here, so it does not know what's inside.
CGCoroInfo();		CGCoroInfo();
~CGCoroInfo();		~CGCoroInfo();
};		};
CGCoroInfo CurCoro;		CGCoroInfo CurCoro;

bool isCoroutine() const {		bool isCoroutine() const {
return CurCoro.Data != nullptr;		return CurCoro.Data != nullptr;
}		}

		bool inSuspendBlock() const {
		return isCoroutine() && CurCoro.InSuspendBlock;
		}

/// CurGD - The GlobalDecl for the current function being compiled.		/// CurGD - The GlobalDecl for the current function being compiled.
GlobalDecl CurGD;		GlobalDecl CurGD;

/// PrologueCleanupDepth - The cleanup depth enclosing all the		/// PrologueCleanupDepth - The cleanup depth enclosing all the
/// cleanups associated with the parameters.		/// cleanups associated with the parameters.
EHScopeStack::stable_iterator PrologueCleanupDepth;		EHScopeStack::stable_iterator PrologueCleanupDepth;

/// ReturnBlock - Unified return block.		/// ReturnBlock - Unified return block.
▲ Show 20 Lines • Show All 4,537 Lines • Show Last 20 Lines

clang/test/CodeGenCoroutines/pr59181.cpp

This file was added.

				// Test for PR59181. Tests that no conditional cleanup is created around await_suspend.
				//
				// REQUIRES: x86-registered-target
				//
				// RUN: %clang_cc1 -triple x86_64-unknown-linux-gnu -emit-llvm %s -o - -std=c++20 -disable-llvm-passes -fsanitize-address-use-after-scope \| FileCheck %s

				#include "Inputs/coroutine.h"

				struct Task {
				int value_;
				struct promise_type {
				Task get_return_object() {
				return Task{0};
				}

				std::suspend_never initial_suspend() noexcept {
				return {};
				}

				std::suspend_never final_suspend() noexcept {
				return {};
				}

				void return_value(Task t) noexcept {}
				void unhandled_exception() noexcept {}

				auto await_transform(Task t) {
				struct Suspension {
				auto await_ready() noexcept { return false;}
				auto await_suspend(std::coroutine_handle<> coro) {
				coro.destroy();
				}

				auto await_resume() noexcept {
				return 0;
				}
				};
				return Suspension{};
				}
				};
				};

				Task bar(bool cond) {
				co_return cond ? Task{ co_await Task{}}: Task{};
				}

				void foo() {
				bar(true);
				}

				// CHECK: cleanup.cont:{{.*}}
				// CHECK-NEXT: load i8
				// CHECK-NEXT: trunc
				// CHECK-NEXT: store i1 false
				// CHECK-NEXT: call void @llvm.lifetime.start.p0(i64 8, ptr [[REF:%ref.tmp[0-9]+]])

				// CHECK: await.suspend:{{.*}}
				// CHECK-NOT: call void @llvm.lifetime.start.p0(i64 8, ptr [[REF]])
				// CHECK: call void @_ZZN4Task12promise_type15await_transformES_EN10Suspension13await_suspendESt16coroutine_handleIvE
				// CHECK-NEXT: call void @llvm.lifetime.end.p0(i64 8, ptr [[REF]])