14493fe1cSVitaly Buka //===- StackSafetyAnalysis.cpp - Stack memory safety analysis -------------===//
24493fe1cSVitaly Buka //
32946cd70SChandler Carruth // Part of the LLVM Project, under the Apache License v2.0 with LLVM Exceptions.
42946cd70SChandler Carruth // See https://llvm.org/LICENSE.txt for license information.
52946cd70SChandler Carruth // SPDX-License-Identifier: Apache-2.0 WITH LLVM-exception
64493fe1cSVitaly Buka //
74493fe1cSVitaly Buka //===----------------------------------------------------------------------===//
84493fe1cSVitaly Buka //
94493fe1cSVitaly Buka //===----------------------------------------------------------------------===//
104493fe1cSVitaly Buka
114493fe1cSVitaly Buka #include "llvm/Analysis/StackSafetyAnalysis.h"
124320d4aaSVitaly Buka #include "llvm/ADT/APInt.h"
13232d348cSVitaly Buka #include "llvm/ADT/SmallPtrSet.h"
148f592ed3SVitaly Buka #include "llvm/ADT/SmallVector.h"
15291dabefSVitaly Buka #include "llvm/ADT/Statistic.h"
165b1c70a4SVitaly Buka #include "llvm/Analysis/ModuleSummaryAnalysis.h"
176c06d8e3SFlorian Mayer #include "llvm/Analysis/ScalarEvolution.h"
188f592ed3SVitaly Buka #include "llvm/Analysis/StackLifetime.h"
194320d4aaSVitaly Buka #include "llvm/IR/ConstantRange.h"
204320d4aaSVitaly Buka #include "llvm/IR/DerivedTypes.h"
214320d4aaSVitaly Buka #include "llvm/IR/GlobalValue.h"
22fa98c074SVitaly Buka #include "llvm/IR/InstIterator.h"
236c06d8e3SFlorian Mayer #include "llvm/IR/Instruction.h"
244320d4aaSVitaly Buka #include "llvm/IR/Instructions.h"
25fa98c074SVitaly Buka #include "llvm/IR/IntrinsicInst.h"
26fc4fd898SVitaly Buka #include "llvm/IR/ModuleSummaryIndex.h"
2705da2fe5SReid Kleckner #include "llvm/InitializePasses.h"
289abb0e8dSVitaly Buka #include "llvm/Support/Casting.h"
294c1a1d3cSReid Kleckner #include "llvm/Support/CommandLine.h"
30d3b7f90dSVitaly Buka #include "llvm/Support/FormatVariadic.h"
314493fe1cSVitaly Buka #include "llvm/Support/raw_ostream.h"
324320d4aaSVitaly Buka #include <algorithm>
33ecb66f50SVitaly Buka #include <memory>
3457335b6eSFlorian Mayer #include <tuple>
354493fe1cSVitaly Buka
364493fe1cSVitaly Buka using namespace llvm;
374493fe1cSVitaly Buka
384493fe1cSVitaly Buka #define DEBUG_TYPE "stack-safety"
394493fe1cSVitaly Buka
40291dabefSVitaly Buka STATISTIC(NumAllocaStackSafe, "Number of safe allocas");
41291dabefSVitaly Buka STATISTIC(NumAllocaTotal, "Number of total allocas");
42291dabefSVitaly Buka
4358b95c9bSVitaly Buka STATISTIC(NumCombinedCalleeLookupTotal,
4458b95c9bSVitaly Buka "Number of total callee lookups on combined index.");
4558b95c9bSVitaly Buka STATISTIC(NumCombinedCalleeLookupFailed,
4658b95c9bSVitaly Buka "Number of failed callee lookups on combined index.");
4758b95c9bSVitaly Buka STATISTIC(NumModuleCalleeLookupTotal,
4858b95c9bSVitaly Buka "Number of total callee lookups on module index.");
4958b95c9bSVitaly Buka STATISTIC(NumModuleCalleeLookupFailed,
5058b95c9bSVitaly Buka "Number of failed callee lookups on module index.");
517d499603SVitaly Buka STATISTIC(NumCombinedParamAccessesBefore,
527d499603SVitaly Buka "Number of total param accesses before generateParamAccessSummary.");
537d499603SVitaly Buka STATISTIC(NumCombinedParamAccessesAfter,
547d499603SVitaly Buka "Number of total param accesses after generateParamAccessSummary.");
558d91ce8fSVitaly Buka STATISTIC(NumCombinedDataFlowNodes,
568d91ce8fSVitaly Buka "Number of total nodes in combined index for dataflow processing.");
5747552a61SVitaly Buka STATISTIC(NumIndexCalleeUnhandled, "Number of index callee which are unhandled.");
5847552a61SVitaly Buka STATISTIC(NumIndexCalleeMultipleWeak, "Number of index callee non-unique weak.");
5947552a61SVitaly Buka STATISTIC(NumIndexCalleeMultipleExternal, "Number of index callee non-unique external.");
6047552a61SVitaly Buka
6158b95c9bSVitaly Buka
6242b05067SVitaly Buka static cl::opt<int> StackSafetyMaxIterations("stack-safety-max-iterations",
6342b05067SVitaly Buka cl::init(20), cl::Hidden);
6442b05067SVitaly Buka
65af6e0547SVitaly Buka static cl::opt<bool> StackSafetyPrint("stack-safety-print", cl::init(false),
66af6e0547SVitaly Buka cl::Hidden);
67af6e0547SVitaly Buka
68af6e0547SVitaly Buka static cl::opt<bool> StackSafetyRun("stack-safety-run", cl::init(false),
69791c78f5SVitaly Buka cl::Hidden);
70791c78f5SVitaly Buka
71fa98c074SVitaly Buka namespace {
724493fe1cSVitaly Buka
73dee812a2SVitaly Buka // Check if we should bailout for such ranges.
isUnsafe(const ConstantRange & R)74dee812a2SVitaly Buka bool isUnsafe(const ConstantRange &R) {
75dee812a2SVitaly Buka return R.isEmptySet() || R.isFullSet() || R.isUpperSignWrapped();
76dee812a2SVitaly Buka }
77dee812a2SVitaly Buka
addOverflowNever(const ConstantRange & L,const ConstantRange & R)78dee812a2SVitaly Buka ConstantRange addOverflowNever(const ConstantRange &L, const ConstantRange &R) {
79dee812a2SVitaly Buka assert(!L.isSignWrappedSet());
80dee812a2SVitaly Buka assert(!R.isSignWrappedSet());
81dee812a2SVitaly Buka if (L.signedAddMayOverflow(R) !=
82dee812a2SVitaly Buka ConstantRange::OverflowResult::NeverOverflows)
83dee812a2SVitaly Buka return ConstantRange::getFull(L.getBitWidth());
84dee812a2SVitaly Buka ConstantRange Result = L.add(R);
85dee812a2SVitaly Buka assert(!Result.isSignWrappedSet());
86dee812a2SVitaly Buka return Result;
87dee812a2SVitaly Buka }
88dee812a2SVitaly Buka
unionNoWrap(const ConstantRange & L,const ConstantRange & R)89dee812a2SVitaly Buka ConstantRange unionNoWrap(const ConstantRange &L, const ConstantRange &R) {
90dee812a2SVitaly Buka assert(!L.isSignWrappedSet());
91dee812a2SVitaly Buka assert(!R.isSignWrappedSet());
92dee812a2SVitaly Buka auto Result = L.unionWith(R);
93dee812a2SVitaly Buka // Two non-wrapped sets can produce wrapped.
94dee812a2SVitaly Buka if (Result.isSignWrappedSet())
95dee812a2SVitaly Buka Result = ConstantRange::getFull(Result.getBitWidth());
96dee812a2SVitaly Buka return Result;
97dee812a2SVitaly Buka }
98dee812a2SVitaly Buka
99fa98c074SVitaly Buka /// Describes use of address in as a function call argument.
1006e51a080SVitaly Buka template <typename CalleeTy> struct CallInfo {
101fa98c074SVitaly Buka /// Function being called.
1026e51a080SVitaly Buka const CalleeTy *Callee = nullptr;
103fa98c074SVitaly Buka /// Index of argument which pass address.
104fa98c074SVitaly Buka size_t ParamNo = 0;
105fa98c074SVitaly Buka
CallInfo__anon0b9bcdd90111::CallInfo106798eb71cSVitaly Buka CallInfo(const CalleeTy *Callee, size_t ParamNo)
107798eb71cSVitaly Buka : Callee(Callee), ParamNo(ParamNo) {}
108798eb71cSVitaly Buka
109798eb71cSVitaly Buka struct Less {
operator ()__anon0b9bcdd90111::CallInfo::Less110798eb71cSVitaly Buka bool operator()(const CallInfo &L, const CallInfo &R) const {
1114c30d4b4SVitaly Buka return std::tie(L.ParamNo, L.Callee) < std::tie(R.ParamNo, R.Callee);
112fa98c074SVitaly Buka }
113798eb71cSVitaly Buka };
114798eb71cSVitaly Buka };
115fa98c074SVitaly Buka
116fa98c074SVitaly Buka /// Describe uses of address (alloca or parameter) inside of the function.
1176e51a080SVitaly Buka template <typename CalleeTy> struct UseInfo {
118fa98c074SVitaly Buka // Access range if the address (alloca or parameters).
119fa98c074SVitaly Buka // It is allowed to be empty-set when there are no known accesses.
120fa98c074SVitaly Buka ConstantRange Range;
1216c06d8e3SFlorian Mayer std::set<const Instruction *> UnsafeAccesses;
122fa98c074SVitaly Buka
123fa98c074SVitaly Buka // List of calls which pass address as an argument.
124798eb71cSVitaly Buka // Value is offset range of address from base address (alloca or calling
125798eb71cSVitaly Buka // function argument). Range should never set to empty-set, that is an invalid
126798eb71cSVitaly Buka // access range that can cause empty-set to be propagated with
127798eb71cSVitaly Buka // ConstantRange::add
12897bfac07SVitaly Buka using CallsTy = std::map<CallInfo<CalleeTy>, ConstantRange,
12997bfac07SVitaly Buka typename CallInfo<CalleeTy>::Less>;
13097bfac07SVitaly Buka CallsTy Calls;
131fa98c074SVitaly Buka
UseInfo__anon0b9bcdd90111::UseInfo132e128f01bSVitaly Buka UseInfo(unsigned PointerSize) : Range{PointerSize, false} {}
133fa98c074SVitaly Buka
updateRange__anon0b9bcdd90111::UseInfo134dee812a2SVitaly Buka void updateRange(const ConstantRange &R) { Range = unionNoWrap(Range, R); }
addRange__anon0b9bcdd90111::UseInfo1356c06d8e3SFlorian Mayer void addRange(const Instruction *I, const ConstantRange &R, bool IsSafe) {
1366c06d8e3SFlorian Mayer if (!IsSafe)
1376c06d8e3SFlorian Mayer UnsafeAccesses.insert(I);
1386e12c733SFlorian Mayer updateRange(R);
1396e12c733SFlorian Mayer }
140fa98c074SVitaly Buka };
141fa98c074SVitaly Buka
1426e51a080SVitaly Buka template <typename CalleeTy>
operator <<(raw_ostream & OS,const UseInfo<CalleeTy> & U)1436e51a080SVitaly Buka raw_ostream &operator<<(raw_ostream &OS, const UseInfo<CalleeTy> &U) {
144fa98c074SVitaly Buka OS << U.Range;
145fa98c074SVitaly Buka for (auto &Call : U.Calls)
146798eb71cSVitaly Buka OS << ", "
147798eb71cSVitaly Buka << "@" << Call.first.Callee->getName() << "(arg" << Call.first.ParamNo
148798eb71cSVitaly Buka << ", " << Call.second << ")";
149fa98c074SVitaly Buka return OS;
150fa98c074SVitaly Buka }
151fa98c074SVitaly Buka
152a70edc2bSVitaly Buka /// Calculate the allocation size of a given alloca. Returns empty range
153a70edc2bSVitaly Buka // in case of confution.
getStaticAllocaSizeRange(const AllocaInst & AI)154a70edc2bSVitaly Buka ConstantRange getStaticAllocaSizeRange(const AllocaInst &AI) {
155a70edc2bSVitaly Buka const DataLayout &DL = AI.getModule()->getDataLayout();
156a70edc2bSVitaly Buka TypeSize TS = DL.getTypeAllocSize(AI.getAllocatedType());
15762627c72SKirill Stoimenov unsigned PointerSize = DL.getPointerTypeSizeInBits(AI.getType());
158a70edc2bSVitaly Buka // Fallback to empty range for alloca size.
159a70edc2bSVitaly Buka ConstantRange R = ConstantRange::getEmpty(PointerSize);
160a70edc2bSVitaly Buka if (TS.isScalable())
161a70edc2bSVitaly Buka return R;
162a70edc2bSVitaly Buka APInt APSize(PointerSize, TS.getFixedSize(), true);
163a70edc2bSVitaly Buka if (APSize.isNonPositive())
164a70edc2bSVitaly Buka return R;
165a70edc2bSVitaly Buka if (AI.isArrayAllocation()) {
1666eb56794SVitaly Buka const auto *C = dyn_cast<ConstantInt>(AI.getArraySize());
167a70edc2bSVitaly Buka if (!C)
168a70edc2bSVitaly Buka return R;
169a70edc2bSVitaly Buka bool Overflow = false;
170a70edc2bSVitaly Buka APInt Mul = C->getValue();
171a70edc2bSVitaly Buka if (Mul.isNonPositive())
172a70edc2bSVitaly Buka return R;
173a70edc2bSVitaly Buka Mul = Mul.sextOrTrunc(PointerSize);
174a70edc2bSVitaly Buka APSize = APSize.smul_ov(Mul, Overflow);
175a70edc2bSVitaly Buka if (Overflow)
176a70edc2bSVitaly Buka return R;
177a70edc2bSVitaly Buka }
178735f4671SChris Lattner R = ConstantRange(APInt::getZero(PointerSize), APSize);
179a70edc2bSVitaly Buka assert(!isUnsafe(R));
180a70edc2bSVitaly Buka return R;
181fa98c074SVitaly Buka }
182fa98c074SVitaly Buka
1836e51a080SVitaly Buka template <typename CalleeTy> struct FunctionInfo {
1846e51a080SVitaly Buka std::map<const AllocaInst *, UseInfo<CalleeTy>> Allocas;
1856e51a080SVitaly Buka std::map<uint32_t, UseInfo<CalleeTy>> Params;
186fa98c074SVitaly Buka // TODO: describe return value as depending on one or more of its arguments.
187fa98c074SVitaly Buka
18842b05067SVitaly Buka // StackSafetyDataFlowAnalysis counter stored here for faster access.
18942b05067SVitaly Buka int UpdateCount = 0;
19042b05067SVitaly Buka
print__anon0b9bcdd90111::FunctionInfo1919abb0e8dSVitaly Buka void print(raw_ostream &O, StringRef Name, const Function *F) const {
19242b05067SVitaly Buka // TODO: Consider different printout format after
19342b05067SVitaly Buka // StackSafetyDataFlowAnalysis. Calls and parameters are irrelevant then.
194892c71a5SVitaly Buka O << " @" << Name << ((F && F->isDSOLocal()) ? "" : " dso_preemptable")
195892c71a5SVitaly Buka << ((F && F->isInterposable()) ? " interposable" : "") << "\n";
1969abb0e8dSVitaly Buka
197fa98c074SVitaly Buka O << " args uses:\n";
198d3b7f90dSVitaly Buka for (auto &KV : Params) {
199d3b7f90dSVitaly Buka O << " ";
2009abb0e8dSVitaly Buka if (F)
201d3b7f90dSVitaly Buka O << F->getArg(KV.first)->getName();
202d3b7f90dSVitaly Buka else
203d3b7f90dSVitaly Buka O << formatv("arg{0}", KV.first);
204d3b7f90dSVitaly Buka O << "[]: " << KV.second << "\n";
2059abb0e8dSVitaly Buka }
2069abb0e8dSVitaly Buka
207fa98c074SVitaly Buka O << " allocas uses:\n";
2089abb0e8dSVitaly Buka if (F) {
209*601b3a13SKazu Hirata for (const auto &I : instructions(F)) {
210232d348cSVitaly Buka if (const AllocaInst *AI = dyn_cast<AllocaInst>(&I)) {
211e128f01bSVitaly Buka auto &AS = Allocas.find(AI)->second;
2129abb0e8dSVitaly Buka O << " " << AI->getName() << "["
213a70edc2bSVitaly Buka << getStaticAllocaSizeRange(*AI).getUpper() << "]: " << AS << "\n";
2149abb0e8dSVitaly Buka }
2159abb0e8dSVitaly Buka }
2169abb0e8dSVitaly Buka } else {
2179abb0e8dSVitaly Buka assert(Allocas.empty());
2189abb0e8dSVitaly Buka }
219fa98c074SVitaly Buka }
220fa98c074SVitaly Buka };
221fa98c074SVitaly Buka
2226e51a080SVitaly Buka using GVToSSI = std::map<const GlobalValue *, FunctionInfo<GlobalValue>>;
2230e6628d3SVitaly Buka
224ecb66f50SVitaly Buka } // namespace
225ecb66f50SVitaly Buka
226ecb66f50SVitaly Buka struct StackSafetyInfo::InfoTy {
2276e51a080SVitaly Buka FunctionInfo<GlobalValue> Info;
228ecb66f50SVitaly Buka };
229ecb66f50SVitaly Buka
2300e6628d3SVitaly Buka struct StackSafetyGlobalInfo::InfoTy {
2310e6628d3SVitaly Buka GVToSSI Info;
232232d348cSVitaly Buka SmallPtrSet<const AllocaInst *, 8> SafeAllocas;
2336c06d8e3SFlorian Mayer std::set<const Instruction *> UnsafeAccesses;
2340e6628d3SVitaly Buka };
235ecb66f50SVitaly Buka
236fa98c074SVitaly Buka namespace {
237fa98c074SVitaly Buka
238fa98c074SVitaly Buka class StackSafetyLocalAnalysis {
2392a3723efSEvgenii Stepanov Function &F;
240fa98c074SVitaly Buka const DataLayout &DL;
241fa98c074SVitaly Buka ScalarEvolution &SE;
242fa98c074SVitaly Buka unsigned PointerSize = 0;
243fa98c074SVitaly Buka
244fa98c074SVitaly Buka const ConstantRange UnknownRange;
245fa98c074SVitaly Buka
246f20ace6fSVitaly Buka ConstantRange offsetFrom(Value *Addr, Value *Base);
247f20ace6fSVitaly Buka ConstantRange getAccessRange(Value *Addr, Value *Base,
2489ce98312SSimon Pilgrim const ConstantRange &SizeRange);
249f20ace6fSVitaly Buka ConstantRange getAccessRange(Value *Addr, Value *Base, TypeSize Size);
250fa98c074SVitaly Buka ConstantRange getMemIntrinsicAccessRange(const MemIntrinsic *MI, const Use &U,
251f20ace6fSVitaly Buka Value *Base);
252fa98c074SVitaly Buka
25308b4dd8bSFlorian Mayer void analyzeAllUses(Value *Ptr, UseInfo<GlobalValue> &AS,
2548f592ed3SVitaly Buka const StackLifetime &SL);
255fa98c074SVitaly Buka
2566c06d8e3SFlorian Mayer
2576c06d8e3SFlorian Mayer bool isSafeAccess(const Use &U, AllocaInst *AI, const SCEV *AccessSize);
2586c06d8e3SFlorian Mayer bool isSafeAccess(const Use &U, AllocaInst *AI, Value *V);
2596c06d8e3SFlorian Mayer bool isSafeAccess(const Use &U, AllocaInst *AI, TypeSize AccessSize);
2606c06d8e3SFlorian Mayer
261fa98c074SVitaly Buka public:
StackSafetyLocalAnalysis(Function & F,ScalarEvolution & SE)2622a3723efSEvgenii Stepanov StackSafetyLocalAnalysis(Function &F, ScalarEvolution &SE)
263fa98c074SVitaly Buka : F(F), DL(F.getParent()->getDataLayout()), SE(SE),
264fa98c074SVitaly Buka PointerSize(DL.getPointerSizeInBits()),
265fa98c074SVitaly Buka UnknownRange(PointerSize, true) {}
266fa98c074SVitaly Buka
267fa98c074SVitaly Buka // Run the transformation on the associated function.
2686e51a080SVitaly Buka FunctionInfo<GlobalValue> run();
269fa98c074SVitaly Buka };
270fa98c074SVitaly Buka
offsetFrom(Value * Addr,Value * Base)271f20ace6fSVitaly Buka ConstantRange StackSafetyLocalAnalysis::offsetFrom(Value *Addr, Value *Base) {
27281826c7aSVitaly Buka if (!SE.isSCEVable(Addr->getType()) || !SE.isSCEVable(Base->getType()))
273fa98c074SVitaly Buka return UnknownRange;
274fa98c074SVitaly Buka
27581826c7aSVitaly Buka auto *PtrTy = IntegerType::getInt8PtrTy(SE.getContext());
27681826c7aSVitaly Buka const SCEV *AddrExp = SE.getTruncateOrZeroExtend(SE.getSCEV(Addr), PtrTy);
27781826c7aSVitaly Buka const SCEV *BaseExp = SE.getTruncateOrZeroExtend(SE.getSCEV(Base), PtrTy);
27881826c7aSVitaly Buka const SCEV *Diff = SE.getMinusSCEV(AddrExp, BaseExp);
2797ac1c7beSEli Friedman if (isa<SCEVCouldNotCompute>(Diff))
2807ac1c7beSEli Friedman return UnknownRange;
28181826c7aSVitaly Buka
28281826c7aSVitaly Buka ConstantRange Offset = SE.getSignedRange(Diff);
28314f33575SVitaly Buka if (isUnsafe(Offset))
284b5ae7004SVitaly Buka return UnknownRange;
285d0f1f5adSVitaly Buka return Offset.sextOrTrunc(PointerSize);
286fa98c074SVitaly Buka }
287fa98c074SVitaly Buka
288c3b80adcSEvgenii Stepanov ConstantRange
getAccessRange(Value * Addr,Value * Base,const ConstantRange & SizeRange)289f20ace6fSVitaly Buka StackSafetyLocalAnalysis::getAccessRange(Value *Addr, Value *Base,
2909ce98312SSimon Pilgrim const ConstantRange &SizeRange) {
29134ab5690SEvgenii Stepanov // Zero-size loads and stores do not access memory.
29234ab5690SEvgenii Stepanov if (SizeRange.isEmptySet())
29334ab5690SEvgenii Stepanov return ConstantRange::getEmpty(PointerSize);
29414f33575SVitaly Buka assert(!isUnsafe(SizeRange));
29534ab5690SEvgenii Stepanov
296804a39a2SVitaly Buka ConstantRange Offsets = offsetFrom(Addr, Base);
297804a39a2SVitaly Buka if (isUnsafe(Offsets))
29814f33575SVitaly Buka return UnknownRange;
29914f33575SVitaly Buka
300e6ce0dc5SVitaly Buka Offsets = addOverflowNever(Offsets, SizeRange);
301804a39a2SVitaly Buka if (isUnsafe(Offsets))
30214f33575SVitaly Buka return UnknownRange;
303804a39a2SVitaly Buka return Offsets;
304fa98c074SVitaly Buka }
305fa98c074SVitaly Buka
getAccessRange(Value * Addr,Value * Base,TypeSize Size)306f20ace6fSVitaly Buka ConstantRange StackSafetyLocalAnalysis::getAccessRange(Value *Addr, Value *Base,
307c3b80adcSEvgenii Stepanov TypeSize Size) {
30814f33575SVitaly Buka if (Size.isScalable())
30914f33575SVitaly Buka return UnknownRange;
310a70edc2bSVitaly Buka APInt APSize(PointerSize, Size.getFixedSize(), true);
311a70edc2bSVitaly Buka if (APSize.isNegative())
312a70edc2bSVitaly Buka return UnknownRange;
313735f4671SChris Lattner return getAccessRange(Addr, Base,
314735f4671SChris Lattner ConstantRange(APInt::getZero(PointerSize), APSize));
315c3b80adcSEvgenii Stepanov }
316c3b80adcSEvgenii Stepanov
getMemIntrinsicAccessRange(const MemIntrinsic * MI,const Use & U,Value * Base)317fa98c074SVitaly Buka ConstantRange StackSafetyLocalAnalysis::getMemIntrinsicAccessRange(
318f20ace6fSVitaly Buka const MemIntrinsic *MI, const Use &U, Value *Base) {
3196eb56794SVitaly Buka if (const auto *MTI = dyn_cast<MemTransferInst>(MI)) {
320fa98c074SVitaly Buka if (MTI->getRawSource() != U && MTI->getRawDest() != U)
321b101c625SVitaly Buka return ConstantRange::getEmpty(PointerSize);
322fa98c074SVitaly Buka } else {
323fa98c074SVitaly Buka if (MI->getRawDest() != U)
324b101c625SVitaly Buka return ConstantRange::getEmpty(PointerSize);
325fa98c074SVitaly Buka }
326a70edc2bSVitaly Buka
32732a1f60dSVitaly Buka auto *CalculationTy = IntegerType::getIntNTy(SE.getContext(), PointerSize);
32832a1f60dSVitaly Buka if (!SE.isSCEVable(MI->getLength()->getType()))
329fa98c074SVitaly Buka return UnknownRange;
33032a1f60dSVitaly Buka
33132a1f60dSVitaly Buka const SCEV *Expr =
33232a1f60dSVitaly Buka SE.getTruncateOrZeroExtend(SE.getSCEV(MI->getLength()), CalculationTy);
333804a39a2SVitaly Buka ConstantRange Sizes = SE.getSignedRange(Expr);
334a70edc2bSVitaly Buka if (Sizes.getUpper().isNegative() || isUnsafe(Sizes))
33532a1f60dSVitaly Buka return UnknownRange;
336804a39a2SVitaly Buka Sizes = Sizes.sextOrTrunc(PointerSize);
337735f4671SChris Lattner ConstantRange SizeRange(APInt::getZero(PointerSize), Sizes.getUpper() - 1);
33832a1f60dSVitaly Buka return getAccessRange(U, Base, SizeRange);
339fa98c074SVitaly Buka }
340fa98c074SVitaly Buka
isSafeAccess(const Use & U,AllocaInst * AI,Value * V)3416c06d8e3SFlorian Mayer bool StackSafetyLocalAnalysis::isSafeAccess(const Use &U, AllocaInst *AI,
3426c06d8e3SFlorian Mayer Value *V) {
3436c06d8e3SFlorian Mayer return isSafeAccess(U, AI, SE.getSCEV(V));
3446c06d8e3SFlorian Mayer }
3456c06d8e3SFlorian Mayer
isSafeAccess(const Use & U,AllocaInst * AI,TypeSize TS)3466c06d8e3SFlorian Mayer bool StackSafetyLocalAnalysis::isSafeAccess(const Use &U, AllocaInst *AI,
3476c06d8e3SFlorian Mayer TypeSize TS) {
3486c06d8e3SFlorian Mayer if (TS.isScalable())
3496c06d8e3SFlorian Mayer return false;
3506c06d8e3SFlorian Mayer auto *CalculationTy = IntegerType::getIntNTy(SE.getContext(), PointerSize);
3516c06d8e3SFlorian Mayer const SCEV *SV = SE.getConstant(CalculationTy, TS.getFixedSize());
3526c06d8e3SFlorian Mayer return isSafeAccess(U, AI, SV);
3536c06d8e3SFlorian Mayer }
3546c06d8e3SFlorian Mayer
isSafeAccess(const Use & U,AllocaInst * AI,const SCEV * AccessSize)3556c06d8e3SFlorian Mayer bool StackSafetyLocalAnalysis::isSafeAccess(const Use &U, AllocaInst *AI,
3566c06d8e3SFlorian Mayer const SCEV *AccessSize) {
3576c06d8e3SFlorian Mayer
3586c06d8e3SFlorian Mayer if (!AI)
3596c06d8e3SFlorian Mayer return true;
3606c06d8e3SFlorian Mayer if (isa<SCEVCouldNotCompute>(AccessSize))
3616c06d8e3SFlorian Mayer return false;
3626c06d8e3SFlorian Mayer
3636c06d8e3SFlorian Mayer const auto *I = cast<Instruction>(U.getUser());
3646c06d8e3SFlorian Mayer
3656c06d8e3SFlorian Mayer auto ToCharPtr = [&](const SCEV *V) {
3666c06d8e3SFlorian Mayer auto *PtrTy = IntegerType::getInt8PtrTy(SE.getContext());
3676c06d8e3SFlorian Mayer return SE.getTruncateOrZeroExtend(V, PtrTy);
3686c06d8e3SFlorian Mayer };
3696c06d8e3SFlorian Mayer
3706c06d8e3SFlorian Mayer const SCEV *AddrExp = ToCharPtr(SE.getSCEV(U.get()));
3716c06d8e3SFlorian Mayer const SCEV *BaseExp = ToCharPtr(SE.getSCEV(AI));
3726c06d8e3SFlorian Mayer const SCEV *Diff = SE.getMinusSCEV(AddrExp, BaseExp);
3736c06d8e3SFlorian Mayer if (isa<SCEVCouldNotCompute>(Diff))
3746c06d8e3SFlorian Mayer return false;
3756c06d8e3SFlorian Mayer
3766c06d8e3SFlorian Mayer auto Size = getStaticAllocaSizeRange(*AI);
3776c06d8e3SFlorian Mayer
3786c06d8e3SFlorian Mayer auto *CalculationTy = IntegerType::getIntNTy(SE.getContext(), PointerSize);
3796c06d8e3SFlorian Mayer auto ToDiffTy = [&](const SCEV *V) {
3806c06d8e3SFlorian Mayer return SE.getTruncateOrZeroExtend(V, CalculationTy);
3816c06d8e3SFlorian Mayer };
3826c06d8e3SFlorian Mayer const SCEV *Min = ToDiffTy(SE.getConstant(Size.getLower()));
3836c06d8e3SFlorian Mayer const SCEV *Max = SE.getMinusSCEV(ToDiffTy(SE.getConstant(Size.getUpper())),
3846c06d8e3SFlorian Mayer ToDiffTy(AccessSize));
3856c06d8e3SFlorian Mayer return SE.evaluatePredicateAt(ICmpInst::Predicate::ICMP_SGE, Diff, Min, I)
386129b531cSKazu Hirata .value_or(false) &&
3876c06d8e3SFlorian Mayer SE.evaluatePredicateAt(ICmpInst::Predicate::ICMP_SLE, Diff, Max, I)
388129b531cSKazu Hirata .value_or(false);
3896c06d8e3SFlorian Mayer }
3906c06d8e3SFlorian Mayer
391fa98c074SVitaly Buka /// The function analyzes all local uses of Ptr (alloca or argument) and
392fa98c074SVitaly Buka /// calculates local access range and all function calls where it was used.
analyzeAllUses(Value * Ptr,UseInfo<GlobalValue> & US,const StackLifetime & SL)39308b4dd8bSFlorian Mayer void StackSafetyLocalAnalysis::analyzeAllUses(Value *Ptr,
3948f592ed3SVitaly Buka UseInfo<GlobalValue> &US,
3958f592ed3SVitaly Buka const StackLifetime &SL) {
396fa98c074SVitaly Buka SmallPtrSet<const Value *, 16> Visited;
397fa98c074SVitaly Buka SmallVector<const Value *, 8> WorkList;
398fa98c074SVitaly Buka WorkList.push_back(Ptr);
3996c06d8e3SFlorian Mayer AllocaInst *AI = dyn_cast<AllocaInst>(Ptr);
400fa98c074SVitaly Buka
401fa98c074SVitaly Buka // A DFS search through all uses of the alloca in bitcasts/PHI/GEPs/etc.
402fa98c074SVitaly Buka while (!WorkList.empty()) {
403fa98c074SVitaly Buka const Value *V = WorkList.pop_back_val();
404fa98c074SVitaly Buka for (const Use &UI : V->uses()) {
4058f592ed3SVitaly Buka const auto *I = cast<Instruction>(UI.getUser());
4068f592ed3SVitaly Buka if (!SL.isReachable(I))
4078f592ed3SVitaly Buka continue;
4088f592ed3SVitaly Buka
409fa98c074SVitaly Buka assert(V == UI.get());
410fa98c074SVitaly Buka
411fa98c074SVitaly Buka switch (I->getOpcode()) {
412fa98c074SVitaly Buka case Instruction::Load: {
4135d964e26SVitaly Buka if (AI && !SL.isAliveAfter(AI, I)) {
4146c06d8e3SFlorian Mayer US.addRange(I, UnknownRange, /*IsSafe=*/false);
41557335b6eSFlorian Mayer break;
4165d964e26SVitaly Buka }
4176c06d8e3SFlorian Mayer auto TypeSize = DL.getTypeStoreSize(I->getType());
4186c06d8e3SFlorian Mayer auto AccessRange = getAccessRange(UI, Ptr, TypeSize);
4196c06d8e3SFlorian Mayer bool Safe = isSafeAccess(UI, AI, TypeSize);
4206c06d8e3SFlorian Mayer US.addRange(I, AccessRange, Safe);
421fa98c074SVitaly Buka break;
422fa98c074SVitaly Buka }
423fa98c074SVitaly Buka
424fa98c074SVitaly Buka case Instruction::VAArg:
425fa98c074SVitaly Buka // "va-arg" from a pointer is safe.
426fa98c074SVitaly Buka break;
427fa98c074SVitaly Buka case Instruction::Store: {
428fa98c074SVitaly Buka if (V == I->getOperand(0)) {
429fa98c074SVitaly Buka // Stored the pointer - conservatively assume it may be unsafe.
4306c06d8e3SFlorian Mayer US.addRange(I, UnknownRange, /*IsSafe=*/false);
43157335b6eSFlorian Mayer break;
432fa98c074SVitaly Buka }
4335d964e26SVitaly Buka if (AI && !SL.isAliveAfter(AI, I)) {
4346c06d8e3SFlorian Mayer US.addRange(I, UnknownRange, /*IsSafe=*/false);
43557335b6eSFlorian Mayer break;
4365d964e26SVitaly Buka }
4376c06d8e3SFlorian Mayer auto TypeSize = DL.getTypeStoreSize(I->getOperand(0)->getType());
4386c06d8e3SFlorian Mayer auto AccessRange = getAccessRange(UI, Ptr, TypeSize);
4396c06d8e3SFlorian Mayer bool Safe = isSafeAccess(UI, AI, TypeSize);
4406c06d8e3SFlorian Mayer US.addRange(I, AccessRange, Safe);
441fa98c074SVitaly Buka break;
442fa98c074SVitaly Buka }
443fa98c074SVitaly Buka
444fa98c074SVitaly Buka case Instruction::Ret:
445fa98c074SVitaly Buka // Information leak.
446fa98c074SVitaly Buka // FIXME: Process parameters correctly. This is a leak only if we return
447fa98c074SVitaly Buka // alloca.
4486c06d8e3SFlorian Mayer US.addRange(I, UnknownRange, /*IsSafe=*/false);
44957335b6eSFlorian Mayer break;
450fa98c074SVitaly Buka
451fa98c074SVitaly Buka case Instruction::Call:
452fa98c074SVitaly Buka case Instruction::Invoke: {
453b264d69dSVedant Kumar if (I->isLifetimeStartOrEnd())
454fa98c074SVitaly Buka break;
455fa98c074SVitaly Buka
4565d964e26SVitaly Buka if (AI && !SL.isAliveAfter(AI, I)) {
4576c06d8e3SFlorian Mayer US.addRange(I, UnknownRange, /*IsSafe=*/false);
45857335b6eSFlorian Mayer break;
4595d964e26SVitaly Buka }
460fa98c074SVitaly Buka if (const MemIntrinsic *MI = dyn_cast<MemIntrinsic>(I)) {
4616c06d8e3SFlorian Mayer auto AccessRange = getMemIntrinsicAccessRange(MI, UI, Ptr);
4626c06d8e3SFlorian Mayer bool Safe = false;
4636c06d8e3SFlorian Mayer if (const auto *MTI = dyn_cast<MemTransferInst>(MI)) {
4646c06d8e3SFlorian Mayer if (MTI->getRawSource() != UI && MTI->getRawDest() != UI)
4656c06d8e3SFlorian Mayer Safe = true;
4666c06d8e3SFlorian Mayer } else if (MI->getRawDest() != UI) {
4676c06d8e3SFlorian Mayer Safe = true;
4686c06d8e3SFlorian Mayer }
4696c06d8e3SFlorian Mayer Safe = Safe || isSafeAccess(UI, AI, MI->getLength());
4706c06d8e3SFlorian Mayer US.addRange(I, AccessRange, Safe);
471fa98c074SVitaly Buka break;
472fa98c074SVitaly Buka }
473fa98c074SVitaly Buka
474a10fc165SVitaly Buka const auto &CB = cast<CallBase>(*I);
4755b5d774fSFlorian Mayer if (CB.getReturnedArgOperand() == V) {
4765b5d774fSFlorian Mayer if (Visited.insert(I).second)
4775b5d774fSFlorian Mayer WorkList.push_back(cast<const Instruction>(I));
4785b5d774fSFlorian Mayer }
4795b5d774fSFlorian Mayer
480a10fc165SVitaly Buka if (!CB.isArgOperand(&UI)) {
4816c06d8e3SFlorian Mayer US.addRange(I, UnknownRange, /*IsSafe=*/false);
48257335b6eSFlorian Mayer break;
483a10fc165SVitaly Buka }
484a10fc165SVitaly Buka
48599930732SVitaly Buka unsigned ArgNo = CB.getArgOperandNo(&UI);
48699930732SVitaly Buka if (CB.isByValArgument(ArgNo)) {
4876c06d8e3SFlorian Mayer auto TypeSize = DL.getTypeStoreSize(CB.getParamByValType(ArgNo));
4886c06d8e3SFlorian Mayer auto AccessRange = getAccessRange(UI, Ptr, TypeSize);
4896c06d8e3SFlorian Mayer bool Safe = isSafeAccess(UI, AI, TypeSize);
4906c06d8e3SFlorian Mayer US.addRange(I, AccessRange, Safe);
49199930732SVitaly Buka break;
49299930732SVitaly Buka }
49399930732SVitaly Buka
494fa98c074SVitaly Buka // FIXME: consult devirt?
495fa98c074SVitaly Buka // Do not follow aliases, otherwise we could inadvertently follow
496fa98c074SVitaly Buka // dso_preemptable aliases or aliases with interposable linkage.
4972452d703SPeter Collingbourne const GlobalValue *Callee =
498a58b62b4SCraig Topper dyn_cast<GlobalValue>(CB.getCalledOperand()->stripPointerCasts());
499fa98c074SVitaly Buka if (!Callee) {
5006c06d8e3SFlorian Mayer US.addRange(I, UnknownRange, /*IsSafe=*/false);
50157335b6eSFlorian Mayer break;
502fa98c074SVitaly Buka }
503fa98c074SVitaly Buka
504fa98c074SVitaly Buka assert(isa<Function>(Callee) || isa<GlobalAlias>(Callee));
505798eb71cSVitaly Buka ConstantRange Offsets = offsetFrom(UI, Ptr);
506798eb71cSVitaly Buka auto Insert =
507798eb71cSVitaly Buka US.Calls.emplace(CallInfo<GlobalValue>(Callee, ArgNo), Offsets);
508798eb71cSVitaly Buka if (!Insert.second)
509798eb71cSVitaly Buka Insert.first->second = Insert.first->second.unionWith(Offsets);
510fa98c074SVitaly Buka break;
511fa98c074SVitaly Buka }
512fa98c074SVitaly Buka
513fa98c074SVitaly Buka default:
514fa98c074SVitaly Buka if (Visited.insert(I).second)
515fa98c074SVitaly Buka WorkList.push_back(cast<const Instruction>(I));
516fa98c074SVitaly Buka }
517fa98c074SVitaly Buka }
518fa98c074SVitaly Buka }
519fa98c074SVitaly Buka }
520fa98c074SVitaly Buka
run()5216e51a080SVitaly Buka FunctionInfo<GlobalValue> StackSafetyLocalAnalysis::run() {
5226e51a080SVitaly Buka FunctionInfo<GlobalValue> Info;
523fa98c074SVitaly Buka assert(!F.isDeclaration() &&
524fa98c074SVitaly Buka "Can't run StackSafety on a function declaration");
525fa98c074SVitaly Buka
526fa98c074SVitaly Buka LLVM_DEBUG(dbgs() << "[StackSafety] " << F.getName() << "\n");
527fa98c074SVitaly Buka
5288f592ed3SVitaly Buka SmallVector<AllocaInst *, 64> Allocas;
5298f592ed3SVitaly Buka for (auto &I : instructions(F))
5308f592ed3SVitaly Buka if (auto *AI = dyn_cast<AllocaInst>(&I))
5318f592ed3SVitaly Buka Allocas.push_back(AI);
5328f592ed3SVitaly Buka StackLifetime SL(F, Allocas, StackLifetime::LivenessType::Must);
5338f592ed3SVitaly Buka SL.run();
5348f592ed3SVitaly Buka
5358f592ed3SVitaly Buka for (auto *AI : Allocas) {
536d3b7f90dSVitaly Buka auto &UI = Info.Allocas.emplace(AI, PointerSize).first->second;
5378f592ed3SVitaly Buka analyzeAllUses(AI, UI, SL);
538fa98c074SVitaly Buka }
539fa98c074SVitaly Buka
5406a6e3821SKazu Hirata for (Argument &A : F.args()) {
54199930732SVitaly Buka // Non pointers and bypass arguments are not going to be used in any global
54299930732SVitaly Buka // processing.
54399930732SVitaly Buka if (A.getType()->isPointerTy() && !A.hasByValAttr()) {
544d3b7f90dSVitaly Buka auto &UI = Info.Params.emplace(A.getArgNo(), PointerSize).first->second;
5458f592ed3SVitaly Buka analyzeAllUses(&A, UI, SL);
546d3b7f90dSVitaly Buka }
547fa98c074SVitaly Buka }
548fa98c074SVitaly Buka
5499abb0e8dSVitaly Buka LLVM_DEBUG(Info.print(dbgs(), F.getName(), &F));
550d261d4cfSFlorian Mayer LLVM_DEBUG(dbgs() << "\n[StackSafety] done\n");
551ecb66f50SVitaly Buka return Info;
552fa98c074SVitaly Buka }
553fa98c074SVitaly Buka
5546e51a080SVitaly Buka template <typename CalleeTy> class StackSafetyDataFlowAnalysis {
5556e51a080SVitaly Buka using FunctionMap = std::map<const CalleeTy *, FunctionInfo<CalleeTy>>;
55642b05067SVitaly Buka
55742b05067SVitaly Buka FunctionMap Functions;
558892c71a5SVitaly Buka const ConstantRange UnknownRange;
559892c71a5SVitaly Buka
56042b05067SVitaly Buka // Callee-to-Caller multimap.
5616e51a080SVitaly Buka DenseMap<const CalleeTy *, SmallVector<const CalleeTy *, 4>> Callers;
5626e51a080SVitaly Buka SetVector<const CalleeTy *> WorkList;
56342b05067SVitaly Buka
5646e51a080SVitaly Buka bool updateOneUse(UseInfo<CalleeTy> &US, bool UpdateToFullSet);
5656e51a080SVitaly Buka void updateOneNode(const CalleeTy *Callee, FunctionInfo<CalleeTy> &FS);
updateOneNode(const CalleeTy * Callee)5666e51a080SVitaly Buka void updateOneNode(const CalleeTy *Callee) {
56742b05067SVitaly Buka updateOneNode(Callee, Functions.find(Callee)->second);
56842b05067SVitaly Buka }
updateAllNodes()56942b05067SVitaly Buka void updateAllNodes() {
57042b05067SVitaly Buka for (auto &F : Functions)
57142b05067SVitaly Buka updateOneNode(F.first, F.second);
57242b05067SVitaly Buka }
57342b05067SVitaly Buka void runDataFlow();
574e071cd86SJonas Hahnfeld #ifndef NDEBUG
57542b05067SVitaly Buka void verifyFixedPoint();
576e071cd86SJonas Hahnfeld #endif
57742b05067SVitaly Buka
578892c71a5SVitaly Buka public:
StackSafetyDataFlowAnalysis(uint32_t PointerBitWidth,FunctionMap Functions)5790e6628d3SVitaly Buka StackSafetyDataFlowAnalysis(uint32_t PointerBitWidth, FunctionMap Functions)
580892c71a5SVitaly Buka : Functions(std::move(Functions)),
5810e6628d3SVitaly Buka UnknownRange(ConstantRange::getFull(PointerBitWidth)) {}
582892c71a5SVitaly Buka
583892c71a5SVitaly Buka const FunctionMap &run();
584892c71a5SVitaly Buka
5856e51a080SVitaly Buka ConstantRange getArgumentAccessRange(const CalleeTy *Callee, unsigned ParamNo,
5862622cfbcSVitaly Buka const ConstantRange &Offsets) const;
587892c71a5SVitaly Buka };
588892c71a5SVitaly Buka
5896e51a080SVitaly Buka template <typename CalleeTy>
getArgumentAccessRange(const CalleeTy * Callee,unsigned ParamNo,const ConstantRange & Offsets) const5906e51a080SVitaly Buka ConstantRange StackSafetyDataFlowAnalysis<CalleeTy>::getArgumentAccessRange(
5916e51a080SVitaly Buka const CalleeTy *Callee, unsigned ParamNo,
5922622cfbcSVitaly Buka const ConstantRange &Offsets) const {
593d3b7f90dSVitaly Buka auto FnIt = Functions.find(Callee);
59442b05067SVitaly Buka // Unknown callee (outside of LTO domain or an indirect call).
595d3b7f90dSVitaly Buka if (FnIt == Functions.end())
59642b05067SVitaly Buka return UnknownRange;
597d3b7f90dSVitaly Buka auto &FS = FnIt->second;
598d3b7f90dSVitaly Buka auto ParamIt = FS.Params.find(ParamNo);
599d3b7f90dSVitaly Buka if (ParamIt == FS.Params.end())
60042b05067SVitaly Buka return UnknownRange;
601d3b7f90dSVitaly Buka auto &Access = ParamIt->second.Range;
6022622cfbcSVitaly Buka if (Access.isEmptySet())
6032622cfbcSVitaly Buka return Access;
604d3b7f90dSVitaly Buka if (Access.isFullSet())
6052622cfbcSVitaly Buka return UnknownRange;
606e6ce0dc5SVitaly Buka return addOverflowNever(Access, Offsets);
60742b05067SVitaly Buka }
60842b05067SVitaly Buka
6096e51a080SVitaly Buka template <typename CalleeTy>
updateOneUse(UseInfo<CalleeTy> & US,bool UpdateToFullSet)6106e51a080SVitaly Buka bool StackSafetyDataFlowAnalysis<CalleeTy>::updateOneUse(UseInfo<CalleeTy> &US,
61142b05067SVitaly Buka bool UpdateToFullSet) {
61242b05067SVitaly Buka bool Changed = false;
613798eb71cSVitaly Buka for (auto &KV : US.Calls) {
614798eb71cSVitaly Buka assert(!KV.second.isEmptySet() &&
6157792f5f1SVitaly Buka "Param range can't be empty-set, invalid offset range");
61642b05067SVitaly Buka
6172622cfbcSVitaly Buka ConstantRange CalleeRange =
618798eb71cSVitaly Buka getArgumentAccessRange(KV.first.Callee, KV.first.ParamNo, KV.second);
61942b05067SVitaly Buka if (!US.Range.contains(CalleeRange)) {
62042b05067SVitaly Buka Changed = true;
62142b05067SVitaly Buka if (UpdateToFullSet)
62242b05067SVitaly Buka US.Range = UnknownRange;
62342b05067SVitaly Buka else
624dee812a2SVitaly Buka US.updateRange(CalleeRange);
62542b05067SVitaly Buka }
62642b05067SVitaly Buka }
62742b05067SVitaly Buka return Changed;
62842b05067SVitaly Buka }
62942b05067SVitaly Buka
6306e51a080SVitaly Buka template <typename CalleeTy>
updateOneNode(const CalleeTy * Callee,FunctionInfo<CalleeTy> & FS)6316e51a080SVitaly Buka void StackSafetyDataFlowAnalysis<CalleeTy>::updateOneNode(
6326e51a080SVitaly Buka const CalleeTy *Callee, FunctionInfo<CalleeTy> &FS) {
63342b05067SVitaly Buka bool UpdateToFullSet = FS.UpdateCount > StackSafetyMaxIterations;
63442b05067SVitaly Buka bool Changed = false;
635d3b7f90dSVitaly Buka for (auto &KV : FS.Params)
636d3b7f90dSVitaly Buka Changed |= updateOneUse(KV.second, UpdateToFullSet);
63742b05067SVitaly Buka
63842b05067SVitaly Buka if (Changed) {
63942b05067SVitaly Buka LLVM_DEBUG(dbgs() << "=== update [" << FS.UpdateCount
6409abb0e8dSVitaly Buka << (UpdateToFullSet ? ", full-set" : "") << "] " << &FS
6419abb0e8dSVitaly Buka << "\n");
64242b05067SVitaly Buka // Callers of this function may need updating.
64342b05067SVitaly Buka for (auto &CallerID : Callers[Callee])
64442b05067SVitaly Buka WorkList.insert(CallerID);
64542b05067SVitaly Buka
64642b05067SVitaly Buka ++FS.UpdateCount;
64742b05067SVitaly Buka }
64842b05067SVitaly Buka }
64942b05067SVitaly Buka
6506e51a080SVitaly Buka template <typename CalleeTy>
runDataFlow()6516e51a080SVitaly Buka void StackSafetyDataFlowAnalysis<CalleeTy>::runDataFlow() {
6526e51a080SVitaly Buka SmallVector<const CalleeTy *, 16> Callees;
65342b05067SVitaly Buka for (auto &F : Functions) {
65442b05067SVitaly Buka Callees.clear();
6556e51a080SVitaly Buka auto &FS = F.second;
6566e51a080SVitaly Buka for (auto &KV : FS.Params)
657d3b7f90dSVitaly Buka for (auto &CS : KV.second.Calls)
658798eb71cSVitaly Buka Callees.push_back(CS.first.Callee);
65942b05067SVitaly Buka
66042b05067SVitaly Buka llvm::sort(Callees);
66142b05067SVitaly Buka Callees.erase(std::unique(Callees.begin(), Callees.end()), Callees.end());
66242b05067SVitaly Buka
66342b05067SVitaly Buka for (auto &Callee : Callees)
66442b05067SVitaly Buka Callers[Callee].push_back(F.first);
66542b05067SVitaly Buka }
66642b05067SVitaly Buka
66742b05067SVitaly Buka updateAllNodes();
66842b05067SVitaly Buka
66942b05067SVitaly Buka while (!WorkList.empty()) {
67084b07c9bSKazu Hirata const CalleeTy *Callee = WorkList.pop_back_val();
67142b05067SVitaly Buka updateOneNode(Callee);
67242b05067SVitaly Buka }
67342b05067SVitaly Buka }
67442b05067SVitaly Buka
675e071cd86SJonas Hahnfeld #ifndef NDEBUG
676264d435eSVitaly Buka template <typename CalleeTy>
verifyFixedPoint()677264d435eSVitaly Buka void StackSafetyDataFlowAnalysis<CalleeTy>::verifyFixedPoint() {
67842b05067SVitaly Buka WorkList.clear();
67942b05067SVitaly Buka updateAllNodes();
68042b05067SVitaly Buka assert(WorkList.empty());
68142b05067SVitaly Buka }
682e071cd86SJonas Hahnfeld #endif
68342b05067SVitaly Buka
6846e51a080SVitaly Buka template <typename CalleeTy>
6856e51a080SVitaly Buka const typename StackSafetyDataFlowAnalysis<CalleeTy>::FunctionMap &
run()6866e51a080SVitaly Buka StackSafetyDataFlowAnalysis<CalleeTy>::run() {
68742b05067SVitaly Buka runDataFlow();
68842b05067SVitaly Buka LLVM_DEBUG(verifyFixedPoint());
689892c71a5SVitaly Buka return Functions;
69042b05067SVitaly Buka }
69142b05067SVitaly Buka
findCalleeFunctionSummary(ValueInfo VI,StringRef ModuleId)69247552a61SVitaly Buka FunctionSummary *findCalleeFunctionSummary(ValueInfo VI, StringRef ModuleId) {
69347552a61SVitaly Buka if (!VI)
69447552a61SVitaly Buka return nullptr;
69547552a61SVitaly Buka auto SummaryList = VI.getSummaryList();
69647552a61SVitaly Buka GlobalValueSummary* S = nullptr;
69747552a61SVitaly Buka for (const auto& GVS : SummaryList) {
69847552a61SVitaly Buka if (!GVS->isLive())
69947552a61SVitaly Buka continue;
70047552a61SVitaly Buka if (const AliasSummary *AS = dyn_cast<AliasSummary>(GVS.get()))
70147552a61SVitaly Buka if (!AS->hasAliasee())
70247552a61SVitaly Buka continue;
70347552a61SVitaly Buka if (!isa<FunctionSummary>(GVS->getBaseObject()))
70447552a61SVitaly Buka continue;
70547552a61SVitaly Buka if (GlobalValue::isLocalLinkage(GVS->linkage())) {
70647552a61SVitaly Buka if (GVS->modulePath() == ModuleId) {
70747552a61SVitaly Buka S = GVS.get();
70847552a61SVitaly Buka break;
70947552a61SVitaly Buka }
71047552a61SVitaly Buka } else if (GlobalValue::isExternalLinkage(GVS->linkage())) {
71147552a61SVitaly Buka if (S) {
71247552a61SVitaly Buka ++NumIndexCalleeMultipleExternal;
71347552a61SVitaly Buka return nullptr;
71447552a61SVitaly Buka }
71547552a61SVitaly Buka S = GVS.get();
71647552a61SVitaly Buka } else if (GlobalValue::isWeakLinkage(GVS->linkage())) {
71747552a61SVitaly Buka if (S) {
71847552a61SVitaly Buka ++NumIndexCalleeMultipleWeak;
71947552a61SVitaly Buka return nullptr;
72047552a61SVitaly Buka }
72147552a61SVitaly Buka S = GVS.get();
72247552a61SVitaly Buka } else if (GlobalValue::isAvailableExternallyLinkage(GVS->linkage()) ||
72347552a61SVitaly Buka GlobalValue::isLinkOnceLinkage(GVS->linkage())) {
72447552a61SVitaly Buka if (SummaryList.size() == 1)
72547552a61SVitaly Buka S = GVS.get();
72647552a61SVitaly Buka // According thinLTOResolvePrevailingGUID these are unlikely prevailing.
72747552a61SVitaly Buka } else {
72847552a61SVitaly Buka ++NumIndexCalleeUnhandled;
72947552a61SVitaly Buka }
73047552a61SVitaly Buka };
731c1e47b47SVitaly Buka while (S) {
732c1e47b47SVitaly Buka if (!S->isLive() || !S->isDSOLocal())
733c1e47b47SVitaly Buka return nullptr;
734c1e47b47SVitaly Buka if (FunctionSummary *FS = dyn_cast<FunctionSummary>(S))
735c1e47b47SVitaly Buka return FS;
736c1e47b47SVitaly Buka AliasSummary *AS = dyn_cast<AliasSummary>(S);
737a6feeb1cSVitaly Buka if (!AS || !AS->hasAliasee())
738c1e47b47SVitaly Buka return nullptr;
739c1e47b47SVitaly Buka S = AS->getBaseObject();
740c1e47b47SVitaly Buka if (S == AS)
741c1e47b47SVitaly Buka return nullptr;
742c1e47b47SVitaly Buka }
743c1e47b47SVitaly Buka return nullptr;
744c1e47b47SVitaly Buka }
745c1e47b47SVitaly Buka
findCalleeInModule(const GlobalValue * GV)7466eb56794SVitaly Buka const Function *findCalleeInModule(const GlobalValue *GV) {
747892c71a5SVitaly Buka while (GV) {
7483c32af58SVitaly Buka if (GV->isDeclaration() || GV->isInterposable() || !GV->isDSOLocal())
749892c71a5SVitaly Buka return nullptr;
750892c71a5SVitaly Buka if (const Function *F = dyn_cast<Function>(GV))
751892c71a5SVitaly Buka return F;
752892c71a5SVitaly Buka const GlobalAlias *A = dyn_cast<GlobalAlias>(GV);
753892c71a5SVitaly Buka if (!A)
754892c71a5SVitaly Buka return nullptr;
75540ec1c0fSItay Bookstein GV = A->getAliaseeObject();
756892c71a5SVitaly Buka if (GV == A)
757892c71a5SVitaly Buka return nullptr;
758892c71a5SVitaly Buka }
759892c71a5SVitaly Buka return nullptr;
760892c71a5SVitaly Buka }
761892c71a5SVitaly Buka
findParamAccess(const FunctionSummary & FS,uint32_t ParamNo)762c1e47b47SVitaly Buka const ConstantRange *findParamAccess(const FunctionSummary &FS,
763c1e47b47SVitaly Buka uint32_t ParamNo) {
764c1e47b47SVitaly Buka assert(FS.isLive());
765c1e47b47SVitaly Buka assert(FS.isDSOLocal());
766*601b3a13SKazu Hirata for (const auto &PS : FS.paramAccesses())
767c1e47b47SVitaly Buka if (ParamNo == PS.ParamNo)
768c1e47b47SVitaly Buka return &PS.Use;
769c1e47b47SVitaly Buka return nullptr;
770c1e47b47SVitaly Buka }
771c1e47b47SVitaly Buka
resolveAllCalls(UseInfo<GlobalValue> & Use,const ModuleSummaryIndex * Index)772c1e47b47SVitaly Buka void resolveAllCalls(UseInfo<GlobalValue> &Use,
773c1e47b47SVitaly Buka const ModuleSummaryIndex *Index) {
774892c71a5SVitaly Buka ConstantRange FullSet(Use.Range.getBitWidth(), true);
775dca4b713SSimon Pilgrim // Move Use.Calls to a temp storage and repopulate - don't use std::move as it
776dca4b713SSimon Pilgrim // leaves Use.Calls in an undefined state.
777dca4b713SSimon Pilgrim UseInfo<GlobalValue>::CallsTy TmpCalls;
778dca4b713SSimon Pilgrim std::swap(TmpCalls, Use.Calls);
779798eb71cSVitaly Buka for (const auto &C : TmpCalls) {
780798eb71cSVitaly Buka const Function *F = findCalleeInModule(C.first.Callee);
781892c71a5SVitaly Buka if (F) {
782798eb71cSVitaly Buka Use.Calls.emplace(CallInfo<GlobalValue>(F, C.first.ParamNo), C.second);
783892c71a5SVitaly Buka continue;
784892c71a5SVitaly Buka }
785892c71a5SVitaly Buka
786c1e47b47SVitaly Buka if (!Index)
787892c71a5SVitaly Buka return Use.updateRange(FullSet);
78847552a61SVitaly Buka FunctionSummary *FS =
78947552a61SVitaly Buka findCalleeFunctionSummary(Index->getValueInfo(C.first.Callee->getGUID()),
79047552a61SVitaly Buka C.first.Callee->getParent()->getModuleIdentifier());
79158b95c9bSVitaly Buka ++NumModuleCalleeLookupTotal;
79258b95c9bSVitaly Buka if (!FS) {
79358b95c9bSVitaly Buka ++NumModuleCalleeLookupFailed;
794c1e47b47SVitaly Buka return Use.updateRange(FullSet);
79558b95c9bSVitaly Buka }
796798eb71cSVitaly Buka const ConstantRange *Found = findParamAccess(*FS, C.first.ParamNo);
7971970eefbSVitaly Buka if (!Found || Found->isFullSet())
798c1e47b47SVitaly Buka return Use.updateRange(FullSet);
799c1e47b47SVitaly Buka ConstantRange Access = Found->sextOrTrunc(Use.Range.getBitWidth());
8001970eefbSVitaly Buka if (!Access.isEmptySet())
801798eb71cSVitaly Buka Use.updateRange(addOverflowNever(Access, C.second));
802892c71a5SVitaly Buka }
803892c71a5SVitaly Buka }
804892c71a5SVitaly Buka
createGlobalStackSafetyInfo(std::map<const GlobalValue *,FunctionInfo<GlobalValue>> Functions,const ModuleSummaryIndex * Index)805892c71a5SVitaly Buka GVToSSI createGlobalStackSafetyInfo(
8065b1c70a4SVitaly Buka std::map<const GlobalValue *, FunctionInfo<GlobalValue>> Functions,
8075b1c70a4SVitaly Buka const ModuleSummaryIndex *Index) {
808892c71a5SVitaly Buka GVToSSI SSI;
809892c71a5SVitaly Buka if (Functions.empty())
810892c71a5SVitaly Buka return SSI;
811892c71a5SVitaly Buka
812892c71a5SVitaly Buka // FIXME: Simplify printing and remove copying here.
813892c71a5SVitaly Buka auto Copy = Functions;
814892c71a5SVitaly Buka
815d3b7f90dSVitaly Buka for (auto &FnKV : Copy)
816798eb71cSVitaly Buka for (auto &KV : FnKV.second.Params) {
817c1e47b47SVitaly Buka resolveAllCalls(KV.second, Index);
818798eb71cSVitaly Buka if (KV.second.Range.isFullSet())
819798eb71cSVitaly Buka KV.second.Calls.clear();
820798eb71cSVitaly Buka }
821892c71a5SVitaly Buka
82262627c72SKirill Stoimenov uint32_t PointerSize =
82362627c72SKirill Stoimenov Copy.begin()->first->getParent()->getDataLayout().getPointerSizeInBits();
8246e51a080SVitaly Buka StackSafetyDataFlowAnalysis<GlobalValue> SSDFA(PointerSize, std::move(Copy));
825892c71a5SVitaly Buka
826*601b3a13SKazu Hirata for (const auto &F : SSDFA.run()) {
827892c71a5SVitaly Buka auto FI = F.second;
8280e6628d3SVitaly Buka auto &SrcF = Functions[F.first];
829e128f01bSVitaly Buka for (auto &KV : FI.Allocas) {
830e128f01bSVitaly Buka auto &A = KV.second;
831c1e47b47SVitaly Buka resolveAllCalls(A, Index);
832892c71a5SVitaly Buka for (auto &C : A.Calls) {
833798eb71cSVitaly Buka A.updateRange(SSDFA.getArgumentAccessRange(C.first.Callee,
834798eb71cSVitaly Buka C.first.ParamNo, C.second));
835892c71a5SVitaly Buka }
836892c71a5SVitaly Buka // FIXME: This is needed only to preserve calls in print() results.
837e128f01bSVitaly Buka A.Calls = SrcF.Allocas.find(KV.first)->second.Calls;
838892c71a5SVitaly Buka }
839d3b7f90dSVitaly Buka for (auto &KV : FI.Params) {
840d3b7f90dSVitaly Buka auto &P = KV.second;
841d3b7f90dSVitaly Buka P.Calls = SrcF.Params.find(KV.first)->second.Calls;
842892c71a5SVitaly Buka }
8430e6628d3SVitaly Buka SSI[F.first] = std::move(FI);
844892c71a5SVitaly Buka }
845892c71a5SVitaly Buka
846892c71a5SVitaly Buka return SSI;
847892c71a5SVitaly Buka }
848892c71a5SVitaly Buka
849fa98c074SVitaly Buka } // end anonymous namespace
850fa98c074SVitaly Buka
8510e6628d3SVitaly Buka StackSafetyInfo::StackSafetyInfo() = default;
852fa98c074SVitaly Buka
StackSafetyInfo(Function * F,std::function<ScalarEvolution & ()> GetSE)8530e6628d3SVitaly Buka StackSafetyInfo::StackSafetyInfo(Function *F,
8540e6628d3SVitaly Buka std::function<ScalarEvolution &()> GetSE)
8550e6628d3SVitaly Buka : F(F), GetSE(GetSE) {}
8560e6628d3SVitaly Buka
8570e6628d3SVitaly Buka StackSafetyInfo::StackSafetyInfo(StackSafetyInfo &&) = default;
8580e6628d3SVitaly Buka
8590e6628d3SVitaly Buka StackSafetyInfo &StackSafetyInfo::operator=(StackSafetyInfo &&) = default;
860fa98c074SVitaly Buka
861fa98c074SVitaly Buka StackSafetyInfo::~StackSafetyInfo() = default;
862fa98c074SVitaly Buka
getInfo() const8630e6628d3SVitaly Buka const StackSafetyInfo::InfoTy &StackSafetyInfo::getInfo() const {
8640e6628d3SVitaly Buka if (!Info) {
8650e6628d3SVitaly Buka StackSafetyLocalAnalysis SSLA(*F, GetSE());
8660e6628d3SVitaly Buka Info.reset(new InfoTy{SSLA.run()});
8670e6628d3SVitaly Buka }
8680e6628d3SVitaly Buka return *Info;
8699abb0e8dSVitaly Buka }
8709abb0e8dSVitaly Buka
print(raw_ostream & O) const8710e6628d3SVitaly Buka void StackSafetyInfo::print(raw_ostream &O) const {
8720e6628d3SVitaly Buka getInfo().Info.print(O, F->getName(), dyn_cast<Function>(F));
873d261d4cfSFlorian Mayer O << "\n";
8740e6628d3SVitaly Buka }
8750e6628d3SVitaly Buka
getInfo() const8760e6628d3SVitaly Buka const StackSafetyGlobalInfo::InfoTy &StackSafetyGlobalInfo::getInfo() const {
8770e6628d3SVitaly Buka if (!Info) {
8786e51a080SVitaly Buka std::map<const GlobalValue *, FunctionInfo<GlobalValue>> Functions;
8790e6628d3SVitaly Buka for (auto &F : M->functions()) {
8800e6628d3SVitaly Buka if (!F.isDeclaration()) {
8810e6628d3SVitaly Buka auto FI = GetSSI(F).getInfo().Info;
8820e6628d3SVitaly Buka Functions.emplace(&F, std::move(FI));
8830e6628d3SVitaly Buka }
8840e6628d3SVitaly Buka }
8855b1c70a4SVitaly Buka Info.reset(new InfoTy{
88657335b6eSFlorian Mayer createGlobalStackSafetyInfo(std::move(Functions), Index), {}, {}});
88757335b6eSFlorian Mayer
888e128f01bSVitaly Buka for (auto &FnKV : Info->Info) {
889e128f01bSVitaly Buka for (auto &KV : FnKV.second.Allocas) {
890291dabefSVitaly Buka ++NumAllocaTotal;
891e128f01bSVitaly Buka const AllocaInst *AI = KV.first;
89257335b6eSFlorian Mayer auto AIRange = getStaticAllocaSizeRange(*AI);
89357335b6eSFlorian Mayer if (AIRange.contains(KV.second.Range)) {
894232d348cSVitaly Buka Info->SafeAllocas.insert(AI);
895291dabefSVitaly Buka ++NumAllocaStackSafe;
896291dabefSVitaly Buka }
8976c06d8e3SFlorian Mayer Info->UnsafeAccesses.insert(KV.second.UnsafeAccesses.begin(),
8986c06d8e3SFlorian Mayer KV.second.UnsafeAccesses.end());
899232d348cSVitaly Buka }
900232d348cSVitaly Buka }
90157335b6eSFlorian Mayer
902791c78f5SVitaly Buka if (StackSafetyPrint)
903791c78f5SVitaly Buka print(errs());
9040e6628d3SVitaly Buka }
9050e6628d3SVitaly Buka return *Info;
9060e6628d3SVitaly Buka }
9070e6628d3SVitaly Buka
9084666953cSVitaly Buka std::vector<FunctionSummary::ParamAccess>
getParamAccesses(ModuleSummaryIndex & Index) const909fc4fd898SVitaly Buka StackSafetyInfo::getParamAccesses(ModuleSummaryIndex &Index) const {
910e38727a0SVitaly Buka // Implementation transforms internal representation of parameter information
911e38727a0SVitaly Buka // into FunctionSummary format.
9124666953cSVitaly Buka std::vector<FunctionSummary::ParamAccess> ParamAccesses;
9134666953cSVitaly Buka for (const auto &KV : getInfo().Info.Params) {
9144666953cSVitaly Buka auto &PS = KV.second;
915e38727a0SVitaly Buka // Parameter accessed by any or unknown offset, represented as FullSet by
916e38727a0SVitaly Buka // StackSafety, is handled as the parameter for which we have no
917e38727a0SVitaly Buka // StackSafety info at all. So drop it to reduce summary size.
9184666953cSVitaly Buka if (PS.Range.isFullSet())
9194666953cSVitaly Buka continue;
9204666953cSVitaly Buka
9214666953cSVitaly Buka ParamAccesses.emplace_back(KV.first, PS.Range);
9224666953cSVitaly Buka FunctionSummary::ParamAccess &Param = ParamAccesses.back();
9234666953cSVitaly Buka
9244666953cSVitaly Buka Param.Calls.reserve(PS.Calls.size());
925*601b3a13SKazu Hirata for (const auto &C : PS.Calls) {
926e38727a0SVitaly Buka // Parameter forwarded into another function by any or unknown offset
927e38727a0SVitaly Buka // will make ParamAccess::Range as FullSet anyway. So we can drop the
928e38727a0SVitaly Buka // entire parameter like we did above.
929e38727a0SVitaly Buka // TODO(vitalybuka): Return already filtered parameters from getInfo().
930798eb71cSVitaly Buka if (C.second.isFullSet()) {
9314666953cSVitaly Buka ParamAccesses.pop_back();
9324666953cSVitaly Buka break;
9334666953cSVitaly Buka }
934fc4fd898SVitaly Buka Param.Calls.emplace_back(C.first.ParamNo,
935fc4fd898SVitaly Buka Index.getOrInsertValueInfo(C.first.Callee),
936798eb71cSVitaly Buka C.second);
9373b348d91SVitaly Buka }
9383b348d91SVitaly Buka }
9393b348d91SVitaly Buka for (FunctionSummary::ParamAccess &Param : ParamAccesses) {
9403b348d91SVitaly Buka sort(Param.Calls, [](const FunctionSummary::ParamAccess::Call &L,
941798eb71cSVitaly Buka const FunctionSummary::ParamAccess::Call &R) {
942798eb71cSVitaly Buka return std::tie(L.ParamNo, L.Callee) < std::tie(R.ParamNo, R.Callee);
943798eb71cSVitaly Buka });
9444666953cSVitaly Buka }
9454666953cSVitaly Buka return ParamAccesses;
9464666953cSVitaly Buka }
9474666953cSVitaly Buka
9480e6628d3SVitaly Buka StackSafetyGlobalInfo::StackSafetyGlobalInfo() = default;
9490e6628d3SVitaly Buka
StackSafetyGlobalInfo(Module * M,std::function<const StackSafetyInfo & (Function & F)> GetSSI,const ModuleSummaryIndex * Index)9500e6628d3SVitaly Buka StackSafetyGlobalInfo::StackSafetyGlobalInfo(
9515b1c70a4SVitaly Buka Module *M, std::function<const StackSafetyInfo &(Function &F)> GetSSI,
9525b1c70a4SVitaly Buka const ModuleSummaryIndex *Index)
9535b1c70a4SVitaly Buka : M(M), GetSSI(GetSSI), Index(Index) {
954af6e0547SVitaly Buka if (StackSafetyRun)
955791c78f5SVitaly Buka getInfo();
956791c78f5SVitaly Buka }
9570e6628d3SVitaly Buka
9580e6628d3SVitaly Buka StackSafetyGlobalInfo::StackSafetyGlobalInfo(StackSafetyGlobalInfo &&) =
9590e6628d3SVitaly Buka default;
9600e6628d3SVitaly Buka
9610e6628d3SVitaly Buka StackSafetyGlobalInfo &
9620e6628d3SVitaly Buka StackSafetyGlobalInfo::operator=(StackSafetyGlobalInfo &&) = default;
9630e6628d3SVitaly Buka
9640e6628d3SVitaly Buka StackSafetyGlobalInfo::~StackSafetyGlobalInfo() = default;
9650e6628d3SVitaly Buka
isSafe(const AllocaInst & AI) const966232d348cSVitaly Buka bool StackSafetyGlobalInfo::isSafe(const AllocaInst &AI) const {
967232d348cSVitaly Buka const auto &Info = getInfo();
9683badd17bSBenjamin Kramer return Info.SafeAllocas.count(&AI);
96912cd4a51SVitaly Buka }
97012cd4a51SVitaly Buka
stackAccessIsSafe(const Instruction & I) const97136daf074SFlorian Mayer bool StackSafetyGlobalInfo::stackAccessIsSafe(const Instruction &I) const {
97257335b6eSFlorian Mayer const auto &Info = getInfo();
9736c06d8e3SFlorian Mayer return Info.UnsafeAccesses.find(&I) == Info.UnsafeAccesses.end();
97457335b6eSFlorian Mayer }
97557335b6eSFlorian Mayer
print(raw_ostream & O) const97612cd4a51SVitaly Buka void StackSafetyGlobalInfo::print(raw_ostream &O) const {
9770e6628d3SVitaly Buka auto &SSI = getInfo().Info;
9780e6628d3SVitaly Buka if (SSI.empty())
97912cd4a51SVitaly Buka return;
9800e6628d3SVitaly Buka const Module &M = *SSI.begin()->first->getParent();
981*601b3a13SKazu Hirata for (const auto &F : M.functions()) {
9829abb0e8dSVitaly Buka if (!F.isDeclaration()) {
9830e6628d3SVitaly Buka SSI.find(&F)->second.print(O, F.getName(), &F);
98457335b6eSFlorian Mayer O << " safe accesses:"
98557335b6eSFlorian Mayer << "\n";
98657335b6eSFlorian Mayer for (const auto &I : instructions(F)) {
98736daf074SFlorian Mayer const CallInst *Call = dyn_cast<CallInst>(&I);
98836daf074SFlorian Mayer if ((isa<StoreInst>(I) || isa<LoadInst>(I) || isa<MemIntrinsic>(I) ||
98936daf074SFlorian Mayer (Call && Call->hasByValArgument())) &&
99036daf074SFlorian Mayer stackAccessIsSafe(I)) {
99157335b6eSFlorian Mayer O << " " << I << "\n";
99257335b6eSFlorian Mayer }
99357335b6eSFlorian Mayer }
994d261d4cfSFlorian Mayer O << "\n";
99512cd4a51SVitaly Buka }
9969abb0e8dSVitaly Buka }
9979abb0e8dSVitaly Buka }
998fa98c074SVitaly Buka
dump() const99912cd4a51SVitaly Buka LLVM_DUMP_METHOD void StackSafetyGlobalInfo::dump() const { print(dbgs()); }
100012cd4a51SVitaly Buka
1001fa98c074SVitaly Buka AnalysisKey StackSafetyAnalysis::Key;
10024493fe1cSVitaly Buka
run(Function & F,FunctionAnalysisManager & AM)10034493fe1cSVitaly Buka StackSafetyInfo StackSafetyAnalysis::run(Function &F,
10044493fe1cSVitaly Buka FunctionAnalysisManager &AM) {
10050e6628d3SVitaly Buka return StackSafetyInfo(&F, [&AM, &F]() -> ScalarEvolution & {
10060e6628d3SVitaly Buka return AM.getResult<ScalarEvolutionAnalysis>(F);
10070e6628d3SVitaly Buka });
10084493fe1cSVitaly Buka }
10094493fe1cSVitaly Buka
run(Function & F,FunctionAnalysisManager & AM)10104493fe1cSVitaly Buka PreservedAnalyses StackSafetyPrinterPass::run(Function &F,
10114493fe1cSVitaly Buka FunctionAnalysisManager &AM) {
10124493fe1cSVitaly Buka OS << "'Stack Safety Local Analysis' for function '" << F.getName() << "'\n";
10130e6628d3SVitaly Buka AM.getResult<StackSafetyAnalysis>(F).print(OS);
10144493fe1cSVitaly Buka return PreservedAnalyses::all();
10154493fe1cSVitaly Buka }
10164493fe1cSVitaly Buka
10174493fe1cSVitaly Buka char StackSafetyInfoWrapperPass::ID = 0;
10184493fe1cSVitaly Buka
StackSafetyInfoWrapperPass()10194493fe1cSVitaly Buka StackSafetyInfoWrapperPass::StackSafetyInfoWrapperPass() : FunctionPass(ID) {
10204493fe1cSVitaly Buka initializeStackSafetyInfoWrapperPassPass(*PassRegistry::getPassRegistry());
10214493fe1cSVitaly Buka }
10224493fe1cSVitaly Buka
getAnalysisUsage(AnalysisUsage & AU) const10234493fe1cSVitaly Buka void StackSafetyInfoWrapperPass::getAnalysisUsage(AnalysisUsage &AU) const {
10240e6628d3SVitaly Buka AU.addRequiredTransitive<ScalarEvolutionWrapperPass>();
10254493fe1cSVitaly Buka AU.setPreservesAll();
10264493fe1cSVitaly Buka }
10274493fe1cSVitaly Buka
print(raw_ostream & O,const Module * M) const10284493fe1cSVitaly Buka void StackSafetyInfoWrapperPass::print(raw_ostream &O, const Module *M) const {
10290e6628d3SVitaly Buka SSI.print(O);
10304493fe1cSVitaly Buka }
10314493fe1cSVitaly Buka
runOnFunction(Function & F)1032fa98c074SVitaly Buka bool StackSafetyInfoWrapperPass::runOnFunction(Function &F) {
10330e6628d3SVitaly Buka auto *SE = &getAnalysis<ScalarEvolutionWrapperPass>().getSE();
10340e6628d3SVitaly Buka SSI = {&F, [SE]() -> ScalarEvolution & { return *SE; }};
1035fa98c074SVitaly Buka return false;
1036fa98c074SVitaly Buka }
10374493fe1cSVitaly Buka
1038b8e6fa66SVitaly Buka AnalysisKey StackSafetyGlobalAnalysis::Key;
1039b8e6fa66SVitaly Buka
1040b8e6fa66SVitaly Buka StackSafetyGlobalInfo
run(Module & M,ModuleAnalysisManager & AM)1041b8e6fa66SVitaly Buka StackSafetyGlobalAnalysis::run(Module &M, ModuleAnalysisManager &AM) {
10425b1c70a4SVitaly Buka // FIXME: Lookup Module Summary.
104342b05067SVitaly Buka FunctionAnalysisManager &FAM =
104442b05067SVitaly Buka AM.getResult<FunctionAnalysisManagerModuleProxy>(M).getManager();
10455b1c70a4SVitaly Buka return {&M,
10465b1c70a4SVitaly Buka [&FAM](Function &F) -> const StackSafetyInfo & {
10470e6628d3SVitaly Buka return FAM.getResult<StackSafetyAnalysis>(F);
10485b1c70a4SVitaly Buka },
10495b1c70a4SVitaly Buka nullptr};
1050b8e6fa66SVitaly Buka }
1051b8e6fa66SVitaly Buka
run(Module & M,ModuleAnalysisManager & AM)1052b8e6fa66SVitaly Buka PreservedAnalyses StackSafetyGlobalPrinterPass::run(Module &M,
1053b8e6fa66SVitaly Buka ModuleAnalysisManager &AM) {
1054b8e6fa66SVitaly Buka OS << "'Stack Safety Analysis' for module '" << M.getName() << "'\n";
105512cd4a51SVitaly Buka AM.getResult<StackSafetyGlobalAnalysis>(M).print(OS);
1056b8e6fa66SVitaly Buka return PreservedAnalyses::all();
1057b8e6fa66SVitaly Buka }
1058b8e6fa66SVitaly Buka
1059b8e6fa66SVitaly Buka char StackSafetyGlobalInfoWrapperPass::ID = 0;
1060b8e6fa66SVitaly Buka
StackSafetyGlobalInfoWrapperPass()10612f430f7aSVitaly Buka StackSafetyGlobalInfoWrapperPass::StackSafetyGlobalInfoWrapperPass()
10622f430f7aSVitaly Buka : ModulePass(ID) {
1063b8e6fa66SVitaly Buka initializeStackSafetyGlobalInfoWrapperPassPass(
1064b8e6fa66SVitaly Buka *PassRegistry::getPassRegistry());
1065b8e6fa66SVitaly Buka }
1066b8e6fa66SVitaly Buka
10670e6628d3SVitaly Buka StackSafetyGlobalInfoWrapperPass::~StackSafetyGlobalInfoWrapperPass() = default;
10680e6628d3SVitaly Buka
print(raw_ostream & O,const Module * M) const1069b8e6fa66SVitaly Buka void StackSafetyGlobalInfoWrapperPass::print(raw_ostream &O,
1070b8e6fa66SVitaly Buka const Module *M) const {
107112cd4a51SVitaly Buka SSGI.print(O);
1072b8e6fa66SVitaly Buka }
1073b8e6fa66SVitaly Buka
getAnalysisUsage(AnalysisUsage & AU) const1074b8e6fa66SVitaly Buka void StackSafetyGlobalInfoWrapperPass::getAnalysisUsage(
1075b8e6fa66SVitaly Buka AnalysisUsage &AU) const {
1076232d348cSVitaly Buka AU.setPreservesAll();
1077b8e6fa66SVitaly Buka AU.addRequired<StackSafetyInfoWrapperPass>();
1078b8e6fa66SVitaly Buka }
1079b8e6fa66SVitaly Buka
runOnModule(Module & M)108042b05067SVitaly Buka bool StackSafetyGlobalInfoWrapperPass::runOnModule(Module &M) {
10815b1c70a4SVitaly Buka const ModuleSummaryIndex *ImportSummary = nullptr;
10825b1c70a4SVitaly Buka if (auto *IndexWrapperPass =
10835b1c70a4SVitaly Buka getAnalysisIfAvailable<ImmutableModuleSummaryIndexWrapperPass>())
10845b1c70a4SVitaly Buka ImportSummary = IndexWrapperPass->getIndex();
10855b1c70a4SVitaly Buka
10865b1c70a4SVitaly Buka SSGI = {&M,
10875b1c70a4SVitaly Buka [this](Function &F) -> const StackSafetyInfo & {
10880e6628d3SVitaly Buka return getAnalysis<StackSafetyInfoWrapperPass>(F).getResult();
10895b1c70a4SVitaly Buka },
10905b1c70a4SVitaly Buka ImportSummary};
1091232d348cSVitaly Buka return false;
109242b05067SVitaly Buka }
1093b8e6fa66SVitaly Buka
needsParamAccessSummary(const Module & M)10944666953cSVitaly Buka bool llvm::needsParamAccessSummary(const Module &M) {
10955b1c70a4SVitaly Buka if (StackSafetyRun)
10965b1c70a4SVitaly Buka return true;
1097*601b3a13SKazu Hirata for (const auto &F : M.functions())
10984666953cSVitaly Buka if (F.hasFnAttribute(Attribute::SanitizeMemTag))
10994666953cSVitaly Buka return true;
11004666953cSVitaly Buka return false;
11014666953cSVitaly Buka }
11024666953cSVitaly Buka
generateParamAccessSummary(ModuleSummaryIndex & Index)1103c1e47b47SVitaly Buka void llvm::generateParamAccessSummary(ModuleSummaryIndex &Index) {
11045c6d9b2bSVitaly Buka if (!Index.hasParamAccess())
11055c6d9b2bSVitaly Buka return;
1106c1e47b47SVitaly Buka const ConstantRange FullSet(FunctionSummary::ParamAccess::RangeWidth, true);
11077d499603SVitaly Buka
1108648228bcSVitaly Buka auto CountParamAccesses = [&](auto &Stat) {
11097d499603SVitaly Buka if (!AreStatisticsEnabled())
11107d499603SVitaly Buka return;
11117d499603SVitaly Buka for (auto &GVS : Index)
11127d499603SVitaly Buka for (auto &GV : GVS.second.SummaryList)
11137d499603SVitaly Buka if (FunctionSummary *FS = dyn_cast<FunctionSummary>(GV.get()))
1114648228bcSVitaly Buka Stat += FS->paramAccesses().size();
11157d499603SVitaly Buka };
11167d499603SVitaly Buka
11177d499603SVitaly Buka CountParamAccesses(NumCombinedParamAccessesBefore);
11187d499603SVitaly Buka
1119c1e47b47SVitaly Buka std::map<const FunctionSummary *, FunctionInfo<FunctionSummary>> Functions;
1120c1e47b47SVitaly Buka
1121c1e47b47SVitaly Buka // Convert the ModuleSummaryIndex to a FunctionMap
1122c1e47b47SVitaly Buka for (auto &GVS : Index) {
1123c1e47b47SVitaly Buka for (auto &GV : GVS.second.SummaryList) {
1124c1e47b47SVitaly Buka FunctionSummary *FS = dyn_cast<FunctionSummary>(GV.get());
112508cf4965SVitaly Buka if (!FS || FS->paramAccesses().empty())
1126c1e47b47SVitaly Buka continue;
1127c1e47b47SVitaly Buka if (FS->isLive() && FS->isDSOLocal()) {
1128c1e47b47SVitaly Buka FunctionInfo<FunctionSummary> FI;
1129*601b3a13SKazu Hirata for (const auto &PS : FS->paramAccesses()) {
1130c1e47b47SVitaly Buka auto &US =
1131c1e47b47SVitaly Buka FI.Params
1132c1e47b47SVitaly Buka .emplace(PS.ParamNo, FunctionSummary::ParamAccess::RangeWidth)
1133c1e47b47SVitaly Buka .first->second;
1134c1e47b47SVitaly Buka US.Range = PS.Use;
1135*601b3a13SKazu Hirata for (const auto &Call : PS.Calls) {
1136c1e47b47SVitaly Buka assert(!Call.Offsets.isFullSet());
113747552a61SVitaly Buka FunctionSummary *S =
113847552a61SVitaly Buka findCalleeFunctionSummary(Call.Callee, FS->modulePath());
113958b95c9bSVitaly Buka ++NumCombinedCalleeLookupTotal;
1140c1e47b47SVitaly Buka if (!S) {
114158b95c9bSVitaly Buka ++NumCombinedCalleeLookupFailed;
1142c1e47b47SVitaly Buka US.Range = FullSet;
1143c1e47b47SVitaly Buka US.Calls.clear();
1144c1e47b47SVitaly Buka break;
1145c1e47b47SVitaly Buka }
1146798eb71cSVitaly Buka US.Calls.emplace(CallInfo<FunctionSummary>(S, Call.ParamNo),
1147798eb71cSVitaly Buka Call.Offsets);
1148c1e47b47SVitaly Buka }
1149c1e47b47SVitaly Buka }
1150c1e47b47SVitaly Buka Functions.emplace(FS, std::move(FI));
1151c1e47b47SVitaly Buka }
1152c1e47b47SVitaly Buka // Reset data for all summaries. Alive and DSO local will be set back from
1153c1e47b47SVitaly Buka // of data flow results below. Anything else will not be accessed
1154c1e47b47SVitaly Buka // by ThinLTO backend, so we can save on bitcode size.
1155c1e47b47SVitaly Buka FS->setParamAccesses({});
1156c1e47b47SVitaly Buka }
1157c1e47b47SVitaly Buka }
11588d91ce8fSVitaly Buka NumCombinedDataFlowNodes += Functions.size();
1159c1e47b47SVitaly Buka StackSafetyDataFlowAnalysis<FunctionSummary> SSDFA(
1160c1e47b47SVitaly Buka FunctionSummary::ParamAccess::RangeWidth, std::move(Functions));
1161*601b3a13SKazu Hirata for (const auto &KV : SSDFA.run()) {
1162c1e47b47SVitaly Buka std::vector<FunctionSummary::ParamAccess> NewParams;
1163c1e47b47SVitaly Buka NewParams.reserve(KV.second.Params.size());
1164*601b3a13SKazu Hirata for (const auto &Param : KV.second.Params) {
11653a34228bSVitaly Buka // It's not needed as FullSet is processed the same as a missing value.
11663a34228bSVitaly Buka if (Param.second.Range.isFullSet())
11673a34228bSVitaly Buka continue;
1168c1e47b47SVitaly Buka NewParams.emplace_back();
1169c1e47b47SVitaly Buka FunctionSummary::ParamAccess &New = NewParams.back();
1170339e49e2SMehdi Amini New.ParamNo = Param.first;
1171339e49e2SMehdi Amini New.Use = Param.second.Range; // Only range is needed.
1172c1e47b47SVitaly Buka }
1173c1e47b47SVitaly Buka const_cast<FunctionSummary *>(KV.first)->setParamAccesses(
1174c1e47b47SVitaly Buka std::move(NewParams));
1175c1e47b47SVitaly Buka }
11767d499603SVitaly Buka
11777d499603SVitaly Buka CountParamAccesses(NumCombinedParamAccessesAfter);
1178c1e47b47SVitaly Buka }
1179c1e47b47SVitaly Buka
11804493fe1cSVitaly Buka static const char LocalPassArg[] = "stack-safety-local";
11814493fe1cSVitaly Buka static const char LocalPassName[] = "Stack Safety Local Analysis";
11824493fe1cSVitaly Buka INITIALIZE_PASS_BEGIN(StackSafetyInfoWrapperPass, LocalPassArg, LocalPassName,
11834493fe1cSVitaly Buka false, true)
11844493fe1cSVitaly Buka INITIALIZE_PASS_DEPENDENCY(ScalarEvolutionWrapperPass)
11854493fe1cSVitaly Buka INITIALIZE_PASS_END(StackSafetyInfoWrapperPass, LocalPassArg, LocalPassName,
11864493fe1cSVitaly Buka false, true)
1187b8e6fa66SVitaly Buka
1188b8e6fa66SVitaly Buka static const char GlobalPassName[] = "Stack Safety Analysis";
1189b8e6fa66SVitaly Buka INITIALIZE_PASS_BEGIN(StackSafetyGlobalInfoWrapperPass, DEBUG_TYPE,
1190232d348cSVitaly Buka GlobalPassName, false, true)
1191b8e6fa66SVitaly Buka INITIALIZE_PASS_DEPENDENCY(StackSafetyInfoWrapperPass)
11925b1c70a4SVitaly Buka INITIALIZE_PASS_DEPENDENCY(ImmutableModuleSummaryIndexWrapperPass)
1193b8e6fa66SVitaly Buka INITIALIZE_PASS_END(StackSafetyGlobalInfoWrapperPass, DEBUG_TYPE,
1194232d348cSVitaly Buka GlobalPassName, false, true)
1195