This is an archive of the discontinued LLVM Phabricator instance.

Differential D114194

[SystemZ] Add range checks for PC-relative fixups
ClosedPublic

Authored by jonpa on Nov 18 2021, 1:45 PM.

Details

Reviewers
uweigand
Commits
rG5bf4f2acb8d6: [SystemZ] Add range checks for PC-relative fixups.
Summary

The AsmParser checks for the range of a pc-relative immediate operand, but when that operand is a specified label there was previously no such check performed.

This patch adds checks for these operands in applyFixup(), at which point the actual offset is known.

Diff Detail

Event Timeline

jonpa created this revision.Nov 18 2021, 1:45 PM
Herald added a subscriber: hiraditya. · View Herald TranscriptNov 18 2021, 1:45 PM
jonpa requested review of this revision.Nov 18 2021, 1:45 PM
Herald added a project: Restricted Project. · View Herald TranscriptNov 18 2021, 1:45 PM
Herald added a subscriber: llvm-commits. · View Herald Transcript
jonpa added a comment.Nov 18 2021, 1:46 PM

Not sure what to do with the testing: should we do something similar as a 'Large' folder as is already done for the branch relaxation tests?

So far only one test - for the 12-bit fixup.

Harbormaster completed remote builds in B134980: Diff 388309.Nov 18 2021, 2:35 PM
uweigand added a comment.Nov 19 2021, 4:41 AM
In D114194#3141215, @jonpa wrote:

Not sure what to do with the testing: should we do something similar as a 'Large' folder as is already done for the branch relaxation tests?

The 'Large' folder is only separate because files in there take a long time to build, and therefore shouldn't be executed in each normal "make check".

I think it should be straightforward to create tests with large distances between symbols (e.g. using .rep) that don't take any longer than usual unit tests, so they don't need to be treated specially.

jonpa updated this revision to Diff 389064.Nov 22 2021, 4:23 PM

I ran into a bit of problems trying to test the 32-bit PCRel range. Since this is encoded as halfwords, 32 bits will actually overflow, and unfortunately common-code has currently some 32-bit types for offsets. I could for now make the test pass with some common-code changes, but the (SmallVector) Contents vector should probably also be fixed then to have a 64-bit template type. This is the vector that holds the encoded bytes.

The 32-bit PCRel test kind of exploded in compile time (~10 mins). It seems the main part of this is in the table-generated SystemZAsmParser::MatchInstructionImp. The 24-bit test takes 2-3 seconds.

Not sure if/how we should proceed with the 32-bit case...

GAS is faster, but seems to print broken diagnostics with the big test case ('between 0 and -2' is weird):

time as ./llvm/test/MC/SystemZ/fixups-out-of-range-02.s -o out.o -march=zEC12
./llvm/test/MC/SystemZ/fixups-out-of-range-02.s: Assembler messages:
./llvm/test/MC/SystemZ/fixups-out-of-range-02.s:15: Error: operand out of range (4096 not between -4096 and 4094)
./llvm/test/MC/SystemZ/fixups-out-of-range-02.s:22: Error: operand out of range (-4098 not between -4096 and 4094)
./llvm/test/MC/SystemZ/fixups-out-of-range-02.s:31: Error: operand out of range (16777220 not between -16777216 and 16777214)
./llvm/test/MC/SystemZ/fixups-out-of-range-02.s:38: Error: operand out of range (-16777222 not between -16777216 and 16777214)
./llvm/test/MC/SystemZ/fixups-out-of-range-02.s:47: Error: operand out of range (65540 not between -65536 and 65534)
./llvm/test/MC/SystemZ/fixups-out-of-range-02.s:54: Error: operand out of range (-65542 not between -65536 and 65534)
./llvm/test/MC/SystemZ/fixups-out-of-range-02.s:63: Error: operand out of range (4294967300 not between 0 and -2)
./llvm/test/MC/SystemZ/fixups-out-of-range-02.s:63: Error: value of 4294967300 too large for field of 4 bytes at 16846898
./llvm/test/MC/SystemZ/fixups-out-of-range-02.s:70: Error: operand out of range (-4294967302 not between 0 and -2)
./llvm/test/MC/SystemZ/fixups-out-of-range-02.s:70: Error: value of -4294967302 too large for field of 4 bytes at 4311814206

real	2m32.105s
user	2m23.702s
sys	0m8.365s
jonpa added a subscriber: Andreas-Krebbel.Nov 22 2021, 4:27 PM
Harbormaster completed remote builds in B135527: Diff 389064.Nov 22 2021, 9:51 PM
jonpa updated this revision to Diff 389289.Nov 23 2021, 1:05 PM

.space directive works better - compile time issue eliminated :-)

handlePCRelFixupValue(32) still in the patch, but the test for it removed in fixups-out-of-range-02.s. I think it will catch some positive out-of-range values, but not any negative ones (out of range). In the future if 64-bit offsets become supported, this should then work as expected, hopefully.

I have now made sure the SMLoc is passed to all created MCFixups in SystemZMCCodeEmitter.cpp. This improves the diagnostic message (line number and instruction printed).

I copied the diagnostic message from GAS in fixups-out-of-range-02.s, but have not done so for the displacements (fixups-out-of-range-01.s). I am not quite sure what is best: should the displacements also get the fuller diagnostic, or is it better with a simplistic message?

Harbormaster completed remote builds in B135703: Diff 389289.Nov 23 2021, 4:01 PM
uweigand added a comment.Nov 28 2021, 6:15 AM

The code changes LGTM.

I copied the diagnostic message from GAS in fixups-out-of-range-02.s, but have not done so for the displacements (fixups-out-of-range-01.s). I am not quite sure what is best: should the displacements also get the fuller diagnostic, or is it better with a simplistic message?

I think it's better to be explicit, so the message for displacements should mirror the one here.

As to the test, I don't really like the checking for explicit line:column numbers - this will make those test awkward to change in the future. Isn't it enough to identify a particular line by the label number used in it (assuming you make label uses unique, which can be easily done by sometimes putting two labels on the same location).

jonpa updated this revision to Diff 392207.Dec 6 2021, 3:27 PM

Updated per review.

I think it's better to be explicit, so the message for displacements should mirror the one here.

ok - updated patch and tests for this.

As to the test, I don't really like the checking for explicit line:column numbers - this will make those test awkward to change in the future. Isn't it enough to identify a particular line by the label number used in it (assuming you make label uses unique, which can be easily done by sometimes putting two labels on the same location).

Removed line numbers - I think that should work ok with the CHECK-NEXT:s and the final 'CHECK-NOT'...

Harbormaster completed remote builds in B137766: Diff 392207.Dec 6 2021, 4:10 PM
uweigand added a comment.Dec 7 2021, 12:56 AM

One final comment inline, otherwise this LGTM. Thanks!

llvm/lib/Target/SystemZ/MCTargetDesc/SystemZMCAsmBackend.cpp
43

Hmm, this scenario could be triggered by wrong assembler input (e.g. something simple like j .+1), so I don't think this should result in an assert (internal compiler error).

GCC/binutils currently seems to simply ignore that case (and round down), which also isn't ideal.

I think this really should be a user-level error message, not an assert.

This revision was not accepted when it landed; it landed in state Needs Review.Dec 7 2021, 10:14 AM
Closed by commit rG5bf4f2acb8d6: [SystemZ] Add range checks for PC-relative fixups. (authored by jonpa). · Explain Why
This revision was automatically updated to reflect the committed changes.
jonpa marked an inline comment as done.
jonpa added a commit: rG5bf4f2acb8d6: [SystemZ] Add range checks for PC-relative fixups..
jonpa added inline comments.Dec 7 2021, 10:14 AM
llvm/lib/Target/SystemZ/MCTargetDesc/SystemZMCAsmBackend.cpp
43

Changed this like:

   auto handlePCRelFixupValue = [&](unsigned W) -> uint64_t {
-    assert(Value % 2 == 0 && "Non-even PC relative offset.");
+    if (Value % 2 != 0)
+      Ctx.reportError(Fixup.getLoc(), "Non-even PC relative offset.");
     if (!checkFixupInRange(minIntN(W) * 2, maxIntN(W) * 2))
       return 0;
     return (int64_t)Value / 2;

Revision Contents

PathSize
llvm/
lib/
Target/
SystemZ/
MCTargetDesc/
32 lines
10 lines
test/
MC/
SystemZ/
fixups-out-of-range-01.s
fixups-out-of-range.s
8 lines
60 lines

Diff 392453

llvm/lib/Target/SystemZ/MCTargetDesc/SystemZMCAsmBackend.cpp

Show All 22 Lines
// Value is a fully-resolved relocation value: Symbol + Addend [- Pivot]. // Value is a fully-resolved relocation value: Symbol + Addend [- Pivot].
// Return the bits that should be installed in a relocation field for // Return the bits that should be installed in a relocation field for
// fixup kind Kind. // fixup kind Kind.
static uint64_t extractBitsForFixup(MCFixupKind Kind, uint64_t Value, static uint64_t extractBitsForFixup(MCFixupKind Kind, uint64_t Value,
const MCFixup &Fixup, MCContext &Ctx) { const MCFixup &Fixup, MCContext &Ctx) {
if (Kind < FirstTargetFixupKind) if (Kind < FirstTargetFixupKind)
return Value; return Value;
auto checkFixupInRange = [&](int64_t Min, int64_t Max) -> bool {
int64_t SVal = int64_t(Value);
if (SVal < Min || SVal > Max) {
Ctx.reportError(Fixup.getLoc(), "operand out of range (" + Twine(SVal) +
" not between " + Twine(Min) +
" and " + Twine(Max) + ")");
return false;
}
return true;
};
auto handlePCRelFixupValue = [&](unsigned W) -> uint64_t {
if (Value % 2 != 0)
uweigandUnsubmitted
Done
ReplyInline Actions

Hmm, this scenario could be triggered by wrong assembler input (e.g. something simple like j .+1), so I don't think this should result in an assert (internal compiler error).

GCC/binutils currently seems to simply ignore that case (and round down), which also isn't ideal.

I think this really should be a user-level error message, not an assert.

uweigand: Hmm, this scenario could be triggered by wrong assembler input (e.g. something simple like `j .
jonpaAuthorUnsubmitted
Done
ReplyInline Actions

Changed this like:

   auto handlePCRelFixupValue = [&](unsigned W) -> uint64_t {
-    assert(Value % 2 == 0 && "Non-even PC relative offset.");
+    if (Value % 2 != 0)
+      Ctx.reportError(Fixup.getLoc(), "Non-even PC relative offset.");
     if (!checkFixupInRange(minIntN(W) * 2, maxIntN(W) * 2))
       return 0;
     return (int64_t)Value / 2;
jonpa: Changed this like: ``` auto handlePCRelFixupValue = [&](unsigned W) -> uint64_t {…
Ctx.reportError(Fixup.getLoc(), "Non-even PC relative offset.");
if (!checkFixupInRange(minIntN(W) * 2, maxIntN(W) * 2))
return 0;
return (int64_t)Value / 2;
};
switch (unsigned(Kind)) { switch (unsigned(Kind)) {
case SystemZ::FK_390_PC12DBL: case SystemZ::FK_390_PC12DBL:
return handlePCRelFixupValue(12);
case SystemZ::FK_390_PC16DBL: case SystemZ::FK_390_PC16DBL:
return handlePCRelFixupValue(16);
case SystemZ::FK_390_PC24DBL: case SystemZ::FK_390_PC24DBL:
return handlePCRelFixupValue(24);
case SystemZ::FK_390_PC32DBL: case SystemZ::FK_390_PC32DBL:
return (int64_t)Value / 2; return handlePCRelFixupValue(32);
case SystemZ::FK_390_12: case SystemZ::FK_390_12:
if (!isUInt<12>(Value)) { if (!checkFixupInRange(0, maxUIntN(12)))
Ctx.reportError(Fixup.getLoc(), "displacement exceeds uint12");
return 0; return 0;
}
return Value; return Value;
case SystemZ::FK_390_20: { case SystemZ::FK_390_20: {
if (!isInt<20>(Value)) { if (!checkFixupInRange(minIntN(20), maxIntN(20)))
Ctx.reportError(Fixup.getLoc(), "displacement exceeds int20");
return 0; return 0;
}
// The high byte of a 20 bit displacement value comes first. // The high byte of a 20 bit displacement value comes first.
uint64_t DLo = Value & 0xfff; uint64_t DLo = Value & 0xfff;
uint64_t DHi = (Value >> 12) & 0xff; uint64_t DHi = (Value >> 12) & 0xff;
return (DLo << 8) | DHi; return (DLo << 8) | DHi;
} }
case SystemZ::FK_390_TLS_CALL: case SystemZ::FK_390_TLS_CALL:
return 0; return 0;
▲ Show 20 LinesShow All 126 LinesShow Last 20 Lines

llvm/lib/Target/SystemZ/MCTargetDesc/SystemZMCCodeEmitter.cpp

Show First 20 LinesShow All 191 Lines▼ Show 20 LinesgetDispOpValue(const MCInst &MI, unsigned OpNum,
SystemZ::FixupKind Kind) const { SystemZ::FixupKind Kind) const {
const MCOperand &MO = MI.getOperand(OpNum); const MCOperand &MO = MI.getOperand(OpNum);
if (MO.isImm()) if (MO.isImm())
return static_cast<uint64_t>(MO.getImm()); return static_cast<uint64_t>(MO.getImm());
if (MO.isExpr()) { if (MO.isExpr()) {
// All instructions follow the pattern where the first displacement has a // All instructions follow the pattern where the first displacement has a
// 2 bytes offset, and the second one 4 bytes. // 2 bytes offset, and the second one 4 bytes.
unsigned ByteOffs = Fixups.size() == 0 ? 2 : 4; unsigned ByteOffs = Fixups.size() == 0 ? 2 : 4;
Fixups.push_back(MCFixup::create(ByteOffs, MO.getExpr(), (MCFixupKind)Kind)); Fixups.push_back(MCFixup::create(ByteOffs, MO.getExpr(), (MCFixupKind)Kind,
MI.getLoc()));
assert(Fixups.size() <= 2 && "More than two memory operands in MI?"); assert(Fixups.size() <= 2 && "More than two memory operands in MI?");
return 0; return 0;
} }
llvm_unreachable("Unexpected operand type!"); llvm_unreachable("Unexpected operand type!");
} }
uint64_t SystemZMCCodeEmitter:: uint64_t SystemZMCCodeEmitter::
getBDAddr12Encoding(const MCInst &MI, unsigned OpNum, getBDAddr12Encoding(const MCInst &MI, unsigned OpNum,
▲ Show 20 LinesShow All 82 Lines▼ Show 20 LinesgetBDVAddr12Encoding(const MCInst &MI, unsigned OpNum,
return (Index << 16) | (Base << 12) | Disp; return (Index << 16) | (Base << 12) | Disp;
} }
uint64_t uint64_t
SystemZMCCodeEmitter::getPCRelEncoding(const MCInst &MI, unsigned OpNum, SystemZMCCodeEmitter::getPCRelEncoding(const MCInst &MI, unsigned OpNum,
SmallVectorImpl<MCFixup> &Fixups, SmallVectorImpl<MCFixup> &Fixups,
unsigned Kind, int64_t Offset, unsigned Kind, int64_t Offset,
bool AllowTLS) const { bool AllowTLS) const {
SMLoc Loc = MI.getLoc();
const MCOperand &MO = MI.getOperand(OpNum); const MCOperand &MO = MI.getOperand(OpNum);
const MCExpr *Expr; const MCExpr *Expr;
if (MO.isImm()) if (MO.isImm())
Expr = MCConstantExpr::create(MO.getImm() + Offset, Ctx); Expr = MCConstantExpr::create(MO.getImm() + Offset, Ctx);
else { else {
Expr = MO.getExpr(); Expr = MO.getExpr();
if (Offset) { if (Offset) {
// The operand value is relative to the start of MI, but the fixup // The operand value is relative to the start of MI, but the fixup
// is relative to the operand field itself, which is Offset bytes // is relative to the operand field itself, which is Offset bytes
// into MI. Add Offset to the relocation value to cancel out // into MI. Add Offset to the relocation value to cancel out
// this difference. // this difference.
const MCExpr *OffsetExpr = MCConstantExpr::create(Offset, Ctx); const MCExpr *OffsetExpr = MCConstantExpr::create(Offset, Ctx);
Expr = MCBinaryExpr::createAdd(Expr, OffsetExpr, Ctx); Expr = MCBinaryExpr::createAdd(Expr, OffsetExpr, Ctx);
} }
} }
Fixups.push_back(MCFixup::create(Offset, Expr, (MCFixupKind)Kind)); Fixups.push_back(MCFixup::create(Offset, Expr, (MCFixupKind)Kind, Loc));
// Output the fixup for the TLS marker if present. // Output the fixup for the TLS marker if present.
if (AllowTLS && OpNum + 1 < MI.getNumOperands()) { if (AllowTLS && OpNum + 1 < MI.getNumOperands()) {
const MCOperand &MOTLS = MI.getOperand(OpNum + 1); const MCOperand &MOTLS = MI.getOperand(OpNum + 1);
Fixups.push_back(MCFixup::create(0, MOTLS.getExpr(), Fixups.push_back(MCFixup::create(
(MCFixupKind)SystemZ::FK_390_TLS_CALL)); 0, MOTLS.getExpr(), (MCFixupKind)SystemZ::FK_390_TLS_CALL, Loc));
} }
return 0; return 0;
} }
#define ENABLE_INSTR_PREDICATE_VERIFIER #define ENABLE_INSTR_PREDICATE_VERIFIER
#include "SystemZGenMCCodeEmitter.inc" #include "SystemZGenMCCodeEmitter.inc"
MCCodeEmitter *llvm::createSystemZMCCodeEmitter(const MCInstrInfo &MCII, MCCodeEmitter *llvm::createSystemZMCCodeEmitter(const MCInstrInfo &MCII,
const MCRegisterInfo &MRI, const MCRegisterInfo &MRI,
MCContext &Ctx) { MCContext &Ctx) {
return new SystemZMCCodeEmitter(MCII, Ctx); return new SystemZMCCodeEmitter(MCII, Ctx);
} }

llvm/test/MC/SystemZ/fixups-out-of-range-01.s

  • This file was moved from llvm/test/MC/SystemZ/fixups-out-of-range.s.
# RUN: not llvm-mc -triple s390x-unknown-unknown -filetype=obj %s 2>&1 | FileCheck %s # RUN: not llvm-mc -triple s390x-unknown-unknown -filetype=obj %s 2>&1 | FileCheck %s
.text .text
# CHECK: error: displacement exceeds uint12 # CHECK: error: operand out of range (4096 not between 0 and 4095)
# CHECK-NEXT: la %r1, b-a(%r1)
# CHECK-NEXT: ^
la %r1, b-a(%r1) la %r1, b-a(%r1)
# CHECK: error: displacement exceeds int20 # CHECK-NEXT: error: operand out of range (524288 not between -524288 and 524287)
# CHECK-NEXT: lay %r1, d-c(%r1)
# CHECK-NEXT: ^
lay %r1, d-c(%r1) lay %r1, d-c(%r1)
# CHECK-NOT: error # CHECK-NOT: error
lay %r1, b-a(%r1) lay %r1, b-a(%r1)
.type a,@object .type a,@object
.local a .local a
.comm a,4096 .comm a,4096
Show All 11 Lines

llvm/test/MC/SystemZ/fixups-out-of-range-02.s

  • This file was added.
# RUN: not llvm-mc -triple s390x-unknown-unknown -filetype=obj -mcpu=zEC12 \
# RUN: -o /dev/null %s 2>&1 | FileCheck %s
.text
# Test fixup ranges, which are encoded as half-words.
# 12-bit
# CHECK: error: operand out of range (4096 not between -4096 and 4094)
# CHECK-NEXT: bprp 0, .Lab1, 0
# CHECK-NEXT: ^
# CHECK-NEXT: error: operand out of range (-4098 not between -4096 and 4094)
# CHECK-NEXT: bprp 0, .Lab0, 0
# CHECK-NEXT: ^
bprp 0, .Lab1, 0
.Lab0:
bprp 0, .Lab1, 0
.space 4084
.Lab1:
nopr
bprp 0, .Lab0, 0
bprp 0, .Lab0, 0
# 24-bit
# CHECK-NEXT: error: operand out of range (16777220 not between -16777216 and 16777214)
# CHECK-NEXT: bprp 0, 0, .Lab3
# CHECK-NEXT: ^
# CHECK-NEXT: error: operand out of range (-16777222 not between -16777216 and 16777214)
# CHECK-NEXT: bprp 0, 0, .Lab2
# CHECK-NEXT: ^
bprp 0, 0, .Lab3
.Lab2:
bprp 0, 0, .Lab3
.space 16777208
.Lab3:
nopr
bprp 0, 0, .Lab2
bprp 0, 0, .Lab2
# 16-bit
# CHECK-NEXT: error: operand out of range (65540 not between -65536 and 65534)
# CHECK-NEXT: cij %r1, 0, 0, .Lab5
# CHECK-NEXT: ^
# CHECK-NEXT: error: operand out of range (-65542 not between -65536 and 65534)
# CHECK-NEXT: cij %r1, 0, 0, .Lab4
# CHECK-NEXT: ^
cij %r1, 0, 0, .Lab5
.Lab4:
cij %r1, 0, 0, .Lab5
.space 65528
.Lab5:
nopr
cij %r1, 0, 0, .Lab4
cij %r1, 0, 0, .Lab4
# 32-bit
# Unfortunately there is no support for offsets greater than 32 bits, so we have
# to for now assume they are in range.
# CHECK-NOT: error

llvm/test/MC/SystemZ/fixups-out-of-range.s

  • This file was moved to llvm/test/MC/SystemZ/fixups-out-of-range-01.s.