This is an archive of the discontinued LLVM Phabricator instance.

Differential D54588

[llvm][IRBuilder] Introspection for CreateAlignmentAssumption*() functions
ClosedPublic

Authored by lebedev.ri on Nov 15 2018, 10:25 AM.

Details

Reviewers
spatel
dneilson
craig.topper
dblaikie
hfinkel
Commits
rG6d0413fe237f: [llvm][IRBuilder] Introspection for CreateAlignmentAssumption*() functions
rGc7f215dbffa6: [llvm][IRBuilder] Introspection for CreateAlignmentAssumption*() functions
rL351176: [llvm][IRBuilder] Introspection for CreateAlignmentAssumption*() functions
rL351104: [llvm][IRBuilder] Introspection for CreateAlignmentAssumption*() functions
Summary

Clang calls these functions to produce IR for assume-aligned attributes.
I would like to teach UBSAN to verify these assumptions.
For that, i need to access the final pointer on which the check is performed,
and the actual icmp that does the check.

The alternative to this would be to fully re-implement this in clang.

Diff Detail

Repository
rL LLVM

Event Timeline

lebedev.ri created this revision.Nov 15 2018, 10:25 AM
lebedev.ri mentioned this in D54589: [clang][UBSan] Sanitization for alignment assumptions..
lebedev.ri added a child revision: D54589: [clang][UBSan] Sanitization for alignment assumptions..
hfinkel added a subscriber: hfinkel.Nov 16 2018, 5:54 AM
hfinkel added inline comments.
include/llvm/IR/IRBuilder.h
2126 ↗(On Diff #174236)

Please add comments here documenting the use of this struct and the meaning of the fields.

lebedev.ri updated this revision to Diff 174368.Nov 16 2018, 6:57 AM
lebedev.ri marked an inline comment as done.

Document the AlignmentAssumptionIntrospection struct.

hfinkel added inline comments.Nov 16 2018, 9:14 AM
include/llvm/IR/IRBuilder.h
2127 ↗(On Diff #174368)

Don't mention Clang specifics in IRBuilder's documentation. That's not relevant here.

2131 ↗(On Diff #174368)

This is a question?

2132 ↗(On Diff #174368)

Also, it's not clear to me why you need this. A sanitizer should get the both the original pointer and the offset to give maximum information to the user. No?

lebedev.ri added inline comments.Nov 16 2018, 9:24 AM
include/llvm/IR/IRBuilder.h
2132 ↗(On Diff #174368)

A sanitizer should get the both the original pointer and the offset

Exactly, *both*. In clang, i know the original pointer, the offset (may be 0), and the alignment.

But the alignment check is performed not on the original pointer, but on f(pointer, offset),
which is in this case (((uintptr_t)pointer) - offset). So if i don't capture the PtrIntValue
(which *is* (((uintptr_t)pointer) - offset)), i will need to re-calculate it elsewhere,
and ensure that both of the calculations stay in sync.

Seems best to re-use the actual existing pre-computed values.

Please see D54590 for the actual compiler-rt tests that show the actual diag output.

lebedev.ri updated this revision to Diff 174387.Nov 16 2018, 9:35 AM
lebedev.ri marked 2 inline comments as done.

Reword the comments as suggested.

hfinkel added inline comments.Nov 16 2018, 10:26 AM
include/llvm/IR/IRBuilder.h
2132 ↗(On Diff #174368)

Having an interface where you're required to pass a, b, and (a-b), seems a bit gratuitous. If we change what the alignment assumption means, or add new parameters, you'll need to update the ubsan interface anyway (because you'll have more things to display to the user).

lebedev.ri added inline comments.Nov 16 2018, 10:35 AM
include/llvm/IR/IRBuilder.h
2132 ↗(On Diff #174368)
  • If i only pass a, then i will not be able to display the actual alignment (or it will lie when the offset is non-zero, but it won't even be able to detect that since b wasn't passed).
  • If i pass a and b, then two implementations (computing (a-b)) will need to be kept in sync. Without breaking legacy support once/if something changes, not that it is likely to change.
  • The only alternative i see is to play it dumb and not display any pointer at all (and do not display the actual alignment).

I agree that it isn't The Best Interface Ever, but from what i see,
it's the one providing the most info without duplication.

Do you have any more concrete suggestions?

hfinkel added inline comments.Nov 16 2018, 11:35 AM
include/llvm/IR/IRBuilder.h
2132 ↗(On Diff #174368)

You should pass a and b. Yes, you'll need to recompute (a-b). But you need to keep these in sync anyway.

My point is: If we change something (e.g., add some additional parameter somehow), such that p != a-b, you'll need to change the interface anyway (i.e., you'll need to add a _foo_v2 ubsan function, or similar), so that you can continue to display accurate and useful information to the user.

lebedev.ri updated this revision to Diff 174450.Nov 16 2018, 2:30 PM

Address review notes: don't store the actual pointer, just the icmp.

lebedev.ri marked 5 inline comments as done.Nov 16 2018, 2:31 PM
lebedev.ri added a comment.Nov 26 2018, 12:22 AM

ping

hfinkel accepted this revision.Nov 26 2018, 7:22 PM

LGTM

This revision is now accepted and ready to land.Nov 26 2018, 7:22 PM
lebedev.ri added a comment.Nov 26 2018, 9:59 PM
In D54588#1309037, @hfinkel wrote:

LGTM

Thank you for the review!

lebedev.ri updated this revision to Diff 179271.Dec 21 2018, 5:19 AM

Rebased, NFC.

lebedev.ri updated this revision to Diff 181607.Jan 14 2019, 11:07 AM

Rebased before commit, NFC.

Closed by commit rL351104: [llvm][IRBuilder] Introspection for CreateAlignmentAssumption*() functions (authored by lebedevri). · Explain WhyJan 14 2019, 11:13 AM
This revision was automatically updated to reflect the committed changes.
Diffusion mentioned this in rL351105: [clang][UBSan] Sanitization for alignment assumptions..
Diffusion mentioned this in rC351105: [clang][UBSan] Sanitization for alignment assumptions..
Diffusion mentioned this in rC351177: [clang][UBSan] Sanitization for alignment assumptions..Jan 15 2019, 1:48 AM
Diffusion mentioned this in rL351177: [clang][UBSan] Sanitization for alignment assumptions..

Revision Contents

PathSize
llvm/
trunk/
include/
llvm/
IR/
26 lines

Diff 181612

llvm/trunk/include/llvm/IR/IRBuilder.h

Show First 20 LinesShow All 2,120 Lines▼ Show 20 Lines if (ExtractedTy != IntTy) {
V = CreateTrunc(V, ExtractedTy, Name + ".trunc"); V = CreateTrunc(V, ExtractedTy, Name + ".trunc");
} }
return V; return V;
} }
private: private:
/// Helper function that creates an assume intrinsic call that /// Helper function that creates an assume intrinsic call that
/// represents an alignment assumption on the provided Ptr, Mask, Type /// represents an alignment assumption on the provided Ptr, Mask, Type
/// and Offset. /// and Offset. It may be sometimes useful to do some other logic
/// based on this alignment check, thus it can be stored into 'TheCheck'.
CallInst *CreateAlignmentAssumptionHelper(const DataLayout &DL, CallInst *CreateAlignmentAssumptionHelper(const DataLayout &DL,
Value *PtrValue, Value *Mask, Value *PtrValue, Value *Mask,
Type *IntPtrTy, Type *IntPtrTy, Value *OffsetValue,
Value *OffsetValue) { Value **TheCheck) {
Value *PtrIntValue = CreatePtrToInt(PtrValue, IntPtrTy, "ptrint"); Value *PtrIntValue = CreatePtrToInt(PtrValue, IntPtrTy, "ptrint");
if (OffsetValue) { if (OffsetValue) {
bool IsOffsetZero = false; bool IsOffsetZero = false;
if (const auto *CI = dyn_cast<ConstantInt>(OffsetValue)) if (const auto *CI = dyn_cast<ConstantInt>(OffsetValue))
IsOffsetZero = CI->isZero(); IsOffsetZero = CI->isZero();
if (!IsOffsetZero) { if (!IsOffsetZero) {
if (OffsetValue->getType() != IntPtrTy) if (OffsetValue->getType() != IntPtrTy)
OffsetValue = CreateIntCast(OffsetValue, IntPtrTy, /*isSigned*/ true, OffsetValue = CreateIntCast(OffsetValue, IntPtrTy, /*isSigned*/ true,
"offsetcast"); "offsetcast");
PtrIntValue = CreateSub(PtrIntValue, OffsetValue, "offsetptr"); PtrIntValue = CreateSub(PtrIntValue, OffsetValue, "offsetptr");
} }
} }
Value *Zero = ConstantInt::get(IntPtrTy, 0); Value *Zero = ConstantInt::get(IntPtrTy, 0);
Value *MaskedPtr = CreateAnd(PtrIntValue, Mask, "maskedptr"); Value *MaskedPtr = CreateAnd(PtrIntValue, Mask, "maskedptr");
Value *InvCond = CreateICmpEQ(MaskedPtr, Zero, "maskcond"); Value *InvCond = CreateICmpEQ(MaskedPtr, Zero, "maskcond");
if (TheCheck)
*TheCheck = InvCond;
return CreateAssumption(InvCond); return CreateAssumption(InvCond);
} }
public: public:
/// Create an assume intrinsic call that represents an alignment /// Create an assume intrinsic call that represents an alignment
/// assumption on the provided pointer. /// assumption on the provided pointer.
/// ///
/// An optional offset can be provided, and if it is provided, the offset /// An optional offset can be provided, and if it is provided, the offset
/// must be subtracted from the provided pointer to get the pointer with the /// must be subtracted from the provided pointer to get the pointer with the
/// specified alignment. /// specified alignment.
///
/// It may be sometimes useful to do some other logic
/// based on this alignment check, thus it can be stored into 'TheCheck'.
CallInst *CreateAlignmentAssumption(const DataLayout &DL, Value *PtrValue, CallInst *CreateAlignmentAssumption(const DataLayout &DL, Value *PtrValue,
unsigned Alignment, unsigned Alignment,
Value *OffsetValue = nullptr) { Value *OffsetValue = nullptr,
Value **TheCheck = nullptr) {
assert(isa<PointerType>(PtrValue->getType()) && assert(isa<PointerType>(PtrValue->getType()) &&
"trying to create an alignment assumption on a non-pointer?"); "trying to create an alignment assumption on a non-pointer?");
auto *PtrTy = cast<PointerType>(PtrValue->getType()); auto *PtrTy = cast<PointerType>(PtrValue->getType());
Type *IntPtrTy = getIntPtrTy(DL, PtrTy->getAddressSpace()); Type *IntPtrTy = getIntPtrTy(DL, PtrTy->getAddressSpace());
Value *Mask = ConstantInt::get(IntPtrTy, Alignment > 0 ? Alignment - 1 : 0); Value *Mask = ConstantInt::get(IntPtrTy, Alignment > 0 ? Alignment - 1 : 0);
return CreateAlignmentAssumptionHelper(DL, PtrValue, Mask, IntPtrTy, return CreateAlignmentAssumptionHelper(DL, PtrValue, Mask, IntPtrTy,
OffsetValue); OffsetValue, TheCheck);
} }
/// Create an assume intrinsic call that represents an alignment /// Create an assume intrinsic call that represents an alignment
/// assumption on the provided pointer. /// assumption on the provided pointer.
/// ///
/// An optional offset can be provided, and if it is provided, the offset /// An optional offset can be provided, and if it is provided, the offset
/// must be subtracted from the provided pointer to get the pointer with the /// must be subtracted from the provided pointer to get the pointer with the
/// specified alignment. /// specified alignment.
/// ///
/// It may be sometimes useful to do some other logic
/// based on this alignment check, thus it can be stored into 'TheCheck'.
///
/// This overload handles the condition where the Alignment is dependent /// This overload handles the condition where the Alignment is dependent
/// on an existing value rather than a static value. /// on an existing value rather than a static value.
CallInst *CreateAlignmentAssumption(const DataLayout &DL, Value *PtrValue, CallInst *CreateAlignmentAssumption(const DataLayout &DL, Value *PtrValue,
Value *Alignment, Value *Alignment,
Value *OffsetValue = nullptr) { Value *OffsetValue = nullptr,
Value **TheCheck = nullptr) {
assert(isa<PointerType>(PtrValue->getType()) && assert(isa<PointerType>(PtrValue->getType()) &&
"trying to create an alignment assumption on a non-pointer?"); "trying to create an alignment assumption on a non-pointer?");
auto *PtrTy = cast<PointerType>(PtrValue->getType()); auto *PtrTy = cast<PointerType>(PtrValue->getType());
Type *IntPtrTy = getIntPtrTy(DL, PtrTy->getAddressSpace()); Type *IntPtrTy = getIntPtrTy(DL, PtrTy->getAddressSpace());
if (Alignment->getType() != IntPtrTy) if (Alignment->getType() != IntPtrTy)
Alignment = CreateIntCast(Alignment, IntPtrTy, /*isSigned*/ true, Alignment = CreateIntCast(Alignment, IntPtrTy, /*isSigned*/ true,
"alignmentcast"); "alignmentcast");
Value *IsPositive = Value *IsPositive =
CreateICmp(CmpInst::ICMP_SGT, Alignment, CreateICmp(CmpInst::ICMP_SGT, Alignment,
ConstantInt::get(Alignment->getType(), 0), "ispositive"); ConstantInt::get(Alignment->getType(), 0), "ispositive");
Value *PositiveMask = Value *PositiveMask =
CreateSub(Alignment, ConstantInt::get(IntPtrTy, 1), "positivemask"); CreateSub(Alignment, ConstantInt::get(IntPtrTy, 1), "positivemask");
Value *Mask = CreateSelect(IsPositive, PositiveMask, Value *Mask = CreateSelect(IsPositive, PositiveMask,
ConstantInt::get(IntPtrTy, 0), "mask"); ConstantInt::get(IntPtrTy, 0), "mask");
return CreateAlignmentAssumptionHelper(DL, PtrValue, Mask, IntPtrTy, return CreateAlignmentAssumptionHelper(DL, PtrValue, Mask, IntPtrTy,
OffsetValue); OffsetValue, TheCheck);
} }
}; };
// Create wrappers for C Binding types (see CBindingWrapping.h). // Create wrappers for C Binding types (see CBindingWrapping.h).
DEFINE_SIMPLE_CONVERSION_FUNCTIONS(IRBuilder<>, LLVMBuilderRef) DEFINE_SIMPLE_CONVERSION_FUNCTIONS(IRBuilder<>, LLVMBuilderRef)
} // end namespace llvm } // end namespace llvm
#endif // LLVM_IR_IRBUILDER_H #endif // LLVM_IR_IRBUILDER_H