From ae2d1b7d8c6cc3f59ee8f0bdff7757ae4e215ed7 Mon Sep 17 00:00:00 2001 From: Vedant Kumar Date: Mon, 17 Apr 2017 22:26:07 +0000 Subject: [PATCH] [ubsan] Skip null checks on pointers to the start of an alloca Pointers to the start of an alloca are non-null, so we don't need to emit runtime null checks for them. Testing: check-clang, check-ubsan. This significantly reduces the amount of null checks we emit when compiling X86ISelLowering.cpp. Here are the numbers from patched / unpatched clangs based on r300371. ------------------------------------- | Setup | # of null checks | ------------------------------------- | unpatched, -O0 | 45439 | | patched, -O0 | 25251 | (-44.4%) ------------------------------------- git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@300508 91177308-0d34-0410-b5e6-96231b3b80d8 --- lib/CodeGen/CGExpr.cpp | 12 ++++++++++- test/CodeGenCXX/ubsan-suppress-checks.cpp | 26 +++++++++++++++++------ 2 files changed, 30 insertions(+), 8 deletions(-) diff --git a/lib/CodeGen/CGExpr.cpp b/lib/CodeGen/CGExpr.cpp index 265ef27a46..b5d6c659e9 100644 --- a/lib/CodeGen/CGExpr.cpp +++ b/lib/CodeGen/CGExpr.cpp @@ -533,6 +533,15 @@ bool CodeGenFunction::sanitizePerformTypeCheck() const { SanOpts.has(SanitizerKind::Vptr); } +/// Check if a runtime null check for \p Ptr can be omitted. +static bool canOmitPointerNullCheck(llvm::Value *Ptr) { + // Note: do not perform any constant-folding in this function. That is best + // left to the IR builder. + + // Pointers to alloca'd memory are non-null. + return isa(Ptr->stripPointerCastsNoFollowAliases()); +} + void CodeGenFunction::EmitTypeCheck(TypeCheckKind TCK, SourceLocation Loc, llvm::Value *Ptr, QualType Ty, CharUnits Alignment, @@ -554,7 +563,8 @@ void CodeGenFunction::EmitTypeCheck(TypeCheckKind TCK, SourceLocation Loc, bool AllowNullPointers = TCK == TCK_DowncastPointer || TCK == TCK_Upcast || TCK == TCK_UpcastToVirtualBase; if ((SanOpts.has(SanitizerKind::Null) || AllowNullPointers) && - !SkippedChecks.has(SanitizerKind::Null)) { + !SkippedChecks.has(SanitizerKind::Null) && + !canOmitPointerNullCheck(Ptr)) { // The glvalue must not be an empty glvalue. llvm::Value *IsNonNull = Builder.CreateIsNotNull(Ptr); diff --git a/test/CodeGenCXX/ubsan-suppress-checks.cpp b/test/CodeGenCXX/ubsan-suppress-checks.cpp index 8ec94556c1..a8ca24ba63 100644 --- a/test/CodeGenCXX/ubsan-suppress-checks.cpp +++ b/test/CodeGenCXX/ubsan-suppress-checks.cpp @@ -2,6 +2,18 @@ // RUN: %clang_cc1 -std=c++11 -triple x86_64-apple-darwin10 -emit-llvm -o - %s -fsanitize=null | FileCheck %s --check-prefixes=CHECK,NULL // RUN: %clang_cc1 -std=c++11 -triple x86_64-apple-darwin10 -emit-llvm -o - %s -fsanitize=alignment,null -DCHECK_LAMBDA | FileCheck %s --check-prefixes=LAMBDA +// CHECK-LABEL: define void @_Z22load_non_null_pointersv +void load_non_null_pointers() { + int var; + var = *&var; + + int arr[1]; + arr[0] = arr[0]; + + // CHECK-NOT: icmp ne {{.*}}, null, !nosanitize + // CHECK: ret void +} + struct A { int foo; @@ -29,8 +41,7 @@ struct A { }; f(); - // LAMBDA: icmp ne %class.anon* %[[FUNCVAR:.*]], null, !nosanitize - // LAMBDA: %[[LAMBDAINT:[0-9]+]] = ptrtoint %class.anon* %[[FUNCVAR]] to i64, !nosanitize + // LAMBDA: %[[LAMBDAINT:[0-9]+]] = ptrtoint %class.anon* %[[FUNCVAR:.*]] to i64, !nosanitize // LAMBDA: and i64 %[[LAMBDAINT]], 7, !nosanitize // LAMBDA: call void @__ubsan_handle_type_mismatch @@ -127,8 +138,8 @@ struct A { struct B { operator A*() const { return nullptr; } - // CHECK-LABEL: define linkonce_odr i32 @_ZN1B11load_memberEv - static int load_member() { + // CHECK-LABEL: define linkonce_odr i32 @_ZN1B11load_memberEPS_ + static int load_member(B *bp) { // Check &b before converting it to an A*. // CHECK: call void @__ubsan_handle_type_mismatch // @@ -136,8 +147,7 @@ struct B { // NULL: call void @__ubsan_handle_type_mismatch // // CHECK-NOT: call void @__ubsan_handle_type_mismatch - B b; - return static_cast(b)->load_member(); + return static_cast(*bp)->load_member(); // CHECK: ret i32 } }; @@ -210,7 +220,7 @@ void force_irgen() { A::call_through_reference(*a); A::call_through_pointer(a); - B::load_member(); + B::load_member(nullptr); Base *b = new Derived; b->load_member_1(); @@ -218,4 +228,6 @@ void force_irgen() { Derived *d; d->load_member_2(); d->load_member_3(); + + load_non_null_pointers(); } -- 2.40.0