[PATCH] D131979: [clang][UBSan] Fix __builtin_assume_aligned crash

Wang Yihan via Phabricator via cfe-commits Tue, 16 Aug 2022 10:31:24 -0700

yihanaa created this revision.
yihanaa added reviewers: rjmccall, aaron.ballman, erichkeane, lebedev.ri.
yihanaa added a project: clang.
Herald added a project: All.
yihanaa requested review of this revision.
Herald added a subscriber: cfe-commits.


Clang will crash when __builtin_assume_aligned's 1st arg is array type(or 
string literal).
Open issue: https://github.com/llvm/llvm-project/issues/57169


Repository:
  rG LLVM Github Monorepo

https://reviews.llvm.org/D131979

Files:
  clang/lib/CodeGen/CodeGenFunction.cpp
  clang/test/CodeGen/builtin-assume-aligned.c
  clang/test/CodeGen/catch-alignment-assumption-ignorelist.c


Index: clang/test/CodeGen/catch-alignment-assumption-ignorelist.c
===================================================================
--- clang/test/CodeGen/catch-alignment-assumption-ignorelist.c
+++ clang/test/CodeGen/catch-alignment-assumption-ignorelist.c
@@ -26,3 +26,9 @@
 void *ignore_volatiles(volatile void * x) {
   return __builtin_assume_aligned(x, 1);
 }
+
+// CHECK-LABEL: ignore_volatiles
+void ignore_volatiles_array() {
+  volatile char arr[] = "a";
+  (void)__builtin_assume_aligned(arr, 1);
+}
Index: clang/test/CodeGen/builtin-assume-aligned.c
===================================================================
--- clang/test/CodeGen/builtin-assume-aligned.c
+++ clang/test/CodeGen/builtin-assume-aligned.c
@@ -1,6 +1,8 @@
 // NOTE: Assertions have been autogenerated by utils/update_cc_test_checks.py
 // RUN: %clang_cc1 -no-opaque-pointers -triple x86_64-unknown-unknown 
-emit-llvm -o - %s | FileCheck %s
 
+// CHECK: [[TEST7_STR:@.*]] = private unnamed_addr constant [2 x i8] c"a\00", 
align 1
+
 // CHECK-LABEL: @test1(
 // CHECK-NEXT:  entry:
 // CHECK-NEXT:    [[A_ADDR:%.*]] = alloca i32*, align 8
@@ -124,3 +126,10 @@
   a = __builtin_assume_aligned(a, 4294967296);
 return a[0];
 }
+
+// CHECK-LABEL: @test7(
+// CHECK-NEXT:  entry:
+// CHECK-NEXT:    call void @llvm.assume(i1 true) [ "align"(i8* getelementptr 
inbounds ([2 x i8], [2 x i8]* [[TEST7_STR]], i64 0, i64 0), i64 1) ]
+void test7(void) {
+  (void) __builtin_assume_aligned("a", 1);
+}
Index: clang/lib/CodeGen/CodeGenFunction.cpp
===================================================================
--- clang/lib/CodeGen/CodeGenFunction.cpp
+++ clang/lib/CodeGen/CodeGenFunction.cpp
@@ -2711,8 +2711,14 @@
 
   // Don't check pointers to volatile data. The behavior here is 
implementation-
   // defined.
-  if (Ty->getPointeeType().isVolatileQualified())
-    return;
+  if (Ty->isPointerType()) {
+    if (Ty->getPointeeType().isVolatileQualified())
+      return;
+  } else {
+    // Ty maybe an array type
+    if (Ty.isVolatileQualified())
+      return;
+  }
 
   // We need to temorairly remove the assumption so we can insert the
   // sanitizer check before it, else the check will be dropped by 
optimizations.

Index: clang/test/CodeGen/catch-alignment-assumption-ignorelist.c
===================================================================
--- clang/test/CodeGen/catch-alignment-assumption-ignorelist.c
+++ clang/test/CodeGen/catch-alignment-assumption-ignorelist.c
@@ -26,3 +26,9 @@
 void *ignore_volatiles(volatile void * x) {
   return __builtin_assume_aligned(x, 1);
 }
+
+// CHECK-LABEL: ignore_volatiles
+void ignore_volatiles_array() {
+  volatile char arr[] = "a";
+  (void)__builtin_assume_aligned(arr, 1);
+}
Index: clang/test/CodeGen/builtin-assume-aligned.c
===================================================================
--- clang/test/CodeGen/builtin-assume-aligned.c
+++ clang/test/CodeGen/builtin-assume-aligned.c
@@ -1,6 +1,8 @@
 // NOTE: Assertions have been autogenerated by utils/update_cc_test_checks.py
 // RUN: %clang_cc1 -no-opaque-pointers -triple x86_64-unknown-unknown -emit-llvm -o - %s | FileCheck %s
 
+// CHECK: [[TEST7_STR:@.*]] = private unnamed_addr constant [2 x i8] c"a\00", align 1
+
 // CHECK-LABEL: @test1(
 // CHECK-NEXT:  entry:
 // CHECK-NEXT:    [[A_ADDR:%.*]] = alloca i32*, align 8
@@ -124,3 +126,10 @@
   a = __builtin_assume_aligned(a, 4294967296);
 return a[0];
 }
+
+// CHECK-LABEL: @test7(
+// CHECK-NEXT:  entry:
+// CHECK-NEXT:    call void @llvm.assume(i1 true) [ "align"(i8* getelementptr inbounds ([2 x i8], [2 x i8]* [[TEST7_STR]], i64 0, i64 0), i64 1) ]
+void test7(void) {
+  (void) __builtin_assume_aligned("a", 1);
+}
Index: clang/lib/CodeGen/CodeGenFunction.cpp
===================================================================
--- clang/lib/CodeGen/CodeGenFunction.cpp
+++ clang/lib/CodeGen/CodeGenFunction.cpp
@@ -2711,8 +2711,14 @@
 
   // Don't check pointers to volatile data. The behavior here is implementation-
   // defined.
-  if (Ty->getPointeeType().isVolatileQualified())
-    return;
+  if (Ty->isPointerType()) {
+    if (Ty->getPointeeType().isVolatileQualified())
+      return;
+  } else {
+    // Ty maybe an array type
+    if (Ty.isVolatileQualified())
+      return;
+  }
 
   // We need to temorairly remove the assumption so we can insert the
   // sanitizer check before it, else the check will be dropped by optimizations.

_______________________________________________
cfe-commits mailing list
cfe-commits@lists.llvm.org
https://lists.llvm.org/cgi-bin/mailman/listinfo/cfe-commits

[PATCH] D131979: [clang][UBSan] Fix __builtin_assume_aligned crash

Reply via email to