<div dir="ltr"><span id="gmail-docs-internal-guid-da7b979b-7fff-e5c3-3332-96e5ad759afc"><p dir="ltr" style="line-height:1.656;margin-top:0pt;margin-bottom:0pt;margin-left:18pt;padding:0pt 0pt 0pt 18pt"><span style="font-size:11pt;font-family:Arial;color:rgb(0,0,0);background-color:transparent;font-weight:400;font-style:normal;font-variant:normal;text-decoration:none;vertical-align:baseline;white-space:pre-wrap">Hi everyone,</span></p><p dir="ltr" style="line-height:1.38;margin-top:0pt;margin-bottom:0pt"><b style="font-weight:normal" id="gmail-docs-internal-guid-897a36b4-7fff-8dec-cb8b-c86a658190ad"><br></b></p><p dir="ltr" style="line-height:1.656;margin-top:0pt;margin-bottom:0pt;margin-left:18pt;padding:0pt 0pt 0pt 18pt"><span style="font-size:11pt;font-family:Arial;color:rgb(0,0,0);background-color:transparent;font-weight:400;font-style:normal;font-variant:normal;text-decoration:none;vertical-align:baseline;white-space:pre-wrap">I'm working on adding function level Clang attributes for the Speculative Load Hardening </span><span style="background-color:transparent;color:rgb(0,0,0);font-family:Arial;font-size:11pt;white-space:pre-wrap">(SLH) feature, so devs who know what they are doing can enable or disable SLH function by </span><span style="background-color:transparent;color:rgb(0,0,0);font-family:Arial;font-size:11pt;white-space:pre-wrap">function. There are two attributes 'no_speculative_load_hardening' and 'speculative_load_hardening.'</span></p><p dir="ltr" style="line-height:1.38;margin-top:0pt;margin-bottom:0pt"><b style="font-weight:normal"><br></b></p><p dir="ltr" style="line-height:1.656;margin-top:0pt;margin-bottom:0pt;margin-left:18pt;padding:0pt 0pt 0pt 18pt"><span style="font-size:11pt;font-family:Arial;color:rgb(0,0,0);background-color:transparent;font-weight:400;font-style:normal;font-variant:normal;text-decoration:none;vertical-align:baseline;white-space:pre-wrap">As a part of this, I want to diagnose a special case where a function marked</span></p><p dir="ltr" style="line-height:1.656;margin-top:0pt;margin-bottom:0pt;margin-left:18pt;padding:0pt 0pt 0pt 18pt"><span style="font-size:11pt;font-family:Arial;color:rgb(0,0,0);background-color:transparent;font-weight:400;font-style:normal;font-variant:normal;text-decoration:none;vertical-align:baseline;white-space:pre-wrap">'no_speculative_load_hardening' will still have 'speculative_load_hardening' enabled.</span></p><p dir="ltr" style="line-height:1.38;margin-top:0pt;margin-bottom:0pt"><b style="font-weight:normal"><br></b></p><p dir="ltr" style="line-height:1.656;margin-top:0pt;margin-bottom:0pt;margin-left:18pt;padding:0pt 0pt 0pt 18pt"><span style="font-size:11pt;font-family:Arial;color:rgb(0,0,0);background-color:transparent;font-weight:400;font-style:normal;font-variant:normal;text-decoration:none;vertical-align:baseline;white-space:pre-wrap">Whenever a function marked 'speculative_load_hardening' is inlined into another function, </span><span style="background-color:transparent;color:rgb(0,0,0);font-family:Arial;font-size:11pt;white-space:pre-wrap">then that function that it was inlined into will have SLH enabled no matter what. [If you want </span><span style="background-color:transparent;color:rgb(0,0,0);font-family:Arial;font-size:11pt;white-space:pre-wrap">more info on the rationale for this, check out the patch comments here: </span><a href="https://reviews.llvm.org/D54909?id=175599#inline-487979" style="text-decoration-line:none"><span style="font-size:11pt;font-family:Arial;background-color:transparent;font-variant-numeric:normal;font-variant-east-asian:normal;text-decoration-line:underline;vertical-align:baseline;white-space:pre-wrap">https://reviews.llvm.org/D54909?id=175599#inline-487979</span></a><span style="background-color:transparent;font-variant-numeric:normal;font-variant-east-asian:normal;font-size:11pt;font-family:Arial;color:rgb(0,0,0);vertical-align:baseline;white-space:pre-wrap">]</span></p><p dir="ltr" style="line-height:1.656;margin-top:0pt;margin-bottom:0pt;margin-left:18pt;padding:0pt 0pt 0pt 18pt"><span style="font-size:11pt;font-family:Arial;color:rgb(0,0,0);background-color:transparent;font-weight:400;font-style:normal;font-variant:normal;text-decoration:none;vertical-align:baseline;white-space:pre-wrap"><br></span></p><p dir="ltr" style="line-height:1.656;margin-top:0pt;margin-bottom:0pt;margin-left:18pt;padding:0pt 0pt 0pt 18pt"><span style="font-size:11pt;font-family:Arial;color:rgb(0,0,0);background-color:transparent;font-weight:400;font-style:normal;font-variant:normal;text-decoration:none;vertical-align:baseline;white-space:pre-wrap">I want to diagnose cases similar to this example:</span></p><p dir="ltr" style="line-height:1.38;margin-top:0pt;margin-bottom:0pt"><b style="font-weight:normal"><br></b></p><p dir="ltr" style="line-height:1.656;margin-top:0pt;margin-bottom:0pt;margin-left:18pt;padding:0pt 0pt 0pt 18pt"><span style="font-size:11pt;font-family:"Courier New";color:rgb(0,0,0);background-color:transparent;font-weight:400;font-style:normal;font-variant:normal;text-decoration:none;vertical-align:baseline;white-space:pre-wrap">__attribute__((speculative_load_hardening)) inline int foo(int i) {</span></p><p dir="ltr" style="line-height:1.656;margin-top:0pt;margin-bottom:0pt;margin-left:18pt;padding:0pt 0pt 0pt 18pt"><span style="font-size:11pt;font-family:"Courier New";color:rgb(0,0,0);background-color:transparent;font-weight:400;font-style:normal;font-variant:normal;text-decoration:none;vertical-align:baseline;white-space:pre-wrap"> return i;</span></p><p dir="ltr" style="line-height:1.656;margin-top:0pt;margin-bottom:0pt;margin-left:18pt;padding:0pt 0pt 0pt 18pt"><span style="font-size:11pt;font-family:"Courier New";color:rgb(0,0,0);background-color:transparent;font-weight:400;font-style:normal;font-variant:normal;text-decoration:none;vertical-align:baseline;white-space:pre-wrap">}</span></p><p dir="ltr" style="line-height:1.38;margin-top:0pt;margin-bottom:0pt"><b style="font-weight:normal"><br></b></p><p dir="ltr" style="line-height:1.656;margin-top:0pt;margin-bottom:0pt;margin-left:18pt;padding:0pt 0pt 0pt 18pt"><span style="font-size:11pt;font-family:"Courier New";color:rgb(0,0,0);background-color:transparent;font-weight:400;font-style:normal;font-variant:normal;text-decoration:none;vertical-align:baseline;white-space:pre-wrap">__attribute__((no_speculative_load_hardening)) int bar(int i) {</span></p><p dir="ltr" style="line-height:1.656;margin-top:0pt;margin-bottom:0pt;margin-left:18pt;padding:0pt 0pt 0pt 18pt"><span style="font-size:11pt;font-family:"Courier New";color:rgb(0,0,0);background-color:transparent;font-weight:400;font-style:normal;font-variant:normal;text-decoration:none;vertical-align:baseline;white-space:pre-wrap"> return foo(i); // Warning</span></p><p dir="ltr" style="line-height:1.90589;margin-top:0pt;margin-bottom:0pt;margin-left:18pt;padding:0pt 0pt 0pt 18pt"><span style="font-size:11pt;font-family:"Courier New";color:rgb(0,0,0);background-color:transparent;font-weight:400;font-style:normal;font-variant:normal;text-decoration:none;vertical-align:baseline;white-space:pre-wrap">}</span></p><p dir="ltr" style="line-height:1.38;margin-top:0pt;margin-bottom:0pt"><b style="font-weight:normal"><br></b></p><p dir="ltr" style="line-height:1.656;margin-top:0pt;margin-bottom:0pt;margin-left:18pt;padding:0pt 0pt 0pt 18pt"><span style="font-size:11pt;font-family:Arial;color:rgb(0,0,0);background-color:transparent;font-weight:400;font-style:normal;font-variant:normal;text-decoration:none;vertical-align:baseline;white-space:pre-wrap">I've thought about three different ways to implement this.</span></p><p dir="ltr" style="line-height:1.38;margin-top:0pt;margin-bottom:0pt"><b style="font-weight:normal"><br></b></p><p dir="ltr" style="line-height:1.656;margin-top:0pt;margin-bottom:0pt;margin-left:18pt;padding:0pt 0pt 0pt 18pt"><span style="font-size:11pt;font-family:Arial;color:rgb(0,0,0);background-color:transparent;font-weight:400;font-style:normal;font-variant:normal;text-decoration:none;vertical-align:baseline;white-space:pre-wrap">1. Add the diagnosis to Sema::ActOnFinishFunctionBody in SemaDecl.cpp. The caller function declaration and the caller body is available. For functions marked with SLH, I can walk the function body nodes and see whether any function calls have the incompatible attributes of SLH + inline.</span></p><p dir="ltr" style="line-height:1.38;margin-top:0pt;margin-bottom:0pt"><b style="font-weight:normal"><br></b></p><p dir="ltr" style="line-height:1.656;margin-top:0pt;margin-bottom:0pt;margin-left:18pt;padding:0pt 0pt 0pt 18pt"><span style="font-size:11pt;font-family:Arial;color:rgb(0,0,0);background-color:transparent;font-weight:400;font-style:normal;font-variant:normal;text-decoration:none;vertical-align:baseline;white-space:pre-wrap">Downside: This is an expensive way to diagnose this edge case. It doesn't seem worth the expense, so after discussing this with Aaron Ballman, I'll leave out the diagnosis if this is the only way to do it.</span></p><p dir="ltr" style="line-height:1.38;margin-top:0pt;margin-bottom:0pt"><b style="font-weight:normal"><br></b></p><p dir="ltr" style="line-height:1.656;margin-top:0pt;margin-bottom:0pt;margin-left:18pt;padding:0pt 0pt 0pt 18pt"><span style="font-size:11pt;font-family:Arial;color:rgb(0,0,0);background-color:transparent;font-weight:400;font-style:normal;font-variant:normal;text-decoration:none;vertical-align:baseline;white-space:pre-wrap">2. Add the diagnosis to CheckFunctionCall or checkCall in SemaChecking.cpp</span></p><p dir="ltr" style="line-height:1.38;margin-top:0pt;margin-bottom:0pt"><b style="font-weight:normal"><br></b></p><p dir="ltr" style="line-height:1.656;margin-top:0pt;margin-bottom:0pt;margin-left:18pt;padding:0pt 0pt 0pt 18pt"><span style="font-size:11pt;font-family:Arial;color:rgb(0,0,0);background-color:transparent;font-weight:400;font-style:normal;font-variant:normal;text-decoration:none;vertical-align:baseline;white-space:pre-wrap">Why doesn't this work?</span></p><p dir="ltr" style="line-height:1.656;margin-top:0pt;margin-bottom:0pt;margin-left:18pt;padding:0pt 0pt 0pt 18pt"><span style="font-size:11pt;font-family:Arial;color:rgb(0,0,0);background-color:transparent;font-weight:400;font-style:normal;font-variant:normal;text-decoration:none;vertical-align:baseline;white-space:pre-wrap">The context about the caller of the callee isn't available. I need to know whether the caller has the 'no_speculative_load_hardening' attribute.</span></p><p dir="ltr" style="line-height:1.38;margin-top:0pt;margin-bottom:0pt"><b style="font-weight:normal"><br></b></p><p dir="ltr" style="line-height:1.656;margin-top:0pt;margin-bottom:0pt;margin-left:18pt;padding:0pt 0pt 0pt 18pt"><span style="font-size:11pt;font-family:Arial;color:rgb(0,0,0);background-color:transparent;font-weight:400;font-style:normal;font-variant:normal;text-decoration:none;vertical-align:baseline;white-space:pre-wrap">3. Add the diagnosis to Sema::ActOnCallExpr in SemaExpr.cpp</span></p><p dir="ltr" style="line-height:1.38;margin-top:0pt;margin-bottom:0pt"><b style="font-weight:normal"><br></b></p><p dir="ltr" style="line-height:1.656;margin-top:0pt;margin-bottom:0pt;margin-left:18pt;padding:0pt 0pt 0pt 18pt"><span style="font-size:11pt;font-family:Arial;color:rgb(0,0,0);background-color:transparent;font-weight:400;font-style:normal;font-variant:normal;text-decoration:none;vertical-align:baseline;white-space:pre-wrap">Would this work?</span></p><p dir="ltr" style="line-height:1.656;margin-top:0pt;margin-bottom:0pt;margin-left:18pt;padding:0pt 0pt 0pt 18pt"><span style="font-size:11pt;font-family:Arial;color:rgb(0,0,0);background-color:transparent;font-weight:400;font-style:normal;font-variant:normal;text-decoration:none;vertical-align:baseline;white-space:pre-wrap">I'm not sure. Maybe this is a place where it would work since I have the Scope which contains info about the caller and the FunctionDecl of the callee which is all the info I need about the callee (hasAttr<SLH> && isInlineSpecified). The part I don't know how to do is distinguishing the calls I want to check from other calls that pass through that function (I assume constructors? Maybe other things?).</span></p><p dir="ltr" style="line-height:1.656;margin-top:0pt;margin-bottom:0pt;margin-left:18pt;padding:0pt 0pt 0pt 18pt"><span style="font-size:11pt;font-family:Arial;color:rgb(0,0,0);background-color:transparent;font-weight:700;font-style:normal;font-variant:normal;text-decoration:none;vertical-align:baseline;white-space:pre-wrap"><br></span></p><p dir="ltr" style="line-height:1.656;margin-top:0pt;margin-bottom:0pt;margin-left:18pt;padding:0pt 0pt 0pt 18pt"><span style="font-size:11pt;font-family:Arial;color:rgb(0,0,0);background-color:transparent;font-weight:700;font-style:normal;font-variant:normal;text-decoration:none;vertical-align:baseline;white-space:pre-wrap">Questions</span></p><ul style="margin-top:0pt;margin-bottom:0pt"><li dir="ltr" style="list-style-type:disc;font-size:11pt;font-family:Arial;color:rgb(0,0,0);background-color:transparent;font-weight:400;font-style:normal;font-variant:normal;text-decoration:none;vertical-align:baseline;white-space:pre"><p dir="ltr" style="line-height:1.656;margin-top:0pt;margin-bottom:0pt"><span style="font-size:11pt;font-family:Arial;color:rgb(0,0,0);background-color:transparent;font-weight:400;font-style:normal;font-variant:normal;text-decoration:none;vertical-align:baseline;white-space:pre-wrap">How do I distinguish between FunctionDecls that are direct function calls like I was to diagnose vs ones that are calls in other contexts? I think if I could make this distinction, then ActOnCallExpr would be a workable place to diagnose this. Since I don't have a good sense of what other calls are available, I'm having a hard time characterizing the distinguishing features of the calls I want to diagnose. (I'm relatively unknowledgeable about compilers and programming languages.)</span></p></li><ul style="margin-top:0pt;margin-bottom:0pt"><li dir="ltr" style="list-style-type:circle;font-size:11pt;font-family:Arial;color:rgb(0,0,0);background-color:transparent;font-weight:400;font-style:normal;font-variant:normal;text-decoration:none;vertical-align:baseline;white-space:pre"><p dir="ltr" style="line-height:1.656;margin-top:0pt;margin-bottom:0pt"><span style="font-size:11pt;font-family:Arial;color:rgb(0,0,0);background-color:transparent;font-weight:400;font-style:normal;font-variant:normal;text-decoration:none;vertical-align:baseline;white-space:pre-wrap">If I only check direct function calls (which are already singled out in ActOnCallExpr, would that be an appropriate subset of calls for me to try to diagnose? How do I know whether or not that's the right subset?</span></p></li><li dir="ltr" style="list-style-type:circle;font-size:11pt;font-family:Arial;color:rgb(0,0,0);background-color:transparent;font-weight:400;font-style:normal;font-variant:normal;text-decoration:none;vertical-align:baseline;white-space:pre"><p dir="ltr" style="line-height:1.656;margin-top:0pt;margin-bottom:0pt"><span style="font-size:11pt;font-family:Arial;color:rgb(0,0,0);background-color:transparent;font-weight:400;font-style:normal;font-variant:normal;text-decoration:none;vertical-align:baseline;white-space:pre-wrap">If there's some documentation or book chapter I could read to get a better understanding of how to figure this out, please feel free to recommend that.</span></p></li></ul><li dir="ltr" style="list-style-type:disc;font-size:11pt;font-family:Arial;color:rgb(0,0,0);background-color:transparent;font-weight:400;font-style:normal;font-variant:normal;text-decoration:none;vertical-align:baseline;white-space:pre"><p dir="ltr" style="line-height:1.656;margin-top:0pt;margin-bottom:0pt"><span style="font-size:11pt;font-family:Arial;color:rgb(0,0,0);background-color:transparent;font-weight:400;font-style:normal;font-variant:normal;text-decoration:none;vertical-align:baseline;white-space:pre-wrap">Am I missing a way to get the caller function when given a function call as in CheckFunctionCall?</span></p></li></ul><ul style="margin-top:0pt;margin-bottom:0pt"><li dir="ltr" style="list-style-type:disc;font-size:11pt;font-family:Arial;color:rgb(0,0,0);background-color:transparent;font-weight:400;font-style:normal;font-variant:normal;text-decoration:none;vertical-align:baseline;white-space:pre"><p dir="ltr" style="line-height:1.656;margin-top:0pt;margin-bottom:0pt"><span style="font-size:11pt;font-family:Arial;color:rgb(0,0,0);background-color:transparent;font-weight:400;font-style:normal;font-variant:normal;text-decoration:none;vertical-align:baseline;white-space:pre-wrap">Are there any recommendations about where else might be an appropriate place to diagnose this issue? Pointers about what to check into would be appreciated. SemaChecking.cpp seems like the right file, but I didn't see any other likely candidates from my inspection of the functions defined there.</span></p></li></ul><p dir="ltr" style="line-height:1.38;margin-top:0pt;margin-bottom:0pt"><b style="font-weight:normal"><br></b></p><p dir="ltr" style="line-height:1.38;margin-top:0pt;margin-bottom:0pt;margin-left:18pt;padding:0pt 0pt 0pt 18pt"><span style="font-size:11pt;font-family:Arial;color:rgb(34,34,34);background-color:transparent;font-weight:400;font-style:normal;font-variant:normal;text-decoration:none;vertical-align:baseline;white-space:pre-wrap">Zola Bridges</span></p><p dir="ltr" style="line-height:1.38;margin-top:0pt;margin-bottom:0pt"><br class="gmail-Apple-interchange-newline"></p></span></div>