1 //===- Verifier.h - LLVM IR Verifier ----------------------------*- C++ -*-===//
2 //
3 //                     The LLVM Compiler Infrastructure
4 //
5 // This file is distributed under the University of Illinois Open Source
6 // License. See LICENSE.TXT for details.
7 //
8 //===----------------------------------------------------------------------===//
9 //
10 // This file defines the function verifier interface, that can be used for some
11 // sanity checking of input to the system, and for checking that transformations
12 // haven't done something bad.
13 //
14 // Note that this does not provide full 'java style' security and verifications,
15 // instead it just tries to ensure that code is well formed.
16 //
17 // To see what specifically is checked, look at the top of Verifier.cpp
18 //
19 //===----------------------------------------------------------------------===//
20 
21 #ifndef LLVM_IR_VERIFIER_H
22 #define LLVM_IR_VERIFIER_H
23 
24 #include "llvm/ADT/DenseMap.h"
25 #include "llvm/IR/PassManager.h"
26 #include <utility>
27 
28 namespace llvm {
29 
30 class APInt;
31 class Function;
32 class FunctionPass;
33 class Instruction;
34 class MDNode;
35 class Module;
36 class raw_ostream;
37 struct VerifierSupport;
38 
39 /// Verify that the TBAA Metadatas are valid.
40 class TBAAVerifier {
41   VerifierSupport *Diagnostic = nullptr;
42 
43   /// Helper to diagnose a failure
44   template <typename... Tys> void CheckFailed(Tys &&... Args);
45 
46   /// Cache of TBAA base nodes that have already been visited.  This cachce maps
47   /// a node that has been visited to a pair (IsInvalid, BitWidth) where
48   ///
49   ///  \c IsInvalid is true iff the node is invalid.
50   ///  \c BitWidth, if non-zero, is the bitwidth of the integer used to denoting
51   ///    the offset of the access.  If zero, only a zero offset is allowed.
52   ///
53   /// \c BitWidth has no meaning if \c IsInvalid is true.
54   using TBAABaseNodeSummary = std::pair<bool, unsigned>;
55   DenseMap<const MDNode *, TBAABaseNodeSummary> TBAABaseNodes;
56 
57   /// Maps an alleged scalar TBAA node to a boolean that is true if the said
58   /// TBAA node is a valid scalar TBAA node or false otherwise.
59   DenseMap<const MDNode *, bool> TBAAScalarNodes;
60 
61   /// \name Helper functions used by \c visitTBAAMetadata.
62   /// @{
63   MDNode *getFieldNodeFromTBAABaseNode(Instruction &I, const MDNode *BaseNode,
64                                        APInt &Offset, bool IsNewFormat);
65   TBAAVerifier::TBAABaseNodeSummary verifyTBAABaseNode(Instruction &I,
66                                                        const MDNode *BaseNode,
67                                                        bool IsNewFormat);
68   TBAABaseNodeSummary verifyTBAABaseNodeImpl(Instruction &I,
69                                              const MDNode *BaseNode,
70                                              bool IsNewFormat);
71 
72   bool isValidScalarTBAANode(const MDNode *MD);
73   /// @}
74 
75 public:
76   TBAAVerifier(VerifierSupport *Diagnostic = nullptr)
Diagnostic(Diagnostic)77       : Diagnostic(Diagnostic) {}
78   /// Visit an instruction and return true if it is valid, return false if an
79   /// invalid TBAA is attached.
80   bool visitTBAAMetadata(Instruction &I, const MDNode *MD);
81 };
82 
83 /// Check a function for errors, useful for use when debugging a
84 /// pass.
85 ///
86 /// If there are no errors, the function returns false. If an error is found,
87 /// a message describing the error is written to OS (if non-null) and true is
88 /// returned.
89 bool verifyFunction(const Function &F, raw_ostream *OS = nullptr);
90 
91 /// Check a module for errors.
92 ///
93 /// If there are no errors, the function returns false. If an error is
94 /// found, a message describing the error is written to OS (if
95 /// non-null) and true is returned.
96 ///
97 /// \return true if the module is broken. If BrokenDebugInfo is
98 /// supplied, DebugInfo verification failures won't be considered as
99 /// error and instead *BrokenDebugInfo will be set to true. Debug
100 /// info errors can be "recovered" from by stripping the debug info.
101 bool verifyModule(const Module &M, raw_ostream *OS = nullptr,
102                   bool *BrokenDebugInfo = nullptr);
103 
104 FunctionPass *createVerifierPass(bool FatalErrors = true);
105 
106 /// Check a module for errors, and report separate error states for IR
107 /// and debug info errors.
108 class VerifierAnalysis : public AnalysisInfoMixin<VerifierAnalysis> {
109   friend AnalysisInfoMixin<VerifierAnalysis>;
110 
111   static AnalysisKey Key;
112 
113 public:
114   struct Result {
115     bool IRBroken, DebugInfoBroken;
116   };
117 
118   Result run(Module &M, ModuleAnalysisManager &);
119   Result run(Function &F, FunctionAnalysisManager &);
120 };
121 
122 /// Check a module for errors, but report debug info errors separately.
123 /// Otherwise behaves as the normal verifyModule. Debug info errors can be
124 /// "recovered" from by stripping the debug info.
125 bool verifyModule(bool &BrokenDebugInfo, const Module &M, raw_ostream *OS);
126 
127 /// Create a verifier pass.
128 ///
129 /// Check a module or function for validity. This is essentially a pass wrapped
130 /// around the above verifyFunction and verifyModule routines and
131 /// functionality. When the pass detects a verification error it is always
132 /// printed to stderr, and by default they are fatal. You can override that by
133 /// passing \c false to \p FatalErrors.
134 ///
135 /// Note that this creates a pass suitable for the legacy pass manager. It has
136 /// nothing to do with \c VerifierPass.
137 class VerifierPass : public PassInfoMixin<VerifierPass> {
138   bool FatalErrors;
139 
140 public:
FatalErrors(FatalErrors)141   explicit VerifierPass(bool FatalErrors = true) : FatalErrors(FatalErrors) {}
142 
143   PreservedAnalyses run(Module &M, ModuleAnalysisManager &AM);
144   PreservedAnalyses run(Function &F, FunctionAnalysisManager &AM);
145 };
146 
147 } // end namespace llvm
148 
149 #endif // LLVM_IR_VERIFIER_H
150