Commit Graph

43 Commits

Author SHA1 Message Date
George Burgess IV b270fd59f0 Revert "[clang] Change builtin object size when subobject is invalid"
This reverts commit 275f30df8a.

As noted on the code review (https://reviews.llvm.org/D92892), this
change causes us to reject valid code in a few cases. Reverting so we
have more time to figure out what the right fix{es are, is} here.
2021-01-20 11:03:34 -08:00
Jeffrey T Mott 275f30df8a [clang] Change builtin object size when subobject is invalid
Motivating example:

```
  struct { int v[10]; } t[10];

  __builtin_object_size(
      &t[0].v[11], // access past end of subobject
      1            // request remaining bytes of closest surrounding
                   // subobject
  );
```

In GCC, this returns 0. https://godbolt.org/z/7TeGs7

In current clang, however, this returns 356, the number of bytes
remaining in the whole variable, as if the `type` was 0 instead of 1.
https://godbolt.org/z/6Kffox

This patch checks for the specific case where we're requesting a
subobject's size (type 1) but the subobject is invalid.

Differential Revision: https://reviews.llvm.org/D92892
2021-01-07 12:34:07 -08:00
Fangrui Song 6b3351792c [test] Add {{.*}} to make tests immune to dso_local/dso_preemptable/(none) differences
For a definition (of most linkage types), dso_local is set for ELF -fno-pic/-fpie
and COFF, but not for Mach-O.  This nuance causes unneeded binary format differences.

This patch replaces (function) `define ` with `define{{.*}} `,
(variable/constant/alias) `= ` with `={{.*}} `, or inserts appropriate `{{.*}} `
if there is an explicit linkage.

* Clang will set dso_local for Mach-O, which is currently implied by TargetMachine.cpp. This will make COFF/Mach-O and executable ELF similar.
* Eventually I hope we can make dso_local the textual LLVM IR default (write explicit "dso_preemptable" when applicable) and -fpic ELF will be similar to everything else. This patch helps move toward that goal.
2020-12-30 20:52:01 -08:00
James Y Knight f5f1b0e59e [opaque pointer types] Cleanup CGBuilder's Create*GEP.
Some of these functions take some extraneous arguments, e.g. EltSize,
Offset, which are computable from the Type and DataLayout.

Add some asserts to ensure that the computed values are consistent
with the passed-in values, in preparation for eliminating the
extraneous arguments. This also asserts that the Type is an Array for
the calls named "Array" and a Struct for the calls named "Struct".

Then, correct a couple of errors:

1. Using CreateStructGEP on an array type. (this causes the majority
   of the test differences, as struct GEPs are created with i32
   indices, while array GEPs are created with i64 indices)

2. Passing the wrong Offset to CreateStructGEP in TargetInfo.cpp on
   x86-64 NACL (which uses 32-bit pointers).

Differential Revision: https://reviews.llvm.org/D57766

llvm-svn: 353529
2019-02-08 15:34:12 +00:00
Erik Pilkington 9c3b588db9 Add a new builtin: __builtin_dynamic_object_size
This builtin has the same UI as __builtin_object_size, but has the
potential to be evaluated dynamically. It is meant to be used as a
drop-in replacement for libraries that use __builtin_object_size when
a dynamic checking mode is enabled. For instance,
__builtin_object_size fails to provide any extra checking in the
following function:

  void f(size_t alloc) {
    char* p = malloc(alloc);
    strcpy(p, "foobar"); // expands to __builtin___strcpy_chk(p, "foobar", __builtin_object_size(p, 0))
  }

This is an overflow if alloc < 7, but because LLVM can't fold the
object size intrinsic statically, it folds __builtin_object_size to
-1. With __builtin_dynamic_object_size, alloc is passed through to
__builtin___strcpy_chk.

rdar://32212419

Differential revision: https://reviews.llvm.org/D56760

llvm-svn: 352665
2019-01-30 20:34:53 +00:00
Erik Pilkington 600e9deacf Add a 'dynamic' parameter to the objectsize intrinsic
This is meant to be used with clang's __builtin_dynamic_object_size.
When 'true' is passed to this parameter, the intrinsic has the
potential to be folded into instructions that will be evaluated
at run time. When 'false', the objectsize intrinsic behaviour is
unchanged.

rdar://32212419

Differential revision: https://reviews.llvm.org/D56761

llvm-svn: 352664
2019-01-30 20:34:35 +00:00
George Burgess IV a63f91574f Let llvm.objectsize be conservative with null pointers
D28494 adds another parameter to @llvm.objectsize. Clang needs to be
sure to pass that third arg whenever applicable.

llvm-svn: 298431
2017-03-21 20:09:35 +00:00
George Burgess IV f9013bf8f0 Don't let EvaluationModes dictate whether an invalid base is OK
What we want to actually control this behavior is something more local
than an EvalutationMode. Please see the linked revision for more
discussion on why/etc.

This fixes PR31843.

Differential Revision: https://reviews.llvm.org/D29469

llvm-svn: 294800
2017-02-10 22:52:29 +00:00
George Burgess IV 7fb7e361bf Re-add objectsize function/incomplete type checks.
I accidentally omitted these when refactoring this code. This caused
problems when building parts of the test-suite on MacOS.

llvm-svn: 290916
2017-01-03 23:35:19 +00:00
George Burgess IV f8f6324983 [Sema] Fix PR30346: relax __builtin_object_size checks.
This patch makes us act more conservatively when trying to determine
the objectsize for an array at the end of an object. This is in
response to code like the following:

```
struct sockaddr {
  /* snip */
  char sa_data[14];
};

void foo(const char *s) {
  size_t slen = strlen(s) + 1;
  size_t added_len = slen <= 14 ? 0 : slen - 14;
  struct sockaddr *sa = malloc(sizeof(struct sockaddr) + added_len);
  strcpy(sa->sa_data, s);
  // ...
}
```

`__builtin_object_size(sa->sa_data, 1)` would return 14, when there
could be more than 14 bytes at `sa->sa_data`.

Code like this is apparently not uncommon. FreeBSD's manual even
explicitly mentions this pattern:
https://www.freebsd.org/doc/en/books/developers-handbook/sockets-essential-functions.html
(section 7.5.1.1.2).

In light of this, we now just give up on any array at the end of an
object if we can't find the object's initial allocation.

I lack numbers for how much more conservative we actually become as a
result of this change, so I chose the fix that would make us as
compatible with GCC as possible. If we want to be more aggressive, I'm
happy to consider some kind of whitelist or something instead.

llvm-svn: 281277
2016-09-12 23:50:35 +00:00
Bob Wilson e7e7c98f0b Fix typo in test/CodeGen/object-size.c CHECK line.
llvm-svn: 261762
2016-02-24 18:38:35 +00:00
George Burgess IV a51c4077c5 Make __builtin_object_size more conservative
r246877 made __builtin_object_size substantially more aggressive with
unknown bases if Type=1 or Type=3, which causes issues when we encounter
code like this:

struct Foo {
  int a;
  char str[1];
};

const char str[] = "Hello, World!";
struct Foo *f = (struct Foo *)malloc(sizeof(*f) + strlen(str));
strcpy(&f->str, str);

__builtin_object_size(&f->str, 1) would hand back 1, which is
technically correct given the type of Foo, but the type of Foo lies to
us about how many bytes are available in this case.

This patch adds support for this "writing off the end" idiom -- we now
answer conservatively when we're given the address of the very last
member in a struct.

Differential Revision: http://reviews.llvm.org/D12169

llvm-svn: 250488
2015-10-16 01:49:01 +00:00
John McCall 7f416cc426 Compute and preserve alignment more faithfully in IR-generation.
Introduce an Address type to bundle a pointer value with an
alignment.  Introduce APIs on CGBuilderTy to work with Address
values.  Change core APIs on CGF/CGM to traffic in Address where
appropriate.  Require alignments to be non-zero.  Update a ton
of code to compute and propagate alignment information.

As part of this, I've promoted CGBuiltin's EmitPointerWithAlignment
helper function to CGF and made use of it in a number of places in
the expression emitter.

The end result is that we should now be significantly more correct
when performing operations on objects that are locally known to
be under-aligned.  Since alignment is not reliably tracked in the
type system, there are inherent limits to this, but at least we
are no longer confused by standard operations like derived-to-base
conversions and array-to-pointer decay.  I've also fixed a large
number of bugs where we were applying the complete-object alignment
to a pointer instead of the non-virtual alignment, although most of
these were hidden by the very conservative approach we took with
member alignment.

Also, because IRGen now reliably asserts on zero alignments, we
should no longer be subject to an absurd but frustrating recurring
bug where an incomplete type would report a zero alignment and then
we'd naively do a alignmentAtOffset on it and emit code using an
alignment equal to the largest power-of-two factor of the offset.

We should also now be emitting much more aggressive alignment
attributes in the presence of over-alignment.  In particular,
field access now uses alignmentAtOffset instead of min.

Several times in this patch, I had to change the existing
code-generation pattern in order to more effectively use
the Address APIs.  For the most part, this seems to be a strict
improvement, like doing pointer arithmetic with GEPs instead of
ptrtoint.  That said, I've tried very hard to not change semantics,
but it is likely that I've failed in a few places, for which I
apologize.

ABIArgInfo now always carries the assumed alignment of indirect and
indirect byval arguments.  In order to cut down on what was already
a dauntingly large patch, I changed the code to never set align
attributes in the IR on non-byval indirect arguments.  That is,
we still generate code which assumes that indirect arguments have
the given alignment, but we don't express this information to the
backend except where it's semantically required (i.e. on byvals).
This is likely a minor regression for those targets that did provide
this information, but it'll be trivial to add it back in a later
patch.

I partially punted on applying this work to CGBuiltin.  Please
do not add more uses of the CreateDefaultAligned{Load,Store}
APIs; they will be going away eventually.

llvm-svn: 246985
2015-09-08 08:05:57 +00:00
George Burgess IV 3a03fabdd0 Increase accuracy of __builtin_object_size.
Improvements:

- For all types, we would give up in a case such as:
    __builtin_object_size((char*)&foo, N);
  even if we could provide an answer to
    __builtin_object_size(&foo, N);
  We now provide the same answer for both of the above examples in all
  cases.

- For type=1|3, we now support subobjects with unknown bases, as long
  as the designator is valid.

Thanks to Richard Smith for the review + design planning.

Review: http://reviews.llvm.org/D12169
llvm-svn: 246877
2015-09-04 21:28:13 +00:00
Hans Wennborg 2151d12ec0 Fix CHECK directives that weren't checking.
llvm-svn: 246492
2015-08-31 21:48:52 +00:00
George Burgess IV bdb5b2687a Make __builtin_object_size always answer correctly
__builtin_object_size would return incorrect answers for many uses where
type=3. This fixes the inaccuracy by making us emit 0 instead of LLVM's
objectsize intrinsic.

Additionally, there are many cases where we would emit suboptimal (but
correct) answers, such as when arrays are involved. This patch fixes
some of these cases (please see new tests in test/CodeGen/object-size.c
for specifics on which cases are improved)

Resubmit of r245323 with PR24493 fixed.
Patch mostly by Richard Smith.
Differential Revision: http://reviews.llvm.org/D12000
This fixes PR15212.

llvm-svn: 245403
2015-08-19 02:19:07 +00:00
Nico Weber 19999b4816 Revert r245323, it caused PR24493.
llvm-svn: 245342
2015-08-18 20:32:55 +00:00
George Burgess IV 232c76213d Make __builtin_object_size always answer correctly
__builtin_object_size would return incorrect answers for many uses where
type=3. This fixes the inaccuracy by making us emit 0 instead of LLVM's
objectsize intrinsic.

Additionally, there are many cases where we would emit suboptimal (but
correct) answers, such as when arrays are involved. This patch fixes
some of these cases (please see new tests in test/CodeGen/object-size.c
for specifics on which cases are improved)

Patch mostly by Richard Smith.
Differential Revision: http://reviews.llvm.org/D12000
This fixes PR15212.

llvm-svn: 245323
2015-08-18 18:18:27 +00:00
David Blaikie bdf40a62a7 Test case updates for explicit type parameter to the gep operator
llvm-svn: 232187
2015-03-13 18:21:46 +00:00
David Blaikie a953f2825b Update Clang tests to handle explicitly typed load changes in LLVM.
llvm-svn: 230795
2015-02-27 21:19:58 +00:00
Matt Arsenault 2f15263807 Fix objectsize tests after r192117
llvm-svn: 192120
2013-10-07 19:00:18 +00:00
Stephen Lin 4362261b00 CHECK-LABEL-ify some code gen tests to improve diagnostic experience when tests fail.
llvm-svn: 188447
2013-08-15 06:47:53 +00:00
Nuno Lopes e61e9dbf73 add support for conditional expressions in Expr::HasSideEffects()
This fixes a bug in __builtin_object_size() codegen

llvm-svn: 160191
2012-07-13 20:48:52 +00:00
Richard Smith 01ade177e9 If the first argument of __builtin_object_size can be folded to a constant
pointer, but such folding encounters side-effects, ignore the side-effects
rather than performing them at runtime: CodeGen generates wrong code for
__builtin_object_size in that case.

llvm-svn: 157310
2012-05-23 04:13:20 +00:00
Nuno Lopes 2b1ff46ed1 revert the usage of the objectsize intrinsic with 3 parameters (to match LLVM r157255)
llvm-svn: 157256
2012-05-22 15:26:48 +00:00
Nuno Lopes ddcce0bb90 update calls to objectsize intrinsic to match LLVM r156473
add a test for -fbounds-checking code generation

llvm-svn: 156474
2012-05-09 15:53:34 +00:00
Richard Smith 027bf11eb3 Constant expression evaluation: add support for evaluation of member pointers
and base-to-derived casts, and add proper handling of temporaries.

llvm-svn: 144926
2011-11-17 22:56:20 +00:00
Daniel Dunbar c85ea8e175 IRgen: Assignment to Objective-C properties shouldn't reload the value (which
would trigger an extra method call).
 - While in the area, I also changed Clang to not emit an unnecessary load from
   'x' in cases like 'y = (x = 1)'.

llvm-svn: 107210
2010-06-29 22:00:45 +00:00
Mike Stump 92d487712e Fix for Release-Asserts.
llvm-svn: 93340
2010-01-13 19:40:37 +00:00
Benjamin Kramer 0128f668a9 __builtin_object_size(ptr, type) returns -1 for type = {0,1} if there are any side-effects.
llvm-svn: 92453
2010-01-03 18:18:37 +00:00
Eric Christopher c87915629b Update for the intrinsic changes in llvm: the object size intrinsic
only takes a boolean second argument now. Update tests accordingly.
Currently the builtin still accepts the full range for compatibility.

llvm-svn: 91983
2009-12-23 03:49:37 +00:00
Daniel Dunbar 8fbe78f6fc Update tests to use %clang_cc1 instead of 'clang-cc' or 'clang -cc1'.
- This is designed to make it obvious that %clang_cc1 is a "test variable"
   which is substituted. It is '%clang_cc1' instead of '%clang -cc1' because it
   can be useful to redefine what gets run as 'clang -cc1' (for example, to set
   a default target).

llvm-svn: 91446
2009-12-15 20:14:24 +00:00
Mike Stump b2a568d9e5 Switch over to checking .ll files instead of .s files.
llvm-svn: 90786
2009-12-07 19:22:29 +00:00
Jakob Stoklund Olesen 4359796e52 Fix tests after enabling -split-phi-edges.
object-size.c aws simply too fragile.

constructor-default-arg.cpp triggers an issue when LiveVariables is run before RALocal.

llvm-svn: 89025
2009-11-17 01:47:01 +00:00
Mike Stump 68ec7ee0e8 Enable the use of the new llvm objectsize intrinsic.
llvm-svn: 86607
2009-11-09 22:40:09 +00:00
Benjamin Kramer 170a56f135 Add missing colons for FileCheck.
llvm-svn: 85683
2009-10-31 20:42:26 +00:00
Mike Stump f3eb5ec2c0 Fix one more bug with __builtin_object_size.
llvm-svn: 85538
2009-10-29 23:34:20 +00:00
Mike Stump dc28a8b997 Add yet more testcases.
llvm-svn: 85535
2009-10-29 23:29:54 +00:00
Mike Stump eb5c92b399 Add some more testcases.
llvm-svn: 85534
2009-10-29 23:22:14 +00:00
Benjamin Kramer 59b7cf6a6d Make test independent of darwin system headers.
llvm-svn: 85232
2009-10-27 12:19:13 +00:00
Mike Stump 5183a14bfb __builtin_object_size refinements. Also handle stack based objects. WIP.
llvm-svn: 85174
2009-10-26 23:05:19 +00:00
Mike Stump 10bd7e1c5b __builtin_object_size refinements. When we run out of object, be sure
to clamp at 0 bytes left.  WIP.

llvm-svn: 85157
2009-10-26 21:38:39 +00:00
Mike Stump 722cedfb0d __builtin_object_size refinements. WIP.
llvm-svn: 85136
2009-10-26 18:35:08 +00:00