Line data Source code
1 : //===-- Verifier.cpp - Implement the Module Verifier -----------------------==//
2 : //
3 : // The LLVM Compiler Infrastructure
4 : //
5 : // This file is distributed under the University of Illinois Open Source
6 : // License. See LICENSE.TXT for details.
7 : //
8 : //===----------------------------------------------------------------------===//
9 : //
10 : // This file defines the function verifier interface, that can be used for some
11 : // sanity checking of input to the system.
12 : //
13 : // Note that this does not provide full `Java style' security and verifications,
14 : // instead it just tries to ensure that code is well-formed.
15 : //
16 : // * Both of a binary operator's parameters are of the same type
17 : // * Verify that the indices of mem access instructions match other operands
18 : // * Verify that arithmetic and other things are only performed on first-class
19 : // types. Verify that shifts & logicals only happen on integrals f.e.
20 : // * All of the constants in a switch statement are of the correct type
21 : // * The code is in valid SSA form
22 : // * It should be illegal to put a label into any other type (like a structure)
23 : // or to return one. [except constant arrays!]
24 : // * Only phi nodes can be self referential: 'add i32 %0, %0 ; <int>:0' is bad
25 : // * PHI nodes must have an entry for each predecessor, with no extras.
26 : // * PHI nodes must be the first thing in a basic block, all grouped together
27 : // * PHI nodes must have at least one entry
28 : // * All basic blocks should only end with terminator insts, not contain them
29 : // * The entry node to a function must not have predecessors
30 : // * All Instructions must be embedded into a basic block
31 : // * Functions cannot take a void-typed parameter
32 : // * Verify that a function's argument list agrees with it's declared type.
33 : // * It is illegal to specify a name for a void value.
34 : // * It is illegal to have a internal global value with no initializer
35 : // * It is illegal to have a ret instruction that returns a value that does not
36 : // agree with the function return value type.
37 : // * Function call argument types match the function prototype
38 : // * A landing pad is defined by a landingpad instruction, and can be jumped to
39 : // only by the unwind edge of an invoke instruction.
40 : // * A landingpad instruction must be the first non-PHI instruction in the
41 : // block.
42 : // * Landingpad instructions must be in a function with a personality function.
43 : // * All other things that are tested by asserts spread about the code...
44 : //
45 : //===----------------------------------------------------------------------===//
46 :
47 : #include "llvm/IR/Verifier.h"
48 : #include "llvm/ADT/APFloat.h"
49 : #include "llvm/ADT/APInt.h"
50 : #include "llvm/ADT/ArrayRef.h"
51 : #include "llvm/ADT/DenseMap.h"
52 : #include "llvm/ADT/MapVector.h"
53 : #include "llvm/ADT/Optional.h"
54 : #include "llvm/ADT/STLExtras.h"
55 : #include "llvm/ADT/SmallPtrSet.h"
56 : #include "llvm/ADT/SmallSet.h"
57 : #include "llvm/ADT/SmallVector.h"
58 : #include "llvm/ADT/StringExtras.h"
59 : #include "llvm/ADT/StringMap.h"
60 : #include "llvm/ADT/StringRef.h"
61 : #include "llvm/ADT/Twine.h"
62 : #include "llvm/ADT/ilist.h"
63 : #include "llvm/BinaryFormat/Dwarf.h"
64 : #include "llvm/IR/Argument.h"
65 : #include "llvm/IR/Attributes.h"
66 : #include "llvm/IR/BasicBlock.h"
67 : #include "llvm/IR/CFG.h"
68 : #include "llvm/IR/CallSite.h"
69 : #include "llvm/IR/CallingConv.h"
70 : #include "llvm/IR/Comdat.h"
71 : #include "llvm/IR/Constant.h"
72 : #include "llvm/IR/ConstantRange.h"
73 : #include "llvm/IR/Constants.h"
74 : #include "llvm/IR/DataLayout.h"
75 : #include "llvm/IR/DebugInfo.h"
76 : #include "llvm/IR/DebugInfoMetadata.h"
77 : #include "llvm/IR/DebugLoc.h"
78 : #include "llvm/IR/DerivedTypes.h"
79 : #include "llvm/IR/Dominators.h"
80 : #include "llvm/IR/Function.h"
81 : #include "llvm/IR/GlobalAlias.h"
82 : #include "llvm/IR/GlobalValue.h"
83 : #include "llvm/IR/GlobalVariable.h"
84 : #include "llvm/IR/InlineAsm.h"
85 : #include "llvm/IR/InstVisitor.h"
86 : #include "llvm/IR/InstrTypes.h"
87 : #include "llvm/IR/Instruction.h"
88 : #include "llvm/IR/Instructions.h"
89 : #include "llvm/IR/IntrinsicInst.h"
90 : #include "llvm/IR/Intrinsics.h"
91 : #include "llvm/IR/LLVMContext.h"
92 : #include "llvm/IR/Metadata.h"
93 : #include "llvm/IR/Module.h"
94 : #include "llvm/IR/ModuleSlotTracker.h"
95 : #include "llvm/IR/PassManager.h"
96 : #include "llvm/IR/Statepoint.h"
97 : #include "llvm/IR/Type.h"
98 : #include "llvm/IR/Use.h"
99 : #include "llvm/IR/User.h"
100 : #include "llvm/IR/Value.h"
101 : #include "llvm/Pass.h"
102 : #include "llvm/Support/AtomicOrdering.h"
103 : #include "llvm/Support/Casting.h"
104 : #include "llvm/Support/CommandLine.h"
105 : #include "llvm/Support/Debug.h"
106 : #include "llvm/Support/ErrorHandling.h"
107 : #include "llvm/Support/MathExtras.h"
108 : #include "llvm/Support/raw_ostream.h"
109 : #include <algorithm>
110 : #include <cassert>
111 : #include <cstdint>
112 : #include <memory>
113 : #include <string>
114 : #include <utility>
115 :
116 : using namespace llvm;
117 :
118 : namespace llvm {
119 :
120 : struct VerifierSupport {
121 : raw_ostream *OS;
122 : const Module &M;
123 : ModuleSlotTracker MST;
124 : const DataLayout &DL;
125 : LLVMContext &Context;
126 :
127 : /// Track the brokenness of the module while recursively visiting.
128 : bool Broken = false;
129 : /// Broken debug info can be "recovered" from by stripping the debug info.
130 : bool BrokenDebugInfo = false;
131 : /// Whether to treat broken debug info as an error.
132 : bool TreatBrokenDebugInfoAsError = true;
133 :
134 100162 : explicit VerifierSupport(raw_ostream *OS, const Module &M)
135 100162 : : OS(OS), M(M), MST(&M), DL(M.getDataLayout()), Context(M.getContext()) {}
136 :
137 : private:
138 0 : void Write(const Module *M) {
139 0 : *OS << "; ModuleID = '" << M->getModuleIdentifier() << "'\n";
140 0 : }
141 :
142 402 : void Write(const Value *V) {
143 402 : if (!V)
144 : return;
145 400 : if (isa<Instruction>(V)) {
146 269 : V->print(*OS, MST);
147 269 : *OS << '\n';
148 : } else {
149 131 : V->printAsOperand(*OS, true, MST);
150 131 : *OS << '\n';
151 : }
152 : }
153 :
154 : void Write(ImmutableCallSite CS) {
155 37 : Write(CS.getInstruction());
156 : }
157 :
158 211 : void Write(const Metadata *MD) {
159 211 : if (!MD)
160 : return;
161 205 : MD->print(*OS, MST, &M);
162 205 : *OS << '\n';
163 : }
164 :
165 : template <class T> void Write(const MDTupleTypedArrayWrapper<T> &MD) {
166 0 : Write(MD.get());
167 : }
168 :
169 7 : void Write(const NamedMDNode *NMD) {
170 7 : if (!NMD)
171 : return;
172 7 : NMD->print(*OS, MST);
173 7 : *OS << '\n';
174 : }
175 :
176 0 : void Write(Type *T) {
177 0 : if (!T)
178 0 : return;
179 0 : *OS << ' ' << *T;
180 : }
181 :
182 : void Write(const Comdat *C) {
183 : if (!C)
184 : return;
185 : *OS << *C;
186 : }
187 :
188 0 : void Write(const APInt *AI) {
189 0 : if (!AI)
190 0 : return;
191 0 : *OS << *AI << '\n';
192 : }
193 :
194 0 : void Write(const unsigned i) { *OS << i << '\n'; }
195 :
196 : template <typename T> void Write(ArrayRef<T> Vs) {
197 16 : for (const T &V : Vs)
198 12 : Write(V);
199 : }
200 :
201 : template <typename T1, typename... Ts>
202 37 : void WriteTs(const T1 &V1, const Ts &... Vs) {
203 21 : Write(V1);
204 99 : WriteTs(Vs...);
205 37 : }
206 0 :
207 0 : template <typename... Ts> void WriteTs() {}
208 0 :
209 0 : public:
210 0 : /// A check failed, so printout out the condition and the message.
211 0 : ///
212 : /// This provides a nice place to put a breakpoint if you want to see why
213 0 : /// something is not correct.
214 0 : void CheckFailed(const Twine &Message) {
215 0 : if (OS)
216 : *OS << Message << '\n';
217 0 : Broken = true;
218 0 : }
219 0 :
220 0 : /// A check failed (with values to print).
221 0 : ///
222 0 : /// This calls the Message-only version so that the above is easier to set a
223 0 : /// breakpoint on.
224 0 : template <typename T1, typename... Ts>
225 0 : void CheckFailed(const Twine &Message, const T1 &V1, const Ts &... Vs) {
226 0 : CheckFailed(Message);
227 0 : if (OS)
228 : WriteTs(V1, Vs...);
229 0 : }
230 0 :
231 0 : /// A debug info check failed.
232 0 : void DebugInfoCheckFailed(const Twine &Message) {
233 0 : if (OS)
234 0 : *OS << Message << '\n';
235 0 : Broken |= TreatBrokenDebugInfoAsError;
236 : BrokenDebugInfo = true;
237 0 : }
238 0 :
239 0 : /// A debug info check failed (with values to print).
240 0 : template <typename T1, typename... Ts>
241 0 : void DebugInfoCheckFailed(const Twine &Message, const T1 &V1,
242 0 : const Ts &... Vs) {
243 0 : DebugInfoCheckFailed(Message);
244 0 : if (OS)
245 0 : WriteTs(V1, Vs...);
246 0 : }
247 0 : };
248 0 :
249 0 : } // namespace llvm
250 0 :
251 0 : namespace {
252 :
253 0 : class Verifier : public InstVisitor<Verifier>, VerifierSupport {
254 0 : friend class InstVisitor<Verifier>;
255 0 :
256 0 : DominatorTree DT;
257 0 :
258 0 : /// When verifying a basic block, keep track of all of the
259 0 : /// instructions we have seen so far.
260 0 : ///
261 0 : /// This allows us to do efficient dominance checks for the case when an
262 0 : /// instruction has an operand that is an instruction in the same block.
263 0 : SmallPtrSet<Instruction *, 16> InstsInThisBlock;
264 :
265 0 : /// Keep track of the metadata nodes that have been checked already.
266 0 : SmallPtrSet<const Metadata *, 32> MDNodes;
267 0 :
268 : /// Keep track which DISubprogram is attached to which function.
269 0 : DenseMap<const DISubprogram *, const Function *> DISubprogramAttachments;
270 0 :
271 0 : /// Track all DICompileUnits visited.
272 0 : SmallPtrSet<const Metadata *, 2> CUVisited;
273 0 :
274 0 : /// The result type for a landingpad.
275 0 : Type *LandingPadResultTy;
276 0 :
277 0 : /// Whether we've seen a call to @llvm.localescape in this function
278 0 : /// already.
279 0 : bool SawFrameEscape;
280 0 :
281 0 : /// Whether the current function has a DISubprogram attached to it.
282 0 : bool HasDebugInfo = false;
283 0 :
284 : /// Stores the count of how many objects were passed to llvm.localescape for a
285 0 : /// given function and the largest index passed to llvm.localrecover.
286 0 : DenseMap<Function *, std::pair<unsigned, unsigned>> FrameEscapeInfo;
287 0 :
288 : // Maps catchswitches and cleanuppads that unwind to siblings to the
289 0 : // terminators that indicate the unwind, used to detect cycles therein.
290 0 : MapVector<Instruction *, Instruction *> SiblingFuncletInfo;
291 0 :
292 0 : /// Cache of constants visited in search of ConstantExprs.
293 0 : SmallPtrSet<const Constant *, 32> ConstantExprVisited;
294 0 :
295 0 : /// Cache of declarations of the llvm.experimental.deoptimize.<ty> intrinsic.
296 : SmallVector<const Function *, 4> DeoptimizeDeclarations;
297 0 :
298 0 : // Verify that this GlobalValue is only used in this module.
299 0 : // This map is used to avoid visiting uses twice. We can arrive at a user
300 : // twice, if they have multiple operands. In particular for very large
301 0 : // constant expressions, we can arrive at a particular user many times.
302 0 : SmallPtrSet<const Value *, 32> GlobalValueVisited;
303 0 :
304 : // Keeps track of duplicate function argument debug info.
305 0 : SmallVector<const DILocalVariable *, 16> DebugFnArgs;
306 0 :
307 0 : TBAAVerifier TBAAVerifyHelper;
308 :
309 0 : void checkAtomicMemAccessSize(Type *Ty, const Instruction *I);
310 0 :
311 0 : public:
312 0 : explicit Verifier(raw_ostream *OS, bool ShouldTreatBrokenDebugInfoAsError,
313 0 : const Module &M)
314 0 : : VerifierSupport(OS, M), LandingPadResultTy(nullptr),
315 0 : SawFrameEscape(false), TBAAVerifyHelper(this) {
316 : TreatBrokenDebugInfoAsError = ShouldTreatBrokenDebugInfoAsError;
317 0 : }
318 0 :
319 0 : bool hasBrokenDebugInfo() const { return BrokenDebugInfo; }
320 0 :
321 0 : bool verify(const Function &F) {
322 0 : assert(F.getParent() == &M &&
323 0 : "An instance of this class only works with a specific module!");
324 :
325 0 : // First ensure the function is well-enough formed to compute dominance
326 0 : // information, and directly compute a dominance tree. We don't rely on the
327 0 : // pass manager to provide this as it isolates us from a potentially
328 : // out-of-date dominator tree and makes it significantly more complex to run
329 0 : // this code outside of a pass manager.
330 0 : // FIXME: It's really gross that we have to cast away constness here.
331 0 : if (!F.empty())
332 : DT.recalculate(const_cast<Function &>(F));
333 0 :
334 0 : for (const BasicBlock &BB : F) {
335 0 : if (!BB.empty() && BB.back().isTerminator())
336 : continue;
337 0 :
338 0 : if (OS) {
339 0 : *OS << "Basic Block in function '" << F.getName()
340 0 : << "' does not have terminator!\n";
341 0 : BB.printAsOperand(*OS, true, MST);
342 0 : *OS << "\n";
343 0 : }
344 : return false;
345 0 : }
346 0 :
347 0 : Broken = false;
348 0 : // FIXME: We strip const here because the inst visitor strips const.
349 0 : visit(const_cast<Function &>(F));
350 0 : verifySiblingFuncletUnwinds();
351 0 : InstsInThisBlock.clear();
352 0 : DebugFnArgs.clear();
353 0 : LandingPadResultTy = nullptr;
354 0 : SawFrameEscape = false;
355 0 : SiblingFuncletInfo.clear();
356 0 :
357 0 : return !Broken;
358 0 : }
359 0 :
360 0 : /// Verify the module that this instance of \c Verifier was initialized with.
361 0 : bool verify() {
362 0 : Broken = false;
363 0 :
364 : // Collect all declarations of the llvm.experimental.deoptimize intrinsic.
365 0 : for (const Function &F : M)
366 0 : if (F.getIntrinsicID() == Intrinsic::experimental_deoptimize)
367 0 : DeoptimizeDeclarations.push_back(&F);
368 0 :
369 0 : // Now that we've visited every function, verify that we never asked to
370 0 : // recover a frame index that wasn't escaped.
371 0 : verifyFrameRecoverIndices();
372 : for (const GlobalVariable &GV : M.globals())
373 0 : visitGlobalVariable(GV);
374 0 :
375 0 : for (const GlobalAlias &GA : M.aliases())
376 : visitGlobalAlias(GA);
377 0 :
378 0 : for (const NamedMDNode &NMD : M.named_metadata())
379 0 : visitNamedMDNode(NMD);
380 :
381 0 : for (const StringMapEntry<Comdat> &SMEC : M.getComdatSymbolTable())
382 0 : visitComdat(SMEC.getValue());
383 0 :
384 : visitModuleFlags(M);
385 0 : visitModuleIdents(M);
386 0 :
387 0 : verifyCompileUnits();
388 :
389 0 : verifyDeoptimizeCallingConvs();
390 0 : DISubprogramAttachments.clear();
391 0 : return !Broken;
392 : }
393 0 :
394 0 : private:
395 0 : // Verification methods...
396 : void visitGlobalValue(const GlobalValue &GV);
397 0 : void visitGlobalVariable(const GlobalVariable &GV);
398 0 : void visitGlobalAlias(const GlobalAlias &GA);
399 0 : void visitAliaseeSubExpr(const GlobalAlias &A, const Constant &C);
400 : void visitAliaseeSubExpr(SmallPtrSetImpl<const GlobalAlias *> &Visited,
401 0 : const GlobalAlias &A, const Constant &C);
402 0 : void visitNamedMDNode(const NamedMDNode &NMD);
403 0 : void visitMDNode(const MDNode &MD);
404 : void visitMetadataAsValue(const MetadataAsValue &MD, Function *F);
405 0 : void visitValueAsMetadata(const ValueAsMetadata &MD, Function *F);
406 0 : void visitComdat(const Comdat &C);
407 0 : void visitModuleIdents(const Module &M);
408 : void visitModuleFlags(const Module &M);
409 0 : void visitModuleFlag(const MDNode *Op,
410 0 : DenseMap<const MDString *, const MDNode *> &SeenIDs,
411 0 : SmallVectorImpl<const MDNode *> &Requirements);
412 : void visitModuleFlagCGProfileEntry(const MDOperand &MDO);
413 0 : void visitFunction(const Function &F);
414 0 : void visitBasicBlock(BasicBlock &BB);
415 0 : void visitRangeMetadata(Instruction &I, MDNode *Range, Type *Ty);
416 : void visitDereferenceableMetadata(Instruction &I, MDNode *MD);
417 0 :
418 0 : template <class Ty> bool isValidMetadataArray(const MDTuple &N);
419 0 : #define HANDLE_SPECIALIZED_MDNODE_LEAF(CLASS) void visit##CLASS(const CLASS &N);
420 : #include "llvm/IR/Metadata.def"
421 0 : void visitDIScope(const DIScope &N);
422 0 : void visitDIVariable(const DIVariable &N);
423 0 : void visitDILexicalBlockBase(const DILexicalBlockBase &N);
424 : void visitDITemplateParameter(const DITemplateParameter &N);
425 0 :
426 0 : void visitTemplateParams(const MDNode &N, const Metadata &RawParams);
427 0 :
428 : // InstVisitor overrides...
429 0 : using InstVisitor<Verifier>::visit;
430 0 : void visit(Instruction &I);
431 0 :
432 0 : void visitTruncInst(TruncInst &I);
433 0 : void visitZExtInst(ZExtInst &I);
434 0 : void visitSExtInst(SExtInst &I);
435 0 : void visitFPTruncInst(FPTruncInst &I);
436 : void visitFPExtInst(FPExtInst &I);
437 0 : void visitFPToUIInst(FPToUIInst &I);
438 0 : void visitFPToSIInst(FPToSIInst &I);
439 0 : void visitUIToFPInst(UIToFPInst &I);
440 0 : void visitSIToFPInst(SIToFPInst &I);
441 0 : void visitIntToPtrInst(IntToPtrInst &I);
442 0 : void visitPtrToIntInst(PtrToIntInst &I);
443 0 : void visitBitCastInst(BitCastInst &I);
444 0 : void visitAddrSpaceCastInst(AddrSpaceCastInst &I);
445 0 : void visitPHINode(PHINode &PN);
446 0 : void visitBinaryOperator(BinaryOperator &B);
447 0 : void visitICmpInst(ICmpInst &IC);
448 0 : void visitFCmpInst(FCmpInst &FC);
449 0 : void visitExtractElementInst(ExtractElementInst &EI);
450 0 : void visitInsertElementInst(InsertElementInst &EI);
451 0 : void visitShuffleVectorInst(ShuffleVectorInst &EI);
452 0 : void visitVAArgInst(VAArgInst &VAA) { visitInstruction(VAA); }
453 0 : void visitCallInst(CallInst &CI);
454 0 : void visitInvokeInst(InvokeInst &II);
455 0 : void visitGetElementPtrInst(GetElementPtrInst &GEP);
456 0 : void visitLoadInst(LoadInst &LI);
457 0 : void visitStoreInst(StoreInst &SI);
458 0 : void verifyDominatesUse(Instruction &I, unsigned i);
459 0 : void visitInstruction(Instruction &I);
460 0 : void visitTerminator(Instruction &I);
461 0 : void visitBranchInst(BranchInst &BI);
462 0 : void visitReturnInst(ReturnInst &RI);
463 0 : void visitSwitchInst(SwitchInst &SI);
464 : void visitIndirectBrInst(IndirectBrInst &BI);
465 0 : void visitSelectInst(SelectInst &SI);
466 0 : void visitUserOp1(Instruction &I);
467 0 : void visitUserOp2(Instruction &I) { visitUserOp1(I); }
468 0 : void visitIntrinsicCallSite(Intrinsic::ID ID, CallSite CS);
469 0 : void visitConstrainedFPIntrinsic(ConstrainedFPIntrinsic &FPI);
470 0 : void visitDbgIntrinsic(StringRef Kind, DbgVariableIntrinsic &DII);
471 0 : void visitDbgLabelIntrinsic(StringRef Kind, DbgLabelInst &DLI);
472 0 : void visitAtomicCmpXchgInst(AtomicCmpXchgInst &CXI);
473 0 : void visitAtomicRMWInst(AtomicRMWInst &RMWI);
474 0 : void visitFenceInst(FenceInst &FI);
475 0 : void visitAllocaInst(AllocaInst &AI);
476 : void visitExtractValueInst(ExtractValueInst &EVI);
477 0 : void visitInsertValueInst(InsertValueInst &IVI);
478 0 : void visitEHPadPredecessors(Instruction &I);
479 0 : void visitLandingPadInst(LandingPadInst &LPI);
480 : void visitResumeInst(ResumeInst &RI);
481 0 : void visitCatchPadInst(CatchPadInst &CPI);
482 0 : void visitCatchReturnInst(CatchReturnInst &CatchReturn);
483 0 : void visitCleanupPadInst(CleanupPadInst &CPI);
484 : void visitFuncletPadInst(FuncletPadInst &FPI);
485 0 : void visitCatchSwitchInst(CatchSwitchInst &CatchSwitch);
486 0 : void visitCleanupReturnInst(CleanupReturnInst &CRI);
487 0 :
488 : void verifyCallSite(CallSite CS);
489 0 : void verifySwiftErrorCallSite(CallSite CS, const Value *SwiftErrorVal);
490 0 : void verifySwiftErrorValue(const Value *SwiftErrorVal);
491 0 : void verifyMustTailCall(CallInst &CI);
492 0 : bool performTypeCheck(Intrinsic::ID ID, Function *F, Type *Ty, int VT,
493 0 : unsigned ArgNo, std::string &Suffix);
494 0 : bool verifyAttributeCount(AttributeList Attrs, unsigned Params);
495 0 : void verifyAttributeTypes(AttributeSet Attrs, bool IsFunction,
496 : const Value *V);
497 0 : void verifyParameterAttrs(AttributeSet Attrs, Type *Ty, const Value *V);
498 0 : void verifyFunctionAttrs(FunctionType *FT, AttributeList Attrs,
499 0 : const Value *V);
500 : void verifyFunctionMetadata(ArrayRef<std::pair<unsigned, MDNode *>> MDs);
501 0 :
502 0 : void visitConstantExprsRecursively(const Constant *EntryC);
503 0 : void visitConstantExpr(const ConstantExpr *CE);
504 0 : void verifyStatepoint(ImmutableCallSite CS);
505 0 : void verifyFrameRecoverIndices();
506 0 : void verifySiblingFuncletUnwinds();
507 0 :
508 0 : void verifyFragmentExpression(const DbgVariableIntrinsic &I);
509 0 : template <typename ValueOrMetadata>
510 0 : void verifyFragmentExpression(const DIVariable &V,
511 0 : DIExpression::FragmentInfo Fragment,
512 : ValueOrMetadata *Desc);
513 0 : void verifyFnArgs(const DbgVariableIntrinsic &I);
514 0 :
515 0 : /// Module-level debug info verification...
516 : void verifyCompileUnits();
517 0 :
518 0 : /// Module-level verification that all @llvm.experimental.deoptimize
519 0 : /// declarations share the same calling convention.
520 : void verifyDeoptimizeCallingConvs();
521 0 : };
522 0 :
523 0 : } // end anonymous namespace
524 :
525 0 : /// We know that cond should be true, if not print an error message.
526 0 : #define Assert(C, ...) \
527 0 : do { if (!(C)) { CheckFailed(__VA_ARGS__); return; } } while (false)
528 0 :
529 0 : /// We know that a debug info condition should be true, if not print
530 0 : /// an error message.
531 0 : #define AssertDI(C, ...) \
532 0 : do { if (!(C)) { DebugInfoCheckFailed(__VA_ARGS__); return; } } while (false)
533 0 :
534 0 : void Verifier::visit(Instruction &I) {
535 0 : for (unsigned i = 0, e = I.getNumOperands(); i != e; ++i)
536 : Assert(I.getOperand(i) != nullptr, "Operand is null", &I);
537 0 : InstVisitor<Verifier>::visit(I);
538 0 : }
539 0 :
540 : // Helper to recursively iterate over indirect users. By
541 0 : // returning false, the callback can ask to stop recursing
542 0 : // further.
543 0 : static void forEachUser(const Value *User,
544 : SmallPtrSet<const Value *, 32> &Visited,
545 0 : llvm::function_ref<bool(const Value *)> Callback) {
546 0 : if (!Visited.insert(User).second)
547 0 : return;
548 : for (const Value *TheNextUser : User->materialized_users())
549 0 : if (Callback(TheNextUser))
550 0 : forEachUser(TheNextUser, Visited, Callback);
551 0 : }
552 0 :
553 0 : void Verifier::visitGlobalValue(const GlobalValue &GV) {
554 0 : Assert(!GV.isDeclaration() || GV.hasValidDeclarationLinkage(),
555 0 : "Global is external, but doesn't have external or weak linkage!", &GV);
556 0 :
557 0 : Assert(GV.getAlignment() <= Value::MaximumAlignment,
558 0 : "huge alignment values are unsupported", &GV);
559 0 : Assert(!GV.hasAppendingLinkage() || isa<GlobalVariable>(GV),
560 0 : "Only global variables can have appending linkage!", &GV);
561 0 :
562 0 : if (GV.hasAppendingLinkage()) {
563 0 : const GlobalVariable *GVar = dyn_cast<GlobalVariable>(&GV);
564 : Assert(GVar && GVar->getValueType()->isArrayTy(),
565 0 : "Only global arrays can have appending linkage!", GVar);
566 0 : }
567 0 :
568 : if (GV.isDeclarationForLinker())
569 0 : Assert(!GV.hasComdat(), "Declaration may not be in a Comdat!", &GV);
570 0 :
571 0 : if (GV.hasDLLImportStorageClass()) {
572 : Assert(!GV.isDSOLocal(),
573 0 : "GlobalValue with DLLImport Storage is dso_local!", &GV);
574 0 :
575 0 : Assert((GV.isDeclaration() && GV.hasExternalLinkage()) ||
576 : GV.hasAvailableExternallyLinkage(),
577 0 : "Global is marked as dllimport, but not external", &GV);
578 0 : }
579 0 :
580 0 : if (GV.hasLocalLinkage())
581 0 : Assert(GV.isDSOLocal(),
582 0 : "GlobalValue with private or internal linkage must be dso_local!",
583 0 : &GV);
584 :
585 0 : if (!GV.hasDefaultVisibility() && !GV.hasExternalWeakLinkage())
586 0 : Assert(GV.isDSOLocal(),
587 0 : "GlobalValue with non default visibility must be dso_local!", &GV);
588 0 :
589 0 : forEachUser(&GV, GlobalValueVisited, [&](const Value *V) -> bool {
590 0 : if (const Instruction *I = dyn_cast<Instruction>(V)) {
591 0 : if (!I->getParent() || !I->getParent()->getParent())
592 0 : CheckFailed("Global is referenced by parentless instruction!", &GV, &M,
593 0 : I);
594 0 : else if (I->getParent()->getParent()->getParent() != &M)
595 0 : CheckFailed("Global is referenced in a different module!", &GV, &M, I,
596 : I->getParent()->getParent(),
597 0 : I->getParent()->getParent()->getParent());
598 0 : return false;
599 0 : } else if (const Function *F = dyn_cast<Function>(V)) {
600 0 : if (F->getParent() != &M)
601 0 : CheckFailed("Global is used by function in a different module", &GV, &M,
602 0 : F, F->getParent());
603 0 : return false;
604 : }
605 0 : return true;
606 0 : });
607 0 : }
608 :
609 0 : void Verifier::visitGlobalVariable(const GlobalVariable &GV) {
610 0 : if (GV.hasInitializer()) {
611 0 : Assert(GV.getInitializer()->getType() == GV.getValueType(),
612 0 : "Global variable initializer type does not match global "
613 0 : "variable type!",
614 0 : &GV);
615 0 : // If the global has common linkage, it must have a zero initializer and
616 : // cannot be constant.
617 0 : if (GV.hasCommonLinkage()) {
618 0 : Assert(GV.getInitializer()->isNullValue(),
619 0 : "'common' global must have a zero initializer!", &GV);
620 0 : Assert(!GV.isConstant(), "'common' global may not be marked constant!",
621 0 : &GV);
622 0 : Assert(!GV.hasComdat(), "'common' global may not be in a Comdat!", &GV);
623 0 : }
624 : }
625 0 :
626 0 : if (GV.hasName() && (GV.getName() == "llvm.global_ctors" ||
627 0 : GV.getName() == "llvm.global_dtors")) {
628 : Assert(!GV.hasInitializer() || GV.hasAppendingLinkage(),
629 0 : "invalid linkage for intrinsic global variable", &GV);
630 0 : // Don't worry about emitting an error for it not being an array,
631 0 : // visitGlobalValue will complain on appending non-array.
632 0 : if (ArrayType *ATy = dyn_cast<ArrayType>(GV.getValueType())) {
633 0 : StructType *STy = dyn_cast<StructType>(ATy->getElementType());
634 0 : PointerType *FuncPtrTy =
635 0 : FunctionType::get(Type::getVoidTy(Context), false)->
636 : getPointerTo(DL.getProgramAddressSpace());
637 0 : // FIXME: Reject the 2-field form in LLVM 4.0.
638 0 : Assert(STy &&
639 0 : (STy->getNumElements() == 2 || STy->getNumElements() == 3) &&
640 : STy->getTypeAtIndex(0u)->isIntegerTy(32) &&
641 0 : STy->getTypeAtIndex(1) == FuncPtrTy,
642 0 : "wrong type for intrinsic global variable", &GV);
643 0 : if (STy->getNumElements() == 3) {
644 0 : Type *ETy = STy->getTypeAtIndex(2);
645 0 : Assert(ETy->isPointerTy() &&
646 0 : cast<PointerType>(ETy)->getElementType()->isIntegerTy(8),
647 0 : "wrong type for intrinsic global variable", &GV);
648 : }
649 0 : }
650 0 : }
651 0 :
652 0 : if (GV.hasName() && (GV.getName() == "llvm.used" ||
653 0 : GV.getName() == "llvm.compiler.used")) {
654 0 : Assert(!GV.hasInitializer() || GV.hasAppendingLinkage(),
655 0 : "invalid linkage for intrinsic global variable", &GV);
656 0 : Type *GVType = GV.getValueType();
657 0 : if (ArrayType *ATy = dyn_cast<ArrayType>(GVType)) {
658 0 : PointerType *PTy = dyn_cast<PointerType>(ATy->getElementType());
659 0 : Assert(PTy, "wrong type for intrinsic global variable", &GV);
660 0 : if (GV.hasInitializer()) {
661 0 : const Constant *Init = GV.getInitializer();
662 0 : const ConstantArray *InitArray = dyn_cast<ConstantArray>(Init);
663 0 : Assert(InitArray, "wrong initalizer for intrinsic global variable",
664 : Init);
665 0 : for (Value *Op : InitArray->operands()) {
666 0 : Value *V = Op->stripPointerCastsNoFollowAliases();
667 0 : Assert(isa<GlobalVariable>(V) || isa<Function>(V) ||
668 0 : isa<GlobalAlias>(V),
669 0 : "invalid llvm.used member", V);
670 0 : Assert(V->hasName(), "members of llvm.used must be named", V);
671 0 : }
672 0 : }
673 0 : }
674 0 : }
675 0 :
676 0 : // Visit any debug info attachments.
677 0 : SmallVector<MDNode *, 1> MDs;
678 0 : GV.getMetadata(LLVMContext::MD_dbg, MDs);
679 0 : for (auto *MD : MDs) {
680 : if (auto *GVE = dyn_cast<DIGlobalVariableExpression>(MD))
681 0 : visitDIGlobalVariableExpression(*GVE);
682 0 : else
683 0 : AssertDI(false, "!dbg attachment of global variable must be a "
684 : "DIGlobalVariableExpression");
685 0 : }
686 0 :
687 0 : if (!GV.hasInitializer()) {
688 0 : visitGlobalValue(GV);
689 0 : return;
690 0 : }
691 0 :
692 0 : // Walk any aggregate initializers looking for bitcasts between address spaces
693 0 : visitConstantExprsRecursively(GV.getInitializer());
694 0 :
695 0 : visitGlobalValue(GV);
696 0 : }
697 0 :
698 0 : void Verifier::visitAliaseeSubExpr(const GlobalAlias &GA, const Constant &C) {
699 0 : SmallPtrSet<const GlobalAlias*, 4> Visited;
700 0 : Visited.insert(&GA);
701 0 : visitAliaseeSubExpr(Visited, GA, C);
702 0 : }
703 0 :
704 0 : void Verifier::visitAliaseeSubExpr(SmallPtrSetImpl<const GlobalAlias*> &Visited,
705 0 : const GlobalAlias &GA, const Constant &C) {
706 0 : if (const auto *GV = dyn_cast<GlobalValue>(&C)) {
707 0 : Assert(!GV->isDeclarationForLinker(), "Alias must point to a definition",
708 0 : &GA);
709 0 :
710 0 : if (const auto *GA2 = dyn_cast<GlobalAlias>(GV)) {
711 0 : Assert(Visited.insert(GA2).second, "Aliases cannot form a cycle", &GA);
712 0 :
713 0 : Assert(!GA2->isInterposable(), "Alias cannot point to an interposable alias",
714 0 : &GA);
715 0 : } else {
716 0 : // Only continue verifying subexpressions of GlobalAliases.
717 0 : // Do not recurse into global initializers.
718 0 : return;
719 0 : }
720 0 : }
721 0 :
722 0 : if (const auto *CE = dyn_cast<ConstantExpr>(&C))
723 0 : visitConstantExprsRecursively(CE);
724 :
725 0 : for (const Use &U : C.operands()) {
726 0 : Value *V = &*U;
727 0 : if (const auto *GA2 = dyn_cast<GlobalAlias>(V))
728 0 : visitAliaseeSubExpr(Visited, GA, *GA2->getAliasee());
729 0 : else if (const auto *C2 = dyn_cast<Constant>(V))
730 0 : visitAliaseeSubExpr(Visited, GA, *C2);
731 0 : }
732 0 : }
733 0 :
734 0 : void Verifier::visitGlobalAlias(const GlobalAlias &GA) {
735 0 : Assert(GlobalAlias::isValidLinkage(GA.getLinkage()),
736 0 : "Alias should have private, internal, linkonce, weak, linkonce_odr, "
737 0 : "weak_odr, or external linkage!",
738 0 : &GA);
739 0 : const Constant *Aliasee = GA.getAliasee();
740 0 : Assert(Aliasee, "Aliasee cannot be NULL!", &GA);
741 0 : Assert(GA.getType() == Aliasee->getType(),
742 0 : "Alias and aliasee types should match!", &GA);
743 0 :
744 0 : Assert(isa<GlobalValue>(Aliasee) || isa<ConstantExpr>(Aliasee),
745 0 : "Aliasee should be either GlobalValue or ConstantExpr", &GA);
746 0 :
747 0 : visitAliaseeSubExpr(GA, *Aliasee);
748 0 :
749 0 : visitGlobalValue(GA);
750 0 : }
751 0 :
752 0 : void Verifier::visitNamedMDNode(const NamedMDNode &NMD) {
753 0 : // There used to be various other llvm.dbg.* nodes, but we don't support
754 0 : // upgrading them and we want to reserve the namespace for future uses.
755 0 : if (NMD.getName().startswith("llvm.dbg."))
756 0 : AssertDI(NMD.getName() == "llvm.dbg.cu",
757 0 : "unrecognized named metadata node in the llvm.dbg namespace",
758 0 : &NMD);
759 0 : for (const MDNode *MD : NMD.operands()) {
760 0 : if (NMD.getName() == "llvm.dbg.cu")
761 0 : AssertDI(MD && isa<DICompileUnit>(MD), "invalid compile unit", &NMD, MD);
762 0 :
763 0 : if (!MD)
764 0 : continue;
765 0 :
766 0 : visitMDNode(*MD);
767 0 : }
768 0 : }
769 0 :
770 0 : void Verifier::visitMDNode(const MDNode &MD) {
771 0 : // Only visit each node once. Metadata can be mutually recursive, so this
772 : // avoids infinite recursion here, as well as being an optimization.
773 0 : if (!MDNodes.insert(&MD).second)
774 0 : return;
775 0 :
776 : switch (MD.getMetadataID()) {
777 0 : default:
778 0 : llvm_unreachable("Invalid MDNode subclass");
779 0 : case Metadata::MDTupleKind:
780 : break;
781 0 : #define HANDLE_SPECIALIZED_MDNODE_LEAF(CLASS) \
782 0 : case Metadata::CLASS##Kind: \
783 0 : visit##CLASS(cast<CLASS>(MD)); \
784 0 : break;
785 0 : #include "llvm/IR/Metadata.def"
786 0 : }
787 0 :
788 0 : for (const Metadata *Op : MD.operands()) {
789 0 : if (!Op)
790 0 : continue;
791 0 : Assert(!isa<LocalAsMetadata>(Op), "Invalid operand for global metadata!",
792 0 : &MD, Op);
793 0 : if (auto *N = dyn_cast<MDNode>(Op)) {
794 0 : visitMDNode(*N);
795 0 : continue;
796 : }
797 0 : if (auto *V = dyn_cast<ValueAsMetadata>(Op)) {
798 0 : visitValueAsMetadata(*V, nullptr);
799 0 : continue;
800 0 : }
801 0 : }
802 0 :
803 0 : // Check these last, so we diagnose problems in operands first.
804 : Assert(!MD.isTemporary(), "Expected no forward declarations!", &MD);
805 0 : Assert(MD.isResolved(), "All nodes should be resolved!", &MD);
806 0 : }
807 0 :
808 0 : void Verifier::visitValueAsMetadata(const ValueAsMetadata &MD, Function *F) {
809 0 : Assert(MD.getValue(), "Expected valid value", &MD);
810 0 : Assert(!MD.getValue()->getType()->isMetadataTy(),
811 0 : "Unexpected metadata round-trip through values", &MD, MD.getValue());
812 :
813 0 : auto *L = dyn_cast<LocalAsMetadata>(&MD);
814 0 : if (!L)
815 0 : return;
816 0 :
817 0 : Assert(F, "function-local metadata used outside a function", L);
818 0 :
819 0 : // If this was an instruction, bb, or argument, verify that it is in the
820 0 : // function that we expect.
821 0 : Function *ActualF = nullptr;
822 0 : if (Instruction *I = dyn_cast<Instruction>(L->getValue())) {
823 0 : Assert(I->getParent(), "function-local metadata not in basic block", L, I);
824 : ActualF = I->getParent()->getParent();
825 0 : } else if (BasicBlock *BB = dyn_cast<BasicBlock>(L->getValue()))
826 0 : ActualF = BB->getParent();
827 0 : else if (Argument *A = dyn_cast<Argument>(L->getValue()))
828 0 : ActualF = A->getParent();
829 0 : assert(ActualF && "Unimplemented function local metadata case!");
830 0 :
831 0 : Assert(ActualF == F, "function-local metadata used in wrong function", L);
832 0 : }
833 0 :
834 0 : void Verifier::visitMetadataAsValue(const MetadataAsValue &MDV, Function *F) {
835 0 : Metadata *MD = MDV.getMetadata();
836 0 : if (auto *N = dyn_cast<MDNode>(MD)) {
837 0 : visitMDNode(*N);
838 0 : return;
839 0 : }
840 0 :
841 0 : // Only visit each node once. Metadata can be mutually recursive, so this
842 0 : // avoids infinite recursion here, as well as being an optimization.
843 0 : if (!MDNodes.insert(MD).second)
844 : return;
845 0 :
846 0 : if (auto *V = dyn_cast<ValueAsMetadata>(MD))
847 0 : visitValueAsMetadata(*V, F);
848 0 : }
849 0 :
850 0 : static bool isType(const Metadata *MD) { return !MD || isa<DIType>(MD); }
851 0 : static bool isScope(const Metadata *MD) { return !MD || isa<DIScope>(MD); }
852 0 : static bool isDINode(const Metadata *MD) { return !MD || isa<DINode>(MD); }
853 0 :
854 0 : void Verifier::visitDILocation(const DILocation &N) {
855 0 : AssertDI(N.getRawScope() && isa<DILocalScope>(N.getRawScope()),
856 0 : "location requires a valid scope", &N, N.getRawScope());
857 0 : if (auto *IA = N.getRawInlinedAt())
858 0 : AssertDI(isa<DILocation>(IA), "inlined-at should be a location", &N, IA);
859 0 : if (auto *SP = dyn_cast<DISubprogram>(N.getRawScope()))
860 0 : AssertDI(SP->isDefinition(), "scope points into the type hierarchy", &N);
861 0 : }
862 0 :
863 0 : void Verifier::visitGenericDINode(const GenericDINode &N) {
864 : AssertDI(N.getTag(), "invalid tag", &N);
865 0 : }
866 0 :
867 0 : void Verifier::visitDIScope(const DIScope &N) {
868 : if (auto *F = N.getRawFile())
869 0 : AssertDI(isa<DIFile>(F), "invalid file", &N, F);
870 0 : }
871 0 :
872 0 : void Verifier::visitDISubrange(const DISubrange &N) {
873 0 : AssertDI(N.getTag() == dwarf::DW_TAG_subrange_type, "invalid tag", &N);
874 0 : auto Count = N.getCount();
875 0 : AssertDI(Count, "Count must either be a signed constant or a DIVariable",
876 0 : &N);
877 0 : AssertDI(!Count.is<ConstantInt*>() ||
878 0 : Count.get<ConstantInt*>()->getSExtValue() >= -1,
879 0 : "invalid subrange count", &N);
880 0 : }
881 0 :
882 0 : void Verifier::visitDIEnumerator(const DIEnumerator &N) {
883 0 : AssertDI(N.getTag() == dwarf::DW_TAG_enumerator, "invalid tag", &N);
884 0 : }
885 0 :
886 0 : void Verifier::visitDIBasicType(const DIBasicType &N) {
887 0 : AssertDI(N.getTag() == dwarf::DW_TAG_base_type ||
888 : N.getTag() == dwarf::DW_TAG_unspecified_type,
889 0 : "invalid tag", &N);
890 0 : AssertDI(!(N.isBigEndian() && N.isLittleEndian()) ,
891 0 : "has conflicting flags", &N);
892 0 : }
893 0 :
894 0 : void Verifier::visitDIDerivedType(const DIDerivedType &N) {
895 0 : // Common scope checks.
896 0 : visitDIScope(N);
897 0 :
898 0 : AssertDI(N.getTag() == dwarf::DW_TAG_typedef ||
899 0 : N.getTag() == dwarf::DW_TAG_pointer_type ||
900 0 : N.getTag() == dwarf::DW_TAG_ptr_to_member_type ||
901 0 : N.getTag() == dwarf::DW_TAG_reference_type ||
902 0 : N.getTag() == dwarf::DW_TAG_rvalue_reference_type ||
903 0 : N.getTag() == dwarf::DW_TAG_const_type ||
904 0 : N.getTag() == dwarf::DW_TAG_volatile_type ||
905 0 : N.getTag() == dwarf::DW_TAG_restrict_type ||
906 0 : N.getTag() == dwarf::DW_TAG_atomic_type ||
907 0 : N.getTag() == dwarf::DW_TAG_member ||
908 0 : N.getTag() == dwarf::DW_TAG_inheritance ||
909 0 : N.getTag() == dwarf::DW_TAG_friend,
910 0 : "invalid tag", &N);
911 0 : if (N.getTag() == dwarf::DW_TAG_ptr_to_member_type) {
912 0 : AssertDI(isType(N.getRawExtraData()), "invalid pointer to member type", &N,
913 0 : N.getRawExtraData());
914 0 : }
915 0 :
916 0 : AssertDI(isScope(N.getRawScope()), "invalid scope", &N, N.getRawScope());
917 0 : AssertDI(isType(N.getRawBaseType()), "invalid base type", &N,
918 0 : N.getRawBaseType());
919 0 :
920 0 : if (N.getDWARFAddressSpace()) {
921 0 : AssertDI(N.getTag() == dwarf::DW_TAG_pointer_type ||
922 0 : N.getTag() == dwarf::DW_TAG_reference_type,
923 0 : "DWARF address space only applies to pointer or reference types",
924 : &N);
925 0 : }
926 0 : }
927 0 :
928 0 : /// Detect mutually exclusive flags.
929 0 : static bool hasConflictingReferenceFlags(unsigned Flags) {
930 0 : return ((Flags & DINode::FlagLValueReference) &&
931 0 : (Flags & DINode::FlagRValueReference)) ||
932 0 : ((Flags & DINode::FlagTypePassByValue) &&
933 0 : (Flags & DINode::FlagTypePassByReference));
934 0 : }
935 0 :
936 0 : void Verifier::visitTemplateParams(const MDNode &N, const Metadata &RawParams) {
937 0 : auto *Params = dyn_cast<MDTuple>(&RawParams);
938 0 : AssertDI(Params, "invalid template params", &N, &RawParams);
939 0 : for (Metadata *Op : Params->operands()) {
940 0 : AssertDI(Op && isa<DITemplateParameter>(Op), "invalid template parameter",
941 0 : &N, Params, Op);
942 0 : }
943 0 : }
944 0 :
945 0 : void Verifier::visitDICompositeType(const DICompositeType &N) {
946 0 : // Common scope checks.
947 0 : visitDIScope(N);
948 0 :
949 0 : AssertDI(N.getTag() == dwarf::DW_TAG_array_type ||
950 0 : N.getTag() == dwarf::DW_TAG_structure_type ||
951 0 : N.getTag() == dwarf::DW_TAG_union_type ||
952 : N.getTag() == dwarf::DW_TAG_enumeration_type ||
953 0 : N.getTag() == dwarf::DW_TAG_class_type ||
954 0 : N.getTag() == dwarf::DW_TAG_variant_part,
955 0 : "invalid tag", &N);
956 :
957 0 : AssertDI(isScope(N.getRawScope()), "invalid scope", &N, N.getRawScope());
958 0 : AssertDI(isType(N.getRawBaseType()), "invalid base type", &N,
959 0 : N.getRawBaseType());
960 :
961 0 : AssertDI(!N.getRawElements() || isa<MDTuple>(N.getRawElements()),
962 0 : "invalid composite elements", &N, N.getRawElements());
963 0 : AssertDI(isType(N.getRawVTableHolder()), "invalid vtable holder", &N,
964 : N.getRawVTableHolder());
965 0 : AssertDI(!hasConflictingReferenceFlags(N.getFlags()),
966 0 : "invalid reference flags", &N);
967 0 :
968 : if (N.isVector()) {
969 0 : const DINodeArray Elements = N.getElements();
970 0 : AssertDI(Elements.size() == 1 &&
971 0 : Elements[0]->getTag() == dwarf::DW_TAG_subrange_type,
972 0 : "invalid vector, expected one element of type subrange", &N);
973 0 : }
974 0 :
975 0 : if (auto *Params = N.getRawTemplateParams())
976 : visitTemplateParams(N, *Params);
977 0 :
978 0 : if (N.getTag() == dwarf::DW_TAG_class_type ||
979 0 : N.getTag() == dwarf::DW_TAG_union_type) {
980 0 : AssertDI(N.getFile() && !N.getFile()->getFilename().empty(),
981 0 : "class/union requires a filename", &N, N.getFile());
982 0 : }
983 0 :
984 0 : if (auto *D = N.getRawDiscriminator()) {
985 0 : AssertDI(isa<DIDerivedType>(D) && N.getTag() == dwarf::DW_TAG_variant_part,
986 0 : "discriminator can only appear on variant part");
987 0 : }
988 : }
989 0 :
990 0 : void Verifier::visitDISubroutineType(const DISubroutineType &N) {
991 0 : AssertDI(N.getTag() == dwarf::DW_TAG_subroutine_type, "invalid tag", &N);
992 : if (auto *Types = N.getRawTypeArray()) {
993 0 : AssertDI(isa<MDTuple>(Types), "invalid composite elements", &N, Types);
994 0 : for (Metadata *Ty : N.getTypeArray()->operands()) {
995 0 : AssertDI(isType(Ty), "invalid subroutine type ref", &N, Types, Ty);
996 0 : }
997 0 : }
998 0 : AssertDI(!hasConflictingReferenceFlags(N.getFlags()),
999 0 : "invalid reference flags", &N);
1000 0 : }
1001 0 :
1002 0 : void Verifier::visitDIFile(const DIFile &N) {
1003 0 : AssertDI(N.getTag() == dwarf::DW_TAG_file_type, "invalid tag", &N);
1004 : Optional<DIFile::ChecksumInfo<StringRef>> Checksum = N.getChecksum();
1005 0 : if (Checksum) {
1006 0 : AssertDI(Checksum->Kind <= DIFile::ChecksumKind::CSK_Last,
1007 0 : "invalid checksum kind", &N);
1008 0 : size_t Size;
1009 0 : switch (Checksum->Kind) {
1010 0 : case DIFile::CSK_MD5:
1011 0 : Size = 32;
1012 : break;
1013 0 : case DIFile::CSK_SHA1:
1014 0 : Size = 40;
1015 0 : break;
1016 0 : }
1017 0 : AssertDI(Checksum->Value.size() == Size, "invalid checksum length", &N);
1018 0 : AssertDI(Checksum->Value.find_if_not(llvm::isHexDigit) == StringRef::npos,
1019 0 : "invalid checksum", &N);
1020 : }
1021 0 : }
1022 0 :
1023 0 : void Verifier::visitDICompileUnit(const DICompileUnit &N) {
1024 0 : AssertDI(N.isDistinct(), "compile units must be distinct", &N);
1025 0 : AssertDI(N.getTag() == dwarf::DW_TAG_compile_unit, "invalid tag", &N);
1026 0 :
1027 0 : // Don't bother verifying the compilation directory or producer string
1028 : // as those could be empty.
1029 0 : AssertDI(N.getRawFile() && isa<DIFile>(N.getRawFile()), "invalid file", &N,
1030 0 : N.getRawFile());
1031 0 : AssertDI(!N.getFile()->getFilename().empty(), "invalid filename", &N,
1032 0 : N.getFile());
1033 0 :
1034 0 : AssertDI((N.getEmissionKind() <= DICompileUnit::LastEmissionKind),
1035 0 : "invalid emission kind", &N);
1036 :
1037 0 : if (auto *Array = N.getRawEnumTypes()) {
1038 0 : AssertDI(isa<MDTuple>(Array), "invalid enum list", &N, Array);
1039 0 : for (Metadata *Op : N.getEnumTypes()->operands()) {
1040 : auto *Enum = dyn_cast_or_null<DICompositeType>(Op);
1041 0 : AssertDI(Enum && Enum->getTag() == dwarf::DW_TAG_enumeration_type,
1042 0 : "invalid enum type", &N, N.getEnumTypes(), Op);
1043 0 : }
1044 : }
1045 0 : if (auto *Array = N.getRawRetainedTypes()) {
1046 0 : AssertDI(isa<MDTuple>(Array), "invalid retained type list", &N, Array);
1047 0 : for (Metadata *Op : N.getRetainedTypes()->operands()) {
1048 : AssertDI(Op && (isa<DIType>(Op) ||
1049 0 : (isa<DISubprogram>(Op) &&
1050 0 : !cast<DISubprogram>(Op)->isDefinition())),
1051 0 : "invalid retained type", &N, Op);
1052 : }
1053 0 : }
1054 0 : if (auto *Array = N.getRawGlobalVariables()) {
1055 0 : AssertDI(isa<MDTuple>(Array), "invalid global variable list", &N, Array);
1056 : for (Metadata *Op : N.getGlobalVariables()->operands()) {
1057 0 : AssertDI(Op && (isa<DIGlobalVariableExpression>(Op)),
1058 0 : "invalid global variable ref", &N, Op);
1059 0 : }
1060 : }
1061 0 : if (auto *Array = N.getRawImportedEntities()) {
1062 37 : AssertDI(isa<MDTuple>(Array), "invalid imported entity list", &N, Array);
1063 : for (Metadata *Op : N.getImportedEntities()->operands()) {
1064 : AssertDI(Op && isa<DIImportedEntity>(Op), "invalid imported entity ref",
1065 37 : &N, Op);
1066 0 : }
1067 0 : }
1068 0 : if (auto *Array = N.getRawMacros()) {
1069 0 : AssertDI(isa<MDTuple>(Array), "invalid macro list", &N, Array);
1070 0 : for (Metadata *Op : N.getMacros()->operands()) {
1071 0 : AssertDI(Op && isa<DIMacroNode>(Op), "invalid macro ref", &N, Op);
1072 0 : }
1073 0 : }
1074 0 : CUVisited.insert(&N);
1075 0 : }
1076 :
1077 0 : void Verifier::visitDISubprogram(const DISubprogram &N) {
1078 0 : AssertDI(N.getTag() == dwarf::DW_TAG_subprogram, "invalid tag", &N);
1079 0 : AssertDI(isScope(N.getRawScope()), "invalid scope", &N, N.getRawScope());
1080 0 : if (auto *F = N.getRawFile())
1081 0 : AssertDI(isa<DIFile>(F), "invalid file", &N, F);
1082 0 : else
1083 0 : AssertDI(N.getLine() == 0, "line specified with no file", &N, N.getLine());
1084 0 : if (auto *T = N.getRawType())
1085 0 : AssertDI(isa<DISubroutineType>(T), "invalid subroutine type", &N, T);
1086 0 : AssertDI(isType(N.getRawContainingType()), "invalid containing type", &N,
1087 0 : N.getRawContainingType());
1088 0 : if (auto *Params = N.getRawTemplateParams())
1089 0 : visitTemplateParams(N, *Params);
1090 0 : if (auto *S = N.getRawDeclaration())
1091 0 : AssertDI(isa<DISubprogram>(S) && !cast<DISubprogram>(S)->isDefinition(),
1092 0 : "invalid subprogram declaration", &N, S);
1093 0 : if (auto *RawNode = N.getRawRetainedNodes()) {
1094 0 : auto *Node = dyn_cast<MDTuple>(RawNode);
1095 0 : AssertDI(Node, "invalid retained nodes list", &N, RawNode);
1096 0 : for (Metadata *Op : Node->operands()) {
1097 0 : AssertDI(Op && (isa<DILocalVariable>(Op) || isa<DILabel>(Op)),
1098 0 : "invalid retained nodes, expected DILocalVariable or DILabel",
1099 0 : &N, Node, Op);
1100 0 : }
1101 0 : }
1102 0 : AssertDI(!hasConflictingReferenceFlags(N.getFlags()),
1103 0 : "invalid reference flags", &N);
1104 0 :
1105 0 : auto *Unit = N.getRawUnit();
1106 0 : if (N.isDefinition()) {
1107 0 : // Subprogram definitions (not part of the type hierarchy).
1108 0 : AssertDI(N.isDistinct(), "subprogram definitions must be distinct", &N);
1109 0 : AssertDI(Unit, "subprogram definitions must have a compile unit", &N);
1110 0 : AssertDI(isa<DICompileUnit>(Unit), "invalid unit type", &N, Unit);
1111 0 : } else {
1112 0 : // Subprogram declarations (part of the type hierarchy).
1113 0 : AssertDI(!Unit, "subprogram declarations must not have a compile unit", &N);
1114 0 : }
1115 0 :
1116 : if (auto *RawThrownTypes = N.getRawThrownTypes()) {
1117 0 : auto *ThrownTypes = dyn_cast<MDTuple>(RawThrownTypes);
1118 0 : AssertDI(ThrownTypes, "invalid thrown types list", &N, RawThrownTypes);
1119 0 : for (Metadata *Op : ThrownTypes->operands())
1120 0 : AssertDI(Op && isa<DIType>(Op), "invalid thrown type", &N, ThrownTypes,
1121 0 : Op);
1122 0 : }
1123 0 :
1124 0 : if (N.areAllCallsDescribed())
1125 0 : AssertDI(N.isDefinition(),
1126 0 : "DIFlagAllCallsDescribed must be attached to a definition");
1127 0 : }
1128 0 :
1129 0 : void Verifier::visitDILexicalBlockBase(const DILexicalBlockBase &N) {
1130 0 : AssertDI(N.getTag() == dwarf::DW_TAG_lexical_block, "invalid tag", &N);
1131 0 : AssertDI(N.getRawScope() && isa<DILocalScope>(N.getRawScope()),
1132 0 : "invalid local scope", &N, N.getRawScope());
1133 0 : if (auto *SP = dyn_cast<DISubprogram>(N.getRawScope()))
1134 0 : AssertDI(SP->isDefinition(), "scope points into the type hierarchy", &N);
1135 0 : }
1136 0 :
1137 0 : void Verifier::visitDILexicalBlock(const DILexicalBlock &N) {
1138 0 : visitDILexicalBlockBase(N);
1139 0 :
1140 0 : AssertDI(N.getLine() || !N.getColumn(),
1141 0 : "cannot have column info without line info", &N);
1142 0 : }
1143 0 :
1144 0 : void Verifier::visitDILexicalBlockFile(const DILexicalBlockFile &N) {
1145 0 : visitDILexicalBlockBase(N);
1146 0 : }
1147 0 :
1148 : void Verifier::visitDINamespace(const DINamespace &N) {
1149 0 : AssertDI(N.getTag() == dwarf::DW_TAG_namespace, "invalid tag", &N);
1150 0 : if (auto *S = N.getRawScope())
1151 0 : AssertDI(isa<DIScope>(S), "invalid scope ref", &N, S);
1152 0 : }
1153 0 :
1154 0 : void Verifier::visitDIMacro(const DIMacro &N) {
1155 0 : AssertDI(N.getMacinfoType() == dwarf::DW_MACINFO_define ||
1156 0 : N.getMacinfoType() == dwarf::DW_MACINFO_undef,
1157 0 : "invalid macinfo type", &N);
1158 0 : AssertDI(!N.getName().empty(), "anonymous macro", &N);
1159 0 : if (!N.getValue().empty()) {
1160 : assert(N.getValue().data()[0] != ' ' && "Macro value has a space prefix");
1161 0 : }
1162 0 : }
1163 0 :
1164 : void Verifier::visitDIMacroFile(const DIMacroFile &N) {
1165 0 : AssertDI(N.getMacinfoType() == dwarf::DW_MACINFO_start_file,
1166 0 : "invalid macinfo type", &N);
1167 0 : if (auto *F = N.getRawFile())
1168 : AssertDI(isa<DIFile>(F), "invalid file", &N, F);
1169 0 :
1170 0 : if (auto *Array = N.getRawElements()) {
1171 0 : AssertDI(isa<MDTuple>(Array), "invalid macro list", &N, Array);
1172 0 : for (Metadata *Op : N.getElements()->operands()) {
1173 0 : AssertDI(Op && isa<DIMacroNode>(Op), "invalid macro ref", &N, Op);
1174 0 : }
1175 0 : }
1176 : }
1177 0 :
1178 0 : void Verifier::visitDIModule(const DIModule &N) {
1179 0 : AssertDI(N.getTag() == dwarf::DW_TAG_module, "invalid tag", &N);
1180 0 : AssertDI(!N.getName().empty(), "anonymous module", &N);
1181 0 : }
1182 :
1183 0 : void Verifier::visitDITemplateParameter(const DITemplateParameter &N) {
1184 : AssertDI(isType(N.getRawType()), "invalid type ref", &N, N.getRawType());
1185 : }
1186 :
1187 : void Verifier::visitDITemplateTypeParameter(const DITemplateTypeParameter &N) {
1188 : visitDITemplateParameter(N);
1189 :
1190 0 : AssertDI(N.getTag() == dwarf::DW_TAG_template_type_parameter, "invalid tag",
1191 0 : &N);
1192 : }
1193 0 :
1194 0 : void Verifier::visitDITemplateValueParameter(
1195 : const DITemplateValueParameter &N) {
1196 : visitDITemplateParameter(N);
1197 :
1198 : AssertDI(N.getTag() == dwarf::DW_TAG_template_value_parameter ||
1199 : N.getTag() == dwarf::DW_TAG_GNU_template_template_param ||
1200 : N.getTag() == dwarf::DW_TAG_GNU_template_parameter_pack,
1201 347 : "invalid tag", &N);
1202 347 : }
1203 347 :
1204 320 : void Verifier::visitDIVariable(const DIVariable &N) {
1205 347 : if (auto *S = N.getRawScope())
1206 0 : AssertDI(isa<DIScope>(S), "invalid scope", &N, S);
1207 0 : if (auto *F = N.getRawFile())
1208 0 : AssertDI(isa<DIFile>(F), "invalid file", &N, F);
1209 0 : }
1210 0 :
1211 0 : void Verifier::visitDIGlobalVariable(const DIGlobalVariable &N) {
1212 0 : // Checks common to all variables.
1213 0 : visitDIVariable(N);
1214 0 :
1215 0 : AssertDI(N.getTag() == dwarf::DW_TAG_variable, "invalid tag", &N);
1216 2 : AssertDI(!N.getName().empty(), "missing global variable name", &N);
1217 2 : AssertDI(isType(N.getRawType()), "invalid type ref", &N, N.getRawType());
1218 2 : AssertDI(N.getType(), "missing global variable type", &N);
1219 2 : if (auto *Member = N.getRawStaticDataMemberDeclaration()) {
1220 2 : AssertDI(isa<DIDerivedType>(Member),
1221 1 : "invalid static data member declaration", &N, Member);
1222 1 : }
1223 1 : }
1224 1 :
1225 1 : void Verifier::visitDILocalVariable(const DILocalVariable &N) {
1226 2 : // Checks common to all variables.
1227 2 : visitDIVariable(N);
1228 2 :
1229 1 : AssertDI(isType(N.getRawType()), "invalid type ref", &N, N.getRawType());
1230 2 : AssertDI(N.getTag() == dwarf::DW_TAG_variable, "invalid tag", &N);
1231 1 : AssertDI(N.getRawScope() && isa<DILocalScope>(N.getRawScope()),
1232 1 : "local variable requires a valid scope", &N, N.getRawScope());
1233 1 : }
1234 1 :
1235 1 : void Verifier::visitDILabel(const DILabel &N) {
1236 1 : if (auto *S = N.getRawScope())
1237 1 : AssertDI(isa<DIScope>(S), "invalid scope", &N, S);
1238 1 : if (auto *F = N.getRawFile())
1239 1 : AssertDI(isa<DIFile>(F), "invalid file", &N, F);
1240 1 :
1241 0 : AssertDI(N.getTag() == dwarf::DW_TAG_label, "invalid tag", &N);
1242 0 : AssertDI(N.getRawScope() && isa<DILocalScope>(N.getRawScope()),
1243 0 : "label requires a valid scope", &N, N.getRawScope());
1244 0 : }
1245 0 :
1246 0 : void Verifier::visitDIExpression(const DIExpression &N) {
1247 0 : AssertDI(N.isValid(), "invalid expression", &N);
1248 0 : }
1249 0 :
1250 0 : void Verifier::visitDIGlobalVariableExpression(
1251 1 : const DIGlobalVariableExpression &GVE) {
1252 1 : AssertDI(GVE.getVariable(), "missing variable");
1253 1 : if (auto *Var = GVE.getVariable())
1254 1 : visitDIGlobalVariable(*Var);
1255 1 : if (auto *Expr = GVE.getExpression()) {
1256 0 : visitDIExpression(*Expr);
1257 0 : if (auto Fragment = Expr->getFragmentInfo())
1258 0 : verifyFragmentExpression(*GVE.getVariable(), *Fragment, &GVE);
1259 0 : }
1260 0 : }
1261 1 :
1262 1 : void Verifier::visitDIObjCProperty(const DIObjCProperty &N) {
1263 1 : AssertDI(N.getTag() == dwarf::DW_TAG_APPLE_property, "invalid tag", &N);
1264 0 : if (auto *T = N.getRawType())
1265 1 : AssertDI(isType(T), "invalid type ref", &N, T);
1266 0 : if (auto *F = N.getRawFile())
1267 0 : AssertDI(isa<DIFile>(F), "invalid file", &N, F);
1268 0 : }
1269 0 :
1270 0 : void Verifier::visitDIImportedEntity(const DIImportedEntity &N) {
1271 0 : AssertDI(N.getTag() == dwarf::DW_TAG_imported_module ||
1272 0 : N.getTag() == dwarf::DW_TAG_imported_declaration,
1273 0 : "invalid tag", &N);
1274 0 : if (auto *S = N.getRawScope())
1275 0 : AssertDI(isa<DIScope>(S), "invalid scope for imported entity", &N, S);
1276 0 : AssertDI(isDINode(N.getRawEntity()), "invalid imported entity", &N,
1277 0 : N.getRawEntity());
1278 0 : }
1279 0 :
1280 0 : void Verifier::visitComdat(const Comdat &C) {
1281 0 : // The Module is invalid if the GlobalValue has private linkage. Entities
1282 0 : // with private linkage don't have entries in the symbol table.
1283 0 : if (const GlobalValue *GV = M.getNamedValue(C.getName()))
1284 0 : Assert(!GV->hasPrivateLinkage(), "comdat global value has private linkage",
1285 0 : GV);
1286 0 : }
1287 0 :
1288 0 : void Verifier::visitModuleIdents(const Module &M) {
1289 0 : const NamedMDNode *Idents = M.getNamedMetadata("llvm.ident");
1290 0 : if (!Idents)
1291 0 : return;
1292 0 :
1293 0 : // llvm.ident takes a list of metadata entry. Each entry has only one string.
1294 0 : // Scan each llvm.ident entry and make sure that this requirement is met.
1295 0 : for (const MDNode *N : Idents->operands()) {
1296 0 : Assert(N->getNumOperands() == 1,
1297 0 : "incorrect number of operands in llvm.ident metadata", N);
1298 0 : Assert(dyn_cast_or_null<MDString>(N->getOperand(0)),
1299 0 : ("invalid value for llvm.ident metadata entry operand"
1300 0 : "(the operand should be a string)"),
1301 0 : N->getOperand(0));
1302 0 : }
1303 0 : }
1304 0 :
1305 0 : void Verifier::visitModuleFlags(const Module &M) {
1306 0 : const NamedMDNode *Flags = M.getModuleFlagsMetadata();
1307 0 : if (!Flags) return;
1308 0 :
1309 0 : // Scan each flag, and track the flags and requirements.
1310 0 : DenseMap<const MDString*, const MDNode*> SeenIDs;
1311 0 : SmallVector<const MDNode*, 16> Requirements;
1312 0 : for (const MDNode *MDN : Flags->operands())
1313 0 : visitModuleFlag(MDN, SeenIDs, Requirements);
1314 0 :
1315 0 : // Validate that the requirements in the module are valid.
1316 0 : for (const MDNode *Requirement : Requirements) {
1317 0 : const MDString *Flag = cast<MDString>(Requirement->getOperand(0));
1318 0 : const Metadata *ReqValue = Requirement->getOperand(1);
1319 0 :
1320 0 : const MDNode *Op = SeenIDs.lookup(Flag);
1321 0 : if (!Op) {
1322 0 : CheckFailed("invalid requirement on flag, flag is not present in module",
1323 0 : Flag);
1324 0 : continue;
1325 0 : }
1326 0 :
1327 0 : if (Op->getOperand(2) != ReqValue) {
1328 0 : CheckFailed(("invalid requirement on flag, "
1329 0 : "flag does not have the required value"),
1330 0 : Flag);
1331 0 : continue;
1332 0 : }
1333 0 : }
1334 0 : }
1335 0 :
1336 0 : void
1337 0 : Verifier::visitModuleFlag(const MDNode *Op,
1338 0 : DenseMap<const MDString *, const MDNode *> &SeenIDs,
1339 0 : SmallVectorImpl<const MDNode *> &Requirements) {
1340 0 : // Each module flag should have three arguments, the merge behavior (a
1341 0 : // constant int), the flag ID (an MDString), and the value.
1342 0 : Assert(Op->getNumOperands() == 3,
1343 0 : "incorrect number of operands in module flag", Op);
1344 0 : Module::ModFlagBehavior MFB;
1345 0 : if (!Module::isValidModFlagBehavior(Op->getOperand(0), MFB)) {
1346 0 : Assert(
1347 0 : mdconst::dyn_extract_or_null<ConstantInt>(Op->getOperand(0)),
1348 0 : "invalid behavior operand in module flag (expected constant integer)",
1349 0 : Op->getOperand(0));
1350 0 : Assert(false,
1351 0 : "invalid behavior operand in module flag (unexpected constant)",
1352 0 : Op->getOperand(0));
1353 0 : }
1354 0 : MDString *ID = dyn_cast_or_null<MDString>(Op->getOperand(1));
1355 0 : Assert(ID, "invalid ID operand in module flag (expected metadata string)",
1356 1 : Op->getOperand(1));
1357 1 :
1358 1 : // Sanity check the values for behaviors with additional requirements.
1359 1 : switch (MFB) {
1360 1 : case Module::Error:
1361 0 : case Module::Warning:
1362 0 : case Module::Override:
1363 0 : // These behavior types accept any value.
1364 0 : break;
1365 0 :
1366 21 : case Module::Max: {
1367 21 : Assert(mdconst::dyn_extract_or_null<ConstantInt>(Op->getOperand(2)),
1368 21 : "invalid value for 'max' module flag (expected constant integer)",
1369 : Op->getOperand(2));
1370 21 : break;
1371 46 : }
1372 46 :
1373 46 : case Module::Require: {
1374 46 : // The value should itself be an MDNode with two operands, a flag ID (an
1375 46 : // MDString), and a value.
1376 5 : MDNode *Value = dyn_cast<MDNode>(Op->getOperand(2));
1377 5 : Assert(Value && Value->getNumOperands() == 2,
1378 5 : "invalid value for 'require' module flag (expected metadata pair)",
1379 5 : Op->getOperand(2));
1380 5 : Assert(isa<MDString>(Value->getOperand(0)),
1381 6 : ("invalid value for 'require' module flag "
1382 6 : "(first value operand should be a string)"),
1383 6 : Value->getOperand(0));
1384 6 :
1385 6 : // Append it to the list of requirements, to check once all module flags are
1386 0 : // scanned.
1387 0 : Requirements.push_back(Value);
1388 0 : break;
1389 0 : }
1390 0 :
1391 1 : case Module::Append:
1392 1 : case Module::AppendUnique: {
1393 1 : // These behavior types require the operand be an MDNode.
1394 1 : Assert(isa<MDNode>(Op->getOperand(2)),
1395 1 : "invalid value for 'append'-type module flag "
1396 1 : "(expected a metadata node)",
1397 1 : Op->getOperand(2));
1398 1 : break;
1399 1 : }
1400 1 : }
1401 1 :
1402 1 : // Unless this is a "requires" flag, check the ID is unique.
1403 1 : if (MFB != Module::Require) {
1404 1 : bool Inserted = SeenIDs.insert(std::make_pair(ID, Op)).second;
1405 1 : Assert(Inserted,
1406 4 : "module flag identifiers must be unique (or of 'require' type)", ID);
1407 4 : }
1408 4 :
1409 4 : if (ID->getString() == "wchar_size") {
1410 4 : ConstantInt *Value
1411 7 : = mdconst::dyn_extract_or_null<ConstantInt>(Op->getOperand(2));
1412 7 : Assert(Value, "wchar_size metadata requires constant integer argument");
1413 7 : }
1414 7 :
1415 7 : if (ID->getString() == "Linker Options") {
1416 0 : // If the llvm.linker.options named metadata exists, we assume that the
1417 0 : // bitcode reader has upgraded the module flag. Otherwise the flag might
1418 0 : // have been created by a client directly.
1419 0 : Assert(M.getNamedMetadata("llvm.linker.options"),
1420 0 : "'Linker Options' named metadata no longer supported");
1421 4 : }
1422 4 :
1423 4 : if (ID->getString() == "CG Profile") {
1424 4 : for (const MDOperand &MDO : cast<MDNode>(Op->getOperand(2))->operands())
1425 4 : visitModuleFlagCGProfileEntry(MDO);
1426 0 : }
1427 0 : }
1428 0 :
1429 0 : void Verifier::visitModuleFlagCGProfileEntry(const MDOperand &MDO) {
1430 0 : auto CheckFunction = [&](const MDOperand &FuncMDO) {
1431 0 : if (!FuncMDO)
1432 0 : return;
1433 0 : auto F = dyn_cast<ValueAsMetadata>(FuncMDO);
1434 0 : Assert(F && isa<Function>(F->getValue()), "expected a Function or null",
1435 0 : FuncMDO);
1436 0 : };
1437 0 : auto Node = dyn_cast_or_null<MDNode>(MDO);
1438 0 : Assert(Node && Node->getNumOperands() == 3, "expected a MDNode triple", MDO);
1439 0 : CheckFunction(Node->getOperand(0));
1440 0 : CheckFunction(Node->getOperand(1));
1441 0 : auto Count = dyn_cast_or_null<ConstantAsMetadata>(Node->getOperand(2));
1442 0 : Assert(Count && Count->getType()->isIntegerTy(),
1443 0 : "expected an integer constant", Node->getOperand(2));
1444 0 : }
1445 0 :
1446 0 : /// Return true if this attribute kind only applies to functions.
1447 0 : static bool isFuncOnlyAttr(Attribute::AttrKind Kind) {
1448 0 : switch (Kind) {
1449 0 : case Attribute::NoReturn:
1450 0 : case Attribute::NoCfCheck:
1451 2 : case Attribute::NoUnwind:
1452 2 : case Attribute::NoInline:
1453 2 : case Attribute::AlwaysInline:
1454 2 : case Attribute::OptimizeForSize:
1455 2 : case Attribute::StackProtect:
1456 1 : case Attribute::StackProtectReq:
1457 1 : case Attribute::StackProtectStrong:
1458 1 : case Attribute::SafeStack:
1459 1 : case Attribute::ShadowCallStack:
1460 1 : case Attribute::NoRedZone:
1461 27 : case Attribute::NoImplicitFloat:
1462 27 : case Attribute::Naked:
1463 27 : case Attribute::InlineHint:
1464 27 : case Attribute::StackAlignment:
1465 27 : case Attribute::UWTable:
1466 16 : case Attribute::NonLazyBind:
1467 16 : case Attribute::ReturnsTwice:
1468 16 : case Attribute::SanitizeAddress:
1469 16 : case Attribute::SanitizeHWAddress:
1470 16 : case Attribute::SanitizeThread:
1471 0 : case Attribute::SanitizeMemory:
1472 0 : case Attribute::MinSize:
1473 0 : case Attribute::NoDuplicate:
1474 0 : case Attribute::Builtin:
1475 0 : case Attribute::NoBuiltin:
1476 0 : case Attribute::Cold:
1477 0 : case Attribute::OptForFuzzing:
1478 0 : case Attribute::OptimizeNone:
1479 0 : case Attribute::JumpTable:
1480 0 : case Attribute::Convergent:
1481 1 : case Attribute::ArgMemOnly:
1482 1 : case Attribute::NoRecurse:
1483 1 : case Attribute::InaccessibleMemOnly:
1484 1 : case Attribute::InaccessibleMemOrArgMemOnly:
1485 1 : case Attribute::AllocSize:
1486 0 : case Attribute::SpeculativeLoadHardening:
1487 0 : case Attribute::Speculatable:
1488 0 : case Attribute::StrictFP:
1489 0 : return true;
1490 0 : default:
1491 0 : break;
1492 0 : }
1493 0 : return false;
1494 0 : }
1495 0 :
1496 0 : /// Return true if this is a function attribute that can also appear on
1497 0 : /// arguments.
1498 0 : static bool isFuncOrArgAttr(Attribute::AttrKind Kind) {
1499 0 : return Kind == Attribute::ReadOnly || Kind == Attribute::WriteOnly ||
1500 0 : Kind == Attribute::ReadNone;
1501 24 : }
1502 24 :
1503 24 : void Verifier::verifyAttributeTypes(AttributeSet Attrs, bool IsFunction,
1504 24 : const Value *V) {
1505 24 : for (Attribute A : Attrs) {
1506 4 : if (A.isStringAttribute())
1507 4 : continue;
1508 4 :
1509 : if (isFuncOnlyAttr(A.getKindAsEnum())) {
1510 4 : if (!IsFunction) {
1511 14 : CheckFailed("Attribute '" + A.getAsString() +
1512 14 : "' only applies to functions!",
1513 14 : V);
1514 14 : return;
1515 14 : }
1516 0 : } else if (IsFunction && !isFuncOrArgAttr(A.getKindAsEnum())) {
1517 0 : CheckFailed("Attribute '" + A.getAsString() +
1518 0 : "' does not apply to functions!",
1519 0 : V);
1520 0 : return;
1521 1 : }
1522 1 : }
1523 1 : }
1524 1 :
1525 1 : // VerifyParameterAttrs - Check the given attributes for an argument or return
1526 0 : // value of the specified type. The value V is printed in error messages.
1527 0 : void Verifier::verifyParameterAttrs(AttributeSet Attrs, Type *Ty,
1528 0 : const Value *V) {
1529 0 : if (!Attrs.hasAttributes())
1530 0 : return;
1531 0 :
1532 0 : verifyAttributeTypes(Attrs, /*IsFunction=*/false, V);
1533 0 :
1534 0 : // Check for mutually incompatible attributes. Only inreg is compatible with
1535 0 : // sret.
1536 2 : unsigned AttrCount = 0;
1537 2 : AttrCount += Attrs.hasAttribute(Attribute::ByVal);
1538 2 : AttrCount += Attrs.hasAttribute(Attribute::InAlloca);
1539 2 : AttrCount += Attrs.hasAttribute(Attribute::StructRet) ||
1540 2 : Attrs.hasAttribute(Attribute::InReg);
1541 2 : AttrCount += Attrs.hasAttribute(Attribute::Nest);
1542 2 : Assert(AttrCount <= 1, "Attributes 'byval', 'inalloca', 'inreg', 'nest', "
1543 2 : "and 'sret' are incompatible!",
1544 2 : V);
1545 2 :
1546 2 : Assert(!(Attrs.hasAttribute(Attribute::InAlloca) &&
1547 2 : Attrs.hasAttribute(Attribute::ReadOnly)),
1548 2 : "Attributes "
1549 2 : "'inalloca and readonly' are incompatible!",
1550 2 : V);
1551 0 :
1552 0 : Assert(!(Attrs.hasAttribute(Attribute::StructRet) &&
1553 0 : Attrs.hasAttribute(Attribute::Returned)),
1554 0 : "Attributes "
1555 0 : "'sret and returned' are incompatible!",
1556 2 : V);
1557 2 :
1558 2 : Assert(!(Attrs.hasAttribute(Attribute::ZExt) &&
1559 2 : Attrs.hasAttribute(Attribute::SExt)),
1560 2 : "Attributes "
1561 12 : "'zeroext and signext' are incompatible!",
1562 12 : V);
1563 12 :
1564 12 : Assert(!(Attrs.hasAttribute(Attribute::ReadNone) &&
1565 12 : Attrs.hasAttribute(Attribute::ReadOnly)),
1566 1 : "Attributes "
1567 1 : "'readnone and readonly' are incompatible!",
1568 1 : V);
1569 1 :
1570 1 : Assert(!(Attrs.hasAttribute(Attribute::ReadNone) &&
1571 2 : Attrs.hasAttribute(Attribute::WriteOnly)),
1572 2 : "Attributes "
1573 2 : "'readnone and writeonly' are incompatible!",
1574 2 : V);
1575 2 :
1576 2 : Assert(!(Attrs.hasAttribute(Attribute::ReadOnly) &&
1577 2 : Attrs.hasAttribute(Attribute::WriteOnly)),
1578 2 : "Attributes "
1579 2 : "'readonly and writeonly' are incompatible!",
1580 2 : V);
1581 1 :
1582 1 : Assert(!(Attrs.hasAttribute(Attribute::NoInline) &&
1583 1 : Attrs.hasAttribute(Attribute::AlwaysInline)),
1584 1 : "Attributes "
1585 1 : "'noinline and alwaysinline' are incompatible!",
1586 0 : V);
1587 0 :
1588 0 : AttrBuilder IncompatibleAttrs = AttributeFuncs::typeIncompatible(Ty);
1589 0 : Assert(!AttrBuilder(Attrs).overlaps(IncompatibleAttrs),
1590 0 : "Wrong types for attribute: " +
1591 2 : AttributeSet::get(Context, IncompatibleAttrs).getAsString(),
1592 2 : V);
1593 2 :
1594 2 : if (PointerType *PTy = dyn_cast<PointerType>(Ty)) {
1595 2 : SmallPtrSet<Type*, 4> Visited;
1596 3 : if (!PTy->getElementType()->isSized(&Visited)) {
1597 3 : Assert(!Attrs.hasAttribute(Attribute::ByVal) &&
1598 3 : !Attrs.hasAttribute(Attribute::InAlloca),
1599 3 : "Attributes 'byval' and 'inalloca' do not support unsized types!",
1600 3 : V);
1601 0 : }
1602 0 : if (!isa<PointerType>(PTy->getElementType()))
1603 0 : Assert(!Attrs.hasAttribute(Attribute::SwiftError),
1604 0 : "Attribute 'swifterror' only applies to parameters "
1605 0 : "with pointer to pointer type!",
1606 1 : V);
1607 1 : } else {
1608 1 : Assert(!Attrs.hasAttribute(Attribute::ByVal),
1609 1 : "Attribute 'byval' only applies to parameters with pointer type!",
1610 1 : V);
1611 3 : Assert(!Attrs.hasAttribute(Attribute::SwiftError),
1612 3 : "Attribute 'swifterror' only applies to parameters "
1613 3 : "with pointer type!",
1614 3 : V);
1615 3 : }
1616 0 : }
1617 0 :
1618 0 : // Check parameter attributes against a function type.
1619 : // The value V is printed in error messages.
1620 0 : void Verifier::verifyFunctionAttrs(FunctionType *FT, AttributeList Attrs,
1621 1 : const Value *V) {
1622 1 : if (Attrs.isEmpty())
1623 1 : return;
1624 1 :
1625 1 : bool SawNest = false;
1626 0 : bool SawReturned = false;
1627 0 : bool SawSRet = false;
1628 0 : bool SawSwiftSelf = false;
1629 0 : bool SawSwiftError = false;
1630 0 :
1631 37 : // Verify return value attributes.
1632 37 : AttributeSet RetAttrs = Attrs.getRetAttributes();
1633 37 : Assert((!RetAttrs.hasAttribute(Attribute::ByVal) &&
1634 37 : !RetAttrs.hasAttribute(Attribute::Nest) &&
1635 37 : !RetAttrs.hasAttribute(Attribute::StructRet) &&
1636 0 : !RetAttrs.hasAttribute(Attribute::NoCapture) &&
1637 0 : !RetAttrs.hasAttribute(Attribute::Returned) &&
1638 0 : !RetAttrs.hasAttribute(Attribute::InAlloca) &&
1639 0 : !RetAttrs.hasAttribute(Attribute::SwiftSelf) &&
1640 0 : !RetAttrs.hasAttribute(Attribute::SwiftError)),
1641 4 : "Attributes 'byval', 'inalloca', 'nest', 'sret', 'nocapture', "
1642 4 : "'returned', 'swiftself', and 'swifterror' do not apply to return "
1643 4 : "values!",
1644 4 : V);
1645 4 : Assert((!RetAttrs.hasAttribute(Attribute::ReadOnly) &&
1646 0 : !RetAttrs.hasAttribute(Attribute::WriteOnly) &&
1647 0 : !RetAttrs.hasAttribute(Attribute::ReadNone)),
1648 0 : "Attribute '" + RetAttrs.getAsString() +
1649 0 : "' does not apply to function returns",
1650 0 : V);
1651 1 : verifyParameterAttrs(RetAttrs, FT->getReturnType(), V);
1652 1 :
1653 1 : // Verify parameter attributes.
1654 1 : for (unsigned i = 0, e = FT->getNumParams(); i != e; ++i) {
1655 1 : Type *Ty = FT->getParamType(i);
1656 10 : AttributeSet ArgAttrs = Attrs.getParamAttributes(i);
1657 10 :
1658 10 : verifyParameterAttrs(ArgAttrs, Ty, V);
1659 10 :
1660 10 : if (ArgAttrs.hasAttribute(Attribute::Nest)) {
1661 3 : Assert(!SawNest, "More than one parameter has attribute nest!", V);
1662 3 : SawNest = true;
1663 3 : }
1664 3 :
1665 3 : if (ArgAttrs.hasAttribute(Attribute::Returned)) {
1666 1 : Assert(!SawReturned, "More than one parameter has attribute returned!",
1667 1 : V);
1668 1 : Assert(Ty->canLosslesslyBitCastTo(FT->getReturnType()),
1669 1 : "Incompatible argument and return types for 'returned' attribute",
1670 1 : V);
1671 7 : SawReturned = true;
1672 7 : }
1673 7 :
1674 7 : if (ArgAttrs.hasAttribute(Attribute::StructRet)) {
1675 7 : Assert(!SawSRet, "Cannot have multiple 'sret' parameters!", V);
1676 2 : Assert(i == 0 || i == 1,
1677 2 : "Attribute 'sret' is not on first or second parameter!", V);
1678 2 : SawSRet = true;
1679 2 : }
1680 2 :
1681 2 : if (ArgAttrs.hasAttribute(Attribute::SwiftSelf)) {
1682 2 : Assert(!SawSwiftSelf, "Cannot have multiple 'swiftself' parameters!", V);
1683 2 : SawSwiftSelf = true;
1684 2 : }
1685 2 :
1686 3 : if (ArgAttrs.hasAttribute(Attribute::SwiftError)) {
1687 3 : Assert(!SawSwiftError, "Cannot have multiple 'swifterror' parameters!",
1688 3 : V);
1689 3 : SawSwiftError = true;
1690 3 : }
1691 0 :
1692 0 : if (ArgAttrs.hasAttribute(Attribute::InAlloca)) {
1693 0 : Assert(i == FT->getNumParams() - 1,
1694 0 : "inalloca isn't on the last parameter!", V);
1695 0 : }
1696 7 : }
1697 7 :
1698 7 : if (!Attrs.hasAttributes(AttributeList::FunctionIndex))
1699 7 : return;
1700 7 :
1701 4 : verifyAttributeTypes(Attrs.getFnAttributes(), /*IsFunction=*/true, V);
1702 4 :
1703 4 : Assert(!(Attrs.hasFnAttribute(Attribute::ReadNone) &&
1704 4 : Attrs.hasFnAttribute(Attribute::ReadOnly)),
1705 4 : "Attributes 'readnone and readonly' are incompatible!", V);
1706 0 :
1707 0 : Assert(!(Attrs.hasFnAttribute(Attribute::ReadNone) &&
1708 0 : Attrs.hasFnAttribute(Attribute::WriteOnly)),
1709 0 : "Attributes 'readnone and writeonly' are incompatible!", V);
1710 0 :
1711 7 : Assert(!(Attrs.hasFnAttribute(Attribute::ReadOnly) &&
1712 7 : Attrs.hasFnAttribute(Attribute::WriteOnly)),
1713 7 : "Attributes 'readonly and writeonly' are incompatible!", V);
1714 7 :
1715 7 : Assert(!(Attrs.hasFnAttribute(Attribute::ReadNone) &&
1716 0 : Attrs.hasFnAttribute(Attribute::InaccessibleMemOrArgMemOnly)),
1717 0 : "Attributes 'readnone and inaccessiblemem_or_argmemonly' are "
1718 0 : "incompatible!",
1719 0 : V);
1720 0 :
1721 0 : Assert(!(Attrs.hasFnAttribute(Attribute::ReadNone) &&
1722 0 : Attrs.hasFnAttribute(Attribute::InaccessibleMemOnly)),
1723 0 : "Attributes 'readnone and inaccessiblememonly' are incompatible!", V);
1724 0 :
1725 0 : Assert(!(Attrs.hasFnAttribute(Attribute::NoInline) &&
1726 0 : Attrs.hasFnAttribute(Attribute::AlwaysInline)),
1727 0 : "Attributes 'noinline and alwaysinline' are incompatible!", V);
1728 0 :
1729 0 : if (Attrs.hasFnAttribute(Attribute::OptimizeNone)) {
1730 0 : Assert(Attrs.hasFnAttribute(Attribute::NoInline),
1731 0 : "Attribute 'optnone' requires 'noinline'!", V);
1732 0 :
1733 0 : Assert(!Attrs.hasFnAttribute(Attribute::OptimizeForSize),
1734 0 : "Attributes 'optsize and optnone' are incompatible!", V);
1735 0 :
1736 0 : Assert(!Attrs.hasFnAttribute(Attribute::MinSize),
1737 0 : "Attributes 'minsize and optnone' are incompatible!", V);
1738 0 : }
1739 0 :
1740 0 : if (Attrs.hasFnAttribute(Attribute::JumpTable)) {
1741 0 : const GlobalValue *GV = cast<GlobalValue>(V);
1742 0 : Assert(GV->hasGlobalUnnamedAddr(),
1743 0 : "Attribute 'jumptable' requires 'unnamed_addr'", V);
1744 0 : }
1745 0 :
1746 1 : if (Attrs.hasFnAttribute(Attribute::AllocSize)) {
1747 1 : std::pair<unsigned, Optional<unsigned>> Args =
1748 1 : Attrs.getAllocSizeArgs(AttributeList::FunctionIndex);
1749 1 :
1750 1 : auto CheckParam = [&](StringRef Name, unsigned ParamNo) {
1751 0 : if (ParamNo >= FT->getNumParams()) {
1752 0 : CheckFailed("'allocsize' " + Name + " argument is out of bounds", V);
1753 0 : return false;
1754 0 : }
1755 0 :
1756 1 : if (!FT->getParamType(ParamNo)->isIntegerTy()) {
1757 1 : CheckFailed("'allocsize' " + Name +
1758 1 : " argument must refer to an integer parameter",
1759 1 : V);
1760 1 : return false;
1761 0 : }
1762 0 :
1763 0 : return true;
1764 0 : };
1765 0 :
1766 1 : if (!CheckParam("element size", Args.first))
1767 1 : return;
1768 1 :
1769 1 : if (Args.second && !CheckParam("number of elements", *Args.second))
1770 1 : return;
1771 1 : }
1772 1 : }
1773 1 :
1774 1 : void Verifier::verifyFunctionMetadata(
1775 1 : ArrayRef<std::pair<unsigned, MDNode *>> MDs) {
1776 1 : for (const auto &Pair : MDs) {
1777 1 : if (Pair.first == LLVMContext::MD_prof) {
1778 1 : MDNode *MD = Pair.second;
1779 1 : Assert(MD->getNumOperands() >= 2,
1780 1 : "!prof annotations should have no less than 2 operands", MD);
1781 0 :
1782 0 : // Check first operand.
1783 0 : Assert(MD->getOperand(0) != nullptr, "first operand should not be null",
1784 0 : MD);
1785 0 : Assert(isa<MDString>(MD->getOperand(0)),
1786 1 : "expected string with name of the !prof annotation", MD);
1787 1 : MDString *MDS = cast<MDString>(MD->getOperand(0));
1788 1 : StringRef ProfName = MDS->getString();
1789 1 : Assert(ProfName.equals("function_entry_count") ||
1790 1 : ProfName.equals("synthetic_function_entry_count"),
1791 0 : "first operand should be 'function_entry_count'"
1792 0 : " or 'synthetic_function_entry_count'",
1793 0 : MD);
1794 0 :
1795 0 : // Check second operand.
1796 1 : Assert(MD->getOperand(1) != nullptr, "second operand should not be null",
1797 1 : MD);
1798 1 : Assert(isa<ConstantAsMetadata>(MD->getOperand(1)),
1799 1 : "expected integer argument to function_entry_count", MD);
1800 1 : }
1801 20 : }
1802 20 : }
1803 20 :
1804 20 : void Verifier::visitConstantExprsRecursively(const Constant *EntryC) {
1805 20 : if (!ConstantExprVisited.insert(EntryC).second)
1806 0 : return;
1807 0 :
1808 0 : SmallVector<const Constant *, 16> Stack;
1809 0 : Stack.push_back(EntryC);
1810 0 :
1811 0 : while (!Stack.empty()) {
1812 0 : const Constant *C = Stack.pop_back_val();
1813 0 :
1814 0 : // Check this constant expression.
1815 0 : if (const auto *CE = dyn_cast<ConstantExpr>(C))
1816 0 : visitConstantExpr(CE);
1817 0 :
1818 0 : if (const auto *GV = dyn_cast<GlobalValue>(C)) {
1819 0 : // Global Values get visited separately, but we do need to make sure
1820 0 : // that the global value is in the correct module
1821 0 : Assert(GV->getParent() == &M, "Referencing global in another module!",
1822 0 : EntryC, &M, GV, GV->getParent());
1823 0 : continue;
1824 0 : }
1825 0 :
1826 0 : // Visit all sub-expressions.
1827 0 : for (const Use &U : C->operands()) {
1828 0 : const auto *OpC = dyn_cast<Constant>(U);
1829 0 : if (!OpC)
1830 0 : continue;
1831 : if (!ConstantExprVisited.insert(OpC).second)
1832 : continue;
1833 112 : Stack.push_back(OpC);
1834 112 : }
1835 : }
1836 112 : }
1837 112 :
1838 112 : void Verifier::visitConstantExpr(const ConstantExpr *CE) {
1839 : if (CE->getOpcode() == Instruction::BitCast)
1840 : Assert(CastInst::castIsValid(Instruction::BitCast, CE->getOperand(0),
1841 : CE->getType()),
1842 109 : "Invalid bitcast", CE);
1843 :
1844 109 : if (CE->getOpcode() == Instruction::IntToPtr ||
1845 109 : CE->getOpcode() == Instruction::PtrToInt) {
1846 106 : auto *PtrTy = CE->getOpcode() == Instruction::IntToPtr
1847 109 : ? CE->getType()
1848 4 : : CE->getOperand(0)->getType();
1849 : StringRef Msg = CE->getOpcode() == Instruction::IntToPtr
1850 4 : ? "inttoptr not supported for non-integral pointers"
1851 4 : : "ptrtoint not supported for non-integral pointers";
1852 4 : Assert(
1853 4 : !DL.isNonIntegralPointerType(cast<PointerType>(PtrTy->getScalarType())),
1854 0 : Msg);
1855 : }
1856 0 : }
1857 0 :
1858 0 : bool Verifier::verifyAttributeCount(AttributeList Attrs, unsigned Params) {
1859 0 : // There shouldn't be more attribute sets than there are parameters plus the
1860 0 : // function and return value.
1861 : return Attrs.getNumAttrSets() <= Params + 2;
1862 0 : }
1863 0 :
1864 0 : /// Verify that statepoint intrinsic is well formed.
1865 0 : void Verifier::verifyStatepoint(ImmutableCallSite CS) {
1866 2 : assert(CS.getCalledFunction() &&
1867 : CS.getCalledFunction()->getIntrinsicID() ==
1868 2 : Intrinsic::experimental_gc_statepoint);
1869 2 :
1870 2 : const Instruction &CI = *CS.getInstruction();
1871 2 :
1872 0 : Assert(!CS.doesNotAccessMemory() && !CS.onlyReadsMemory() &&
1873 : !CS.onlyAccessesArgMemory(),
1874 0 : "gc.statepoint must read and write all memory to preserve "
1875 0 : "reordering restrictions required by safepoint semantics",
1876 0 : &CI);
1877 0 :
1878 3 : const Value *IDV = CS.getArgument(0);
1879 : Assert(isa<ConstantInt>(IDV), "gc.statepoint ID must be a constant integer",
1880 3 : &CI);
1881 3 :
1882 3 : const Value *NumPatchBytesV = CS.getArgument(1);
1883 3 : Assert(isa<ConstantInt>(NumPatchBytesV),
1884 0 : "gc.statepoint number of patchable bytes must be a constant integer",
1885 : &CI);
1886 0 : const int64_t NumPatchBytes =
1887 0 : cast<ConstantInt>(NumPatchBytesV)->getSExtValue();
1888 0 : assert(isInt<32>(NumPatchBytes) && "NumPatchBytesV is an i32!");
1889 0 : Assert(NumPatchBytes >= 0, "gc.statepoint number of patchable bytes must be "
1890 0 : "positive",
1891 : &CI);
1892 0 :
1893 0 : const Value *Target = CS.getArgument(2);
1894 0 : auto *PT = dyn_cast<PointerType>(Target->getType());
1895 0 : Assert(PT && PT->getElementType()->isFunctionTy(),
1896 13 : "gc.statepoint callee must be of function pointer type", &CI, Target);
1897 : FunctionType *TargetFuncType = cast<FunctionType>(PT->getElementType());
1898 13 :
1899 13 : const Value *NumCallArgsV = CS.getArgument(3);
1900 13 : Assert(isa<ConstantInt>(NumCallArgsV),
1901 13 : "gc.statepoint number of arguments to underlying call "
1902 0 : "must be constant integer",
1903 : &CI);
1904 0 : const int NumCallArgs = cast<ConstantInt>(NumCallArgsV)->getZExtValue();
1905 0 : Assert(NumCallArgs >= 0,
1906 0 : "gc.statepoint number of arguments to underlying call "
1907 0 : "must be positive",
1908 3 : &CI);
1909 : const int NumParams = (int)TargetFuncType->getNumParams();
1910 3 : if (TargetFuncType->isVarArg()) {
1911 3 : Assert(NumCallArgs >= NumParams,
1912 3 : "gc.statepoint mismatch in number of vararg call args", &CI);
1913 3 :
1914 1 : // TODO: Remove this limitation
1915 : Assert(TargetFuncType->getReturnType()->isVoidTy(),
1916 1 : "gc.statepoint doesn't support wrapping non-void "
1917 1 : "vararg functions yet",
1918 1 : &CI);
1919 1 : } else
1920 1 : Assert(NumCallArgs == NumParams,
1921 : "gc.statepoint mismatch in number of call args", &CI);
1922 1 :
1923 1 : const Value *FlagsV = CS.getArgument(4);
1924 1 : Assert(isa<ConstantInt>(FlagsV),
1925 1 : "gc.statepoint flags must be constant integer", &CI);
1926 0 : const uint64_t Flags = cast<ConstantInt>(FlagsV)->getZExtValue();
1927 : Assert((Flags & ~(uint64_t)StatepointFlags::MaskAll) == 0,
1928 0 : "unknown flag used in gc.statepoint flags argument", &CI);
1929 0 :
1930 0 : // Verify that the types of the call parameter arguments match
1931 0 : // the type of the wrapped callee.
1932 0 : for (int i = 0; i < NumParams; i++) {
1933 : Type *ParamType = TargetFuncType->getParamType(i);
1934 0 : Type *ArgType = CS.getArgument(5 + i)->getType();
1935 0 : Assert(ArgType == ParamType,
1936 0 : "gc.statepoint call argument does not match wrapped "
1937 0 : "function type",
1938 0 : &CI);
1939 : }
1940 0 :
1941 0 : const int EndCallArgsInx = 4 + NumCallArgs;
1942 0 :
1943 0 : const Value *NumTransitionArgsV = CS.getArgument(EndCallArgsInx+1);
1944 0 : Assert(isa<ConstantInt>(NumTransitionArgsV),
1945 : "gc.statepoint number of transition arguments "
1946 0 : "must be constant integer",
1947 0 : &CI);
1948 0 : const int NumTransitionArgs =
1949 0 : cast<ConstantInt>(NumTransitionArgsV)->getZExtValue();
1950 0 : Assert(NumTransitionArgs >= 0,
1951 : "gc.statepoint number of transition arguments must be positive", &CI);
1952 0 : const int EndTransitionArgsInx = EndCallArgsInx + 1 + NumTransitionArgs;
1953 0 :
1954 0 : const Value *NumDeoptArgsV = CS.getArgument(EndTransitionArgsInx+1);
1955 0 : Assert(isa<ConstantInt>(NumDeoptArgsV),
1956 0 : "gc.statepoint number of deoptimization arguments "
1957 : "must be constant integer",
1958 0 : &CI);
1959 0 : const int NumDeoptArgs = cast<ConstantInt>(NumDeoptArgsV)->getZExtValue();
1960 0 : Assert(NumDeoptArgs >= 0, "gc.statepoint number of deoptimization arguments "
1961 0 : "must be positive",
1962 1 : &CI);
1963 :
1964 1 : const int ExpectedNumArgs =
1965 1 : 7 + NumCallArgs + NumTransitionArgs + NumDeoptArgs;
1966 1 : Assert(ExpectedNumArgs <= (int)CS.arg_size(),
1967 1 : "gc.statepoint too few arguments according to length fields", &CI);
1968 7 :
1969 : // Check that the only uses of this gc.statepoint are gc.result or
1970 7 : // gc.relocate calls which are tied to this statepoint and thus part
1971 7 : // of the same statepoint sequence
1972 6 : for (const User *U : CI.users()) {
1973 7 : const CallInst *Call = dyn_cast<const CallInst>(U);
1974 2 : Assert(Call, "illegal use of statepoint token", &CI, U);
1975 : if (!Call) continue;
1976 2 : Assert(isa<GCRelocateInst>(Call) || isa<GCResultInst>(Call),
1977 2 : "gc.result or gc.relocate are the only value uses "
1978 2 : "of a gc.statepoint",
1979 2 : &CI, U);
1980 1 : if (isa<GCResultInst>(Call)) {
1981 : Assert(Call->getArgOperand(0) == &CI,
1982 1 : "gc.result connected to wrong gc.statepoint", &CI, Call);
1983 1 : } else if (isa<GCRelocateInst>(Call)) {
1984 1 : Assert(Call->getArgOperand(0) == &CI,
1985 1 : "gc.relocate connected to wrong gc.statepoint", &CI, Call);
1986 0 : }
1987 : }
1988 0 :
1989 0 : // Note: It is legal for a single derived pointer to be listed multiple
1990 0 : // times. It's non-optimal, but it is legal. It can also happen after
1991 0 : // insertion if we strip a bitcast away.
1992 0 : // Note: It is really tempting to check that each base is relocated and
1993 : // that a derived pointer is never reused as a base pointer. This turns
1994 0 : // out to be problematic since optimizations run after safepoint insertion
1995 0 : // can recognize equality properties that the insertion logic doesn't know
1996 0 : // about. See example statepoint.ll in the verifier subdirectory
1997 0 : }
1998 1 :
1999 : void Verifier::verifyFrameRecoverIndices() {
2000 1 : for (auto &Counts : FrameEscapeInfo) {
2001 1 : Function *F = Counts.first;
2002 1 : unsigned EscapedObjectCount = Counts.second.first;
2003 1 : unsigned MaxRecoveredIndex = Counts.second.second;
2004 0 : Assert(MaxRecoveredIndex <= EscapedObjectCount,
2005 : "all indices passed to llvm.localrecover must be less than the "
2006 0 : "number of arguments passed ot llvm.localescape in the parent "
2007 0 : "function",
2008 0 : F);
2009 0 : }
2010 0 : }
2011 :
2012 0 : static Instruction *getSuccPad(Instruction *Terminator) {
2013 0 : BasicBlock *UnwindDest;
2014 0 : if (auto *II = dyn_cast<InvokeInst>(Terminator))
2015 0 : UnwindDest = II->getUnwindDest();
2016 10 : else if (auto *CSI = dyn_cast<CatchSwitchInst>(Terminator))
2017 : UnwindDest = CSI->getUnwindDest();
2018 10 : else
2019 10 : UnwindDest = cast<CleanupReturnInst>(Terminator)->getUnwindDest();
2020 10 : return UnwindDest->getFirstNonPHI();
2021 10 : }
2022 4 :
2023 : void Verifier::verifySiblingFuncletUnwinds() {
2024 4 : SmallPtrSet<Instruction *, 8> Visited;
2025 4 : SmallPtrSet<Instruction *, 8> Active;
2026 4 : for (const auto &Pair : SiblingFuncletInfo) {
2027 4 : Instruction *PredPad = Pair.first;
2028 1 : if (Visited.count(PredPad))
2029 : continue;
2030 1 : Active.insert(PredPad);
2031 1 : Instruction *Terminator = Pair.second;
2032 1 : do {
2033 1 : Instruction *SuccPad = getSuccPad(Terminator);
2034 1 : if (Active.count(SuccPad)) {
2035 : // Found a cycle; report error
2036 1 : Instruction *CyclePad = SuccPad;
2037 1 : SmallVector<Instruction *, 8> CycleNodes;
2038 1 : do {
2039 1 : CycleNodes.push_back(CyclePad);
2040 2 : Instruction *CycleTerminator = SiblingFuncletInfo[CyclePad];
2041 : if (CycleTerminator != CyclePad)
2042 2 : CycleNodes.push_back(CycleTerminator);
2043 2 : CyclePad = getSuccPad(CycleTerminator);
2044 2 : } while (CyclePad != SuccPad);
2045 2 : Assert(false, "EH pads can't handle each other's exceptions",
2046 0 : ArrayRef<Instruction *>(CycleNodes));
2047 : }
2048 0 : // Don't re-walk a node we've already checked
2049 0 : if (!Visited.insert(SuccPad).second)
2050 0 : break;
2051 0 : // Walk to this successor if it has a map entry.
2052 0 : PredPad = SuccPad;
2053 : auto TermI = SiblingFuncletInfo.find(PredPad);
2054 0 : if (TermI == SiblingFuncletInfo.end())
2055 0 : break;
2056 0 : Terminator = TermI->second;
2057 0 : Active.insert(PredPad);
2058 4 : } while (true);
2059 : // Each node only has one successor, so we've walked all the active
2060 4 : // nodes' successors.
2061 4 : Active.clear();
2062 4 : }
2063 4 : }
2064 1 :
2065 : // visitFunction - Verify that a function is ok.
2066 1 : //
2067 1 : void Verifier::visitFunction(const Function &F) {
2068 1 : visitGlobalValue(F);
2069 1 :
2070 2 : // Check function arguments.
2071 : FunctionType *FT = F.getFunctionType();
2072 2 : unsigned NumArgs = F.arg_size();
2073 2 :
2074 2 : Assert(&Context == &F.getContext(),
2075 2 : "Function context does not match Module context!", &F);
2076 2 :
2077 : Assert(!F.hasCommonLinkage(), "Functions may not have common linkage", &F);
2078 2 : Assert(FT->getNumParams() == NumArgs,
2079 2 : "# formal arguments must match # of arguments for function type!", &F,
2080 2 : FT);
2081 2 : Assert(F.getReturnType()->isFirstClassType() ||
2082 1 : F.getReturnType()->isVoidTy() || F.getReturnType()->isStructTy(),
2083 : "Functions cannot return aggregate values!", &F);
2084 1 :
2085 1 : Assert(!F.hasStructRetAttr() || F.getReturnType()->isVoidTy(),
2086 1 : "Invalid struct return type!", &F);
2087 1 :
2088 2 : AttributeList Attrs = F.getAttributes();
2089 :
2090 2 : Assert(verifyAttributeCount(Attrs, FT->getNumParams()),
2091 2 : "Attribute after last parameter!", &F);
2092 1 :
2093 2 : // Check function attributes.
2094 2 : verifyFunctionAttrs(FT, Attrs, &F);
2095 :
2096 2 : // On function declarations/definitions, we do not support the builtin
2097 2 : // attribute. We do not check this in VerifyFunctionAttrs since that is
2098 2 : // checking for Attributes that can/can not ever be on functions.
2099 2 : Assert(!Attrs.hasFnAttribute(Attribute::Builtin),
2100 4 : "Attribute 'builtin' can only be applied to a callsite.", &F);
2101 :
2102 4 : // Check that this function meets the restrictions on this calling convention.
2103 4 : // Sometimes varargs is used for perfectly forwarding thunks, so some of these
2104 4 : // restrictions can be lifted.
2105 4 : switch (F.getCallingConv()) {
2106 6 : default:
2107 : case CallingConv::C:
2108 6 : break;
2109 6 : case CallingConv::AMDGPU_KERNEL:
2110 6 : case CallingConv::SPIR_KERNEL:
2111 6 : Assert(F.getReturnType()->isVoidTy(),
2112 0 : "Calling convention requires void return type", &F);
2113 : LLVM_FALLTHROUGH;
2114 0 : case CallingConv::AMDGPU_VS:
2115 0 : case CallingConv::AMDGPU_HS:
2116 0 : case CallingConv::AMDGPU_GS:
2117 0 : case CallingConv::AMDGPU_PS:
2118 2 : case CallingConv::AMDGPU_CS:
2119 : Assert(!F.hasStructRetAttr(),
2120 2 : "Calling convention does not allow sret", &F);
2121 2 : LLVM_FALLTHROUGH;
2122 2 : case CallingConv::Fast:
2123 2 : case CallingConv::Cold:
2124 0 : case CallingConv::Intel_OCL_BI:
2125 : case CallingConv::PTX_Kernel:
2126 0 : case CallingConv::PTX_Device:
2127 0 : Assert(!F.isVarArg(), "Calling convention does not support varargs or "
2128 0 : "perfect forwarding!",
2129 0 : &F);
2130 1 : break;
2131 : }
2132 1 :
2133 1 : bool isLLVMdotName = F.getName().size() >= 5 &&
2134 1 : F.getName().substr(0, 5) == "llvm.";
2135 1 :
2136 0 : // Check that the argument values match the function type for this function...
2137 : unsigned i = 0;
2138 0 : for (const Argument &Arg : F.args()) {
2139 0 : Assert(Arg.getType() == FT->getParamType(i),
2140 0 : "Argument value does not match function argument type!", &Arg,
2141 0 : FT->getParamType(i));
2142 0 : Assert(Arg.getType()->isFirstClassType(),
2143 : "Function arguments must have first-class types!", &Arg);
2144 0 : if (!isLLVMdotName) {
2145 0 : Assert(!Arg.getType()->isMetadataTy(),
2146 0 : "Function takes metadata but isn't an intrinsic", &Arg, &F);
2147 0 : Assert(!Arg.getType()->isTokenTy(),
2148 1 : "Function takes token but isn't an intrinsic", &Arg, &F);
2149 : }
2150 1 :
2151 1 : // Check that swifterror argument is only used by loads and stores.
2152 1 : if (Attrs.hasParamAttribute(i, Attribute::SwiftError)) {
2153 1 : verifySwiftErrorValue(&Arg);
2154 12 : }
2155 : ++i;
2156 12 : }
2157 12 :
2158 11 : if (!isLLVMdotName)
2159 12 : Assert(!F.getReturnType()->isTokenTy(),
2160 1 : "Functions returns a token but isn't an intrinsic", &F);
2161 :
2162 1 : // Get the function metadata attachments.
2163 1 : SmallVector<std::pair<unsigned, MDNode *>, 4> MDs;
2164 1 : F.getAllMetadata(MDs);
2165 1 : assert(F.hasMetadata() != MDs.empty() && "Bit out-of-sync");
2166 0 : verifyFunctionMetadata(MDs);
2167 :
2168 0 : // Check validity of the personality function
2169 0 : if (F.hasPersonalityFn()) {
2170 0 : auto *Per = dyn_cast<Function>(F.getPersonalityFn()->stripPointerCasts());
2171 0 : if (Per)
2172 0 : Assert(Per->getParent() == F.getParent(),
2173 : "Referencing personality function in another module!",
2174 0 : &F, F.getParent(), Per, Per->getParent());
2175 0 : }
2176 0 :
2177 0 : if (F.isMaterializable()) {
2178 0 : // Function has a body somewhere we can't see.
2179 : Assert(MDs.empty(), "unmaterialized function cannot have metadata", &F,
2180 0 : MDs.empty() ? nullptr : MDs.front().second);
2181 0 : } else if (F.isDeclaration()) {
2182 0 : for (const auto &I : MDs) {
2183 0 : AssertDI(I.first != LLVMContext::MD_dbg,
2184 0 : "function declaration may not have a !dbg attachment", &F);
2185 : Assert(I.first != LLVMContext::MD_prof,
2186 0 : "function declaration may not have a !prof attachment", &F);
2187 0 :
2188 0 : // Verify the metadata itself.
2189 0 : visitMDNode(*I.second);
2190 0 : }
2191 : Assert(!F.hasPersonalityFn(),
2192 0 : "Function declaration shouldn't have a personality routine", &F);
2193 0 : } else {
2194 0 : // Verify that this function (which has a body) is not named "llvm.*". It
2195 0 : // is not legal to define intrinsics.
2196 0 : Assert(!isLLVMdotName, "llvm intrinsics cannot be defined!", &F);
2197 :
2198 0 : // Check the entry node
2199 0 : const BasicBlock *Entry = &F.getEntryBlock();
2200 0 : Assert(pred_empty(Entry),
2201 0 : "Entry block to function must not have predecessors!", Entry);
2202 0 :
2203 : // The address of the entry block cannot be taken, unless it is dead.
2204 0 : if (Entry->hasAddressTaken()) {
2205 0 : Assert(!BlockAddress::lookup(Entry)->isConstantUsed(),
2206 0 : "blockaddress may not be used with the entry block!", Entry);
2207 0 : }
2208 2 :
2209 : unsigned NumDebugAttachments = 0, NumProfAttachments = 0;
2210 2 : // Visit metadata attachments.
2211 2 : for (const auto &I : MDs) {
2212 2 : // Verify that the attachment is legal.
2213 2 : switch (I.first) {
2214 6 : default:
2215 : break;
2216 6 : case LLVMContext::MD_dbg: {
2217 6 : ++NumDebugAttachments;
2218 6 : AssertDI(NumDebugAttachments == 1,
2219 6 : "function must have a single !dbg attachment", &F, I.second);
2220 0 : AssertDI(isa<DISubprogram>(I.second),
2221 : "function !dbg attachment must be a subprogram", &F, I.second);
2222 0 : auto *SP = cast<DISubprogram>(I.second);
2223 0 : const Function *&AttachedTo = DISubprogramAttachments[SP];
2224 0 : AssertDI(!AttachedTo || AttachedTo == &F,
2225 0 : "DISubprogram attached to more than one function", SP, &F);
2226 0 : AttachedTo = &F;
2227 : break;
2228 0 : }
2229 0 : case LLVMContext::MD_prof:
2230 0 : ++NumProfAttachments;
2231 0 : Assert(NumProfAttachments == 1,
2232 0 : "function must have a single !prof attachment", &F, I.second);
2233 : break;
2234 0 : }
2235 0 :
2236 0 : // Verify the metadata itself.
2237 0 : visitMDNode(*I.second);
2238 0 : }
2239 : }
2240 0 :
2241 0 : // If this function is actually an intrinsic, verify that it is only used in
2242 0 : // direct call/invokes, never having its "address taken".
2243 0 : // Only do this if the module is materialized, otherwise we don't have all the
2244 3 : // uses.
2245 : if (F.getIntrinsicID() && F.getParent()->isMaterialized()) {
2246 3 : const User *U;
2247 3 : if (F.hasAddressTaken(&U))
2248 3 : Assert(false, "Invalid user of intrinsic instruction!", U);
2249 3 : }
2250 0 :
2251 : auto *N = F.getSubprogram();
2252 0 : HasDebugInfo = (N != nullptr);
2253 0 : if (!HasDebugInfo)
2254 0 : return;
2255 0 :
2256 0 : // Check that all !dbg attachments lead to back to N (or, at least, another
2257 : // subprogram that describes the same function).
2258 0 : //
2259 0 : // FIXME: Check this incrementally while visiting !dbg attachments.
2260 0 : // FIXME: Only check when N is the canonical subprogram for F.
2261 0 : SmallPtrSet<const MDNode *, 32> Seen;
2262 0 : for (auto &BB : F)
2263 : for (auto &I : BB) {
2264 0 : // Be careful about using DILocation here since we might be dealing with
2265 0 : // broken code (this is the Verifier after all).
2266 0 : DILocation *DL =
2267 0 : dyn_cast_or_null<DILocation>(I.getDebugLoc().getAsMDNode());
2268 : if (!DL)
2269 : continue;
2270 : if (!Seen.insert(DL).second)
2271 : continue;
2272 :
2273 : Metadata *Parent = DL->getRawScope();
2274 : AssertDI(Parent && isa<DILocalScope>(Parent),
2275 : "DILocation's scope must be a DILocalScope", N, &F, &I, DL,
2276 : Parent);
2277 : DILocalScope *Scope = DL->getInlinedAtScope();
2278 : if (Scope && !Seen.insert(Scope).second)
2279 : continue;
2280 :
2281 : DISubprogram *SP = Scope ? Scope->getSubprogram() : nullptr;
2282 :
2283 : // Scope and SP could be the same MDNode and we don't want to skip
2284 : // validation in that case
2285 : if (SP && ((Scope != SP) && !Seen.insert(SP).second))
2286 : continue;
2287 :
2288 : // FIXME: Once N is canonical, check "SP == &N".
2289 : AssertDI(SP->describes(&F),
2290 : "!dbg attachment points at wrong subprogram for function", N, &F,
2291 : &I, DL, Scope, SP);
2292 : }
2293 : }
2294 :
2295 : // verifyBasicBlock - Verify that a basic block is well formed...
2296 : //
2297 : void Verifier::visitBasicBlock(BasicBlock &BB) {
2298 : InstsInThisBlock.clear();
2299 :
2300 : // Ensure that basic blocks have terminators!
2301 : Assert(BB.getTerminator(), "Basic Block does not have terminator!", &BB);
2302 :
2303 : // Check constraints that this basic block imposes on all of the PHI nodes in
2304 : // it.
2305 : if (isa<PHINode>(BB.front())) {
2306 : SmallVector<BasicBlock*, 8> Preds(pred_begin(&BB), pred_end(&BB));
2307 : SmallVector<std::pair<BasicBlock*, Value*>, 8> Values;
2308 : llvm::sort(Preds);
2309 : for (const PHINode &PN : BB.phis()) {
2310 : // Ensure that PHI nodes have at least one entry!
2311 : Assert(PN.getNumIncomingValues() != 0,
2312 : "PHI nodes must have at least one entry. If the block is dead, "
2313 : "the PHI should be removed!",
2314 : &PN);
2315 : Assert(PN.getNumIncomingValues() == Preds.size(),
2316 : "PHINode should have one entry for each predecessor of its "
2317 : "parent basic block!",
2318 : &PN);
2319 :
2320 : // Get and sort all incoming values in the PHI node...
2321 : Values.clear();
2322 : Values.reserve(PN.getNumIncomingValues());
2323 : for (unsigned i = 0, e = PN.getNumIncomingValues(); i != e; ++i)
2324 : Values.push_back(
2325 : std::make_pair(PN.getIncomingBlock(i), PN.getIncomingValue(i)));
2326 : llvm::sort(Values);
2327 :
2328 : for (unsigned i = 0, e = Values.size(); i != e; ++i) {
2329 : // Check to make sure that if there is more than one entry for a
2330 : // particular basic block in this PHI node, that the incoming values are
2331 : // all identical.
2332 : //
2333 100162 : Assert(i == 0 || Values[i].first != Values[i - 1].first ||
2334 : Values[i].second == Values[i - 1].second,
2335 100162 : "PHI node has multiple entries for the same basic block with "
2336 200324 : "different incoming values!",
2337 100162 : &PN, Values[i].first, Values[i].second, Values[i - 1].second);
2338 100162 :
2339 : // Check to make sure that the predecessors and PHI node entries are
2340 0 : // matched up.
2341 : Assert(Values[i].first == Preds[i],
2342 1120505 : "PHI node entries do not match predecessors!", &PN,
2343 : Values[i].first, Preds[i]);
2344 : }
2345 : }
2346 : }
2347 :
2348 : // Check that all instructions have their parent pointers set up correctly.
2349 : for (auto &I : BB)
2350 : {
2351 : Assert(I.getParent() == &BB, "Instruction has bogus parent pointer!");
2352 1120505 : }
2353 825671 : }
2354 :
2355 2335780 : void Verifier::visitTerminator(Instruction &I) {
2356 2430554 : // Ensure that terminators only exist at the end of the basic block.
2357 : Assert(&I == I.getParent()->getTerminator(),
2358 : "Terminator found in the middle of a basic block!", I.getParent());
2359 3 : visitInstruction(I);
2360 0 : }
2361 0 :
2362 0 : void Verifier::visitBranchInst(BranchInst &BI) {
2363 0 : if (BI.isConditional()) {
2364 : Assert(BI.getCondition()->getType()->isIntegerTy(1),
2365 : "Branch condition is not 'i1' type!", &BI, BI.getCondition());
2366 : }
2367 : visitTerminator(BI);
2368 1120502 : }
2369 :
2370 1120502 : void Verifier::visitReturnInst(ReturnInst &RI) {
2371 1120502 : Function *F = RI.getParent()->getParent();
2372 1120502 : unsigned N = RI.getNumOperands();
2373 : if (F->getReturnType()->isVoidTy())
2374 1120502 : Assert(N == 0,
2375 1120502 : "Found return instr that returns non-void in Function of void "
2376 : "return type!",
2377 : &RI, F->getReturnType());
2378 1120502 : else
2379 : Assert(N == 1 && F->getReturnType() == RI.getOperand(0)->getType(),
2380 : "Function return type does not match operand "
2381 : "type of return inst!",
2382 99154 : &RI, F->getReturnType());
2383 99154 :
2384 : // Check to make sure that the return value has necessary properties for
2385 : // terminators...
2386 1220983 : visitTerminator(RI);
2387 1121829 : }
2388 45 :
2389 : void Verifier::visitSwitchInst(SwitchInst &SI) {
2390 : // Check to make sure that all of the constants in the switch instruction
2391 : // have the same type as the switched-on value.
2392 99154 : Type *SwitchTy = SI.getCondition()->getType();
2393 259258 : SmallPtrSet<ConstantInt*, 32> Constants;
2394 160104 : for (auto &Case : SI.cases()) {
2395 : Assert(Case.getCaseValue()->getType() == SwitchTy,
2396 102258 : "Switch constants must all be same type as switch value!", &SI);
2397 3104 : Assert(Constants.insert(Case.getCaseValue()).second,
2398 : "Duplicate integer as switch case", &SI, Case.getCaseValue());
2399 138842 : }
2400 39688 :
2401 : visitTerminator(SI);
2402 230410 : }
2403 32102 :
2404 : void Verifier::visitIndirectBrInst(IndirectBrInst &BI) {
2405 99154 : Assert(BI.getAddress()->getType()->isPointerTy(),
2406 99154 : "Indirectbr operand must have pointer type!", &BI);
2407 : for (unsigned i = 0, e = BI.getNumDestinations(); i != e; ++i)
2408 99154 : Assert(BI.getDestination(i)->getType()->isLabelTy(),
2409 : "Indirectbr destinations must all have pointer type!", &BI);
2410 99154 :
2411 99154 : visitTerminator(BI);
2412 99154 : }
2413 :
2414 : void Verifier::visitSelectInst(SelectInst &SI) {
2415 : Assert(!SelectInst::areInvalidOperands(SI.getOperand(0), SI.getOperand(1),
2416 : SI.getOperand(2)),
2417 : "Invalid operands for select instruction!", &SI);
2418 :
2419 : Assert(SI.getTrueValue()->getType() == SI.getType(),
2420 : "Select values must have same type as select instruction!", &SI);
2421 : visitInstruction(SI);
2422 : }
2423 :
2424 : /// visitUserOp1 - User defined operators shouldn't live beyond the lifetime of
2425 : /// a pass, if any exist, it's an error.
2426 : ///
2427 : void Verifier::visitUserOp1(Instruction &I) {
2428 : Assert(false, "User-defined operators should not live outside of a pass!", &I);
2429 : }
2430 :
2431 : void Verifier::visitTruncInst(TruncInst &I) {
2432 : // Get the source and destination types
2433 : Type *SrcTy = I.getOperand(0)->getType();
2434 : Type *DestTy = I.getType();
2435 :
2436 : // Get the size of the types in bits, we'll need this later
2437 : unsigned SrcBitSize = SrcTy->getScalarSizeInBits();
2438 : unsigned DestBitSize = DestTy->getScalarSizeInBits();
2439 :
2440 : Assert(SrcTy->isIntOrIntVectorTy(), "Trunc only operates on integer", &I);
2441 : Assert(DestTy->isIntOrIntVectorTy(), "Trunc only produces integer", &I);
2442 : Assert(SrcTy->isVectorTy() == DestTy->isVectorTy(),
2443 : "trunc source and destination must both be a vector or neither", &I);
2444 : Assert(SrcBitSize > DestBitSize, "DestTy too big for Trunc", &I);
2445 :
2446 : visitInstruction(I);
2447 : }
2448 :
2449 : void Verifier::visitZExtInst(ZExtInst &I) {
2450 : // Get the source and destination types
2451 : Type *SrcTy = I.getOperand(0)->getType();
2452 : Type *DestTy = I.getType();
2453 :
2454 : // Get the size of the types in bits, we'll need this later
2455 : Assert(SrcTy->isIntOrIntVectorTy(), "ZExt only operates on integer", &I);
2456 : Assert(DestTy->isIntOrIntVectorTy(), "ZExt only produces an integer", &I);
2457 : Assert(SrcTy->isVectorTy() == DestTy->isVectorTy(),
2458 : "zext source and destination must both be a vector or neither", &I);
2459 : unsigned SrcBitSize = SrcTy->getScalarSizeInBits();
2460 : unsigned DestBitSize = DestTy->getScalarSizeInBits();
2461 :
2462 : Assert(SrcBitSize < DestBitSize, "Type too small for ZExt", &I);
2463 :
2464 : visitInstruction(I);
2465 : }
2466 :
2467 : void Verifier::visitSExtInst(SExtInst &I) {
2468 : // Get the source and destination types
2469 : Type *SrcTy = I.getOperand(0)->getType();
2470 : Type *DestTy = I.getType();
2471 :
2472 : // Get the size of the types in bits, we'll need this later
2473 638 : unsigned SrcBitSize = SrcTy->getScalarSizeInBits();
2474 : unsigned DestBitSize = DestTy->getScalarSizeInBits();
2475 :
2476 : Assert(SrcTy->isIntOrIntVectorTy(), "SExt only operates on integer", &I);
2477 : Assert(DestTy->isIntOrIntVectorTy(), "SExt only produces an integer", &I);
2478 : Assert(SrcTy->isVectorTy() == DestTy->isVectorTy(),
2479 : "sext source and destination must both be a vector or neither", &I);
2480 : Assert(SrcBitSize < DestBitSize, "Type too small for SExt", &I);
2481 :
2482 : visitInstruction(I);
2483 : }
2484 :
2485 : void Verifier::visitFPTruncInst(FPTruncInst &I) {
2486 : // Get the source and destination types
2487 : Type *SrcTy = I.getOperand(0)->getType();
2488 : Type *DestTy = I.getType();
2489 : // Get the size of the types in bits, we'll need this later
2490 : unsigned SrcBitSize = SrcTy->getScalarSizeInBits();
2491 : unsigned DestBitSize = DestTy->getScalarSizeInBits();
2492 :
2493 : Assert(SrcTy->isFPOrFPVectorTy(), "FPTrunc only operates on FP", &I);
2494 : Assert(DestTy->isFPOrFPVectorTy(), "FPTrunc only produces an FP", &I);
2495 : Assert(SrcTy->isVectorTy() == DestTy->isVectorTy(),
2496 : "fptrunc source and destination must both be a vector or neither", &I);
2497 : Assert(SrcBitSize > DestBitSize, "DestTy too big for FPTrunc", &I);
2498 :
2499 : visitInstruction(I);
2500 : }
2501 :
2502 : void Verifier::visitFPExtInst(FPExtInst &I) {
2503 : // Get the source and destination types
2504 : Type *SrcTy = I.getOperand(0)->getType();
2505 : Type *DestTy = I.getType();
2506 :
2507 : // Get the size of the types in bits, we'll need this later
2508 : unsigned SrcBitSize = SrcTy->getScalarSizeInBits();
2509 : unsigned DestBitSize = DestTy->getScalarSizeInBits();
2510 :
2511 : Assert(SrcTy->isFPOrFPVectorTy(), "FPExt only operates on FP", &I);
2512 : Assert(DestTy->isFPOrFPVectorTy(), "FPExt only produces an FP", &I);
2513 : Assert(SrcTy->isVectorTy() == DestTy->isVectorTy(),
2514 : "fpext source and destination must both be a vector or neither", &I);
2515 : Assert(SrcBitSize < DestBitSize, "DestTy too small for FPExt", &I);
2516 :
2517 : visitInstruction(I);
2518 : }
2519 :
2520 : void Verifier::visitUIToFPInst(UIToFPInst &I) {
2521 : // Get the source and destination types
2522 : Type *SrcTy = I.getOperand(0)->getType();
2523 : Type *DestTy = I.getType();
2524 :
2525 : bool SrcVec = SrcTy->isVectorTy();
2526 : bool DstVec = DestTy->isVectorTy();
2527 :
2528 : Assert(SrcVec == DstVec,
2529 : "UIToFP source and dest must both be vector or scalar", &I);
2530 : Assert(SrcTy->isIntOrIntVectorTy(),
2531 : "UIToFP source must be integer or integer vector", &I);
2532 : Assert(DestTy->isFPOrFPVectorTy(), "UIToFP result must be FP or FP vector",
2533 : &I);
2534 :
2535 : if (SrcVec && DstVec)
2536 : Assert(cast<VectorType>(SrcTy)->getNumElements() ==
2537 : cast<VectorType>(DestTy)->getNumElements(),
2538 : "UIToFP source and dest vector length mismatch", &I);
2539 :
2540 : visitInstruction(I);
2541 : }
2542 :
2543 : void Verifier::visitSIToFPInst(SIToFPInst &I) {
2544 : // Get the source and destination types
2545 : Type *SrcTy = I.getOperand(0)->getType();
2546 : Type *DestTy = I.getType();
2547 :
2548 : bool SrcVec = SrcTy->isVectorTy();
2549 : bool DstVec = DestTy->isVectorTy();
2550 :
2551 : Assert(SrcVec == DstVec,
2552 : "SIToFP source and dest must both be vector or scalar", &I);
2553 : Assert(SrcTy->isIntOrIntVectorTy(),
2554 : "SIToFP source must be integer or integer vector", &I);
2555 6361895 : Assert(DestTy->isFPOrFPVectorTy(), "SIToFP result must be FP or FP vector",
2556 17150195 : &I);
2557 21576600 :
2558 6361895 : if (SrcVec && DstVec)
2559 : Assert(cast<VectorType>(SrcTy)->getNumElements() ==
2560 : cast<VectorType>(DestTy)->getNumElements(),
2561 : "SIToFP source and dest vector length mismatch", &I);
2562 :
2563 : visitInstruction(I);
2564 1553365 : }
2565 :
2566 : void Verifier::visitFPToUIInst(FPToUIInst &I) {
2567 1553365 : // Get the source and destination types
2568 : Type *SrcTy = I.getOperand(0)->getType();
2569 2653742 : Type *DestTy = I.getType();
2570 1181909 :
2571 269668 : bool SrcVec = SrcTy->isVectorTy();
2572 : bool DstVec = DestTy->isVectorTy();
2573 :
2574 1283702 : Assert(SrcVec == DstVec,
2575 1283706 : "FPToUI source and dest must both be vector or scalar", &I);
2576 : Assert(SrcTy->isFPOrFPVectorTy(), "FPToUI source must be FP or FP vector",
2577 : &I);
2578 1283700 : Assert(DestTy->isIntOrIntVectorTy(),
2579 : "FPToUI result must be integer or integer vector", &I);
2580 1283700 :
2581 : if (SrcVec && DstVec)
2582 : Assert(cast<VectorType>(SrcTy)->getNumElements() ==
2583 1283700 : cast<VectorType>(DestTy)->getNumElements(),
2584 3899 : "FPToUI source and dest vector length mismatch", &I);
2585 3899 :
2586 : visitInstruction(I);
2587 : }
2588 :
2589 1282812 : void Verifier::visitFPToSIInst(FPToSIInst &I) {
2590 325059 : // Get the source and destination types
2591 : Type *SrcTy = I.getOperand(0)->getType();
2592 1283697 : Type *DestTy = I.getType();
2593 1846 :
2594 : bool SrcVec = SrcTy->isVectorTy();
2595 : bool DstVec = DestTy->isVectorTy();
2596 1846 :
2597 : Assert(SrcVec == DstVec,
2598 : "FPToSI source and dest must both be vector or scalar", &I);
2599 : Assert(SrcTy->isFPOrFPVectorTy(), "FPToSI source must be FP or FP vector",
2600 : &I);
2601 : Assert(DestTy->isIntOrIntVectorTy(),
2602 97967 : "FPToSI result must be integer or integer vector", &I);
2603 :
2604 : if (SrcVec && DstVec)
2605 : Assert(cast<VectorType>(SrcTy)->getNumElements() ==
2606 1283697 : cast<VectorType>(DestTy)->getNumElements(),
2607 9080 : "FPToSI source and dest vector length mismatch", &I);
2608 :
2609 : visitInstruction(I);
2610 2567394 : }
2611 :
2612 : void Verifier::visitPtrToIntInst(PtrToIntInst &I) {
2613 : // Get the source and destination types
2614 : Type *SrcTy = I.getOperand(0)->getType();
2615 : Type *DestTy = I.getType();
2616 :
2617 : Assert(SrcTy->isPtrOrPtrVectorTy(), "PtrToInt source must be pointer", &I);
2618 :
2619 : if (auto *PTy = dyn_cast<PointerType>(SrcTy->getScalarType()))
2620 : Assert(!DL.isNonIntegralPointerType(PTy),
2621 : "ptrtoint not supported for non-integral pointers");
2622 :
2623 : Assert(DestTy->isIntOrIntVectorTy(), "PtrToInt result must be integral", &I);
2624 : Assert(SrcTy->isVectorTy() == DestTy->isVectorTy(), "PtrToInt type mismatch",
2625 : &I);
2626 :
2627 : if (SrcTy->isVectorTy()) {
2628 : VectorType *VSrc = dyn_cast<VectorType>(SrcTy);
2629 : VectorType *VDest = dyn_cast<VectorType>(DestTy);
2630 160104 : Assert(VSrc->getNumElements() == VDest->getNumElements(),
2631 160104 : "PtrToInt Vector width mismatch", &I);
2632 160112 : }
2633 :
2634 : visitInstruction(I);
2635 : }
2636 :
2637 : void Verifier::visitIntToPtrInst(IntToPtrInst &I) {
2638 130541 : // Get the source and destination types
2639 15805 : Type *SrcTy = I.getOperand(0)->getType();
2640 : Type *DestTy = I.getType();
2641 15805 :
2642 : Assert(SrcTy->isIntOrIntVectorTy(),
2643 15805 : "IntToPtr source must be an integral", &I);
2644 : Assert(DestTy->isPtrOrPtrVectorTy(), "IntToPtr result must be a pointer", &I);
2645 :
2646 : if (auto *PTy = dyn_cast<PointerType>(DestTy->getScalarType()))
2647 160103 : Assert(!DL.isNonIntegralPointerType(PTy),
2648 150592 : "inttoptr not supported for non-integral pointers");
2649 2586 :
2650 : Assert(SrcTy->isVectorTy() == DestTy->isVectorTy(), "IntToPtr type mismatch",
2651 : &I);
2652 : if (SrcTy->isVectorTy()) {
2653 2586 : VectorType *VSrc = dyn_cast<VectorType>(SrcTy);
2654 2586 : VectorType *VDest = dyn_cast<VectorType>(DestTy);
2655 : Assert(VSrc->getNumElements() == VDest->getNumElements(),
2656 2586 : "IntToPtr Vector width mismatch", &I);
2657 2586 : }
2658 : visitInstruction(I);
2659 2586 : }
2660 :
2661 : void Verifier::visitBitCastInst(BitCastInst &I) {
2662 : Assert(
2663 : CastInst::castIsValid(Instruction::BitCast, I.getOperand(0), I.getType()),
2664 2585 : "Invalid bitcast", &I);
2665 2383 : visitInstruction(I);
2666 2383 : }
2667 :
2668 : void Verifier::visitAddrSpaceCastInst(AddrSpaceCastInst &I) {
2669 : Type *SrcTy = I.getOperand(0)->getType();
2670 : Type *DestTy = I.getType();
2671 :
2672 : Assert(SrcTy->isPtrOrPtrVectorTy(), "AddrSpaceCast source must be a pointer",
2673 160101 : &I);
2674 152560 : Assert(DestTy->isPtrOrPtrVectorTy(), "AddrSpaceCast result must be a pointer",
2675 1283 : &I);
2676 : Assert(SrcTy->getPointerAddressSpace() != DestTy->getPointerAddressSpace(),
2677 1283 : "AddrSpaceCast must be between different address spaces", &I);
2678 : if (SrcTy->isVectorTy())
2679 1282 : Assert(SrcTy->getVectorNumElements() == DestTy->getVectorNumElements(),
2680 4 : "AddrSpaceCast vector pointer number of elements mismatch", &I);
2681 1280 : visitInstruction(I);
2682 1277 : }
2683 :
2684 3 : /// visitPHINode - Ensure that a PHI node is well formed.
2685 : ///
2686 12293 : void Verifier::visitPHINode(PHINode &PN) {
2687 9742 : // Ensure that the PHI nodes are all grouped together at the top of the block.
2688 9742 : // This can be tested by checking whether the instruction before this is
2689 : // either nonexistent (because this is begin()) or is a PHI node. If not,
2690 : // then there is some other instruction before a PHI.
2691 9741 : Assert(&PN == &PN.getParent()->front() ||
2692 : isa<PHINode>(--BasicBlock::iterator(&PN)),
2693 : "PHI nodes not grouped at top of basic block!", &PN, PN.getParent());
2694 :
2695 : // Check that a PHI doesn't yield a Token.
2696 : Assert(!PN.getType()->isTokenTy(), "PHI nodes cannot have token type!");
2697 :
2698 : // Check that all of the values of the PHI node have the same type as the
2699 160097 : // result, and that the incoming blocks are really basic blocks.
2700 163578 : for (Value *IncValue : PN.incoming_values()) {
2701 : Assert(PN.getType() == IncValue->getType(),
2702 3481 : "PHI node operands are not the same type as the result!", &PN);
2703 : }
2704 2 :
2705 : // All other PHI node constraints are checked in the visitBasicBlock method.
2706 :
2707 : visitInstruction(PN);
2708 160096 : }
2709 29563 :
2710 29563 : void Verifier::verifyCallSite(CallSite CS) {
2711 : Instruction *I = CS.getInstruction();
2712 :
2713 : Assert(CS.getCalledValue()->getType()->isPointerTy(),
2714 130533 : "Called function must be a pointer!", I);
2715 : PointerType *FPTy = cast<PointerType>(CS.getCalledValue()->getType());
2716 130533 :
2717 : Assert(FPTy->getElementType()->isFunctionTy(),
2718 : "Called function is not pointer to function type!", I);
2719 3104 :
2720 : Assert(FPTy->getElementType() == CS.getFunctionType(),
2721 3104 : "Called function is not the same type as the call!", I);
2722 3104 :
2723 3104 : FunctionType *FTy = CS.getFunctionType();
2724 :
2725 6374 : // Verify that the correct number of arguments are being passed
2726 : if (FTy->isVarArg())
2727 : Assert(CS.arg_size() >= FTy->getNumParams(),
2728 3134 : "Called function requires more parameters than were provided!", I);
2729 : else
2730 : Assert(CS.arg_size() == FTy->getNumParams(),
2731 : "Incorrect number of arguments passed to called function!", I);
2732 68 :
2733 : // Verify that all arguments to the call match the function type.
2734 2 : for (unsigned i = 0, e = FTy->getNumParams(); i != e; ++i)
2735 : Assert(CS.getArgument(i)->getType() == FTy->getParamType(i),
2736 : "Call parameter type does not match function signature!",
2737 : CS.getArgument(i), FTy->getParamType(i), I);
2738 :
2739 : AttributeList Attrs = CS.getAttributes();
2740 :
2741 : Assert(verifyAttributeCount(Attrs, CS.arg_size()),
2742 : "Attribute after last parameter!", I);
2743 :
2744 1506 : if (Attrs.hasAttribute(AttributeList::FunctionIndex, Attribute::Speculatable)) {
2745 : // Don't allow speculatable on call sites, unless the underlying function
2746 9882 : // declaration is also speculatable.
2747 3270 : Function *Callee
2748 : = dyn_cast<Function>(CS.getCalledValue()->stripPointerCasts());
2749 72 : Assert(Callee && Callee->isSpeculatable(),
2750 : "speculatable attribute may not apply to call sites", I);
2751 3198 : }
2752 :
2753 : // Verify call attributes.
2754 : verifyFunctionAttrs(FTy, Attrs, I);
2755 3104 :
2756 0 : // Conservatively check the inalloca argument.
2757 : // We have a bug if we can find that there is an underlying alloca without
2758 : // inalloca.
2759 : if (CS.hasInAllocaArgument()) {
2760 : Value *InAllocaArg = CS.getArgument(FTy->getNumParams() - 1);
2761 0 : if (auto AI = dyn_cast<AllocaInst>(InAllocaArg->stripInBoundsOffsets()))
2762 3104 : Assert(AI->isUsedWithInAlloca(),
2763 : "inalloca argument for call has mismatched alloca", AI, I);
2764 : }
2765 1368 :
2766 : // For each argument of the callsite, if it has the swifterror argument,
2767 : // make sure the underlying alloca/parameter it comes from has a swifterror as
2768 3104 : // well.
2769 : for (unsigned i = 0, e = FTy->getNumParams(); i != e; ++i)
2770 3104 : if (CS.paramHasAttr(i, Attribute::SwiftError)) {
2771 : Value *SwiftErrorArg = CS.getArgument(i);
2772 : if (auto AI = dyn_cast<AllocaInst>(SwiftErrorArg->stripInBoundsOffsets())) {
2773 39688 : Assert(AI->isSwiftError(),
2774 : "swifterror argument for call has mismatched alloca", AI, I);
2775 : continue;
2776 72338 : }
2777 7040 : auto ArgI = dyn_cast<Argument>(SwiftErrorArg);
2778 : Assert(ArgI, "swifterror argument should come from an alloca or parameter", SwiftErrorArg, I);
2779 : Assert(ArgI->hasSwiftErrorAttr(),
2780 106497 : "swifterror argument for call has mismatched parameter", ArgI, I);
2781 66817 : }
2782 8661 :
2783 : if (FTy->isVarArg()) {
2784 66810 : // FIXME? is 'nest' even legal here?
2785 : bool SawNest = false;
2786 : bool SawReturned = false;
2787 66810 :
2788 : for (unsigned Idx = 0; Idx < FTy->getNumParams(); ++Idx) {
2789 : if (Attrs.hasParamAttribute(Idx, Attribute::Nest))
2790 : SawNest = true;
2791 534934 : if (Attrs.hasParamAttribute(Idx, Attribute::Returned))
2792 : SawReturned = true;
2793 : }
2794 534934 :
2795 : // Check attributes on the varargs part.
2796 : for (unsigned Idx = FTy->getNumParams(); Idx < CS.arg_size(); ++Idx) {
2797 519270 : Type *Ty = CS.getArgument(Idx)->getType();
2798 0 : AttributeSet ArgAttrs = Attrs.getParamAttributes(Idx);
2799 0 : verifyParameterAttrs(ArgAttrs, Ty, I);
2800 :
2801 : if (ArgAttrs.hasAttribute(Attribute::Nest)) {
2802 : Assert(!SawNest, "More than one parameter has attribute nest!", I);
2803 : SawNest = true;
2804 : }
2805 :
2806 : if (ArgAttrs.hasAttribute(Attribute::Returned)) {
2807 : Assert(!SawReturned, "More than one parameter has attribute returned!",
2808 : I);
2809 1095189 : Assert(Ty->canLosslesslyBitCastTo(FTy->getReturnType()),
2810 835554 : "Incompatible argument and return types for 'returned' "
2811 : "attribute",
2812 612538 : I);
2813 : SawReturned = true;
2814 : }
2815 319701 :
2816 319701 : Assert(!ArgAttrs.hasAttribute(Attribute::StructRet),
2817 : "Attribute 'sret' cannot be used for vararg call arguments!", I);
2818 :
2819 113803 : if (ArgAttrs.hasAttribute(Attribute::InAlloca))
2820 113803 : Assert(Idx == CS.arg_size() - 1, "inalloca isn't on the last argument!",
2821 : I);
2822 : }
2823 : }
2824 :
2825 259635 : // Verify that there's no metadata unless it's a direct call to an intrinsic.
2826 0 : if (CS.getCalledFunction() == nullptr ||
2827 : !CS.getCalledFunction()->getName().startswith("llvm.")) {
2828 : for (Type *ParamTy : FTy->params()) {
2829 127438 : Assert(!ParamTy->isMetadataTy(),
2830 242319 : "Function has metadata parameter but isn't an intrinsic", I);
2831 254876 : Assert(!ParamTy->isTokenTy(),
2832 : "Function has token parameter but isn't an intrinsic", I);
2833 : }
2834 127438 : }
2835 127438 :
2836 : // Verify that indirect calls don't return tokens.
2837 : if (CS.getCalledFunction() == nullptr)
2838 12557 : Assert(!FTy->getReturnType()->isTokenTy(),
2839 : "Return type cannot be token for indirect call!");
2840 :
2841 : if (Function *F = CS.getCalledFunction())
2842 : if (Intrinsic::ID ID = (Intrinsic::ID)F->getIntrinsicID())
2843 14354 : visitIntrinsicCallSite(ID, CS);
2844 10760 :
2845 10760 : // Verify that a callsite has at most one "deopt", at most one "funclet" and
2846 : // at most one "gc-transition" operand bundle.
2847 0 : bool FoundDeoptBundle = false, FoundFuncletBundle = false,
2848 : FoundGCTransitionBundle = false;
2849 1797 : for (unsigned i = 0, e = CS.getNumOperandBundles(); i < e; ++i) {
2850 : OperandBundleUse BU = CS.getOperandBundleAt(i);
2851 : uint32_t Tag = BU.getTagID();
2852 12557 : if (Tag == LLVMContext::OB_deopt) {
2853 : Assert(!FoundDeoptBundle, "Multiple deopt operand bundles", I);
2854 : FoundDeoptBundle = true;
2855 48480 : } else if (Tag == LLVMContext::OB_gc_transition) {
2856 48480 : Assert(!FoundGCTransitionBundle, "Multiple gc-transition operand bundles",
2857 : I);
2858 31679 : FoundGCTransitionBundle = true;
2859 31679 : } else if (Tag == LLVMContext::OB_funclet) {
2860 : Assert(!FoundFuncletBundle, "Multiple funclet operand bundles", I);
2861 : FoundFuncletBundle = true;
2862 : Assert(BU.Inputs.size() == 1,
2863 : "Expected exactly one funclet bundle operand", I);
2864 16801 : Assert(isa<FuncletPadInst>(BU.Inputs.front()),
2865 : "Funclet bundle operands should correspond to a FuncletPadInst",
2866 : I);
2867 : }
2868 13635 : }
2869 :
2870 : // Verify that each inlinable callsite of a debug-info-bearing function in a
2871 64376 : // debug-info-bearing function has a debug location attached to it. Failure to
2872 32279 : // do so causes assertion failures when the inliner sets up inline scope info.
2873 1103 : if (I->getFunction()->getSubprogram() && CS.getCalledFunction() &&
2874 : CS.getCalledFunction()->getSubprogram())
2875 42855 : AssertDI(I->getDebugLoc(), "inlinable function call in a function with "
2876 42857 : "debug info must have a !dbg location",
2877 : I);
2878 42854 :
2879 2193 : visitInstruction(*I);
2880 : }
2881 31418 :
2882 : /// Two types are "congruent" if they are identical, or if they are both pointer
2883 : /// types with different pointee types and the same address space.
2884 52 : static bool isTypeCongruent(Type *L, Type *R) {
2885 52 : if (L == R)
2886 : return true;
2887 : PointerType *PL = dyn_cast<PointerType>(L);
2888 17537 : PointerType *PR = dyn_cast<PointerType>(R);
2889 17537 : if (!PL || !PR)
2890 10091 : return false;
2891 : return PL->getAddressSpace() == PR->getAddressSpace();
2892 : }
2893 783 :
2894 783 : static AttrBuilder getParameterABIAttributes(int I, AttributeList Attrs) {
2895 : static const Attribute::AttrKind ABIAttrs[] = {
2896 783 : Attribute::StructRet, Attribute::ByVal, Attribute::InAlloca,
2897 : Attribute::InReg, Attribute::Returned, Attribute::SwiftSelf,
2898 1489 : Attribute::SwiftError};
2899 : AttrBuilder Copy;
2900 : for (auto AK : ABIAttrs) {
2901 : if (Attrs.hasParamAttribute(I, AK))
2902 : Copy.addAttribute(AK);
2903 24670 : }
2904 24670 : if (Attrs.hasParamAttribute(I, Attribute::Alignment))
2905 : Copy.addAlignmentAttr(Attrs.getParamAlignment(I));
2906 : return Copy;
2907 6267 : }
2908 12534 :
2909 : void Verifier::verifyMustTailCall(CallInst &CI) {
2910 : Assert(!CI.isInlineAsm(), "cannot use musttail call with inline asm", &CI);
2911 6267 :
2912 : // - The caller and callee prototypes must match. Pointer types of
2913 : // parameters or return types may differ in pointee type, but not
2914 : // address space.
2915 11842 : Function *F = CI.getParent()->getParent();
2916 : FunctionType *CallerTy = F->getFunctionType();
2917 11842 : FunctionType *CalleeTy = CI.getFunctionType();
2918 : if (!CI.getCalledFunction() || !CI.getCalledFunction()->isIntrinsic()) {
2919 23684 : Assert(CallerTy->getNumParams() == CalleeTy->getNumParams(),
2920 : "cannot guarantee tail call due to mismatched parameter counts",
2921 : &CI);
2922 : for (int I = 0, E = CallerTy->getNumParams(); I != E; ++I) {
2923 : Assert(
2924 : isTypeCongruent(CallerTy->getParamType(I), CalleeTy->getParamType(I)),
2925 : "cannot guarantee tail call due to mismatched parameter types", &CI);
2926 : }
2927 : }
2928 : Assert(CallerTy->isVarArg() == CalleeTy->isVarArg(),
2929 : "cannot guarantee tail call due to mismatched varargs", &CI);
2930 : Assert(isTypeCongruent(CallerTy->getReturnType(), CalleeTy->getReturnType()),
2931 : "cannot guarantee tail call due to mismatched return types", &CI);
2932 11842 :
2933 0 : // - The calling conventions of the caller and callee must match.
2934 : Assert(F->getCallingConv() == CI.getCallingConv(),
2935 : "cannot guarantee tail call due to mismatched calling conv", &CI);
2936 :
2937 0 : // - All ABI-impacting function attributes, such as sret, byval, inreg,
2938 8 : // returned, and inalloca, must match.
2939 : AttributeList CallerAttrs = F->getAttributes();
2940 : AttributeList CalleeAttrs = CI.getAttributes();
2941 11838 : for (int I = 0, E = CallerTy->getNumParams(); I != E; ++I) {
2942 42 : AttrBuilder CallerABIAttrs = getParameterABIAttributes(I, CallerAttrs);
2943 : AttrBuilder CalleeABIAttrs = getParameterABIAttributes(I, CalleeAttrs);
2944 : Assert(CallerABIAttrs == CalleeABIAttrs,
2945 : "cannot guarantee tail call due to mismatched ABI impacting "
2946 : "function attributes",
2947 : &CI, CI.getOperand(I));
2948 : }
2949 :
2950 : // - The call must immediately precede a :ref:`ret <i_ret>` instruction,
2951 29426 : // or a pointer bitcast followed by a ret instruction.
2952 58852 : // - The ret instruction must return the (possibly bitcasted) value
2953 29426 : // produced by the call or void.
2954 : Value *RetVal = &CI;
2955 : Instruction *Next = CI.getNextNode();
2956 :
2957 1109 : // Handle the optional bitcast.
2958 1109 : if (BitCastInst *BI = dyn_cast_or_null<BitCastInst>(Next)) {
2959 1110 : Assert(BI->getOperand(0) == RetVal,
2960 2196 : "bitcast following musttail call must use the call", BI);
2961 1091 : RetVal = BI;
2962 : Next = BI->getNextNode();
2963 : }
2964 :
2965 : // Check the return.
2966 5695 : ReturnInst *Ret = dyn_cast_or_null<ReturnInst>(Next);
2967 : Assert(Ret, "musttail call must precede a ret with an optional bitcast",
2968 5695 : &CI);
2969 : Assert(!Ret->getReturnValue() || Ret->getReturnValue() == RetVal,
2970 11390 : "musttail call result must be returned", Ret);
2971 : }
2972 :
2973 : void Verifier::visitCallInst(CallInst &CI) {
2974 : verifyCallSite(&CI);
2975 :
2976 : if (CI.isMustTailCall())
2977 : verifyMustTailCall(CI);
2978 0 : }
2979 0 :
2980 : void Verifier::visitInvokeInst(InvokeInst &II) {
2981 : verifyCallSite(&II);
2982 5695 :
2983 : // Verify that the first non-PHI instruction of the unwind destination is an
2984 0 : // exception handling instruction.
2985 : Assert(
2986 5697 : II.getUnwindDest()->isEHPad(),
2987 : "The unwind destination does not have an exception handling instruction!",
2988 : &II);
2989 5694 :
2990 : visitTerminator(II);
2991 79 : }
2992 :
2993 : /// visitBinaryOperator - Check that both arguments to the binary operator are
2994 : /// of the same type!
2995 : ///
2996 5693 : void Verifier::visitBinaryOperator(BinaryOperator &B) {
2997 505 : Assert(B.getOperand(0)->getType() == B.getOperand(1)->getType(),
2998 : "Both operands to a binary operator are not of the same type!", &B);
2999 11386 :
3000 : switch (B.getOpcode()) {
3001 1084 : // Check that integer arithmetic operators are only used with
3002 : // integral operands.
3003 : case Instruction::Add:
3004 : case Instruction::Sub:
3005 5693 : case Instruction::Mul:
3006 33 : case Instruction::SDiv:
3007 : case Instruction::UDiv:
3008 : case Instruction::SRem:
3009 : case Instruction::URem:
3010 : Assert(B.getType()->isIntOrIntVectorTy(),
3011 8996 : "Integer arithmetic operators only work with integral types!", &B);
3012 8996 : Assert(B.getType() == B.getOperand(0)->getType(),
3013 8996 : "Integer arithmetic operators must have same type "
3014 8925 : "for operands and result!",
3015 24229 : &B);
3016 0 : break;
3017 : // Check that floating-point arithmetic operators are only used with
3018 : // floating-point operands.
3019 8996 : case Instruction::FAdd:
3020 : case Instruction::FSub:
3021 : case Instruction::FMul:
3022 : case Instruction::FDiv:
3023 9470 : case Instruction::FRem:
3024 9472 : Assert(B.getType()->isFPOrFPVectorTy(),
3025 : "Floating-point arithmetic operators only work with "
3026 9470 : "floating-point types!",
3027 711 : &B);
3028 : Assert(B.getType() == B.getOperand(0)->getType(),
3029 : "Floating-point arithmetic operators must have same type "
3030 711 : "for operands and result!",
3031 688 : &B);
3032 : break;
3033 688 : // Check that logical operators are only used with integral operands.
3034 23 : case Instruction::And:
3035 : case Instruction::Or:
3036 23 : case Instruction::Xor:
3037 : Assert(B.getType()->isIntOrIntVectorTy(),
3038 711 : "Logical operators only work with integral types!", &B);
3039 710 : Assert(B.getType() == B.getOperand(0)->getType(),
3040 : "Logical operators must have same type for operands and result!",
3041 : &B);
3042 : break;
3043 : case Instruction::Shl:
3044 8725 : case Instruction::LShr:
3045 8725 : case Instruction::AShr:
3046 8725 : Assert(B.getType()->isIntOrIntVectorTy(),
3047 : "Shifts only work with integral types!", &B);
3048 : Assert(B.getType() == B.getOperand(0)->getType(),
3049 : "Shift return type must be same as operands!", &B);
3050 8725 : break;
3051 : default:
3052 8725 : llvm_unreachable("Unknown BinaryOperator opcode!");
3053 : }
3054 :
3055 8725 : visitInstruction(B);
3056 : }
3057 :
3058 8725 : void Verifier::visitICmpInst(ICmpInst &IC) {
3059 7137 : // Check that the operands are the same type
3060 7581 : Type *Op0Ty = IC.getOperand(0)->getType();
3061 : Type *Op1Ty = IC.getOperand(1)->getType();
3062 444 : Assert(Op0Ty == Op1Ty,
3063 : "Both operands to ICmp instruction are not of the same type!", &IC);
3064 : // Check that the operands are the right type
3065 : Assert(Op0Ty->isIntOrIntVectorTy() || Op0Ty->isPtrOrPtrVectorTy(),
3066 8725 : "Invalid operand types for ICmp instruction", &IC);
3067 2896 : // Check that the predicate is valid.
3068 4483 : Assert(IC.isIntPredicate(),
3069 1683 : "Invalid predicate in ICmp instruction!", &IC);
3070 :
3071 : visitInstruction(IC);
3072 : }
3073 :
3074 : void Verifier::visitFCmpInst(FCmpInst &FC) {
3075 8723 : // Check that the operands are the same type
3076 4222 : Type *Op0Ty = FC.getOperand(0)->getType();
3077 8345 : Type *Op1Ty = FC.getOperand(1)->getType();
3078 4125 : Assert(Op0Ty == Op1Ty,
3079 : "Both operands to FCmp instruction are not of the same type!", &FC);
3080 : // Check that the operands are the right type
3081 : Assert(Op0Ty->isFPOrFPVectorTy(),
3082 8722 : "Invalid operand types for FCmp instruction", &FC);
3083 2114 : // Check that the predicate is valid.
3084 3151 : Assert(FC.isFPPredicate(),
3085 1037 : "Invalid predicate in FCmp instruction!", &FC);
3086 :
3087 : visitInstruction(FC);
3088 : }
3089 8722 :
3090 78 : void Verifier::visitExtractElementInst(ExtractElementInst &EI) {
3091 1513 : Assert(
3092 1435 : ExtractElementInst::isValidOperands(EI.getOperand(0), EI.getOperand(1)),
3093 : "Invalid extractelement operands!", &EI);
3094 : visitInstruction(EI);
3095 8722 : }
3096 :
3097 : void Verifier::visitInsertElementInst(InsertElementInst &IE) {
3098 14742 : Assert(InsertElementInst::isValidOperands(IE.getOperand(0), IE.getOperand(1),
3099 14764 : IE.getOperand(2)),
3100 0 : "Invalid insertelement operands!", &IE);
3101 14742 : visitInstruction(IE);
3102 14047 : }
3103 :
3104 698 : void Verifier::visitShuffleVectorInst(ShuffleVectorInst &SV) {
3105 14738 : Assert(ShuffleVectorInst::isValidOperands(SV.getOperand(0), SV.getOperand(1),
3106 14014 : SV.getOperand(2)),
3107 0 : "Invalid shufflevector operands!", &SV);
3108 : visitInstruction(SV);
3109 : }
3110 604 :
3111 14735 : void Verifier::visitGetElementPtrInst(GetElementPtrInst &GEP) {
3112 1548 : Type *TargetTy = GEP.getPointerOperandType()->getScalarType();
3113 :
3114 14735 : Assert(isa<PointerType>(TargetTy),
3115 10186 : "GEP base pointer is not a vector or a vector of pointers", &GEP);
3116 10186 : Assert(GEP.getSourceElementType()->isSized(), "GEP into unsized type!", &GEP);
3117 15315 :
3118 5129 : SmallVector<Value*, 16> Idxs(GEP.idx_begin(), GEP.idx_end());
3119 : Assert(all_of(
3120 : Idxs, [](Value* V) { return V->getType()->isIntOrIntVectorTy(); }),
3121 : "GEP indexes must be integers", &GEP);
3122 : Type *ElTy =
3123 14735 : GetElementPtrInst::getIndexedType(GEP.getSourceElementType(), Idxs);
3124 : Assert(ElTy, "Invalid indices for GEP pointer type!", &GEP);
3125 :
3126 14735 : Assert(GEP.getType()->isPtrOrPtrVectorTy() &&
3127 14735 : GEP.getResultElementType() == ElTy,
3128 : "GEP is not of right type for indices!", &GEP, ElTy);
3129 11544 :
3130 11544 : if (GEP.getType()->isVectorTy()) {
3131 11531 : // Additional checks for vector GEPs.
3132 : unsigned GEPWidth = GEP.getType()->getVectorNumElements();
3133 : if (GEP.getPointerOperandType()->isVectorTy())
3134 3191 : Assert(GEPWidth == GEP.getPointerOperandType()->getVectorNumElements(),
3135 : "Vector GEP result width doesn't match operand's", &GEP);
3136 : for (Value *Idx : Idxs) {
3137 14722 : Type *IndexTy = Idx->getType();
3138 32 : if (IndexTy->isVectorTy()) {
3139 33 : unsigned IndexWidth = IndexTy->getVectorNumElements();
3140 67 : Assert(IndexWidth == GEPWidth, "Invalid GEP index vector width", &GEP);
3141 38 : }
3142 : Assert(IndexTy->isIntOrIntVectorTy(),
3143 : "All GEP indices should be of integer type");
3144 : }
3145 14721 : }
3146 57 :
3147 : if (auto *PTy = dyn_cast<PointerType>(GEP.getType())) {
3148 : Assert(GEP.getAddressSpace() == PTy->getAddressSpace(),
3149 : "GEP address space doesn't match type", &GEP);
3150 5550 : }
3151 5550 :
3152 5550 : visitInstruction(GEP);
3153 : }
3154 :
3155 2989 : static bool isContiguous(const ConstantRange &A, const ConstantRange &B) {
3156 : return A.getUpper() == B.getLower() || A.getLower() == B.getUpper();
3157 : }
3158 4504 :
3159 4504 : void Verifier::visitRangeMetadata(Instruction &I, MDNode *Range, Type *Ty) {
3160 : assert(Range && Range == I.getMetadata(LLVMContext::MD_range) &&
3161 4504 : "precondition violation");
3162 :
3163 : unsigned NumOperands = Range->getNumOperands();
3164 : Assert(NumOperands % 2 == 0, "Unfinished range!", Range);
3165 : unsigned NumRanges = NumOperands / 2;
3166 1046 : Assert(NumRanges >= 1, "It should have at least one range!", Range);
3167 :
3168 : ConstantRange LastRange(1); // Dummy initial value
3169 502 : for (unsigned i = 0; i < NumRanges; ++i) {
3170 502 : ConstantInt *Low =
3171 502 : mdconst::dyn_extract<ConstantInt>(Range->getOperand(2 * i));
3172 0 : Assert(Low, "The lower limit must be an integer!", Low);
3173 : ConstantInt *High =
3174 : mdconst::dyn_extract<ConstantInt>(Range->getOperand(2 * i + 1));
3175 1484 : Assert(High, "The upper limit must be an integer!", High);
3176 2968 : Assert(High->getType() == Low->getType() && High->getType() == Ty,
3177 : "Range types must match instruction type!", &I);
3178 :
3179 1484 : APInt HighV = High->getValue();
3180 : APInt LowV = Low->getValue();
3181 : ConstantRange CurRange(LowV, HighV);
3182 : Assert(!CurRange.isEmptySet() && !CurRange.isFullSet(),
3183 : "Range must not be empty!", Range);
3184 : if (i != 0) {
3185 98 : Assert(CurRange.intersectWith(LastRange).isEmptySet(),
3186 98 : "Intervals are overlapping", Range);
3187 : Assert(LowV.sgt(LastRange.getLower()), "Intervals are not in order",
3188 98 : Range);
3189 98 : Assert(!isContiguous(CurRange, LastRange), "Intervals are contiguous",
3190 : Range);
3191 98 : }
3192 84 : LastRange = ConstantRange(LowV, HighV);
3193 214 : }
3194 130 : if (NumRanges > 2) {
3195 : APInt FirstLow =
3196 : mdconst::dyn_extract<ConstantInt>(Range->getOperand(0))->getValue();
3197 : APInt FirstHigh =
3198 : mdconst::dyn_extract<ConstantInt>(Range->getOperand(1))->getValue();
3199 162 : ConstantRange FirstRange(FirstLow, FirstHigh);
3200 162 : Assert(FirstRange.intersectWith(LastRange).isEmptySet(),
3201 162 : "Intervals are overlapping", Range);
3202 : Assert(!isContiguous(FirstRange, LastRange), "Intervals are contiguous",
3203 : Range);
3204 888 : }
3205 0 : }
3206 :
3207 : void Verifier::checkAtomicMemAccessSize(Type *Ty, const Instruction *I) {
3208 440 : unsigned Size = DL.getTypeSizeInBits(Ty);
3209 440 : Assert(Size >= 8, "atomic memory access' size must be byte-sized", Ty, I);
3210 : Assert(!(Size & (Size - 1)),
3211 440 : "atomic memory access' operand must have a power-of-two size", Ty, I);
3212 : }
3213 :
3214 : void Verifier::visitLoadInst(LoadInst &LI) {
3215 448 : PointerType *PTy = dyn_cast<PointerType>(LI.getOperand(0)->getType());
3216 : Assert(PTy, "Load operand must be a pointer.", &LI);
3217 448 : Type *ElTy = LI.getType();
3218 : Assert(LI.getAlignment() <= Value::MaximumAlignment,
3219 896 : "huge alignment values are unsupported", &LI);
3220 : Assert(ElTy->isSized(), "loading unsized types is not allowed", &LI);
3221 : if (LI.isAtomic()) {
3222 : Assert(LI.getOrdering() != AtomicOrdering::Release &&
3223 : LI.getOrdering() != AtomicOrdering::AcquireRelease,
3224 : "Load cannot have Release ordering", &LI);
3225 25187 : Assert(LI.getAlignment() != 0,
3226 25187 : "Atomic load must specify explicit alignment", &LI);
3227 0 : Assert(ElTy->isIntOrPtrTy() || ElTy->isFloatingPointTy(),
3228 25187 : "atomic load operand must have integer, pointer, or floating point "
3229 22258 : "type!",
3230 : ElTy, &LI);
3231 : checkAtomicMemAccessSize(ElTy, &LI);
3232 11799 : } else {
3233 : Assert(LI.getSyncScopeID() == SyncScope::System,
3234 11799 : "Non-atomic load cannot have SynchronizationScope specified", &LI);
3235 : }
3236 11799 :
3237 11799 : visitInstruction(LI);
3238 12 : }
3239 11793 :
3240 11791 : void Verifier::visitStoreInst(StoreInst &SI) {
3241 330 : PointerType *PTy = dyn_cast<PointerType>(SI.getOperand(1)->getType());
3242 : Assert(PTy, "Store operand must be a pointer.", &SI);
3243 : Type *ElTy = PTy->getElementType();
3244 : Assert(ElTy == SI.getOperand(0)->getType(),
3245 : "Stored value type does not match pointer operand type!", &SI, ElTy);
3246 13388 : Assert(SI.getAlignment() <= Value::MaximumAlignment,
3247 : "huge alignment values are unsupported", &SI);
3248 13388 : Assert(ElTy->isSized(), "storing unsized types is not allowed", &SI);
3249 : if (SI.isAtomic()) {
3250 0 : Assert(SI.getOrdering() != AtomicOrdering::Acquire &&
3251 13388 : SI.getOrdering() != AtomicOrdering::AcquireRelease,
3252 13388 : "Store cannot have Acquire ordering", &SI);
3253 : Assert(SI.getAlignment() != 0,
3254 : "Atomic store must specify explicit alignment", &SI);
3255 : Assert(ElTy->isIntOrPtrTy() || ElTy->isFloatingPointTy(),
3256 85 : "atomic store operand must have integer, pointer, or floating point "
3257 85 : "type!",
3258 0 : ElTy, &SI);
3259 85 : checkAtomicMemAccessSize(ElTy, &SI);
3260 85 : } else {
3261 : Assert(SI.getSyncScopeID() == SyncScope::System,
3262 85 : "Non-atomic store cannot have SynchronizationScope specified", &SI);
3263 85 : }
3264 : visitInstruction(SI);
3265 : }
3266 :
3267 12389 : /// Check that SwiftErrorVal is used as a swifterror argument in CS.
3268 12389 : void Verifier::verifySwiftErrorCallSite(CallSite CS,
3269 : const Value *SwiftErrorVal) {
3270 : unsigned Idx = 0;
3271 7619 : for (CallSite::arg_iterator I = CS.arg_begin(), E = CS.arg_end();
3272 : I != E; ++I, ++Idx) {
3273 0 : if (*I == SwiftErrorVal) {
3274 : Assert(CS.paramHasAttr(Idx, Attribute::SwiftError),
3275 7619 : "swifterror value when used in a callsite should be marked "
3276 7619 : "with swifterror attribute",
3277 7619 : SwiftErrorVal, CS);
3278 7619 : }
3279 82 : }
3280 : }
3281 :
3282 : void Verifier::verifySwiftErrorValue(const Value *SwiftErrorVal) {
3283 106 : // Check that swifterror value is only used by loads, stores, or as
3284 106 : // a swifterror argument.
3285 106 : for (const User *U : SwiftErrorVal->users()) {
3286 0 : Assert(isa<LoadInst>(U) || isa<StoreInst>(U) || isa<CallInst>(U) ||
3287 106 : isa<InvokeInst>(U),
3288 80 : "swifterror value can only be loaded and stored from, or "
3289 : "as a swifterror argument!",
3290 : SwiftErrorVal, U);
3291 1103 : // If it is used by a store, check it is the second operand.
3292 2206 : if (auto StoreI = dyn_cast<StoreInst>(U))
3293 : Assert(StoreI->getOperand(1) == SwiftErrorVal,
3294 : "swifterror value should be the second operand when used "
3295 1103 : "by stores", SwiftErrorVal, U);
3296 0 : if (auto CallI = dyn_cast<CallInst>(U))
3297 0 : verifySwiftErrorCallSite(const_cast<CallInst*>(CallI), SwiftErrorVal);
3298 : if (auto II = dyn_cast<InvokeInst>(U))
3299 : verifySwiftErrorCallSite(const_cast<InvokeInst*>(II), SwiftErrorVal);
3300 : }
3301 32102 : }
3302 :
3303 : void Verifier::visitAllocaInst(AllocaInst &AI) {
3304 32102 : SmallPtrSet<Type*, 4> Visited;
3305 29051 : PointerType *PTy = AI.getType();
3306 : // TODO: Relax this restriction?
3307 : Assert(PTy->getAddressSpace() == DL.getAllocaAddrSpace(),
3308 : "Allocation instruction pointer not in the stack address space!",
3309 99154 : &AI);
3310 99154 : Assert(AI.getAllocatedType()->isSized(&Visited),
3311 99154 : "Cannot allocate unsized type", &AI);
3312 : Assert(AI.getArraySize()->getType()->isIntegerTy(),
3313 : "Alloca array size must have integer type", &AI);
3314 : Assert(AI.getAlignment() <= Value::MaximumAlignment,
3315 : "huge alignment values are unsupported", &AI);
3316 26804 :
3317 13695 : if (AI.isSwiftError()) {
3318 : verifySwiftErrorValue(&AI);
3319 6 : }
3320 :
3321 : visitInstruction(AI);
3322 : }
3323 :
3324 : void Verifier::visitAtomicCmpXchgInst(AtomicCmpXchgInst &CXI) {
3325 :
3326 99154 : // FIXME: more conditions???
3327 99154 : Assert(CXI.getSuccessOrdering() != AtomicOrdering::NotAtomic,
3328 99154 : "cmpxchg instructions must be atomic.", &CXI);
3329 : Assert(CXI.getFailureOrdering() != AtomicOrdering::NotAtomic,
3330 : "cmpxchg instructions must be atomic.", &CXI);
3331 : Assert(CXI.getSuccessOrdering() != AtomicOrdering::Unordered,
3332 : "cmpxchg instructions cannot be unordered.", &CXI);
3333 47146 : Assert(CXI.getFailureOrdering() != AtomicOrdering::Unordered,
3334 30919 : "cmpxchg instructions cannot be unordered.", &CXI);
3335 : Assert(!isStrongerThan(CXI.getFailureOrdering(), CXI.getSuccessOrdering()),
3336 : "cmpxchg instructions failure argument shall be no stronger than the "
3337 16243 : "success argument",
3338 16 : &CXI);
3339 : Assert(CXI.getFailureOrdering() != AtomicOrdering::Release &&
3340 : CXI.getFailureOrdering() != AtomicOrdering::AcquireRelease,
3341 1 : "cmpxchg failure ordering cannot include release semantics", &CXI);
3342 15 :
3343 2 : PointerType *PTy = dyn_cast<PointerType>(CXI.getOperand(0)->getType());
3344 : Assert(PTy, "First cmpxchg operand must be a pointer.", &CXI);
3345 2 : Type *ElTy = PTy->getElementType();
3346 : Assert(ElTy->isIntOrPtrTy(),
3347 : "cmpxchg operand must have integer or pointer type", ElTy, &CXI);
3348 15 : checkAtomicMemAccessSize(ElTy, &CXI);
3349 2 : Assert(ElTy == CXI.getOperand(1)->getType(),
3350 : "Expected value type does not match pointer operand type!", &CXI,
3351 : ElTy);
3352 1 : Assert(ElTy == CXI.getOperand(2)->getType(),
3353 : "Stored value type does not match pointer operand type!", &CXI, ElTy);
3354 : visitInstruction(CXI);
3355 : }
3356 :
3357 : void Verifier::visitAtomicRMWInst(AtomicRMWInst &RMWI) {
3358 30919 : Assert(RMWI.getOrdering() != AtomicOrdering::NotAtomic,
3359 : "atomicrmw instructions must be atomic.", &RMWI);
3360 : Assert(RMWI.getOrdering() != AtomicOrdering::Unordered,
3361 : "atomicrmw instructions cannot be unordered.", &RMWI);
3362 : auto Op = RMWI.getOperation();
3363 30932 : PointerType *PTy = dyn_cast<PointerType>(RMWI.getOperand(0)->getType());
3364 : Assert(PTy, "First atomicrmw operand must be a pointer.", &RMWI);
3365 : Type *ElTy = PTy->getElementType();
3366 30918 : Assert(ElTy->isIntegerTy(), "atomicrmw " +
3367 5 : AtomicRMWInst::getOperationName(Op) +
3368 : " operand must have integer type!",
3369 : &RMWI, ElTy);
3370 : checkAtomicMemAccessSize(ElTy, &RMWI);
3371 2 : Assert(ElTy == RMWI.getOperand(1)->getType(),
3372 : "Argument value type does not match pointer operand type!", &RMWI,
3373 : ElTy);
3374 : Assert(AtomicRMWInst::FIRST_BINOP <= Op && Op <= AtomicRMWInst::LAST_BINOP,
3375 30915 : "Invalid binary operation!", &RMWI);
3376 30915 : visitInstruction(RMWI);
3377 : }
3378 :
3379 : void Verifier::visitFenceInst(FenceInst &FI) {
3380 30913 : const AtomicOrdering Ordering = FI.getOrdering();
3381 : Assert(Ordering == AtomicOrdering::Acquire ||
3382 : Ordering == AtomicOrdering::Release ||
3383 : Ordering == AtomicOrdering::AcquireRelease ||
3384 : Ordering == AtomicOrdering::SequentiallyConsistent,
3385 : "fence instructions may only have acquire, release, acq_rel, or "
3386 : "seq_cst ordering.",
3387 1340 : &FI);
3388 2 : visitInstruction(FI);
3389 : }
3390 :
3391 : void Verifier::visitExtractValueInst(ExtractValueInst &EVI) {
3392 : Assert(ExtractValueInst::getIndexedType(EVI.getAggregateOperand()->getType(),
3393 : EVI.getIndices()) == EVI.getType(),
3394 19 : "Invalid ExtractValueInst operands!", &EVI);
3395 :
3396 : visitInstruction(EVI);
3397 : }
3398 20 :
3399 : void Verifier::visitInsertValueInst(InsertValueInst &IVI) {
3400 : Assert(ExtractValueInst::getIndexedType(IVI.getAggregateOperand()->getType(),
3401 17 : IVI.getIndices()) ==
3402 : IVI.getOperand(1)->getType(),
3403 : "Invalid InsertValueInst operands!", &IVI);
3404 :
3405 : visitInstruction(IVI);
3406 : }
3407 :
3408 16 : static Value *getParentPad(Value *EHPad) {
3409 16 : if (auto *FPI = dyn_cast<FuncletPadInst>(EHPad))
3410 : return FPI->getParentPad();
3411 :
3412 64 : return cast<CatchSwitchInst>(EHPad)->getParentPad();
3413 : }
3414 :
3415 4 : void Verifier::visitEHPadPredecessors(Instruction &I) {
3416 : assert(I.isEHPad());
3417 :
3418 : BasicBlock *BB = I.getParent();
3419 : Function *F = BB->getParent();
3420 :
3421 : Assert(BB != &F->getEntryBlock(), "EH pad cannot be in entry block.", &I);
3422 :
3423 : if (auto *LPI = dyn_cast<LandingPadInst>(&I)) {
3424 30907 : // The landingpad instruction defines its parent as a landing pad block. The
3425 30891 : // landing pad block may be branched to only by the unwind edge of an
3426 30891 : // invoke.
3427 : for (BasicBlock *PredBB : predecessors(BB)) {
3428 : const auto *II = dyn_cast<InvokeInst>(PredBB->getTerminator());
3429 : Assert(II && II->getUnwindDest() == BB && II->getNormalDest() != BB,
3430 30906 : "Block containing LandingPadInst must be jumped to "
3431 : "only by the unwind edge of an invoke.",
3432 10082 : LPI);
3433 0 : }
3434 : return;
3435 : }
3436 30906 : if (auto *CPI = dyn_cast<CatchPadInst>(&I)) {
3437 : if (!pred_empty(BB))
3438 : Assert(BB->getUniquePredecessor() == CPI->getCatchSwitch()->getParent(),
3439 : "Block containg CatchPadInst must be jumped to "
3440 18 : "only by its catchswitch.",
3441 : CPI);
3442 : Assert(BB != CPI->getCatchSwitch()->getUnwindDest(),
3443 : "Catchswitch cannot unwind to one of its catchpads",
3444 30905 : CPI->getCatchSwitch(), CPI);
3445 41 : return;
3446 33 : }
3447 :
3448 : // Verify that each pred has a legal terminator with a legal to/from EH
3449 : // pad relationship.
3450 33 : Instruction *ToPad = &I;
3451 : Value *ToPadParent = getParentPad(ToPad);
3452 : for (BasicBlock *PredBB : predecessors(BB)) {
3453 : Instruction *TI = PredBB->getTerminator();
3454 : Value *FromPad;
3455 : if (auto *II = dyn_cast<InvokeInst>(TI)) {
3456 : Assert(II->getUnwindDest() == BB && II->getNormalDest() != BB,
3457 33 : "EH pad must be jumped to via an unwind edge", ToPad, II);
3458 : if (auto Bundle = II->getOperandBundle(LLVMContext::OB_funclet))
3459 36 : FromPad = Bundle->Inputs[0];
3460 30 : else
3461 30 : FromPad = ConstantTokenNone::get(II->getContext());
3462 : } else if (auto *CRI = dyn_cast<CleanupReturnInst>(TI)) {
3463 60 : FromPad = CRI->getOperand(0);
3464 : Assert(FromPad != ToPadParent, "A cleanupret must exit its cleanup", CRI);
3465 : } else if (auto *CSI = dyn_cast<CatchSwitchInst>(TI)) {
3466 : FromPad = CSI;
3467 : } else {
3468 : Assert(false, "EH pad must be jumped to via an unwind edge", ToPad, TI);
3469 : }
3470 :
3471 : // The edge may exit from zero or more nested pads.
3472 : SmallSet<Value *, 8> Seen;
3473 : for (;; FromPad = getParentPad(FromPad)) {
3474 : Assert(FromPad != ToPad,
3475 : "EH pad cannot handle exceptions raised within it", FromPad, TI);
3476 : if (FromPad == ToPadParent) {
3477 : // This is a legal unwind edge.
3478 : break;
3479 : }
3480 : Assert(!isa<ConstantTokenNone>(FromPad),
3481 : "A single unwind edge may only enter one EH pad", TI);
3482 : Assert(Seen.insert(FromPad).second,
3483 : "EH pad jumps through a cycle of pads", FromPad);
3484 : }
3485 : }
3486 : }
3487 :
3488 : void Verifier::visitLandingPadInst(LandingPadInst &LPI) {
3489 : // The landingpad instruction is ill-formed if it doesn't have any clauses and
3490 : // isn't a cleanup.
3491 : Assert(LPI.getNumClauses() > 0 || LPI.isCleanup(),
3492 : "LandingPadInst needs at least one clause or to be a cleanup.", &LPI);
3493 :
3494 : visitEHPadPredecessors(LPI);
3495 :
3496 : if (!LandingPadResultTy)
3497 : LandingPadResultTy = LPI.getType();
3498 : else
3499 : Assert(LandingPadResultTy == LPI.getType(),
3500 : "The landingpad instruction should have a consistent result type "
3501 : "inside a function.",
3502 : &LPI);
3503 :
3504 : Function *F = LPI.getParent()->getParent();
3505 : Assert(F->hasPersonalityFn(),
3506 : "LandingPadInst needs to be in a function with a personality.", &LPI);
3507 :
3508 : // The landingpad instruction must be the first non-PHI instruction in the
3509 : // block.
3510 : Assert(LPI.getParent()->getLandingPadInst() == &LPI,
3511 : "LandingPadInst not the first non-PHI instruction in the block.",
3512 : &LPI);
3513 :
3514 : for (unsigned i = 0, e = LPI.getNumClauses(); i < e; ++i) {
3515 : Constant *Clause = LPI.getClause(i);
3516 : if (LPI.isCatch(i)) {
3517 : Assert(isa<PointerType>(Clause->getType()),
3518 : "Catch operand does not have pointer type!", &LPI);
3519 : } else {
3520 172314 : Assert(LPI.isFilter(i), "Clause is neither catch nor filter!", &LPI);
3521 : Assert(isa<ConstantArray>(Clause) || isa<ConstantAggregateZero>(Clause),
3522 : "Filter operand is not an array of constants!", &LPI);
3523 : }
3524 1177109 : }
3525 :
3526 5033012 : visitInstruction(LPI);
3527 3855904 : }
3528 :
3529 : void Verifier::visitResumeInst(ResumeInst &RI) {
3530 1520597 : Assert(RI.getFunction()->hasPersonalityFn(),
3531 1015476 : "ResumeInst needs to be in a function with a personality.", &RI);
3532 2 :
3533 : if (!LandingPadResultTy)
3534 : LandingPadResultTy = RI.getValue()->getType();
3535 1 : else
3536 : Assert(LandingPadResultTy == RI.getValue()->getType(),
3537 505121 : "The resume instruction should have a consistent result type "
3538 0 : "inside a function.",
3539 : &RI);
3540 :
3541 0 : visitTerminator(RI);
3542 : }
3543 :
3544 : void Verifier::visitCatchPadInst(CatchPadInst &CPI) {
3545 : BasicBlock *BB = CPI.getParent();
3546 :
3547 : Function *F = BB->getParent();
3548 2791611 : Assert(F->hasPersonalityFn(),
3549 : "CatchPadInst needs to be in a function with a personality.", &CPI);
3550 2791611 :
3551 2520991 : Assert(isa<CatchSwitchInst>(CPI.getParentPad()),
3552 : "CatchPadInst needs to be directly nested in a CatchSwitchInst.",
3553 270632 : CPI.getParentPad());
3554 :
3555 : // The catchpad instruction must be the first non-PHI instruction in the
3556 : // block.
3557 : Assert(BB->getFirstNonPHI() == &CPI,
3558 270632 : "CatchPadInst not the first non-PHI instruction in the block.", &CPI);
3559 270632 :
3560 535994 : visitEHPadPredecessors(CPI);
3561 265362 : visitFuncletPadInst(CPI);
3562 270632 : }
3563 270632 :
3564 : void Verifier::visitCatchReturnInst(CatchReturnInst &CatchReturn) {
3565 : Assert(isa<CatchPadInst>(CatchReturn.getOperand(0)),
3566 : "CatchReturnInst needs to be provided a CatchPad", &CatchReturn,
3567 270628 : CatchReturn.getOperand(0));
3568 :
3569 : visitTerminator(CatchReturn);
3570 : }
3571 :
3572 : void Verifier::visitCleanupPadInst(CleanupPadInst &CPI) {
3573 270627 : BasicBlock *BB = CPI.getParent();
3574 :
3575 : Function *F = BB->getParent();
3576 : Assert(F->hasPersonalityFn(),
3577 : "CleanupPadInst needs to be in a function with a personality.", &CPI);
3578 :
3579 270627 : // The cleanuppad instruction must be the first non-PHI instruction in the
3580 : // block.
3581 : Assert(BB->getFirstNonPHI() == &CPI,
3582 : "CleanupPadInst not the first non-PHI instruction in the block.",
3583 : &CPI);
3584 :
3585 270627 : auto *ParentPad = CPI.getParentPad();
3586 : Assert(isa<ConstantTokenNone>(ParentPad) || isa<FuncletPadInst>(ParentPad),
3587 : "CleanupPadInst has an invalid parent.", &CPI);
3588 :
3589 : visitEHPadPredecessors(CPI);
3590 : visitFuncletPadInst(CPI);
3591 270627 : }
3592 :
3593 : void Verifier::visitFuncletPadInst(FuncletPadInst &FPI) {
3594 : User *FirstUser = nullptr;
3595 : Value *FirstUnwindPad = nullptr;
3596 : SmallVector<FuncletPadInst *, 8> Worklist({&FPI});
3597 270626 : SmallSet<FuncletPadInst *, 8> Seen;
3598 :
3599 : while (!Worklist.empty()) {
3600 : FuncletPadInst *CurrentPad = Worklist.pop_back_val();
3601 : Assert(Seen.insert(CurrentPad).second,
3602 : "FuncletPadInst must not be nested within itself", CurrentPad);
3603 270625 : Value *UnresolvedAncestorPad = nullptr;
3604 : for (User *U : CurrentPad->users()) {
3605 : BasicBlock *UnwindDest;
3606 : if (auto *CRI = dyn_cast<CleanupReturnInst>(U)) {
3607 : UnwindDest = CRI->getUnwindDest();
3608 : } else if (auto *CSI = dyn_cast<CatchSwitchInst>(U)) {
3609 270625 : // We allow catchswitch unwind to caller to nest
3610 541252 : // within an outer pad that unwinds somewhere else,
3611 : // because catchswitch doesn't have a nounwind variant.
3612 : // See e.g. SimplifyCFGOpt::SimplifyUnreachable.
3613 : if (CSI->unwindsToCaller())
3614 : continue;
3615 : UnwindDest = CSI->getUnwindDest();
3616 : } else if (auto *II = dyn_cast<InvokeInst>(U)) {
3617 159435 : UnwindDest = II->getUnwindDest();
3618 1224 : } else if (isa<CallInst>(U)) {
3619 : // Calls which don't unwind may be found inside funclet
3620 : // pads that unwind somewhere else. We don't *require*
3621 : // such calls to be annotated nounwind.
3622 : continue;
3623 318868 : } else if (auto *CPI = dyn_cast<CleanupPadInst>(U)) {
3624 154755 : // The unwind dest for a cleanup can only be found by
3625 : // recursive search. Add it to the worklist, and we'll
3626 : // search for its first use that determines where it unwinds.
3627 : Worklist.push_back(CPI);
3628 : continue;
3629 111188 : } else {
3630 : Assert(isa<CatchReturnInst>(U), "Bogus funclet pad use", U);
3631 : continue;
3632 111188 : }
3633 :
3634 : Value *UnwindPad;
3635 : bool ExitsFPI;
3636 : if (UnwindDest) {
3637 : UnwindPad = UnwindDest->getFirstNonPHI();
3638 : if (!cast<Instruction>(UnwindPad)->isEHPad())
3639 : continue;
3640 : Value *UnwindParent = getParentPad(UnwindPad);
3641 1754631 : // Ignore unwind edges that don't exit CurrentPad.
3642 : if (UnwindParent == CurrentPad)
3643 1754631 : continue;
3644 848201 : // Determine whether the original funclet pad is exited,
3645 : // and if we are scanning nested pads determine how many
3646 : // of them are exited so we can stop searching their
3647 : // children.
3648 : Value *ExitedPad = CurrentPad;
3649 : ExitsFPI = false;
3650 : do {
3651 : if (ExitedPad == &FPI) {
3652 : ExitsFPI = true;
3653 984677 : // Now we can resolve any ancestors of CurrentPad up to
3654 984677 : // FPI, but not including FPI since we need to make sure
3655 : // to check all direct users of FPI for consistency.
3656 : UnresolvedAncestorPad = &FPI;
3657 : break;
3658 : }
3659 : Value *ExitedParent = getParentPad(ExitedPad);
3660 : if (ExitedParent == UnwindParent) {
3661 : // ExitedPad is the ancestor-most pad which this unwind
3662 : // edge exits, so we can resolve up to it, meaning that
3663 : // ExitedParent is the first ancestor still unresolved.
3664 : UnresolvedAncestorPad = ExitedParent;
3665 : break;
3666 984677 : }
3667 : ExitedPad = ExitedParent;
3668 : } while (!isa<ConstantTokenNone>(ExitedPad));
3669 : } else {
3670 : // Unwinding to caller exits all pads.
3671 : UnwindPad = ConstantTokenNone::get(FPI.getContext());
3672 1969354 : ExitsFPI = true;
3673 : UnresolvedAncestorPad = &FPI;
3674 : }
3675 2754976 :
3676 1770304 : if (ExitsFPI) {
3677 1770304 : // This unwind edge exits FPI. Make sure it agrees with other
3678 : // such edges.
3679 1770304 : if (FirstUser) {
3680 : Assert(UnwindPad == FirstUnwindPad, "Unwind edges out of a funclet "
3681 1770304 : "pad must have the same unwind "
3682 255 : "dest",
3683 : &FPI, U, FirstUser);
3684 : } else {
3685 : FirstUser = U;
3686 1770304 : FirstUnwindPad = UnwindPad;
3687 2316 : // Record cleanup sibling unwinds for verifySiblingFuncletUnwinds
3688 : if (isa<CleanupPadInst>(&FPI) && !isa<ConstantTokenNone>(UnwindPad) &&
3689 4632 : getParentPad(UnwindPad) == getParentPad(&FPI))
3690 : SiblingFuncletInfo[&FPI] = cast<Instruction>(U);
3691 : }
3692 : }
3693 : // Make sure we visit all uses of FPI, but for nested pads stop as
3694 : // soon as we know where they unwind to.
3695 1770304 : if (CurrentPad != &FPI)
3696 5269 : break;
3697 5268 : }
3698 : if (UnresolvedAncestorPad) {
3699 : if (CurrentPad == UnresolvedAncestorPad) {
3700 : // When CurrentPad is FPI itself, we don't mark it as resolved even if
3701 : // we've found an unwind edge that exits it, because we need to verify
3702 1770302 : // all direct uses of FPI.
3703 647 : assert(CurrentPad == &FPI);
3704 : continue;
3705 : }
3706 : // Pop off the worklist any nested pads that we've found an unwind
3707 1770301 : // destination for. The pads on the worklist are the uncles,
3708 997 : // great-uncles, etc. of CurrentPad. We've found an unwind destination
3709 : // for all ancestors of CurrentPad up to but not including
3710 : // UnresolvedAncestorPad.
3711 : Value *ResolvedPad = CurrentPad;
3712 : while (!Worklist.empty()) {
3713 1770300 : Value *UnclePad = Worklist.back();
3714 435 : Value *AncestorPad = getParentPad(UnclePad);
3715 : // Walk ResolvedPad up the ancestor list until we either find the
3716 : // uncle's parent or the last resolved ancestor.
3717 : while (ResolvedPad != AncestorPad) {
3718 : Value *ResolvedParent = getParentPad(ResolvedPad);
3719 984672 : if (ResolvedParent == UnresolvedAncestorPad) {
3720 : break;
3721 : }
3722 906477 : ResolvedPad = ResolvedParent;
3723 : }
3724 906477 : // If the resolved ancestor search didn't find the uncle's parent,
3725 : // then the uncle is not yet resolved.
3726 : if (ResolvedPad != AncestorPad)
3727 : break;
3728 906477 : // This uncle is resolved, so pop it from the worklist.
3729 : Worklist.pop_back();
3730 : }
3731 : }
3732 906476 : }
3733 :
3734 : if (FirstUnwindPad) {
3735 : if (auto *CatchSwitch = dyn_cast<CatchSwitchInst>(FPI.getParentPad())) {
3736 906475 : BasicBlock *SwitchUnwindDest = CatchSwitch->getUnwindDest();
3737 : Value *SwitchUnwindPad;
3738 : if (SwitchUnwindDest)
3739 : SwitchUnwindPad = SwitchUnwindDest->getFirstNonPHI();
3740 : else
3741 : SwitchUnwindPad = ConstantTokenNone::get(FPI.getContext());
3742 906475 : Assert(SwitchUnwindPad == FirstUnwindPad,
3743 : "Unwind edges out of a catch must have the same unwind dest as "
3744 : "the parent catchswitch",
3745 : &FPI, FirstUser, CatchSwitch);
3746 906475 : }
3747 : }
3748 :
3749 : visitInstruction(FPI);
3750 906474 : }
3751 73038 :
3752 : void Verifier::visitCatchSwitchInst(CatchSwitchInst &CatchSwitch) {
3753 : BasicBlock *BB = CatchSwitch.getParent();
3754 73038 :
3755 : Function *F = BB->getParent();
3756 : Assert(F->hasPersonalityFn(),
3757 73038 : "CatchSwitchInst needs to be in a function with a personality.",
3758 : &CatchSwitch);
3759 :
3760 : // The catchswitch instruction must be the first non-PHI instruction in the
3761 906474 : // block.
3762 19 : Assert(BB->getFirstNonPHI() == &CatchSwitch,
3763 19 : "CatchSwitchInst not the first non-PHI instruction in the block.",
3764 : &CatchSwitch);
3765 :
3766 : auto *ParentPad = CatchSwitch.getParentPad();
3767 906473 : Assert(isa<ConstantTokenNone>(ParentPad) || isa<FuncletPadInst>(ParentPad),
3768 : "CatchSwitchInst has an invalid parent.", ParentPad);
3769 83 :
3770 : if (BasicBlock *UnwindDest = CatchSwitch.getUnwindDest()) {
3771 : Instruction *I = UnwindDest->getFirstNonPHI();
3772 : Assert(I->isEHPad() && !isa<LandingPadInst>(I),
3773 : "CatchSwitchInst must unwind to an EH block which is not a "
3774 : "landingpad.",
3775 : &CatchSwitch);
3776 :
3777 : // Record catchswitch sibling unwinds for verifySiblingFuncletUnwinds
3778 : if (getParentPad(I) == ParentPad)
3779 : SiblingFuncletInfo[&CatchSwitch] = &CatchSwitch;
3780 : }
3781 :
3782 : Assert(CatchSwitch.getNumHandlers() != 0,
3783 : "CatchSwitchInst cannot have empty handler list", &CatchSwitch);
3784 :
3785 83 : for (BasicBlock *Handler : CatchSwitch.handlers()) {
3786 : Assert(isa<CatchPadInst>(Handler->getFirstNonPHI()),
3787 166 : "CatchSwitchInst handlers must be catchpads", &CatchSwitch, Handler);
3788 : }
3789 :
3790 81 : visitEHPadPredecessors(CatchSwitch);
3791 41 : visitTerminator(CatchSwitch);
3792 : }
3793 :
3794 : void Verifier::visitCleanupReturnInst(CleanupReturnInst &CRI) {
3795 1120488 : Assert(isa<CleanupPadInst>(CRI.getOperand(0)),
3796 : "CleanupReturnInst needs to be provided a CleanupPad", &CRI,
3797 1137678 : CRI.getOperand(0));
3798 17194 :
3799 1145 : if (BasicBlock *UnwindDest = CRI.getUnwindDest()) {
3800 1148 : Instruction *I = UnwindDest->getFirstNonPHI();
3801 : Assert(I->isEHPad() && !isa<LandingPadInst>(I),
3802 : "CleanupReturnInst must unwind to an EH block which is not a "
3803 : "landingpad.",
3804 1144 : &CRI);
3805 : }
3806 1144 :
3807 : visitTerminator(CRI);
3808 : }
3809 1143 :
3810 2 : void Verifier::verifyDominatesUse(Instruction &I, unsigned i) {
3811 : Instruction *Op = cast<Instruction>(I.getOperand(i));
3812 : // If the we have an invalid invoke, don't try to compute the dominance.
3813 : // We already reject it in the invoke specific checks and the dominance
3814 : // computation doesn't handle multiple edges.
3815 : if (InvokeInst *II = dyn_cast<InvokeInst>(Op)) {
3816 : if (II->getNormalDest() == II->getUnwindDest())
3817 2284 : return;
3818 : }
3819 1142 :
3820 : // Quick check whether the def has already been encountered in the same block.
3821 : // PHI nodes are not checked to prevent accepting preceeding PHIs, because PHI
3822 : // uses are defined to happen on the incoming edge, not at the instruction.
3823 : //
3824 : // FIXME: If this operand is a MetadataAsValue (wrapping a LocalAsMetadata)
3825 243249 : // wrapping an SSA value, assert that we've already encountered it. See
3826 243249 : // related FIXME in Mapper::mapLocalAsMetadata in ValueMapper.cpp.
3827 68987 : if (!isa<PHINode>(I) && InstsInThisBlock.count(Op))
3828 : return;
3829 :
3830 174262 : const Use &U = I.getOperandUse(i);
3831 : Assert(DT.dominates(Op, U),
3832 548056 : "Instruction does not dominate all uses!", Op, &I);
3833 : }
3834 :
3835 : void Verifier::visitDereferenceableMetadata(Instruction& I, MDNode* MD) {
3836 : Assert(I.getType()->isPointerTy(), "dereferenceable, dereferenceable_or_null "
3837 123207 : "apply only to pointer types", &I);
3838 : Assert(isa<LoadInst>(I),
3839 373794 : "dereferenceable, dereferenceable_or_null apply only to load"
3840 : " instructions, use attributes for calls or invokes", &I);
3841 : Assert(MD->getNumOperands() == 1, "dereferenceable, dereferenceable_or_null "
3842 97564 : "take one operand!", &I);
3843 : ConstantInt *CI = mdconst::dyn_extract<ConstantInt>(MD->getOperand(0));
3844 97564 : Assert(CI && CI->getType()->isIntegerTy(64), "dereferenceable, "
3845 : "dereferenceable_or_null metadata value must be an i64!", &I);
3846 : }
3847 :
3848 974740 : /// verifyInstruction - Verify that an instruction is well formed.
3849 422280 : ///
3850 422280 : void Verifier::visitInstruction(Instruction &I) {
3851 222748 : BasicBlock *BB = I.getParent();
3852 421586 : Assert(BB, "Instruction not embedded in basic block!", &I);
3853 :
3854 199532 : if (!isa<PHINode>(I)) { // Check that non-phi nodes are not self referential
3855 : for (User *U : I.users()) {
3856 : Assert(U != (User *)&I || !DT.isReachableFromEntry(BB),
3857 : "Only PHI nodes may reference their own value!", &I);
3858 : }
3859 123207 : }
3860 246414 :
3861 46663 : // Check that void typed values don't have names
3862 : Assert(!I.getType()->isVoidTy() || !I.hasName(),
3863 : "Instruction has a name, but provides a void value!", &I);
3864 :
3865 246414 : // Check that the return value of the instruction is either void or a legal
3866 : // value type.
3867 : Assert(I.getType()->isVoidTy() || I.getType()->isFirstClassType(),
3868 4930 : "Instruction returns a non-scalar type!", &I);
3869 1762 :
3870 : // Check that the instruction doesn't produce metadata. Calls are already
3871 : // checked against the callee type.
3872 4930 : Assert(!I.getType()->isMetadataTy() || isa<CallInst>(I) || isa<InvokeInst>(I),
3873 4930 : "Invalid use of metadata!", &I);
3874 :
3875 : // Check that all uses of the instruction, if they are instructions
3876 : // themselves, actually have parent basic blocks. If the use is not an
3877 : // instruction, it is an error!
3878 : for (Use &U : I.uses()) {
3879 0 : if (Instruction *Used = dyn_cast<Instruction>(U.getUser()))
3880 : Assert(Used->getParent() != nullptr,
3881 : "Instruction referencing"
3882 634131 : " instruction not embedded in a basic block!",
3883 : &I, Used);
3884 : else {
3885 : CheckFailed("Use of instruction is not an instruction!", U);
3886 702 : return;
3887 : }
3888 : }
3889 :
3890 : for (unsigned i = 0, e = I.getNumOperands(); i != e; ++i) {
3891 : Assert(I.getOperand(i) != nullptr, "Instruction has null operand!", &I);
3892 :
3893 703 : // Check to make sure that only first-class-values are operands to
3894 : // instructions.
3895 : if (!I.getOperand(i)->getType()->isFirstClassType()) {
3896 : Assert(false, "Instruction operands must be first-class values!", &I);
3897 : }
3898 :
3899 : if (Function *F = dyn_cast<Function>(I.getOperand(i))) {
3900 702 : // Check to make sure that the "address of" an intrinsic function is never
3901 : // taken.
3902 : Assert(
3903 : !F->isIntrinsic() ||
3904 702 : i == (isa<CallInst>(I) ? e - 1 : isa<InvokeInst>(I) ? e - 3 : 0),
3905 : "Cannot take the address of an intrinsic!", &I);
3906 : Assert(
3907 : !F->isIntrinsic() || isa<CallInst>(I) ||
3908 : F->getIntrinsicID() == Intrinsic::donothing ||
3909 : F->getIntrinsicID() == Intrinsic::coro_resume ||
3910 702 : F->getIntrinsicID() == Intrinsic::coro_destroy ||
3911 : F->getIntrinsicID() == Intrinsic::experimental_patchpoint_void ||
3912 : F->getIntrinsicID() == Intrinsic::experimental_patchpoint_i64 ||
3913 : F->getIntrinsicID() == Intrinsic::experimental_gc_statepoint,
3914 702 : "Cannot invoke an intrinsic other than donothing, patchpoint, "
3915 702 : "statepoint, coro_resume or coro_destroy",
3916 1404 : &I);
3917 : Assert(F->getParent() == &M, "Referencing function in another module!",
3918 : &I, &M, F, F->getParent());
3919 : } else if (BasicBlock *OpBB = dyn_cast<BasicBlock>(I.getOperand(i))) {
3920 : Assert(OpBB->getParent() == BB->getParent(),
3921 702 : "Referring to a basic block in another function!", &I);
3922 : } else if (Argument *OpArg = dyn_cast<Argument>(I.getOperand(i))) {
3923 : Assert(OpArg->getParent() == BB->getParent(),
3924 : "Referring to an argument in another function!", &I);
3925 702 : } else if (GlobalValue *GV = dyn_cast<GlobalValue>(I.getOperand(i))) {
3926 702 : Assert(GV->getParent() == &M, "Referencing global in another module!", &I,
3927 : &M, GV, GV->getParent());
3928 : } else if (isa<Instruction>(I.getOperand(i))) {
3929 : verifyDominatesUse(I, i);
3930 1404 : } else if (isa<InlineAsm>(I.getOperand(i))) {
3931 702 : Assert((i + 1 == e && isa<CallInst>(I)) ||
3932 6 : (i + 3 == e && isa<InvokeInst>(I)),
3933 : "Cannot take the address of an inline asm!", &I);
3934 : } else if (ConstantExpr *CE = dyn_cast<ConstantExpr>(I.getOperand(i))) {
3935 : if (CE->getType()->isPtrOrPtrVectorTy() ||
3936 12 : !DL.getNonIntegralAddressSpaces().empty()) {
3937 : // If we have a ConstantExpr pointer, we need to see if it came from an
3938 : // illegal bitcast. If the datalayout string specifies non-integral
3939 : // address spaces then we also need to check for illegal ptrtoint and
3940 : // inttoptr expressions.
3941 696 : visitConstantExprsRecursively(CE);
3942 : }
3943 : }
3944 : }
3945 702 :
3946 : if (MDNode *MD = I.getMetadata(LLVMContext::MD_fpmath)) {
3947 : Assert(I.getType()->isFPOrFPVectorTy(),
3948 702 : "fpmath requires a floating point result!", &I);
3949 : Assert(MD->getNumOperands() == 1, "fpmath takes one operand!", &I);
3950 : if (ConstantFP *CFP0 =
3951 : mdconst::dyn_extract_or_null<ConstantFP>(MD->getOperand(0))) {
3952 : const APFloat &Accuracy = CFP0->getValueAPF();
3953 806 : Assert(&Accuracy.getSemantics() == &APFloat::IEEEsingle(),
3954 104 : "fpmath accuracy must have float type", &I);
3955 104 : Assert(Accuracy.isFiniteNonZero() && !Accuracy.isNegative(),
3956 104 : "fpmath accuracy not a positive number!", &I);
3957 : } else {
3958 : Assert(false, "invalid fpmath accuracy!", &I);
3959 : }
3960 : }
3961 :
3962 : if (MDNode *Range = I.getMetadata(LLVMContext::MD_range)) {
3963 : Assert(isa<LoadInst>(I) || isa<CallInst>(I) || isa<InvokeInst>(I),
3964 702 : "Ranges are only for loads, calls and invokes!", &I);
3965 702 : visitRangeMetadata(I, Range, I.getType());
3966 : }
3967 :
3968 : if (I.getMetadata(LLVMContext::MD_nonnull)) {
3969 : Assert(I.getType()->isPointerTy(), "nonnull applies only to pointer types",
3970 702 : &I);
3971 702 : Assert(isa<LoadInst>(I),
3972 : "nonnull applies only to load instructions, use attributes"
3973 702 : " for calls or invokes",
3974 : &I);
3975 702 : }
3976 702 :
3977 : if (MDNode *MD = I.getMetadata(LLVMContext::MD_dereferenceable))
3978 : visitDereferenceableMetadata(I, MD);
3979 :
3980 701 : if (MDNode *MD = I.getMetadata(LLVMContext::MD_dereferenceable_or_null))
3981 701 : visitDereferenceableMetadata(I, MD);
3982 :
3983 : if (MDNode *TBAA = I.getMetadata(LLVMContext::MD_tbaa))
3984 : TBAAVerifyHelper.visitTBAAMetadata(I, TBAA);
3985 701 :
3986 701 : if (MDNode *AlignMD = I.getMetadata(LLVMContext::MD_align)) {
3987 701 : Assert(I.getType()->isPointerTy(), "align applies only to pointer types",
3988 : &I);
3989 : Assert(isa<LoadInst>(I), "align applies only to load instructions, "
3990 : "use attributes for calls or invokes", &I);
3991 : Assert(AlignMD->getNumOperands() == 1, "align takes one operand!", &I);
3992 : ConstantInt *CI = mdconst::dyn_extract<ConstantInt>(AlignMD->getOperand(0));
3993 1508 : Assert(CI && CI->getType()->isIntegerTy(64),
3994 807 : "align metadata value must be an i64!", &I);
3995 807 : uint64_t Align = CI->getZExtValue();
3996 : Assert(isPowerOf2_64(Align),
3997 0 : "align metadata value must be a power of 2!", &I);
3998 : Assert(Align <= Value::MaximumAlignment,
3999 : "alignment is larger that implementation defined limit", &I);
4000 : }
4001 :
4002 109 : if (MDNode *N = I.getDebugLoc().getAsMDNode()) {
4003 : AssertDI(isa<DILocation>(N), "invalid !dbg metadata attachment", &I, N);
4004 : visitMDNode(*N);
4005 698 : }
4006 :
4007 : if (auto *DII = dyn_cast<DbgVariableIntrinsic>(&I))
4008 : verifyFragmentExpression(*DII);
4009 :
4010 : InstsInThisBlock.insert(&I);
4011 : }
4012 :
4013 : /// Allow intrinsics to be verified in different ways.
4014 : void Verifier::visitIntrinsicCallSite(Intrinsic::ID ID, CallSite CS) {
4015 : Function *IF = CS.getCalledFunction();
4016 : Assert(IF->isDeclaration(), "Intrinsic functions should never be defined!",
4017 : IF);
4018 :
4019 : // Verify that the intrinsic prototype lines up with what the .td files
4020 99154 : // describe.
4021 99253 : FunctionType *IFTy = IF->getFunctionType();
4022 100 : bool IsVarArg = IFTy->isVarArg();
4023 100 :
4024 100 : SmallVector<Intrinsic::IITDescriptor, 8> Table;
4025 100 : getIntrinsicInfoTableEntries(ID, Table);
4026 : ArrayRef<Intrinsic::IITDescriptor> TableRef = Table;
4027 :
4028 : SmallVector<Type *, 4> ArgTys;
4029 : Assert(!Intrinsic::matchIntrinsicType(IFTy->getReturnType(),
4030 : TableRef, ArgTys),
4031 : "Intrinsic has incorrect return type!", IF);
4032 : for (unsigned i = 0, e = IFTy->getNumParams(); i != e; ++i)
4033 386 : Assert(!Intrinsic::matchIntrinsicType(IFTy->getParamType(i),
4034 : TableRef, ArgTys),
4035 : "Intrinsic has incorrect argument type!", IF);
4036 :
4037 : // Verify if the intrinsic call matches the vararg property.
4038 : if (IsVarArg)
4039 : Assert(!Intrinsic::matchIntrinsicVarArg(IsVarArg, TableRef),
4040 : "Intrinsic was not defined with variable arguments!", IF);
4041 386 : else
4042 : Assert(!Intrinsic::matchIntrinsicVarArg(IsVarArg, TableRef),
4043 : "Callsite was not defined with variable arguments!", IF);
4044 1120502 :
4045 : // All descriptors should be absorbed by now.
4046 : Assert(TableRef.empty(), "Intrinsic has too few arguments!", IF);
4047 1120871 :
4048 373 : // Now that we have the intrinsic ID and the actual argument types (and we
4049 373 : // know they are legal for the intrinsic!) get the intrinsic name through the
4050 43 : // usual means. This allows us to verify the mangling of argument types into
4051 330 : // the name.
4052 330 : const std::string ExpectedName = Intrinsic::getName(ID, ArgTys);
4053 : Assert(ExpectedName == IF->getName(),
4054 379 : "Intrinsic name not mangled correctly for type arguments! "
4055 379 : "Should be: " +
4056 : ExpectedName,
4057 4 : IF);
4058 :
4059 : // If the intrinsic takes MDNode arguments, verify that they are either global
4060 7 : // or are local to *this* function.
4061 7 : for (Value *V : CS.args())
4062 7 : if (auto *MD = dyn_cast<MetadataAsValue>(V))
4063 5 : visitMetadataAsValue(*MD, CS.getCaller());
4064 7 :
4065 7 : switch (ID) {
4066 8 : default:
4067 : break;
4068 : case Intrinsic::coro_id: {
4069 : auto *InfoArg = CS.getArgOperand(3)->stripPointerCasts();
4070 375 : if (isa<ConstantPointerNull>(InfoArg))
4071 : break;
4072 : auto *GV = dyn_cast<GlobalVariable>(InfoArg);
4073 339 : Assert(GV && GV->isConstant() && GV->hasDefinitiveInitializer(),
4074 339 : "info argument of llvm.coro.begin must refer to an initialized "
4075 339 : "constant");
4076 : Constant *Init = GV->getInitializer();
4077 49 : Assert(isa<ConstantStruct>(Init) || isa<ConstantArray>(Init),
4078 49 : "info argument of llvm.coro.begin must refer to either a struct or "
4079 : "an array");
4080 : break;
4081 : }
4082 326 : case Intrinsic::ctlz: // llvm.ctlz
4083 : case Intrinsic::cttz: // llvm.cttz
4084 : Assert(isa<ConstantInt>(CS.getArgOperand(1)),
4085 : "is_zero_undef argument of bit counting intrinsics must be a "
4086 : "constant int",
4087 : CS);
4088 1120502 : break;
4089 1120502 : case Intrinsic::experimental_constrained_fadd:
4090 : case Intrinsic::experimental_constrained_fsub:
4091 : case Intrinsic::experimental_constrained_fmul:
4092 1120502 : case Intrinsic::experimental_constrained_fdiv:
4093 1120502 : case Intrinsic::experimental_constrained_frem:
4094 : case Intrinsic::experimental_constrained_fma:
4095 2230857 : case Intrinsic::experimental_constrained_sqrt:
4096 : case Intrinsic::experimental_constrained_pow:
4097 : case Intrinsic::experimental_constrained_powi:
4098 1120502 : case Intrinsic::experimental_constrained_sin:
4099 2241004 : case Intrinsic::experimental_constrained_cos:
4100 : case Intrinsic::experimental_constrained_exp:
4101 : case Intrinsic::experimental_constrained_exp2:
4102 383635 : case Intrinsic::experimental_constrained_log:
4103 : case Intrinsic::experimental_constrained_log10:
4104 : case Intrinsic::experimental_constrained_log2:
4105 : case Intrinsic::experimental_constrained_rint:
4106 1120502 : case Intrinsic::experimental_constrained_nearbyint:
4107 : visitConstrainedFPIntrinsic(
4108 : cast<ConstrainedFPIntrinsic>(*CS.getInstruction()));
4109 1120502 : break;
4110 : case Intrinsic::dbg_declare: // llvm.dbg.declare
4111 1120502 : Assert(isa<MetadataAsValue>(CS.getArgOperand(0)),
4112 : "invalid llvm.dbg.declare intrinsic call 1", CS);
4113 : visitDbgIntrinsic("declare", cast<DbgVariableIntrinsic>(*CS.getInstruction()));
4114 : break;
4115 1120502 : case Intrinsic::dbg_addr: // llvm.dbg.addr
4116 : visitDbgIntrinsic("addr", cast<DbgVariableIntrinsic>(*CS.getInstruction()));
4117 : break;
4118 : case Intrinsic::dbg_value: // llvm.dbg.value
4119 : visitDbgIntrinsic("value", cast<DbgVariableIntrinsic>(*CS.getInstruction()));
4120 1120502 : break;
4121 : case Intrinsic::dbg_label: // llvm.dbg.label
4122 : visitDbgLabelIntrinsic("label", cast<DbgLabelInst>(*CS.getInstruction()));
4123 : break;
4124 : case Intrinsic::memcpy:
4125 : case Intrinsic::memmove:
4126 1120500 : case Intrinsic::memset: {
4127 : const auto *MI = cast<MemIntrinsic>(CS.getInstruction());
4128 : auto IsValidAlignment = [&](unsigned Alignment) -> bool {
4129 : return Alignment == 0 || isPowerOf2_32(Alignment);
4130 : };
4131 : Assert(IsValidAlignment(MI->getDestAlignment()),
4132 59192 : "alignment of arg 0 of memory intrinsic must be 0 or a power of 2",
4133 : CS);
4134 : if (const auto *MTI = dyn_cast<MemTransferInst>(MI)) {
4135 : Assert(IsValidAlignment(MTI->getSourceAlignment()),
4136 : "alignment of arg 1 of memory intrinsic must be 0 or a power of 2",
4137 : CS);
4138 : }
4139 : Assert(isa<ConstantInt>(CS.getArgOperand(3)),
4140 64925 : "isvolatile argument of memory intrinsics must be a constant int",
4141 : CS);
4142 : break;
4143 : }
4144 : case Intrinsic::memcpy_element_unordered_atomic:
4145 : case Intrinsic::memmove_element_unordered_atomic:
4146 : case Intrinsic::memset_element_unordered_atomic: {
4147 : const auto *AMI = cast<AtomicMemIntrinsic>(CS.getInstruction());
4148 68917 :
4149 : ConstantInt *ElementSizeCI =
4150 : dyn_cast<ConstantInt>(AMI->getRawElementSizeInBytes());
4151 : Assert(ElementSizeCI,
4152 : "element size of the element-wise unordered atomic memory "
4153 : "intrinsic must be a constant int",
4154 1120491 : CS);
4155 2013248 : const APInt &ElementSizeVal = ElementSizeCI->getValue();
4156 : Assert(ElementSizeVal.isPowerOf2(),
4157 : "element size of the element-wise atomic memory intrinsic "
4158 : "must be a power of 2",
4159 3078523 : CS);
4160 3916068 :
4161 : if (auto *LengthCI = dyn_cast<ConstantInt>(AMI->getLength())) {
4162 : uint64_t Length = LengthCI->getZExtValue();
4163 0 : uint64_t ElementSize = AMI->getElementSizeInBytes();
4164 : Assert((Length % ElementSize) == 0,
4165 1958034 : "constant length must be a multiple of the element size in the "
4166 1571700 : "element-wise atomic memory intrinsic",
4167 : CS);
4168 1571700 : }
4169 :
4170 : auto IsValidAlignment = [&](uint64_t Alignment) {
4171 : return isPowerOf2_64(Alignment) && ElementSizeVal.ule(Alignment);
4172 : };
4173 1958032 : uint64_t DstAlignment = AMI->getDestAlignment();
4174 563 : Assert(IsValidAlignment(DstAlignment),
4175 : "incorrect alignment of the destination argument", CS);
4176 : if (const auto *AMT = dyn_cast<AtomicMemTransferInst>(AMI)) {
4177 : uint64_t SrcAlignment = AMT->getSourceAlignment();
4178 : Assert(IsValidAlignment(SrcAlignment),
4179 1120489 : "incorrect alignment of the source argument", CS);
4180 921819 : }
4181 : break;
4182 : }
4183 : case Intrinsic::gcroot:
4184 : case Intrinsic::gcwrite:
4185 1120488 : case Intrinsic::gcread:
4186 : if (ID == Intrinsic::gcroot) {
4187 1120488 : AllocaInst *AI =
4188 : dyn_cast<AllocaInst>(CS.getArgOperand(0)->stripPointerCasts());
4189 : Assert(AI, "llvm.gcroot parameter #1 must be an alloca.", CS);
4190 1120488 : Assert(isa<Constant>(CS.getArgOperand(1)),
4191 4014 : "llvm.gcroot parameter #2 must be a constant.", CS);
4192 4014 : if (!AI->getAllocatedType()->isPointerTy()) {
4193 3744 : Assert(!isa<ConstantPointerNull>(CS.getArgOperand(1)),
4194 : "llvm.gcroot parameter #1 must either be a pointer alloca, "
4195 : "or argument #2 must be a non-null constant.",
4196 : CS);
4197 : }
4198 1120487 : }
4199 :
4200 223 : Assert(CS.getParent()->getParent()->hasGC(),
4201 : "Enclosing function does not use GC.", CS);
4202 1120264 : break;
4203 294694 : case Intrinsic::init_trampoline:
4204 86 : Assert(isa<Function>(CS.getArgOperand(1)->stripPointerCasts()),
4205 : "llvm.init_trampoline parameter #2 must resolve to a function.",
4206 85 : CS);
4207 : break;
4208 : case Intrinsic::prefetch:
4209 : Assert(isa<ConstantInt>(CS.getArgOperand(1)) &&
4210 84 : isa<ConstantInt>(CS.getArgOperand(2)) &&
4211 : cast<ConstantInt>(CS.getArgOperand(1))->getZExtValue() < 2 &&
4212 294608 : cast<ConstantInt>(CS.getArgOperand(2))->getZExtValue() < 4,
4213 : "invalid arguments to llvm.prefetch", CS);
4214 : break;
4215 : case Intrinsic::stackprotector:
4216 : Assert(isa<AllocaInst>(CS.getArgOperand(1)->stripPointerCasts()),
4217 825660 : "llvm.stackprotector parameter #2 must resolve to an alloca.", CS);
4218 : break;
4219 : case Intrinsic::lifetime_start:
4220 825653 : case Intrinsic::lifetime_end:
4221 825653 : case Intrinsic::invariant_start:
4222 : Assert(isa<ConstantInt>(CS.getArgOperand(0)),
4223 : "size argument of memory use markers must be a constant integer",
4224 : CS);
4225 1651304 : break;
4226 0 : case Intrinsic::invariant_end:
4227 : Assert(isa<ConstantInt>(CS.getArgOperand(1)),
4228 : "llvm.invariant.end parameter #2 must be a constant integer", CS);
4229 : break;
4230 :
4231 : case Intrinsic::localescape: {
4232 842754 : BasicBlock *BB = CS.getParent();
4233 : Assert(BB == &BB->getParent()->front(),
4234 17107 : "llvm.localescape used outside of entry block", CS);
4235 : Assert(!SawFrameEscape,
4236 : "multiple calls to llvm.localescape in one function", CS);
4237 10155 : for (Value *Arg : CS.args()) {
4238 10155 : if (isa<ConstantPointerNull>(Arg))
4239 10158 : continue; // Null values are allowed as placeholders.
4240 : auto *AI = dyn_cast<AllocaInst>(Arg->stripPointerCasts());
4241 20308 : Assert(AI && AI->isStaticAlloca(),
4242 : "llvm.localescape only accepts static allocas", CS);
4243 10153 : }
4244 10153 : FrameEscapeInfo[BB->getParent()].first = CS.getNumArgOperands();
4245 10153 : SawFrameEscape = true;
4246 : break;
4247 10151 : }
4248 10151 : case Intrinsic::localrecover: {
4249 : Value *FnArg = CS.getArgOperand(0)->stripPointerCasts();
4250 1144 : Function *Fn = dyn_cast<Function>(FnArg);
4251 1144 : Assert(Fn && !Fn->isDeclaration(),
4252 1144 : "llvm.localrecover first "
4253 : "argument must be function defined in this module",
4254 : CS);
4255 : auto *IdxArg = dyn_cast<ConstantInt>(CS.getArgOperand(2));
4256 : Assert(IdxArg, "idx argument of llvm.localrecover must be a constant int",
4257 : CS);
4258 17102 : auto &Entry = FrameEscapeInfo[Fn];
4259 : Entry.second = unsigned(
4260 : std::max(uint64_t(Entry.second), IdxArg->getLimitedValue(~0U) + 1));
4261 : break;
4262 : }
4263 :
4264 : case Intrinsic::experimental_gc_statepoint:
4265 : Assert(!CS.isInlineAsm(),
4266 1120477 : "gc.statepoint support for inline assembly unimplemented", CS);
4267 : Assert(CS.getParent()->getParent()->hasGC(),
4268 198227 : "Enclosing function does not use GC.", CS);
4269 2 :
4270 : verifyStatepoint(CS);
4271 : break;
4272 1120476 : case Intrinsic::experimental_gc_result: {
4273 1120476 : Assert(CS.getParent()->getParent()->hasGC(),
4274 1120476 : "Enclosing function does not use GC.", CS);
4275 : // Are we tied to a statepoint properly?
4276 : CallSite StatepointCS(CS.getArgOperand(0));
4277 : const Function *StatepointFn =
4278 : StatepointCS.getInstruction() ? StatepointCS.getCalledFunction() : nullptr;
4279 : Assert(StatepointFn && StatepointFn->isDeclaration() &&
4280 : StatepointFn->getIntrinsicID() ==
4281 : Intrinsic::experimental_gc_statepoint,
4282 : "gc.result operand #1 must be from a statepoint", CS,
4283 32056 : CS.getArgOperand(0));
4284 148753 :
4285 : // Assert that result type matches wrapped callee.
4286 : const Value *Target = StatepointCS.getArgument(2);
4287 : auto *PT = cast<PointerType>(Target->getType());
4288 126847 : auto *TargetFuncType = cast<FunctionType>(PT->getElementType());
4289 126847 : Assert(CS.getType() == TargetFuncType->getReturnType(),
4290 117139 : "gc.result result type does not match wrapped callee", CS);
4291 95045 : break;
4292 : }
4293 : case Intrinsic::experimental_gc_relocate: {
4294 40643 : Assert(CS.getNumArgOperands() == 3, "wrong number of arguments", CS);
4295 40647 :
4296 : Assert(isa<PointerType>(CS.getType()->getScalarType()),
4297 : "gc.relocate must return a pointer or a vector of pointers", CS);
4298 40642 :
4299 40642 : // Check that this relocate is correctly tied to the statepoint
4300 27169 :
4301 : // This is case for relocate on the unwinding path of an invoke statepoint
4302 13473 : if (LandingPadInst *LandingPad =
4303 : dyn_cast<LandingPadInst>(CS.getArgOperand(0))) {
4304 :
4305 : const BasicBlock *InvokeBB =
4306 13473 : LandingPad->getParent()->getUniquePredecessor();
4307 3766 :
4308 : // Landingpad relocates should have only one predecessor with invoke
4309 : // statepoint terminator
4310 9707 : Assert(InvokeBB, "safepoints should have unique landingpads",
4311 : LandingPad->getParent());
4312 : Assert(InvokeBB->getTerminator(), "safepoint block should be well formed",
4313 : InvokeBB);
4314 : Assert(isStatepoint(InvokeBB->getTerminator()),
4315 : "gc relocate should be linked to a statepoint", InvokeBB);
4316 : }
4317 : else {
4318 1215275 : // In all other cases relocate should be tied to the statepoint directly.
4319 1215275 : // This covers relocates on a normal return path of invoke statepoint and
4320 : // relocates of a call statepoint.
4321 : auto Token = CS.getArgOperand(0);
4322 1215275 : Assert(isa<Instruction>(Token) && isStatepoint(cast<Instruction>(Token)),
4323 : "gc relocate is incorrectly tied to the statepoint", CS, Token);
4324 : }
4325 :
4326 1215275 : // Verify rest of the relocate arguments.
4327 61273 :
4328 : ImmutableCallSite StatepointCS(
4329 : cast<GCRelocateInst>(*CS.getInstruction()).getStatepoint());
4330 207578 :
4331 : // Both the base and derived must be piped through the safepoint.
4332 85033 : Value* Base = CS.getArgOperand(1);
4333 : Assert(isa<ConstantInt>(Base),
4334 : "gc.relocate operand #2 must be integer offset", CS);
4335 :
4336 170066 : Value* Derived = CS.getArgOperand(2);
4337 : Assert(isa<ConstantInt>(Derived),
4338 : "gc.relocate operand #3 must be integer offset", CS);
4339 :
4340 : const int BaseIndex = cast<ConstantInt>(Base)->getZExtValue();
4341 : const int DerivedIndex = cast<ConstantInt>(Derived)->getZExtValue();
4342 : // Check the bounds
4343 : Assert(0 <= BaseIndex && BaseIndex < (int)StatepointCS.arg_size(),
4344 259016 : "gc.relocate: statepoint base index out of bounds", CS);
4345 173983 : Assert(0 <= DerivedIndex && DerivedIndex < (int)StatepointCS.arg_size(),
4346 173983 : "gc.relocate: statepoint derived index out of bounds", CS);
4347 :
4348 : // Check that BaseIndex and DerivedIndex fall within the 'gc parameters'
4349 259015 : // section of the statepoint's argument.
4350 : Assert(StatepointCS.arg_size() > 0,
4351 : "gc.statepoint: insufficient arguments");
4352 : Assert(isa<ConstantInt>(StatepointCS.getArgument(3)),
4353 : "gc.statement: number of call arguments must be constant integer");
4354 173983 : const unsigned NumCallArgs =
4355 : cast<ConstantInt>(StatepointCS.getArgument(3))->getZExtValue();
4356 : Assert(StatepointCS.arg_size() > NumCallArgs + 5,
4357 : "gc.statepoint: mismatch in number of call arguments");
4358 : Assert(isa<ConstantInt>(StatepointCS.getArgument(NumCallArgs + 5)),
4359 : "gc.statepoint: number of transition arguments must be "
4360 : "a constant integer");
4361 : const int NumTransitionArgs =
4362 521946 : cast<ConstantInt>(StatepointCS.getArgument(NumCallArgs + 5))
4363 : ->getZExtValue();
4364 : const int DeoptArgsStart = 4 + NumCallArgs + 1 + NumTransitionArgs + 1;
4365 : Assert(isa<ConstantInt>(StatepointCS.getArgument(DeoptArgsStart)),
4366 : "gc.statepoint: number of deoptimization arguments must be "
4367 : "a constant integer");
4368 : const int NumDeoptArgs =
4369 : cast<ConstantInt>(StatepointCS.getArgument(DeoptArgsStart))
4370 7577167 : ->getZExtValue();
4371 : const int GCParamArgsStart = DeoptArgsStart + 1 + NumDeoptArgs;
4372 6361893 : const int GCParamArgsEnd = StatepointCS.arg_size();
4373 : Assert(GCParamArgsStart <= BaseIndex && BaseIndex < GCParamArgsEnd,
4374 : "gc.relocate: statepoint base index doesn't fall within the "
4375 : "'gc parameters' section of the statepoint call",
4376 1215258 : CS);
4377 : Assert(GCParamArgsStart <= DerivedIndex && DerivedIndex < GCParamArgsEnd,
4378 2430516 : "gc.relocate: statepoint derived index doesn't fall within the "
4379 : "'gc parameters' section of the statepoint call",
4380 1215258 : CS);
4381 :
4382 : // Relocated value must be either a pointer type or vector-of-pointer type,
4383 352992 : // but gc_relocate does not need to return the same pointer type as the
4384 352992 : // relocated pointer. It can be casted to the correct type later if it's
4385 141077 : // desired. However, they must have the same address space and 'vectorness'
4386 : GCRelocateInst &Relocate = cast<GCRelocateInst>(*CS.getInstruction());
4387 : Assert(Relocate.getDerivedPtr()->getType()->isPtrOrPtrVectorTy(),
4388 352991 : "gc.relocate: relocated value must be a gc pointer", CS);
4389 :
4390 : auto ResultType = CS.getType();
4391 833881 : auto DerivedType = Relocate.getDerivedPtr()->getType();
4392 833881 : Assert(ResultType->isVectorTy() == DerivedType->isVectorTy(),
4393 : "gc.relocate: vector relocates to vector and pointer to pointer",
4394 833881 : CS);
4395 280120 : Assert(
4396 : ResultType->getPointerAddressSpace() ==
4397 : DerivedType->getPointerAddressSpace(),
4398 : "gc.relocate: relocating a pointer shouldn't change its address space",
4399 : CS);
4400 1107522 : break;
4401 : }
4402 : case Intrinsic::eh_exceptioncode:
4403 : case Intrinsic::eh_exceptionpointer: {
4404 : Assert(isa<CatchPadInst>(CS.getArgOperand(0)),
4405 : "eh.exceptionpointer argument must be a catchpad", CS);
4406 : break;
4407 833881 : }
4408 : case Intrinsic::masked_load: {
4409 : Assert(CS.getType()->isVectorTy(), "masked_load: must return a vector", CS);
4410 4613 :
4411 : Value *Ptr = CS.getArgOperand(0);
4412 : //Value *Alignment = CS.getArgOperand(1);
4413 4613 : Value *Mask = CS.getArgOperand(2);
4414 : Value *PassThru = CS.getArgOperand(3);
4415 24814 : Assert(Mask->getType()->isVectorTy(),
4416 20201 : "masked_load: mask must be vector", CS);
4417 :
4418 20201 : // DataTy is the overloaded type
4419 : Type *DataTy = cast<PointerType>(Ptr->getType())->getElementType();
4420 : Assert(DataTy == CS.getType(),
4421 : "masked_load: return must match pointer type", CS);
4422 4613 : Assert(PassThru->getType() == DataTy,
4423 : "masked_load: pass through and data type must match", CS);
4424 : Assert(Mask->getType()->getVectorNumElements() ==
4425 797 : DataTy->getVectorNumElements(),
4426 1594 : "masked_load: vector mask must be same length as data", CS);
4427 : break;
4428 3108 : }
4429 4622 : case Intrinsic::masked_store: {
4430 : Value *Val = CS.getArgOperand(0);
4431 : Value *Ptr = CS.getArgOperand(1);
4432 797 : //Value *Alignment = CS.getArgOperand(2);
4433 : Value *Mask = CS.getArgOperand(3);
4434 : Assert(Mask->getType()->isVectorTy(),
4435 105303 : "masked_store: mask must be vector", CS);
4436 105303 :
4437 : // DataTy is the overloaded type
4438 : Type *DataTy = cast<PointerType>(Ptr->getType())->getElementType();
4439 : Assert(DataTy == Val->getType(),
4440 105303 : "masked_store: storee must match pointer type", CS);
4441 : Assert(Mask->getType()->getVectorNumElements() ==
4442 105303 : DataTy->getVectorNumElements(),
4443 : "masked_store: vector mask must be same length as data", CS);
4444 : break;
4445 : }
4446 :
4447 : case Intrinsic::experimental_guard: {
4448 : Assert(CS.isCall(), "experimental_guard cannot be invoked", CS);
4449 0 : Assert(CS.countOperandBundlesOfType(LLVMContext::OB_deopt) == 1,
4450 : "experimental_guard must have exactly one "
4451 : "\"deopt\" operand bundle");
4452 45843 : break;
4453 : }
4454 45843 :
4455 45843 : case Intrinsic::experimental_deoptimize: {
4456 : Assert(CS.isCall(), "experimental_deoptimize cannot be invoked", CS);
4457 : Assert(CS.countOperandBundlesOfType(LLVMContext::OB_deopt) == 1,
4458 45843 : "experimental_deoptimize must have exactly one "
4459 45843 : "\"deopt\" operand bundle");
4460 : Assert(CS.getType() == CS.getInstruction()->getFunction()->getReturnType(),
4461 45843 : "experimental_deoptimize return type must match caller return type");
4462 45843 :
4463 45843 : if (CS.isCall()) {
4464 : auto *DeoptCI = CS.getInstruction();
4465 45843 : auto *RI = dyn_cast<ReturnInst>(DeoptCI->getNextNode());
4466 : Assert(RI,
4467 45843 : "calls to experimental_deoptimize must be followed by a return");
4468 :
4469 : if (!CS.getType()->isVoidTy() && RI)
4470 68955 : Assert(RI->getReturnValue() == DeoptCI,
4471 : "calls to experimental_deoptimize must be followed by a return "
4472 68955 : "of the value computed by experimental_deoptimize");
4473 68955 : }
4474 :
4475 : break;
4476 68955 : }
4477 68955 : case Intrinsic::sadd_sat: {
4478 68955 : Value *Op1 = CS.getArgOperand(0);
4479 : Value *Op2 = CS.getArgOperand(1);
4480 68955 : Assert(Op1->getType()->isIntOrIntVectorTy(),
4481 68955 : "first operand of sadd_sat must be an int type or vector of ints");
4482 : Assert(Op2->getType()->isIntOrIntVectorTy(),
4483 68955 : "second operand of sadd_sat must be an int type or vector of ints");
4484 : break;
4485 68955 : }
4486 : };
4487 : }
4488 64640 :
4489 : /// Carefully grab the subprogram from a local scope.
4490 64640 : ///
4491 64640 : /// This carefully grabs the subprogram from a local scope, avoiding the
4492 : /// built-in assertions that would typically fire.
4493 : static DISubprogram *getSubprogram(Metadata *LocalScope) {
4494 64640 : if (!LocalScope)
4495 64640 : return nullptr;
4496 :
4497 64640 : if (auto *SP = dyn_cast<DISubprogram>(LocalScope))
4498 64640 : return SP;
4499 64640 :
4500 : if (auto *LB = dyn_cast<DILexicalBlockBase>(LocalScope))
4501 64640 : return getSubprogram(LB->getRawScope());
4502 :
4503 64640 : // Just return null; broken scope chains are checked elsewhere.
4504 : assert(!isa<DILocalScope>(LocalScope) && "Unknown type of local scope");
4505 : return nullptr;
4506 4718 : }
4507 :
4508 4718 : void Verifier::visitConstrainedFPIntrinsic(ConstrainedFPIntrinsic &FPI) {
4509 4718 : unsigned NumOperands = FPI.getNumArgOperands();
4510 : Assert(((NumOperands == 5 && FPI.isTernaryOp()) ||
4511 4718 : (NumOperands == 3 && FPI.isUnaryOp()) || (NumOperands == 4)),
4512 4718 : "invalid arguments for constrained FP intrinsic", &FPI);
4513 : Assert(isa<MetadataAsValue>(FPI.getArgOperand(NumOperands-1)),
4514 0 : "invalid exception behavior argument", &FPI);
4515 0 : Assert(isa<MetadataAsValue>(FPI.getArgOperand(NumOperands-2)),
4516 4718 : "invalid rounding mode argument", &FPI);
4517 : Assert(FPI.getRoundingMode() != ConstrainedFPIntrinsic::rmInvalid,
4518 4718 : "invalid rounding mode argument", &FPI);
4519 : Assert(FPI.getExceptionBehavior() != ConstrainedFPIntrinsic::ebInvalid,
4520 4718 : "invalid exception behavior argument", &FPI);
4521 : }
4522 :
4523 10597 : void Verifier::visitDbgIntrinsic(StringRef Kind, DbgVariableIntrinsic &DII) {
4524 : auto *MD = cast<MetadataAsValue>(DII.getArgOperand(0))->getMetadata();
4525 10597 : AssertDI(isa<ValueAsMetadata>(MD) ||
4526 10597 : (isa<MDNode>(MD) && !cast<MDNode>(MD)->getNumOperands()),
4527 : "invalid llvm.dbg." + Kind + " intrinsic address/value", &DII, MD);
4528 : AssertDI(isa<DILocalVariable>(DII.getRawVariable()),
4529 10597 : "invalid llvm.dbg." + Kind + " intrinsic variable", &DII,
4530 10597 : DII.getRawVariable());
4531 : AssertDI(isa<DIExpression>(DII.getRawExpression()),
4532 0 : "invalid llvm.dbg." + Kind + " intrinsic expression", &DII,
4533 0 : DII.getRawExpression());
4534 10597 :
4535 : // Ignore broken !dbg attachments; they're checked elsewhere.
4536 10597 : if (MDNode *N = DII.getDebugLoc().getAsMDNode())
4537 : if (!isa<DILocation>(N))
4538 10597 : return;
4539 :
4540 : BasicBlock *BB = DII.getParent();
4541 9271 : Function *F = BB ? BB->getParent() : nullptr;
4542 :
4543 9271 : // The scopes for variables and !dbg attachments must agree.
4544 9271 : DILocalVariable *Var = DII.getVariable();
4545 : DILocation *Loc = DII.getDebugLoc();
4546 : AssertDI(Loc, "llvm.dbg." + Kind + " intrinsic requires a !dbg attachment",
4547 : &DII, BB, F);
4548 :
4549 9271 : DISubprogram *VarSP = getSubprogram(Var->getRawScope());
4550 : DISubprogram *LocSP = getSubprogram(Loc->getRawScope());
4551 9271 : if (!VarSP || !LocSP)
4552 : return; // Broken scope chains are checked elsewhere.
4553 0 :
4554 : AssertDI(VarSP == LocSP, "mismatched subprogram between llvm.dbg." + Kind +
4555 : " variable and !dbg attachment",
4556 9271 : &DII, BB, F, Var, Var->getScope()->getSubprogram(), Loc,
4557 4375 : Loc->getScope()->getSubprogram());
4558 :
4559 : // This check is redundant with one in visitLocalVariable().
4560 : AssertDI(isType(Var->getRawType()), "invalid type ref", Var,
4561 9271 : Var->getRawType());
4562 : if (auto *Type = dyn_cast_or_null<DIType>(Var->getRawType()))
4563 : if (Type->isBlockByrefStruct())
4564 15187 : AssertDI(DII.getExpression() && DII.getExpression()->getNumElements(),
4565 : "BlockByRef variable without complex expression", Var, &DII);
4566 15187 :
4567 15187 : verifyFnArgs(DII);
4568 : }
4569 :
4570 : void Verifier::visitDbgLabelIntrinsic(StringRef Kind, DbgLabelInst &DLI) {
4571 : AssertDI(isa<DILabel>(DLI.getRawLabel()),
4572 15187 : "invalid llvm.dbg." + Kind + " intrinsic variable", &DLI,
4573 : DLI.getRawLabel());
4574 15187 :
4575 : // Ignore broken !dbg attachments; they're checked elsewhere.
4576 0 : if (MDNode *N = DLI.getDebugLoc().getAsMDNode())
4577 : if (!isa<DILocation>(N))
4578 : return;
4579 15187 :
4580 5271 : BasicBlock *BB = DLI.getParent();
4581 : Function *F = BB ? BB->getParent() : nullptr;
4582 :
4583 : // The scopes for variables and !dbg attachments must agree.
4584 15187 : DILabel *Label = DLI.getLabel();
4585 : DILocation *Loc = DLI.getDebugLoc();
4586 : Assert(Loc, "llvm.dbg." + Kind + " intrinsic requires a !dbg attachment",
4587 6554 : &DLI, BB, F);
4588 :
4589 6554 : DISubprogram *LabelSP = getSubprogram(Label->getRawScope());
4590 6554 : DISubprogram *LocSP = getSubprogram(Loc->getRawScope());
4591 : if (!LabelSP || !LocSP)
4592 : return;
4593 :
4594 : AssertDI(LabelSP == LocSP, "mismatched subprogram between llvm.dbg." + Kind +
4595 6554 : " label and !dbg attachment",
4596 : &DLI, BB, F, Label, Label->getScope()->getSubprogram(), Loc,
4597 0 : Loc->getScope()->getSubprogram());
4598 : }
4599 6554 :
4600 : void Verifier::verifyFragmentExpression(const DbgVariableIntrinsic &I) {
4601 : DILocalVariable *V = dyn_cast_or_null<DILocalVariable>(I.getRawVariable());
4602 6554 : DIExpression *E = dyn_cast_or_null<DIExpression>(I.getRawExpression());
4603 2321 :
4604 : // We don't know whether this intrinsic verified correctly.
4605 : if (!V || !E || !E->isValid())
4606 : return;
4607 6554 :
4608 : // Nothing to do if this isn't a DW_OP_LLVM_fragment expression.
4609 : auto Fragment = E->getFragmentInfo();
4610 9069 : if (!Fragment)
4611 : return;
4612 9069 :
4613 9069 : // The frontend helps out GDB by emitting the members of local anonymous
4614 : // unions as artificial local variables with shared storage. When SROA splits
4615 : // the storage for artificial local variables that are smaller than the entire
4616 : // union, the overhang piece will be outside of the allotted space for the
4617 : // variable and this check fails.
4618 9069 : // FIXME: Remove this check as soon as clang stops doing this; it hides bugs.
4619 : if (V->isArtificial())
4620 0 : return;
4621 :
4622 9069 : verifyFragmentExpression(*V, *Fragment, &I);
4623 : }
4624 :
4625 9069 : template <typename ValueOrMetadata>
4626 2805 : void Verifier::verifyFragmentExpression(const DIVariable &V,
4627 : DIExpression::FragmentInfo Fragment,
4628 : ValueOrMetadata *Desc) {
4629 : // If there's no size, the type is broken, but that should be checked
4630 9069 : // elsewhere.
4631 : auto VarSize = V.getSizeInBits();
4632 : if (!VarSize)
4633 9288 : return;
4634 :
4635 9288 : unsigned FragSize = Fragment.SizeInBits;
4636 9288 : unsigned FragOffset = Fragment.OffsetInBits;
4637 : AssertDI(FragSize + FragOffset <= *VarSize,
4638 9288 : "fragment is larger than or outside of variable", Desc, &V);
4639 : AssertDI(FragSize != *VarSize, "fragment covers entire variable", Desc, &V);
4640 : }
4641 9288 :
4642 : void Verifier::verifyFnArgs(const DbgVariableIntrinsic &I) {
4643 : // This function does not take the scope of noninlined function arguments into
4644 9285 : // account. Don't run it if current function is nodebug, because it may
4645 9285 : // contain inlined debug intrinsics.
4646 : if (!HasDebugInfo)
4647 : return;
4648 9285 :
4649 : // For performance reasons only check non-inlined ones.
4650 : if (I.getDebugLoc()->getInlinedAt())
4651 56 : return;
4652 :
4653 : DILocalVariable *Var = I.getVariable();
4654 : AssertDI(Var, "dbg intrinsic without variable");
4655 9285 :
4656 : unsigned ArgNo = Var->getArg();
4657 : if (!ArgNo)
4658 22708 : return;
4659 :
4660 22708 : // Verify there are no duplicate function argument debug info entries.
4661 22708 : // These will cause hard-to-debug assertions in the DWARF backend.
4662 : if (DebugFnArgs.size() < ArgNo)
4663 22708 : DebugFnArgs.resize(ArgNo, nullptr);
4664 :
4665 22708 : auto *Prev = DebugFnArgs[ArgNo - 1];
4666 : DebugFnArgs[ArgNo - 1] = Var;
4667 : AssertDI(!Prev || (Prev == Var), "conflicting debug info for argument", &I,
4668 22708 : Prev, Var);
4669 : }
4670 :
4671 22706 : void Verifier::verifyCompileUnits() {
4672 : // When more than one Module is imported into the same context, such as during
4673 22706 : // an LTO build before linking the modules, ODR type uniquing may cause types
4674 : // to point to a different CU. This check does not make sense in this case.
4675 : if (M.getContext().isODRUniquingDebugTypes())
4676 51 : return;
4677 : auto *CUs = M.getNamedMetadata("llvm.dbg.cu");
4678 : SmallPtrSet<const Metadata *, 2> Listed;
4679 22706 : if (CUs)
4680 : Listed.insert(CUs->op_begin(), CUs->op_end());
4681 : for (auto *CU : CUVisited)
4682 367588 : AssertDI(Listed.count(CU), "DICompileUnit not listed in llvm.dbg.cu", CU);
4683 367588 : CUVisited.clear();
4684 : }
4685 :
4686 367588 : void Verifier::verifyDeoptimizeCallingConvs() {
4687 : if (DeoptimizeDeclarations.empty())
4688 : return;
4689 1817 :
4690 1817 : const Function *First = DeoptimizeDeclarations[0];
4691 1817 : for (auto *F : makeArrayRef(DeoptimizeDeclarations).slice(1)) {
4692 : Assert(First->getCallingConv() == F->getCallingConv(),
4693 1817 : "All llvm.experimental.deoptimize declarations must have the same "
4694 : "calling convention",
4695 1817 : First, F);
4696 : }
4697 1817 : }
4698 :
4699 1817 : //===----------------------------------------------------------------------===//
4700 37 : // Implement the public interfaces to this file...
4701 : //===----------------------------------------------------------------------===//
4702 1817 :
4703 : bool llvm::verifyFunction(const Function &f, raw_ostream *OS) {
4704 : Function &F = const_cast<Function &>(f);
4705 :
4706 : // Don't use a raw_null_ostream. Printing IR is expensive.
4707 85034 : Verifier V(OS, /*ShouldTreatBrokenDebugInfoAsError=*/true, *f.getParent());
4708 :
4709 : // Note that this function's return value is inverted from what you would
4710 : // expect of a function called "verify".
4711 : return !V.verify(F);
4712 193829 : }
4713 :
4714 : bool llvm::verifyModule(const Module &M, raw_ostream *OS,
4715 : bool *BrokenDebugInfo) {
4716 : // Don't use a raw_null_ostream. Printing IR is expensive.
4717 170066 : Verifier V(OS, /*ShouldTreatBrokenDebugInfoAsError=*/!BrokenDebugInfo, M);
4718 :
4719 : bool Broken = false;
4720 : for (const Function &F : M)
4721 259013 : Broken |= !V.verify(F);
4722 173981 :
4723 : Broken |= !V.verify();
4724 : if (BrokenDebugInfo)
4725 : *BrokenDebugInfo = V.hasBrokenDebugInfo();
4726 : // Note that this function's return value is inverted from what you would
4727 : // expect of a function called "verify".
4728 85032 : return Broken;
4729 : }
4730 :
4731 634131 : namespace {
4732 634131 :
4733 : struct VerifierLegacyPass : public FunctionPass {
4734 1268273 : static char ID;
4735 :
4736 : std::unique_ptr<Verifier> V;
4737 : bool FatalErrors = true;
4738 1268262 :
4739 : VerifierLegacyPass() : FunctionPass(ID) {
4740 : initializeVerifierLegacyPassPass(*PassRegistry::getPassRegistry());
4741 634131 : }
4742 : explicit VerifierLegacyPass(bool FatalErrors)
4743 : : FunctionPass(ID),
4744 : FatalErrors(FatalErrors) {
4745 : initializeVerifierLegacyPassPass(*PassRegistry::getPassRegistry());
4746 : }
4747 634131 :
4748 21760 : bool doInitialization(Module &M) override {
4749 : V = llvm::make_unique<Verifier>(
4750 : &dbgs(), /*ShouldTreatBrokenDebugInfoAsError=*/false, M);
4751 612371 : return false;
4752 : }
4753 :
4754 : bool runOnFunction(Function &F) override {
4755 1821112 : if (!V->verify(F) && FatalErrors) {
4756 2373962 : errs() << "in function " << F.getName() << '\n';
4757 : report_fatal_error("Broken function found, compilation aborted!");
4758 : }
4759 : return false;
4760 634131 : }
4761 :
4762 1268262 : bool doFinalization(Module &M) override {
4763 : bool HasErrors = false;
4764 : for (Function &F : M)
4765 634131 : if (F.isDeclaration())
4766 : HasErrors |= !V->verify(F);
4767 :
4768 : HasErrors |= !V->verify();
4769 : if (FatalErrors && (HasErrors || V->hasBrokenDebugInfo()))
4770 323 : report_fatal_error("Broken module found, compilation aborted!");
4771 : return false;
4772 : }
4773 :
4774 : void getAnalysisUsage(AnalysisUsage &AU) const override {
4775 634129 : AU.setPreservesAll();
4776 : }
4777 : };
4778 :
4779 : } // end anonymous namespace
4780 634129 :
4781 180 : /// Helper to issue failure from the TBAA verification
4782 180 : template <typename... Tys> void TBAAVerifier::CheckFailed(Tys &&... Args) {
4783 135 : if (Diagnostic)
4784 : return Diagnostic->CheckFailed(Args...);
4785 : }
4786 :
4787 : #define AssertTBAA(C, ...) \
4788 : do { \
4789 : if (!(C)) { \
4790 1821107 : CheckFailed(__VA_ARGS__); \
4791 1186980 : return false; \
4792 438 : } \
4793 438 : } while (false)
4794 289 :
4795 : /// Verify that \p BaseNode can be used as the "base type" in the struct-path
4796 288 : /// TBAA scheme. This means \p BaseNode is either a scalar node, or a
4797 : /// struct-type node describing an aggregate data structure (like a struct).
4798 149 : TBAAVerifier::TBAABaseNodeSummary
4799 149 : TBAAVerifier::verifyTBAABaseNode(Instruction &I, const MDNode *BaseNode,
4800 149 : bool IsNewFormat) {
4801 : if (BaseNode->getNumOperands() < 2) {
4802 : CheckFailed("Base nodes must have at least two operands", &I, BaseNode);
4803 : return {true, ~0u};
4804 634127 : }
4805 :
4806 : auto Itr = TBAABaseNodes.find(BaseNode);
4807 : if (Itr != TBAABaseNodes.end())
4808 : return Itr->second;
4809 78276 :
4810 34756 : auto Result = verifyTBAABaseNodeImpl(I, BaseNode, IsNewFormat);
4811 : auto InsertResult = TBAABaseNodes.insert({BaseNode, Result});
4812 34756 : (void)InsertResult;
4813 : assert(InsertResult.second && "We just checked!");
4814 : return Result;
4815 : }
4816 :
4817 58388 : TBAAVerifier::TBAABaseNodeSummary
4818 36630 : TBAAVerifier::verifyTBAABaseNodeImpl(Instruction &I, const MDNode *BaseNode,
4819 36630 : bool IsNewFormat) {
4820 36630 : const TBAAVerifier::TBAABaseNodeSummary InvalidNode = {true, ~0u};
4821 :
4822 36630 : if (BaseNode->getNumOperands() == 2) {
4823 11 : // Scalar nodes can only be accessed at offset 0.
4824 : return isValidScalarTBAANode(BaseNode)
4825 : ? TBAAVerifier::TBAABaseNodeSummary({false, 0})
4826 : : InvalidNode;
4827 36630 : }
4828 0 :
4829 : if (IsNewFormat) {
4830 0 : if (BaseNode->getNumOperands() % 3 != 0) {
4831 : CheckFailed("Access tag nodes must have the number of operands that is a "
4832 : "multiple of 3!", BaseNode);
4833 : return InvalidNode;
4834 : }
4835 : } else {
4836 : if (BaseNode->getNumOperands() % 2 != 1) {
4837 36630 : CheckFailed("Struct tag nodes must have an odd number of operands!",
4838 : BaseNode);
4839 : return InvalidNode;
4840 36629 : }
4841 1 : }
4842 :
4843 : // Check the type size field.
4844 : if (IsNewFormat) {
4845 : auto *TypeSizeNode = mdconst::dyn_extract_or_null<ConstantInt>(
4846 : BaseNode->getOperand(1));
4847 : if (!TypeSizeNode) {
4848 1206452 : CheckFailed("Type size nodes must be constants!", &I, BaseNode);
4849 765877 : return InvalidNode;
4850 466868 : }
4851 : }
4852 466868 :
4853 : // Check the type name field. In the new format it can be anything.
4854 : if (!IsNewFormat && !isa<MDString>(BaseNode->getOperand(0))) {
4855 : CheckFailed("Struct tag nodes have a string as their first operand",
4856 : BaseNode);
4857 : return InvalidNode;
4858 : }
4859 123596 :
4860 : bool Failed = false;
4861 :
4862 : Optional<APInt> PrevOffset;
4863 572327 : unsigned BitWidth = ~0u;
4864 333005 :
4865 : // We've already checked that BaseNode is not a degenerate root node with one
4866 : // operand in \c verifyTBAABaseNode, so this loop should run at least once.
4867 : unsigned FirstFieldOpNo = IsNewFormat ? 3 : 1;
4868 : unsigned NumOpsPerField = IsNewFormat ? 3 : 2;
4869 : for (unsigned Idx = FirstFieldOpNo; Idx < BaseNode->getNumOperands();
4870 637364 : Idx += NumOpsPerField) {
4871 3242 : const MDOperand &FieldTy = BaseNode->getOperand(Idx);
4872 3242 : const MDOperand &FieldOffset = BaseNode->getOperand(Idx + 1);
4873 3242 : if (!isa<MDNode>(FieldTy)) {
4874 1731 : CheckFailed("Incorrect field entry in struct type node!", &I, BaseNode);
4875 : Failed = true;
4876 1512 : continue;
4877 6 : }
4878 :
4879 : auto *OffsetEntryCI =
4880 1506 : mdconst::dyn_extract_or_null<ConstantInt>(FieldOffset);
4881 1253 : if (!OffsetEntryCI) {
4882 : CheckFailed("Offset entries must be constants!", &I, BaseNode);
4883 1253 : Failed = true;
4884 : continue;
4885 1253 : }
4886 :
4887 : if (BitWidth == ~0u)
4888 : BitWidth = OffsetEntryCI->getBitWidth();
4889 :
4890 : if (OffsetEntryCI->getBitWidth() != BitWidth) {
4891 : CheckFailed(
4892 : "Bitwidth between the offsets and struct type entries must match", &I,
4893 : BaseNode);
4894 659438 : Failed = true;
4895 25316 : continue;
4896 5274 : }
4897 :
4898 : // NB! As far as I can tell, we generate a non-strictly increasing offset
4899 : // sequence only from structs that have zero size bit fields. When
4900 634120 : // recursing into a contained struct in \c getFieldNodeFromTBAABaseNode we
4901 : // pick the field lexically the latest in struct type metadata node. This
4902 : // mirrors the actual behavior of the alias analysis implementation.
4903 : bool IsAscending =
4904 : !PrevOffset || PrevOffset->ule(OffsetEntryCI->getValue());
4905 :
4906 1005 : if (!IsAscending) {
4907 : CheckFailed("Offsets must be increasing!", &I, BaseNode);
4908 : Failed = true;
4909 : }
4910 57 :
4911 : PrevOffset = OffsetEntryCI->getValue();
4912 55 :
4913 : if (IsNewFormat) {
4914 : auto *MemberSizeNode = mdconst::dyn_extract_or_null<ConstantInt>(
4915 1060 : BaseNode->getOperand(Idx + 2));
4916 : if (!MemberSizeNode) {
4917 : CheckFailed("Member size entries must be constants!", &I, BaseNode);
4918 : Failed = true;
4919 : continue;
4920 : }
4921 8480 : }
4922 7420 : }
4923 155 :
4924 : return Failed ? InvalidNode
4925 1060 : : TBAAVerifier::TBAABaseNodeSummary(false, BitWidth);
4926 2 : }
4927 1060 :
4928 : static bool IsRootTBAANode(const MDNode *MD) {
4929 : return MD->getNumOperands() < 2;
4930 523 : }
4931 533 :
4932 : static bool IsScalarTBAANodeImpl(const MDNode *MD,
4933 : SmallPtrSetImpl<const MDNode *> &Visited) {
4934 : if (MD->getNumOperands() != 2 && MD->getNumOperands() != 3)
4935 : return false;
4936 522 :
4937 : if (!isa<MDString>(MD->getOperand(0)))
4938 522 : return false;
4939 316 :
4940 942 : if (MD->getNumOperands() == 3) {
4941 : auto *Offset = mdconst::dyn_extract<ConstantInt>(MD->getOperand(2));
4942 : if (!(Offset && Offset->isZero() && isa<MDString>(MD->getOperand(0))))
4943 955 : return false;
4944 985 : }
4945 :
4946 : auto *Parent = dyn_cast_or_null<MDNode>(MD->getOperand(1));
4947 : return Parent && Visited.insert(Parent).second &&
4948 : (IsRootTBAANode(Parent) || IsScalarTBAANodeImpl(Parent, Visited));
4949 520 : }
4950 :
4951 1084 : bool TBAAVerifier::isValidScalarTBAANode(const MDNode *MD) {
4952 : auto ResultIt = TBAAScalarNodes.find(MD);
4953 : if (ResultIt != TBAAScalarNodes.end())
4954 : return ResultIt->second;
4955 518 :
4956 : SmallPtrSet<const MDNode *, 4> Visited;
4957 : bool Result = IsScalarTBAANodeImpl(MD, Visited);
4958 : auto InsertResult = TBAAScalarNodes.insert({MD, Result});
4959 : (void)InsertResult;
4960 517 : assert(InsertResult.second && "Just checked!");
4961 517 :
4962 1560 : return Result;
4963 530 : }
4964 530 :
4965 530 : /// Returns the field node at the offset \p Offset in \p BaseNode. Update \p
4966 : /// Offset in place to be the offset within the field node returned.
4967 : ///
4968 : /// We assume we've okayed \p BaseNode via \c verifyTBAABaseNode.
4969 : MDNode *TBAAVerifier::getFieldNodeFromTBAABaseNode(Instruction &I,
4970 : const MDNode *BaseNode,
4971 : APInt &Offset,
4972 : bool IsNewFormat) {
4973 : assert(BaseNode->getNumOperands() >= 2 && "Invalid base node!");
4974 :
4975 513 : // Scalar nodes have only one possible "field" -- their parent in the access
4976 : // hierarchy. Offset must be zero at this point, but our caller is supposed
4977 : // to Assert that.
4978 : if (BaseNode->getNumOperands() == 2)
4979 513 : return cast<MDNode>(BaseNode->getOperand(1));
4980 47 :
4981 : unsigned FirstFieldOpNo = IsNewFormat ? 3 : 1;
4982 : unsigned NumOpsPerField = IsNewFormat ? 3 : 2;
4983 : for (unsigned Idx = FirstFieldOpNo; Idx < BaseNode->getNumOperands();
4984 : Idx += NumOpsPerField) {
4985 : auto *OffsetEntryCI =
4986 : mdconst::extract<ConstantInt>(BaseNode->getOperand(Idx + 1));
4987 513 : if (OffsetEntryCI->getValue().ugt(Offset)) {
4988 513 : if (Idx == FirstFieldOpNo) {
4989 : CheckFailed("Could not find TBAA parent in struct type node", &I,
4990 205 : BaseNode, &Offset);
4991 : return nullptr;
4992 : }
4993 :
4994 626890 : unsigned PrevIdx = Idx - NumOpsPerField;
4995 626890 : auto *PrevOffsetEntryCI =
4996 : mdconst::extract<ConstantInt>(BaseNode->getOperand(PrevIdx + 1));
4997 626890 : Offset -= PrevOffsetEntryCI->getValue();
4998 523 : return cast<MDNode>(BaseNode->getOperand(PrevIdx));
4999 626890 : }
5000 : }
5001 7241 :
5002 7241 : unsigned LastIdx = BaseNode->getNumOperands() - NumOpsPerField;
5003 : auto *LastOffsetEntryCI = mdconst::extract<ConstantInt>(
5004 : BaseNode->getOperand(LastIdx + 1));
5005 : Offset -= LastOffsetEntryCI->getValue();
5006 7241 : return cast<MDNode>(BaseNode->getOperand(LastIdx));
5007 : }
5008 :
5009 : static bool isNewFormatTBAATypeNode(llvm::MDNode *Type) {
5010 : if (!Type || Type->getNumOperands() < 3)
5011 7234 : return false;
5012 :
5013 : // In the new format type nodes shall have a reference to the parent type as
5014 : // its first operand.
5015 : MDNode *Parent = dyn_cast_or_null<MDNode>(Type->getOperand(0));
5016 : if (!Parent)
5017 645818 : return false;
5018 645818 :
5019 : return true;
5020 : }
5021 645818 :
5022 : bool TBAAVerifier::visitTBAAMetadata(Instruction &I, const MDNode *MD) {
5023 : AssertTBAA(isa<LoadInst>(I) || isa<StoreInst>(I) || isa<CallInst>(I) ||
5024 317237 : isa<VAArgInst>(I) || isa<AtomicRMWInst>(I) ||
5025 : isa<AtomicCmpXchgInst>(I),
5026 : "This instruction shall not have a TBAA access tag!", &I);
5027 :
5028 : bool IsStructPathTBAA =
5029 : isa<MDNode>(MD->getOperand(0)) && MD->getNumOperands() >= 3;
5030 :
5031 383600 : AssertTBAA(
5032 : IsStructPathTBAA,
5033 317237 : "Old-style TBAA is no longer allowed, use struct-path TBAA instead", &I);
5034 :
5035 : MDNode *BaseNode = dyn_cast_or_null<MDNode>(MD->getOperand(0));
5036 : MDNode *AccessType = dyn_cast_or_null<MDNode>(MD->getOperand(1));
5037 :
5038 : bool IsNewFormat = isNewFormatTBAATypeNode(AccessType);
5039 :
5040 123928 : if (IsNewFormat) {
5041 : AssertTBAA(MD->getNumOperands() == 4 || MD->getNumOperands() == 5,
5042 : "Access tag metadata must have either 4 or 5 operands", &I, MD);
5043 : } else {
5044 : AssertTBAA(MD->getNumOperands() < 5,
5045 123928 : "Struct tag metadata must have either 3 or 4 operands", &I, MD);
5046 : }
5047 :
5048 : // Check the access size field.
5049 123928 : if (IsNewFormat) {
5050 : auto *AccessSizeNode = mdconst::dyn_extract_or_null<ConstantInt>(
5051 : MD->getOperand(3));
5052 : AssertTBAA(AccessSizeNode, "Access size field must be a constant", &I, MD);
5053 : }
5054 :
5055 126916 : // Check the immutability flag.
5056 : unsigned ImmutabilityFlagOpNo = IsNewFormat ? 4 : 3;
5057 : if (MD->getNumOperands() == ImmutabilityFlagOpNo + 1) {
5058 169868 : auto *IsImmutableCI = mdconst::dyn_extract_or_null<ConstantInt>(
5059 : MD->getOperand(ImmutabilityFlagOpNo));
5060 126916 : AssertTBAA(IsImmutableCI,
5061 : "Immutability tag on struct tag metadata must be a constant",
5062 : &I, MD);
5063 : AssertTBAA(
5064 77737 : IsImmutableCI->isZero() || IsImmutableCI->isOne(),
5065 : "Immutability part of the struct tag metadata must be either 0 or 1",
5066 : &I, MD);
5067 104554 : }
5068 :
5069 77737 : AssertTBAA(BaseNode && AccessType,
5070 : "Malformed struct tag metadata: base and access-type "
5071 : "should be non-null and point to Metadata nodes",
5072 0 : &I, MD, BaseNode, AccessType);
5073 0 :
5074 : if (!IsNewFormat) {
5075 : AssertTBAA(isValidScalarTBAANode(AccessType),
5076 645818 : "Access type node must be a valid scalar type", &I, MD,
5077 : AccessType);
5078 : }
5079 234122 :
5080 : auto *OffsetCI = mdconst::dyn_extract_or_null<ConstantInt>(MD->getOperand(2));
5081 234122 : AssertTBAA(OffsetCI, "Offset must be constant integer", &I, MD);
5082 234122 :
5083 234122 : APInt Offset = OffsetCI->getValue();
5084 : bool SeenAccessTypeInPath = false;
5085 :
5086 234122 : SmallPtrSet<MDNode *, 4> StructPath;
5087 :
5088 : for (/* empty */; BaseNode && !IsRootTBAANode(BaseNode);
5089 234122 : BaseNode = getFieldNodeFromTBAABaseNode(I, BaseNode, Offset,
5090 : IsNewFormat)) {
5091 : if (!StructPath.insert(BaseNode).second) {
5092 234122 : CheckFailed("Cycle detected in struct path", &I, MD);
5093 : return false;
5094 : }
5095 32294 :
5096 : bool Invalid;
5097 32294 : unsigned BaseNodeBitWidth;
5098 32294 : std::tie(Invalid, BaseNodeBitWidth) = verifyTBAABaseNode(I, BaseNode,
5099 32294 : IsNewFormat);
5100 :
5101 : // If the base node is invalid in itself, then we've already printed all the
5102 0 : // errors we wanted to print.
5103 : if (Invalid)
5104 : return false;
5105 32294 :
5106 : SeenAccessTypeInPath |= BaseNode == AccessType;
5107 :
5108 32294 : if (isValidScalarTBAANode(BaseNode) || BaseNode == AccessType)
5109 : AssertTBAA(Offset == 0, "Offset not zero at the point of scalar access",
5110 : &I, MD, &Offset);
5111 114858 :
5112 114858 : AssertTBAA(BaseNodeBitWidth == Offset.getBitWidth() ||
5113 : (BaseNodeBitWidth == 0 && Offset == 0) ||
5114 : (IsNewFormat && BaseNodeBitWidth == ~0u),
5115 114858 : "Access bit-width not the same as description bit-width", &I, MD,
5116 : BaseNodeBitWidth, Offset.getBitWidth());
5117 :
5118 109291 : if (IsNewFormat && SeenAccessTypeInPath)
5119 109291 : break;
5120 : }
5121 :
5122 109291 : AssertTBAA(SeenAccessTypeInPath, "Did not see access type in access path!",
5123 : &I, MD);
5124 : return true;
5125 146430 : }
5126 146430 :
5127 : char VerifierLegacyPass::ID = 0;
5128 : INITIALIZE_PASS(VerifierLegacyPass, "verify", "Module Verifier", false, false)
5129 146430 :
5130 : FunctionPass *llvm::createVerifierPass(bool FatalErrors) {
5131 : return new VerifierLegacyPass(FatalErrors);
5132 419167 : }
5133 :
5134 : AnalysisKey VerifierAnalysis::Key;
5135 419168 : VerifierAnalysis::Result VerifierAnalysis::run(Module &M,
5136 : ModuleAnalysisManager &) {
5137 419167 : Result Res;
5138 : Res.IRBroken = llvm::verifyModule(M, &dbgs(), &Res.DebugInfoBroken);
5139 : return Res;
5140 419167 : }
5141 :
5142 : VerifierAnalysis::Result VerifierAnalysis::run(Function &F,
5143 : FunctionAnalysisManager &) {
5144 419166 : return { llvm::verifyFunction(F, &dbgs()), false };
5145 419166 : }
5146 :
5147 420598 : PreservedAnalyses VerifierPass::run(Module &M, ModuleAnalysisManager &AM) {
5148 : auto Res = AM.getResult<VerifierAnalysis>(M);
5149 : if (FatalErrors && (Res.IRBroken || Res.DebugInfoBroken))
5150 : report_fatal_error("Broken module found, compilation aborted!");
5151 419166 :
5152 : return PreservedAnalyses::all();
5153 : }
5154 1432 :
5155 523 : PreservedAnalyses VerifierPass::run(Function &F, FunctionAnalysisManager &AM) {
5156 : auto res = AM.getResult<VerifierAnalysis>(F);
5157 3286 : if (res.IRBroken && FatalErrors)
5158 1854 : report_fatal_error("Broken function found, compilation aborted!");
5159 1854 :
5160 : return PreservedAnalyses::all();
5161 1551 : }
|
