This is an archive of the discontinued LLVM Phabricator instance.

Differential D91965

Revert "[X86] Produce R_X86_64_GOTPCRELX for test/binop instructions (MOV32rm/TEST32rm/...) when -Wa,-mrelax-relocations=yes is enabled"
AbandonedPublic

Authored by MaskRay on Nov 23 2020, 7:06 AM.

Details

Reviewers
craig.topper
espindola
sberg
Summary

After just having wasted a day scratching my head why a UBSan build on another machine now started to fail, after I had already forgotten about this issue again, here's a revert now:

This reverts commit f04d92af94a8d763e91ae38fe35319e426dc466c, which causes
miscompilation, as first reported at
<http://lists.llvm.org/pipermail/llvm-commits/Week-of-Mon-20201026/845488.html>
"Re: [llvm] f04d92a - [X86] Produce R_X86_64_GOTPCRELX for test/binop
instructions (MOV32rm/TEST32rm/...) when -Wa, -mrelax-relocations=yes is
enabled":

At least on Linux x86-64 in combination with lld, this causes miscompilation
when an expression like

  ((long) otherfunction) >> 32

computing the upper 32 bits of a function's address is emitted as

  movl otherfunction at GOTPCREL+4(%rip), %eax

which lld then optimizes as

  lea otherfunction+4(%rip), %eax

computing the lower 32 bits of the function's address + 4.

The simplest reproducer I came up with is

> $ cat test.c
> void otherfunction(void);
> int __attribute__ ((visibility("default"))) test1(void) { return (long) otherfunction; }
> int __attribute__ ((visibility("default"))) test2(void) { return ((long) otherfunction) >> 32; }
>
> $ cat otherfunction.c
> void otherfunction(void) {}
>
> $ cat main.c
> #include <stdio.h>
> int test1(void);
> int test2(void);
> int main() {
>   printf("%08X %08X\n", test1(), test2());
>   return 0;
> }
>
> $ llvm/inst/bin/clang -fpic -fvisibility=hidden -O -c test.c
> $ objdump -dr test.o | grep -F -A3 '<test'
> 0000000000000000 <test1>:
>    0:   8b 05 00 00 00 00       mov    0x0(%rip),%eax        # 6 <test1+0x6>
>                         2: R_X86_64_GOTPCRELX   otherfunction-0x4
>    6:   c3                      retq
>    7:   66 0f 1f 84 00 00 00    nopw   0x0(%rax,%rax,1)
> --
> 0000000000000010 <test2>:
>   10:   8b 05 00 00 00 00       mov    0x0(%rip),%eax        # 16 <test2+0x6>
>                         12: R_X86_64_GOTPCRELX  otherfunction
>   16:   c3                      retq
>
> $ llvm/inst/bin/clang -fpic -fvisibility=hidden -c otherfunction.c
>
> $ llvm/inst/bin/clang -fuse-ld=lld --ld-path=/.../llvm/inst/bin/ld.lld -shared test.o otherfunction.o -o libtest.so
> $ objdump -dR libtest.so | grep -F -A3 '<test'
> 00000000000015d0 <test1>:
>     15d0:       8d 05 1a 00 00 00       lea    0x1a(%rip),%eax        # 15f0 <otherfunction>
>     15d6:       c3                      retq
>     15d7:       66 0f 1f 84 00 00 00    nopw   0x0(%rax,%rax,1)
> --
> 00000000000015e0 <test2>:
>     15e0:       8d 05 0e 00 00 00       lea    0xe(%rip),%eax        # 15f4 <otherfunction+0x4>
>     15e6:       c3                      retq
>     15e7:       cc                      int3
>
> $ llvm/inst/bin/clang main.c libtest.so
> $ LD_LIBRARY_PATH=. ./a.out
> 602065F0 602065F4

where using R_X86_64_GOTPCRELX instead of R_X86_64_GOTPCREL in test2 causes the
second value printed out to be (first value + 4) instead of some 00007F55 or
similar.

Diff Detail

Unit TestsFailed

TimeTest
10 mslinux > Extra Tools Unit Tests.clang-query/_/ClangQueryTests::QueryParserTest.Complete
380 mslinux > HWAddressSanitizer-x86_64.TestCases::sizes.cpp
20 mswindows > Extra Tools Unit Tests.clang-query/_/ClangQueryTests_exe::QueryParserTest.Complete

Event Timeline

sberg created this revision.Nov 23 2020, 7:06 AM
Herald added a reviewer: espindola. · View Herald TranscriptNov 23 2020, 7:07 AM
Herald added a project: Restricted Project. · View Herald Transcript
Herald added subscribers: pengfei, hiraditya, emaste. · View Herald Transcript
sberg requested review of this revision.Nov 23 2020, 7:07 AM
Harbormaster completed remote builds in B79793: Diff 307069.Nov 23 2020, 8:06 AM
MaskRay added a comment.EditedNov 23 2020, 9:57 AM

Thanks for reporting the issue. The problem is that clang produces incorrect GOTPCREL+offset fixup. I will try providing a better fix.

// gcc -fpic -fvisibility=hidden -O -S test.c -o - -fno-asynchronous-unwind-tables
test2:
        movq    otherfunction@GOTPCREL(%rip), %rax
        sarq    $32, %rax
        ret

// gcc -fpic -fvisibility=hidden -O -S test.c -o - -fno-asynchronous-unwind-tables
test2:                                  # @test2
# %bb.0:                                # %entry
        movl    otherfunction@GOTPCREL+4(%rip), %eax
        retq

After just having wasted a day scratching my head why a UBSan build on another machine now started to fail

Can you please provide the ubsan example as well?

MaskRay added a comment.EditedNov 23 2020, 11:36 AM
  • X86MCInstLower.cpp emits movl otherfunction@GOTPCREL+4(%rip), %eax
  • This fixup does not work if both R_X86_64_GOTPCRELX (new integrated assembler behavior, also GNU as's) and LLD are used.

(i.e. before my patch, -fno-integrated-as + LLD can break as well)

otherfunction@GOTPCREL+4 is a bit weird as it emits a GOT entry for otherfunction but accesses the high 4 bytes of the GOT entry. It can work if the linker allows it as in GNU ld.
GNU ld does not relax R_X86_64_GOTPCRELX if the addend if not -4.

I'll try fixing LLD instead.

MaskRay added a comment.EditedNov 23 2020, 1:06 PM

Superseded by D91993

MaskRay commandeered this revision.Nov 30 2020, 8:28 AM
MaskRay edited reviewers, added: sberg; removed: MaskRay.

Obsoleted by D92114

MaskRay abandoned this revision.Nov 30 2020, 8:28 AM

Revision Contents

PathSize
llvm/
lib/
ExecutionEngine/
JITLink/
1 line
Target/
X86/
MCTargetDesc/
11 lines
test/
MC/
ELF/
21 lines
2 lines
X86/

Diff 307069

llvm/lib/ExecutionEngine/JITLink/ELF_x86_64.cpp

Show First 20 LinesShow All 218 Lines▼ Show 20 Linesprivate:
static Expected<ELF_x86_64_Edges::ELFX86RelocationKind> static Expected<ELF_x86_64_Edges::ELFX86RelocationKind>
getRelocationKind(const uint32_t Type) { getRelocationKind(const uint32_t Type) {
switch (Type) { switch (Type) {
case ELF::R_X86_64_PC32: case ELF::R_X86_64_PC32:
return ELF_x86_64_Edges::ELFX86RelocationKind::PCRel32; return ELF_x86_64_Edges::ELFX86RelocationKind::PCRel32;
case ELF::R_X86_64_64: case ELF::R_X86_64_64:
return ELF_x86_64_Edges::ELFX86RelocationKind::Pointer64; return ELF_x86_64_Edges::ELFX86RelocationKind::Pointer64;
case ELF::R_X86_64_GOTPCREL: case ELF::R_X86_64_GOTPCREL:
case ELF::R_X86_64_GOTPCRELX:
case ELF::R_X86_64_REX_GOTPCRELX: case ELF::R_X86_64_REX_GOTPCRELX:
return ELF_x86_64_Edges::ELFX86RelocationKind::PCRel32GOTLoad; return ELF_x86_64_Edges::ELFX86RelocationKind::PCRel32GOTLoad;
case ELF::R_X86_64_PLT32: case ELF::R_X86_64_PLT32:
return ELF_x86_64_Edges::ELFX86RelocationKind::Branch32; return ELF_x86_64_Edges::ELFX86RelocationKind::Branch32;
} }
return make_error<JITLinkError>("Unsupported x86-64 relocation:" + return make_error<JITLinkError>("Unsupported x86-64 relocation:" +
formatv("{0:d}", Type)); formatv("{0:d}", Type));
} }
▲ Show 20 LinesShow All 462 LinesShow Last 20 Lines

llvm/lib/Target/X86/MCTargetDesc/X86MCCodeEmitter.cpp

Show First 20 LinesShow All 398 Lines▼ Show 20 Lines if (BaseReg == X86::RIP ||
unsigned Opcode = MI.getOpcode(); unsigned Opcode = MI.getOpcode();
// movq loads are handled with a special relocation form which allows the // movq loads are handled with a special relocation form which allows the
// linker to eliminate some loads for GOT references which end up in the // linker to eliminate some loads for GOT references which end up in the
// same linkage unit. // same linkage unit.
unsigned FixupKind = [=]() { unsigned FixupKind = [=]() {
switch (Opcode) { switch (Opcode) {
default: default:
return X86::reloc_riprel_4byte; return X86::reloc_riprel_4byte;
case X86::ADC32rm:
case X86::ADD32rm:
case X86::AND32rm:
case X86::CMP32rm:
case X86::MOV32rm:
case X86::OR32rm:
case X86::SBB32rm:
case X86::SUB32rm:
case X86::TEST32mr:
case X86::XOR32rm:
return X86::reloc_riprel_4byte_relax;
case X86::MOV64rm: case X86::MOV64rm:
assert(HasREX); assert(HasREX);
return X86::reloc_riprel_4byte_movq_load; return X86::reloc_riprel_4byte_movq_load;
case X86::CALL64m: case X86::CALL64m:
case X86::JMP64m: case X86::JMP64m:
case X86::TAILJMPm64: case X86::TAILJMPm64:
case X86::TEST64mr: case X86::TEST64mr:
case X86::ADC64rm: case X86::ADC64rm:
▲ Show 20 LinesShow All 1,394 LinesShow Last 20 Lines

llvm/test/MC/ELF/got-relaxed.s

  • This file was added.
// RUN: llvm-mc -filetype=obj -triple x86_64-pc-linux %s -o - | llvm-readobj -r - | FileCheck %s
// RUN: llvm-mc -filetype=obj -relax-relocations=false -triple x86_64-pc-linux %s -o - | llvm-readobj -r - | FileCheck --check-prefix=OLD %s
// these should produce R_X86_64_GOTPCRELX
call *call@GOTPCREL(%rip)
jmp *jmp@GOTPCREL(%rip)
// CHECK: Relocations [
// CHECK-NEXT: Section ({{.*}}) .rela.text {
// CHECK-NEXT: R_X86_64_GOTPCRELX call
// CHECK-NEXT: R_X86_64_GOTPCRELX jmp
// CHECK-NEXT: }
// CHECK-NEXT: ]
// OLD: Relocations [
// OLD-NEXT: Section ({{.*}}) .rela.text {
// OLD-NEXT: R_X86_64_GOTPCREL call
// OLD-NEXT: R_X86_64_GOTPCREL jmp
// OLD-NEXT: }
// OLD-NEXT: ]

llvm/test/MC/ELF/got.s

// RUN: llvm-mc -filetype=obj -triple x86_64-pc-linux-gnu %s -o - | llvm-readobj -r --symbols - | FileCheck %s // RUN: llvm-mc -filetype=obj -triple x86_64-pc-linux-gnu %s -o - | llvm-readobj -r --symbols - | FileCheck %s
// Test that this produces the correct relocations R_X86_64_GOT32 and that we, // Test that this produces the correct relocations R_X86_64_GOT32 and that we,
// unlike gas, don't create a _GLOBAL_OFFSET_TABLE_ symbol as a side effect. // unlike gas, don't create a _GLOBAL_OFFSET_TABLE_ symbol as a side effect.
movl foo@GOT, %eax movl foo@GOT, %eax
movl foo@GOTPCREL(%rip), %eax movl foo@GOTPCREL(%rip), %eax
// CHECK: Relocations [ // CHECK: Relocations [
// CHECK: Section ({{[^ ]+}}) .rela.text { // CHECK: Section ({{[^ ]+}}) .rela.text {
// CHECK-NEXT: 0x{{[^ ]+}} R_X86_64_GOT32 foo 0x{{[^ ]+}} // CHECK-NEXT: 0x{{[^ ]+}} R_X86_64_GOT32 foo 0x{{[^ ]+}}
// CHECK-NEXT: 0x{{[^ ]+}} R_X86_64_GOTPCRELX foo 0x{{[^ ]+}} // CHECK-NEXT: 0x{{[^ ]+}} R_X86_64_GOTPCREL foo 0x{{[^ ]+}}
// CHECK-NEXT: } // CHECK-NEXT: }
// CHECK-NEXT: ] // CHECK-NEXT: ]
// CHECK: Symbols [ // CHECK: Symbols [
// CHECK-NOT: _GLOBAL_OFFSET_TABLE_ // CHECK-NOT: _GLOBAL_OFFSET_TABLE_

llvm/test/MC/X86/gotpcrelx.s

  • This file was deleted.
# RUN: llvm-mc -filetype=obj -triple=x86_64 %s | llvm-readobj -r - | FileCheck %s
# RUN: llvm-mc -filetype=obj -triple=x86_64 -relax-relocations=false %s | llvm-readobj -r - | FileCheck --check-prefix=NORELAX %s
# CHECK: Relocations [
# CHECK-NEXT: Section ({{.*}}) .rela.text {
# CHECK-NEXT: R_X86_64_GOTPCRELX mov
# CHECK-NEXT: R_X86_64_GOTPCRELX test
# CHECK-NEXT: R_X86_64_GOTPCRELX adc
# CHECK-NEXT: R_X86_64_GOTPCRELX add
# CHECK-NEXT: R_X86_64_GOTPCRELX and
# CHECK-NEXT: R_X86_64_GOTPCRELX cmp
# CHECK-NEXT: R_X86_64_GOTPCRELX or
# CHECK-NEXT: R_X86_64_GOTPCRELX sbb
# CHECK-NEXT: R_X86_64_GOTPCRELX sub
# CHECK-NEXT: R_X86_64_GOTPCRELX xor
# CHECK-NEXT: R_X86_64_GOTPCRELX call
# CHECK-NEXT: R_X86_64_GOTPCRELX jmp
# CHECK-NEXT: }
# CHECK-NEXT: ]
# NORELAX: Relocations [
# NORELAX-NEXT: Section ({{.*}}) .rela.text {
# NORELAX-NEXT: R_X86_64_GOTPCREL mov
# NORELAX-NEXT: R_X86_64_GOTPCREL test
# NORELAX-NEXT: R_X86_64_GOTPCREL adc
# NORELAX-NEXT: R_X86_64_GOTPCREL add
# NORELAX-NEXT: R_X86_64_GOTPCREL and
# NORELAX-NEXT: R_X86_64_GOTPCREL cmp
# NORELAX-NEXT: R_X86_64_GOTPCREL or
# NORELAX-NEXT: R_X86_64_GOTPCREL sbb
# NORELAX-NEXT: R_X86_64_GOTPCREL sub
# NORELAX-NEXT: R_X86_64_GOTPCREL xor
# NORELAX-NEXT: R_X86_64_GOTPCREL call
# NORELAX-NEXT: R_X86_64_GOTPCREL jmp
# NORELAX-NEXT: }
# NORELAX-NEXT: ]
movl mov@GOTPCREL(%rip), %eax
test %eax, test@GOTPCREL(%rip)
adc adc@GOTPCREL(%rip), %eax
add add@GOTPCREL(%rip), %eax
and and@GOTPCREL(%rip), %eax
cmp cmp@GOTPCREL(%rip), %eax
or or@GOTPCREL(%rip), %eax
sbb sbb@GOTPCREL(%rip), %eax
sub sub@GOTPCREL(%rip), %eax
xor xor@GOTPCREL(%rip), %eax
call *call@GOTPCREL(%rip)
jmp *jmp@GOTPCREL(%rip)
llvm/test/MC/ELF/got-relaxed.s