[llvm] r278659 - [Thumb] Validate branch target for CBZ/CBNZ instructions.

Matthias Braun via llvm-commits llvm-commits at lists.llvm.org
Mon Aug 15 11:25:01 PDT 2016 

I also suspect this to be the cause of this build being broken: http://lab.llvm.org:8080/green/job/clang-stage1-configure-RA_build/ <http://lab.llvm.org:8080/green/job/clang-stage1-configure-RA_build/> (I am still reproducing to confirm and extracting a testcase).

- Matthias

> On Aug 15, 2016, at 11:14 AM, Reid Kleckner via llvm-commits <llvm-commits at lists.llvm.org> wrote:
> 
> This is now firing on code in brotli (a compression library): http://crbug.com/637864 <http://crbug.com/637864>
> 
> How can we avoid this error? Shouldn't LLVM be responsible for relaxing this into some other code sequence?
> 
> On Mon, Aug 15, 2016 at 12:57 AM, Prakhar Bahuguna via llvm-commits <llvm-commits at lists.llvm.org <mailto:llvm-commits at lists.llvm.org>> wrote:
> Author: prakhar
> Date: Mon Aug 15 02:57:44 2016
> New Revision: 278659
> 
> URL: http://llvm.org/viewvc/llvm-project?rev=278659&view=rev <http://llvm.org/viewvc/llvm-project?rev=278659&view=rev>
> Log:
> [Thumb] Validate branch target for CBZ/CBNZ instructions.
> 
> Summary:
> The assembler currently does not check the branch target for CBZ/CBNZ
> instructions, which only permit branching forwards with a positive offset. This
> adds validation for the branch target to ensure negative PC-relative offsets are
> not encoded into the instruction, whether specified as a literal or as an
> assembler symbol.
> 
> Reviewers: rengolin, t.p.northover
> 
> Subscribers: llvm-commits, rengolin
> 
> Differential Revision: https://reviews.llvm.org/D23312 <https://reviews.llvm.org/D23312>
> 
> Added:
>     llvm/trunk/test/MC/ARM/thumb-cb-negative-offsets.s
> Modified:
>     llvm/trunk/lib/Target/ARM/AsmParser/ARMAsmParser.cpp
>     llvm/trunk/lib/Target/ARM/MCTargetDesc/ARMAsmBackend.cpp
>     llvm/trunk/test/MC/ARM/thumb-diagnostics.s
> 
> Modified: llvm/trunk/lib/Target/ARM/AsmParser/ARMAsmParser.cpp
> URL: http://llvm.org/viewvc/llvm-project/llvm/trunk/lib/Target/ARM/AsmParser/ARMAsmParser.cpp?rev=278659&r1=278658&r2=278659&view=diff <http://llvm.org/viewvc/llvm-project/llvm/trunk/lib/Target/ARM/AsmParser/ARMAsmParser.cpp?rev=278659&r1=278658&r2=278659&view=diff>
> ==============================================================================
> --- llvm/trunk/lib/Target/ARM/AsmParser/ARMAsmParser.cpp (original)
> +++ llvm/trunk/lib/Target/ARM/AsmParser/ARMAsmParser.cpp Mon Aug 15 02:57:44 2016
> @@ -6684,6 +6684,12 @@ bool ARMAsmParser::validateInstruction(M
>        return Error(Operands[Op]->getStartLoc(), "branch target out of range");
>      break;
>    }
> +  case ARM::tCBZ:
> +  case ARM::tCBNZ: {
> +    if (!static_cast<ARMOperand &>(*Operands[2]).isUnsignedOffset<6, 1>())
> +      return Error(Operands[2]->getStartLoc(), "branch target out of range");
> +    break;
> +  }
>    case ARM::MOVi16:
>    case ARM::t2MOVi16:
>    case ARM::t2MOVTi16:
> 
> Modified: llvm/trunk/lib/Target/ARM/MCTargetDesc/ARMAsmBackend.cpp
> URL: http://llvm.org/viewvc/llvm-project/llvm/trunk/lib/Target/ARM/MCTargetDesc/ARMAsmBackend.cpp?rev=278659&r1=278658&r2=278659&view=diff <http://llvm.org/viewvc/llvm-project/llvm/trunk/lib/Target/ARM/MCTargetDesc/ARMAsmBackend.cpp?rev=278659&r1=278658&r2=278659&view=diff>
> ==============================================================================
> --- llvm/trunk/lib/Target/ARM/MCTargetDesc/ARMAsmBackend.cpp (original)
> +++ llvm/trunk/lib/Target/ARM/MCTargetDesc/ARMAsmBackend.cpp Mon Aug 15 02:57:44 2016
> @@ -578,6 +578,11 @@ unsigned ARMAsmBackend::adjustFixupValue
>      // Offset by 4, and don't encode the low two bits.
>      return ((Value - 4) >> 2) & 0xff;
>    case ARM::fixup_arm_thumb_cb: {
> +    // CB instructions can only branch to offsets in [0, 126] in multiples of 2
> +    if (Ctx && ((int64_t)Value < 0 || Value > 0x3e || Value & 1)) {
> +      Ctx->reportError(Fixup.getLoc(), "out of range pc-relative fixup value");
> +      return 0;
> +    }
>      // Offset by 4 and don't encode the lower bit, which is always 0.
>      // FIXME: diagnose if no Thumb2
>      uint32_t Binary = (Value - 4) >> 1;
> 
> Added: llvm/trunk/test/MC/ARM/thumb-cb-negative-offsets.s
> URL: http://llvm.org/viewvc/llvm-project/llvm/trunk/test/MC/ARM/thumb-cb-negative-offsets.s?rev=278659&view=auto <http://llvm.org/viewvc/llvm-project/llvm/trunk/test/MC/ARM/thumb-cb-negative-offsets.s?rev=278659&view=auto>
> ==============================================================================
> --- llvm/trunk/test/MC/ARM/thumb-cb-negative-offsets.s (added)
> +++ llvm/trunk/test/MC/ARM/thumb-cb-negative-offsets.s Mon Aug 15 02:57:44 2016
> @@ -0,0 +1,19 @@
> +@ RUN: not llvm-mc -triple thumbv7m-none-eabi      -filetype=obj -o /dev/null %s 2>&1 | FileCheck %s
> +@ RUN: not llvm-mc -triple thumbv8m.base-none-eabi -filetype=obj -o /dev/null %s 2>&1 | FileCheck %s
> +
> +label0:
> +  .word 4
> +
> +@ CHECK: out of range pc-relative fixup value
> +  cbz r0, label0
> +@ CHECK: out of range pc-relative fixup value
> +  cbnz r0, label0
> +
> +@ CHECK: out of range pc-relative fixup value
> +  cbz r0, label1
> +@ CHECK: out of range pc-relative fixup value
> +  cbnz r0, label1
> +
> +  .space 1000
> +label1:
> +  .word 4
> 
> Modified: llvm/trunk/test/MC/ARM/thumb-diagnostics.s
> URL: http://llvm.org/viewvc/llvm-project/llvm/trunk/test/MC/ARM/thumb-diagnostics.s?rev=278659&r1=278658&r2=278659&view=diff <http://llvm.org/viewvc/llvm-project/llvm/trunk/test/MC/ARM/thumb-diagnostics.s?rev=278659&r1=278658&r2=278659&view=diff>
> ==============================================================================
> --- llvm/trunk/test/MC/ARM/thumb-diagnostics.s (original)
> +++ llvm/trunk/test/MC/ARM/thumb-diagnostics.s Mon Aug 15 02:57:44 2016
> @@ -235,6 +235,23 @@ error: invalid operand for instruction
>  @ CHECK-ERRORS: error: branch target out of range
> 
>  @------------------------------------------------------------------------------
> +@ CBZ/CBNZ - out of range immediates for branches
> + at ------------------------------------------------------------------------------
> +
> +        cbz    r0, #-2
> +        cbz    r0, #0
> +        cbz    r0, #17
> +        cbnz   r0, #126
> +        cbnz   r0, #128
> +
> +@ CHECK-ERRORS-V7M: error: branch target out of range
> +@ CHECK-ERRORS-V7M: error: invalid operand for instruction
> +@ CHECK-ERRORS-V7M: error: branch target out of range
> +@ CHECK-ERRORS-V8: error: branch target out of range
> +@ CHECK-ERRORS-V8: error: invalid operand for instruction
> +@ CHECK-ERRORS-V8: error: branch target out of range
> +
> + at ------------------------------------------------------------------------------
>  @ SEV/WFE/WFI/YIELD - are not supported pre v6M or v6T2
>  @------------------------------------------------------------------------------
>          sev
> 
> 
> _______________________________________________
> llvm-commits mailing list
> llvm-commits at lists.llvm.org <mailto:llvm-commits at lists.llvm.org>
> http://lists.llvm.org/cgi-bin/mailman/listinfo/llvm-commits <http://lists.llvm.org/cgi-bin/mailman/listinfo/llvm-commits>
> 
> _______________________________________________
> llvm-commits mailing list
> llvm-commits at lists.llvm.org
> http://lists.llvm.org/cgi-bin/mailman/listinfo/llvm-commits

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.llvm.org/pipermail/llvm-commits/attachments/20160815/0f395f86/attachment.html>

More information about the llvm-commits mailing list