From: "Jose E. Marchesi" <jose.marchesi@oracle.com>
To: Yonghong Song <yonghong.song@linux.dev>
Cc: bpf@vger.kernel.org, david.faust@oracle.com,
cupertino.miranda@oracle.com
Subject: Re: Masks and overflow of signed immediates in BPF instructions
Date: Thu, 17 Aug 2023 10:01:06 +0200 [thread overview]
Message-ID: <878raa14rc.fsf@oracle.com> (raw)
In-Reply-To: <bbd86b4e-89ea-8e60-883e-f348117483b4@linux.dev> (Yonghong Song's message of "Wed, 16 Aug 2023 09:22:09 -0700")
> [...]
> In llvm, for inline asm, 0xfffffffe, 4294967294 and -2 have the same
> 4-byte bit-wise encoding, so they will be all encoded the same
> 0xfffffffe in the actual insn.
>
> The following is an example for x86 target in llvm:
>
> $ cat t.c
> int foo() {
> int a, b;
>
> asm volatile("movl $0xfffffffe, %0" : "=r"(a) :);
> asm volatile("movl $-2, %0" : "=r"(b) :);
> return a + b;
> }
> $ clang -O2 -c t.c
> $ llvm-objdump -d t.o
>
> t.o: file format elf64-x86-64
>
> Disassembly of section .text:
>
> 0000000000000000 <foo>:
> 0: b9 fe ff ff ff movl $0xfffffffe, %ecx #
> imm = 0xFFFFFFFE
> 5: b8 fe ff ff ff movl $0xfffffffe, %eax #
> imm = 0xFFFFFFFE
> a: 01 c8 addl %ecx, %eax
> c: c3 retq
> $
>
> Whether it is 0xfffffffe or -2, the insn encoding is the same
> and disasm prints out 0xfffffffe.
Thanks for the explanation.
I have pushed the commit below to binutils that makes GAS match the llvm
assembler behavior regarding constant immediates. With this patch there
are no more assembler errors when building the kernel bpf selftests.
Note however that there is one pending divergence in the behavior of
both assemblers when facing invalid programs where immediate operands
cannot be represented in the number of bits of the field like in:
$ cat foo.s
if r1 > r2 goto 0x3fff1
llvm silently truncates it to 16-bit:
$ clang -target bpf foo.s
$ bpf-unkonwn-none-objdump -M pseudoc -dr foo.o
0000000000000000 <.text>:
0: 2d 21 f1 ff 00 00 00 00 if r1>r2 goto -15
GAS emits an error instead:
$ as -mdialect=pseudoc foo.s
foo.s: Assembler messages:
foo.s:1: Error: pc-relative offset out of range, shall fit in 16 bits.
(The same happens with 32-bit immediates.)
We think the error is pertinent, and we recommend the llvm assembler to
behave the same way.
commit 5be1b787276d2adbe85ae7febc709ca517b62f08
Author: Jose E. Marchesi <jose.marchesi@oracle.com>
Date: Thu Aug 17 09:38:37 2023 +0200
bpf: gas: consolidate handling of immediate overflows
This commit changes the BPF GAS port in order to handle immediate
overflows the same way than the clang BPF assembler:
- For an immediate field of N bits, any written number (positive or
negative) whose two's complement encoding fit in N its is accepted.
This means that -2 is the same than 0xffffffe. It is up to the
instructions to decide how to interpret the encoded value.
- Immediate fields in jump instructions are no longer relaxed.
Relaxing to jump instructions with wider range is only performed
when expressions are involved.
- The manual is updated to document this, and testsuite adapted
accordingly.
Tested in x86_64-linux-gnu host, bpf-unknown-none target.
gas/ChangeLog:
2023-08-17 Jose E. Marchesi <jose.marchesi@oracle.com>
* config/tc-bpf.c (check_immediate_overflow): New function.
(encode_insn): Use check_immediate_overflow.
(md_assemble): Do not relax instructions with
constant disp16 fields.
* doc/c-bpf.texi (BPF Instructions): Add note about how numerical
literal values are interpreted for instruction immediate operands.
* testsuite/gas/bpf/disp16-overflow.s: Adapt accordingly.
* testsuite/gas/bpf/jump-relax-jump.s: Likewise.
* testsuite/gas/bpf/jump-relax-jump.d: Likewise.
* testsuite/gas/bpf/jump-relax-jump-be.d: Likewise.
* testsuite/gas/bpf/jump-relax-ja.s: Likewise.
* testsuite/gas/bpf/jump-relax-ja.d: Likewise.
* testsuite/gas/bpf/jump-relax-ja-be.d: Likewise.
* testsuite/gas/bpf/disp16-overflow-relax.l: Likewise.
* testsuite/gas/bpf/imm32-overflow.s: Likewise.
* testsuite/gas/bpf/disp32-overflow.s: Likewise.
* testsuite/gas/bpf/disp16-overflow.l: Likewise.
* testsuite/gas/bpf/disp32-overflow.l: Likewise.
* testsuite/gas/bpf/imm32-overflow.l: Likewise.
* testsuite/gas/bpf/offset16-overflow.l: Likewise.
next prev parent reply other threads:[~2023-08-17 8:01 UTC|newest]
Thread overview: 12+ messages / expand[flat|nested] mbox.gz Atom feed top
2023-08-15 14:19 Masks and overflow of signed immediates in BPF instructions Jose E. Marchesi
2023-08-15 16:12 ` Yonghong Song
2023-08-15 17:01 ` Jose E. Marchesi
2023-08-15 17:28 ` Yonghong Song
2023-08-16 9:36 ` Jose E. Marchesi
2023-08-16 16:22 ` Yonghong Song
2023-08-17 8:01 ` Jose E. Marchesi [this message]
2023-08-17 16:23 ` Yonghong Song
2023-08-17 17:14 ` Yonghong Song
2023-08-17 17:37 ` Jose E. Marchesi
2023-08-17 17:44 ` Yonghong Song
2023-08-17 18:06 ` Jose E. Marchesi
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=878raa14rc.fsf@oracle.com \
--to=jose.marchesi@oracle.com \
--cc=bpf@vger.kernel.org \
--cc=cupertino.miranda@oracle.com \
--cc=david.faust@oracle.com \
--cc=yonghong.song@linux.dev \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox