This is an archive of the discontinued LLVM Phabricator instance.

Differential D136430

[AAArch64][Windows] Fix the crash when running ninja check-asan
ClosedPublic

Authored by bcl5980 on Oct 21 2022, 1:40 AM.

Details

Reviewers
dmgreen
paulwalker-arm
efriedma
omjavaid
mstorsjo
Commits
rGec4db1d0dc68: [AAArch64][Windows] Fix the crash when running ninja check-asan
Summary

The crash comes from mismatch between load count in epilogue and seh instruction count.
Still because of the pass AArch64LoadStoreOpt. It remove some load in the epilogue but haven't remove the corresponding seh instruction.
This patch don't optimize the load in the epilogue to fix the issue.

Fix: #58516

Diff Detail

Event Timeline

bcl5980 created this revision.Oct 21 2022, 1:40 AM
Herald added a project: Restricted Project. · View Herald TranscriptOct 21 2022, 1:40 AM
Herald added subscribers: hiraditya, kristof.beyls. · View Herald Transcript
bcl5980 requested review of this revision.Oct 21 2022, 1:40 AM
Herald added a project: Restricted Project. · View Herald TranscriptOct 21 2022, 1:40 AM
Herald added a subscriber: llvm-commits. · View Herald Transcript
bcl5980 added a comment.Oct 21 2022, 1:41 AM

Do I need to precommit the test to make the test cleaner?

DavidSpickett added a reviewer: omjavaid.Oct 21 2022, 1:52 AM

@omjavaid has also been looking at sanitizers on Windows on Arm.

Do I need to precommit the test to make the test cleaner?

As in, commit a test that shows the exiting broken behaviour, then this patch just has the correction? Sounds like a good idea to me. You can land them right next to each other in any case.

efriedma added a reviewer: mstorsjo.Oct 21 2022, 2:05 AM
DavidSpickett removed a reviewer: DavidSpickett.Oct 21 2022, 2:07 AM
mstorsjo accepted this revision.Oct 21 2022, 2:16 AM

If the issue was on the level that the number of SEH opcodes didn't match the number of instructions, then D131394 should have triggered when compiling the object file too - can you clarify whether this was the case (but you might have tested with an older version before D131394 had been landed), or if it was a case where the number of opcodes/instructions matched while being incorrect?

The fix in itself probably is correct in any case.

This revision is now accepted and ready to land.Oct 21 2022, 2:16 AM
bcl5980 added a comment.Oct 21 2022, 2:21 AM
In D136430#3873863, @mstorsjo wrote:

If the issue was on the level that the number of SEH opcodes didn't match the number of instructions, then D131394 should have triggered when compiling the object file too - can you clarify whether this was the case (but you might have tested with an older version before D131394 had been landed), or if it was a case where the number of opcodes/instructions matched while being incorrect?

The fix in itself probably is correct in any case.

I use today's main branch to test so D131394 is already landed. The test error is:

Incorrect size for ?catch$3@?0??_Osfx@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAXXZ@4HA epilogue: 8 bytes of instructions in range, but .seh directives corresponding to 12 bytes
mstorsjo added a comment.Oct 21 2022, 2:46 AM
In D136430#3873869, @bcl5980 wrote:
In D136430#3873863, @mstorsjo wrote:

If the issue was on the level that the number of SEH opcodes didn't match the number of instructions, then D131394 should have triggered when compiling the object file too - can you clarify whether this was the case (but you might have tested with an older version before D131394 had been landed), or if it was a case where the number of opcodes/instructions matched while being incorrect?

The fix in itself probably is correct in any case.

I use today's main branch to test so D131394 is already landed. The test error is:

Incorrect size for ?catch$3@?0??_Osfx@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAXXZ@4HA epilogue: 8 bytes of instructions in range, but .seh directives corresponding to 12 bytes

Ok, great! So then that check works exactly as intended for catching issues like these!

Harbormaster completed remote builds in B193452: Diff 469503.Oct 21 2022, 3:00 AM
Closed by commit rGec4db1d0dc68: [AAArch64][Windows] Fix the crash when running ninja check-asan (authored by bcl5980). · Explain WhyOct 21 2022, 7:12 AM
This revision was automatically updated to reflect the committed changes.
bcl5980 added a commit: rGec4db1d0dc68: [AAArch64][Windows] Fix the crash when running ninja check-asan.

Revision Contents

PathSize
llvm/
lib/
Target/
AArch64/
3 lines
test/
CodeGen/
AArch64/
113 lines

Diff 469602

llvm/lib/Target/AArch64/AArch64LoadStoreOptimizer.cpp

Show First 20 LinesShow All 2,061 Lines▼ Show 20 Lines
bool AArch64LoadStoreOpt::tryToPromoteLoadFromStore( bool AArch64LoadStoreOpt::tryToPromoteLoadFromStore(
MachineBasicBlock::iterator &MBBI) { MachineBasicBlock::iterator &MBBI) {
MachineInstr &MI = *MBBI; MachineInstr &MI = *MBBI;
// If this is a volatile load, don't mess with it. // If this is a volatile load, don't mess with it.
if (MI.hasOrderedMemoryRef()) if (MI.hasOrderedMemoryRef())
return false; return false;
if (needsWinCFI(MI.getMF()) && MI.getFlag(MachineInstr::FrameDestroy))
return false;
// Make sure this is a reg+imm. // Make sure this is a reg+imm.
// FIXME: It is possible to extend it to handle reg+reg cases. // FIXME: It is possible to extend it to handle reg+reg cases.
if (!AArch64InstrInfo::getLdStOffsetOp(MI).isImm()) if (!AArch64InstrInfo::getLdStOffsetOp(MI).isImm())
return false; return false;
// Look backward up to LdStLimit instructions. // Look backward up to LdStLimit instructions.
MachineBasicBlock::iterator StoreI; MachineBasicBlock::iterator StoreI;
if (findMatchingStore(MBBI, LdStLimit, StoreI)) { if (findMatchingStore(MBBI, LdStLimit, StoreI)) {
▲ Show 20 LinesShow All 255 LinesShow Last 20 Lines

llvm/test/CodeGen/AArch64/pr58516.ll

  • This file was added.
; NOTE: Assertions have been autogenerated by utils/update_llc_test_checks.py
; RUN: llc -mtriple=aarch64-pc-windows-msvc %s -o - | FileCheck %s
$osfx = comdat any
declare dso_local i32 @__CxxFrameHandler3(...)
define void @osfx(ptr %this) comdat personality ptr @__CxxFrameHandler3 {
; CHECK-LABEL: osfx:
; CHECK: .Lfunc_begin0:
; CHECK-NEXT: .seh_proc osfx
; CHECK-NEXT: .seh_handler __CxxFrameHandler3, @unwind, @except
; CHECK-NEXT: // %bb.0: // %invoke.cont
; CHECK-NEXT: stp x19, x20, [sp, #-64]! // 16-byte Folded Spill
; CHECK-NEXT: .seh_save_regp_x x19, 64
; CHECK-NEXT: str x21, [sp, #16] // 8-byte Folded Spill
; CHECK-NEXT: .seh_save_reg x21, 16
; CHECK-NEXT: stp x29, x30, [sp, #24] // 16-byte Folded Spill
; CHECK-NEXT: .seh_save_fplr 24
; CHECK-NEXT: add x29, sp, #24
; CHECK-NEXT: .seh_add_fp 24
; CHECK-NEXT: .seh_endprologue
; CHECK-NEXT: sub x9, sp, #32
; CHECK-NEXT: and sp, x9, #0xffffffffffffffe0
; CHECK-NEXT: mov x19, sp
; CHECK-NEXT: mov x1, #-2
; CHECK-NEXT: add x8, x19, #0
; CHECK-NEXT: mov x20, x0
; CHECK-NEXT: lsr x21, x8, #3
; CHECK-NEXT: adrp x8, osfx
; CHECK-NEXT: add x8, x8, :lo12:osfx
; CHECK-NEXT: stur x1, [x29, #24]
; CHECK-NEXT: str x8, [x0]
; CHECK-NEXT: str wzr, [x21]
; CHECK-NEXT: ldr x0, [x0]
; CHECK-NEXT: .Ltmp0:
; CHECK-NEXT: blr x0
; CHECK-NEXT: .Ltmp1:
; CHECK-NEXT: // %bb.1: // %invoke.cont12
; CHECK-NEXT: str wzr, [x20]
; CHECK-NEXT: str wzr, [x21]
; CHECK-NEXT: .LBB0_2: // %try.cont
; CHECK-NEXT: $ehgcr_0_2:
; CHECK-NEXT: .seh_startepilogue
; CHECK-NEXT: sub sp, x29, #24
; CHECK-NEXT: .seh_add_fp 24
; CHECK-NEXT: ldp x29, x30, [sp, #24] // 16-byte Folded Reload
; CHECK-NEXT: .seh_save_fplr 24
; CHECK-NEXT: ldr x21, [sp, #16] // 8-byte Folded Reload
; CHECK-NEXT: .seh_save_reg x21, 16
; CHECK-NEXT: ldp x19, x20, [sp], #64 // 16-byte Folded Reload
; CHECK-NEXT: .seh_save_regp_x x19, 64
; CHECK-NEXT: .seh_endepilogue
; CHECK-NEXT: ret
; CHECK-NEXT: .seh_endfunclet
; CHECK-NEXT: .seh_handlerdata
; CHECK-NEXT: .word ($cppxdata$osfx)@IMGREL
; CHECK-NEXT: .section .text,"xr",discard,osfx
; CHECK-NEXT: .seh_endproc
; CHECK-NEXT: .def "?catch$3@?0?osfx@4HA";
; CHECK-NEXT: .scl 3;
; CHECK-NEXT: .type 32;
; CHECK-NEXT: .endef
; CHECK-NEXT: .p2align 2
; CHECK-NEXT: "?catch$3@?0?osfx@4HA":
; CHECK-NEXT: .seh_proc "?catch$3@?0?osfx@4HA"
; CHECK-NEXT: .seh_handler __CxxFrameHandler3, @unwind, @except
; CHECK-NEXT: .LBB0_3: // %catch
; CHECK-NEXT: stp x19, x20, [sp, #-48]! // 16-byte Folded Spill
; CHECK-NEXT: .seh_save_regp_x x19, 48
; CHECK-NEXT: str x21, [sp, #16] // 8-byte Folded Spill
; CHECK-NEXT: .seh_save_reg x21, 16
; CHECK-NEXT: stp x29, x30, [sp, #24] // 16-byte Folded Spill
; CHECK-NEXT: .seh_save_fplr 24
; CHECK-NEXT: .seh_endprologue
; CHECK-NEXT: adrp x0, .LBB0_2
; CHECK-NEXT: add x0, x0, .LBB0_2
; CHECK-NEXT: .seh_startepilogue
; CHECK-NEXT: ldp x29, x30, [sp, #24] // 16-byte Folded Reload
; CHECK-NEXT: .seh_save_fplr 24
; CHECK-NEXT: ldr x21, [sp, #16] // 8-byte Folded Reload
; CHECK-NEXT: .seh_save_reg x21, 16
; CHECK-NEXT: ldp x19, x20, [sp], #48 // 16-byte Folded Reload
; CHECK-NEXT: .seh_save_regp_x x19, 48
; CHECK-NEXT: .seh_endepilogue
; CHECK-NEXT: ret
invoke.cont:
%MyAlloca2 = alloca [32 x i8], align 32
%0 = ptrtoint ptr %MyAlloca2 to i64
store i64 ptrtoint (ptr @osfx to i64), ptr %this
%1 = lshr exact i64 %0, 3
%2 = inttoptr i64 %1 to ptr
store i32 0, ptr %2
%vbtable = load ptr, ptr %this
%call.i21 = invoke noundef i32 %vbtable(ptr %vbtable)
to label %invoke.cont12 unwind label %catch.dispatch
invoke.cont12: ; preds = %invoke.cont
store i32 0, ptr %this
store i32 0, ptr %2
br label %try.cont
catch.dispatch: ; preds = %invoke.cont
%3 = catchswitch within none [label %catch] unwind to caller
catch: ; preds = %catch.dispatch
%4 = catchpad within %3 [ptr null, i32 64, ptr null]
catchret from %4 to label %try.cont
try.cont: ; preds = %catch, %invoke.cont12
ret void
}