1//===- Verifier.h - LLVM IR Verifier ----------------------------*- C++ -*-===//
2//
3// Part of the LLVM Project, under the Apache License v2.0 with LLVM Exceptions.
4// See https://llvm.org/LICENSE.txt for license information.
5// SPDX-License-Identifier: Apache-2.0 WITH LLVM-exception
6//
7//===----------------------------------------------------------------------===//
8//
9// This file defines the function verifier interface, that can be used for some
10// sanity checking of input to the system, and for checking that transformations
11// haven't done something bad.
12//
13// Note that this does not provide full 'java style' security and verifications,
14// instead it just tries to ensure that code is well formed.
15//
16// To see what specifically is checked, look at the top of Verifier.cpp
17//
18//===----------------------------------------------------------------------===//
19
20#ifndef LLVM_IR_VERIFIER_H
21#define LLVM_IR_VERIFIER_H
22
23#include "llvm/ADT/DenseMap.h"
24#include "llvm/IR/PassManager.h"
25#include <utility>
26
27namespace llvm {
28
29class APInt;
30class Function;
31class FunctionPass;
32class Instruction;
33class MDNode;
34class Module;
35class raw_ostream;
36struct VerifierSupport;
37
38/// Verify that the TBAA Metadatas are valid.
39class TBAAVerifier {
40 VerifierSupport *Diagnostic = nullptr;
41
42 /// Helper to diagnose a failure
43 template <typename... Tys> void CheckFailed(Tys &&... Args);
44
45 /// Cache of TBAA base nodes that have already been visited. This cachce maps
46 /// a node that has been visited to a pair (IsInvalid, BitWidth) where
47 ///
48 /// \c IsInvalid is true iff the node is invalid.
49 /// \c BitWidth, if non-zero, is the bitwidth of the integer used to denoting
50 /// the offset of the access. If zero, only a zero offset is allowed.
51 ///
52 /// \c BitWidth has no meaning if \c IsInvalid is true.
53 using TBAABaseNodeSummary = std::pair<bool, unsigned>;
54 DenseMap<const MDNode *, TBAABaseNodeSummary> TBAABaseNodes;
55
56 /// Maps an alleged scalar TBAA node to a boolean that is true if the said
57 /// TBAA node is a valid scalar TBAA node or false otherwise.
58 DenseMap<const MDNode *, bool> TBAAScalarNodes;
59
60 /// \name Helper functions used by \c visitTBAAMetadata.
61 /// @{
62 MDNode *getFieldNodeFromTBAABaseNode(Instruction &I, const MDNode *BaseNode,
63 APInt &Offset, bool IsNewFormat);
64 TBAAVerifier::TBAABaseNodeSummary verifyTBAABaseNode(Instruction &I,
65 const MDNode *BaseNode,
66 bool IsNewFormat);
67 TBAABaseNodeSummary verifyTBAABaseNodeImpl(Instruction &I,
68 const MDNode *BaseNode,
69 bool IsNewFormat);
70
71 bool isValidScalarTBAANode(const MDNode *MD);
72 /// @}
73
74public:
75 TBAAVerifier(VerifierSupport *Diagnostic = nullptr)
76 : Diagnostic(Diagnostic) {}
77 /// Visit an instruction and return true if it is valid, return false if an
78 /// invalid TBAA is attached.
79 bool visitTBAAMetadata(Instruction &I, const MDNode *MD);
80};
81
82/// Check a function for errors, useful for use when debugging a
83/// pass.
84///
85/// If there are no errors, the function returns false. If an error is found,
86/// a message describing the error is written to OS (if non-null) and true is
87/// returned.
88bool verifyFunction(const Function &F, raw_ostream *OS = nullptr);
89
90/// Check a module for errors.
91///
92/// If there are no errors, the function returns false. If an error is
93/// found, a message describing the error is written to OS (if
94/// non-null) and true is returned.
95///
96/// \return true if the module is broken. If BrokenDebugInfo is
97/// supplied, DebugInfo verification failures won't be considered as
98/// error and instead *BrokenDebugInfo will be set to true. Debug
99/// info errors can be "recovered" from by stripping the debug info.
100bool verifyModule(const Module &M, raw_ostream *OS = nullptr,
101 bool *BrokenDebugInfo = nullptr);
102
103FunctionPass *createVerifierPass(bool FatalErrors = true);
104
105/// Check a module for errors, and report separate error states for IR
106/// and debug info errors.
107class VerifierAnalysis : public AnalysisInfoMixin<VerifierAnalysis> {
108 friend AnalysisInfoMixin<VerifierAnalysis>;
109
110 static AnalysisKey Key;
111
112public:
113 struct Result {
114 bool IRBroken, DebugInfoBroken;
115 };
116
117 Result run(Module &M, ModuleAnalysisManager &);
118 Result run(Function &F, FunctionAnalysisManager &);
119 static bool isRequired() { return true; }
120};
121
122/// Check a module for errors, but report debug info errors separately.
123/// Otherwise behaves as the normal verifyModule. Debug info errors can be
124/// "recovered" from by stripping the debug info.
125bool verifyModule(bool &BrokenDebugInfo, const Module &M, raw_ostream *OS);
126
127/// Create a verifier pass.
128///
129/// Check a module or function for validity. This is essentially a pass wrapped
130/// around the above verifyFunction and verifyModule routines and
131/// functionality. When the pass detects a verification error it is always
132/// printed to stderr, and by default they are fatal. You can override that by
133/// passing \c false to \p FatalErrors.
134///
135/// Note that this creates a pass suitable for the legacy pass manager. It has
136/// nothing to do with \c VerifierPass.
137class VerifierPass : public PassInfoMixin<VerifierPass> {
138 bool FatalErrors;
139
140public:
141 explicit VerifierPass(bool FatalErrors = true) : FatalErrors(FatalErrors) {}
142
143 PreservedAnalyses run(Module &M, ModuleAnalysisManager &AM);
144 PreservedAnalyses run(Function &F, FunctionAnalysisManager &AM);
145 static bool isRequired() { return true; }
146};
147
148} // end namespace llvm
149
150#endif // LLVM_IR_VERIFIER_H
151