[llvm] 472c79c - [IR] Check that arguments of naked function are not used (#104757)

via llvm-commits llvm-commits at lists.llvm.org
Tue Aug 20 00:29:08 PDT 2024 

Author: Nikita Popov
Date: 2024-08-20T09:29:05+02:00
New Revision: 472c79ca52806856c0dc7548a6f82d3bd9e7530c

URL: https://github.com/llvm/llvm-project/commit/472c79ca52806856c0dc7548a6f82d3bd9e7530c
DIFF: https://github.com/llvm/llvm-project/commit/472c79ca52806856c0dc7548a6f82d3bd9e7530c.diff

LOG: [IR] Check that arguments of naked function are not used (#104757)

Verify that the arguments of a naked function are not used. They can
only be referenced via registers/stack in inline asm, not as IR values.
Doing so will result in assertion failures in the backend.

There's probably more that we should verify, though I'm not completely
sure what the constraints are (would it be correct to require that naked
functions are exactly an inline asm call + unreachable, or is more
allowed?)

Fixes https://github.com/llvm/llvm-project/issues/104718.

Added: 
    llvm/test/Verifier/naked.ll

Modified: 
    llvm/docs/LangRef.rst
    llvm/lib/IR/Verifier.cpp
    llvm/test/Instrumentation/ThreadSanitizer/tsan_basic.ll
    llvm/test/Transforms/Attributor/nonnull.ll
    llvm/test/Transforms/CodeExtractor/PartialInlineAttributes.ll
    llvm/test/Transforms/FunctionAttrs/nonnull.ll

Removed: 
    


################################################################################
diff  --git a/llvm/docs/LangRef.rst b/llvm/docs/LangRef.rst
index 5e5e9b9e8a93b1..1920ffb7b08d37 100644
--- a/llvm/docs/LangRef.rst
+++ b/llvm/docs/LangRef.rst
@@ -2046,7 +2046,8 @@ example:
     attributes.
 ``naked``
     This attribute disables prologue / epilogue emission for the
-    function. This can have very system-specific consequences.
+    function. This can have very system-specific consequences. The arguments of
+    a ``naked`` function can not be referenced through IR values.
 ``"no-inline-line-tables"``
     When this attribute is set to true, the inliner discards source locations
     when inlining code and instead uses the source location of the call site.

diff  --git a/llvm/lib/IR/Verifier.cpp b/llvm/lib/IR/Verifier.cpp
index 7d71ce3230b204..4e097b732cc2cb 100644
--- a/llvm/lib/IR/Verifier.cpp
+++ b/llvm/lib/IR/Verifier.cpp
@@ -2777,6 +2777,10 @@ void Verifier::visitFunction(const Function &F) {
   Check(!Attrs.hasAttrSomewhere(Attribute::ElementType),
         "Attribute 'elementtype' can only be applied to a callsite.", &F);
 
+  if (Attrs.hasFnAttr(Attribute::Naked))
+    for (const Argument &Arg : F.args())
+      Check(Arg.use_empty(), "cannot use argument of naked function", &Arg);
+
   // Check that this function meets the restrictions on this calling convention.
   // Sometimes varargs is used for perfectly forwarding thunks, so some of these
   // restrictions can be lifted.

diff  --git a/llvm/test/Instrumentation/ThreadSanitizer/tsan_basic.ll b/llvm/test/Instrumentation/ThreadSanitizer/tsan_basic.ll
index 3aef34317b0bbd..5a15cfa6864c4b 100644
--- a/llvm/test/Instrumentation/ThreadSanitizer/tsan_basic.ll
+++ b/llvm/test/Instrumentation/ThreadSanitizer/tsan_basic.ll
@@ -98,12 +98,12 @@ define void @SwiftErrorCall(ptr swifterror) sanitize_thread {
   ret void
 }
 
-; CHECK-LABEL: @NakedTest(ptr %a)
-; CHECK-NEXT:   call void @foo()
-; CHECK-NEXT:   %tmp1 = load i32, ptr %a, align 4
-; CHECK-NEXT:   ret i32 %tmp1
-define i32 @NakedTest(ptr %a) naked sanitize_thread {
-  call void @foo()
+; CHECK-LABEL: @NakedTest()
+; CHECK-NEXT:  %a = call ptr @foo()
+; CHECK-NEXT:  %tmp1 = load i32, ptr %a, align 4
+; CHECK-NEXT:  ret i32 %tmp1
+define i32 @NakedTest() naked sanitize_thread {
+  %a = call ptr @foo()
   %tmp1 = load i32, ptr %a, align 4
   ret i32 %tmp1
 }

diff  --git a/llvm/test/Transforms/Attributor/nonnull.ll b/llvm/test/Transforms/Attributor/nonnull.ll
index d18f5641ef5ba9..990695954a9f60 100644
--- a/llvm/test/Transforms/Attributor/nonnull.ll
+++ b/llvm/test/Transforms/Attributor/nonnull.ll
@@ -1048,10 +1048,8 @@ define internal void @naked(ptr dereferenceable(4) %a) naked {
 ; CHECK: Function Attrs: naked
 ; CHECK-LABEL: define {{[^@]+}}@naked
 ; CHECK-SAME: (ptr noundef nonnull dereferenceable(4) [[A:%.*]]) #[[ATTR11:[0-9]+]] {
-; CHECK-NEXT:    call void @use_i32_ptr(ptr nocapture nofree noundef nonnull [[A]])
 ; CHECK-NEXT:    ret void
 ;
-  call void @use_i32_ptr(ptr %a)
   ret void
 }
 ; Avoid nonnull as we do not touch optnone

diff  --git a/llvm/test/Transforms/CodeExtractor/PartialInlineAttributes.ll b/llvm/test/Transforms/CodeExtractor/PartialInlineAttributes.ll
index 080ea2e77a7aea..b085e34d52648c 100644
--- a/llvm/test/Transforms/CodeExtractor/PartialInlineAttributes.ll
+++ b/llvm/test/Transforms/CodeExtractor/PartialInlineAttributes.ll
@@ -81,6 +81,6 @@ attributes #0 = {
 
 ; attributes to drop
 attributes #1 = {
-  alignstack=16 convergent inaccessiblememonly inaccessiblemem_or_argmemonly naked
+  alignstack=16 convergent inaccessiblememonly inaccessiblemem_or_argmemonly
   noreturn readonly argmemonly returns_twice speculatable "thunk"
 }

diff  --git a/llvm/test/Transforms/FunctionAttrs/nonnull.ll b/llvm/test/Transforms/FunctionAttrs/nonnull.ll
index 4432c4f3c541af..05c8bdaf66e7aa 100644
--- a/llvm/test/Transforms/FunctionAttrs/nonnull.ll
+++ b/llvm/test/Transforms/FunctionAttrs/nonnull.ll
@@ -1079,15 +1079,12 @@ define internal void @control(ptr dereferenceable(4) %a) {
 define internal void @naked(ptr dereferenceable(4) %a) naked {
 ; FNATTRS-LABEL: define internal void @naked(
 ; FNATTRS-SAME: ptr dereferenceable(4) [[A:%.*]]) #[[ATTR10:[0-9]+]] {
-; FNATTRS-NEXT:    call void @use_i32_ptr(ptr [[A]])
 ; FNATTRS-NEXT:    ret void
 ;
 ; ATTRIBUTOR-LABEL: define internal void @naked(
 ; ATTRIBUTOR-SAME: ptr nonnull dereferenceable(4) [[A:%.*]]) #[[ATTR11:[0-9]+]] {
-; ATTRIBUTOR-NEXT:    call void @use_i32_ptr(ptr [[A]])
 ; ATTRIBUTOR-NEXT:    ret void
 ;
-  call void @use_i32_ptr(ptr %a)
   ret void
 }
 ; Avoid nonnull as we do not touch optnone

diff  --git a/llvm/test/Verifier/naked.ll b/llvm/test/Verifier/naked.ll
new file mode 100644
index 00000000000000..fc223858cf162e
--- /dev/null
+++ b/llvm/test/Verifier/naked.ll
@@ -0,0 +1,8 @@
+; RUN: not llvm-as %s -o /dev/null 2>&1 | FileCheck %s
+
+; CHECK: cannot use argument of naked function
+define void @test(ptr %ptr) naked {
+  getelementptr i8, ptr %ptr, i64 1
+  call void @llvm.trap()
+  unreachable
+}

More information about the llvm-commits mailing list