[llvm] r252694 - ADT: Avoid relying on UB in ilist_node::getNextNode()
Duncan P. N. Exon Smith via llvm-commits
llvm-commits at lists.llvm.org
Tue Nov 10 18:26:43 PST 2015
Author: dexonsmith
Date: Tue Nov 10 20:26:42 2015
New Revision: 252694
URL: http://llvm.org/viewvc/llvm-project?rev=252694&view=rev
Log:
ADT: Avoid relying on UB in ilist_node::getNextNode()
Re-implement `ilist_node::getNextNode()` and `getPrevNode()` without
relying on the sentinel having a "next" pointer. Instead, get access to
the owning list and compare against the `begin()` and `end()` iterators.
This only works when the node *can* get access to the owning list. The
new support is in `ilist_node_with_parent<>`, and any class `Ty`
inheriting from `ilist_node<NodeTy>` that wants `getNextNode()` and/or
`getPrevNode()` should inherit from
`ilist_node_with_parent<NodeTy, ParentTy>` instead. The requirements:
- `NodeTy` must have a `getParent()` function that returns the parent.
- `ParentTy` must have a `getSublistAccess()` static that, given a(n
ignored) `NodeTy*` (to determine which list), returns a member field
pointer to the appropriate `ilist<>`.
This isn't the cleanest way to get access to the owning list, but it
leverages the API already used in the IR hierarchy (see, e.g.,
`Instruction::getSublistAccess()`).
If anyone feels like ripping out the calls to `getNextNode()` and
`getPrevNode()` and replacing with direct iterator logic, they can also
remove the access function, etc., but as an incremental step, I'm
maintaining the API where it's currently used in tree.
If these requirements are *not* met, call sites with access to the ilist
can call `iplist<NodeTy>::getNextNode(NodeTy*)` directly, as in
ilistTest.cpp.
Why rewrite this?
The old code was broken, calling `getNext()` on a sentinel that possibly
didn't have a "next" pointer at all! The new code avoids that
particular flavour of UB (see the commit message for r252538 for more
details about the "lucky" memory layout that made this function so
interesting).
There's still some UB here: the end iterator gets downcast to `NodeTy*`,
even when it's a sentinel (which is typically
`ilist_half_node<NodeTy*>`). I'll tackle that in follow-up commits.
See this llvm-dev thread for more details:
http://lists.llvm.org/pipermail/llvm-dev/2015-October/091115.html
What's the danger?
There might be some code that relies on `getNextNode()` or
`getPrevNode()` *never* returning `nullptr` -- i.e., that relies on them
being broken when the sentinel is an `ilist_half_node<NodeTy>`. I tried
to root out those cases with the audits I did leading up to r252380, but
it's possible I missed one or two. I hope not.
(If (1) you have out-of-tree code, (2) you've reverted r252380
temporarily, and (3) you get some weird crashes with this commit, then I
recommend un-reverting r252380 and auditing the compile errors looking
for "strange" implicit conversions.)
Modified:
llvm/trunk/include/llvm/ADT/ilist.h
llvm/trunk/include/llvm/ADT/ilist_node.h
llvm/trunk/include/llvm/CodeGen/MachineBasicBlock.h
llvm/trunk/include/llvm/CodeGen/MachineFunction.h
llvm/trunk/include/llvm/CodeGen/MachineInstr.h
llvm/trunk/include/llvm/IR/BasicBlock.h
llvm/trunk/include/llvm/IR/Instruction.h
llvm/trunk/include/llvm/MC/MCAssembler.h
llvm/trunk/include/llvm/MC/MCSection.h
llvm/trunk/unittests/ADT/ilistTest.cpp
Modified: llvm/trunk/include/llvm/ADT/ilist.h
URL: http://llvm.org/viewvc/llvm-project/llvm/trunk/include/llvm/ADT/ilist.h?rev=252694&r1=252693&r2=252694&view=diff
==============================================================================
--- llvm/trunk/include/llvm/ADT/ilist.h (original)
+++ llvm/trunk/include/llvm/ADT/ilist.h Tue Nov 10 20:26:42 2015
@@ -251,11 +251,11 @@ public:
pointer operator->() const { return &operator*(); }
// Comparison operators
- bool operator==(const ilist_iterator &RHS) const {
- return NodePtr == RHS.NodePtr;
+ template <class Y> bool operator==(const ilist_iterator<Y> &RHS) const {
+ return NodePtr == RHS.getNodePtrUnchecked();
}
- bool operator!=(const ilist_iterator &RHS) const {
- return NodePtr != RHS.NodePtr;
+ template <class Y> bool operator!=(const ilist_iterator<Y> &RHS) const {
+ return NodePtr != RHS.getNodePtrUnchecked();
}
// Increment and decrement operators...
@@ -687,6 +687,30 @@ public:
merge(RightHalf, comp);
}
void sort() { sort(op_less); }
+
+ /// \brief Get the previous node, or \c nullptr for the list head.
+ NodeTy *getPrevNode(NodeTy &N) const {
+ auto I = N.getIterator();
+ if (I == begin())
+ return nullptr;
+ return &*std::prev(I);
+ }
+ /// \brief Get the previous node, or \c nullptr for the list head.
+ const NodeTy *getPrevNode(const NodeTy &N) const {
+ return getPrevNode(const_cast<NodeTy &>(N));
+ }
+
+ /// \brief Get the next node, or \c nullptr for the list tail.
+ NodeTy *getNextNode(NodeTy &N) const {
+ auto Next = std::next(N.getIterator());
+ if (Next == end())
+ return nullptr;
+ return &*Next;
+ }
+ /// \brief Get the next node, or \c nullptr for the list tail.
+ const NodeTy *getNextNode(const NodeTy &N) const {
+ return getNextNode(const_cast<NodeTy &>(N));
+ }
};
Modified: llvm/trunk/include/llvm/ADT/ilist_node.h
URL: http://llvm.org/viewvc/llvm-project/llvm/trunk/include/llvm/ADT/ilist_node.h?rev=252694&r1=252693&r2=252694&view=diff
==============================================================================
--- llvm/trunk/include/llvm/ADT/ilist_node.h (original)
+++ llvm/trunk/include/llvm/ADT/ilist_node.h Tue Nov 10 20:26:42 2015
@@ -66,54 +66,55 @@ public:
// FIXME: Stop downcasting to create the iterator (potential UB).
return ilist_iterator<const NodeTy>(static_cast<const NodeTy *>(this));
}
+};
+
+/// An ilist node that can access its parent list.
+///
+/// Requires \c NodeTy to have \a getParent() to find the parent node, and the
+/// \c ParentTy to have \a getSublistAccess() to get a reference to the list.
+template <typename NodeTy, typename ParentTy>
+class ilist_node_with_parent : public ilist_node<NodeTy> {
+protected:
+ ilist_node_with_parent() = default;
+
+private:
+ /// Forward to NodeTy::getParent().
+ ///
+ /// Note: do not use the name "getParent()". We want a compile error
+ /// (instead of recursion) when the subclass fails to implement \a
+ /// getParent().
+ const ParentTy *getNodeParent() const {
+ return static_cast<const NodeTy *>(this)->getParent();
+ }
+public:
/// @name Adjacent Node Accessors
/// @{
-
- /// \brief Get the previous node, or 0 for the list head.
+ /// \brief Get the previous node, or \c nullptr for the list head.
NodeTy *getPrevNode() {
- NodeTy *Prev = this->getPrev();
-
- // Check for sentinel.
- if (!Prev->getNext())
- return nullptr;
-
- return Prev;
+ // Should be separated to a reused function, but then we couldn't use auto
+ // (and would need the type of the list).
+ const auto &List =
+ getNodeParent()->*(ParentTy::getSublistAccess((NodeTy *)nullptr));
+ return List.getPrevNode(*static_cast<NodeTy *>(this));
}
-
- /// \brief Get the previous node, or 0 for the list head.
+ /// \brief Get the previous node, or \c nullptr for the list head.
const NodeTy *getPrevNode() const {
- const NodeTy *Prev = this->getPrev();
-
- // Check for sentinel.
- if (!Prev->getNext())
- return nullptr;
-
- return Prev;
+ return const_cast<ilist_node_with_parent *>(this)->getPrevNode();
}
- /// \brief Get the next node, or 0 for the list tail.
+ /// \brief Get the next node, or \c nullptr for the list tail.
NodeTy *getNextNode() {
- NodeTy *Next = getNext();
-
- // Check for sentinel.
- if (!Next->getNext())
- return nullptr;
-
- return Next;
+ // Should be separated to a reused function, but then we couldn't use auto
+ // (and would need the type of the list).
+ const auto &List =
+ getNodeParent()->*(ParentTy::getSublistAccess((NodeTy *)nullptr));
+ return List.getNextNode(*static_cast<NodeTy *>(this));
}
-
- /// \brief Get the next node, or 0 for the list tail.
+ /// \brief Get the next node, or \c nullptr for the list tail.
const NodeTy *getNextNode() const {
- const NodeTy *Next = getNext();
-
- // Check for sentinel.
- if (!Next->getNext())
- return nullptr;
-
- return Next;
+ return const_cast<ilist_node_with_parent *>(this)->getNextNode();
}
-
/// @}
};
Modified: llvm/trunk/include/llvm/CodeGen/MachineBasicBlock.h
URL: http://llvm.org/viewvc/llvm-project/llvm/trunk/include/llvm/CodeGen/MachineBasicBlock.h?rev=252694&r1=252693&r2=252694&view=diff
==============================================================================
--- llvm/trunk/include/llvm/CodeGen/MachineBasicBlock.h (original)
+++ llvm/trunk/include/llvm/CodeGen/MachineBasicBlock.h Tue Nov 10 20:26:42 2015
@@ -65,7 +65,8 @@ private:
void createNode(const MachineInstr &);
};
-class MachineBasicBlock : public ilist_node<MachineBasicBlock> {
+class MachineBasicBlock
+ : public ilist_node_with_parent<MachineBasicBlock, MachineFunction> {
public:
/// Pair of physical register and lane mask.
/// This is not simply a std::pair typedef because the members should be named
@@ -272,6 +273,11 @@ public:
reverse_iterator rend () { return instr_rend(); }
const_reverse_iterator rend () const { return instr_rend(); }
+ /// Support for MachineInstr::getNextNode().
+ static Instructions MachineBasicBlock::*getSublistAccess(MachineInstr *) {
+ return &MachineBasicBlock::Insts;
+ }
+
inline iterator_range<iterator> terminators() {
return iterator_range<iterator>(getFirstTerminator(), end());
}
Modified: llvm/trunk/include/llvm/CodeGen/MachineFunction.h
URL: http://llvm.org/viewvc/llvm-project/llvm/trunk/include/llvm/CodeGen/MachineFunction.h?rev=252694&r1=252693&r2=252694&view=diff
==============================================================================
--- llvm/trunk/include/llvm/CodeGen/MachineFunction.h (original)
+++ llvm/trunk/include/llvm/CodeGen/MachineFunction.h Tue Nov 10 20:26:42 2015
@@ -331,6 +331,12 @@ public:
typedef std::reverse_iterator<const_iterator> const_reverse_iterator;
typedef std::reverse_iterator<iterator> reverse_iterator;
+ /// Support for MachineBasicBlock::getNextNode().
+ static BasicBlockListType MachineFunction::*
+ getSublistAccess(MachineBasicBlock *) {
+ return &MachineFunction::BasicBlocks;
+ }
+
/// addLiveIn - Add the specified physical register as a live-in value and
/// create a corresponding virtual register for it.
unsigned addLiveIn(unsigned PReg, const TargetRegisterClass *RC);
Modified: llvm/trunk/include/llvm/CodeGen/MachineInstr.h
URL: http://llvm.org/viewvc/llvm-project/llvm/trunk/include/llvm/CodeGen/MachineInstr.h?rev=252694&r1=252693&r2=252694&view=diff
==============================================================================
--- llvm/trunk/include/llvm/CodeGen/MachineInstr.h (original)
+++ llvm/trunk/include/llvm/CodeGen/MachineInstr.h Tue Nov 10 20:26:42 2015
@@ -48,7 +48,8 @@ class MachineMemOperand;
/// MachineFunction is deleted, all the contained MachineInstrs are deallocated
/// without having their destructor called.
///
-class MachineInstr : public ilist_node<MachineInstr> {
+class MachineInstr
+ : public ilist_node_with_parent<MachineInstr, MachineBasicBlock> {
public:
typedef MachineMemOperand **mmo_iterator;
Modified: llvm/trunk/include/llvm/IR/BasicBlock.h
URL: http://llvm.org/viewvc/llvm-project/llvm/trunk/include/llvm/IR/BasicBlock.h?rev=252694&r1=252693&r2=252694&view=diff
==============================================================================
--- llvm/trunk/include/llvm/IR/BasicBlock.h (original)
+++ llvm/trunk/include/llvm/IR/BasicBlock.h Tue Nov 10 20:26:42 2015
@@ -50,7 +50,7 @@ struct SymbolTableListSentinelTraits<Bas
/// modifying a program. However, the verifier will ensure that basic blocks
/// are "well formed".
class BasicBlock : public Value, // Basic blocks are data objects also
- public ilist_node<BasicBlock> {
+ public ilist_node_with_parent<BasicBlock, Function> {
friend class BlockAddress;
public:
typedef SymbolTableList<Instruction> InstListType;
Modified: llvm/trunk/include/llvm/IR/Instruction.h
URL: http://llvm.org/viewvc/llvm-project/llvm/trunk/include/llvm/IR/Instruction.h?rev=252694&r1=252693&r2=252694&view=diff
==============================================================================
--- llvm/trunk/include/llvm/IR/Instruction.h (original)
+++ llvm/trunk/include/llvm/IR/Instruction.h Tue Nov 10 20:26:42 2015
@@ -33,7 +33,8 @@ template <>
struct SymbolTableListSentinelTraits<Instruction>
: public ilist_half_embedded_sentinel_traits<Instruction> {};
-class Instruction : public User, public ilist_node<Instruction> {
+class Instruction : public User,
+ public ilist_node_with_parent<Instruction, BasicBlock> {
void operator=(const Instruction &) = delete;
Instruction(const Instruction &) = delete;
Modified: llvm/trunk/include/llvm/MC/MCAssembler.h
URL: http://llvm.org/viewvc/llvm-project/llvm/trunk/include/llvm/MC/MCAssembler.h?rev=252694&r1=252693&r2=252694&view=diff
==============================================================================
--- llvm/trunk/include/llvm/MC/MCAssembler.h (original)
+++ llvm/trunk/include/llvm/MC/MCAssembler.h Tue Nov 10 20:26:42 2015
@@ -35,7 +35,7 @@ class MCSubtargetInfo;
class MCValue;
class MCAsmBackend;
-class MCFragment : public ilist_node<MCFragment> {
+class MCFragment : public ilist_node_with_parent<MCFragment, MCSection> {
friend class MCAsmLayout;
MCFragment(const MCFragment &) = delete;
Modified: llvm/trunk/include/llvm/MC/MCSection.h
URL: http://llvm.org/viewvc/llvm-project/llvm/trunk/include/llvm/MC/MCSection.h?rev=252694&r1=252693&r2=252694&view=diff
==============================================================================
--- llvm/trunk/include/llvm/MC/MCSection.h (original)
+++ llvm/trunk/include/llvm/MC/MCSection.h Tue Nov 10 20:26:42 2015
@@ -154,6 +154,11 @@ public:
return const_cast<MCSection *>(this)->getFragmentList();
}
+ /// Support for MCFragment::getNextNode().
+ static FragmentListType MCSection::*getSublistAccess(MCFragment *) {
+ return &MCSection::Fragments;
+ }
+
const MCDummyFragment &getDummyFragment() const { return DummyFragment; }
MCDummyFragment &getDummyFragment() { return DummyFragment; }
Modified: llvm/trunk/unittests/ADT/ilistTest.cpp
URL: http://llvm.org/viewvc/llvm-project/llvm/trunk/unittests/ADT/ilistTest.cpp?rev=252694&r1=252693&r2=252694&view=diff
==============================================================================
--- llvm/trunk/unittests/ADT/ilistTest.cpp (original)
+++ llvm/trunk/unittests/ADT/ilistTest.cpp Tue Nov 10 20:26:42 2015
@@ -30,18 +30,18 @@ TEST(ilistTest, Basic) {
ilist<Node> List;
List.push_back(Node(1));
EXPECT_EQ(1, List.back().Value);
- EXPECT_EQ(nullptr, List.back().getPrevNode());
- EXPECT_EQ(nullptr, List.back().getNextNode());
+ EXPECT_EQ(nullptr, List.getPrevNode(List.back()));
+ EXPECT_EQ(nullptr, List.getNextNode(List.back()));
List.push_back(Node(2));
EXPECT_EQ(2, List.back().Value);
- EXPECT_EQ(2, List.front().getNextNode()->Value);
- EXPECT_EQ(1, List.back().getPrevNode()->Value);
+ EXPECT_EQ(2, List.getNextNode(List.front())->Value);
+ EXPECT_EQ(1, List.getPrevNode(List.back())->Value);
const ilist<Node> &ConstList = List;
EXPECT_EQ(2, ConstList.back().Value);
- EXPECT_EQ(2, ConstList.front().getNextNode()->Value);
- EXPECT_EQ(1, ConstList.back().getPrevNode()->Value);
+ EXPECT_EQ(2, ConstList.getNextNode(ConstList.front())->Value);
+ EXPECT_EQ(1, ConstList.getPrevNode(ConstList.back())->Value);
}
TEST(ilistTest, SpliceOne) {
More information about the llvm-commits
mailing list