This is an archive of the discontinued LLVM Phabricator instance.

Paths

Table of Contentst

-
llvm/
-
lib/IR/
-
IR/
2
Verifier.cpp
-
test/
-
CodeGen/AMDGPU/GlobalISel/
-
AMDGPU/
-
GlobalISel/
-
unsupported-load.ll
-
unsupported-ptr-add.ll
-
Verifier/AMDGPU/
-
AMDGPU/
-
buffer-rsrc-pointers.ll

Differential D146762

[Verifier] Ban GEP, load, store of addrspace(8) on AMDGPU
Needs ReviewPublic

Authored by krzysz00 on Mar 23 2023, 2:40 PM.

Download Raw Diff

Details

Reviewers

arsenm
nhaehnle

Summary

AMDGPU buffer resources (address space 8) have a complex
representation (they're 80 bits of metadata followed by 48 bits of
address) and a complex set of addressing modes (such as structured
buffer addressing, which separates out an "index" and "offset" and
allow for things like in-hardware swizzling). While these resources
are represented as pointers to enable alias analysis and other
pointer-based reasoning, they must not be manipulated using standard
LLVM instructions.

This commit adds the cases to the LLVM verifier needed to prohibit
such usage.

Depends on D146761

Diff Detail

Repository: rG LLVM Github Monorepo

Event Timeline

krzysz00 created this revision.Mar 23 2023, 2:40 PM

Herald added a project: Restricted Project. · View Herald TranscriptMar 23 2023, 2:40 PM

Herald added subscribers: kosarev, kerbowa, hiraditya and 6 others. · View Herald Transcript

krzysz00 requested review of this revision.Mar 23 2023, 2:40 PM

Herald added a project: Restricted Project. · View Herald TranscriptMar 23 2023, 2:40 PM

Herald added subscribers: llvm-commits, wdng. · View Herald Transcript

krzysz00 added reviewers: arsenm, nhaehnle.Mar 23 2023, 2:45 PM

Harbormaster completed remote builds in B221425: Diff 507889.Mar 23 2023, 3:33 PM

foad added a subscriber: foad.Mar 24 2023, 1:06 AM

foad added inline comments.Mar 31 2023, 4:17 AM

llvm/lib/IR/Verifier.cpp
3875	It feels wrong to me to have target-dependent checks in the IR verifier, but I don't know if it is actually prohibited. `TT` crept into the verifier in D65686 as a way to implement object-file-format-dependent checks.

We don't have any real target specific verifier checks like this now. I do think we need some kind of target IR verifier, but just dropping this in like this is probably not the way to go about it

llvm/lib/IR/Verifier.cpp
3876–3878	Can use GEP.getAddressSpace(). This also will miss constant expressions

I wasn't sure if the general IR verifier is the absolute best place, but it already has calling-convention specific checks, which, at least in our case, are target specific.

In D146762#4236828, @krzysz00 wrote:

I wasn't sure if the general IR verifier is the absolute best place, but it already has calling-convention specific checks, which, at least in our case, are target specific.

Calling conventions aren't quite the same, even if you always only ever use the calling convention on a specific target in the real world. It's not changing the semantics of a core IR construct based on a target check

This is my proposed stopgap measure to stop people from tripping over the target -specitic rule we'd need that you can't take offsets of buffer resources except through the arguments to our intrinsics.

Doing this in a less hacky way is probably equivalent to @nhaehnle 's proposal for structured GEP, where we'd gain a data layout flag for "these pointers have inherently complex addressing modes, you can't GEP them correctly".

Revision Contents

Path

Size

llvm/

lib/

IR/

Verifier.cpp

23 lines

test/

CodeGen/

AMDGPU/

GlobalISel/

unsupported-load.ll

2 lines

unsupported-ptr-add.ll

2 lines

Verifier/

AMDGPU/

buffer-rsrc-pointers.ll

31 lines

Diff 507889

llvm/lib/IR/Verifier.cpp

This file is larger than 256 KB, so syntax highlighting is disabled by default.

Show First 20 Lines • Show All 3,866 Lines • ▼ Show 20 Lines	if (auto *GEPVTy = dyn_cast<VectorType>(GEP.getType())) {
}		}
}		}

if (auto *PTy = dyn_cast<PointerType>(GEP.getType())) {		if (auto *PTy = dyn_cast<PointerType>(GEP.getType())) {
Check(GEP.getAddressSpace() == PTy->getAddressSpace(),		Check(GEP.getAddressSpace() == PTy->getAddressSpace(),
"GEP address space doesn't match type", &GEP);		"GEP address space doesn't match type", &GEP);
}		}

		if (TT.isAMDGCN()) {
		foadUnsubmitted Not Done Reply Inline Actions It feels wrong to me to have target-dependent checks in the IR verifier, but I don't know if it is actually prohibited. `TT` crept into the verifier in D65686 as a way to implement object-file-format-dependent checks. foad: It feels wrong to me to have target-dependent checks in the IR verifier, but I don't know if it…
		auto *PTy = dyn_cast<PointerType>(GEP.getPointerOperandType());
		if (auto *VPtrTy = dyn_cast<VectorType>(GEP.getPointerOperandType()))
		PTy = dyn_cast<PointerType>(VPtrTy->getElementType());
		arsenmUnsubmitted Not Done Reply Inline Actions Can use GEP.getAddressSpace(). This also will miss constant expressions arsenm: Can use GEP.getAddressSpace(). This also will miss constant expressions
		Check(!PTy \|\| PTy->getAddressSpace() != 8,
		"AMDGCN does not allow GEP of buffer resources (addrspace 8)", &GEP);
		}

visitInstruction(GEP);		visitInstruction(GEP);
}		}

static bool isContiguous(const ConstantRange &A, const ConstantRange &B) {		static bool isContiguous(const ConstantRange &A, const ConstantRange &B) {
return A.getUpper() == B.getLower() \|\| A.getLower() == B.getUpper();		return A.getUpper() == B.getLower() \|\| A.getLower() == B.getUpper();
}		}

void Verifier::visitRangeMetadata(Instruction &I, MDNode Range, Type Ty) {		void Verifier::visitRangeMetadata(Instruction &I, MDNode Range, Type Ty) {
▲ Show 20 Lines • Show All 70 Lines • ▼ Show 20 Lines	Check(ElTy->isIntOrPtrTy() \|\| ElTy->isFloatingPointTy(),
"type!",		"type!",
ElTy, &LI);		ElTy, &LI);
checkAtomicMemAccessSize(ElTy, &LI);		checkAtomicMemAccessSize(ElTy, &LI);
} else {		} else {
Check(LI.getSyncScopeID() == SyncScope::System,		Check(LI.getSyncScopeID() == SyncScope::System,
"Non-atomic load cannot have SynchronizationScope specified", &LI);		"Non-atomic load cannot have SynchronizationScope specified", &LI);
}		}

		if (TT.isAMDGCN()) {
		Check(PTy->getAddressSpace() != 8,
		"AMDGCN does not allow loads from buffer resources (addrspace 8), "
		"use intrinsics instead",
		&LI);
		}

visitInstruction(LI);		visitInstruction(LI);
}		}

void Verifier::visitStoreInst(StoreInst &SI) {		void Verifier::visitStoreInst(StoreInst &SI) {
PointerType *PTy = dyn_cast<PointerType>(SI.getOperand(1)->getType());		PointerType *PTy = dyn_cast<PointerType>(SI.getOperand(1)->getType());
Check(PTy, "Store operand must be a pointer.", &SI);		Check(PTy, "Store operand must be a pointer.", &SI);
Type *ElTy = SI.getOperand(0)->getType();		Type *ElTy = SI.getOperand(0)->getType();
Check(PTy->isOpaqueOrPointeeTypeMatches(ElTy),		Check(PTy->isOpaqueOrPointeeTypeMatches(ElTy),
Show All 11 Lines	Check(ElTy->isIntOrPtrTy() \|\| ElTy->isFloatingPointTy(),
"atomic store operand must have integer, pointer, or floating point "		"atomic store operand must have integer, pointer, or floating point "
"type!",		"type!",
ElTy, &SI);		ElTy, &SI);
checkAtomicMemAccessSize(ElTy, &SI);		checkAtomicMemAccessSize(ElTy, &SI);
} else {		} else {
Check(SI.getSyncScopeID() == SyncScope::System,		Check(SI.getSyncScopeID() == SyncScope::System,
"Non-atomic store cannot have SynchronizationScope specified", &SI);		"Non-atomic store cannot have SynchronizationScope specified", &SI);
}		}

		if (TT.isAMDGCN()) {
		Check(PTy->getAddressSpace() != 8,
		"AMDGCN does not allow stores to buffer resources (addrspace 8), use "
		"intrinsics instead",
		&SI);
		}

visitInstruction(SI);		visitInstruction(SI);
}		}

/// Check that SwiftErrorVal is used as a swifterror argument in CS.		/// Check that SwiftErrorVal is used as a swifterror argument in CS.
void Verifier::verifySwiftErrorCall(CallBase &Call,		void Verifier::verifySwiftErrorCall(CallBase &Call,
const Value *SwiftErrorVal) {		const Value *SwiftErrorVal) {
for (const auto &I : llvm::enumerate(Call.args())) {		for (const auto &I : llvm::enumerate(Call.args())) {
if (I.value() == SwiftErrorVal) {		if (I.value() == SwiftErrorVal) {
▲ Show 20 Lines • Show All 2,924 Lines • Show Last 20 Lines

llvm/test/CodeGen/AMDGPU/GlobalISel/unsupported-load.ll

	; RUN: not --crash llc -global-isel=1 -mtriple=amdgcn-amd-amdhsa -mcpu=gfx900 -o - < %s 2>&1 \| FileCheck -check-prefix=GISEL-ERR %s			; RUN: not --crash llc -disable-verify -global-isel=1 -mtriple=amdgcn-amd-amdhsa -mcpu=gfx900 -o - < %s 2>&1 \| FileCheck -check-prefix=GISEL-ERR %s

	; GISEL-ERR: LLVM ERROR: cannot select: %{{[0-9]+}}:vgpr_32(s32) = G_LOAD %{{[0-9]+}}:vgpr(p8) :: (load (s32) from %ir.rsrc, addrspace 8)			; GISEL-ERR: LLVM ERROR: cannot select: %{{[0-9]+}}:vgpr_32(s32) = G_LOAD %{{[0-9]+}}:vgpr(p8) :: (load (s32) from %ir.rsrc, addrspace 8)

	define float @load_from_rsrc(ptr addrspace(8) %rsrc) {			define float @load_from_rsrc(ptr addrspace(8) %rsrc) {
	body:			body:
	%res = load float, ptr addrspace(8) %rsrc			%res = load float, ptr addrspace(8) %rsrc
	ret float %res			ret float %res
	}			}

llvm/test/CodeGen/AMDGPU/GlobalISel/unsupported-ptr-add.ll

	; RUN: not --crash llc -global-isel=1 -mtriple=amdgcn-amd-amdhsa -mcpu=gfx900 -o - < %s 2>&1 \| FileCheck -check-prefix=GISEL-ERR %s			; RUN: not --crash llc -disable-verify -global-isel=1 -mtriple=amdgcn-amd-amdhsa -mcpu=gfx900 -o - < %s 2>&1 \| FileCheck -check-prefix=GISEL-ERR %s

	; GISEL-ERR: LLVM ERROR: unable to legalize instruction: %{{[0-9]+}}:_(p8) = G_PTR_ADD %{{[0-9]+}}:_, %{{[0-9]+}}:_(s128)			; GISEL-ERR: LLVM ERROR: unable to legalize instruction: %{{[0-9]+}}:_(p8) = G_PTR_ADD %{{[0-9]+}}:_, %{{[0-9]+}}:_(s128)


	define float @gep_on_rsrc(ptr addrspace(8) %rsrc) {			define float @gep_on_rsrc(ptr addrspace(8) %rsrc) {
	body:			body:
	%next = getelementptr float, ptr addrspace(8) %rsrc, i128 1			%next = getelementptr float, ptr addrspace(8) %rsrc, i128 1
	%res = call float @llvm.amdgcn.raw.buffer.load.f32(ptr addrspace(8) %next, i32 0, i32 0, i32 0)			%res = call float @llvm.amdgcn.raw.buffer.load.f32(ptr addrspace(8) %next, i32 0, i32 0, i32 0)
	ret float %res			ret float %res
	}			}

	declare float @llvm.amdgcn.raw.buffer.load.f32(ptr addrspace(8), i32, i32, i32 immarg)			declare float @llvm.amdgcn.raw.buffer.load.f32(ptr addrspace(8), i32, i32, i32 immarg)

llvm/test/Verifier/AMDGPU/buffer-rsrc-pointers.ll

This file was added.

				; RUN: not llvm-as %s -o /dev/null 2>&1 \| FileCheck %s

				target triple = "amdgcn--";

				define ptr addrspace(8) @scalar_gep(ptr addrspace(8) %p) {
				; CHECK: AMDGCN does not allow GEP of buffer resources (addrspace 8)
				; CHECK-NEXT: %ret = getelementptr i8, ptr addrspace(8) %p, i32 0
				%ret = getelementptr i8, ptr addrspace(8) %p, i32 0
				ret ptr addrspace(8) %ret
				}

				define <2 x ptr addrspace(8)> @vec_gep(<2 x ptr addrspace(8)> %p) {
				; CHECK: AMDGCN does not allow GEP of buffer resources (addrspace 8)
				; CHECK-NEXT: %ret = getelementptr i8, <2 x ptr addrspace(8)> %p, <2 x i32> <i32 0, i32 1>
				%ret = getelementptr i8, <2 x ptr addrspace(8)> %p, <2 x i32> <i32 0, i32 1>
				ret <2 x ptr addrspace(8)> %ret
				}

				define i32 @load(ptr addrspace(8) %p) {
				; CHECK: AMDGCN does not allow loads from buffer resources (addrspace 8), use intrinsics instead
				; CHECK-NEXT: %ret = load i32, ptr addrspace(8) %p, align 4
				%ret = load i32, ptr addrspace(8) %p
				ret i32 %ret
				}

				define void @store(ptr addrspace(8) %p) {
				; CHECK: AMDGCN does not allow stores to buffer resources (addrspace 8), use intrinsics instead
				; CHECK-NEXT: store i32 0, ptr addrspace(8) %p, align 4
				store i32 0, ptr addrspace(8) %p
				ret void
				}