<html>
<head>
<base href="https://bugs.llvm.org/">
</head>
<body><table border="1" cellspacing="0" cellpadding="8">
<tr>
<th>Bug ID</th>
<td><a class="bz_bug_link
bz_status_NEW "
title="NEW - Assembly instructions with "OFFSET FLAT:" are handled incorrectly"
href="https://bugs.llvm.org/show_bug.cgi?id=39447">39447</a>
</td>
</tr>
<tr>
<th>Summary</th>
<td>Assembly instructions with "OFFSET FLAT:" are handled incorrectly
</td>
</tr>
<tr>
<th>Product</th>
<td>libraries
</td>
</tr>
<tr>
<th>Version</th>
<td>7.0
</td>
</tr>
<tr>
<th>Hardware</th>
<td>PC
</td>
</tr>
<tr>
<th>OS</th>
<td>Windows NT
</td>
</tr>
<tr>
<th>Status</th>
<td>NEW
</td>
</tr>
<tr>
<th>Severity</th>
<td>enhancement
</td>
</tr>
<tr>
<th>Priority</th>
<td>P
</td>
</tr>
<tr>
<th>Component</th>
<td>MCJIT
</td>
</tr>
<tr>
<th>Assignee</th>
<td>unassignedbugs@nondot.org
</td>
</tr>
<tr>
<th>Reporter</th>
<td>bjoern.gaier@horiba.com
</td>
</tr>
<tr>
<th>CC</th>
<td>llvm-bugs@lists.llvm.org
</td>
</tr></table>
<p>
<div>
<pre>Created <span class=""><a href="attachment.cgi?id=21038" name="attach_21038" title="Contains CM_Switch.cpp CM_Switch.cod CM_Switch.obj">attachment 21038</a> <a href="attachment.cgi?id=21038&action=edit" title="Contains CM_Switch.cpp CM_Switch.cod CM_Switch.obj">[details]</a></span>
Contains CM_Switch.cpp CM_Switch.cod CM_Switch.obj
Hello LLVM-Team,
I used the new LLVM 7 to write a small and simple JIT-Client, which loads
bitcode files, JITs them and executes them. In this JIT process I also include
some object files which were generated by VisualStudio2017 - but sadly the
resulting code will crash. I did some research and try to explain what I've
done and what my conclusions are.
1.) Generating VisualStudio object file
All I do is simply compile the file "CM_Switch.cpp" - as it is attached to this
report - and that's all.
I use the following compile flags: /nologo /FAcs /Zc:wchar_t- /GS- /MT /W3 /O2
/I "..\..\include" /I "..\..\external\include" /D "WIN32" /D
"_CRT_NON_CONFORMING_SWPRINTFS" /D "_CRT_NONSTDC_NO_DEPRECATE" /D
"_CRT_SECURE_NO_WARNINGS" /D "NDEBUG" /D "_CONSOLE" /D "_MBCS"
/Fp"$(OutDir)%(Filename).pch" /Fo"$(OutDir)%(Filename).obj" /c
$(ProjectName).cpp
2.) JIT Client
For the JIT client I use to parse first a bc file, that does not contain any
code - I just compiled an empty .cpp document with clang and enabled generating
a bc file. So the bc file is not empty, but has no executable code or anything.
After this I locate the CM_Switch.obj file and add it via "addObjectFile":
llvm::Expected<std::unique_ptr<llvm::object::ObjectFile>> preObj =
llvm::object::ObjectFile::createObjectFile(ArBuf.get()->getMemBufferRef());
refEngine->addObjectFile(llvm::object::OwningBinary<llvm::object::ObjectFile>(std::move(preObj.get()),
std::move(ArBuf.get())));
When generating the executable code, the JIT client will ask for resolving some
references and will get these address as they are. But executing the
"Initialize2" function will crash the application.
Investigations:
With the CM_Switch.cod file and a debugger I was able to locate the root of the
problem! Assembly instructions like these:
lea r8, OFFSET FLAT:__ImageBase
The problem comes from "OFFSET FLAT" which - as I understood - determine the
offset of the current instruction to that reference. In this case
"__ImageBase".
But this is not handled correct! When I pass an address to "__ImageBase", the
application will crash at EXACTLY the address I passed. When I return 0xFF as
an Address, I will crash at the address 0xFF, if I pass the address of
ImageBase, I will crash there.
If I pass an address to a function, then this function will actually be
executed. It seems to me, that this code gets replaced with a jump, which is
totally wrong.
That is all I can say.</pre>
</div>
</p>
<hr>
<span>You are receiving this mail because:</span>
<ul>
<li>You are on the CC list for the bug.</li>
</ul>
</body>
</html>