This is an archive of the discontinued LLVM Phabricator instance.

Differential D27609

Fix R_AARCH64_MOVW_UABS_G3 relocation
ClosedPublic

Authored by yuyichao on Dec 8 2016, 7:53 PM.

Details

Reviewers
t.p.northover
lhames
Commits
rG8f8cdd00dab0: Fix R_AARCH64_MOVW_UABS_G3 relocation
rL289880: Fix R_AARCH64_MOVW_UABS_G3 relocation
Summary

The relocation is missing mask so an address that has non-zero bits in 47:43 may overwrite the register number. (Frequently shows up as target register changed to xzr....)

Diff Detail

Event Timeline

yuyichao updated this revision to Diff 80860.Dec 8 2016, 7:53 PM
yuyichao retitled this revision from to Fix R_AARCH64_MOVW_UABS_G3 relocation.
yuyichao updated this object.
yuyichao added a reviewer: t.p.northover.
yuyichao added a subscriber: llvm-commits.
Herald added subscribers: rengolin, aemerson. · View Herald TranscriptDec 8 2016, 7:53 PM
yuyichao updated this revision to Diff 80866.Dec 8 2016, 9:00 PM
yuyichao updated this object.

Tests added and endianess issue fixed.

yuyichao added inline comments.Dec 8 2016, 9:09 PM
lib/ExecutionEngine/RuntimeDyld/RuntimeDyldELF.cpp
364

Now that the diff is much bigger I should point out that this line is the actual bug fix (adding mask). Other changes are necessary so that the added test can be run without causing trouble on big endian systems.

peter.smith mentioned this in D27629: Fix unwind info relocation with large code model on AArch64.Dec 13 2016, 3:45 AM
yuyichao updated this revision to Diff 81225.Dec 13 2016, 6:23 AM

Use target endian for data relocation.

yuyichao added a comment.Dec 14 2016, 3:47 PM

Ping.

davide added a subscriber: davide.Dec 14 2016, 3:53 PM
davide added inline comments.
lib/ExecutionEngine/RuntimeDyld/RuntimeDyldELF.cpp
441–443

(10 - 2) -> 8

455–457

any reason why (10 - 3) is not spelled 7 (here and everywhere else)

test/ExecutionEngine/RuntimeDyld/AArch64/ELF_ARM64_relocations.s
2–3

We need tests for both little and big endian, no?

10–16

Can you add comments pointing out the relocations emitted?

davide added a reviewer: lhames.Dec 14 2016, 3:53 PM
yuyichao added inline comments.Dec 14 2016, 4:02 PM
lib/ExecutionEngine/RuntimeDyld/RuntimeDyldELF.cpp
455–457

I believe it's because these are the last bits of the source (3) and the destination (10). I'm fine with either but I think the 10 - 3 is reasonably clear what it is doing along with the comment above each of these.

test/ExecutionEngine/RuntimeDyld/AArch64/ELF_ARM64_relocations.s
2–3

Sure. I don't have hardware to actually check if it's actually the correct output but I'll just reference clang/gcc output in be mode.

10–16

Sorry, what exactly do you mean? The relocations are explicitly specified in the code (#:abs_g3: etc.). Do you mean to write the name like R_AARCH64_MOVW_UABS_G3? Or something else?

yuyichao added inline comments.Dec 14 2016, 4:20 PM
test/ExecutionEngine/RuntimeDyld/AArch64/ELF_ARM64_relocations.s
10–16

Or do you mean the disassemble of the relocated instructions?

davide added a comment.Dec 14 2016, 5:53 PM

I don't have additional comments but please wait for Tim/Lang to sign this off.

lib/ExecutionEngine/RuntimeDyld/RuntimeDyldELF.cpp
455–457

Fine.

test/ExecutionEngine/RuntimeDyld/AArch64/ELF_ARM64_relocations.s
10–16

The former (spelling the as R_AARCH64_FOO)

davide added a comment.Dec 14 2016, 5:53 PM

(and add the required tests please)

yuyichao added a comment.Dec 14 2016, 5:57 PM

(and add the required tests please)

Sure.

test/ExecutionEngine/RuntimeDyld/AArch64/ELF_ARM64_relocations.s
10–16

OK. Will do.

yuyichao updated this revision to Diff 81522.Dec 14 2016, 7:54 PM

Tests added. Also discovered and had to fix two other bugs since the arch detection was wrong for aarch64_be ELF file....

lhames accepted this revision.Dec 15 2016, 9:31 AM
lhames edited edge metadata.

LGTM. Thanks Yichao. :)

This revision is now accepted and ready to land.Dec 15 2016, 9:31 AM
Closed by commit rL289880: Fix R_AARCH64_MOVW_UABS_G3 relocation (authored by yuyichao). · Explain WhyDec 15 2016, 2:47 PM
This revision was automatically updated to reflect the committed changes.
vtjnash mentioned this in rG18805ea951be: Fix unwind info relocation with large code model on AArch64.Nov 6 2020, 11:44 AM

Revision Contents

PathSize
lib/
ExecutionEngine/
RuntimeDyld/
63 lines
test/
ExecutionEngine/
RuntimeDyld/
AArch64/
21 lines

Diff 80866

lib/ExecutionEngine/RuntimeDyld/RuntimeDyldELF.cpp

Show First 20 LinesShow All 318 Lines▼ Show 20 Linesvoid RuntimeDyldELF::resolveAArch64Relocation(const SectionEntry &Section,
switch (Type) { switch (Type) {
default: default:
llvm_unreachable("Relocation type not implemented yet!"); llvm_unreachable("Relocation type not implemented yet!");
break; break;
case ELF::R_AARCH64_ABS64: { case ELF::R_AARCH64_ABS64: {
uint64_t *TargetPtr = uint64_t *TargetPtr =
reinterpret_cast<uint64_t *>(Section.getAddressWithOffset(Offset)); reinterpret_cast<uint64_t *>(Section.getAddressWithOffset(Offset));
*TargetPtr = Value + Addend; support::ulittle64_t::ref{TargetPtr} = Value + Addend;
break; break;
} }
case ELF::R_AARCH64_PREL32: { case ELF::R_AARCH64_PREL32: {
uint64_t Result = Value + Addend - FinalAddress; uint64_t Result = Value + Addend - FinalAddress;
assert(static_cast<int64_t>(Result) >= INT32_MIN && assert(static_cast<int64_t>(Result) >= INT32_MIN &&
static_cast<int64_t>(Result) <= UINT32_MAX); static_cast<int64_t>(Result) <= UINT32_MAX);
*TargetPtr = static_cast<uint32_t>(Result & 0xffffffffU); support::ulittle32_t::ref{TargetPtr} =
static_cast<uint32_t>(Result & 0xffffffffU);
break; break;
} }
case ELF::R_AARCH64_CALL26: // fallthrough case ELF::R_AARCH64_CALL26: // fallthrough
case ELF::R_AARCH64_JUMP26: { case ELF::R_AARCH64_JUMP26: {
// Operation: S+A-P. Set Call or B immediate value to bits fff_fffc of the // Operation: S+A-P. Set Call or B immediate value to bits fff_fffc of the
// calculation. // calculation.
uint64_t BranchImm = Value + Addend - FinalAddress; uint64_t BranchImm = Value + Addend - FinalAddress;
uint32_t TargetValue = support::ulittle32_t::ref{TargetPtr};
// "Check that -2^27 <= result < 2^27". // "Check that -2^27 <= result < 2^27".
assert(isInt<28>(BranchImm)); assert(isInt<28>(BranchImm));
// AArch64 code is emitted with .rela relocations. The data already in any // AArch64 code is emitted with .rela relocations. The data already in any
// bits affected by the relocation on entry is garbage. // bits affected by the relocation on entry is garbage.
*TargetPtr &= 0xfc000000U; TargetValue &= 0xfc000000U;
// Immediate goes in bits 25:0 of B and BL. // Immediate goes in bits 25:0 of B and BL.
*TargetPtr |= static_cast<uint32_t>(BranchImm & 0xffffffcU) >> 2; TargetValue |= static_cast<uint32_t>(BranchImm & 0xffffffcU) >> 2;
support::ulittle32_t::ref{TargetPtr} = TargetValue;
break; break;
} }
case ELF::R_AARCH64_MOVW_UABS_G3: { case ELF::R_AARCH64_MOVW_UABS_G3: {
uint64_t Result = Value + Addend; uint64_t Result = Value + Addend;
uint32_t TargetValue = support::ulittle32_t::ref{TargetPtr};
// AArch64 code is emitted with .rela relocations. The data already in any // AArch64 code is emitted with .rela relocations. The data already in any
// bits affected by the relocation on entry is garbage. // bits affected by the relocation on entry is garbage.
*TargetPtr &= 0xffe0001fU; TargetValue &= 0xffe0001fU;
// Immediate goes in bits 20:5 of MOVZ/MOVK instruction // Immediate goes in bits 20:5 of MOVZ/MOVK instruction
*TargetPtr |= Result >> (48 - 5); TargetValue |= ((Result & 0xffff000000000000ULL) >> (48 - 5));
yuyichaoAuthorUnsubmitted
Not Done
ReplyInline Actions

Now that the diff is much bigger I should point out that this line is the actual bug fix (adding mask). Other changes are necessary so that the added test can be run without causing trouble on big endian systems.

yuyichao: Now that the diff is much bigger I should point out that this line is the actual bug fix…
// Shift must be "lsl #48", in bits 22:21 // Shift must be "lsl #48", in bits 22:21
assert((*TargetPtr >> 21 & 0x3) == 3 && "invalid shift for relocation"); assert((TargetValue >> 21 & 0x3) == 3 && "invalid shift for relocation");
support::ulittle32_t::ref{TargetPtr} = TargetValue;
break; break;
} }
case ELF::R_AARCH64_MOVW_UABS_G2_NC: { case ELF::R_AARCH64_MOVW_UABS_G2_NC: {
uint64_t Result = Value + Addend; uint64_t Result = Value + Addend;
uint32_t TargetValue = support::ulittle32_t::ref{TargetPtr};
// AArch64 code is emitted with .rela relocations. The data already in any // AArch64 code is emitted with .rela relocations. The data already in any
// bits affected by the relocation on entry is garbage. // bits affected by the relocation on entry is garbage.
*TargetPtr &= 0xffe0001fU; TargetValue &= 0xffe0001fU;
// Immediate goes in bits 20:5 of MOVZ/MOVK instruction // Immediate goes in bits 20:5 of MOVZ/MOVK instruction
*TargetPtr |= ((Result & 0xffff00000000ULL) >> (32 - 5)); TargetValue |= ((Result & 0xffff00000000ULL) >> (32 - 5));
// Shift must be "lsl #32", in bits 22:21 // Shift must be "lsl #32", in bits 22:21
assert((*TargetPtr >> 21 & 0x3) == 2 && "invalid shift for relocation"); assert((TargetValue >> 21 & 0x3) == 2 && "invalid shift for relocation");
support::ulittle32_t::ref{TargetPtr} = TargetValue;
break; break;
} }
case ELF::R_AARCH64_MOVW_UABS_G1_NC: { case ELF::R_AARCH64_MOVW_UABS_G1_NC: {
uint64_t Result = Value + Addend; uint64_t Result = Value + Addend;
uint32_t TargetValue = support::ulittle32_t::ref{TargetPtr};
// AArch64 code is emitted with .rela relocations. The data already in any // AArch64 code is emitted with .rela relocations. The data already in any
// bits affected by the relocation on entry is garbage. // bits affected by the relocation on entry is garbage.
*TargetPtr &= 0xffe0001fU; TargetValue &= 0xffe0001fU;
// Immediate goes in bits 20:5 of MOVZ/MOVK instruction // Immediate goes in bits 20:5 of MOVZ/MOVK instruction
*TargetPtr |= ((Result & 0xffff0000U) >> (16 - 5)); TargetValue |= ((Result & 0xffff0000U) >> (16 - 5));
// Shift must be "lsl #16", in bits 22:2 // Shift must be "lsl #16", in bits 22:2
assert((*TargetPtr >> 21 & 0x3) == 1 && "invalid shift for relocation"); assert((TargetValue >> 21 & 0x3) == 1 && "invalid shift for relocation");
support::ulittle32_t::ref{TargetPtr} = TargetValue;
break; break;
} }
case ELF::R_AARCH64_MOVW_UABS_G0_NC: { case ELF::R_AARCH64_MOVW_UABS_G0_NC: {
uint64_t Result = Value + Addend; uint64_t Result = Value + Addend;
uint32_t TargetValue = support::ulittle32_t::ref{TargetPtr};
// AArch64 code is emitted with .rela relocations. The data already in any // AArch64 code is emitted with .rela relocations. The data already in any
// bits affected by the relocation on entry is garbage. // bits affected by the relocation on entry is garbage.
*TargetPtr &= 0xffe0001fU; TargetValue &= 0xffe0001fU;
// Immediate goes in bits 20:5 of MOVZ/MOVK instruction // Immediate goes in bits 20:5 of MOVZ/MOVK instruction
*TargetPtr |= ((Result & 0xffffU) << 5); TargetValue |= ((Result & 0xffffU) << 5);
// Shift must be "lsl #0", in bits 22:21. // Shift must be "lsl #0", in bits 22:21.
assert((*TargetPtr >> 21 & 0x3) == 0 && "invalid shift for relocation"); assert((TargetValue >> 21 & 0x3) == 0 && "invalid shift for relocation");
support::ulittle32_t::ref{TargetPtr} = TargetValue;
break; break;
} }
case ELF::R_AARCH64_ADR_PREL_PG_HI21: { case ELF::R_AARCH64_ADR_PREL_PG_HI21: {
// Operation: Page(S+A) - Page(P) // Operation: Page(S+A) - Page(P)
uint64_t Result = uint64_t Result =
((Value + Addend) & ~0xfffULL) - (FinalAddress & ~0xfffULL); ((Value + Addend) & ~0xfffULL) - (FinalAddress & ~0xfffULL);
uint32_t TargetValue = support::ulittle32_t::ref{TargetPtr};
// Check that -2^32 <= X < 2^32 // Check that -2^32 <= X < 2^32
assert(isInt<33>(Result) && "overflow check failed for relocation"); assert(isInt<33>(Result) && "overflow check failed for relocation");
// AArch64 code is emitted with .rela relocations. The data already in any // AArch64 code is emitted with .rela relocations. The data already in any
// bits affected by the relocation on entry is garbage. // bits affected by the relocation on entry is garbage.
*TargetPtr &= 0x9f00001fU; TargetValue &= 0x9f00001fU;
// Immediate goes in bits 30:29 + 5:23 of ADRP instruction, taken // Immediate goes in bits 30:29 + 5:23 of ADRP instruction, taken
// from bits 32:12 of X. // from bits 32:12 of X.
*TargetPtr |= ((Result & 0x3000U) << (29 - 12)); TargetValue |= ((Result & 0x3000U) << (29 - 12));
*TargetPtr |= ((Result & 0x1ffffc000ULL) >> (14 - 5)); TargetValue |= ((Result & 0x1ffffc000ULL) >> (14 - 5));
support::ulittle32_t::ref{TargetPtr} = TargetValue;
break; break;
} }
case ELF::R_AARCH64_LDST32_ABS_LO12_NC: { case ELF::R_AARCH64_LDST32_ABS_LO12_NC: {
// Operation: S + A // Operation: S + A
uint64_t Result = Value + Addend; uint64_t Result = Value + Addend;
uint32_t TargetValue = support::ulittle32_t::ref{TargetPtr};
// AArch64 code is emitted with .rela relocations. The data already in any // AArch64 code is emitted with .rela relocations. The data already in any
// bits affected by the relocation on entry is garbage. // bits affected by the relocation on entry is garbage.
*TargetPtr &= 0xffc003ffU; TargetValue &= 0xffc003ffU;
// Immediate goes in bits 21:10 of LD/ST instruction, taken // Immediate goes in bits 21:10 of LD/ST instruction, taken
// from bits 11:2 of X // from bits 11:2 of X
*TargetPtr |= ((Result & 0xffc) << (10 - 2)); TargetValue |= ((Result & 0xffc) << (10 - 2));
support::ulittle32_t::ref{TargetPtr} = TargetValue;
break; break;
davideUnsubmitted
Not Done
ReplyInline Actions

(10 - 2) -> 8

davide: `(10 - 2)` -> `8`
} }
case ELF::R_AARCH64_LDST64_ABS_LO12_NC: { case ELF::R_AARCH64_LDST64_ABS_LO12_NC: {
// Operation: S + A // Operation: S + A
uint64_t Result = Value + Addend; uint64_t Result = Value + Addend;
uint32_t TargetValue = support::ulittle32_t::ref{TargetPtr};
// AArch64 code is emitted with .rela relocations. The data already in any // AArch64 code is emitted with .rela relocations. The data already in any
// bits affected by the relocation on entry is garbage. // bits affected by the relocation on entry is garbage.
*TargetPtr &= 0xffc003ffU; TargetValue &= 0xffc003ffU;
// Immediate goes in bits 21:10 of LD/ST instruction, taken // Immediate goes in bits 21:10 of LD/ST instruction, taken
// from bits 11:3 of X // from bits 11:3 of X
*TargetPtr |= ((Result & 0xff8) << (10 - 3)); TargetValue |= ((Result & 0xff8) << (10 - 3));
support::ulittle32_t::ref{TargetPtr} = TargetValue;
break; break;
davideUnsubmitted
Not Done
ReplyInline Actions

any reason why (10 - 3) is not spelled 7 (here and everywhere else)

davide: any reason why `(10 - 3)` is not spelled `7` (here and everywhere else)
yuyichaoAuthorUnsubmitted
Not Done
ReplyInline Actions

I believe it's because these are the last bits of the source (3) and the destination (10). I'm fine with either but I think the 10 - 3 is reasonably clear what it is doing along with the comment above each of these.

yuyichao: I believe it's because these are the last bits of the source (3) and the destination (10). I'm…
davideUnsubmitted
Not Done
ReplyInline Actions

Fine.

davide: Fine.
} }
} }
} }
void RuntimeDyldELF::resolveARMRelocation(const SectionEntry &Section, void RuntimeDyldELF::resolveARMRelocation(const SectionEntry &Section,
uint64_t Offset, uint32_t Value, uint64_t Offset, uint32_t Value,
uint32_t Type, int32_t Addend) { uint32_t Type, int32_t Addend) {
// TODO: Add Thumb relocations. // TODO: Add Thumb relocations.
▲ Show 20 LinesShow All 1,487 LinesShow Last 20 Lines

test/ExecutionEngine/RuntimeDyld/AArch64/ELF_ARM64_relocations.s

  • This file was added.
# RUN: llvm-mc -triple=arm64-none-linux-gnu -filetype=obj -o %T/reloc.o %s
# RUN: llvm-rtdyld -triple=arm64-none-linux-gnu -verify -dummy-extern f=0x0123456789abcdef -check=%s %T/reloc.o
davideUnsubmitted
Not Done
ReplyInline Actions

We need tests for both little and big endian, no?

davide: We need tests for both little and big endian, no?
yuyichaoAuthorUnsubmitted
Not Done
ReplyInline Actions

Sure. I don't have hardware to actually check if it's actually the correct output but I'll just reference clang/gcc output in be mode.

yuyichao: Sure. I don't have hardware to actually check if it's actually the correct output but I'll just…
.text
.globl g
.p2align 2
.type g,@function
g: // @g
// BB#0:
movz x0, #:abs_g3:f
movk x0, #:abs_g2_nc:f
movk x0, #:abs_g1_nc:f
movk x0, #:abs_g0_nc:f
ret
.Lfunc_end0:
.size g, .Lfunc_end0-g
davideUnsubmitted
Not Done
ReplyInline Actions

Can you add comments pointing out the relocations emitted?

davide: Can you add comments pointing out the relocations emitted?
yuyichaoAuthorUnsubmitted
Not Done
ReplyInline Actions

Sorry, what exactly do you mean? The relocations are explicitly specified in the code (#:abs_g3: etc.). Do you mean to write the name like R_AARCH64_MOVW_UABS_G3? Or something else?

yuyichao: Sorry, what exactly do you mean? The relocations are explicitly specified in the code (`#…
yuyichaoAuthorUnsubmitted
Not Done
ReplyInline Actions

Or do you mean the disassemble of the relocated instructions?

yuyichao: Or do you mean the disassemble of the relocated instructions?
davideUnsubmitted
Not Done
ReplyInline Actions

The former (spelling the as R_AARCH64_FOO)

davide: The former (spelling the as `R_AARCH64_FOO`)
yuyichaoAuthorUnsubmitted
Not Done
ReplyInline Actions

OK. Will do.

yuyichao: OK. Will do.
# rtdyld-check: *{4}(g) = 0xd2e02460
# rtdyld-check: *{4}(g + 4) = 0xf2c8ace0
# rtdyld-check: *{4}(g + 8) = 0xf2b13560
# rtdyld-check: *{4}(g + 12) = 0xf299bde0