1 //==-- loop_proto_to_llvm.cpp - Protobuf-C++ conversion 2 //---------------------==// 3 // 4 // The LLVM Compiler Infrastructure 5 // 6 // This file is distributed under the University of Illinois Open Source 7 // License. See LICENSE.TXT for details. 8 // 9 //===----------------------------------------------------------------------===// 10 // 11 // Implements functions for converting between protobufs and LLVM IR. 12 // 13 // 14 //===----------------------------------------------------------------------===// 15 16 #include "loop_proto_to_llvm.h" 17 #include "cxx_loop_proto.pb.h" 18 #include "../handle-llvm/input_arrays.h" 19 20 // The following is needed to convert protos in human-readable form 21 #include <google/protobuf/text_format.h> 22 23 #include <ostream> 24 #include <sstream> 25 26 namespace clang_fuzzer { 27 28 // Forward decls 29 std::string BinopToString(std::ostream &os, const BinaryOp &x); 30 std::string StateSeqToString(std::ostream &os, const StatementSeq &x); 31 32 // Counter variable to generate new LLVM IR variable names and wrapper function 33 static std::string get_var() { 34 static int ctr = 0; 35 return "%var" + std::to_string(ctr++); 36 } 37 38 static bool inner_loop = false; 39 class InnerLoop { 40 public: 41 InnerLoop() { 42 inner_loop = true; 43 } 44 ~InnerLoop() { 45 inner_loop = false; 46 } 47 }; 48 49 50 // Proto to LLVM. 51 52 std::string ConstToString(const Const &x) { 53 return std::to_string(x.val()); 54 } 55 std::string VarRefToString(std::ostream &os, const VarRef &x) { 56 std::string which_loop = inner_loop ? "inner" : "outer"; 57 std::string arr; 58 switch(x.arr()) { 59 case VarRef::ARR_A: 60 arr = "%a"; 61 break; 62 case VarRef::ARR_B: 63 arr = "%b"; 64 break; 65 case VarRef::ARR_C: 66 arr = "%c"; 67 break; 68 } 69 std::string ptr_var = get_var(); 70 os << ptr_var << " = getelementptr inbounds i32, i32* " << arr 71 << ", i64 %" << which_loop << "_ct\n"; 72 return ptr_var; 73 } 74 std::string RvalueToString(std::ostream &os, const Rvalue &x) { 75 if(x.has_cons()) 76 return ConstToString(x.cons()); 77 if(x.has_binop()) 78 return BinopToString(os, x.binop()); 79 if(x.has_varref()) { 80 std::string var_ref = VarRefToString(os, x.varref()); 81 std::string val_var = get_var(); 82 os << val_var << " = load i32, i32* " << var_ref << "\n"; 83 return val_var; 84 } 85 return "1"; 86 87 } 88 std::string BinopToString(std::ostream &os, const BinaryOp &x) { 89 std::string left = RvalueToString(os, x.left()); 90 std::string right = RvalueToString(os, x.right()); 91 std::string op; 92 switch (x.op()) { 93 case BinaryOp::PLUS: 94 op = "add"; 95 break; 96 case BinaryOp::MINUS: 97 op = "sub"; 98 break; 99 case BinaryOp::MUL: 100 op = "mul"; 101 break; 102 case BinaryOp::XOR: 103 op = "xor"; 104 break; 105 case BinaryOp::AND: 106 op = "and"; 107 break; 108 case BinaryOp::OR: 109 op = "or"; 110 break; 111 // Support for Boolean operators will be added later 112 case BinaryOp::EQ: 113 case BinaryOp::NE: 114 case BinaryOp::LE: 115 case BinaryOp::GE: 116 case BinaryOp::LT: 117 case BinaryOp::GT: 118 op = "add"; 119 break; 120 } 121 std::string val_var = get_var(); 122 os << val_var << " = " << op << " i32 " << left << ", " << right << "\n"; 123 return val_var; 124 } 125 std::ostream &operator<<(std::ostream &os, const AssignmentStatement &x) { 126 std::string rvalue = RvalueToString(os, x.rvalue()); 127 std::string var_ref = VarRefToString(os, x.varref()); 128 return os << "store i32 " << rvalue << ", i32* " << var_ref << "\n"; 129 } 130 std::ostream &operator<<(std::ostream &os, const Statement &x) { 131 return os << x.assignment(); 132 } 133 std::ostream &operator<<(std::ostream &os, const StatementSeq &x) { 134 for (auto &st : x.statements()) { 135 os << st; 136 } 137 return os; 138 } 139 void NestedLoopToString(std::ostream &os, const LoopFunction &x) { 140 os << "target triple = \"x86_64-unknown-linux-gnu\"\n" 141 << "define void @foo(i32* %a, i32* %b, i32* noalias %c, i64 %s) {\n" 142 << "outer_loop_start:\n" 143 << "%cmp = icmp sgt i64 %s, 0\n" 144 << "br i1 %cmp, label %inner_loop_start, label %end\n" 145 << "outer_loop:\n" 146 << x.outer_statements() 147 << "%o_ct_new = add i64 %outer_ct, 1\n" 148 << "%jmp_outer = icmp eq i64 %o_ct_new, %s\n" 149 << "br i1 %jmp_outer, label %end, label %inner_loop_start\n" 150 << "inner_loop_start:\n" 151 << "%outer_ct = phi i64 [%o_ct_new, %outer_loop], [0, %outer_loop_start]\n" 152 << "br label %inner_loop\n" 153 << "inner_loop:\n" 154 << "%inner_ct = phi i64 [0, %inner_loop_start], [%i_ct_new, %inner_loop]\n"; 155 { 156 InnerLoop IL; 157 os << x.inner_statements(); 158 } 159 os << "%i_ct_new = add i64 %inner_ct, 1\n" 160 << "%jmp_inner = icmp eq i64 %i_ct_new, %s\n" 161 << "br i1 %jmp_inner, label %outer_loop, label %inner_loop, !llvm.loop !0\n" 162 << "end:\n" 163 << "ret void\n" 164 << "}\n" 165 << "!0 = distinct !{!0, !1, !2}\n" 166 << "!1 = !{!\"llvm.loop.vectorize.enable\", i1 true}\n" 167 << "!2 = !{!\"llvm.loop.vectorize.width\", i32 " << kArraySize << "}\n"; 168 } 169 void SingleLoopToString(std::ostream &os, const LoopFunction &x) { 170 os << "target triple = \"x86_64-unknown-linux-gnu\"\n" 171 << "define void @foo(i32* %a, i32* %b, i32* noalias %c, i64 %s) {\n" 172 << "%cmp = icmp sgt i64 %s, 0\n" 173 << "br i1 %cmp, label %start, label %end\n" 174 << "start:\n" 175 << "br label %loop\n" 176 << "end:\n" 177 << "ret void\n" 178 << "loop:\n" 179 << "%outer_ct = phi i64 [ %ctnew, %loop ], [ 0, %start ]\n" 180 << x.outer_statements() 181 << "%ctnew = add i64 %outer_ct, 1\n" 182 << "%j = icmp eq i64 %ctnew, %s\n" 183 << "br i1 %j, label %end, label %loop, !llvm.loop !0\n}\n" 184 << "!0 = distinct !{!0, !1, !2}\n" 185 << "!1 = !{!\"llvm.loop.vectorize.enable\", i1 true}\n" 186 << "!2 = !{!\"llvm.loop.vectorize.width\", i32 " << kArraySize << "}\n"; 187 } 188 std::ostream &operator<<(std::ostream &os, const LoopFunction &x) { 189 if (x.has_inner_statements()) 190 NestedLoopToString(os, x); 191 else 192 SingleLoopToString(os, x); 193 return os; 194 } 195 196 // --------------------------------- 197 198 std::string LoopFunctionToLLVMString(const LoopFunction &input) { 199 std::ostringstream os; 200 os << input; 201 return os.str(); 202 } 203 std::string LoopProtoToLLVM(const uint8_t *data, size_t size) { 204 LoopFunction message; 205 if (!message.ParsePartialFromArray(data, size)) 206 return "#error invalid proto\n"; 207 return LoopFunctionToLLVMString(message); 208 } 209 210 } // namespace clang_fuzzer 211