[PATCH] [PR target/96350]Force ENDBR immediate into memory to avoid fake ENDBR opcode.

public inbox for gcc-patches@gcc.gnu.org
 help / color / mirror / Atom feed

* [PATCH] [PR target/96350]Force ENDBR immediate into memory to avoid fake ENDBR opcode.
@ 2020-08-11  3:31 Hongtao Liu
  2020-08-11  8:38 ` Uros Bizjak
  0 siblings, 1 reply; 6+ messages in thread
From: Hongtao Liu @ 2020-08-11  3:31 UTC (permalink / raw)
  To: GCC Patches, Uros Bizjak

[-- Attachment #1: Type: text/plain, Size: 654 bytes --]

Hi:
  The issue is described in the bugzilla.
  Bootstrap is ok, regression test for i386/x86-64 backend is ok.
  Ok for trunk?

ChangeLog
gcc/
        PR target/96350
        * config/i386/i386.c (ix86_legitimate_constant_p): Return
        false for ENDBR immediate.
        (ix86_legitimate_address_p): Ditto.
        * config/i386/predicated.md
        (x86_64_immediate_operand): Exclude ENDBR immediate.
        (x86_64_zext_immediate_operand): Ditto.
        (x86_64_dwzext_immediate_operand): Ditto.
        (ix86_not_endbr_immediate_operand): New predicate.

gcc/testsuite
        * gcc.target/i386/endbr_immediate.c: New test.

-- 
BR,
Hongtao

[-- Attachment #2: 0001-Force-ENDBR-immediate-into-memory.patch --]
[-- Type: text/x-patch, Size: 6461 bytes --]

From 073517f01e8872e23b2dda5e6e25142ad4cfe274 Mon Sep 17 00:00:00 2001
From: liuhongt <hongtao.liu@intel.com>
Date: Tue, 4 Aug 2020 10:00:13 +0800
Subject: [PATCH] Force ENDBR immediate into memory.

gcc/
	PR target/96350
	* config/i386/i386.c (ix86_legitimate_constant_p): Return
	false for ENDBR immediate.
	(ix86_legitimate_address_p): Ditto.
	* config/i386/predicated.md
	(x86_64_immediate_operand): Exclude ENDBR immediate.
	(x86_64_zext_immediate_operand): Ditto.
	(x86_64_dwzext_immediate_operand): Ditto.
	(ix86_not_endbr_immediate_operand): New predicate.

gcc/testsuite
	* gcc.target/i386/endbr_immediate.c: New test.
---
 gcc/config/i386/i386.c                        |   5 +-
 gcc/config/i386/predicates.md                 |  33 +++
 .../gcc.target/i386/endbr_immediate.c         | 198 ++++++++++++++++++
 3 files changed, 235 insertions(+), 1 deletion(-)
 create mode 100644 gcc/testsuite/gcc.target/i386/endbr_immediate.c

diff --git a/gcc/config/i386/i386.c b/gcc/config/i386/i386.c
index 8ea6a4d7ea7..228efb60a72 100644
--- a/gcc/config/i386/i386.c
+++ b/gcc/config/i386/i386.c
@@ -10080,7 +10080,7 @@ ix86_legitimate_constant_p (machine_mode mode, rtx x)
     }
 
   /* Otherwise we handle everything else in the move patterns.  */
-  return true;
+  return ix86_not_endbr_immediate_operand (x, VOIDmode);
 }
 
 /* Determine if it's legal to put X into the constant pool.  This
@@ -10568,6 +10568,9 @@ ix86_legitimate_address_p (machine_mode, rtx addr, bool strict)
 	return false;
     }
 
+  if (disp && !ix86_not_endbr_immediate_operand (disp, VOIDmode))
+    return false;
+
   /* Everything looks valid.  */
   return true;
 }
diff --git a/gcc/config/i386/predicates.md b/gcc/config/i386/predicates.md
index 07e69d555c0..47e65892d94 100644
--- a/gcc/config/i386/predicates.md
+++ b/gcc/config/i386/predicates.md
@@ -130,10 +130,38 @@
 (define_predicate "symbol_operand"
   (match_code "symbol_ref"))
 
+;; Return true if VALUE isn't an ENDBR opcode in immediate field.
+(define_predicate "ix86_not_endbr_immediate_operand"
+  (match_test "1")
+{
+  if ((flag_cf_protection & CF_BRANCH)
+      && CONST_INT_P (op))
+     {
+       unsigned HOST_WIDE_INT imm = INTVAL (op);
+       if (!TARGET_64BIT || imm <= 0xffffffff)
+	 return imm != (TARGET_64BIT ? 0xfa1e0ff3 : 0xfb1e0ff3);
+
+       /* NB: Encoding is byte based.  */
+       do
+	 {
+	  if ((0xffffffff & imm) == 0xfa1e0ff3)
+	    return false;
+	  imm >>= 8;
+	 }
+       while (imm > 0xffffffff);
+
+       return true;
+      }
+  return true;
+})
+
 ;; Return true if VALUE can be stored in a sign extended immediate field.
 (define_predicate "x86_64_immediate_operand"
   (match_code "const_int,symbol_ref,label_ref,const")
 {
+  if (!ix86_not_endbr_immediate_operand (op, VOIDmode))
+    return false;
+
   if (!TARGET_64BIT)
     return immediate_operand (op, mode);
 
@@ -260,6 +288,9 @@
 (define_predicate "x86_64_zext_immediate_operand"
   (match_code "const_int,symbol_ref,label_ref,const")
 {
+  if (!ix86_not_endbr_immediate_operand (op, VOIDmode))
+    return false;
+
   switch (GET_CODE (op))
     {
     case CONST_INT:
@@ -374,6 +405,8 @@
 (define_predicate "x86_64_dwzext_immediate_operand"
   (match_code "const_int,const_wide_int")
 {
+  if (!ix86_not_endbr_immediate_operand (op, VOIDmode))
+    return false;
   switch (GET_CODE (op))
     {
     case CONST_INT:
diff --git a/gcc/testsuite/gcc.target/i386/endbr_immediate.c b/gcc/testsuite/gcc.target/i386/endbr_immediate.c
new file mode 100644
index 00000000000..3015512aa0e
--- /dev/null
+++ b/gcc/testsuite/gcc.target/i386/endbr_immediate.c
@@ -0,0 +1,198 @@
+/* PR target/96350 */
+/* { dg-do compile } */
+/* { dg-options "-fcf-protection -O2" } */
+/* { dg-final { scan-assembler-not "$-81915917" { target { ia32 } } } } */
+/* { dg-final { scan-assembler-not "$-98693133" { target { ! ia32 } } } } *
+/* { dg-final { scan-assembler-not "$-423883778574778368" { target { ! ia32 } } } } */
+/* { dg-final { scan-assembler "\[ \t\]*-81915917" { target { ia32 } } } } */
+/* { dg-final { scan-assembler "\[ \t\]*-98693133" { target { ! ia32 } } } } */
+/* { dg-final { scan-assembler "\[ \t\]*-423883778574778368" { target { ! ia32 } } } } */
+
+
+#ifdef __x86_64__
+#define ENDBR_IMMEDIATE 0xfa1e0ff3
+#define EXTEND_ENDBR_IMMEDIATE 0xfa1e0ff300000000
+#else
+#define ENDBR_IMMEDIATE 0xfb1e0ff3
+#define EXTEND_ENDBR_IMMEDIATE 0xfffb1e0ff300
+#endif
+
+int
+foo (int a)
+{
+  return a + ENDBR_IMMEDIATE;
+}
+
+int
+foo2 (int a)
+{
+  return a - ENDBR_IMMEDIATE;
+}
+
+int
+foo3 (int a)
+{
+  return a * ENDBR_IMMEDIATE;
+}
+
+int
+foo4 (int a)
+{
+  return a | ENDBR_IMMEDIATE;
+}
+
+int
+foo5 (int a)
+{
+  return a ^ ENDBR_IMMEDIATE;
+}
+
+int
+foo6 (int a)
+{
+  return a & ENDBR_IMMEDIATE;
+}
+
+int
+foo7 (int a)
+{
+  return a > ENDBR_IMMEDIATE;
+}
+
+int
+foo8 (int a)
+{
+  return ENDBR_IMMEDIATE;
+}
+
+int
+foo9 (int* p)
+{
+  return *(p + ENDBR_IMMEDIATE);
+}
+
+int
+foo10 (int* p)
+{
+  return *(int*) ENDBR_IMMEDIATE;
+}
+
+long long
+foo11 (long long a)
+{
+  return a + EXTEND_ENDBR_IMMEDIATE;
+}
+
+long long
+foo12 (long long a)
+{
+  return a - EXTEND_ENDBR_IMMEDIATE;
+}
+
+long long
+foo13 (long long a)
+{
+  return a * EXTEND_ENDBR_IMMEDIATE;
+}
+
+long long
+foo14 (long long a)
+{
+  return a | EXTEND_ENDBR_IMMEDIATE;
+}
+
+long long
+foo15 (long long a)
+{
+  return a ^ EXTEND_ENDBR_IMMEDIATE;
+}
+
+long long
+foo16 (long long a)
+{
+  return a & EXTEND_ENDBR_IMMEDIATE;
+}
+
+long long
+foo17 (long long a)
+{
+  return a > EXTEND_ENDBR_IMMEDIATE;
+}
+
+long long
+foo18 (long long a)
+{
+  return EXTEND_ENDBR_IMMEDIATE;
+}
+
+long long
+foo19 (long long* p)
+{
+  return *(p + EXTEND_ENDBR_IMMEDIATE);
+}
+
+long long
+foo20 (long long* p)
+{
+  return *(long long*) EXTEND_ENDBR_IMMEDIATE;
+}
+
+long long
+foo21 (int a)
+{
+  return a + ENDBR_IMMEDIATE;
+}
+
+long long
+foo22 (int a)
+{
+  return a - ENDBR_IMMEDIATE;
+}
+
+long long
+foo23 (long long a)
+{
+  return a * ENDBR_IMMEDIATE;
+}
+
+long long
+foo24 (int a)
+{
+  return a | ENDBR_IMMEDIATE;
+}
+
+long long
+foo25 (int a)
+{
+  return a ^ ENDBR_IMMEDIATE;
+}
+
+long long
+foo26 (int a)
+{
+  return a & ENDBR_IMMEDIATE;
+}
+
+long long
+foo27 (int a)
+{
+  return a > ENDBR_IMMEDIATE;
+}
+
+long long
+foo28 (int a)
+{
+  return ENDBR_IMMEDIATE;
+}
+
+long long
+foo29 (int* p)
+{
+  return *(p + ENDBR_IMMEDIATE);
+}
+
+long long
+foo30 (int* p)
+{
+  return *(long long*) ENDBR_IMMEDIATE;
+}
-- 
2.18.1


^ permalink raw reply	[flat|nested] 6+ messages in thread

* Re: [PATCH] [PR target/96350]Force ENDBR immediate into memory to avoid fake ENDBR opcode.
  2020-08-11  3:31 [PATCH] [PR target/96350]Force ENDBR immediate into memory to avoid fake ENDBR opcode Hongtao Liu
@ 2020-08-11  8:38 ` Uros Bizjak
  2020-08-11  9:36   ` Hongtao Liu
  0 siblings, 1 reply; 6+ messages in thread
From: Uros Bizjak @ 2020-08-11  8:38 UTC (permalink / raw)
  To: Hongtao Liu; +Cc: GCC Patches, H. J. Lu

On Tue, Aug 11, 2020 at 5:30 AM Hongtao Liu <crazylht@gmail.com> wrote:
>
> Hi:
>   The issue is described in the bugzilla.
>   Bootstrap is ok, regression test for i386/x86-64 backend is ok.
>   Ok for trunk?
>
> ChangeLog
> gcc/
>         PR target/96350
>         * config/i386/i386.c (ix86_legitimate_constant_p): Return
>         false for ENDBR immediate.
>         (ix86_legitimate_address_p): Ditto.
>         * config/i386/predicated.md
>         (x86_64_immediate_operand): Exclude ENDBR immediate.
>         (x86_64_zext_immediate_operand): Ditto.
>         (x86_64_dwzext_immediate_operand): Ditto.
>         (ix86_not_endbr_immediate_operand): New predicate.
>
> gcc/testsuite
>         * gcc.target/i386/endbr_immediate.c: New test.

+;; Return true if VALUE isn't an ENDBR opcode in immediate field.
+(define_predicate "ix86_not_endbr_immediate_operand"
+  (match_test "1")

Please reverse the above logic to introduce
ix86_endbr_immediate_operand, that returns true for unwanted
immediate. Something like:

(define_predicate "ix86_endbr_immediate_operand"
  (match_code "const_int")
...

And you will be able to use it like:

if (ix86_endbr_immediate_operand (x, VOIDmode)
  return false;

   /* Otherwise we handle everything else in the move patterns.  */
-  return true;
+  return ix86_not_endbr_immediate_operand (x, VOIDmode);
 }

Please handle this in CASE_CONST_SCALAR_INT: part.

+  if (disp && !ix86_not_endbr_immediate_operand (disp, VOIDmode))
+    return false;

And this in:

  /* Validate displacement.  */
  if (disp)
    {

Uros.

> --
> BR,
> Hongtao

^ permalink raw reply	[flat|nested] 6+ messages in thread

* Re: [PATCH] [PR target/96350]Force ENDBR immediate into memory to avoid fake ENDBR opcode.
  2020-08-11  8:38 ` Uros Bizjak
@ 2020-08-11  9:36   ` Hongtao Liu
  2020-08-11  9:56     ` Uros Bizjak
  0 siblings, 1 reply; 6+ messages in thread
From: Hongtao Liu @ 2020-08-11  9:36 UTC (permalink / raw)
  To: Uros Bizjak; +Cc: GCC Patches, H. J. Lu

[-- Attachment #1: Type: text/plain, Size: 1819 bytes --]

On Tue, Aug 11, 2020 at 4:38 PM Uros Bizjak <ubizjak@gmail.com> wrote:
>
> On Tue, Aug 11, 2020 at 5:30 AM Hongtao Liu <crazylht@gmail.com> wrote:
> >
> > Hi:
> >   The issue is described in the bugzilla.
> >   Bootstrap is ok, regression test for i386/x86-64 backend is ok.
> >   Ok for trunk?
> >
> > ChangeLog
> > gcc/
> >         PR target/96350
> >         * config/i386/i386.c (ix86_legitimate_constant_p): Return
> >         false for ENDBR immediate.
> >         (ix86_legitimate_address_p): Ditto.
> >         * config/i386/predicated.md
> >         (x86_64_immediate_operand): Exclude ENDBR immediate.
> >         (x86_64_zext_immediate_operand): Ditto.
> >         (x86_64_dwzext_immediate_operand): Ditto.
> >         (ix86_not_endbr_immediate_operand): New predicate.
> >
> > gcc/testsuite
> >         * gcc.target/i386/endbr_immediate.c: New test.
>
> +;; Return true if VALUE isn't an ENDBR opcode in immediate field.
> +(define_predicate "ix86_not_endbr_immediate_operand"
> +  (match_test "1")
>
> Please reverse the above logic to introduce
> ix86_endbr_immediate_operand, that returns true for unwanted
> immediate. Something like:
>
> (define_predicate "ix86_endbr_immediate_operand"
>   (match_code "const_int")
> ...
>
> And you will be able to use it like:
>
> if (ix86_endbr_immediate_operand (x, VOIDmode)
>   return false;
>

Changed.

>    /* Otherwise we handle everything else in the move patterns.  */
> -  return true;
> +  return ix86_not_endbr_immediate_operand (x, VOIDmode);
>  }
>
> Please handle this in CASE_CONST_SCALAR_INT: part.
>
> +  if (disp && !ix86_not_endbr_immediate_operand (disp, VOIDmode))
> +    return false;
>
> And this in:
>
>   /* Validate displacement.  */
>   if (disp)
>     {
>

Changed.

> Uros.
>
> > --
> > BR,
> > Hongtao

Update patch.

-- 
BR,
Hongtao

[-- Attachment #2: 0001-Force-ENDBR-immediate-into-memory_v2.patch --]
[-- Type: text/x-patch, Size: 6381 bytes --]

From eb943a5bf060f0d912979bce76b4f0c0cbaed858 Mon Sep 17 00:00:00 2001
From: liuhongt <hongtao.liu@intel.com>
Date: Tue, 4 Aug 2020 10:00:13 +0800
Subject: [PATCH] Force ENDBR immediate into memory.

gcc/
	PR target/96350
	* config/i386/i386.c (ix86_legitimate_constant_p): Return
	false for ENDBR immediate.
	(ix86_legitimate_address_p): Ditto.
	* config/i386/predicated.md
	(x86_64_immediate_operand): Exclude ENDBR immediate.
	(x86_64_zext_immediate_operand): Ditto.
	(x86_64_dwzext_immediate_operand): Ditto.
	(ix86_endbr_immediate_operand): New predicate.

gcc/testsuite
	* gcc.target/i386/endbr_immediate.c: New test.
---
 gcc/config/i386/i386.c                        |   4 +
 gcc/config/i386/predicates.md                 |  32 +++
 .../gcc.target/i386/endbr_immediate.c         | 198 ++++++++++++++++++
 3 files changed, 234 insertions(+)
 create mode 100644 gcc/testsuite/gcc.target/i386/endbr_immediate.c

diff --git a/gcc/config/i386/i386.c b/gcc/config/i386/i386.c
index 8ea6a4d7ea7..388291f1dba 100644
--- a/gcc/config/i386/i386.c
+++ b/gcc/config/i386/i386.c
@@ -10069,6 +10069,8 @@ ix86_legitimate_constant_p (machine_mode mode, rtx x)
 	default:
 	  break;
 	}
+      if (ix86_endbr_immediate_operand (x, VOIDmode))
+	return false;
       break;
 
     case CONST_VECTOR:
@@ -10566,6 +10568,8 @@ ix86_legitimate_address_p (machine_mode, rtx addr, bool strict)
 	       && CONST_INT_P (disp)
 	       && val_signbit_known_set_p (SImode, INTVAL (disp)))
 	return false;
+      if (ix86_endbr_immediate_operand (disp, VOIDmode))
+	return false;
     }
 
   /* Everything looks valid.  */
diff --git a/gcc/config/i386/predicates.md b/gcc/config/i386/predicates.md
index 07e69d555c0..47ab053dc99 100644
--- a/gcc/config/i386/predicates.md
+++ b/gcc/config/i386/predicates.md
@@ -130,10 +130,37 @@
 (define_predicate "symbol_operand"
   (match_code "symbol_ref"))
 
+;; Return true if VALUE isn't an ENDBR opcode in immediate field.
+(define_predicate "ix86_endbr_immediate_operand"
+  (match_code "const_int")
+{
+  if ((flag_cf_protection & CF_BRANCH)
+      && CONST_INT_P (op))
+     {
+       unsigned HOST_WIDE_INT imm = INTVAL (op);
+       if (!TARGET_64BIT || imm <= 0xffffffff)
+	 return imm == (TARGET_64BIT ? 0xfa1e0ff3 : 0xfb1e0ff3);
+
+       /* NB: Encoding is byte based.  */
+       do
+	 {
+	  if ((0xffffffff & imm) == 0xfa1e0ff3)
+	    return true;
+	  imm >>= 8;
+	 }
+       while (imm > 0xffffffff);
+     }
+
+  return false;
+})
+
 ;; Return true if VALUE can be stored in a sign extended immediate field.
 (define_predicate "x86_64_immediate_operand"
   (match_code "const_int,symbol_ref,label_ref,const")
 {
+  if (ix86_endbr_immediate_operand (op, VOIDmode))
+    return false;
+
   if (!TARGET_64BIT)
     return immediate_operand (op, mode);
 
@@ -260,6 +287,9 @@
 (define_predicate "x86_64_zext_immediate_operand"
   (match_code "const_int,symbol_ref,label_ref,const")
 {
+  if (ix86_endbr_immediate_operand (op, VOIDmode))
+    return false;
+
   switch (GET_CODE (op))
     {
     case CONST_INT:
@@ -374,6 +404,8 @@
 (define_predicate "x86_64_dwzext_immediate_operand"
   (match_code "const_int,const_wide_int")
 {
+  if (ix86_endbr_immediate_operand (op, VOIDmode))
+    return false;
   switch (GET_CODE (op))
     {
     case CONST_INT:
diff --git a/gcc/testsuite/gcc.target/i386/endbr_immediate.c b/gcc/testsuite/gcc.target/i386/endbr_immediate.c
new file mode 100644
index 00000000000..3015512aa0e
--- /dev/null
+++ b/gcc/testsuite/gcc.target/i386/endbr_immediate.c
@@ -0,0 +1,198 @@
+/* PR target/96350 */
+/* { dg-do compile } */
+/* { dg-options "-fcf-protection -O2" } */
+/* { dg-final { scan-assembler-not "$-81915917" { target { ia32 } } } } */
+/* { dg-final { scan-assembler-not "$-98693133" { target { ! ia32 } } } } *
+/* { dg-final { scan-assembler-not "$-423883778574778368" { target { ! ia32 } } } } */
+/* { dg-final { scan-assembler "\[ \t\]*-81915917" { target { ia32 } } } } */
+/* { dg-final { scan-assembler "\[ \t\]*-98693133" { target { ! ia32 } } } } */
+/* { dg-final { scan-assembler "\[ \t\]*-423883778574778368" { target { ! ia32 } } } } */
+
+
+#ifdef __x86_64__
+#define ENDBR_IMMEDIATE 0xfa1e0ff3
+#define EXTEND_ENDBR_IMMEDIATE 0xfa1e0ff300000000
+#else
+#define ENDBR_IMMEDIATE 0xfb1e0ff3
+#define EXTEND_ENDBR_IMMEDIATE 0xfffb1e0ff300
+#endif
+
+int
+foo (int a)
+{
+  return a + ENDBR_IMMEDIATE;
+}
+
+int
+foo2 (int a)
+{
+  return a - ENDBR_IMMEDIATE;
+}
+
+int
+foo3 (int a)
+{
+  return a * ENDBR_IMMEDIATE;
+}
+
+int
+foo4 (int a)
+{
+  return a | ENDBR_IMMEDIATE;
+}
+
+int
+foo5 (int a)
+{
+  return a ^ ENDBR_IMMEDIATE;
+}
+
+int
+foo6 (int a)
+{
+  return a & ENDBR_IMMEDIATE;
+}
+
+int
+foo7 (int a)
+{
+  return a > ENDBR_IMMEDIATE;
+}
+
+int
+foo8 (int a)
+{
+  return ENDBR_IMMEDIATE;
+}
+
+int
+foo9 (int* p)
+{
+  return *(p + ENDBR_IMMEDIATE);
+}
+
+int
+foo10 (int* p)
+{
+  return *(int*) ENDBR_IMMEDIATE;
+}
+
+long long
+foo11 (long long a)
+{
+  return a + EXTEND_ENDBR_IMMEDIATE;
+}
+
+long long
+foo12 (long long a)
+{
+  return a - EXTEND_ENDBR_IMMEDIATE;
+}
+
+long long
+foo13 (long long a)
+{
+  return a * EXTEND_ENDBR_IMMEDIATE;
+}
+
+long long
+foo14 (long long a)
+{
+  return a | EXTEND_ENDBR_IMMEDIATE;
+}
+
+long long
+foo15 (long long a)
+{
+  return a ^ EXTEND_ENDBR_IMMEDIATE;
+}
+
+long long
+foo16 (long long a)
+{
+  return a & EXTEND_ENDBR_IMMEDIATE;
+}
+
+long long
+foo17 (long long a)
+{
+  return a > EXTEND_ENDBR_IMMEDIATE;
+}
+
+long long
+foo18 (long long a)
+{
+  return EXTEND_ENDBR_IMMEDIATE;
+}
+
+long long
+foo19 (long long* p)
+{
+  return *(p + EXTEND_ENDBR_IMMEDIATE);
+}
+
+long long
+foo20 (long long* p)
+{
+  return *(long long*) EXTEND_ENDBR_IMMEDIATE;
+}
+
+long long
+foo21 (int a)
+{
+  return a + ENDBR_IMMEDIATE;
+}
+
+long long
+foo22 (int a)
+{
+  return a - ENDBR_IMMEDIATE;
+}
+
+long long
+foo23 (long long a)
+{
+  return a * ENDBR_IMMEDIATE;
+}
+
+long long
+foo24 (int a)
+{
+  return a | ENDBR_IMMEDIATE;
+}
+
+long long
+foo25 (int a)
+{
+  return a ^ ENDBR_IMMEDIATE;
+}
+
+long long
+foo26 (int a)
+{
+  return a & ENDBR_IMMEDIATE;
+}
+
+long long
+foo27 (int a)
+{
+  return a > ENDBR_IMMEDIATE;
+}
+
+long long
+foo28 (int a)
+{
+  return ENDBR_IMMEDIATE;
+}
+
+long long
+foo29 (int* p)
+{
+  return *(p + ENDBR_IMMEDIATE);
+}
+
+long long
+foo30 (int* p)
+{
+  return *(long long*) ENDBR_IMMEDIATE;
+}
-- 
2.18.1


^ permalink raw reply	[flat|nested] 6+ messages in thread

* Re: [PATCH] [PR target/96350]Force ENDBR immediate into memory to avoid fake ENDBR opcode.
  2020-08-11  9:36   ` Hongtao Liu
@ 2020-08-11  9:56     ` Uros Bizjak
  2020-08-14  4:54       ` Hongtao Liu
  0 siblings, 1 reply; 6+ messages in thread
From: Uros Bizjak @ 2020-08-11  9:56 UTC (permalink / raw)
  To: Hongtao Liu; +Cc: GCC Patches, H. J. Lu

On Tue, Aug 11, 2020 at 11:36 AM Hongtao Liu <crazylht@gmail.com> wrote:
>
> On Tue, Aug 11, 2020 at 4:38 PM Uros Bizjak <ubizjak@gmail.com> wrote:
> >
> > On Tue, Aug 11, 2020 at 5:30 AM Hongtao Liu <crazylht@gmail.com> wrote:
> > >
> > > Hi:
> > >   The issue is described in the bugzilla.
> > >   Bootstrap is ok, regression test for i386/x86-64 backend is ok.
> > >   Ok for trunk?
> > >
> > > ChangeLog
> > > gcc/
> > >         PR target/96350
> > >         * config/i386/i386.c (ix86_legitimate_constant_p): Return
> > >         false for ENDBR immediate.
> > >         (ix86_legitimate_address_p): Ditto.
> > >         * config/i386/predicated.md
> > >         (x86_64_immediate_operand): Exclude ENDBR immediate.
> > >         (x86_64_zext_immediate_operand): Ditto.
> > >         (x86_64_dwzext_immediate_operand): Ditto.
> > >         (ix86_not_endbr_immediate_operand): New predicate.
> > >
> > > gcc/testsuite
> > >         * gcc.target/i386/endbr_immediate.c: New test.
> >
> > +;; Return true if VALUE isn't an ENDBR opcode in immediate field.
> > +(define_predicate "ix86_not_endbr_immediate_operand"
> > +  (match_test "1")
> >
> > Please reverse the above logic to introduce
> > ix86_endbr_immediate_operand, that returns true for unwanted
> > immediate. Something like:
> >
> > (define_predicate "ix86_endbr_immediate_operand"
> >   (match_code "const_int")
> > ...
> >
> > And you will be able to use it like:
> >
> > if (ix86_endbr_immediate_operand (x, VOIDmode)
> >   return false;
> >
>
> Changed.

No, it is not.

+  if ((flag_cf_protection & CF_BRANCH)
+      && CONST_INT_P (op))

You don't need to check for const ints here.

And please rewrite the body of the function to something like (untested):

{
  unsigned HOST_WIDE_INT val = TARGET_64BIT ? 0xfa1e0ff3 : 0xfb1e0ff3;

  if (x == val)
    return 1;

  if (TARGET_64BIT)
    for (; x >= val; x >>= 8)
      if (x == val)
        return 1;

  return 0;
}

so it will at least *look* like some thoughts have been spent on this.
I don't plan to review the code where it is obvious from the first
look that it was thrown together in a hurry. Please get some internal
company signoff first. Ping me in a week for a review.

Uros.
>
> >    /* Otherwise we handle everything else in the move patterns.  */
> > -  return true;
> > +  return ix86_not_endbr_immediate_operand (x, VOIDmode);
> >  }
> >
> > Please handle this in CASE_CONST_SCALAR_INT: part.
> >
> > +  if (disp && !ix86_not_endbr_immediate_operand (disp, VOIDmode))
> > +    return false;
> >
> > And this in:
> >
> >   /* Validate displacement.  */
> >   if (disp)
> >     {
> >
>
> Changed.

A better place for these new special cases is at the beginning of the
part I referred, not at the end.

Uros.

^ permalink raw reply	[flat|nested] 6+ messages in thread

* Re: [PATCH] [PR target/96350]Force ENDBR immediate into memory to avoid fake ENDBR opcode.
  2020-08-11  9:56     ` Uros Bizjak
@ 2020-08-14  4:54       ` Hongtao Liu
  2020-08-14 10:03         ` Uros Bizjak
  0 siblings, 1 reply; 6+ messages in thread
From: Hongtao Liu @ 2020-08-14  4:54 UTC (permalink / raw)
  To: Uros Bizjak; +Cc: GCC Patches, H. J. Lu

[-- Attachment #1: Type: text/plain, Size: 3093 bytes --]

On Tue, Aug 11, 2020 at 5:56 PM Uros Bizjak <ubizjak@gmail.com> wrote:
>
> On Tue, Aug 11, 2020 at 11:36 AM Hongtao Liu <crazylht@gmail.com> wrote:
> >
> > On Tue, Aug 11, 2020 at 4:38 PM Uros Bizjak <ubizjak@gmail.com> wrote:
> > >
> > > On Tue, Aug 11, 2020 at 5:30 AM Hongtao Liu <crazylht@gmail.com> wrote:
> > > >
> > > > Hi:
> > > >   The issue is described in the bugzilla.
> > > >   Bootstrap is ok, regression test for i386/x86-64 backend is ok.
> > > >   Ok for trunk?
> > > >
> > > > ChangeLog
> > > > gcc/
> > > >         PR target/96350
> > > >         * config/i386/i386.c (ix86_legitimate_constant_p): Return
> > > >         false for ENDBR immediate.
> > > >         (ix86_legitimate_address_p): Ditto.
> > > >         * config/i386/predicated.md
> > > >         (x86_64_immediate_operand): Exclude ENDBR immediate.
> > > >         (x86_64_zext_immediate_operand): Ditto.
> > > >         (x86_64_dwzext_immediate_operand): Ditto.
> > > >         (ix86_not_endbr_immediate_operand): New predicate.
> > > >
> > > > gcc/testsuite
> > > >         * gcc.target/i386/endbr_immediate.c: New test.
> > >
> > > +;; Return true if VALUE isn't an ENDBR opcode in immediate field.
> > > +(define_predicate "ix86_not_endbr_immediate_operand"
> > > +  (match_test "1")
> > >
> > > Please reverse the above logic to introduce
> > > ix86_endbr_immediate_operand, that returns true for unwanted
> > > immediate. Something like:
> > >
> > > (define_predicate "ix86_endbr_immediate_operand"
> > >   (match_code "const_int")
> > > ...
> > >
> > > And you will be able to use it like:
> > >
> > > if (ix86_endbr_immediate_operand (x, VOIDmode)
> > >   return false;
> > >
> >
> > Changed.
>
> No, it is not.
>
> +  if ((flag_cf_protection & CF_BRANCH)
> +      && CONST_INT_P (op))
>
> You don't need to check for const ints here.
>
> And please rewrite the body of the function to something like (untested):
>
> {
>   unsigned HOST_WIDE_INT val = TARGET_64BIT ? 0xfa1e0ff3 : 0xfb1e0ff3;
>
>   if (x == val)
>     return 1;
>
>   if (TARGET_64BIT)
>     for (; x >= val; x >>= 8)
>       if (x == val)
>         return 1;
>
>   return 0;
> }
>
> so it will at least *look* like some thoughts have been spent on this.
> I don't plan to review the code where it is obvious from the first
> look that it was thrown together in a hurry. Please get some internal
> company signoff first. Ping me in a week for a review.
>

Sorry for the hurry, i know your time is precious.

> Uros.
> >
> > >    /* Otherwise we handle everything else in the move patterns.  */
> > > -  return true;
> > > +  return ix86_not_endbr_immediate_operand (x, VOIDmode);
> > >  }
> > >
> > > Please handle this in CASE_CONST_SCALAR_INT: part.
> > >
> > > +  if (disp && !ix86_not_endbr_immediate_operand (disp, VOIDmode))
> > > +    return false;
> > >
> > > And this in:
> > >
> > >   /* Validate displacement.  */
> > >   if (disp)
> > >     {
> > >
> >
> > Changed.
>
> A better place for these new special cases is at the beginning of the
> part I referred, not at the end.
>

Yes.

> Uros.

Update patch.

-- 
BR,
Hongtao

[-- Attachment #2: 0001-Force-ENDBR-immediate-into-memory_v3.patch --]
[-- Type: text/x-patch, Size: 6385 bytes --]

From d89dfb93e54dd3a9717fdb4d3f58cccf93b15072 Mon Sep 17 00:00:00 2001
From: liuhongt <hongtao.liu@intel.com>
Date: Tue, 4 Aug 2020 10:00:13 +0800
Subject: [PATCH] Force ENDBR immediate into memory.

gcc/
	PR target/96350
	* config/i386/i386.c (ix86_legitimate_constant_p): Return
	false for ENDBR immediate.
	(ix86_legitimate_address_p): Ditto.
	* config/i386/predicated.md
	(x86_64_immediate_operand): Exclude ENDBR immediate.
	(x86_64_zext_immediate_operand): Ditto.
	(x86_64_dwzext_immediate_operand): Ditto.
	(ix86_endbr_immediate_operand): New predicate.

gcc/testsuite
	* gcc.target/i386/endbr_immediate.c: New test.
---
 gcc/config/i386/i386.c                        |   6 +
 gcc/config/i386/predicates.md                 |  30 +++
 .../gcc.target/i386/endbr_immediate.c         | 198 ++++++++++++++++++
 3 files changed, 234 insertions(+)
 create mode 100644 gcc/testsuite/gcc.target/i386/endbr_immediate.c

diff --git a/gcc/config/i386/i386.c b/gcc/config/i386/i386.c
index 8ea6a4d7ea7..ea92626e08e 100644
--- a/gcc/config/i386/i386.c
+++ b/gcc/config/i386/i386.c
@@ -10056,6 +10056,9 @@ ix86_legitimate_constant_p (machine_mode mode, rtx x)
       break;
 
     CASE_CONST_SCALAR_INT:
+      if (ix86_endbr_immediate_operand (x, VOIDmode))
+	return false;
+
       switch (mode)
 	{
 	case E_TImode:
@@ -10449,6 +10452,9 @@ ix86_legitimate_address_p (machine_mode, rtx addr, bool strict)
   /* Validate displacement.  */
   if (disp)
     {
+      if (ix86_endbr_immediate_operand (disp, VOIDmode))
+	return false;
+
       if (GET_CODE (disp) == CONST
 	  && GET_CODE (XEXP (disp, 0)) == UNSPEC
 	  && XINT (XEXP (disp, 0), 1) != UNSPEC_MACHOPIC_OFFSET)
diff --git a/gcc/config/i386/predicates.md b/gcc/config/i386/predicates.md
index 07e69d555c0..25d63bdb940 100644
--- a/gcc/config/i386/predicates.md
+++ b/gcc/config/i386/predicates.md
@@ -130,10 +130,35 @@
 (define_predicate "symbol_operand"
   (match_code "symbol_ref"))
 
+;; Return true if VALUE is an ENDBR opcode in immediate field.
+(define_predicate "ix86_endbr_immediate_operand"
+  (match_code "const_int")
+{
+  if (flag_cf_protection & CF_BRANCH)
+     {
+       unsigned HOST_WIDE_INT imm = INTVAL (op);
+       unsigned HOST_WIDE_INT val = TARGET_64BIT ? 0xfa1e0ff3 : 0xfb1e0ff3;
+
+       if (imm == val)
+	 return 1;
+
+       /* NB: Encoding is byte based.  */
+       if (TARGET_64BIT)
+	 for (; imm >= val; imm >>= 8)
+	   if (imm == val)
+	     return 1;
+      }
+
+  return 0;
+})
+
 ;; Return true if VALUE can be stored in a sign extended immediate field.
 (define_predicate "x86_64_immediate_operand"
   (match_code "const_int,symbol_ref,label_ref,const")
 {
+  if (ix86_endbr_immediate_operand (op, VOIDmode))
+    return false;
+
   if (!TARGET_64BIT)
     return immediate_operand (op, mode);
 
@@ -260,6 +285,9 @@
 (define_predicate "x86_64_zext_immediate_operand"
   (match_code "const_int,symbol_ref,label_ref,const")
 {
+  if (ix86_endbr_immediate_operand (op, VOIDmode))
+    return false;
+
   switch (GET_CODE (op))
     {
     case CONST_INT:
@@ -374,6 +402,8 @@
 (define_predicate "x86_64_dwzext_immediate_operand"
   (match_code "const_int,const_wide_int")
 {
+  if (ix86_endbr_immediate_operand (op, VOIDmode))
+    return false;
   switch (GET_CODE (op))
     {
     case CONST_INT:
diff --git a/gcc/testsuite/gcc.target/i386/endbr_immediate.c b/gcc/testsuite/gcc.target/i386/endbr_immediate.c
new file mode 100644
index 00000000000..3015512aa0e
--- /dev/null
+++ b/gcc/testsuite/gcc.target/i386/endbr_immediate.c
@@ -0,0 +1,198 @@
+/* PR target/96350 */
+/* { dg-do compile } */
+/* { dg-options "-fcf-protection -O2" } */
+/* { dg-final { scan-assembler-not "$-81915917" { target { ia32 } } } } */
+/* { dg-final { scan-assembler-not "$-98693133" { target { ! ia32 } } } } *
+/* { dg-final { scan-assembler-not "$-423883778574778368" { target { ! ia32 } } } } */
+/* { dg-final { scan-assembler "\[ \t\]*-81915917" { target { ia32 } } } } */
+/* { dg-final { scan-assembler "\[ \t\]*-98693133" { target { ! ia32 } } } } */
+/* { dg-final { scan-assembler "\[ \t\]*-423883778574778368" { target { ! ia32 } } } } */
+
+
+#ifdef __x86_64__
+#define ENDBR_IMMEDIATE 0xfa1e0ff3
+#define EXTEND_ENDBR_IMMEDIATE 0xfa1e0ff300000000
+#else
+#define ENDBR_IMMEDIATE 0xfb1e0ff3
+#define EXTEND_ENDBR_IMMEDIATE 0xfffb1e0ff300
+#endif
+
+int
+foo (int a)
+{
+  return a + ENDBR_IMMEDIATE;
+}
+
+int
+foo2 (int a)
+{
+  return a - ENDBR_IMMEDIATE;
+}
+
+int
+foo3 (int a)
+{
+  return a * ENDBR_IMMEDIATE;
+}
+
+int
+foo4 (int a)
+{
+  return a | ENDBR_IMMEDIATE;
+}
+
+int
+foo5 (int a)
+{
+  return a ^ ENDBR_IMMEDIATE;
+}
+
+int
+foo6 (int a)
+{
+  return a & ENDBR_IMMEDIATE;
+}
+
+int
+foo7 (int a)
+{
+  return a > ENDBR_IMMEDIATE;
+}
+
+int
+foo8 (int a)
+{
+  return ENDBR_IMMEDIATE;
+}
+
+int
+foo9 (int* p)
+{
+  return *(p + ENDBR_IMMEDIATE);
+}
+
+int
+foo10 (int* p)
+{
+  return *(int*) ENDBR_IMMEDIATE;
+}
+
+long long
+foo11 (long long a)
+{
+  return a + EXTEND_ENDBR_IMMEDIATE;
+}
+
+long long
+foo12 (long long a)
+{
+  return a - EXTEND_ENDBR_IMMEDIATE;
+}
+
+long long
+foo13 (long long a)
+{
+  return a * EXTEND_ENDBR_IMMEDIATE;
+}
+
+long long
+foo14 (long long a)
+{
+  return a | EXTEND_ENDBR_IMMEDIATE;
+}
+
+long long
+foo15 (long long a)
+{
+  return a ^ EXTEND_ENDBR_IMMEDIATE;
+}
+
+long long
+foo16 (long long a)
+{
+  return a & EXTEND_ENDBR_IMMEDIATE;
+}
+
+long long
+foo17 (long long a)
+{
+  return a > EXTEND_ENDBR_IMMEDIATE;
+}
+
+long long
+foo18 (long long a)
+{
+  return EXTEND_ENDBR_IMMEDIATE;
+}
+
+long long
+foo19 (long long* p)
+{
+  return *(p + EXTEND_ENDBR_IMMEDIATE);
+}
+
+long long
+foo20 (long long* p)
+{
+  return *(long long*) EXTEND_ENDBR_IMMEDIATE;
+}
+
+long long
+foo21 (int a)
+{
+  return a + ENDBR_IMMEDIATE;
+}
+
+long long
+foo22 (int a)
+{
+  return a - ENDBR_IMMEDIATE;
+}
+
+long long
+foo23 (long long a)
+{
+  return a * ENDBR_IMMEDIATE;
+}
+
+long long
+foo24 (int a)
+{
+  return a | ENDBR_IMMEDIATE;
+}
+
+long long
+foo25 (int a)
+{
+  return a ^ ENDBR_IMMEDIATE;
+}
+
+long long
+foo26 (int a)
+{
+  return a & ENDBR_IMMEDIATE;
+}
+
+long long
+foo27 (int a)
+{
+  return a > ENDBR_IMMEDIATE;
+}
+
+long long
+foo28 (int a)
+{
+  return ENDBR_IMMEDIATE;
+}
+
+long long
+foo29 (int* p)
+{
+  return *(p + ENDBR_IMMEDIATE);
+}
+
+long long
+foo30 (int* p)
+{
+  return *(long long*) ENDBR_IMMEDIATE;
+}
-- 
2.18.1


^ permalink raw reply	[flat|nested] 6+ messages in thread

* Re: [PATCH] [PR target/96350]Force ENDBR immediate into memory to avoid fake ENDBR opcode.
  2020-08-14  4:54       ` Hongtao Liu
@ 2020-08-14 10:03         ` Uros Bizjak
  0 siblings, 0 replies; 6+ messages in thread
From: Uros Bizjak @ 2020-08-14 10:03 UTC (permalink / raw)
  To: Hongtao Liu; +Cc: GCC Patches, H. J. Lu

On Fri, Aug 14, 2020 at 6:54 AM Hongtao Liu <crazylht@gmail.com> wrote:
>
> On Tue, Aug 11, 2020 at 5:56 PM Uros Bizjak <ubizjak@gmail.com> wrote:
> >
> > On Tue, Aug 11, 2020 at 11:36 AM Hongtao Liu <crazylht@gmail.com> wrote:
> > >
> > > On Tue, Aug 11, 2020 at 4:38 PM Uros Bizjak <ubizjak@gmail.com> wrote:
> > > >
> > > > On Tue, Aug 11, 2020 at 5:30 AM Hongtao Liu <crazylht@gmail.com> wrote:
> > > > >
> > > > > Hi:
> > > > >   The issue is described in the bugzilla.
> > > > >   Bootstrap is ok, regression test for i386/x86-64 backend is ok.
> > > > >   Ok for trunk?
> > > > >
> > > > > ChangeLog
> > > > > gcc/
> > > > >         PR target/96350
> > > > >         * config/i386/i386.c (ix86_legitimate_constant_p): Return
> > > > >         false for ENDBR immediate.
> > > > >         (ix86_legitimate_address_p): Ditto.
> > > > >         * config/i386/predicated.md
> > > > >         (x86_64_immediate_operand): Exclude ENDBR immediate.
> > > > >         (x86_64_zext_immediate_operand): Ditto.
> > > > >         (x86_64_dwzext_immediate_operand): Ditto.
> > > > >         (ix86_not_endbr_immediate_operand): New predicate.
> > > > >
> > > > > gcc/testsuite
> > > > >         * gcc.target/i386/endbr_immediate.c: New test.
> > > >
> > > > +;; Return true if VALUE isn't an ENDBR opcode in immediate field.
> > > > +(define_predicate "ix86_not_endbr_immediate_operand"
> > > > +  (match_test "1")
> > > >
> > > > Please reverse the above logic to introduce
> > > > ix86_endbr_immediate_operand, that returns true for unwanted
> > > > immediate. Something like:
> > > >
> > > > (define_predicate "ix86_endbr_immediate_operand"
> > > >   (match_code "const_int")
> > > > ...
> > > >
> > > > And you will be able to use it like:
> > > >
> > > > if (ix86_endbr_immediate_operand (x, VOIDmode)
> > > >   return false;
> > > >
> > >
> > > Changed.
> >
> > No, it is not.
> >
> > +  if ((flag_cf_protection & CF_BRANCH)
> > +      && CONST_INT_P (op))
> >
> > You don't need to check for const ints here.
> >
> > And please rewrite the body of the function to something like (untested):
> >
> > {
> >   unsigned HOST_WIDE_INT val = TARGET_64BIT ? 0xfa1e0ff3 : 0xfb1e0ff3;
> >
> >   if (x == val)
> >     return 1;
> >
> >   if (TARGET_64BIT)
> >     for (; x >= val; x >>= 8)
> >       if (x == val)
> >         return 1;
> >
> >   return 0;
> > }
> >
> > so it will at least *look* like some thoughts have been spent on this.
> > I don't plan to review the code where it is obvious from the first
> > look that it was thrown together in a hurry. Please get some internal
> > company signoff first. Ping me in a week for a review.
> >
>
> Sorry for the hurry, i know your time is precious.
>
> > Uros.
> > >
> > > >    /* Otherwise we handle everything else in the move patterns.  */
> > > > -  return true;
> > > > +  return ix86_not_endbr_immediate_operand (x, VOIDmode);
> > > >  }
> > > >
> > > > Please handle this in CASE_CONST_SCALAR_INT: part.
> > > >
> > > > +  if (disp && !ix86_not_endbr_immediate_operand (disp, VOIDmode))
> > > > +    return false;
> > > >
> > > > And this in:
> > > >
> > > >   /* Validate displacement.  */
> > > >   if (disp)
> > > >     {
> > > >
> > >
> > > Changed.
> >
> > A better place for these new special cases is at the beginning of the
> > part I referred, not at the end.
> >
>
> Yes.
>
> > Uros.
>
> Update patch.

OK with two nits below.

Thanks,
Uros.

+  if (flag_cf_protection & CF_BRANCH)
+     {
+       unsigned HOST_WIDE_INT imm = INTVAL (op);

UINTVAL, just for the consistency.

+       unsigned HOST_WIDE_INT val = TARGET_64BIT ? 0xfa1e0ff3 : 0xfb1e0ff3;

@@ -374,6 +402,8 @@
 (define_predicate "x86_64_dwzext_immediate_operand"
   (match_code "const_int,const_wide_int")
 {
+  if (ix86_endbr_immediate_operand (op, VOIDmode))
+    return false;

vertical space here.
   switch (GET_CODE (op))

>
> --
> BR,
> Hongtao

^ permalink raw reply	[flat|nested] 6+ messages in thread

end of thread, other threads:[~2020-08-14 10:03 UTC | newest]

Thread overview: 6+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2020-08-11  3:31 [PATCH] [PR target/96350]Force ENDBR immediate into memory to avoid fake ENDBR opcode Hongtao Liu
2020-08-11  8:38 ` Uros Bizjak
2020-08-11  9:36   ` Hongtao Liu
2020-08-11  9:56     ` Uros Bizjak
2020-08-14  4:54       ` Hongtao Liu
2020-08-14 10:03         ` Uros Bizjak

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).