This is an archive of the discontinued LLVM Phabricator instance.

Paths

Table of Contentst

-
lld/
-
test/wasm/
-
wasm/
2/3
data-segments.ll
-
wasm/
-
SyntheticSections.h
-
SyntheticSections.cpp
1/2
Writer.cpp

Differential D80354

[lld][WebAssembly] Do not emit initialization for .bss segments
ClosedPublic

Authored by tlively on May 20 2020, 8:38 PM.

Download Raw Diff

Details

Reviewers

sbc100

Commits

rGd851fce4cb23: [lld][WebAssembly] Do not emit initialization for .bss segments

Summary

This patch fixes a bug where initialization code for .bss segments was
emitted in the memory initialization function even though the .bss
segments were discounted in the datacount section and omitted in the
data section. This was producing invalid binaries due to out-of-bounds
segment indices on the memory.init and data.drop instructions that
were trying to operate on the nonexistent .bss segments.

Diff Detail

Repository: rG LLVM Github Monorepo

Event Timeline

tlively created this revision.May 20 2020, 8:38 PM

Herald added a project: Restricted Project. · View Herald TranscriptMay 20 2020, 8:38 PM

Herald added subscribers: llvm-commits, sunfish, aheejin and 2 others. · View Herald Transcript

tlively marked an inline comment as done.May 20 2020, 8:43 PM

tlively added inline comments.

lld/test/wasm/data-segments.ll
65	There used to be 3 data.drop (FC09) instructions at the end, but now you can see that there are only two, as expected.

sbc100 added inline comments.May 20 2020, 8:55 PM

lld/test/wasm/data-segments.ll
65	So we doulbly dropping a segment before?
lld/wasm/Writer.cpp
832	So was the crash was happening when there was only a bss segment? And somehow having more than one segment was masking the crash? Should we add a specific test case for that? An example that would have previously caused and invalid binary would be good. I'm stil now clear why we didn't see this is more of our emscripten test cases,

Harbormaster completed remote builds in B57477: Diff 265413.May 20 2020, 10:01 PM

tlively marked 2 inline comments as done.May 21 2020, 10:49 AM

tlively added inline comments.

lld/test/wasm/data-segments.ll
65	No, the previous dropping code was "FC0900FC0901FC0902", so it was trying to drop segments 0, 1, and 2. But segment 2 did not exist, so this test was previously producing an invalid binary.
lld/wasm/Writer.cpp
832	The crash was happening when there were any bss segments and the memory was exported, since .bss segments are not `isBss` if the memory is imported. That's why we never saw this in Emscripten. The existing test case was already invalid, so I don't think we need another one.

LGTM!

Its shame we don't have a validator here in llvm to checkout the linker output!

This revision was not accepted when it landed; it landed in state Needs Review.May 21 2020, 11:54 AM

Closed by commit rGd851fce4cb23: [lld][WebAssembly] Do not emit initialization for .bss segments (authored by tlively). · Explain Why

This revision was automatically updated to reflect the committed changes.

Revision Contents

Path

Size

lld/

test/

wasm/

data-segments.ll

5 lines

wasm/

SyntheticSections.h

8 lines

SyntheticSections.cpp

2 lines

Writer.cpp

23 lines

Diff 265563

lld/test/wasm/data-segments.ll

	Show First 20 Lines • Show All 46 Lines • ▼ Show 20 Lines
	; ACTIVE-NEXT: - Type: CUSTOM			; ACTIVE-NEXT: - Type: CUSTOM
	; ACTIVE-NEXT: Name: name			; ACTIVE-NEXT: Name: name
	; ACTIVE-NEXT: FunctionNames:			; ACTIVE-NEXT: FunctionNames:
	; ACTIVE-NEXT: - Index: 0			; ACTIVE-NEXT: - Index: 0
	; ACTIVE-NEXT: Name: __wasm_call_ctors			; ACTIVE-NEXT: Name: __wasm_call_ctors

	; PASSIVE-LABEL: - Type: START			; PASSIVE-LABEL: - Type: START
	; PASSIVE-NEXT: StartFunction: 1			; PASSIVE-NEXT: StartFunction: 1
				; PASSIVE-LABEL: - Type: DATACOUNT
				; PASSIVE-NEXT: Count: 2
	; PASSIVE-LABEL: - Type: CODE			; PASSIVE-LABEL: - Type: CODE
	; PASSIVE-NEXT: Functions:			; PASSIVE-NEXT: Functions:
	; PASSIVE-NEXT: - Index: 0			; PASSIVE-NEXT: - Index: 0
	; PASSIVE-NEXT: Locals: []			; PASSIVE-NEXT: Locals: []
	; PASSIVE-NEXT: Body: 0B			; PASSIVE-NEXT: Body: 0B
	; PASSIVE-NEXT: - Index: 1			; PASSIVE-NEXT: - Index: 1
	; PASSIVE-NEXT: Locals: []			; PASSIVE-NEXT: Locals: []
	; PASSIVE-NEXT: Body: 41B4D60041004101FE480200044041B4D6004101427FFE0102001A054180084100410DFC08000041900841004114FC08010041A40841004190CE00FC08020041B4D6004102FE17020041B4D600417FFE0002001A0BFC0900FC0901FC09020B			; PASSIVE-NEXT: Body: 41B4D60041004101FE480200044041B4D6004101427FFE0102001A054180084100410DFC08000041900841004114FC08010041B4D6004102FE17020041B4D600417FFE0002001A0BFC0900FC09010B

				tlivelyAuthorUnsubmitted Done Reply Inline Actions There used to be 3 data.drop (FC09) instructions at the end, but now you can see that there are only two, as expected. tlively: There used to be 3 data.drop (FC09) instructions at the end, but now you can see that there are…
				sbc100Unsubmitted Not Done Reply Inline Actions So we doulbly dropping a segment before? sbc100: So we doulbly dropping a segment before?
				tlivelyAuthorUnsubmitted Done Reply Inline Actions No, the previous dropping code was "FC0900FC0901FC0902", so it was trying to drop segments 0, 1, and 2. But segment 2 did not exist, so this test was previously producing an invalid binary. tlively: No, the previous dropping code was "FC0900FC0901FC0902", so it was trying to drop…
	; PASSIVE-NEXT: - Index: 2			; PASSIVE-NEXT: - Index: 2
	; PASSIVE-NEXT: Locals: []			; PASSIVE-NEXT: Locals: []
	; PASSIVE-NEXT: Body: 0B			; PASSIVE-NEXT: Body: 0B
	; PASSIVE-NEXT: - Type: DATA			; PASSIVE-NEXT: - Type: DATA
	; PASSIVE-NEXT: Segments:			; PASSIVE-NEXT: Segments:
	; PASSIVE-NEXT: - SectionOffset: 3			; PASSIVE-NEXT: - SectionOffset: 3
	; PASSIVE-NEXT: InitFlags: 1			; PASSIVE-NEXT: InitFlags: 1
	; PASSIVE-NEXT: Content: 636F6E7374616E74000000002B			; PASSIVE-NEXT: Content: 636F6E7374616E74000000002B
	Show All 12 Lines

lld/wasm/SyntheticSections.h

Show First 20 Lines • Show All 219 Lines • ▼ Show 20 Lines	public:
bool isNeeded() const override { return exports.size() > 0; }		bool isNeeded() const override { return exports.size() > 0; }
void writeBody() override;		void writeBody() override;

std::vector<llvm::wasm::WasmExport> exports;		std::vector<llvm::wasm::WasmExport> exports;
};		};

class StartSection : public SyntheticSection {		class StartSection : public SyntheticSection {
public:		public:
StartSection(uint32_t numSegments)		StartSection(bool hasInitializedSegments)
: SyntheticSection(llvm::wasm::WASM_SEC_START), numSegments(numSegments) {		: SyntheticSection(llvm::wasm::WASM_SEC_START),
}		hasInitializedSegments(hasInitializedSegments) {}
bool isNeeded() const override;		bool isNeeded() const override;
void writeBody() override;		void writeBody() override;

protected:		protected:
uint32_t numSegments;		bool hasInitializedSegments;
};		};

class ElemSection : public SyntheticSection {		class ElemSection : public SyntheticSection {
public:		public:
ElemSection()		ElemSection()
: SyntheticSection(llvm::wasm::WASM_SEC_ELEM) {}		: SyntheticSection(llvm::wasm::WASM_SEC_ELEM) {}
bool isNeeded() const override { return indirectFunctions.size() > 0; };		bool isNeeded() const override { return indirectFunctions.size() > 0; };
void writeBody() override;		void writeBody() override;
▲ Show 20 Lines • Show All 118 Lines • Show Last 20 Lines

lld/wasm/SyntheticSections.cpp

Show First 20 Lines • Show All 320 Lines • ▼ Show 20 Lines	void ExportSection::writeBody() {
raw_ostream &os = bodyOutputStream;		raw_ostream &os = bodyOutputStream;

writeUleb128(os, exports.size(), "export count");		writeUleb128(os, exports.size(), "export count");
for (const WasmExport &export_ : exports)		for (const WasmExport &export_ : exports)
writeExport(os, export_);		writeExport(os, export_);
}		}

bool StartSection::isNeeded() const {		bool StartSection::isNeeded() const {
return !config->relocatable && numSegments && config->sharedMemory;		return !config->relocatable && hasInitializedSegments && config->sharedMemory;
}		}

void StartSection::writeBody() {		void StartSection::writeBody() {
raw_ostream &os = bodyOutputStream;		raw_ostream &os = bodyOutputStream;
writeUleb128(os, WasmSym::initMemory->getFunctionIndex(), "function index");		writeUleb128(os, WasmSym::initMemory->getFunctionIndex(), "function index");
}		}

void ElemSection::addEntry(FunctionSymbol *sym) {		void ElemSection::addEntry(FunctionSymbol *sym) {
▲ Show 20 Lines • Show All 245 Lines • Show Last 20 Lines

lld/wasm/Writer.cpp

Show First 20 Lines • Show All 48 Lines • ▼ Show 20 Lines
// The writer writes a SymbolTable result to a file.		// The writer writes a SymbolTable result to a file.
class Writer {		class Writer {
public:		public:
void run();		void run();

private:		private:
void openFile();		void openFile();

		bool needsPassiveInitialization(const OutputSegment *segment);
		bool hasPassiveInitializedSegments();

void createInitMemoryFunction();		void createInitMemoryFunction();
void createApplyRelocationsFunction();		void createApplyRelocationsFunction();
void createCallCtorsFunction();		void createCallCtorsFunction();
void createInitTLSFunction();		void createInitTLSFunction();

void assignIndexes();		void assignIndexes();
void populateSymtab();		void populateSymtab();
void populateProducers();		void populateProducers();
▲ Show 20 Lines • Show All 659 Lines • ▼ Show 20 Lines	std::string functionBody;
raw_string_ostream os(functionBody);		raw_string_ostream os(functionBody);
writeUleb128(os, bodyContent.size(), "function size");		writeUleb128(os, bodyContent.size(), "function size");
os << bodyContent;		os << bodyContent;
}		}
ArrayRef<uint8_t> body = arrayRefFromStringRef(saver.save(functionBody));		ArrayRef<uint8_t> body = arrayRefFromStringRef(saver.save(functionBody));
cast<SyntheticFunction>(func->function)->setBody(body);		cast<SyntheticFunction>(func->function)->setBody(body);
}		}

		bool Writer::needsPassiveInitialization(const OutputSegment *segment) {
		return segment->initFlags & WASM_SEGMENT_IS_PASSIVE &&
		segment->name != ".tdata" && !segment->isBss;
		}

		bool Writer::hasPassiveInitializedSegments() {
		return std::find_if(segments.begin(), segments.end(),
		[this](const OutputSegment *s) {
		return this->needsPassiveInitialization(s);
		}) != segments.end();
		}

void Writer::createInitMemoryFunction() {		void Writer::createInitMemoryFunction() {
LLVM_DEBUG(dbgs() << "createInitMemoryFunction\n");		LLVM_DEBUG(dbgs() << "createInitMemoryFunction\n");
assert(WasmSym::initMemoryFlag);		assert(WasmSym::initMemoryFlag);
uint32_t flagAddress = WasmSym::initMemoryFlag->getVirtualAddress();		uint32_t flagAddress = WasmSym::initMemoryFlag->getVirtualAddress();
std::string bodyContent;		std::string bodyContent;
{		{
raw_string_ostream os(bodyContent);		raw_string_ostream os(bodyContent);
writeUleb128(os, 0, "num locals");		writeUleb128(os, 0, "num locals");

if (segments.size()) {		if (hasPassiveInitializedSegments()) {
// Initialize memory in a thread-safe manner. The thread that successfully		// Initialize memory in a thread-safe manner. The thread that successfully
// increments the flag from 0 to 1 is is responsible for performing the		// increments the flag from 0 to 1 is is responsible for performing the
// memory initialization. Other threads go sleep on the flag until the		// memory initialization. Other threads go sleep on the flag until the
// first thread finishing initializing memory, increments the flag to 2,		// first thread finishing initializing memory, increments the flag to 2,
// and wakes all the other threads. Once the flag has been set to 2,		// and wakes all the other threads. Once the flag has been set to 2,
// subsequently started threads will skip the sleep. All threads		// subsequently started threads will skip the sleep. All threads
// unconditionally drop their passive data segments once memory has been		// unconditionally drop their passive data segments once memory has been
// initialized. The generated code is as follows:		// initialized. The generated code is as follows:
▲ Show 20 Lines • Show All 49 Lines • ▼ Show 20 Lines	if (hasPassiveInitializedSegments()) {
writeUleb128(os, WASM_OPCODE_I32_ATOMIC_WAIT, "i32.atomic.wait");		writeUleb128(os, WASM_OPCODE_I32_ATOMIC_WAIT, "i32.atomic.wait");
writeMemArg(os, 2, 0);		writeMemArg(os, 2, 0);
writeU8(os, WASM_OPCODE_DROP, "drop");		writeU8(os, WASM_OPCODE_DROP, "drop");

writeU8(os, WASM_OPCODE_ELSE, "ELSE");		writeU8(os, WASM_OPCODE_ELSE, "ELSE");

// Did increment 0, so conditionally initialize passive data segments		// Did increment 0, so conditionally initialize passive data segments
for (const OutputSegment *s : segments) {		for (const OutputSegment *s : segments) {
if (s->initFlags & WASM_SEGMENT_IS_PASSIVE && s->name != ".tdata") {		if (needsPassiveInitialization(s)) {
// destination address		// destination address
writeI32Const(os, s->startVA, "destination address");		writeI32Const(os, s->startVA, "destination address");
// source segment offset		// source segment offset
writeI32Const(os, 0, "segment offset");		writeI32Const(os, 0, "segment offset");
// memory region size		// memory region size
writeI32Const(os, s->size, "memory region size");		writeI32Const(os, s->size, "memory region size");
// memory.init instruction		// memory.init instruction
writeU8(os, WASM_OPCODE_MISC_PREFIX, "bulk-memory prefix");		writeU8(os, WASM_OPCODE_MISC_PREFIX, "bulk-memory prefix");
writeUleb128(os, WASM_OPCODE_MEMORY_INIT, "memory.init");		writeUleb128(os, WASM_OPCODE_MEMORY_INIT, "memory.init");
writeUleb128(os, s->index, "segment index immediate");		writeUleb128(os, s->index, "segment index immediate");
		sbc100Unsubmitted Not Done Reply Inline Actions So was the crash was happening when there was only a bss segment? And somehow having more than one segment was masking the crash? Should we add a specific test case for that? An example that would have previously caused and invalid binary would be good. I'm stil now clear why we didn't see this is more of our emscripten test cases, sbc100: So was the crash was happening when there was only a bss segment? And somehow having more than…
		tlivelyAuthorUnsubmitted Done Reply Inline Actions The crash was happening when there were any bss segments and the memory was exported, since .bss segments are not `isBss` if the memory is imported. That's why we never saw this in Emscripten. The existing test case was already invalid, so I don't think we need another one. tlively: The crash was happening when there were any bss segments and the memory was exported, since .
writeU8(os, 0, "memory index immediate");		writeU8(os, 0, "memory index immediate");
}		}
}		}

// Set flag to 2 to mark end of initialization		// Set flag to 2 to mark end of initialization
writeI32Const(os, flagAddress, "flag address");		writeI32Const(os, flagAddress, "flag address");
writeI32Const(os, 2, "flag value");		writeI32Const(os, 2, "flag value");
writeU8(os, WASM_OPCODE_ATOMICS_PREFIX, "atomics prefix");		writeU8(os, WASM_OPCODE_ATOMICS_PREFIX, "atomics prefix");
writeUleb128(os, WASM_OPCODE_I32_ATOMIC_STORE, "i32.atomic.store");		writeUleb128(os, WASM_OPCODE_I32_ATOMIC_STORE, "i32.atomic.store");
writeMemArg(os, 2, 0);		writeMemArg(os, 2, 0);

// Notify any waiters that memory initialization is complete		// Notify any waiters that memory initialization is complete
writeI32Const(os, flagAddress, "flag address");		writeI32Const(os, flagAddress, "flag address");
writeI32Const(os, -1, "number of waiters");		writeI32Const(os, -1, "number of waiters");
writeU8(os, WASM_OPCODE_ATOMICS_PREFIX, "atomics prefix");		writeU8(os, WASM_OPCODE_ATOMICS_PREFIX, "atomics prefix");
writeUleb128(os, WASM_OPCODE_ATOMIC_NOTIFY, "atomic.notify");		writeUleb128(os, WASM_OPCODE_ATOMIC_NOTIFY, "atomic.notify");
writeMemArg(os, 2, 0);		writeMemArg(os, 2, 0);
writeU8(os, WASM_OPCODE_DROP, "drop");		writeU8(os, WASM_OPCODE_DROP, "drop");

writeU8(os, WASM_OPCODE_END, "END");		writeU8(os, WASM_OPCODE_END, "END");

// Unconditionally drop passive data segments		// Unconditionally drop passive data segments
for (const OutputSegment *s : segments) {		for (const OutputSegment *s : segments) {
if (s->initFlags & WASM_SEGMENT_IS_PASSIVE && s->name != ".tdata") {		if (needsPassiveInitialization(s)) {
// data.drop instruction		// data.drop instruction
writeU8(os, WASM_OPCODE_MISC_PREFIX, "bulk-memory prefix");		writeU8(os, WASM_OPCODE_MISC_PREFIX, "bulk-memory prefix");
writeUleb128(os, WASM_OPCODE_DATA_DROP, "data.drop");		writeUleb128(os, WASM_OPCODE_DATA_DROP, "data.drop");
writeUleb128(os, s->index, "segment index immediate");		writeUleb128(os, s->index, "segment index immediate");
}		}
}		}
}		}
writeU8(os, WASM_OPCODE_END, "END");		writeU8(os, WASM_OPCODE_END, "END");
▲ Show 20 Lines • Show All 128 Lines • ▼ Show 20 Lines	void Writer::createSyntheticSections() {
out.typeSec = make<TypeSection>();		out.typeSec = make<TypeSection>();
out.importSec = make<ImportSection>();		out.importSec = make<ImportSection>();
out.functionSec = make<FunctionSection>();		out.functionSec = make<FunctionSection>();
out.tableSec = make<TableSection>();		out.tableSec = make<TableSection>();
out.memorySec = make<MemorySection>();		out.memorySec = make<MemorySection>();
out.eventSec = make<EventSection>();		out.eventSec = make<EventSection>();
out.globalSec = make<GlobalSection>();		out.globalSec = make<GlobalSection>();
out.exportSec = make<ExportSection>();		out.exportSec = make<ExportSection>();
out.startSec = make<StartSection>(segments.size());		out.startSec = make<StartSection>(hasPassiveInitializedSegments());
out.elemSec = make<ElemSection>();		out.elemSec = make<ElemSection>();
out.dataCountSec = make<DataCountSection>(segments);		out.dataCountSec = make<DataCountSection>(segments);
out.linkingSec = make<LinkingSection>(initFunctions, segments);		out.linkingSec = make<LinkingSection>(initFunctions, segments);
out.nameSec = make<NameSection>();		out.nameSec = make<NameSection>();
out.producersSec = make<ProducersSection>();		out.producersSec = make<ProducersSection>();
out.targetFeaturesSec = make<TargetFeaturesSection>();		out.targetFeaturesSec = make<TargetFeaturesSection>();
}		}

▲ Show 20 Lines • Show All 124 Lines • Show Last 20 Lines