| Index: lib/Analysis/NaCl/PNaClABIVerifyFunctions.cpp
|
| diff --git a/lib/Analysis/NaCl/PNaClABIVerifyFunctions.cpp b/lib/Analysis/NaCl/PNaClABIVerifyFunctions.cpp
|
| new file mode 100644
|
| index 0000000000000000000000000000000000000000..cd4d87e0703dc4cde28875af6926c02d33133303
|
| --- /dev/null
|
| +++ b/lib/Analysis/NaCl/PNaClABIVerifyFunctions.cpp
|
| @@ -0,0 +1,629 @@
|
| +//===- PNaClABIVerifyFunctions.cpp - Verify PNaCl ABI rules ---------------===//
|
| +//
|
| +// The LLVM Compiler Infrastructure
|
| +//
|
| +// This file is distributed under the University of Illinois Open Source
|
| +// License. See LICENSE.TXT for details.
|
| +//
|
| +//===----------------------------------------------------------------------===//
|
| +//
|
| +// Verify function-level PNaCl ABI requirements.
|
| +//
|
| +//
|
| +//===----------------------------------------------------------------------===//
|
| +
|
| +#include "llvm/Analysis/NaCl/PNaClABIVerifyFunctions.h"
|
| +#include "llvm/ADT/Twine.h"
|
| +#include "llvm/Analysis/NaCl.h"
|
| +#include "llvm/Analysis/NaCl/PNaClABITypeChecker.h"
|
| +#include "llvm/IR/Function.h"
|
| +#include "llvm/IR/Instructions.h"
|
| +#include "llvm/IR/IntrinsicInst.h"
|
| +#include "llvm/IR/LLVMContext.h"
|
| +#include "llvm/IR/Metadata.h"
|
| +#include "llvm/IR/Operator.h"
|
| +#include "llvm/Support/raw_ostream.h"
|
| +
|
| +using namespace llvm;
|
| +
|
| +// There's no built-in way to get the name of an MDNode, so use a
|
| +// string ostream to print it.
|
| +static std::string getMDNodeString(unsigned Kind,
|
| + const SmallVectorImpl<StringRef> &MDNames) {
|
| + std::string MDName;
|
| + raw_string_ostream N(MDName);
|
| + if (Kind < MDNames.size()) {
|
| + N << "!" << MDNames[Kind];
|
| + } else {
|
| + N << "!<unknown kind #" << Kind << ">";
|
| + }
|
| + return N.str();
|
| +}
|
| +
|
| +PNaClABIVerifyFunctions::~PNaClABIVerifyFunctions() {
|
| + if (ReporterIsOwned)
|
| + delete Reporter;
|
| +}
|
| +
|
| +// A valid pointer type is either:
|
| +// * a pointer to a valid PNaCl scalar type (except i1), or
|
| +// * a pointer to a valid PNaCl vector type (except i1), or
|
| +// * a function pointer (with valid argument and return types).
|
| +//
|
| +// i1 is disallowed so that all loads and stores are a whole number of
|
| +// bytes, and so that we do not need to define whether a store of i1
|
| +// zero-extends.
|
| +static bool isValidPointerType(Type *Ty) {
|
| + if (PointerType *PtrTy = dyn_cast<PointerType>(Ty)) {
|
| + if (PtrTy->getAddressSpace() != 0)
|
| + return false;
|
| + Type *EltTy = PtrTy->getElementType();
|
| + if (PNaClABITypeChecker::isValidScalarType(EltTy) && !EltTy->isIntegerTy(1))
|
| + return true;
|
| + if (PNaClABITypeChecker::isValidVectorType(EltTy) &&
|
| + !cast<VectorType>(EltTy)->getElementType()->isIntegerTy(1))
|
| + return true;
|
| + if (FunctionType *FTy = dyn_cast<FunctionType>(EltTy))
|
| + return PNaClABITypeChecker::isValidFunctionType(FTy);
|
| + }
|
| + return false;
|
| +}
|
| +
|
| +static bool isIntrinsicFunc(const Value *Val) {
|
| + if (const Function *F = dyn_cast<Function>(Val))
|
| + return F->isIntrinsic();
|
| + return false;
|
| +}
|
| +
|
| +// InherentPtrs may be referenced by casts -- PtrToIntInst and
|
| +// BitCastInst -- that produce NormalizedPtrs.
|
| +//
|
| +// InherentPtrs exclude intrinsic functions in order to prevent taking
|
| +// the address of an intrinsic function. InherentPtrs include
|
| +// intrinsic calls because some intrinsics return pointer types
|
| +// (e.g. nacl.read.tp returns i8*).
|
| +static bool isInherentPtr(const Value *Val) {
|
| + return isa<AllocaInst>(Val) ||
|
| + (isa<GlobalValue>(Val) && !isIntrinsicFunc(Val)) ||
|
| + isa<IntrinsicInst>(Val);
|
| +}
|
| +
|
| +// NormalizedPtrs may be used where pointer types are required -- for
|
| +// loads, stores, etc. Note that this excludes ConstantExprs,
|
| +// ConstantPointerNull and UndefValue.
|
| +static bool isNormalizedPtr(const Value *Val) {
|
| + if (!isValidPointerType(Val->getType()))
|
| + return false;
|
| + // The bitcast must also be a bitcast of an InherentPtr, but we
|
| + // check that when visiting the bitcast instruction.
|
| + return isa<IntToPtrInst>(Val) || isa<BitCastInst>(Val) || isInherentPtr(Val);
|
| +}
|
| +
|
| +static bool isValidScalarOperand(const Value *Val) {
|
| + // The types of Instructions and Arguments are checked elsewhere
|
| + // (when visiting the Instruction or the Function). BasicBlocks are
|
| + // included here because branch instructions have BasicBlock
|
| + // operands.
|
| + if (isa<Instruction>(Val) || isa<Argument>(Val) || isa<BasicBlock>(Val))
|
| + return true;
|
| +
|
| + // Allow some Constants. Note that this excludes ConstantExprs.
|
| + return PNaClABITypeChecker::isValidScalarType(Val->getType()) &&
|
| + (isa<ConstantInt>(Val) ||
|
| + isa<ConstantFP>(Val) ||
|
| + isa<UndefValue>(Val));
|
| +}
|
| +
|
| +static bool isValidVectorOperand(const Value *Val) {
|
| + // The types of Instructions and Arguments are checked elsewhere.
|
| + if (isa<Instruction>(Val) || isa<Argument>(Val))
|
| + return true;
|
| + // Contrary to scalars, constant vector values aren't allowed on
|
| + // instructions, except undefined. Constant vectors are loaded from
|
| + // constant global memory instead, and can be rematerialized as
|
| + // constants by the backend if need be.
|
| + return PNaClABITypeChecker::isValidVectorType(Val->getType()) &&
|
| + isa<UndefValue>(Val);
|
| +}
|
| +
|
| +static bool hasAllowedAtomicRMWOperation(
|
| + const NaCl::AtomicIntrinsics::AtomicIntrinsic *I, const CallInst *Call) {
|
| + for (size_t P = 0; P != I->NumParams; ++P) {
|
| + if (I->ParamType[P] != NaCl::AtomicIntrinsics::RMW)
|
| + continue;
|
| +
|
| + const Value *Operation = Call->getOperand(P);
|
| + if (!Operation)
|
| + return false;
|
| + const Constant *C = dyn_cast<Constant>(Operation);
|
| + if (!C)
|
| + return false;
|
| + const APInt &I = C->getUniqueInteger();
|
| + if (I.ule(NaCl::AtomicInvalid) || I.uge(NaCl::AtomicNum))
|
| + return false;
|
| + }
|
| + return true;
|
| +}
|
| +
|
| +static bool
|
| +hasAllowedAtomicMemoryOrder(const NaCl::AtomicIntrinsics::AtomicIntrinsic *I,
|
| + const CallInst *Call) {
|
| + NaCl::MemoryOrder PreviousOrder = NaCl::MemoryOrderInvalid;
|
| +
|
| + for (size_t P = 0; P != I->NumParams; ++P) {
|
| + if (I->ParamType[P] != NaCl::AtomicIntrinsics::Mem)
|
| + continue;
|
| +
|
| + NaCl::MemoryOrder Order = NaCl::MemoryOrderInvalid;
|
| + if (const Value *MemoryOrderOperand = Call->getOperand(P))
|
| + if (const Constant *C = dyn_cast<Constant>(MemoryOrderOperand)) {
|
| + const APInt &I = C->getUniqueInteger();
|
| + if (I.ugt(NaCl::MemoryOrderInvalid) && I.ult(NaCl::MemoryOrderNum))
|
| + Order = static_cast<NaCl::MemoryOrder>(I.getLimitedValue());
|
| + }
|
| + if (Order == NaCl::MemoryOrderInvalid)
|
| + return false;
|
| +
|
| + // Validate PNaCl restrictions.
|
| + switch (Order) {
|
| + case NaCl::MemoryOrderInvalid:
|
| + case NaCl::MemoryOrderNum:
|
| + llvm_unreachable("Invalid memory order");
|
| + case NaCl::MemoryOrderRelaxed:
|
| + case NaCl::MemoryOrderConsume:
|
| + // TODO(jfb) PNaCl doesn't allow relaxed or consume memory ordering.
|
| + return false;
|
| + case NaCl::MemoryOrderAcquire:
|
| + case NaCl::MemoryOrderRelease:
|
| + case NaCl::MemoryOrderAcquireRelease:
|
| + case NaCl::MemoryOrderSequentiallyConsistent:
|
| + break; // Allowed by PNaCl.
|
| + }
|
| +
|
| + // Validate conformance to the C++11 memory model.
|
| + switch (I->ID) {
|
| + default:
|
| + llvm_unreachable("unexpected atomic operation");
|
| + case Intrinsic::nacl_atomic_load:
|
| + // C++11 [atomics.types.operations.req]: The order argument shall not be
|
| + // release nor acq_rel.
|
| + if (Order == NaCl::MemoryOrderRelease ||
|
| + Order == NaCl::MemoryOrderAcquireRelease)
|
| + return false;
|
| + break;
|
| + case Intrinsic::nacl_atomic_store:
|
| + // C++11 [atomics.types.operations.req]: The order argument shall not be
|
| + // consume, acquire, nor acq_rel.
|
| + if (Order == NaCl::MemoryOrderConsume ||
|
| + Order == NaCl::MemoryOrderAcquire ||
|
| + Order == NaCl::MemoryOrderAcquireRelease)
|
| + return false;
|
| + break;
|
| + case Intrinsic::nacl_atomic_rmw:
|
| + break; // No restriction.
|
| + case Intrinsic::nacl_atomic_cmpxchg:
|
| + // C++11 [atomics.types.operations.req]: The failure argument shall not be
|
| + // release nor acq_rel. The failure argument shall be no stronger than the
|
| + // success argument.
|
| + // Where the partial ordering is:
|
| + // relaxed < consume < acquire < acq_rel < seq_cst
|
| + // relaxed < release < acq_rel < seq_cst
|
| + if (PreviousOrder != NaCl::MemoryOrderInvalid) { // Failure ordering.
|
| + NaCl::MemoryOrder Success = PreviousOrder, Failure = Order;
|
| + if (Failure == NaCl::MemoryOrderRelease ||
|
| + Failure == NaCl::MemoryOrderAcquireRelease)
|
| + return false;
|
| + if ((Success < Failure) || (Success == NaCl::MemoryOrderRelease &&
|
| + Failure != NaCl::MemoryOrderRelaxed))
|
| + return false;
|
| + }
|
| + break; // Success ordering has no restriction.
|
| + case Intrinsic::nacl_atomic_fence:
|
| + case Intrinsic::nacl_atomic_fence_all:
|
| + break; // No restrictions.
|
| + }
|
| +
|
| + PreviousOrder = Order;
|
| + }
|
| +
|
| + return true;
|
| +}
|
| +
|
| +static bool hasAllowedLockFreeByteSize(const CallInst *Call) {
|
| + if (!Call->getType()->isIntegerTy())
|
| + return false;
|
| + const Value *Operation = Call->getOperand(0);
|
| + if (!Operation)
|
| + return false;
|
| + const Constant *C = dyn_cast<Constant>(Operation);
|
| + if (!C)
|
| + return false;
|
| + const APInt &I = C->getUniqueInteger();
|
| + // PNaCl currently only supports atomics of byte size {1,2,4,8} (which
|
| + // may or may not be lock-free). These values coincide with
|
| + // C11/C++11's supported atomic types.
|
| + if (I == 1 || I == 2 || I == 4 || I == 8)
|
| + return true;
|
| + return false;
|
| +}
|
| +
|
| +// Check the instruction's opcode and its operands. The operands may
|
| +// require opcode-specific checking.
|
| +//
|
| +// This returns an error string if the instruction is rejected, or
|
| +// NULL if the instruction is allowed.
|
| +const char *PNaClABIVerifyFunctions::checkInstruction(const DataLayout *DL,
|
| + const Instruction *Inst) {
|
| + // If the instruction has a single pointer operand, PtrOperandIndex is
|
| + // set to its operand index.
|
| + unsigned PtrOperandIndex = -1;
|
| +
|
| + // True if we should apply the default operand checks, at the end
|
| + // of this function.
|
| + bool ApplyDefaultOperandTypeChecks = true;
|
| +
|
| + switch (Inst->getOpcode()) {
|
| + // Disallowed instructions. Default is to disallow.
|
| + // We expand GetElementPtr out into arithmetic.
|
| + case Instruction::GetElementPtr:
|
| + // VAArg is expanded out by ExpandVarArgs.
|
| + case Instruction::VAArg:
|
| + // Zero-cost C++ exception handling is not supported yet.
|
| + case Instruction::Invoke:
|
| + case Instruction::LandingPad:
|
| + case Instruction::Resume:
|
| + // indirectbr may interfere with streaming
|
| + case Instruction::IndirectBr:
|
| + // TODO(jfb) Figure out ShuffleVector.
|
| + case Instruction::ShuffleVector:
|
| + // ExtractValue and InsertValue operate on struct values.
|
| + case Instruction::ExtractValue:
|
| + case Instruction::InsertValue:
|
| + // Atomics should become NaCl intrinsics.
|
| + case Instruction::AtomicCmpXchg:
|
| + case Instruction::AtomicRMW:
|
| + case Instruction::Fence:
|
| + return "bad instruction opcode";
|
| + default:
|
| + return "unknown instruction opcode";
|
| +
|
| + // Terminator instructions
|
| + case Instruction::Ret:
|
| + case Instruction::Br:
|
| + case Instruction::Unreachable:
|
| + // Binary operations
|
| + case Instruction::FAdd:
|
| + case Instruction::FSub:
|
| + case Instruction::FMul:
|
| + case Instruction::FDiv:
|
| + case Instruction::FRem:
|
| + // Bitwise binary operations
|
| + case Instruction::And:
|
| + case Instruction::Or:
|
| + case Instruction::Xor:
|
| + // Conversion operations
|
| + case Instruction::Trunc:
|
| + case Instruction::ZExt:
|
| + case Instruction::SExt:
|
| + case Instruction::FPTrunc:
|
| + case Instruction::FPExt:
|
| + case Instruction::FPToUI:
|
| + case Instruction::FPToSI:
|
| + case Instruction::UIToFP:
|
| + case Instruction::SIToFP:
|
| + // Other operations
|
| + case Instruction::FCmp:
|
| + case Instruction::PHI:
|
| + case Instruction::Select:
|
| + break;
|
| +
|
| + // The following operations are of dubious usefulness on 1-bit
|
| + // values. Use of the i1 type is disallowed here so that code
|
| + // generators do not need to support these corner cases.
|
| + case Instruction::ICmp:
|
| + // Binary operations
|
| + case Instruction::Add:
|
| + case Instruction::Sub:
|
| + case Instruction::Mul:
|
| + case Instruction::UDiv:
|
| + case Instruction::SDiv:
|
| + case Instruction::URem:
|
| + case Instruction::SRem:
|
| + case Instruction::Shl:
|
| + case Instruction::LShr:
|
| + case Instruction::AShr: {
|
| + const Type *Ty = Inst->getOperand(0)->getType();
|
| + if (!PNaClABITypeChecker::isValidIntArithmeticType(
|
| + Inst->getOperand(0)->getType())) {
|
| + if (Ty->isIntegerTy() ||
|
| + (Ty->isVectorTy() && Ty->getVectorElementType()->isIntegerTy())) {
|
| + return "Invalid integer arithmetic type";
|
| + } else {
|
| + return "Expects integer arithmetic type";
|
| + }
|
| + }
|
| + ApplyDefaultOperandTypeChecks = false;
|
| + break;
|
| + }
|
| +
|
| + // Vector.
|
| + case Instruction::ExtractElement:
|
| + case Instruction::InsertElement: {
|
| + // Insert and extract element are restricted to constant indices
|
| + // that are in range to prevent undefined behavior.
|
| + // TODO(kschimpf) Figure out way to put test into pnacl-bcdis?
|
| + Value *Vec = Inst->getOperand(0);
|
| + Value *Idx = Inst->getOperand(
|
| + Instruction::InsertElement == Inst->getOpcode() ? 2 : 1);
|
| + if (!isa<ConstantInt>(Idx))
|
| + return "non-constant vector insert/extract index";
|
| + if (!PNaClABIProps::isVectorIndexSafe(
|
| + cast<ConstantInt>(Idx)->getValue(),
|
| + cast<VectorType>(Vec->getType())->getNumElements())) {
|
| + return "out of range vector insert/extract index";
|
| + }
|
| + break;
|
| + }
|
| +
|
| + // Memory accesses.
|
| + case Instruction::Load: {
|
| + const LoadInst *Load = cast<LoadInst>(Inst);
|
| + PtrOperandIndex = Load->getPointerOperandIndex();
|
| + if (Load->isAtomic())
|
| + return "atomic load";
|
| + if (Load->isVolatile())
|
| + return "volatile load";
|
| + if (!isNormalizedPtr(Inst->getOperand(PtrOperandIndex)))
|
| + return "bad pointer";
|
| + if (!PNaClABIProps::
|
| + isAllowedAlignment(DL, Load->getAlignment(), Load->getType()))
|
| + return "bad alignment";
|
| + break;
|
| + }
|
| + case Instruction::Store: {
|
| + const StoreInst *Store = cast<StoreInst>(Inst);
|
| + PtrOperandIndex = Store->getPointerOperandIndex();
|
| + if (Store->isAtomic())
|
| + return "atomic store";
|
| + if (Store->isVolatile())
|
| + return "volatile store";
|
| + if (!isNormalizedPtr(Inst->getOperand(PtrOperandIndex)))
|
| + return "bad pointer";
|
| + if (!PNaClABIProps::
|
| + isAllowedAlignment(DL, Store->getAlignment(),
|
| + Store->getValueOperand()->getType()))
|
| + return "bad alignment";
|
| + break;
|
| + }
|
| +
|
| + // Casts.
|
| + case Instruction::BitCast:
|
| + if (Inst->getType()->isPointerTy()) {
|
| + PtrOperandIndex = 0;
|
| + if (!isInherentPtr(Inst->getOperand(PtrOperandIndex)))
|
| + return "operand not InherentPtr";
|
| + }
|
| + break;
|
| + case Instruction::IntToPtr:
|
| + if (!cast<IntToPtrInst>(Inst)->getSrcTy()->isIntegerTy(32))
|
| + return "non-i32 inttoptr";
|
| + break;
|
| + case Instruction::PtrToInt:
|
| + PtrOperandIndex = 0;
|
| + if (!isInherentPtr(Inst->getOperand(PtrOperandIndex)))
|
| + return "operand not InherentPtr";
|
| + if (!Inst->getType()->isIntegerTy(32))
|
| + return "non-i32 ptrtoint";
|
| + break;
|
| +
|
| + case Instruction::Alloca: {
|
| + const AllocaInst *Alloca = cast<AllocaInst>(Inst);
|
| + if (!PNaClABIProps::isAllocaAllocatedType(Alloca->getAllocatedType()))
|
| + return "non-i8 alloca";
|
| + if (!PNaClABIProps::isAllocaSizeType(Alloca->getArraySize()->getType()))
|
| + return PNaClABIProps::ExpectedAllocaSizeType();
|
| + break;
|
| + }
|
| +
|
| + case Instruction::Call: {
|
| + const CallInst *Call = cast<CallInst>(Inst);
|
| + if (Call->isInlineAsm())
|
| + return "inline assembly";
|
| + if (!Call->getAttributes().isEmpty())
|
| + return "bad call attributes";
|
| + if (!PNaClABIProps::isValidCallingConv(Call->getCallingConv()))
|
| + return "bad calling convention";
|
| +
|
| + // Intrinsic calls can have multiple pointer arguments and
|
| + // metadata arguments, so handle them specially.
|
| + // TODO(kschimpf) How can we lift this to pnacl-bcdis.
|
| + if (const IntrinsicInst *Call = dyn_cast<IntrinsicInst>(Inst)) {
|
| + for (unsigned ArgNum = 0, E = Call->getNumArgOperands();
|
| + ArgNum < E; ++ArgNum) {
|
| + const Value *Arg = Call->getArgOperand(ArgNum);
|
| + if (!(isValidScalarOperand(Arg) ||
|
| + isValidVectorOperand(Arg) ||
|
| + isNormalizedPtr(Arg) ||
|
| + isa<MDNode>(Arg)))
|
| + return "bad intrinsic operand";
|
| + }
|
| +
|
| + // Disallow alignments other than 1 on memcpy() etc., for the
|
| + // same reason that we disallow them on integer loads and
|
| + // stores.
|
| + if (const MemIntrinsic *MemOp = dyn_cast<MemIntrinsic>(Call)) {
|
| + // Avoid the getAlignment() method here because it aborts if
|
| + // the alignment argument is not a Constant.
|
| + Value *AlignArg = MemOp->getArgOperand(3);
|
| + if (!isa<ConstantInt>(AlignArg) ||
|
| + cast<ConstantInt>(AlignArg)->getZExtValue() != 1) {
|
| + return "bad alignment";
|
| + }
|
| + }
|
| +
|
| + switch (Call->getIntrinsicID()) {
|
| + default: break; // Other intrinsics don't require checks.
|
| + // Disallow NaCl atomic intrinsics which don't have valid
|
| + // constant NaCl::AtomicOperation and NaCl::MemoryOrder
|
| + // parameters.
|
| + case Intrinsic::nacl_atomic_load:
|
| + case Intrinsic::nacl_atomic_store:
|
| + case Intrinsic::nacl_atomic_rmw:
|
| + case Intrinsic::nacl_atomic_cmpxchg:
|
| + case Intrinsic::nacl_atomic_fence:
|
| + case Intrinsic::nacl_atomic_fence_all: {
|
| + // All overloads have memory order and RMW operation in the
|
| + // same parameter, arbitrarily use the I32 overload.
|
| + Type *T = Type::getInt32Ty(
|
| + Inst->getParent()->getParent()->getContext());
|
| + const NaCl::AtomicIntrinsics::AtomicIntrinsic *I =
|
| + AtomicIntrinsics->find(Call->getIntrinsicID(), T);
|
| + if (!I)
|
| + // All intrinsics have an I32 overload. Failure here means there
|
| + // is no such intrinsic.
|
| + return "invalid atomic intrinsic";
|
| + if (!hasAllowedAtomicMemoryOrder(I, Call))
|
| + return "invalid memory order";
|
| + if (!hasAllowedAtomicRMWOperation(I, Call))
|
| + return "invalid atomicRMW operation";
|
| + } break;
|
| + // Disallow NaCl atomic_is_lock_free intrinsics which don't
|
| + // have valid constant size type.
|
| + case Intrinsic::nacl_atomic_is_lock_free:
|
| + if (!hasAllowedLockFreeByteSize(Call))
|
| + return "invalid atomic lock-free byte size";
|
| + break;
|
| + }
|
| +
|
| + // Allow the instruction and skip the later checks.
|
| + return NULL;
|
| + }
|
| +
|
| + // The callee is the last operand.
|
| + PtrOperandIndex = Inst->getNumOperands() - 1;
|
| + if (!isNormalizedPtr(Inst->getOperand(PtrOperandIndex)))
|
| + return "bad function callee operand";
|
| + break;
|
| + }
|
| +
|
| + case Instruction::Switch: {
|
| + // SwitchInst represents switch cases using array and vector
|
| + // constants, which we normally reject, so we must check
|
| + // SwitchInst specially here.
|
| + const SwitchInst *Switch = cast<SwitchInst>(Inst);
|
| + if (!isValidScalarOperand(Switch->getCondition()))
|
| + return "bad switch condition";
|
| + const Type *SwitchType = Switch->getCondition()->getType();
|
| + if (!PNaClABITypeChecker::isValidSwitchConditionType(SwitchType))
|
| + return PNaClABITypeChecker::ExpectedSwitchConditionType(SwitchType);
|
| +
|
| + // SwitchInst requires the cases to be ConstantInts, but it
|
| + // doesn't require their types to be the same as the condition
|
| + // value, so check all the cases too.
|
| + for (SwitchInst::ConstCaseIt Case = Switch->case_begin(),
|
| + E = Switch->case_end(); Case != E; ++Case) {
|
| + if (!isValidScalarOperand(Case.getCaseValue()))
|
| + return "bad switch case";
|
| + }
|
| +
|
| + // Allow the instruction and skip the later checks.
|
| + return NULL;
|
| + }
|
| + }
|
| +
|
| + if (ApplyDefaultOperandTypeChecks) {
|
| + // Check the instruction's operands. We have already checked any
|
| + // pointer operands. Any remaining operands must be scalars or vectors.
|
| + for (unsigned OpNum = 0, E = Inst->getNumOperands(); OpNum < E; ++OpNum) {
|
| + if (OpNum != PtrOperandIndex &&
|
| + !(isValidScalarOperand(Inst->getOperand(OpNum)) ||
|
| + isValidVectorOperand(Inst->getOperand(OpNum))))
|
| + return "bad operand";
|
| + }
|
| + }
|
| +
|
| + // Check arithmetic attributes.
|
| + if (const OverflowingBinaryOperator *Op =
|
| + dyn_cast<OverflowingBinaryOperator>(Inst)) {
|
| + if (Op->hasNoUnsignedWrap())
|
| + return "has \"nuw\" attribute";
|
| + if (Op->hasNoSignedWrap())
|
| + return "has \"nsw\" attribute";
|
| + }
|
| + if (const PossiblyExactOperator *Op =
|
| + dyn_cast<PossiblyExactOperator>(Inst)) {
|
| + if (Op->isExact())
|
| + return "has \"exact\" attribute";
|
| + }
|
| +
|
| + // Allow the instruction.
|
| + return NULL;
|
| +}
|
| +
|
| +bool PNaClABIVerifyFunctions::runOnFunction(Function &F) {
|
| + const DataLayout *DL = &getAnalysis<DataLayoutPass>().getDataLayout();
|
| + SmallVector<StringRef, 8> MDNames;
|
| + F.getContext().getMDKindNames(MDNames);
|
| +
|
| + for (Function::const_iterator FI = F.begin(), FE = F.end();
|
| + FI != FE; ++FI) {
|
| + for (BasicBlock::const_iterator BBI = FI->begin(), BBE = FI->end();
|
| + BBI != BBE; ++BBI) {
|
| + const Instruction *Inst = BBI;
|
| + // Check the instruction opcode first. This simplifies testing,
|
| + // because some instruction opcodes must be rejected out of hand
|
| + // (regardless of the instruction's result type) and the tests
|
| + // check the reason for rejection.
|
| + const char *Error = checkInstruction(DL, BBI);
|
| + // Check the instruction's result type.
|
| + bool BadResult = false;
|
| + if (!Error && !(PNaClABITypeChecker::isValidScalarType(Inst->getType()) ||
|
| + PNaClABITypeChecker::isValidVectorType(Inst->getType()) ||
|
| + isNormalizedPtr(Inst) ||
|
| + isa<AllocaInst>(Inst))) {
|
| + Error = "bad result type";
|
| + BadResult = true;
|
| + }
|
| + if (Error) {
|
| + Reporter->addError()
|
| + << "Function " << F.getName() << " disallowed: " << Error << ": "
|
| + << (BadResult ? PNaClABITypeChecker::getTypeName(BBI->getType())
|
| + : "") << " " << *BBI << "\n";
|
| + }
|
| +
|
| + // Check instruction attachment metadata.
|
| + SmallVector<std::pair<unsigned, MDNode*>, 4> MDForInst;
|
| + BBI->getAllMetadata(MDForInst);
|
| +
|
| + for (unsigned i = 0, e = MDForInst.size(); i != e; i++) {
|
| + if (!PNaClABIProps::isWhitelistedMetadata(MDForInst[i].first)) {
|
| + Reporter->addError()
|
| + << "Function " << F.getName()
|
| + << " has disallowed instruction metadata: "
|
| + << getMDNodeString(MDForInst[i].first, MDNames) << "\n";
|
| + }
|
| + }
|
| + }
|
| + }
|
| +
|
| + Reporter->checkForFatalErrors();
|
| + return false;
|
| +}
|
| +
|
| +// This method exists so that the passes can easily be run with opt -analyze.
|
| +// In this case the default constructor is used and we want to reset the error
|
| +// messages after each print.
|
| +void PNaClABIVerifyFunctions::print(llvm::raw_ostream &O, const Module *M)
|
| + const {
|
| + Reporter->printErrors(O);
|
| + Reporter->reset();
|
| +}
|
| +
|
| +char PNaClABIVerifyFunctions::ID = 0;
|
| +INITIALIZE_PASS(PNaClABIVerifyFunctions, "verify-pnaclabi-functions",
|
| + "Verify functions for PNaCl", false, true)
|
| +
|
| +FunctionPass *llvm::createPNaClABIVerifyFunctionsPass(
|
| + PNaClABIErrorReporter *Reporter) {
|
| + return new PNaClABIVerifyFunctions(Reporter);
|
| +}
|
|
|
Chromium Code Reviews
Issue 939073008:
Rebased PNaCl localmods in LLVM to 223109 (Closed)
