[PATCH] D123877: [BPF] Add assert for the range of FK_PCRel_2 branch target

Yonghong Song via Phabricator via llvm-commits llvm-commits at lists.llvm.org
Fri Apr 15 15:11:05 PDT 2022 

yonghong-song created this revision.
yonghong-song added a reviewer: ast.
Herald added a subscriber: hiraditya.
Herald added a project: All.
yonghong-song requested review of this revision.
Herald added a project: LLVM.
Herald added a subscriber: llvm-commits.

Currently for the branch insn like

  "if $dst "#OpcodeStr#" $imm goto $BrDst"

The $BrDst range needs to be in the range of [INT16_MIN, INT16_MAX].

When running bpf selftest with latest llvm, I found
pyperf600.o generated insn with range outside
of [INT16_MIN, INT16_MAX], which caused verifier failure.
See below insn #12.

  0000000000000000 <on_event>:
  ; { 
         0:       7b 1a 00 ff 00 00 00 00 *(u64 *)(r10 - 256) = r1
  ;       uint64_t pid_tgid = bpf_get_current_pid_tgid();
         1:       85 00 00 00 0e 00 00 00 call 14
         2:       bf 06 00 00 00 00 00 00 r6 = r0
  ;       pid_t pid = (pid_t)(pid_tgid >> 32);
         3:       bf 61 00 00 00 00 00 00 r1 = r6
         4:       77 01 00 00 20 00 00 00 r1 >>= 32
         5:       63 1a fc ff 00 00 00 00 *(u32 *)(r10 - 4) = r1
         6:       bf a2 00 00 00 00 00 00 r2 = r10 
         7:       07 02 00 00 fc ff ff ff r2 += -4
  ;       PidData* pidData = bpf_map_lookup_elem(&pidmap, &pid);
         8:       18 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 r1 = 0 ll
        10:       85 00 00 00 01 00 00 00 call 1
        11:       bf 08 00 00 00 00 00 00 r8 = r0
  ;       if (!pidData)
        12:       15 08 15 e8 00 00 00 00 if r8 == 0 goto -6123 <LBB0_27588+0xffffffffffdae100>
        13:       b4 01 00 00 00 00 00 00 w1 = 0 

We may need to add new insn to extend the range of $BrDst.
This patch added assert for the range so compiler can warn
the otherwise incorrect code generation.


Repository:
  rG LLVM Github Monorepo

https://reviews.llvm.org/D123877

Files:
  llvm/lib/Target/BPF/MCTargetDesc/BPFAsmBackend.cpp


Index: llvm/lib/Target/BPF/MCTargetDesc/BPFAsmBackend.cpp
===================================================================
--- llvm/lib/Target/BPF/MCTargetDesc/BPFAsmBackend.cpp
+++ llvm/lib/Target/BPF/MCTargetDesc/BPFAsmBackend.cpp
@@ -87,6 +87,9 @@
     }
   } else {
     assert(Fixup.getKind() == FK_PCRel_2);
+    assert(((int64_t)Value - 8) <= INT16_MAX * 8 &&
+           ((int64_t)Value - 8) >= INT16_MIN * 8);
+
     Value = (uint16_t)((Value - 8) / 8);
     support::endian::write<uint16_t>(&Data[Fixup.getOffset() + 2], Value,
                                      Endian);


-------------- next part --------------
A non-text attachment was scrubbed...
Name: D123877.423174.patch
Type: text/x-patch
Size: 588 bytes
Desc: not available
URL: <http://lists.llvm.org/pipermail/llvm-commits/attachments/20220415/c1a15f7f/attachment.bin>

More information about the llvm-commits mailing list