This is an archive of the discontinued LLVM Phabricator instance.

[RISCV] Avoid overflow when determining number of nops for code align
ClosedPublic

Authored by edward-jones on Jun 13 2019, 8:00 AM.

Download Raw Diff

Details

Reviewers

asb
lewis-revill

Commits

rGbb479ca31195: [RISCV] Avoid overflow when determining number of nops for code align
rL366176: [RISCV] Avoid overflow when determining number of nops for code align

Summary

RISCVAsmBackend::shouldInsertExtraNopBytesForCodeAlign() assumed that the align specified would be greater than or equal to the minimum nop length, but that is not always the case - for example if a user specifies ".align 0" in assembly.

Diff Detail

Event Timeline

edward-jones created this revision.Jun 13 2019, 8:00 AM

Herald added a project: Restricted Project. · View Herald TranscriptJun 13 2019, 8:00 AM

Herald added subscribers: llvm-commits, Jim, benna and 18 others. · View Herald Transcript

lewis-revill added inline comments.Jun 13 2019, 8:55 AM

lib/Target/RISCV/MCTargetDesc/RISCVAsmBackend.cpp
315–316	Shouldn't make any functional difference but can we return false instead? Seems more prudent to say we 'shouldn't emit nops' rather than saying we should but the size should be 0?

Incorporated Lewis' suggested fix.

I realized that the use of this in shouldInsertFixupForCodeAlign() doesn't actually check the return value, and with the changes I've made here it means that shouldInsertFixupForCodeAlign() could read uninitialized memory. I've submitted a separate patch to fix that problem (D63285)

edward-jones added a parent revision: D63285: [RISCV] Fix a potential issue in shouldInsertFixupForCodeAlign().Jun 13 2019, 10:37 AM

LGTM, thanks!

This revision is now accepted and ready to land.Jun 18 2019, 3:55 AM

Rebased

Closed by commit rL366176: [RISCV] Avoid overflow when determining number of nops for code align (authored by asb). · Explain WhyJul 15 2019, 9:40 PM

This revision was automatically updated to reflect the committed changes.

Herald added subscribers: lenary, MaskRay. · View Herald TranscriptJul 15 2019, 9:40 PM

Revision Contents

Path

Size

lib/

Target/

RISCV/

MCTargetDesc/

RISCVAsmBackend.cpp

8 lines

test/

MC/

RISCV/

align.s

7 lines

Diff 205555

lib/Target/RISCV/MCTargetDesc/RISCVAsmBackend.cpp

	Show First 20 Lines • Show All 306 Lines • ▼ Show 20 Lines
	bool RISCVAsmBackend::shouldInsertExtraNopBytesForCodeAlign(			bool RISCVAsmBackend::shouldInsertExtraNopBytesForCodeAlign(
	const MCAlignFragment &AF, unsigned &Size) {			const MCAlignFragment &AF, unsigned &Size) {
	// Calculate Nops Size only when linker relaxation enabled.			// Calculate Nops Size only when linker relaxation enabled.
	if (!STI.getFeatureBits()[RISCV::FeatureRelax])			if (!STI.getFeatureBits()[RISCV::FeatureRelax])
	return false;			return false;

	bool HasStdExtC = STI.getFeatureBits()[RISCV::FeatureStdExtC];			bool HasStdExtC = STI.getFeatureBits()[RISCV::FeatureStdExtC];
	unsigned MinNopLen = HasStdExtC ? 2 : 4;			unsigned MinNopLen = HasStdExtC ? 2 : 4;

				if (AF.getAlignment() <= MinNopLen) {
				lewis-revillUnsubmitted Not Done Reply Inline Actions Shouldn't make any functional difference but can we return false instead? Seems more prudent to say we 'shouldn't emit nops' rather than saying we should but the size should be 0? lewis-revill: Shouldn't make any functional difference but can we return false instead? Seems more prudent to…
				return false;
				} else {
	Size = AF.getAlignment() - MinNopLen;			Size = AF.getAlignment() - MinNopLen;
	return true;			return true;
	}			}
				}

	// We need to insert R_RISCV_ALIGN relocation type to indicate the			// We need to insert R_RISCV_ALIGN relocation type to indicate the
	// position of Nops and the total bytes of the Nops have been inserted			// position of Nops and the total bytes of the Nops have been inserted
	// when linker relaxation enabled.			// when linker relaxation enabled.
	// The function insert fixup_riscv_align fixup which eventually will			// The function insert fixup_riscv_align fixup which eventually will
	// transfer to R_RISCV_ALIGN relocation type.			// transfer to R_RISCV_ALIGN relocation type.
	bool RISCVAsmBackend::shouldInsertFixupForCodeAlign(MCAssembler &Asm,			bool RISCVAsmBackend::shouldInsertFixupForCodeAlign(MCAssembler &Asm,
	const MCAsmLayout &Layout,			const MCAsmLayout &Layout,
	Show All 39 Lines

test/MC/RISCV/align.s

	Show First 20 Lines • Show All 84 Lines • ▼ Show 20 Lines
	# RELAX-INST: 01 01			# RELAX-INST: 01 01
	# RELAX-INST: 01 01			# RELAX-INST: 01 01
	# C-EXT-RELAX-RELOC-NOT: R_RISCV_ALIGN - 0xE			# C-EXT-RELAX-RELOC-NOT: R_RISCV_ALIGN - 0xE
	# C-EXT-RELAX-INST: 01 01			# C-EXT-RELAX-INST: 01 01
	# C-EXT-INST: 01 01			# C-EXT-INST: 01 01
	ret			ret
	# NORELAX-RELOC-NOT: R_RISCV			# NORELAX-RELOC-NOT: R_RISCV
	# C-EXT-NORELAX-RELOC-NOT: R_RISCV			# C-EXT-NORELAX-RELOC-NOT: R_RISCV
				# Code alignment of a byte size less than the size of a nop must be treated
				# as no alignment. This used to trigger a fatal error with relaxation enabled
				# as the calculation to emit the worst-case sequence of nops would overflow.
				.p2align 1
				add a0, a0, a1
				.p2align 0
				add a0, a0, a1
	# We only need to insert R_RISCV_ALIGN for code section			# We only need to insert R_RISCV_ALIGN for code section
	# when the linker relaxation enabled.			# when the linker relaxation enabled.
	.data			.data
	.p2align 3			.p2align 3
	# RELAX-RELOC-NOT: R_RISCV_ALIGN			# RELAX-RELOC-NOT: R_RISCV_ALIGN
	# C-EXT-RELAX-RELOC-NOT: R_RISCV_ALIGN			# C-EXT-RELAX-RELOC-NOT: R_RISCV_ALIGN
	data1:			data1:
	.word 7			.word 7
	.p2align 4			.p2align 4
	# RELAX-RELOC-NOT: R_RISCV_ALIGN			# RELAX-RELOC-NOT: R_RISCV_ALIGN
	# C-EXT-RELAX-RELOC-NOT: R_RISCV_ALIGN			# C-EXT-RELAX-RELOC-NOT: R_RISCV_ALIGN
	data2:			data2:
	.word 9			.word 9