1 //===- Verifier.h - LLVM IR Verifier ----------------------------*- C++ -*-===// 2 // 3 // Part of the LLVM Project, under the Apache License v2.0 with LLVM Exceptions. 4 // See https://llvm.org/LICENSE.txt for license information. 5 // SPDX-License-Identifier: Apache-2.0 WITH LLVM-exception 6 // 7 //===----------------------------------------------------------------------===// 8 // 9 // This file defines the function verifier interface, that can be used for some 10 // sanity checking of input to the system, and for checking that transformations 11 // haven't done something bad. 12 // 13 // Note that this does not provide full 'java style' security and verifications, 14 // instead it just tries to ensure that code is well formed. 15 // 16 // To see what specifically is checked, look at the top of Verifier.cpp 17 // 18 //===----------------------------------------------------------------------===// 19 20 #ifndef LLVM_IR_VERIFIER_H 21 #define LLVM_IR_VERIFIER_H 22 23 #include "llvm/ADT/DenseMap.h" 24 #include "llvm/IR/PassManager.h" 25 #include <utility> 26 27 namespace llvm { 28 29 class APInt; 30 class Function; 31 class FunctionPass; 32 class Instruction; 33 class MDNode; 34 class Module; 35 class raw_ostream; 36 struct VerifierSupport; 37 38 /// Verify that the TBAA Metadatas are valid. 39 class TBAAVerifier { 40 VerifierSupport *Diagnostic = nullptr; 41 42 /// Helper to diagnose a failure 43 template <typename... Tys> void CheckFailed(Tys &&... Args); 44 45 /// Cache of TBAA base nodes that have already been visited. This cachce maps 46 /// a node that has been visited to a pair (IsInvalid, BitWidth) where 47 /// 48 /// \c IsInvalid is true iff the node is invalid. 49 /// \c BitWidth, if non-zero, is the bitwidth of the integer used to denoting 50 /// the offset of the access. If zero, only a zero offset is allowed. 51 /// 52 /// \c BitWidth has no meaning if \c IsInvalid is true. 53 using TBAABaseNodeSummary = std::pair<bool, unsigned>; 54 DenseMap<const MDNode *, TBAABaseNodeSummary> TBAABaseNodes; 55 56 /// Maps an alleged scalar TBAA node to a boolean that is true if the said 57 /// TBAA node is a valid scalar TBAA node or false otherwise. 58 DenseMap<const MDNode *, bool> TBAAScalarNodes; 59 60 /// \name Helper functions used by \c visitTBAAMetadata. 61 /// @{ 62 MDNode *getFieldNodeFromTBAABaseNode(Instruction &I, const MDNode *BaseNode, 63 APInt &Offset, bool IsNewFormat); 64 TBAAVerifier::TBAABaseNodeSummary verifyTBAABaseNode(Instruction &I, 65 const MDNode *BaseNode, 66 bool IsNewFormat); 67 TBAABaseNodeSummary verifyTBAABaseNodeImpl(Instruction &I, 68 const MDNode *BaseNode, 69 bool IsNewFormat); 70 71 bool isValidScalarTBAANode(const MDNode *MD); 72 /// @} 73 74 public: 75 TBAAVerifier(VerifierSupport *Diagnostic = nullptr) Diagnostic(Diagnostic)76 : Diagnostic(Diagnostic) {} 77 /// Visit an instruction and return true if it is valid, return false if an 78 /// invalid TBAA is attached. 79 bool visitTBAAMetadata(Instruction &I, const MDNode *MD); 80 }; 81 82 /// Check a function for errors, useful for use when debugging a 83 /// pass. 84 /// 85 /// If there are no errors, the function returns false. If an error is found, 86 /// a message describing the error is written to OS (if non-null) and true is 87 /// returned. 88 bool verifyFunction(const Function &F, raw_ostream *OS = nullptr); 89 90 /// Check a module for errors. 91 /// 92 /// If there are no errors, the function returns false. If an error is 93 /// found, a message describing the error is written to OS (if 94 /// non-null) and true is returned. 95 /// 96 /// \return true if the module is broken. If BrokenDebugInfo is 97 /// supplied, DebugInfo verification failures won't be considered as 98 /// error and instead *BrokenDebugInfo will be set to true. Debug 99 /// info errors can be "recovered" from by stripping the debug info. 100 bool verifyModule(const Module &M, raw_ostream *OS = nullptr, 101 bool *BrokenDebugInfo = nullptr); 102 103 FunctionPass *createVerifierPass(bool FatalErrors = true); 104 105 /// Check a module for errors, and report separate error states for IR 106 /// and debug info errors. 107 class VerifierAnalysis : public AnalysisInfoMixin<VerifierAnalysis> { 108 friend AnalysisInfoMixin<VerifierAnalysis>; 109 110 static AnalysisKey Key; 111 112 public: 113 struct Result { 114 bool IRBroken, DebugInfoBroken; 115 }; 116 117 Result run(Module &M, ModuleAnalysisManager &); 118 Result run(Function &F, FunctionAnalysisManager &); isRequired()119 static bool isRequired() { return true; } 120 }; 121 122 /// Check a module for errors, but report debug info errors separately. 123 /// Otherwise behaves as the normal verifyModule. Debug info errors can be 124 /// "recovered" from by stripping the debug info. 125 bool verifyModule(bool &BrokenDebugInfo, const Module &M, raw_ostream *OS); 126 127 /// Create a verifier pass. 128 /// 129 /// Check a module or function for validity. This is essentially a pass wrapped 130 /// around the above verifyFunction and verifyModule routines and 131 /// functionality. When the pass detects a verification error it is always 132 /// printed to stderr, and by default they are fatal. You can override that by 133 /// passing \c false to \p FatalErrors. 134 /// 135 /// Note that this creates a pass suitable for the legacy pass manager. It has 136 /// nothing to do with \c VerifierPass. 137 class VerifierPass : public PassInfoMixin<VerifierPass> { 138 bool FatalErrors; 139 140 public: FatalErrors(FatalErrors)141 explicit VerifierPass(bool FatalErrors = true) : FatalErrors(FatalErrors) {} 142 143 PreservedAnalyses run(Module &M, ModuleAnalysisManager &AM); 144 PreservedAnalyses run(Function &F, FunctionAnalysisManager &AM); isRequired()145 static bool isRequired() { return true; } 146 }; 147 148 } // end namespace llvm 149 150 #endif // LLVM_IR_VERIFIER_H 151