This is an archive of the discontinued LLVM Phabricator instance.

[PowerPC] Make sure the first probe is full size or is the last probe when stack is realigned
ClosedPublic

Authored by lkail on Apr 12 2021, 2:08 AM.

Details

Summary

When -fstack-clash-protection is enabled and stack has to be realigned, some parts of redzone is written prior the probe, so probe might overwrite content already written in redzone. To avoid it, we have to make sure the first probe is at full probe size or is the last probe so that we can skip redzone.

It also fixes violation of ABI under PPC where r1 isn't updated atomically.

This fixes https://bugs.llvm.org/show_bug.cgi?id=49903.

Diff Detail

Event Timeline

lkail created this revision.Apr 12 2021, 2:08 AM
lkail requested review of this revision.Apr 12 2021, 2:08 AM
Herald added a project: Restricted Project. · View Herald TranscriptApr 12 2021, 2:08 AM
lkail updated this revision to Diff 336784.Apr 12 2021, 2:30 AM
lkail updated this revision to Diff 336785.Apr 12 2021, 2:43 AM
lkail planned changes to this revision.EditedApr 14 2021, 7:45 PM

Current solution hasn't guaranteed back-chain pointer is updated atomically, I have another solution for this to guarantee safety and atomic.

tstellar added a subscriber: tstellar.
lkail updated this revision to Diff 337648.Apr 15 2021, 12:57 AM
lkail retitled this revision from [PowerPC] Don't probe in redzone to [PowerPC] Make sure the first probe is full size or the last probe.
lkail edited the summary of this revision. (Show Details)
lkail added inline comments.Apr 15 2021, 12:59 AM
llvm/test/CodeGen/PowerPC/stack-clash-prologue.ll
681

Old implementation doesn't make backchain pointer updated atomically, violating ABI.

lkail retitled this revision from [PowerPC] Make sure the first probe is full size or the last probe to [PowerPC] Make sure the first probe is full size or is the last probe.Apr 15 2021, 1:10 AM

What is the status of this patch? It fixes a blocking bug for the 12.0.1 release.

What is the status of this patch? It fixes a blocking bug for the 12.0.1 release.

@jsji Do you have a bit of time to review this? If not, we might have to mark the bug as a non-blocker for the release and accept that stack clash protection has this issue in 12.0.0 and 12.0.1. I am hoping we can get this done and backported.

jsji added a comment.Jun 4 2021, 8:30 PM

This somehow was missed in my radar.. I will have a look .

lkail edited the summary of this revision. (Show Details)Jun 5 2021, 4:26 AM
lkail updated this revision to Diff 350086.EditedJun 5 2021, 9:06 PM
  1. Adjust comments
  2. Swap usage of r0 and r12
  3. Shortened liverange of FinalStackPtr
lkail added inline comments.Jun 5 2021, 9:14 PM
llvm/test/CodeGen/PowerPC/stack-clash-prologue.ll
89

Looks like a bug... I'll check it.

lkail updated this revision to Diff 350091.Jun 6 2021, 1:50 AM
jsji added a comment.Jun 7 2021, 10:38 AM

Looks mostly good to me, but I would prefer we split this into two fixes, one for the realign bp algorithm change, another for the other.

llvm/lib/Target/PowerPC/PPCFrameLowering.cpp
1284

*that* -> *when*?

1285

Add the comments about atomic update required by ABI.

1285

maybe rename dynamicProbeto something like dynamicProbe_RealignWithBP as this is only called with HasBP && MaxAlign >1?

1289

This is inconsistent of what we generate below: using stdu <backchain>, <negprobesize>(r1)?

1292

If we use stdux above in pseudo code, shouldn't we use stdux here?

1293

Reorg this comment please. HasBP is always true, so this is really the difference for isPPC64 vs isPPC32?

1315

This looks like a new limitation? Can we add a FIXME here?

1321

Do you mean we can use xform if we have an additional idle register?

1325

*materialized* -> *materializable*?

1326

Do we still need this lambda? Seems like only a ternary operator here?

1361

FPReg? Typo? TempReg?

1404

true /*UseDForm*/

1548

Split change related to this into another patch?

lkail updated this revision to Diff 350482.Jun 7 2021, 9:04 PM
lkail retitled this revision from [PowerPC] Make sure the first probe is full size or is the last probe to [PowerPC] Make sure the first probe is full size or is the last probe when stack is realigned.

Address comments.

lkail marked 8 inline comments as done.Jun 7 2021, 9:06 PM
lkail added inline comments.
llvm/lib/Target/PowerPC/PPCFrameLowering.cpp
1293

Should be HasBP && HasRedzone, I have updated the condition.

1321

Exactly.

1548

Yes, we can do it later.

jsji accepted this revision as: jsji.Jun 8 2021, 9:04 AM

LGTM , with some comments on comments.

llvm/lib/Target/PowerPC/PPCFrameLowering.cpp
1300

How about?

When HasBP & HasRedzone, back-chain pointer is already saved in BPReg before probe code, we don't need to save it, so we get one additional reg that can be used to materialize the probeside if needed to use xform.
Otherwise, we can NOT materialize probeside, so we can only use Dform for now. 

The allocations are:
if(HasBP & HasRedzone){
r0: materialize the probesize if needed so that we can use xform.
r12: `neg_gap`
}
else{
r0: back-chain pointer
r12: `neg_gap`.
}
1307

probeStackWhenRealigned -> probeRealignedStack

1326

probeStackWhenRealigned is called only under if (HasBP && MaxAlign > 1) { ,
so the HasBP should be expected to be always true in this function,
I think we can safely remove it from the condition? (you can add an assert if you want).

1326

we should have a idle register to materialize -> we can use xform if we have an additional idle register

1360

PROBED_STACKALLOC_64 assumes Operand(1) stores the old sp, copy BPReg to TempReg to satisfy it.

llvm/test/CodeGen/PowerPC/stack-clash-prologue-nounwind.ll
337 ↗(On Diff #350482)

Looks like this can be ignored if we found the imm is 0. Can be fixed in a follow up patch.

This revision is now accepted and ready to land.Jun 8 2021, 9:04 AM
lkail updated this revision to Diff 350764.Jun 8 2021, 7:52 PM
lkail marked 5 inline comments as done.
lkail added inline comments.
llvm/test/CodeGen/PowerPC/stack-clash-prologue-nounwind.ll
337 ↗(On Diff #350482)

Good catch.

lkail updated this revision to Diff 350778.Jun 8 2021, 10:08 PM

Try to fix pre-merge build failure on windows.

This revision was landed with ongoing or failed builds.Jun 8 2021, 11:35 PM
This revision was automatically updated to reflect the committed changes.