This is an archive of the discontinued LLVM Phabricator instance.

Differential D86528

[4/5] [MC] [Win64EH] Fill in FuncletOrFuncEnd if missing
ClosedPublic

Authored by mstorsjo on Aug 25 2020, 4:38 AM.

Details

Reviewers
efriedma
ssijaric
TomTan
Commits
rG20f7773bb4bb: [MC] [Win64EH] Fill in FuncletOrFuncEnd if missing
Summary

This can happen e.g. for code that declare .seh_proc/.seh_endproc in assembly, or for code that use .seh_handlerdata (which triggers the unwind info to be emitted before the end of the function).

The TextSection field must be made non-const to be able to use it with Streamer.SwitchSection().

Diff Detail

Event Timeline

mstorsjo created this revision.Aug 25 2020, 4:38 AM
Herald added a project: Restricted Project. · View Herald TranscriptAug 25 2020, 4:38 AM
Herald added a subscriber: hiraditya. · View Herald Transcript
mstorsjo requested review of this revision.Aug 25 2020, 4:38 AM
mstorsjo added a parent revision: D86527: [3/5] [MC] [Win64EH] Produce well-formed xdata records when info is missing.
mstorsjo added a child revision: D86529: [5/5] [AArch64] Generate and parse SEH assembly directives.Aug 25 2020, 4:43 AM
Harbormaster completed remote builds in B69434: Diff 287630.Aug 25 2020, 5:29 AM
efriedma added inline comments.Aug 25 2020, 1:51 PM
llvm/lib/MC/MCWin64EH.cpp
533

I don't understand why you're dropping the FIXME; clearly, if we're emitting unwind info that doesn't cover anything, something has gone very wrong.

685

It seems like you're setting FuncletOrFuncEnd in too many places; there should be exactly one directive that corresponds to the end of the function, I think.

mstorsjo added inline comments.Aug 26 2020, 1:48 AM
llvm/lib/MC/MCWin64EH.cpp
533

Right, the FIXME indeed should stay, if we still hit that case, even though it's much less probable after this change.

685

There's actually two different codepaths; either in MCStreamer::EmitWinCFIEndProc when running into .seh_endproc`, or in ARM64UnwindEmitter::EmitUnwindInfo when .seh_handlerdata forces emitting it while halfway through the function. But this one can be left out, as far as I see with the cases I have in mind.

The case with .seh_handlerdata is tricky, because it forces writing the xdata entry possibly before the full function has been generated. On x86 this is not an issue, because the xdata entry doesn't contain the full function length but that's referenced in the .pdata via relocations to the function start/end. But on arm, the xdata entry needs to know the full length. So for cases with .seh_handlerdata, we can place FuncletOrFuncEnd at the place where we are, and hope that it covers the parts of the function that unwinding will occur in.

mstorsjo updated this revision to Diff 287867.Aug 26 2020, 1:49 AM

Wrote a bit longer comment explaining the issue with potentially truncated function length on .seh_handlerdata, left out the redundant place for filling in FuncletOrFuncEnd, and kept the fixme comment.

efriedma added inline comments.Aug 26 2020, 5:26 PM
llvm/lib/MC/MCWin64EH.cpp
714

Instead of checking Streamer.getCurrentSectionOnly() == info->TextSection, can we just Streamer.SwitchSection(info->TextSection)?

mstorsjo added inline comments.Aug 26 2020, 10:59 PM
llvm/lib/MC/MCWin64EH.cpp
714

Oh, yeah I guess that'd work just as well.

mstorsjo mentioned this in D86527: [3/5] [MC] [Win64EH] Produce well-formed xdata records when info is missing.Aug 27 2020, 12:26 AM
mstorsjo updated this revision to Diff 288216.Aug 27 2020, 12:42 AM
mstorsjo edited the summary of this revision. (Show Details)

Using SwitchSection() to always emit the label if missing. Had to make TextSection non-const to be able to use it with SwitchSection().

mstorsjo updated this revision to Diff 288270.Aug 27 2020, 4:23 AM

Updated the testcase after the new version of 3/5.

efriedma added inline comments.Aug 27 2020, 2:09 PM
llvm/lib/MC/MCStreamer.cpp
696

Instead of setting FuncletOrFuncEnd here, should we be calling EmitWinCFIFuncletOrFuncEnd somewhere?

llvm/lib/MC/MCWin64EH.cpp
531

With the other changes in this patch, is it still possible for FuncletOrFuncEnd to be null?

mstorsjo added inline comments.Aug 27 2020, 11:46 PM
llvm/lib/MC/MCStreamer.cpp
696

I don't think so. EmitWinCFIEndProc is essentially called from two places; either from lib/CodeGen/AsmPrinter/WinException.cpp, which also does call EmitWinCFIFuncletOrFuncEnd properly, so there it shouldn't be possible to reach EndProc without FuncletOrFuncEnd being set. The only other case is MC/MCParser/COFFAsmParser.cpp, which has a 1:1 mapping between directives and calling these methods.

llvm/lib/MC/MCWin64EH.cpp
531

Ah, right, yes, it shouldn't be possible. Even if we'd trigger .seh_handlerdata immediately, we would have a FuncletOrFuncEnd symbol (with a zero distance from the start), and we'd skip writing this due to it being empty anyway. So we should be able to make this a report_fatal_error, as it shouldn't be triggerable even with specially crafted input.

mstorsjo updated this revision to Diff 288536.Aug 27 2020, 11:51 PM
mstorsjo edited the summary of this revision. (Show Details)

Made a missing FuncletOrFuncEnd a hard error.

efriedma accepted this revision.Aug 28 2020, 4:27 PM

LGTM

This revision is now accepted and ready to land.Aug 28 2020, 4:27 PM
Herald added a subscriber: danielkiss. · View Herald TranscriptAug 28 2020, 4:27 PM
Closed by commit rG20f7773bb4bb: [MC] [Win64EH] Fill in FuncletOrFuncEnd if missing (authored by mstorsjo). · Explain WhyAug 29 2020, 5:16 AM
This revision was automatically updated to reflect the committed changes.
mstorsjo added a commit: rG20f7773bb4bb: [MC] [Win64EH] Fill in FuncletOrFuncEnd if missing.

Revision Contents

PathSize
llvm/
include/
llvm/
MC/
2 lines
lib/
MC/
2 lines
14 lines
test/
MC/
AArch64/
6 lines

Diff 288270

llvm/include/llvm/MC/MCWinEH.h

Show All 30 Lines
struct FrameInfo { struct FrameInfo {
const MCSymbol *Begin = nullptr; const MCSymbol *Begin = nullptr;
const MCSymbol *End = nullptr; const MCSymbol *End = nullptr;
const MCSymbol *FuncletOrFuncEnd = nullptr; const MCSymbol *FuncletOrFuncEnd = nullptr;
const MCSymbol *ExceptionHandler = nullptr; const MCSymbol *ExceptionHandler = nullptr;
const MCSymbol *Function = nullptr; const MCSymbol *Function = nullptr;
const MCSymbol *PrologEnd = nullptr; const MCSymbol *PrologEnd = nullptr;
const MCSymbol *Symbol = nullptr; const MCSymbol *Symbol = nullptr;
const MCSection *TextSection = nullptr; MCSection *TextSection = nullptr;
bool HandlesUnwind = false; bool HandlesUnwind = false;
bool HandlesExceptions = false; bool HandlesExceptions = false;
bool EmitAttempted = false; bool EmitAttempted = false;
int LastFrameInst = -1; int LastFrameInst = -1;
const FrameInfo *ChainedParent = nullptr; const FrameInfo *ChainedParent = nullptr;
std::vector<Instruction> Instructions; std::vector<Instruction> Instructions;
Show All 32 Lines

llvm/lib/MC/MCStreamer.cpp

Show First 20 LinesShow All 686 Lines▼ Show 20 Linesvoid MCStreamer::EmitWinCFIEndProc(SMLoc Loc) {
WinEH::FrameInfo *CurFrame = EnsureValidWinFrameInfo(Loc); WinEH::FrameInfo *CurFrame = EnsureValidWinFrameInfo(Loc);
if (!CurFrame) if (!CurFrame)
return; return;
if (CurFrame->ChainedParent) if (CurFrame->ChainedParent)
getContext().reportError(Loc, "Not all chained regions terminated!"); getContext().reportError(Loc, "Not all chained regions terminated!");
MCSymbol *Label = emitCFILabel(); MCSymbol *Label = emitCFILabel();
CurFrame->End = Label; CurFrame->End = Label;
if (!CurFrame->FuncletOrFuncEnd)
CurFrame->FuncletOrFuncEnd = CurFrame->End;
efriedmaUnsubmitted
Not Done
ReplyInline Actions

Instead of setting FuncletOrFuncEnd here, should we be calling EmitWinCFIFuncletOrFuncEnd somewhere?

efriedma: Instead of setting FuncletOrFuncEnd here, should we be calling EmitWinCFIFuncletOrFuncEnd…
mstorsjoAuthorUnsubmitted
Done
ReplyInline Actions

I don't think so. EmitWinCFIEndProc is essentially called from two places; either from lib/CodeGen/AsmPrinter/WinException.cpp, which also does call EmitWinCFIFuncletOrFuncEnd properly, so there it shouldn't be possible to reach EndProc without FuncletOrFuncEnd being set. The only other case is MC/MCParser/COFFAsmParser.cpp, which has a 1:1 mapping between directives and calling these methods.

mstorsjo: I don't think so. EmitWinCFIEndProc is essentially called from two places; either from…
} }
void MCStreamer::EmitWinCFIFuncletOrFuncEnd(SMLoc Loc) { void MCStreamer::EmitWinCFIFuncletOrFuncEnd(SMLoc Loc) {
WinEH::FrameInfo *CurFrame = EnsureValidWinFrameInfo(Loc); WinEH::FrameInfo *CurFrame = EnsureValidWinFrameInfo(Loc);
if (!CurFrame) if (!CurFrame)
return; return;
if (CurFrame->ChainedParent) if (CurFrame->ChainedParent)
getContext().reportError(Loc, "Not all chained regions terminated!"); getContext().reportError(Loc, "Not all chained regions terminated!");
▲ Show 20 LinesShow All 552 LinesShow Last 20 Lines

llvm/lib/MC/MCWin64EH.cpp

Show First 20 LinesShow All 520 Lines▼ Show 20 Linesstatic void ARM64EmitUnwindInfo(MCStreamer &streamer, WinEH::FrameInfo *info) {
streamer.emitValueToAlignment(4); streamer.emitValueToAlignment(4);
streamer.emitLabel(Label); streamer.emitLabel(Label);
info->Symbol = Label; info->Symbol = Label;
int64_t RawFuncLength; int64_t RawFuncLength;
if (!info->FuncletOrFuncEnd) { if (!info->FuncletOrFuncEnd) {
// FIXME: This is very wrong; we emit SEH data which covers zero bytes // FIXME: This is very wrong; we emit SEH data which covers zero bytes
// of code. But otherwise test/MC/AArch64/seh.s crashes. // of code.
// This can happen if unwind info is forced to be generated (with a
// .seh_handlerdata directive) directly after the start of the function.
efriedmaUnsubmitted
Not Done
ReplyInline Actions

With the other changes in this patch, is it still possible for FuncletOrFuncEnd to be null?

efriedma: With the other changes in this patch, is it still possible for FuncletOrFuncEnd to be null?
mstorsjoAuthorUnsubmitted
Done
ReplyInline Actions

Ah, right, yes, it shouldn't be possible. Even if we'd trigger .seh_handlerdata immediately, we would have a FuncletOrFuncEnd symbol (with a zero distance from the start), and we'd skip writing this due to it being empty anyway. So we should be able to make this a report_fatal_error, as it shouldn't be triggerable even with specially crafted input.

mstorsjo: Ah, right, yes, it shouldn't be possible. Even if we'd trigger `.seh_handlerdata` immediately…
RawFuncLength = 0; RawFuncLength = 0;
} else { } else {
efriedmaUnsubmitted
Not Done
ReplyInline Actions

I don't understand why you're dropping the FIXME; clearly, if we're emitting unwind info that doesn't cover anything, something has gone very wrong.

efriedma: I don't understand why you're dropping the FIXME; clearly, if we're emitting unwind info that…
mstorsjoAuthorUnsubmitted
Done
ReplyInline Actions

Right, the FIXME indeed should stay, if we still hit that case, even though it's much less probable after this change.

mstorsjo: Right, the FIXME indeed should stay, if we still hit that case, even though it's much less…
// FIXME: GetAbsDifference tries to compute the length of the function // FIXME: GetAbsDifference tries to compute the length of the function
// immediately, before the whole file is emitted, but in general // immediately, before the whole file is emitted, but in general
// that's impossible: the size in bytes of certain assembler directives // that's impossible: the size in bytes of certain assembler directives
// like .align and .fill is not known until the whole file is parsed and // like .align and .fill is not known until the whole file is parsed and
// relaxations are applied. Currently, GetAbsDifference fails with a fatal // relaxations are applied. Currently, GetAbsDifference fails with a fatal
// error in that case. (We mostly don't hit this because inline assembly // error in that case. (We mostly don't hit this because inline assembly
// specifying those directives is rare, and we don't normally try to // specifying those directives is rare, and we don't normally try to
// align loops on AArch64.) // align loops on AArch64.)
▲ Show 20 LinesShow All 135 Lines▼ Show 20 Lines streamer.emitValue(MCSymbolRefExpr::create(info->Symbol,
4); 4);
} }
void llvm::Win64EH::ARM64UnwindEmitter::Emit(MCStreamer &Streamer) const { void llvm::Win64EH::ARM64UnwindEmitter::Emit(MCStreamer &Streamer) const {
// Emit the unwind info structs first. // Emit the unwind info structs first.
for (const auto &CFI : Streamer.getWinFrameInfos()) { for (const auto &CFI : Streamer.getWinFrameInfos()) {
WinEH::FrameInfo *Info = CFI.get(); WinEH::FrameInfo *Info = CFI.get();
if (Info->empty()) if (Info->empty())
continue; continue;
efriedmaUnsubmitted
Not Done
ReplyInline Actions

It seems like you're setting FuncletOrFuncEnd in too many places; there should be exactly one directive that corresponds to the end of the function, I think.

efriedma: It seems like you're setting FuncletOrFuncEnd in too many places; there should be exactly one…
mstorsjoAuthorUnsubmitted
Done
ReplyInline Actions

There's actually two different codepaths; either in MCStreamer::EmitWinCFIEndProc when running into .seh_endproc`, or in ARM64UnwindEmitter::EmitUnwindInfo when .seh_handlerdata forces emitting it while halfway through the function. But this one can be left out, as far as I see with the cases I have in mind.

The case with .seh_handlerdata is tricky, because it forces writing the xdata entry possibly before the full function has been generated. On x86 this is not an issue, because the xdata entry doesn't contain the full function length but that's referenced in the .pdata via relocations to the function start/end. But on arm, the xdata entry needs to know the full length. So for cases with .seh_handlerdata, we can place FuncletOrFuncEnd at the place where we are, and hope that it covers the parts of the function that unwinding will occur in.

mstorsjo: There's actually two different codepaths; either in `MCStreamer::EmitWinCFIEndProc when running…
MCSection *XData = Streamer.getAssociatedXDataSection(CFI->TextSection); MCSection *XData = Streamer.getAssociatedXDataSection(CFI->TextSection);
Streamer.SwitchSection(XData); Streamer.SwitchSection(XData);
ARM64EmitUnwindInfo(Streamer, Info); ARM64EmitUnwindInfo(Streamer, Info);
} }
// Now emit RUNTIME_FUNCTION entries. // Now emit RUNTIME_FUNCTION entries.
for (const auto &CFI : Streamer.getWinFrameInfos()) { for (const auto &CFI : Streamer.getWinFrameInfos()) {
WinEH::FrameInfo *Info = CFI.get(); WinEH::FrameInfo *Info = CFI.get();
// ARM64EmitUnwindInfo above clears the info struct, so we can't check // ARM64EmitUnwindInfo above clears the info struct, so we can't check
// empty here. But if a Symbol is set, we should create the corresponding // empty here. But if a Symbol is set, we should create the corresponding
// pdata entry. // pdata entry.
if (!Info->Symbol) if (!Info->Symbol)
continue; continue;
MCSection *PData = Streamer.getAssociatedPDataSection(CFI->TextSection); MCSection *PData = Streamer.getAssociatedPDataSection(CFI->TextSection);
Streamer.SwitchSection(PData); Streamer.SwitchSection(PData);
ARM64EmitRuntimeFunction(Streamer, Info); ARM64EmitRuntimeFunction(Streamer, Info);
} }
} }
void llvm::Win64EH::ARM64UnwindEmitter::EmitUnwindInfo( void llvm::Win64EH::ARM64UnwindEmitter::EmitUnwindInfo(
MCStreamer &Streamer, WinEH::FrameInfo *info) const { MCStreamer &Streamer, WinEH::FrameInfo *info) const {
// Called if there's an .seh_handlerdata directive before the end of the
// function. This forces writing the xdata record already here - and
// in this case, the function isn't actually ended already, but the xdata
// record needs to know the function length. In these cases, if the funclet
// end hasn't been marked yet, the xdata function length won't cover the
// whole function, only up to this point.
if (!info->FuncletOrFuncEnd) {
Streamer.SwitchSection(info->TextSection);
efriedmaUnsubmitted
Not Done
ReplyInline Actions

Instead of checking Streamer.getCurrentSectionOnly() == info->TextSection, can we just Streamer.SwitchSection(info->TextSection)?

efriedma: Instead of checking `Streamer.getCurrentSectionOnly() == info->TextSection`, can we just…
mstorsjoAuthorUnsubmitted
Done
ReplyInline Actions

Oh, yeah I guess that'd work just as well.

mstorsjo: Oh, yeah I guess that'd work just as well.
info->FuncletOrFuncEnd = Streamer.emitCFILabel();
}
// Switch sections (the static function above is meant to be called from // Switch sections (the static function above is meant to be called from
// here and from Emit(). // here and from Emit().
MCSection *XData = Streamer.getAssociatedXDataSection(info->TextSection); MCSection *XData = Streamer.getAssociatedXDataSection(info->TextSection);
Streamer.SwitchSection(XData); Streamer.SwitchSection(XData);
ARM64EmitUnwindInfo(Streamer, info); ARM64EmitUnwindInfo(Streamer, info);
} }

llvm/test/MC/AArch64/seh.s

Show All 40 Lines
// CHECK-NEXT: 0x8 IMAGE_REL_ARM64_ADDR32NB __C_specific_handler // CHECK-NEXT: 0x8 IMAGE_REL_ARM64_ADDR32NB __C_specific_handler
// CHECK-NEXT: } // CHECK-NEXT: }
// CHECK-NEXT: Section (5) .pdata { // CHECK-NEXT: Section (5) .pdata {
// CHECK-NEXT: 0x0 IMAGE_REL_ARM64_ADDR32NB func // CHECK-NEXT: 0x0 IMAGE_REL_ARM64_ADDR32NB func
// CHECK-NEXT: 0x4 IMAGE_REL_ARM64_ADDR32NB .xdata // CHECK-NEXT: 0x4 IMAGE_REL_ARM64_ADDR32NB .xdata
// CHECK-NEXT: } // CHECK-NEXT: }
// CHECK-NEXT: ] // CHECK-NEXT: ]
// CHECK-NEXT: UnwindInformation [
// CHECK-NEXT: RuntimeFunction {
// CHECK-NEXT: Function: func
// CHECK-NEXT: ExceptionRecord: .xdata
// CHECK-NEXT: ExceptionData {
// CHECK-NEXT: FunctionLength: 8
.text .text
.globl func .globl func
.def func .def func
.scl 2 .scl 2
.type 32 .type 32
.endef .endef
.seh_proc func .seh_proc func
▲ Show 20 LinesShow All 42 LinesShow Last 20 Lines