This is an archive of the discontinued LLVM Phabricator instance.

Detect x86 mid-function epilogues that end in a jump
ClosedPublic

Authored by jasonmolenda on May 31 2019, 7:05 PM.

Details

Summary

This patch adds a few new instruction recognizers to the x86 assembly inspection engine to recognize relative branches & jumps, adds support for recognizing a mid-function epilogue that ends in a jump instruction, and tests this.

The x86 unwinder still uses the initial algorithm for detecting mid-function epilogues: recognizing the end of an epilogue (relatively easy on x86 when it's usually a RET), we re-instate the unwind state from the end of the prologue. This patch adds recognition of a jump outside the function as a final epilogue instruction.

The second attempt at recognizing mid-function epilogues is implemented in UnwindAssemblyInstEmulation and is a much better approach -- it recognizes branch instructions and forwards the unwind state to the target instruction. This means that a branch over a mid-function epilogue will forward the unwind state past the epilogue; no detection of prologues or epilogues is needed.

I've added more instruction recognition machinery than is technically necessary for the bug I needed to fix - but it'll be needed for the better algorithm to be implemented in the x86 inspection engine. I didn't want to take on that larger bit of work right now, but it's something that should be done - this current algorithm is always going to be more fragile.

A more ambitious way to fix this would be to add an InstEmulation plugin for x86 and update UnwindAssemblyInstEmulation to handle all of the x86 features needed for unwinding, retire the x86AssemblyInspectionEngine.

Diff Detail

Repository
rLLDB LLDB

Event Timeline

jasonmolenda created this revision.May 31 2019, 7:05 PM
This revision was not accepted when it landed; it landed in state Needs Review.Jun 3 2019, 3:34 PM
This revision was automatically updated to reflect the committed changes.
Herald added a project: Restricted Project. · View Herald TranscriptJun 3 2019, 3:34 PM

flagging suspicious duplicate code

lldb/trunk/source/Plugins/UnwindAssembly/x86/x86AssemblyInspectionEngine.cpp
707–713 ↗(On Diff #202809)

This looks like duplicate code

Herald added a project: Restricted Project. · View Herald TranscriptAug 1 2022, 3:18 PM
jasonmolenda added inline comments.Aug 1 2022, 6:02 PM
lldb/trunk/source/Plugins/UnwindAssembly/x86/x86AssemblyInspectionEngine.cpp
707–713 ↗(On Diff #202809)

At least it does the same thing in both of them! :)

fixathon added inline comments.Aug 1 2022, 6:08 PM
lldb/trunk/source/Plugins/UnwindAssembly/x86/x86AssemblyInspectionEngine.cpp
707–713 ↗(On Diff #202809)

It does indeed, but the comments above the code are different for the 2 identical blocks of code. Do you want to fix it then? :)

jasonmolenda added inline comments.Aug 1 2022, 11:53 PM
lldb/trunk/source/Plugins/UnwindAssembly/x86/x86AssemblyInspectionEngine.cpp
707–713 ↗(On Diff #202809)

:) I see there's a comment intended for this first entry a dozen lines earlier in the source file, it's probably gotten confusing over time & edits. yah I'll fix it, thanks for catching it.