This is an archive of the discontinued LLVM Phabricator instance.

Differential D67717

[DebugInfo] Exclude memory location values as parameter entry values
ClosedPublic

Authored by NikolaPrica on Sep 18 2019, 9:36 AM.

Details

Reviewers
aprantl
vsk
dstenb
Commits
rGeb4c98ca3d25: [DebugInfo] Exclude memory location values as parameter entry values
rL373089: [DebugInfo] Exclude memory location values as parameter entry values
Summary

Abandon describing of loaded values due to safety concerns. Loaded values are described as derefed memory location at caller point. At callee we can unintentionally change that memory location which would lead to different entry being printed value before and after the memory location clobbering. This problem is described in llvm.org/PR43343.

Diff Detail

Repository
rL LLVM

Event Timeline

NikolaPrica created this revision.Sep 18 2019, 9:36 AM
vsk added a subscriber: friss.Sep 18 2019, 11:11 AM
vsk added inline comments.
lib/CodeGen/AsmPrinter/DwarfExpression.cpp
418 ↗(On Diff #220673)

I think this makes sense as an interim solution, but I'm concerned that this will be too restrictive in the long run. For example, I think this rules out accessing spilled values when stopped in the callee. What does gcc do?

What I had in mind was an escape analysis for the MachineMemOperand. As I understand it, the mem operand can either be backed by an llvm::Value or a PseudoSourceValue. Perhaps the analysis could visit the uses of these values to check for stores of pointers which may-alias it, or calls. I know the analysis isn't sound, because the callee can technically reconstruct+clobber the pointer bit-by-bit in a way that's invisible to the analysis. However, that strikes me as something only an attacker would do, so perhaps it's not a concern. Wdyt? (Paging @aprantl @djtodoro @friss as well.)

test/DebugInfo/MIR/X86/dbgcall-site-interpretation.mir
26 ↗(On Diff #220673)

The CHECK-NEXT implies the previous CHECK-NOT, I believe? The comment is still helpful.

vsk added subscribers: dblaikie, jmorse.Sep 18 2019, 1:53 PM
vsk added inline comments.
lib/CodeGen/AsmPrinter/DwarfExpression.cpp
418 ↗(On Diff #220673)

A data point about this: in Darwin's xnu kernel (built for x86_64 with debug entry values enabled), only 9% of DW_AT_call_value's contain DW_OP_deref. Of those, 100% are of the form "DW_OP_fbreg <offset>, DW_OP_deref", i.e. it's all spill recovery.

I think we can draw two conclusions from this:

  1. This patch as-written is a "90%" solution, and thus likely represents a good engineering tradeoff.
  2. If we were to try and improve entry value support further, we probably just need to focus on values spilled in the caller.
NikolaPrica marked an inline comment as done.Sep 19 2019, 6:17 AM
NikolaPrica added inline comments.
lib/CodeGen/AsmPrinter/DwarfExpression.cpp
418 ↗(On Diff #220673)

I've just checked for gcc and with gcc for some situations there are some DW_OP_deref in DW_AT_call_value expressions. At point of one call there is mov (%rsp),%rdi instruction that loads an argument. For the example that David gave, gcc loads an argument with same instruction but it does not generate DW_TAG_GNU_call_site_parameter. Apparently there is certain analysis that needs to be done.

NikolaPrica added a reviewer: t.p.northover.Sep 19 2019, 6:59 AM
NikolaPrica removed a reviewer: t.p.northover.
vsk added a comment.Sep 19 2019, 11:36 AM

Could you update 'lldb/packages/Python/lldbsuite/test/functionalities/param_entry_vals/basic_entry_values_x86_64/main.cpp' in this patch? This should do it:

   // Test evaluation of "DW_OP_fbreg -24, DW_OP_deref" in the parent frame.
+  // Disabled for now, see: llvm.org/PR43343
+#if 0
   func3(sink, s1.field2);
+#endif
NikolaPrica updated this revision to Diff 221024.Sep 20 2019, 7:05 AM

-Update lldb test.

Herald added a project: Restricted Project. · View Herald TranscriptSep 20 2019, 7:05 AM
Herald added a subscriber: hiraditya. · View Herald Transcript
aprantl accepted this revision.Sep 20 2019, 9:37 AM
This revision is now accepted and ready to land.Sep 20 2019, 9:37 AM
vsk accepted this revision.Sep 20 2019, 12:08 PM

lgtm

djtodoro mentioned this in rL373074: [lldb] Disable testing entry values as memory location.Sep 27 2019, 5:14 AM
djtodoro mentioned this in rG06bc9d579cac: [lldb] Disable testing entry values as memory location.Sep 27 2019, 5:17 AM
djtodoro added a comment.Sep 27 2019, 5:18 AM

I will commit this for Nikola.

Closed by commit rL373089: [DebugInfo] Exclude memory location values as parameter entry values (authored by djtodoro). · Explain WhySep 27 2019, 6:51 AM
This revision was automatically updated to reflect the committed changes.

Revision Contents

PathSize
llvm/
trunk/
lib/
CodeGen/
AsmPrinter/
7 lines
12 lines
test/
DebugInfo/
MIR/
X86/
6 lines

Diff 222164

llvm/trunk/lib/CodeGen/AsmPrinter/DwarfExpression.cpp

Show First 20 LinesShow All 240 Lines▼ Show 20 Lines if (HasComplexExpression && DwarfRegs.size() > 1) {
LocationKind = Unknown; LocationKind = Unknown;
return false; return false;
} }
// Handle simple register locations. If we are supposed to emit // Handle simple register locations. If we are supposed to emit
// a call site parameter expression and if that expression is just a register // a call site parameter expression and if that expression is just a register
// location, emit it with addBReg and offset 0, because we should emit a DWARF // location, emit it with addBReg and offset 0, because we should emit a DWARF
// expression representing a value, rather than a location. // expression representing a value, rather than a location.
if (!isMemoryLocation() && !HasComplexExpression && (!isParameterValue() || if (!isMemoryLocation() && !HasComplexExpression &&
isEntryValue())) { (!isParameterValue() || isEntryValue())) {
for (auto &Reg : DwarfRegs) { for (auto &Reg : DwarfRegs) {
if (Reg.DwarfRegNo >= 0) if (Reg.DwarfRegNo >= 0)
addReg(Reg.DwarfRegNo, Reg.Comment); addReg(Reg.DwarfRegNo, Reg.Comment);
addOpPiece(Reg.Size); addOpPiece(Reg.Size);
} }
if (isEntryValue() && !isParameterValue() && DwarfVersion >= 4) if (isEntryValue() && !isParameterValue() && DwarfVersion >= 4)
emitOp(dwarf::DW_OP_stack_value); emitOp(dwarf::DW_OP_stack_value);
▲ Show 20 LinesShow All 149 Lines▼ Show 20 Lines while (ExprCursor) {
case dwarf::DW_OP_shra: case dwarf::DW_OP_shra:
case dwarf::DW_OP_lit0: case dwarf::DW_OP_lit0:
case dwarf::DW_OP_not: case dwarf::DW_OP_not:
case dwarf::DW_OP_dup: case dwarf::DW_OP_dup:
emitOp(OpNum); emitOp(OpNum);
break; break;
case dwarf::DW_OP_deref: case dwarf::DW_OP_deref:
assert(!isRegisterLocation()); assert(!isRegisterLocation());
// For more detailed explanation see llvm.org/PR43343.
assert(!isParameterValue() && "Parameter entry values should not be "
"dereferenced due to safety reasons.");
if (!isMemoryLocation() && ::isMemoryLocation(ExprCursor)) if (!isMemoryLocation() && ::isMemoryLocation(ExprCursor))
// Turning this into a memory location description makes the deref // Turning this into a memory location description makes the deref
// implicit. // implicit.
LocationKind = Memory; LocationKind = Memory;
else else
emitOp(dwarf::DW_OP_deref); emitOp(dwarf::DW_OP_deref);
break; break;
case dwarf::DW_OP_constu: case dwarf::DW_OP_constu:
▲ Show 20 LinesShow All 129 LinesShow Last 20 Lines

llvm/trunk/lib/CodeGen/TargetInstrInfo.cpp

Show First 20 LinesShow All 1,127 Lines▼ Show 20 LinesTargetInstrInfo::describeLoadedValue(const MachineInstr &MI) const {
const MachineOperand *SrcRegOp, *DestRegOp; const MachineOperand *SrcRegOp, *DestRegOp;
if (isCopyInstr(MI, SrcRegOp, DestRegOp)) { if (isCopyInstr(MI, SrcRegOp, DestRegOp)) {
Op = SrcRegOp; Op = SrcRegOp;
return ParamLoadedValue(*Op, Expr); return ParamLoadedValue(*Op, Expr);
} else if (MI.isMoveImmediate()) { } else if (MI.isMoveImmediate()) {
Op = &MI.getOperand(1); Op = &MI.getOperand(1);
return ParamLoadedValue(*Op, Expr); return ParamLoadedValue(*Op, Expr);
} else if (MI.hasOneMemOperand()) {
int64_t Offset;
const auto &TRI = MF->getSubtarget().getRegisterInfo();
const auto &TII = MF->getSubtarget().getInstrInfo();
const MachineOperand *BaseOp;
if (!TII->getMemOperandWithOffset(MI, BaseOp, Offset, TRI))
return None;
Expr = DIExpression::prepend(Expr, DIExpression::DerefAfter, Offset);
Op = BaseOp;
return ParamLoadedValue(*Op, Expr);
} }
return None; return None;
} }
/// Both DefMI and UseMI must be valid. By default, call directly to the /// Both DefMI and UseMI must be valid. By default, call directly to the
/// itinerary. This may be overriden by the target. /// itinerary. This may be overriden by the target.
int TargetInstrInfo::getOperandLatency(const InstrItineraryData *ItinData, int TargetInstrInfo::getOperandLatency(const InstrItineraryData *ItinData,
▲ Show 20 LinesShow All 106 LinesShow Last 20 Lines

llvm/trunk/test/DebugInfo/MIR/X86/dbgcall-site-interpretation.mir

Show All 15 Lines
# CHECK-NEXT: DW_AT_location (DW_OP_reg5 RDI) # CHECK-NEXT: DW_AT_location (DW_OP_reg5 RDI)
# CHECK-NEXT: DW_AT_GNU_call_site_value (DW_OP_GNU_entry_value(DW_OP_reg4 RSI)) # CHECK-NEXT: DW_AT_GNU_call_site_value (DW_OP_GNU_entry_value(DW_OP_reg4 RSI))
# CHECK-EMPTY: # CHECK-EMPTY:
# CHECK: DW_TAG_GNU_call_site # CHECK: DW_TAG_GNU_call_site
# CHECK-NEXT: DW_AT_abstract_origin {{.*}}"foo" # CHECK-NEXT: DW_AT_abstract_origin {{.*}}"foo"
# CHECK-NEXT: DW_AT_low_pc # CHECK-NEXT: DW_AT_low_pc
# CHECK-EMPTY: # CHECK-EMPTY:
# CHECK-NEXT: DW_TAG_GNU_call_site_parameter # CHECK-NEXT: DW_TAG_GNU_call_site_parameter
# CHECK-NEXT: DW_AT_location (DW_OP_reg2 RCX) # RCX loads memory location. We can't rely that memory location won't be changed.
# CHECK-NEXT: DW_AT_GNU_call_site_value (DW_OP_fbreg +8, DW_OP_deref) # CHECK-NOT: DW_AT_location (DW_OP_reg2 RCX)
# CHECK-EMPTY:
# CHECK-NEXT: DW_TAG_GNU_call_site_parameter
# CHECK-NEXT: DW_AT_location (DW_OP_reg4 RSI) # CHECK-NEXT: DW_AT_location (DW_OP_reg4 RSI)
# CHECK-NEXT: DW_AT_GNU_call_site_value (DW_OP_lit4) # CHECK-NEXT: DW_AT_GNU_call_site_value (DW_OP_lit4)
# CHECK-EMPTY: # CHECK-EMPTY:
# CHECK-NOT: DW_TAG_GNU_call_site_parameter # CHECK-NOT: DW_TAG_GNU_call_site_parameter
# #
# Check that call site interpretation analysis can interpret instructions such # Check that call site interpretation analysis can interpret instructions such
# as move immediate, register to register moves, stack loading and LEA # as move immediate, register to register moves, stack loading and LEA
# instructions. Last negative check should verify that we are not producing # instructions. Last negative check should verify that we are not producing
▲ Show 20 LinesShow All 167 LinesShow Last 20 Lines