This is an archive of the discontinued LLVM Phabricator instance.

Differential D88085

AArch64: avoid error when truncating MCExprs
ClosedPublic

Authored by t.p.northover on Sep 22 2020, 3:51 AM.

Details

Reviewers
peter.smith
efriedma
MaskRay
david-arm
fhahn
ostannard
Summary

A while back, a diagnostic was added to object file generation codepath for when an MCExpr overflows its size. So for assembly something like

.long a - b + 5000000000

(except produced from CodeGen because the assembler would reject that). Unfortunately I don't think it's really valid when looked at from the IR level. We've seen an obfuscator (naturally) produce code looking something like this:

@other = global i32 42
@var = global i32 sub(i32 646102975,
                      i32 add (i32 trunc(i64 sub(i64 ptrtoint(i32* @var to i64),
                                                         i64 ptrtoint(i32* @other to i64)) to i32),
                               i32 3432360802))

where the resulting SymB - SymA + Val has a Val outside the 32-bit range (because MCExprs are always evaluated at 64-bits precision). But LLVM IR is 2s-complement unless you add no-wrap flags, so I think that calculation is legitimate and has to be allowed.

Diff Detail

Event Timeline

t.p.northover created this revision.Sep 22 2020, 3:51 AM
Herald added a project: Restricted Project. · View Herald TranscriptSep 22 2020, 3:51 AM
Herald added subscribers: danielkiss, hiraditya, kristof.beyls, mcrosier. · View Herald Transcript
t.p.northover requested review of this revision.Sep 22 2020, 3:51 AM
Harbormaster completed remote builds in B72498: Diff 293405.Sep 22 2020, 4:52 AM
t.p.northover updated this revision to Diff 293428.Sep 22 2020, 5:50 AM

Bother, forgot to add the test.

fhahn accepted this revision.Sep 22 2020, 6:04 AM
fhahn added reviewers: peter.smith, efriedma, MaskRay, david-arm.
fhahn added a subscriber: fhahn.

It looks like it is indeed possible to generate fixup values that wrap around in valid LLVM IR and truncating the computed value to the fixup width should match the computation in LLVM IR.

I am not sure there is a more targeted way to detect invalid transforms in the backend that might lead to invalid offsets, but I think for now it would be best to remove the check to make sure we can handle valid IR.

LGTM, but please wait a day or so in case there is additional feedback.

This revision is now accepted and ready to land.Sep 22 2020, 6:04 AM
fhahn added a reviewer: ostannard.Sep 22 2020, 6:05 AM
fhahn mentioned this in D70533: [AArch64] Fix a bug with jump table generation.
t.p.northover closed this revision.Oct 8 2020, 3:55 AM

Thanks Florian, committed as 38348fa2654.

MaskRay added a comment.Oct 8 2020, 8:39 AM

LGTM

Revision Contents

PathSize
llvm/
lib/
Target/
AArch64/
MCTargetDesc/
16 lines
test/
CodeGen/
AArch64/
9 lines

Diff 293428

llvm/lib/Target/AArch64/MCTargetDesc/AArch64AsmBackend.cpp

Show First 20 LinesShow All 148 Lines▼ Show 20 Lines
} }
static unsigned AdrImmBits(unsigned Value) { static unsigned AdrImmBits(unsigned Value) {
unsigned lo2 = Value & 0x3; unsigned lo2 = Value & 0x3;
unsigned hi19 = (Value & 0x1ffffc) >> 2; unsigned hi19 = (Value & 0x1ffffc) >> 2;
return (hi19 << 5) | (lo2 << 29); return (hi19 << 5) | (lo2 << 29);
} }
static bool valueFitsIntoFixupKind(unsigned Kind, uint64_t Value) {
unsigned NumBits;
switch(Kind) {
case FK_Data_1: NumBits = 8; break;
case FK_Data_2: NumBits = 16; break;
case FK_Data_4: NumBits = 32; break;
case FK_Data_8: NumBits = 64; break;
default: return true;
}
return isUIntN(NumBits, Value) ||
isIntN(NumBits, static_cast<int64_t>(Value));
}
static uint64_t adjustFixupValue(const MCFixup &Fixup, const MCValue &Target, static uint64_t adjustFixupValue(const MCFixup &Fixup, const MCValue &Target,
uint64_t Value, MCContext &Ctx, uint64_t Value, MCContext &Ctx,
const Triple &TheTriple, bool IsResolved) { const Triple &TheTriple, bool IsResolved) {
int64_t SignedValue = static_cast<int64_t>(Value); int64_t SignedValue = static_cast<int64_t>(Value);
switch (Fixup.getTargetKind()) { switch (Fixup.getTargetKind()) {
default: default:
llvm_unreachable("Unknown fixup kind!"); llvm_unreachable("Unknown fixup kind!");
case AArch64::fixup_aarch64_pcrel_adr_imm21: case AArch64::fixup_aarch64_pcrel_adr_imm21:
▲ Show 20 LinesShow All 158 Lines▼ Show 20 Lines case AArch64::fixup_aarch64_pcrel_call26:
// Low two bits are not encoded (4-byte alignment assumed). // Low two bits are not encoded (4-byte alignment assumed).
if (Value & 0x3) if (Value & 0x3)
Ctx.reportError(Fixup.getLoc(), "fixup not sufficiently aligned"); Ctx.reportError(Fixup.getLoc(), "fixup not sufficiently aligned");
return (Value >> 2) & 0x3ffffff; return (Value >> 2) & 0x3ffffff;
case FK_Data_1: case FK_Data_1:
case FK_Data_2: case FK_Data_2:
case FK_Data_4: case FK_Data_4:
case FK_Data_8: case FK_Data_8:
if (!valueFitsIntoFixupKind(Fixup.getTargetKind(), Value))
Ctx.reportError(Fixup.getLoc(), "fixup value too large for data type!");
LLVM_FALLTHROUGH;
case FK_SecRel_2: case FK_SecRel_2:
case FK_SecRel_4: case FK_SecRel_4:
return Value; return Value;
} }
} }
Optional<MCFixupKind> AArch64AsmBackend::getFixupKind(StringRef Name) const { Optional<MCFixupKind> AArch64AsmBackend::getFixupKind(StringRef Name) const {
if (!TheTriple.isOSBinFormatELF()) if (!TheTriple.isOSBinFormatELF())
▲ Show 20 LinesShow All 439 LinesShow Last 20 Lines

llvm/test/CodeGen/AArch64/2s-complement-asm.ll

  • This file was added.
; RUN: llc -mtriple=arm64-apple-ios %s -filetype=obj -o - | llvm-objdump --macho --section __DATA,__data - | FileCheck %s
; CHECK: Contents of (__DATA,__data) section
; CHECK: 0000002a 59ed145d
@other = global i32 42
@var = global i32 sub(i32 646102975,
i32 add (i32 trunc(i64 sub(i64 ptrtoint(i32* @var to i64),
i64 ptrtoint(i32* @other to i64)) to i32),
i32 3432360802))