Skip to content

[win/asan] GetInstructionSize: Add test for 8D A4 24 .... #119794

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 1 commit into from
Jan 11, 2025
Merged

[win/asan] GetInstructionSize: Add test for 8D A4 24 .... #119794

merged 1 commit into from
Jan 11, 2025

Conversation

bernhardu
Copy link
Contributor

This just adds the displacement for this instruction.
And add the test line.

CC: @zmodem
CC: @alvinhochun (I hope this is ok, as you commented also in PR 113085 regarding rel_offset?)

@llvmbot
Copy link
Member

llvmbot commented Dec 13, 2024

@llvm/pr-subscribers-compiler-rt-sanitizer

Author: None (bernhardu)

Changes

This just adds the displacement for this instruction.
And add the test line.

CC: @zmodem
CC: @alvinhochun (I hope this is ok, as you commented also in PR 113085 regarding rel_offset?)

Full diff: https://github.com/llvm/llvm-project/pull/119794.diff

2 Files Affected:

  • (modified) compiler-rt/lib/interception/interception_win.cpp (+2)
  • (modified) compiler-rt/lib/interception/tests/interception_win_test.cpp (+1)
diff --git a/compiler-rt/lib/interception/interception_win.cpp b/compiler-rt/lib/interception/interception_win.cpp
index a5897274521e92..89f75e8fd2a7b9 100644
--- a/compiler-rt/lib/interception/interception_win.cpp
+++ b/compiler-rt/lib/interception/interception_win.cpp
@@ -646,6 +646,8 @@ static size_t GetInstructionSize(uptr address, size_t* rel_offset = nullptr) {
 
   switch (0x00FFFFFF & *(u32 *)address) {
     case 0x24A48D:  // 8D A4 24 XX XX XX XX : lea esp, [esp + XX XX XX XX]
+      if (rel_offset)
+        *rel_offset = 3;
       return 7;
   }
 
diff --git a/compiler-rt/lib/interception/tests/interception_win_test.cpp b/compiler-rt/lib/interception/tests/interception_win_test.cpp
index 04d9a6766f65ad..96765016203542 100644
--- a/compiler-rt/lib/interception/tests/interception_win_test.cpp
+++ b/compiler-rt/lib/interception/tests/interception_win_test.cpp
@@ -858,6 +858,7 @@ const struct InstructionSizeData {
     { 5, {0x68, 0x71, 0x72, 0x73, 0x74}, 0, "68 XX XX XX XX : push imm32"},
     { 5, {0xb8, 0x71, 0x72, 0x73, 0x74}, 0, "b8 XX XX XX XX : mov eax, XX XX XX XX"},
     { 5, {0xB9, 0x71, 0x72, 0x73, 0x74}, 0, "b9 XX XX XX XX : mov ecx, XX XX XX XX"},
+    { 7, {0x8D, 0xA4, 0x24, 0x73, 0x74, 0x75, 0x76}, 3, "8D A4 24 XX XX XX XX : lea esp, [esp + XX XX XX XX]"},
 #if SANITIZER_WINDOWS_x64
     // sorted list
     { 2, {0x40, 0x50}, 0, "40 50 : push rax"},

@alvinhochun
Copy link
Contributor

If I haven't misunderstood, the point of rel_offset is for adjusting an RIP-relative address to refer to the same address after the instruction is copied (moved) to a new location for the hotpatch/trampoline hooking techniques.

[esp + XX XX XX XX] is an ESP-relative address, which shouldn't need adjustment, so this change looks dubious to me.

Also, considering that on x86 (not x86_64) there is no PC-relative addressing (outside of near jump/call), setting rel_offset for any instructions not guarded by #if SANITIZER_WINDOWS_x64 is probably wrong.

@zmodem
Copy link
Collaborator

zmodem commented Dec 13, 2024

[esp + XX XX XX XX] is an ESP-relative address, which shouldn't need adjustment, so this change looks dubious to me.

+1 I don't think this should set rel_offset.

@bernhardu bernhardu force-pushed the mr-interception_win-fix-8D_A4_24 branch from f38dd00 to 60b672a Compare December 14, 2024 04:10
@bernhardu bernhardu changed the title [win/asan] GetInstructionSize: Fix 8D A4 24 ... to return rel_offset=3. [win/asan] GetInstructionSize: Add test for 8D A4 24 .... Dec 14, 2024
@bernhardu
Copy link
Contributor Author

If I haven't misunderstood, the point of rel_offset is for adjusting an RIP-relative address to refer to the same address after the instruction is copied (moved) to a new location for the hotpatch/trampoline hooking techniques.

[esp + XX XX XX XX] is an ESP-relative address, which shouldn't need adjustment, so this change looks dubious to me.

Also, considering that on x86 (not x86_64) there is no PC-relative addressing (outside of near jump/call), setting rel_offset for any instructions not guarded by #if SANITIZER_WINDOWS_x64 is probably wrong.

[esp + XX XX XX XX] is an ESP-relative address, which shouldn't need adjustment, so this change looks dubious to me.

+1 I don't think this should set rel_offset.

Thank you for the explanations, that part was obviously not completely clear to me.

I pushed a new version of this patch to just include this test line with rel_offset=0,
and changing the comment to better reflect the meaning of rel_offset.

Just for the background I am trying to get the tests as correct as I can by using
an external lib bddisasm.
With your explanation I found now it provides a value RIP relative,
and if that is flagged using as rel_offset the "displacement offset" (like in this local patch ).

(Unfortunately I was not able to get something similar out of llvm/tablegen. Linking the llvm disassembler into the interception might be out of reach, but wouldn't it be possible to link it into the Interception-x86_64-Test.exe? This would make it possible to verify the test list "on the fly".)

@bernhardu
Copy link
Contributor Author

A happy new year to you all. This is now only a comment modification and an added test, are there other issues left?

@zmodem
Copy link
Collaborator

zmodem commented Jan 11, 2025

No, I think it's good to go in.

@zmodem zmodem merged commit 9a9e41c into llvm:main Jan 11, 2025
7 checks passed
@llvm-ci
Copy link
Collaborator

llvm-ci commented Jan 11, 2025

LLVM Buildbot has detected a new failure on builder clang-aarch64-sve2-vla running on linaro-g4-01 while building compiler-rt at step 7 "ninja check 1".

Full details are available at: https://lab.llvm.org/buildbot/#/builders/198/builds/1048

Here is the relevant piece of the build log for the reference 
Step 7 (ninja check 1) failure: stage 1 checked (failure)
******************** TEST 'ORC-aarch64-linux :: TestCases/Generic/lazy-link.ll' FAILED ********************
Exit Code: 1

Command Output (stderr):
--
RUN: at line 6: rm -rf /home/tcwg-buildbot/worker/clang-aarch64-sve2-vla/stage1/runtimes/runtimes-bins/compiler-rt/test/orc/AARCH64LinuxConfig/TestCases/Generic/Output/lazy-link.ll.tmp && mkdir -p /home/tcwg-buildbot/worker/clang-aarch64-sve2-vla/stage1/runtimes/runtimes-bins/compiler-rt/test/orc/AARCH64LinuxConfig/TestCases/Generic/Output/lazy-link.ll.tmp
+ rm -rf /home/tcwg-buildbot/worker/clang-aarch64-sve2-vla/stage1/runtimes/runtimes-bins/compiler-rt/test/orc/AARCH64LinuxConfig/TestCases/Generic/Output/lazy-link.ll.tmp
+ mkdir -p /home/tcwg-buildbot/worker/clang-aarch64-sve2-vla/stage1/runtimes/runtimes-bins/compiler-rt/test/orc/AARCH64LinuxConfig/TestCases/Generic/Output/lazy-link.ll.tmp
RUN: at line 7: /home/tcwg-buildbot/worker/clang-aarch64-sve2-vla/stage1/./bin/clang    -Wthread-safety -Wthread-safety-reference -Wthread-safety-beta   -c -o /home/tcwg-buildbot/worker/clang-aarch64-sve2-vla/stage1/runtimes/runtimes-bins/compiler-rt/test/orc/AARCH64LinuxConfig/TestCases/Generic/Output/lazy-link.ll.tmp/foo.o /home/tcwg-buildbot/worker/clang-aarch64-sve2-vla/llvm/compiler-rt/test/orc/TestCases/Generic/Inputs/foo-ret-42.ll
+ /home/tcwg-buildbot/worker/clang-aarch64-sve2-vla/stage1/./bin/clang -Wthread-safety -Wthread-safety-reference -Wthread-safety-beta -c -o /home/tcwg-buildbot/worker/clang-aarch64-sve2-vla/stage1/runtimes/runtimes-bins/compiler-rt/test/orc/AARCH64LinuxConfig/TestCases/Generic/Output/lazy-link.ll.tmp/foo.o /home/tcwg-buildbot/worker/clang-aarch64-sve2-vla/llvm/compiler-rt/test/orc/TestCases/Generic/Inputs/foo-ret-42.ll
warning: overriding the module target triple with aarch64-unknown-linux-gnu [-Woverride-module]
1 warning generated.
RUN: at line 8: /home/tcwg-buildbot/worker/clang-aarch64-sve2-vla/stage1/./bin/clang    -Wthread-safety -Wthread-safety-reference -Wthread-safety-beta   -c -o /home/tcwg-buildbot/worker/clang-aarch64-sve2-vla/stage1/runtimes/runtimes-bins/compiler-rt/test/orc/AARCH64LinuxConfig/TestCases/Generic/Output/lazy-link.ll.tmp/x.o /home/tcwg-buildbot/worker/clang-aarch64-sve2-vla/llvm/compiler-rt/test/orc/TestCases/Generic/Inputs/var-x-42.ll
+ /home/tcwg-buildbot/worker/clang-aarch64-sve2-vla/stage1/./bin/clang -Wthread-safety -Wthread-safety-reference -Wthread-safety-beta -c -o /home/tcwg-buildbot/worker/clang-aarch64-sve2-vla/stage1/runtimes/runtimes-bins/compiler-rt/test/orc/AARCH64LinuxConfig/TestCases/Generic/Output/lazy-link.ll.tmp/x.o /home/tcwg-buildbot/worker/clang-aarch64-sve2-vla/llvm/compiler-rt/test/orc/TestCases/Generic/Inputs/var-x-42.ll
warning: overriding the module target triple with aarch64-unknown-linux-gnu [-Woverride-module]
1 warning generated.
RUN: at line 9: /home/tcwg-buildbot/worker/clang-aarch64-sve2-vla/stage1/./bin/clang    -Wthread-safety -Wthread-safety-reference -Wthread-safety-beta   -c -o /home/tcwg-buildbot/worker/clang-aarch64-sve2-vla/stage1/runtimes/runtimes-bins/compiler-rt/test/orc/AARCH64LinuxConfig/TestCases/Generic/Output/lazy-link.ll.tmp/main.o /home/tcwg-buildbot/worker/clang-aarch64-sve2-vla/llvm/compiler-rt/test/orc/TestCases/Generic/lazy-link.ll
+ /home/tcwg-buildbot/worker/clang-aarch64-sve2-vla/stage1/./bin/clang -Wthread-safety -Wthread-safety-reference -Wthread-safety-beta -c -o /home/tcwg-buildbot/worker/clang-aarch64-sve2-vla/stage1/runtimes/runtimes-bins/compiler-rt/test/orc/AARCH64LinuxConfig/TestCases/Generic/Output/lazy-link.ll.tmp/main.o /home/tcwg-buildbot/worker/clang-aarch64-sve2-vla/llvm/compiler-rt/test/orc/TestCases/Generic/lazy-link.ll
warning: overriding the module target triple with aarch64-unknown-linux-gnu [-Woverride-module]
1 warning generated.
RUN: at line 10: /home/tcwg-buildbot/worker/clang-aarch64-sve2-vla/stage1/./bin/llvm-jitlink -orc-runtime=/home/tcwg-buildbot/worker/clang-aarch64-sve2-vla/stage1/./lib/../lib/clang/20/lib/aarch64-unknown-linux-gnu/liborc_rt.a -noexec -show-linked-files /home/tcwg-buildbot/worker/clang-aarch64-sve2-vla/stage1/runtimes/runtimes-bins/compiler-rt/test/orc/AARCH64LinuxConfig/TestCases/Generic/Output/lazy-link.ll.tmp/main.o -lazy /home/tcwg-buildbot/worker/clang-aarch64-sve2-vla/stage1/runtimes/runtimes-bins/compiler-rt/test/orc/AARCH64LinuxConfig/TestCases/Generic/Output/lazy-link.ll.tmp/foo.o      -lazy /home/tcwg-buildbot/worker/clang-aarch64-sve2-vla/stage1/runtimes/runtimes-bins/compiler-rt/test/orc/AARCH64LinuxConfig/TestCases/Generic/Output/lazy-link.ll.tmp/x.o | FileCheck /home/tcwg-buildbot/worker/clang-aarch64-sve2-vla/llvm/compiler-rt/test/orc/TestCases/Generic/lazy-link.ll
+ FileCheck /home/tcwg-buildbot/worker/clang-aarch64-sve2-vla/llvm/compiler-rt/test/orc/TestCases/Generic/lazy-link.ll
+ /home/tcwg-buildbot/worker/clang-aarch64-sve2-vla/stage1/./bin/llvm-jitlink -orc-runtime=/home/tcwg-buildbot/worker/clang-aarch64-sve2-vla/stage1/./lib/../lib/clang/20/lib/aarch64-unknown-linux-gnu/liborc_rt.a -noexec -show-linked-files /home/tcwg-buildbot/worker/clang-aarch64-sve2-vla/stage1/runtimes/runtimes-bins/compiler-rt/test/orc/AARCH64LinuxConfig/TestCases/Generic/Output/lazy-link.ll.tmp/main.o -lazy /home/tcwg-buildbot/worker/clang-aarch64-sve2-vla/stage1/runtimes/runtimes-bins/compiler-rt/test/orc/AARCH64LinuxConfig/TestCases/Generic/Output/lazy-link.ll.tmp/foo.o -lazy /home/tcwg-buildbot/worker/clang-aarch64-sve2-vla/stage1/runtimes/runtimes-bins/compiler-rt/test/orc/AARCH64LinuxConfig/TestCases/Generic/Output/lazy-link.ll.tmp/x.o
/home/tcwg-buildbot/worker/clang-aarch64-sve2-vla/llvm/compiler-rt/test/orc/TestCases/Generic/lazy-link.ll:18:14: error: CHECK-DAG: expected string not found in input
; CHECK-DAG: Linking {{.*}}x.o
             ^
<stdin>:2:177: note: scanning from here
Linking /home/tcwg-buildbot/worker/clang-aarch64-sve2-vla/stage1/runtimes/runtimes-bins/compiler-rt/test/orc/AARCH64LinuxConfig/TestCases/Generic/Output/lazy-link.ll.tmp/main.o
                                                                                                                                                                                ^
<stdin>:3:1: note: possible intended match here
Linking __orc_reentry_graph_#1
^

Input file: <stdin>
Check file: /home/tcwg-buildbot/worker/clang-aarch64-sve2-vla/llvm/compiler-rt/test/orc/TestCases/Generic/lazy-link.ll

-dump-input=help explains the following input dump.

Input was:
<<<<<<
          1: Linking /home/tcwg-buildbot/worker/clang-aarch64-sve2-vla/stage1/./lib/../lib/clang/20/lib/aarch64-unknown-linux-gnu/liborc_rt.a(resolve.cpp.o) 
          2: Linking /home/tcwg-buildbot/worker/clang-aarch64-sve2-vla/stage1/runtimes/runtimes-bins/compiler-rt/test/orc/AARCH64LinuxConfig/TestCases/Generic/Output/lazy-link.ll.tmp/main.o 
dag:18'0                                                                                                                                                                                     X error: no match found
          3: Linking __orc_reentry_graph_#1 
dag:18'0     ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
dag:18'1     ?                               possible intended match
          4: Linking /home/tcwg-buildbot/worker/clang-aarch64-sve2-vla/stage1/./lib/../lib/clang/20/lib/aarch64-unknown-linux-gnu/liborc_rt.a(sysv_reenter.arm64.S.o) 
dag:18'0     ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
          5: Linking <indirect stubs graph #1> 
dag:18'0     ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
...

BaiXilin pushed a commit to BaiXilin/llvm-fix-vnni-instr-types that referenced this pull request Jan 12, 2025
@bernhardu @BaiXilin
[win/asan] GetInstructionSize: Add test for 8D A4 24 .... (llvm#119794
0772c2d 
)

This adds a test line and updates a comment.
@bernhardu bernhardu deleted the mr-interception_win-fix-8D_A4_24 branch January 17, 2025 17:26
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@zmodem zmodem zmodem approved these changes

Assignees
No one assigned
Labels
compiler-rt:sanitizer compiler-rt
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
5 participants
@bernhardu @llvmbot @alvinhochun @zmodem @llvm-ci