[llvm-branch-commits] [llvm-branch] r319633 - bpf: fix bug on silently truncating 64-bit immediate

Yonghong Song via llvm-branch-commits llvm-branch-commits at lists.llvm.org
Sun Dec 3 11:02:04 PST 2017 

Author: yhs
Date: Sun Dec  3 11:02:03 2017
New Revision: 319633

URL: http://llvm.org/viewvc/llvm-project?rev=319633&view=rev
Log:
bpf: fix bug on silently truncating 64-bit immediate

We came across an llvm bug when compiling some testcases that 64-bit
immediates are silently truncated into 32-bit and then packed into
BPF_JMP | BPF_K encoding.  This caused comparison with wrong value.

This bug looks to be introduced by r308080 (llvm 5.0). The Select_Ri pattern is
supposed to be lowered into J*_Ri while the latter only support 32-bit
immediate encoding, therefore Select_Ri should have similar immediate
predicate check as what J*_Ri are doing.

The bug is fixed by
git-svn-id: https://llvm.org/svn/llvm-project/llvm/trunk@315889 91177308-0d34-0410-b5e6-96231b3b80d8
in llvm 6.0.

This patch is largely the same as the fix in llvm 6.0 except
one minor adjustment for the test case.

Reported-by: John Fastabend <john.fastabend at gmail.com>
Reported-by: Jakub Kicinski <jakub.kicinski at netronome.com>
Signed-off-by: Jiong Wang <jiong.wang at netronome.com>
Reviewed-by: Yonghong Song <yhs at fb.com>


Modified:
    llvm/branches/release_50/lib/Target/BPF/BPFISelLowering.cpp
    llvm/branches/release_50/lib/Target/BPF/BPFInstrInfo.td
    llvm/branches/release_50/test/CodeGen/BPF/select_ri.ll

Modified: llvm/branches/release_50/lib/Target/BPF/BPFISelLowering.cpp
URL: http://llvm.org/viewvc/llvm-project/llvm/branches/release_50/lib/Target/BPF/BPFISelLowering.cpp?rev=319633&r1=319632&r2=319633&view=diff
==============================================================================
--- llvm/branches/release_50/lib/Target/BPF/BPFISelLowering.cpp (original)
+++ llvm/branches/release_50/lib/Target/BPF/BPFISelLowering.cpp Sun Dec  3 11:02:03 2017
@@ -578,11 +578,15 @@ BPFTargetLowering::EmitInstrWithCustomIn
         .addReg(LHS)
         .addReg(MI.getOperand(2).getReg())
         .addMBB(Copy1MBB);
-  else
+  else {
+    int64_t imm32 = MI.getOperand(2).getImm();
+    // sanity check before we build J*_ri instruction.
+    assert (isInt<32>(imm32));
     BuildMI(BB, DL, TII.get(NewCC))
         .addReg(LHS)
-        .addImm(MI.getOperand(2).getImm())
+        .addImm(imm32)
         .addMBB(Copy1MBB);
+  }
 
   // Copy0MBB:
   //  %FalseValue = ...

Modified: llvm/branches/release_50/lib/Target/BPF/BPFInstrInfo.td
URL: http://llvm.org/viewvc/llvm-project/llvm/branches/release_50/lib/Target/BPF/BPFInstrInfo.td?rev=319633&r1=319632&r2=319633&view=diff
==============================================================================
--- llvm/branches/release_50/lib/Target/BPF/BPFInstrInfo.td (original)
+++ llvm/branches/release_50/lib/Target/BPF/BPFInstrInfo.td Sun Dec  3 11:02:03 2017
@@ -464,7 +464,7 @@ let usesCustomInserter = 1 in {
                       (ins GPR:$lhs, i64imm:$rhs, i64imm:$imm, GPR:$src, GPR:$src2),
                       "# Select PSEUDO $dst = $lhs $imm $rhs ? $src : $src2",
                       [(set i64:$dst,
-                       (BPFselectcc i64:$lhs, (i64 imm:$rhs), (i64 imm:$imm), i64:$src, i64:$src2))]>;
+                       (BPFselectcc i64:$lhs, (i64 i64immSExt32:$rhs), (i64 imm:$imm), i64:$src, i64:$src2))]>;
 }
 
 // load 64-bit global addr into register

Modified: llvm/branches/release_50/test/CodeGen/BPF/select_ri.ll
URL: http://llvm.org/viewvc/llvm-project/llvm/branches/release_50/test/CodeGen/BPF/select_ri.ll?rev=319633&r1=319632&r2=319633&view=diff
==============================================================================
--- llvm/branches/release_50/test/CodeGen/BPF/select_ri.ll (original)
+++ llvm/branches/release_50/test/CodeGen/BPF/select_ri.ll Sun Dec  3 11:02:03 2017
@@ -25,3 +25,38 @@ entry:
 }
 
 attributes #0 = { norecurse nounwind readonly }
+
+; test immediate out of 32-bit range
+; Source file:
+
+; unsigned long long
+; load_word(void *buf, unsigned long long off)
+; asm("llvm.bpf.load.word");
+;
+; int
+; foo(void *buf)
+; {
+;  unsigned long long sum = 0;
+;
+;  sum += load_word(buf, 100);
+;  sum += load_word(buf, 104);
+;
+;  if (sum != 0x1ffffffffULL)
+;    return ~0U;
+;
+;  return 0;
+;}
+
+; Function Attrs: nounwind readonly
+define i32 @foo(i8*) local_unnamed_addr #0 {
+  %2 = tail call i64 @llvm.bpf.load.word(i8* %0, i64 100)
+  %3 = tail call i64 @llvm.bpf.load.word(i8* %0, i64 104)
+  %4 = add i64 %3, %2
+  %5 = icmp ne i64 %4, 8589934591
+; CHECK:  r{{[0-9]+}} = 8589934591ll
+  %6 = sext i1 %5 to i32
+  ret i32 %6
+}
+
+; Function Attrs: nounwind readonly
+declare i64 @llvm.bpf.load.word(i8*, i64) #1

More information about the llvm-branch-commits mailing list