native_client/pnacl-llvm.git
3 days agoFix sandboxing of inline assembly memory operands on x86-64 master
Derek Schuff [Mon, 27 Oct 2014 15:58:47 +0000 (08:58 -0700)]
Fix sandboxing of inline assembly memory operands on x86-64

There were 2 problems with inline assembly memory operands:

The first is that when the DAG address-mode-selection code created a new DAG
node to zero-extend a 32-bit memory pointer to a 64-bit value usable as
an index, it failed to actually insert the node in the appropriate ordering
location, meaning the node never actually got selected
(X86DAGToDAGIsel::SelectAddr gets called with a NULL Parent in that case).

Secondly, the X86NaClRewritePass failed to apply the memory-operand rewrite
for inline asm MachineInstrs because the mayload/maystore properties for
inline asm MIs are distinct from the mayload/maystore properties for real
instruction MIs; the MCInstrDesc mayStore() method does not account for
them but the mayStore() method on MachineInstr itself does.

R=jvoung@google.com, jvoung@chromium.org
BUG= https://code.google.com/p/nativeclient/issues/detail?id=3957

Review URL: https://codereview.chromium.org/674213003

7 days agoDe-C++11ify cherrypick of r220439
Derek Schuff [Thu, 23 Oct 2014 17:06:28 +0000 (10:06 -0700)]
De-C++11ify cherrypick of r220439

Clang is happy to emit a warning about C++11 extensions and compile the use
of auto and range-for anyway, but mingw is not.

BUG= https://code.google.com/p/nativeclient/issues/detail?id=3982
R=jvoung@chromium.org

Review URL: https://codereview.chromium.org/676643003

8 days agoCherrypick upstream r220439
Derek Schuff [Wed, 22 Oct 2014 23:55:57 +0000 (16:55 -0700)]
Cherrypick upstream r220439
[MC] Attach labels to existing fragments instead of using a separate fragment

    Summary:
    Currently when emitting a label, a new data fragment is created for it if the
    current fragment isn't a data fragment.
    This change instead enqueues the label and attaches it to the next fragment
    (e.g. created for the next instruction) if possible.

    When bundle alignment is not enabled, this has no functionality change (it
    just results in fewer extra fragments being created). For bundle alignment,
    previously labels would point to the beginning of the bundle padding instead
    of the beginning of the emitted instruction. This was not only less efficient
    (e.g. jumping to the nops instead of past them) but also led to miscalculation
    of the address of the GOT (since MC uses a label difference rather than
    emitting a "." symbol).

    Fixes https://code.google.com/p/nativeclient/issues/detail?id=3982

    Test Plan: regression test attached

    Reviewers: jvoung, eliben

    Subscribers: jfb, llvm-commits

    Differential Revision: http://reviews.llvm.org/D5915

(one change is that nullptr is replaced by NULL to build without
-std=c++11, but the auto and range-for are left because they
 will just be a warning until we merge 3.5 and switch)

R=jvoung@chromium.org
BUG= https://code.google.com/p/nativeclient/issues/detail?id=3982

Review URL: https://codereview.chromium.org/637813004

8 days agoCherry-pick r215837 from upstream.
Derek Schuff [Wed, 22 Oct 2014 21:01:54 +0000 (14:01 -0700)]
Cherry-pick r215837 from upstream.

This fix for llvm-objdump will be required to keep our bundling tests
passing after we apply the change in http://reviews.llvm.org/D5915

R=jvoung@chromium.org
BUG= https://code.google.com/p/nativeclient/issues/detail?id=3982

Review URL: https://codereview.chromium.org/675553002

2 weeks agoEnsure jump tables get a unique rodata section if their corresponding
Derek Schuff [Thu, 16 Oct 2014 17:42:26 +0000 (10:42 -0700)]
Ensure jump tables get a unique rodata section if their corresponding
function has a unique text section

Jump tables for switch statements usually go in the .rodata section;
however when the function is weak/linkonce_odr, LLVM puts them into the
function's text section (which is a unique comdat) so it can be discarded
by the linker along with the function.
For NaCl we never put data in the text segment so we have a localmod
to always put the jumptables in .rodata. However if the function is
weak and gets discarded, the jumptable is still in .rodata with a
relocation to the discarded text, which causes a linker error. (This
was not a problem with bitcode linking where the LLVM function is
discarded all together before translation, but it is a problem for
direct-to-native use).

This CL chooses an ro section for the jumptable based on the attributes
of the function, (which means that if the function gets its own section
then the jumptable does too).

R=mseaborn@chromium.org
BUG= https://code.google.com/p/nativeclient/issues/detail?id=3952

Review URL: https://codereview.chromium.org/660833002

2 weeks agoFix mov register size sandbox-hiding frame setup
Derek Schuff [Thu, 16 Oct 2014 00:32:22 +0000 (17:32 -0700)]
Fix mov register size sandbox-hiding frame setup

When hiding the sandbox base on x86-64 we do not push the whole frame pointer
onto the stack; instead we use a 32-bit mov to a register (leaving the
upper half zeroed) and push that. Previously the BuildMI creation
used the frame pointer (a 64-bit register) as an operand to the 32-bit mov,
which is wrong, and results in assembly like
movl %rbp, %eax
which assemblers reject. But for some reason things just worked using direct
object emission, so it was never discovered before.

R=stichnot@chromium.org
BUG= https://code.google.com/p/nativeclient/issues/detail?id=3966

Review URL: https://codereview.chromium.org/657943002

2 weeks agoCherrypick Upstream r219811:
Derek Schuff [Wed, 15 Oct 2014 19:51:52 +0000 (12:51 -0700)]
Cherrypick Upstream r219811:
[MC] Make bundle alignment mode setting idempotent and support nested bundles

Summary:
Currently an error is thrown if bundle alignment mode is set more than once
per module (either via the API or the .bundle_align_mode directive). This
change allows setting it multiple times as long as the alignment doesn't
change.

Also nested bundle_lock groups are currently not allowed. This change allows
them, with the effect that the group stays open until all nests are exited,
and if any of the bundle_lock directives has the align_to_end flag, the
group becomes align_to_end.

These changes make the bundle aligment simpler to use in the compiler, and
also better match the corresponding support in GNU as.

Reviewers: jvoung, eliben

Differential Revision: http://reviews.llvm.org/D5801

R=jvoung@chromium.org
BUG= https://code.google.com/p/nativeclient/issues/detail?id=3966

Review URL: https://codereview.chromium.org/657023005

2 weeks agoChange usage of naclcall and nacljmp pseudo-instructions to match x86 gas
Derek Schuff [Wed, 15 Oct 2014 17:13:46 +0000 (10:13 -0700)]
Change usage of naclcall and nacljmp pseudo-instructions to match x86 gas

x86 gas uses "call" for direct calls and "naclcall" for indirect calls,
and implicitly handles bundle-align-to-end for all calls in nacl mode;
previously we used "naclcall" for all calls which used bundle alignment.
This makes the assembler automatically align bare "call"
instructions. On x86-32 we remove our custom nacl-flavored
call instruction in favor of the bare call. On x86-64 we
still need a different codegen target for isel that takes
a 32-bit operand due to our pointer-size differences,
but we also sandbox bare call instructions.

Also for 64-bit forms of "nacljmp %foo, %r15" gas uses 32-bit operands
(nacljmp %r11d, %r15), whereas we had been using 64-bit operands
(nacljmp %r11, %r15). Using a 32-bit operand makes some sense since
the pointers are 32 bits; using a 64-bit operand makes some sense since
the entire register is cleared, but it's better to match. The operands
used in codegen are the same so again this is mostly just a change in
assembler spelling that's invisible to the compiler.

R=jvoung@chromium.org
BUG= https://code.google.com/p/nativeclient/issues/detail?id=3966

Review URL: https://codereview.chromium.org/647443005

3 weeks agoApply upstream: [mips] For indirect calls we don't need $gp to point to .got
Petar Jovanovic [Wed, 8 Oct 2014 00:07:06 +0000 (02:07 +0200)]
Apply upstream: [mips] For indirect calls we don't need $gp to point to .got

Cherry-pick r218744 from upstream.

Original commit message:

Author: Sasa Stankovic <Sasa.Stankovic@imgtec.com>
Date:   Wed Oct 1 08:22:21 2014 +0000

[mips] For indirect calls we don't need $gp to point to .got.  Mips linker
doesn't generate lazy binding stub for a function whose address is taken in
the program.

Differential Revision: http://reviews.llvm.org/D5067

R=mseaborn@chromium.org
TBR=mseaborn@chromium.org
BUG= barebones/top_of_sandbox fails for MIPS

Review URL: https://codereview.chromium.org/633143002

3 weeks agoPNaCl: Handle invoke instructions in -expand-small-arguments...
JF Bastien [Fri, 3 Oct 2014 22:00:38 +0000 (15:00 -0700)]
PNaCl: Handle invoke instructions in -expand-small-arguments...

...instead of reporting a fatal error. The sole purpose of this commit is to facilitate -expand-small-arguments' use in bugpoint.

BUG= none
R=jfb@chromium.org, mseaborn@chromium.org
TEST= (cd toolchain_build/out/llvm_i686_linux_work && make check)

Review URL: https://codereview.chromium.org/465543002

4 weeks agoFix PIC indirect call sequence with sandbox-base hiding
Derek Schuff [Wed, 1 Oct 2014 04:38:59 +0000 (21:38 -0700)]
Fix PIC indirect call sequence with sandbox-base hiding

When making indirect calls with sandbox-base hiding, the call sequence
pushes the return address on the stack (using r10) and jumps to the
call target through r11. This sequence clobbers r10, which is OK because
r10 is call-clobbered. However if the call target is stored in r10
before the call, it must be copied into r11 before the indirect jump
sequence.
This CL puts the mov of the call target into r11 before the return-
address push.

R=mseaborn@chromium.org
BUG= https://code.google.com/p/nativeclient/issues/detail?id=3958

Review URL: https://codereview.chromium.org/620733002

5 weeks agoDo not destroy linkage property when deleting function body
Petar Jovanovic [Wed, 24 Sep 2014 10:18:25 +0000 (12:18 +0200)]
Do not destroy linkage property when deleting function body

When dematerializing function, call dropAllReferences() instead of
deleteBody(), since deleteBody() has a side effect to destroy linkage
type. It is important to preserve linkage type, so correct relocations
can be emitted for internal and external functions.

It fixes the issue #3943.

The same chage has been upstreamed to LLVM BitcodeReader.cpp in r218302.

BUG= https://code.google.com/p/nativeclient/issues/detail?id=3943
TEST= Run PNaCL examples in the browser with relocation_model=PIC
R=mseaborn@chromium.org

Review URL: https://codereview.chromium.org/576033005

6 weeks agoAllow errors in PNaCl bitcode readers to be directed to any raw_ostream.
Karl Schimpf [Tue, 16 Sep 2014 17:22:00 +0000 (10:22 -0700)]
Allow errors in PNaCl bitcode readers to be directed to any raw_ostream.

BUG=None
R=jvoung@chromium.org

Review URL: https://codereview.chromium.org/545063005

6 weeks agoEnsure that x86 prefixes are bundled-locked to instruction (in asm mode).
Jan Voung [Mon, 15 Sep 2014 18:15:10 +0000 (11:15 -0700)]
Ensure that x86 prefixes are bundled-locked to instruction (in asm mode).

Otherwise, if the instruction straddles a boundary, it can
be padded and separated.

We aren't hitting this in practice (w/ pexes), because LLVM
would end up using special LXADD32, or LCMPXCHG32 opcodes
instead of separate opcodes: LOCK_PREFIX ; XADD.

However, we do run into this when parsing .s files. The
asm parser does not manage to convert "lock foo" into
the LFOO opcode.

BUG= https://code.google.com/p/nativeclient/issues/detail?id=3929
R=dschuff@chromium.org

Review URL: https://codereview.chromium.org/569773002

7 weeks agoAdded flag to the PNaCl ABI verifier which whitelists MinSFI syscalls
David Brazdil [Wed, 10 Sep 2014 15:00:48 +0000 (08:00 -0700)]
Added flag to the PNaCl ABI verifier which whitelists MinSFI syscalls

MinSFI emulates syscalls by allowing the semi-trusted PNaCl bitcode to
contain external declarations of functions with '__minsfi_syscall_' prefix.
These are implemented inside the MinSFI runtime and become the only ways
of jumping to the trusted domain once the trusted and untrusted binaries
are linked together. This patch adds a '-pnaclabi-allow-minsfi-syscalls'
option flag into the PNaCl ABI module verifier which allows these functions
inside the verified module.

BUG= https://code.google.com/p/chromium/issues/detail?id=397177
TEST= (cd ./toolchain_build/out/llvm_i686_linux_work/ && ninja check)
R=jvoung@chromium.org

Review URL: https://codereview.chromium.org/550733002

7 weeks agoAdd -malign-double llc flag to use NaCl datalayout on linux
Derek Schuff [Tue, 9 Sep 2014 23:09:11 +0000 (16:09 -0700)]
Add -malign-double llc flag to use NaCl datalayout on linux

The -malign-double flag causes i64 and f64 types to have alignment
8 (the default on NaCl and when using the -malign-double clang
flag) instead of 4 (the default on Linux).

BUG= https://code.google.com/p/nativeclient/issues/detail?id=3913
R=mseaborn@chromium.org

Review URL: https://codereview.chromium.org/549223002

7 weeks agoReport missing entry function in MinSFI's ExpandAllocas
David Brazdil [Mon, 8 Sep 2014 22:32:52 +0000 (15:32 -0700)]
Report missing entry function in MinSFI's ExpandAllocas

ExpandAllocas assumes that previous MinSFI passes checked for the presence
of an entry function. This patch replaces the assertion in the previous
patch (2987f609) with proper error reporting in order to inform user about
the problem if the pass is invoked separately.

BUG= https://code.google.com/p/chromium/issues/detail?id=397177
TEST= (cd ./toolchain_build/out/llvm_i686_linux_work/ && ninja check)
R=mseaborn@chromium.org

Review URL: https://codereview.chromium.org/552593002

7 weeks agoReport invalid function references in MinSFI's SandboxIndirectCalls pass
David Brazdil [Mon, 8 Sep 2014 21:07:43 +0000 (14:07 -0700)]
Report invalid function references in MinSFI's SandboxIndirectCalls pass

Calling a function with the wrong signature by casting its pointer is
illegal in MinSFI's control flow integrity enforcement and will make the
sandoxed code crash by design. However, a bitcast of an inherent function
pointer (a reference directly to the global value) would also crash the
LLVM pass itself. This patch fixes the bug and the pass now reports such
bitcasts. Note that the pass will not identify call sites which cast the
i32 pointer to a wrong function type.

The patch also reports an error if a function is used as a call argument
instead of just asserting it.

BUG= https://code.google.com/p/chromium/issues/detail?id=397177
TEST= (cd ./toolchain_build/out/llvm_i686_linux_work/ && ninja check)
R=jvoung@chromium.org

Review URL: https://codereview.chromium.org/553723002

7 weeks agoInitialize untrusted stack pointer in MinSFI's entry function
David Brazdil [Fri, 5 Sep 2014 15:52:37 +0000 (08:52 -0700)]
Initialize untrusted stack pointer in MinSFI's entry function

The runtime of MinSFI copies arguments of the sandbox to the bottom of
the untrusted stack and invokes the sandbox with the corresponding
pointer. This patch changes the ExpandAllocas pass so that it initializes
the untrusted stack pointer at the beginning of the entry function,
setting its value to the pointer argument which happens to be the top of
the stack at that time.

BUG= https://code.google.com/p/chromium/issues/detail?id=397177
TEST= (cd ./toolchain_build/out/llvm_i686_linux_work/ && ninja check)
R=jvoung@chromium.org

Review URL: https://codereview.chromium.org/542873002

8 weeks agoTweak GlobalizeConstantVectors so it doesn't replace ops of consts with non-consts.
Jan Voung [Fri, 5 Sep 2014 00:38:23 +0000 (17:38 -0700)]
Tweak GlobalizeConstantVectors so it doesn't replace ops of consts with non-consts.

If a constant's op is replaced by an instruction, it's
not really a constant anymore. See: https://codereview.chromium.org/324853003/
for a problem this could tickle further down the line.

A simpler example of a problem, is that the pass currently
attempts to replace constant exprs that are nested within
global initializers, with the materializing load
instruction's value. The pass only filters out
GlobalVariable users, so misses the nested case.

So, change the check for GlobalVariables into a broader
check for Constants.

Also  GlobalizeConstantVectors currently only inspects
instruction operands at the top level. It doesn't find
nested constant exprs with vector constants. So,
run -expand-constant-expr earlier, to reduce the nesting
and help GlobalizeConstantVectors find additional
constants.

R=jfb@chromium.org
TBR=jfb@chromium.org
(Lgtm through email, but didn't seem to register)

BUG= https://code.google.com/p/nativeclient/issues/detail?id=2205

tangentially for:
BUG= https://code.google.com/p/nativeclient/issues/detail?id=3609

Review URL: https://codereview.chromium.org/516543002

8 weeks agoAdded a MinSFI meta-pass which invokes all the necessary passes in the
David Brazdil [Wed, 3 Sep 2014 20:44:43 +0000 (13:44 -0700)]
Added a MinSFI meta-pass which invokes all the necessary passes in the
correct order.

BUG= https://code.google.com/p/chromium/issues/detail?id=397177
TEST= (cd ./toolchain_build/out/llvm_i686_linux_work/ && ninja check)
R=jvoung@chromium.org

Review URL: https://codereview.chromium.org/531213002

8 weeks agoFixed signed integer overflow in MinSFI's SandboxMemoryAccesses pass.
David Brazdil [Wed, 3 Sep 2014 17:18:49 +0000 (10:18 -0700)]
Fixed signed integer overflow in MinSFI's SandboxMemoryAccesses pass.

According to the C++ standard, overflow of signed integers is considered
undefined behaviour as opposed to operations on unsigned integers which
are treated as modulo 2^n. This patch changes a bitwise operation in
MinSFI affected by this when pointer size is 31.

BUG= https://code.google.com/p/chromium/issues/detail?id=397177
R=mseaborn@chromium.org

Review URL: https://codereview.chromium.org/533233002

8 weeks agoAdded SubstituteUndefs MinSFI LLVM pass
David Brazdil [Tue, 2 Sep 2014 21:32:43 +0000 (14:32 -0700)]
Added SubstituteUndefs MinSFI LLVM pass

This pass replaces all undefined values with predefined constants in order
to avoid non-determinism and to prevent the sandboxed code from accessing
random values in the registry file and/or on the protected stack.

BUG= https://code.google.com/p/chromium/issues/detail?id=397177
TEST= (cd ./toolchain_build/out/llvm_i686_linux_work/ && ninja check)
R=jvoung@chromium.org

Review URL: https://codereview.chromium.org/531193002

8 weeks agoFix link components for unittests/Bitcode to be consistent.
Karl Schimpf [Tue, 2 Sep 2014 21:04:15 +0000 (14:04 -0700)]
Fix link components for unittests/Bitcode to be consistent.

Fixes CMakeLists.txt to match Makefile for link components.

BUG= None
R=dschuff@chromium.org

Review URL: https://codereview.chromium.org/532893002

8 weeks agoAdd "pnacl-llc -external" to force all symbols to be externalized.
Jim Stichnoth [Tue, 2 Sep 2014 20:59:54 +0000 (13:59 -0700)]
Add "pnacl-llc -external" to force all symbols to be externalized.

This, combined with -ffunction-sections, allows us to use objcopy and linker tricks to combine pnacl-llc and Subzero object files for bisection-based debugging.

BUG= https://code.google.com/p/nativeclient/issues/detail?id=3890
R=dschuff@chromium.org, jvoung@chromium.org

Review URL: https://codereview.chromium.org/526593002

8 weeks agoRevert of Added SubstituteUndefs MinSFI LLVM pass (patchset #2 id:40001 of https...
David Brazdil [Tue, 2 Sep 2014 20:53:16 +0000 (13:53 -0700)]
Revert of Added SubstituteUndefs MinSFI LLVM pass (patchset #2 id:40001 of https://codereview.chromium.org/522123002/)

Reason for revert:
Accidentally committed together with a CMakeLists.txt fix.

Original issue's description:
> Added SubstituteUndefs MinSFI LLVM pass
>
> This pass replaces all undefined values with predefined constants in order
> to avoid non-determinism and to prevent the sandboxed code from accessing
> random values in the registry file and/or on the protected stack.
>
> BUG= https://code.google.com/p/chromium/issues/detail?id=397177
> TEST= (cd ./toolchain_build/out/llvm_i686_linux_work/ && ninja check)
> R=jvoung@chromium.org
>
> Committed: https://gerrit.chromium.org/gerrit/gitweb?p=native_client/pnacl-llvm.git;a=commit;h=0f40a48

R=jvoung@chromium.org
TBR=jvoung@chromium.org, mseaborn@chromium.org
NOTREECHECKS=true
NOTRY=true
BUG= https://code.google.com/p/chromium/issues/detail?id=397177

Review URL: https://codereview.chromium.org/536533002

8 weeks agoAdded SubstituteUndefs MinSFI LLVM pass
David Brazdil [Tue, 2 Sep 2014 20:13:51 +0000 (13:13 -0700)]
Added SubstituteUndefs MinSFI LLVM pass

This pass replaces all undefined values with predefined constants in order
to avoid non-determinism and to prevent the sandboxed code from accessing
random values in the registry file and/or on the protected stack.

BUG= https://code.google.com/p/chromium/issues/detail?id=397177
TEST= (cd ./toolchain_build/out/llvm_i686_linux_work/ && ninja check)
R=jvoung@chromium.org

Review URL: https://codereview.chromium.org/522123002

2 months agoAdd missing unittest file NaClObjDumpTypesTest.cpp to CMakeLists.txt
Karl Schimpf [Fri, 29 Aug 2014 20:05:44 +0000 (13:05 -0700)]
Add missing unittest file NaClObjDumpTypesTest.cpp to CMakeLists.txt

BUG=None
R=jvoung@chromium.org

Review URL: https://codereview.chromium.org/518203003

2 months agoBuild test structure for unit testing pnacl-bcdis.
Karl Schimpf [Thu, 28 Aug 2014 20:06:24 +0000 (13:06 -0700)]
Build test structure for unit testing pnacl-bcdis.

Provides a facility to convert an array of integers into PNaCl records,
convert the PNaCl records into a memory buffer of bits, and then
run NaClObjDump on the memory buffer.

Also adds unit tests (using this test structure) for the "types" block.
Fix pnacl-bcdis abbreviation records.

Also fixes some minor bugs in pnacl-bcdis (mostly proper flushing
of the generated objdump, and fixing error message contents).

BUG= https://code.google.com/p/nativeclient/issues/detail?id=3894
R=jvoung@chromium.org

Review URL: https://codereview.chromium.org/418063003

2 months agoExpandByVal: Increase the memcpy call's alignment, for Emscripten's benefit
Mark Seaborn [Wed, 27 Aug 2014 23:14:04 +0000 (16:14 -0700)]
ExpandByVal: Increase the memcpy call's alignment, for Emscripten's benefit

Use the alignment from the argument type -- the same alignment used
for the alloca.

Original patch by Alon Zakai (azakai@mozilla.com):
https://codereview.chromium.org/177293010/

BUG=https://code.google.com/p/nativeclient/issues/detail?id=3798
TEST=expand-byval.ll

Review URL: https://codereview.chromium.org/495963003

2 months agoAdd StripTls MinSFI LLVM pass
David Brazdil [Mon, 25 Aug 2014 21:52:15 +0000 (14:52 -0700)]
Add StripTls MinSFI LLVM pass

This pass removes the thread_local attribute from all global variables
until thread support is added into MinSFI.

BUG= https://code.google.com/p/chromium/issues/detail?id=397177
TEST= (cd ./toolchain_build/out/llvm_i686_linux_work/ && ninja check)
R=jvoung@chromium.org

Review URL: https://codereview.chromium.org/506713002

2 months agoSpeed up flattening global variable initializers in PNaCl.
Karl Schimpf [Fri, 22 Aug 2014 19:33:09 +0000 (12:33 -0700)]
Speed up flattening global variable initializers in PNaCl.

Speeds up flattening of global variable initializers, by noting that
simple node replacements, within constant expresssions, can be
quadratic. To fix this, we flatten the original (global variable)
initializers, and then delete corresponding dead constants before
we do the replacements.

BUG= https://code.google.com/p/nativeclient/issues/detail?id=3908
R=jvoung@chromium.org

Review URL: https://codereview.chromium.org/489653003

2 months agoAdded MinSFI RenameEntryPoint LLVM pass
David Brazdil [Fri, 22 Aug 2014 00:36:25 +0000 (17:36 -0700)]
Added MinSFI RenameEntryPoint LLVM pass

The pass renames the entry point in a PNaCl bitcode module in order to
avoid collisions when linking against standard C programs.

BUG= https://code.google.com/p/chromium/issues/detail?id=397177
TEST= (cd ./toolchain_build/out/llvm_i686_linux_work/ && ninja check)
R=jvoung@chromium.org

Review URL: https://codereview.chromium.org/490283002

2 months agoPNaCl: Handle switch-ing on i1's in -nacl-promote-i1-ops.
Richard Diamond [Thu, 21 Aug 2014 21:51:35 +0000 (14:51 -0700)]
PNaCl: Handle switch-ing on i1's in -nacl-promote-i1-ops.

-nacl-promote-i1-ops simply transform these into branches.

This is for Rust, which generates these instructions in practice.

BUG= none
R=mseaborn@chromium.org, jfb@chromium.org
TEST= (cd toolchain_build/out/llvm_i686_linux_work && make check)

Review URL: https://codereview.chromium.org/473593002

Patch from Richard Diamond <wichard@vitalitystudios.com>.

2 months agoFixed an integer overflow in MinSFI's utility function
David Brazdil [Thu, 21 Aug 2014 21:41:32 +0000 (14:41 -0700)]
Fixed an integer overflow in MinSFI's utility function

The computation of address subspace size was failing on machines
where 'long' is 32-bit. The type was replaced with 'long long'.

BUG= https://code.google.com/p/nativeclient/issues/detail?id=3924
BUG= https://code.google.com/p/chromium/issues/detail?id=397177
R=jvoung@chromium.org

Review URL: https://codereview.chromium.org/496893002

2 months agoWhitelist BitCasts in MinSFI's SandboxMemoryAccesses pass
David Brazdil [Wed, 20 Aug 2014 23:30:49 +0000 (16:30 -0700)]
Whitelist BitCasts in MinSFI's SandboxMemoryAccesses pass

The SandboxMemoryAccesses pass verifies that it has handled all
instructions with pointer-type operands. This patch adds support for
the previously unhandled BitCast instructions. Because they do not
need to have their operands sandboxed, they are merely whitelisted.

BUG= https://code.google.com/p/chromium/issues/detail?id=397177
TEST= (cd ./toolchain_build/out/llvm_i686_linux_work/ && ninja check)
R=jvoung@chromium.org

Review URL: https://codereview.chromium.org/495713002

2 months agoClean up MinSFI
David Brazdil [Wed, 20 Aug 2014 18:18:48 +0000 (11:18 -0700)]
Clean up MinSFI

String constants were moved to the MinSFI header, alignment arithmetic
was replaced with LLVM's math functions, file names in build files sorted,
and some formatting was fixed. ExpandAllocas::runOnModule now also returns
true because it always creates a global variable.

BUG= https://code.google.com/p/chromium/issues/detail?id=397177
TEST= (cd ./toolchain_build/out/llvm_i686_linux_work/ && ninja check)
R=jvoung@chromium.org

Review URL: https://codereview.chromium.org/478113002

2 months agoAdd SandboxIndirectCalls MinSFI LLVM pass
David Brazdil [Tue, 19 Aug 2014 22:04:11 +0000 (15:04 -0700)]
Add SandboxIndirectCalls MinSFI LLVM pass

This adds a pass which enforces basic control-flow integrity. It is
expected to be replaced by Tom Roeder's CFI once it is upstramed into
LLVM. See lib/Transforms/MinSFI/SandboxIndirectCalls.cpp for
implementation details.

BUG= https://code.google.com/p/chromium/issues/detail?id=397177
TEST= (cd ./toolchain_build/out/llvm_i686_linux_work/ && ninja check)
      manually tested on zlib compiled with PNaCl

R=jvoung@chromium.org

Review URL: https://codereview.chromium.org/465513003

2 months agoAdd support for MinSFI address subspaces smaller than 32 bits.
David Brazdil [Fri, 15 Aug 2014 22:50:49 +0000 (15:50 -0700)]
Add support for MinSFI address subspaces smaller than 32 bits.

The prior implementation of MinSFI sandboxing assumed that the sandbox
will have access to 4GB of memory and hence cast pointers to i32.
This patch adds bit masking in order to further limit the size of
the addressable memory. This is necessary for supporting 32-bit
architectures.

BUG= https://code.google.com/p/chromium/issues/detail?id=397177
TEST= (cd ./toolchain_build/out/llvm_i686_linux_work/ && ninja check)
      manually tested on zlib compiled with PNaCl

R=jvoung@chromium.org

Review URL: https://codereview.chromium.org/451523002

2 months agoRemove support for global forward references from PNaCl bitcode reader.
Karl Schimpf [Fri, 15 Aug 2014 20:27:51 +0000 (13:27 -0700)]
Remove support for global forward references from PNaCl bitcode reader.

BUG= https://code.google.com/p/nativeclient/issues/detail?id=3908
R=jvoung@chromium.org

Review URL: https://codereview.chromium.org/474263003

2 months agoFix minor nits from CL https://codereview.chromium.org/477743002.
Karl Schimpf [Fri, 15 Aug 2014 15:56:48 +0000 (08:56 -0700)]
Fix minor nits from CL https://codereview.chromium.org/477743002.

BUG= https://code.google.com/p/nativeclient/issues/detail?id=3908
R=jvoung@chromium.org

Review URL: https://codereview.chromium.org/478693002

2 months agoSimplify handling of forward (global) references in global initializers.
Karl Schimpf [Thu, 14 Aug 2014 22:59:55 +0000 (15:59 -0700)]
Simplify handling of forward (global) references in global initializers.

Fixes blocking issue where forward references (relocations) in global
initializers can slow. This fix does this by processing the PNaCl
globals block in two passes. The first pass generates the global
variables. The second pass adds the initializers. Since all global
variables are defined by the end of the first pass, no forward references
need be built for initializers.

Note: Due to release time constraints, cleaning up the code to
not generate placeholders has not been cleaned up. Rather, it
will be done in a separate CL.

BUG= https://code.google.com/p/nativeclient/issues/detail?id=3908
R=dschuff@chromium.org

Review URL: https://codereview.chromium.org/477743002

2 months agoPNaCl: Add missing dependency and inits to bugpoint
David Brazdil [Thu, 14 Aug 2014 18:39:06 +0000 (11:39 -0700)]
PNaCl: Add missing dependency and inits to bugpoint

Previous commit a9f45cbf did not add MinSFI into CMake
dependencies and only initialized one of the MinSFI passes.

BUG= none
R=jvoung@chromium.org

Review URL: https://codereview.chromium.org/471153002

2 months agoPNaCl: Zero extend or truncate alloca array sizes to i32.
Richard Diamond [Thu, 14 Aug 2014 15:30:23 +0000 (08:30 -0700)]
PNaCl: Zero extend or truncate alloca array sizes to i32.

Rust sometimes generates i64 array sizes. I also took the liberty of handling
< i32 arrays sizes for completeness, though Rust doesn't actually generate such.

BUG= none
TEST= (cd toolchain_build/out/llvm_i686_linux_work && make check)
R=mseaborn@chromium.org, jfb@chromium.org

Review URL: https://codereview.chromium.org/469133002

Patch from Richard Diamond <wichard@vitalitystudios.com>.

2 months agoPNaCl: Initialize our passes in bugpoint.
Richard Diamond [Thu, 14 Aug 2014 00:34:55 +0000 (17:34 -0700)]
PNaCl: Initialize our passes in bugpoint.

No other functionality added.

BUG= none
R=jfb@chromium.org

Review URL: https://codereview.chromium.org/458373002

Patch from Richard Diamond <wichard@vitalitystudios.com>.

2 months agoRe-order the PNaClABISimplifyPreOpt pass injection to be before opts.
Jan Voung [Wed, 13 Aug 2014 21:45:57 +0000 (14:45 -0700)]
Re-order the PNaClABISimplifyPreOpt pass injection to be before opts.

Put Pre earlier. Otherwise, the pre passes run after inlining, and other
std-link-opts, which ends up making the eh throw SJLJ tests crash when
we attempt to combine all the passes into one opt run:
https://codereview.chromium.org/324853003/

BUG= https://code.google.com/p/nativeclient/issues/detail?id=3408
R=mseaborn@chromium.org

Review URL: https://codereview.chromium.org/371143002

2 months agoFix an issue which allowed memory access outside a MinSFI sandbox.
David Brazdil [Wed, 13 Aug 2014 19:51:20 +0000 (12:51 -0700)]
Fix an issue which allowed memory access outside a MinSFI sandbox.

Applying the ExpandGEP optimization on memory intrinsics would allow to
set the src/dest addresses at the end of the guard region and access
the following 4GB of memory. The optimization is now applied only on
instructions manipulating first class values and the offset is limited
so that access beyond the guard region is not possible.

BUG= https://code.google.com/p/chromium/issues/detail?id=397177
TEST= (cd ./toolchain_build/out/llvm_i686_linux_work/ && ninja check)
R=jvoung@chromium.org

Review URL: https://codereview.chromium.org/432913003

2 months agoAdd ExpandAllocas MinSFI LLVM pass
David Brazdil [Tue, 12 Aug 2014 00:39:05 +0000 (17:39 -0700)]
Add ExpandAllocas MinSFI LLVM pass

This pass expands out alloca instructions to operate on an untrusted
stack located inside the sandbox.
See lib/Transforms/MinSFI/ExpandAllocas.cpp for more details.

BUG= https://code.google.com/p/chromium/issues/detail?id=397177
TEST= (cd ./toolchain_build/out/llvm_i686_linux_work/ && ninja check)
      manually tested on zlib compiled with PNaCl

R=jvoung@chromium.org

Review URL: https://codereview.chromium.org/400973003

2 months agoAdd AllocateDataSegment MinSFI LLVM pass
David Brazdil [Mon, 11 Aug 2014 22:34:21 +0000 (15:34 -0700)]
Add AllocateDataSegment MinSFI LLVM pass

This pass modifies the module so that the runtime can easily access its
data segment and copy it into the address subspace of the sandbox. See
lib/Transforms/MinSFI/AllocateDataSegment.cpp for details.

BUG= https://code.google.com/p/chromium/issues/detail?id=397177
TEST= (cd ./toolchain_build/out/llvm_i686_linux_work/ && ninja check)
R=jvoung@chromium.org

Review URL: https://codereview.chromium.org/442073002

2 months agoConvert MinSFI's SandboxMemoryAccesses to a ModulePass
David Brazdil [Fri, 8 Aug 2014 20:31:35 +0000 (13:31 -0700)]
Convert MinSFI's SandboxMemoryAccesses to a ModulePass

The pass was crashing because the pass manager invokes doInitialize
prior to running the scheduled passes. When executed after data segment
allocation, its global variable had been removed.

BUG= https://code.google.com/p/chromium/issues/detail?id=397177
TEST= (cd ./toolchain_build/out/llvm_i686_linux_work/ && ninja check)
      manually tested on zlib compiled with PNaCl

R=mseaborn@chromium.org

Review URL: https://codereview.chromium.org/449093004

3 months agoSpeed up construction of global initialzers in the PNaCl bitcode reader.
Karl Schimpf [Wed, 30 Jul 2014 17:29:41 +0000 (10:29 -0700)]
Speed up construction of global initialzers in the PNaCl bitcode reader.

Discovered that the replacement stategy for placeholder forward address
references for global variables, when parsing the bitcode, can be
very non-linear. This is due to the fact that LLVM IR creates unique
constants (i.e. no duplicates). As a result, the same initializer
may be copied several times, as each instance of a placeholder is
replaced.

This change guarantees that we only generate one copy of each
initializer, no matter how many placeholders appear in the
initializer.

BUG= https://code.google.com/p/nativeclient/issues/detail?id=3908
R=jvoung@chromium.org

Review URL: https://codereview.chromium.org/425113002

3 months agoAdd SandboxMemoryAccesses MinSFI LLVM pass
David Brazdil [Tue, 29 Jul 2014 17:35:23 +0000 (10:35 -0700)]
Add SandboxMemoryAccesses MinSFI LLVM pass

This pass sandboxes all pointer-type arguments of memory access instructions. See the comments in lib/Transforms/MinSFI/SandboxMemoryAccesses.cpp for details.

Creates new MinSFI directories and modifies corresponding build files.

BUG= https://code.google.com/p/chromium/issues/detail?id=397177
TEST= (cd ./toolchain_build/out/llvm_i686_linux_work/ && ninja check)
      manually tested on zlib compiled with PNaCl

R=jvoung@chromium.org, mseaborn@chromium.org

Review URL: https://codereview.chromium.org/390003005

3 months agoPNaCl atomics: clean up some of the code
JF Bastien [Mon, 21 Jul 2014 20:18:53 +0000 (13:18 -0700)]
PNaCl atomics: clean up some of the code

One of the class' methods isn't used anymore, and the ordering of error messages
can be slightly improved by refactoring some of the code to explicitly check for
invalid overloads.

R=dschuff@chromium.org
TEST= (cd ./toolchain_build/out/llvm_i686_linux_work/ && ninja check)
BUG= none

Review URL: https://codereview.chromium.org/408613002

3 months agoFix pnacl-bcdis abbreviation records.
Karl Schimpf [Fri, 18 Jul 2014 22:27:30 +0000 (15:27 -0700)]
Fix pnacl-bcdis abbreviation records.

Due to a bug in NaClBitcodeParser::SetBID, the record values were not
cleared, resulting in the block ID of the SetBID being left in the
succeeding abbreviation record. This CL fixes this problem.

BUG=None
R=jvoung@chromium.org

Review URL: https://codereview.chromium.org/401903003

3 months agoImprove atomic tests
JF Bastien [Tue, 15 Jul 2014 01:16:28 +0000 (18:16 -0700)]
Improve atomic tests

The testing for atomics was somewhat insufficient, and the file was getting too big. I split up the file and added more tests:
 - Use CHECK-LABEL, which we didn't have back when the tests were written.
 - Move the CHECK-NEXT for ret to the same line as the ret instruction, to make things more readable.
 - The atomic.ll file is now split up in 5 files.
 - Add the atomic_seq_cst.ll file which performs the same tests as volatile.ll but on sequentially-consistent atomics.
 - Add the atomic_others.ll file, which checks that the other atomic operations get promoted to seq_cst. This isn't as thorough as seq_cst and volatile testing because everything currently gets rewritten to seq_cst.

R=dschuff@chromium.org
TEST= self

Review URL: https://codereview.chromium.org/382243006

3 months agoRefactor code so that intrinsics checks can be used by pnacl-bcdis.
Karl Schimpf [Mon, 14 Jul 2014 22:26:34 +0000 (15:26 -0700)]
Refactor code so that intrinsics checks can be used by pnacl-bcdis.

Moves code about intrinsic checks into a separate file, so that
it can be used by a) the PNaCl ABI verifier; b) pnacl-bcdis, and
c) NaClBitcodeReader can use to process signatures of intrinsics.

BUG= https://code.google.com/p/nativeclient/issues/detail?id=3894
R=jvoung@chromium.org

Review URL: https://codereview.chromium.org/374703003

3 months agoTranslator: rematerialize constant vector loads
JF Bastien [Fri, 11 Jul 2014 23:36:58 +0000 (16:36 -0700)]
Translator: rematerialize constant vector loads

PNaCl's ABI doesn't contain constant vectors, they therefore need to be
rematerialized by the translator if we want to get the best optimizations
possible.

The CL also renames CombineVectorInstructions.cpp to BackendCanonicalize.cpp to
be more accurate about what the pass does: it can now affect more than vectors
because the above change affects bitcasts and loads in general (since it doesn't
make sense to only stick with vectors). Things should stay in this one pass so
that the translator can restrict itself to what's important to optimize, and do
so as fast as it can.

R=dschuff@chromium.org
BUG= https://code.google.com/p/nativeclient/issues/detail?id=3893
TEST= (cd ./toolchain_build/out/llvm_i686_linux_work/ && ninja check)

Review URL: https://codereview.chromium.org/385073012

3 months agoReduce redundancy created by PNaCl's vector globalization pass
JF Bastien [Wed, 9 Jul 2014 20:31:19 +0000 (13:31 -0700)]
Reduce redundancy created by PNaCl's vector globalization pass

This change makes it easier to reconstruct shuffles, and reduces the pass'
reliance on constant merging. It's a toolchain only fix, meaning that no
translator update is needed, only a recompile.

The loads of constant vectors are still present and will be handled in a
separate change.

R=dschuff@chromium.org
BUG= https://code.google.com/p/nativeclient/issues/detail?id=3893
TEST= (cd ./toolchain_build/out/llvm_i686_linux_work/ && ninja check)

Review URL: https://codereview.chromium.org/379013002

3 months agoTurn off type signature checking in pnacl-bcdis.
Karl Schimpf [Wed, 2 Jul 2014 18:37:36 +0000 (11:37 -0700)]
Turn off type signature checking in pnacl-bcdis.

Removes bug caused by inconsistency in PNaCl ABI document. States that
integral function parameter/return values must only be i32/i64.
However, for calls to (whitelisted) intrinsic funtions, type signatures can
have any integral size.

BUG= https://code.google.com/p/nativeclient/issues/detail?id=3894
R=jvoung@chromium.org

Review URL: https://codereview.chromium.org/362093002

3 months agoGlobalizeConstantVectors: set Unnamed addr
JF Bastien [Wed, 2 Jul 2014 17:52:48 +0000 (10:52 -0700)]
GlobalizeConstantVectors: set Unnamed addr

The globalized vectors can be merged by constant merge when it knows that the
address doesn't matter, only the content does.

R=dschuff@chromium.org
TEST= (cd ./toolchain_build/out/llvm_i686_linux_work/ && ninja check)
BUG= none

Review URL: https://codereview.chromium.org/367963006

3 months agoPNaClABIErrorReporter: remove last virtual
JF Bastien [Wed, 2 Jul 2014 17:38:22 +0000 (10:38 -0700)]
PNaClABIErrorReporter: remove last virtual

The previous CL:
  https://codereview.chromium.org/349683004/

Left one virtual method in PNaClABIErrorReporter.

R=kschimpf@google.com, kschimpf@chromium.org
BUG= none
TEST= none

Review URL: https://codereview.chromium.org/362173002

4 months agoPNaCl SIMD: don't perform constant propagation in expand-shufflevector
JF Bastien [Tue, 1 Jul 2014 16:16:22 +0000 (09:16 -0700)]
PNaCl SIMD: don't perform constant propagation in expand-shufflevector

Using the IR builder leads to extra optimizations which usually would be useful,
but in the case of shufflevector they make reconstructing the shuffles harder
when translating. This change therefore uses manual instruction insertion, and
adjusts the tests accordingly.

BUG= https://code.google.com/p/nativeclient/issues/detail?id=3893
TEST= (cd ./toolchain_build/out/llvm_i686_linux_work/ && ninja check)
R=dschuff@chromium.org

Review URL: https://codereview.chromium.org/365503004

4 months agoAdd skip block method to NaCl bitcode parser.
Karl Schimpf [Mon, 30 Jun 2014 17:55:17 +0000 (10:55 -0700)]
Add skip block method to NaCl bitcode parser.

This is needed by Subzero, to be able to skip blocks.

BUG= https://code.google.com/p/nativeclient/issues/detail?id=3890
R=jvoung@chromium.org

Review URL: https://codereview.chromium.org/357303003

4 months agoFix comments about PIC return address calculation
Derek Schuff [Mon, 30 Jun 2014 16:00:23 +0000 (09:00 -0700)]
Fix comments about PIC return address calculation

The previous commit failed to update them to match the code.

R=mseaborn@chromium.org
BUG= https://code.google.com/p/nativeclient/issues/detail?id=3873

Review URL: https://codereview.chromium.org/347863007

4 months agoMake x86-64 sandbox-base-hiding call sequence work with PIC
Derek Schuff [Fri, 27 Jun 2014 23:16:37 +0000 (16:16 -0700)]
Make x86-64 sandbox-base-hiding call sequence work with PIC

The call sequence used on x86-64 to avoid storing the sandbox base
address on the stack was not PIC-friendly because it pushed the return
address as an immediate. When generating PIC code, manually calculate
the return address into a register and push that.

This includes a tiny cherry-pick of upstream r202418, which adds an
accessor for the relocation model to MCObjectFileInfo

R=mseaborn@chromium.org
BUG= https://code.google.com/p/nativeclient/issues/detail?id=3873
TEST= LLVM regression

Review URL: https://codereview.chromium.org/357603006

4 months agoFix Ninja/CMake build, broken by earlier change
Mark Seaborn [Fri, 27 Jun 2014 21:31:15 +0000 (14:31 -0700)]
Fix Ninja/CMake build, broken by earlier change

The earlier change, ed7a64c4217699967be9991e3a92df2826399ef7, added a
dependency from lib/Bitcode/NaCl/Analysis/ on the PNaCl ABI checker,
which wasn't declared.  This caused lib/libLLVMNaClBitAnalysis.so to
fail to link.

BUG=https://code.google.com/p/nativeclient/issues/detail?id=3814
TEST=build using Ninja
R=dschuff@chromium.org, jvoung@chromium.org

Review URL: https://codereview.chromium.org/341313003

4 months agoAllow one module block in pnacl bitcode files for pnacl-bcdis.
Karl Schimpf [Thu, 26 Jun 2014 16:10:14 +0000 (09:10 -0700)]
Allow one module block in pnacl bitcode files for pnacl-bcdis.

Also adds operator<< for class NaClBitcodeRecord.

BUG=None
R=jvoung@chromium.org

Review URL: https://codereview.chromium.org/346763009

4 months agoFinish removing the finer grained Sfi* control flags
Jan Voung [Wed, 25 Jun 2014 19:28:09 +0000 (12:28 -0700)]
Finish removing the finer grained Sfi* control flags

Commit d021e666574ea564460a84588edc272eb65a4cd6 changed
checks to key off of NaCl instead, to be consistent with
X86. So nothing actually uses the flags anymore.

BUG= https://code.google.com/p/nativeclient/issues/detail?id=3858
R=dschuff@chromium.org

Review URL: https://codereview.chromium.org/346263012

4 months agoRemove llvm -pnaclabi-allow-dev-intrinsics flag.
Jan Voung [Wed, 25 Jun 2014 19:16:30 +0000 (12:16 -0700)]
Remove llvm -pnaclabi-allow-dev-intrinsics flag.

Last users appear to have been removed and it's removed from the
driver plumbing in: https://codereview.chromium.org/333033002/

BUG=none
R=mseaborn@chromium.org

Review URL: https://codereview.chromium.org/356563003

4 months agoFix issues with verifying PNaCl ABI conditions in pnacl-bcdis.
Karl Schimpf [Tue, 24 Jun 2014 18:26:43 +0000 (11:26 -0700)]
Fix issues with verifying PNaCl ABI conditions in pnacl-bcdis.

Does several things:

(1) Factors out common support functions from PNaClABIVerfiyFunctions
and PNaClABIVerifyModules, so that they can be used without a pass
manager.

(2) Fixes DataLayout used by pnacl-bcdis to match NaClBitcodeReader.

(3) Uses the functions factored out of (1) in pnacl-bcdis.

BUG= https://code.google.com/p/nativeclient/issues/detail?id=3814
R=jvoung@chromium.org

Review URL: https://codereview.chromium.org/349683004

4 months agoRemove special nacltrap handling from X86 NaCl.
Jan Voung [Mon, 23 Jun 2014 17:26:53 +0000 (10:26 -0700)]
Remove special nacltrap handling from X86 NaCl.

I believe it was added previously to work around the validator not
accepting ud2, so it would emit a null pointer deref instead.

However the validator is fixed now:
https://code.google.com/p/nativeclient/issues/detail?id=2094

There was some asm parsing support for parsing a "nacltrap" pseudo-inst,
but the -filetype=asm path never emitted a "nacltrap" since the nacl-as
didn't support that pseudo-inst. I.e., it was supported on the parsing
side but not the writing side. It doesn't look like anything used this
parsing support, and it wouldn't have worked with nacl-as anyway.

BUG=none
R=dschuff@chromium.org

Review URL: https://codereview.chromium.org/343273003

4 months agoPNaCl dynamic loading: Allow the "__pnacl_pso_root" symbol as an entry point
Mark Seaborn [Fri, 20 Jun 2014 23:11:23 +0000 (16:11 -0700)]
PNaCl dynamic loading: Allow the "__pnacl_pso_root" symbol as an entry point

Whereas pexes will allow a single external function called "_start",
PSOs (PNaCl dynamically loadable objects) will allow a single external
global variable called "__pnacl_pso_root".

Change PNaClABISimplify.cpp to allow "__pnacl_pso_root" to be left as
external.

Change the ABI verifier to allow "__pnacl_pso_root" to be defined (but
not at the same time as "_start").

Extend some tests to cover GlobalVariables as well as functions.  Make
one CHECK-NOT test stricter.

Note that this will effectively be inaccessible by PNaCl apps, until we
add an IRT interface and browser-side plumbing for loading PSOs.  If an
app were to try to load a PSO as an executable pexe, the ABI verifier
would allow the PSO, but the native-link of the PSO would fail because
the PSO wouldn't define "_start" (it would only define
"__pnacl_pso_root").

This means the change doesn't really expose any functionality to web
apps, so I don't think it's necessary to put this behind a flag.

BUG=https://code.google.com/p/nativeclient/issues/detail?id=3873
TEST=lit tests
R=dschuff@chromium.org

Review URL: https://codereview.chromium.org/331313005

4 months agoAdd assembly text to function blocks in pnacl-bcdis.
Karl Schimpf [Thu, 19 Jun 2014 20:33:05 +0000 (13:33 -0700)]
Add assembly text to function blocks in pnacl-bcdis.

Adds assembly text to function blocks in pnacl-bcdis.

Also constraints vector types appearing in the types block, and
defines assembly for block in the valuesymtab block.

BUG= https://code.google.com/p/nativeclient/issues/detail?id=3814
R=jvoung@chromium.org

Review URL: https://codereview.chromium.org/324433005

4 months agoPNaCl: Fix uninitialised StreamingMode field in PNaClABIVerifyModule
Mark Seaborn [Wed, 18 Jun 2014 15:25:39 +0000 (08:25 -0700)]
PNaCl: Fix uninitialised StreamingMode field in PNaClABIVerifyModule

This would be uninitialised when using "-verify-pnaclabi-module" with
"opt", but not when using "pnacl-abicheck".

BUG=none
TEST=ran "opt -verify-pnaclabi-module" under valgrind
R=dschuff@chromium.org

Review URL: https://codereview.chromium.org/342573003

4 months agoPNaCl: Make PNaClABIVerifyModule complain if _start() isn't defined
Mark Seaborn [Tue, 17 Jun 2014 22:40:21 +0000 (15:40 -0700)]
PNaCl: Make PNaClABIVerifyModule complain if _start() isn't defined

Make the ABI checker stricter so that it complains if the module doesn't
contain an entry point.

If we mistakenly internalised _start() (but left its name in place),
previously we might not have caught that because pnacl-llc
re-externalises symbols when doing streaming translation.  This new
check would catch the mistake.

Update some tests to define _start() so that they still pass.

BUG=https://code.google.com/p/nativeclient/issues/detail?id=3873
TEST=lit tests
R=dschuff@chromium.org

Review URL: https://codereview.chromium.org/330623003

4 months agoPNaCl translator: combine insertelement / extractelement patterns generated by the...
Derek Schuff [Tue, 17 Jun 2014 20:25:01 +0000 (13:25 -0700)]
PNaCl translator: combine insertelement / extractelement patterns generated by the toolchain into shufflevector
shufflevector isn't part of the PNaCl ABI, insertelement /
extractelement sequences are instead generated, but they help in
generating higher performance code. This pass recognizes the patterns at
translation time and reconstructs shufflevector, allowing the generated
code to perform better.

R=jvoung@chromium.org
TEST= ninja check
BUG= http://code.google.com/p/nativeclient/issues/detail?id=2205

This patch re-applies 1eecfea5ce

Review URL: https://codereview.chromium.org/341493003

4 months agoUpdate default mcpu values to not use SSSE3 and tune for pre-sandybridge CPUs
Derek Schuff [Tue, 17 Jun 2014 16:30:48 +0000 (09:30 -0700)]
Update default mcpu values to not use SSSE3 and tune for pre-sandybridge CPUs

The "x86-64" value is the base 64-bit target which does not
use SSE3+ as core2 did.
The pentium4m mcpu value is the same as pentium4 but uses
x86.td's  FeatureSlowBTMem attribute meaning
"Bit testing of memory is slow" which is true for pre-sandybridge
CPUs (which are probably still prevalent, and in any case
matches the 64-bit code)
BUG=https://code.google.com/p/nativeclient/issues/detail?id=2205
R=jvoung@chromium.org

Review URL: https://codereview.chromium.org/333353003

4 months agoMake PNaCl type checking visible so that pnacl-bcdis can use.
Karl Schimpf [Mon, 16 Jun 2014 22:04:08 +0000 (15:04 -0700)]
Make PNaCl type checking visible so that pnacl-bcdis can use.

BUG=None
R=jvoung@chromium.org

Review URL: https://codereview.chromium.org/332813002

4 months agoPNaCl sandboxed translator: fix crash
JF Bastien [Fri, 13 Jun 2014 20:46:19 +0000 (13:46 -0700)]
PNaCl sandboxed translator: fix crash

I added a data layout usage to the translator [*] and broke the sandboxed
translator because the function ABI verification pass was added before the pass
manager contained a data layout, causing a default data layout to be constructed
(which errors out). This CL fixes the breakage by making it possible to use data
layout in the translator, even when sandboxed.

  [*]: https://codereview.chromium.org/321733002/

This CL also stubs out LLVM's current_path function because getcwd returns an
error when run inside the sandboxed translator (it does go through a NaCl
syscall, but we don't override it to anything meaningful for the
translator). This happens only in debug builds (which I was testing with) because
it's only asserted on (so release builds don't see this error).

R=jvoung@chromium.org, dschuff@chromium.org
TEST= ./pnacl/build.sh translator-all && ./scons bitcode=1 use_sandboxed_translator=1 small_tests
BUG= https://code.google.com/p/nativeclient/issues/detail?id=3870

Review URL: https://codereview.chromium.org/337793002

4 months agoFactor out NaCl bitcode value decoders from bitcode reader.
Karl Schimpf [Thu, 12 Jun 2014 17:41:06 +0000 (10:41 -0700)]
Factor out NaCl bitcode value decoders from bitcode reader.

Factor out NaCl bitcode value decoders into a separate file, so
that both the bitcode reader and pnacl-bcdis can use them.

BUG= https://code.google.com/p/nativeclient/issues/detail?id=3814
R=jvoung@chromium.org

Review URL: https://codereview.chromium.org/327273006

4 months agoPNaCl SIMD: allow element-aligned vector load/store
JF Bastien [Wed, 11 Jun 2014 16:23:54 +0000 (09:23 -0700)]
PNaCl SIMD: allow element-aligned vector load/store

PNaCl currently breaks up vector load/store instructions into the corresponding
sub-elements of the vector using {insert/extract}element followed by scalar
load/store. This was originally done so that version 0 of PNaCl SIMD wouldn't
have to bother with vector load/store (especially their alignment), punting all
complexity to existing scalar instructions. This is very suboptimal
performance-wise, and re-creating the vector load/store on the translator side
isn't a trivial matter and has several caveats.

Add support for vector load/store, aligned to their element size, in PNaCl's
ABI.

R=jvoung@chromium.org
TEST= (cd ./toolchain_build/out/llvm_i686_linux_work/ && ninja check)
BUG= https://code.google.com/p/nativeclient/issues/detail?id=3870

Review URL: https://codereview.chromium.org/321733002

4 months agoPNaCl: run constantmerge after globalizing constant vectors
JF Bastien [Wed, 11 Jun 2014 00:36:58 +0000 (17:36 -0700)]
PNaCl: run constantmerge after globalizing constant vectors

This should help reduce the number of global constants, thereby reducing the
pexe size.

R=jvoung@chromium.org
BUG= none

Review URL: https://codereview.chromium.org/325913003

4 months agoFix forward reference bug in pnacl-bcdis.
Karl Schimpf [Tue, 10 Jun 2014 21:09:27 +0000 (14:09 -0700)]
Fix forward reference bug in pnacl-bcdis.

Fixes bug where relocation records in the globals block can
refer to global addresses not yet defined. Previously,
the Bitcode Id for such references were incorrectly labeled
as function-level identifiers. Now, they correctly refer
to the forward referenced global address ID.

BUG=None
R=jvoung@chromium.org

Review URL: https://codereview.chromium.org/328833002

4 months agoAdd PassManager to pnacl-abicheck and pnacl-llc
JF Bastien [Mon, 9 Jun 2014 23:28:09 +0000 (16:28 -0700)]
Add PassManager to pnacl-abicheck and pnacl-llc

I need to get a DataLayout in the translator (to deal with vector alignment),
and this requires a PassManager. There are other unexpected dependencies that
crop up when trying to go halfway without adding a PassManager (e.g. the
AsmPrinter is null and crashes on the mangler), but in the end the following
line is the one that requires the PassManager:
  include/llvm/PassAnalysisSupport.h:200

R=jvoung@chromium.org, dschuff@chromium.org
TEST= (cd ./toolchain_build/out/llvm_i686_linux_work/ && ninja check)
BUG= https://code.google.com/p/nativeclient/issues/detail?id=3870
NOTRY=true

Review URL: https://codereview.chromium.org/326513002

4 months agoFix block bug in "pnacl-bccompress --remove-abbreviations".
Karl Schimpf [Fri, 6 Jun 2014 21:24:07 +0000 (14:24 -0700)]
Fix block bug in "pnacl-bccompress --remove-abbreviations".

If we are removing abbreviations from a PNaCl bitcode file
(in pnacl-bccompress), be sure to reduce block abbreviation size
to only allow default abbreviations.

BUG=None
R=jvoung@chromium.org

Review URL: https://codereview.chromium.org/320083002

4 months agoRetry reverting defs list for naclcalls x86-64
Jan Voung [Wed, 4 Jun 2014 23:03:58 +0000 (16:03 -0700)]
Retry reverting defs list for naclcalls x86-64

This retries the x86-64 version of commit:
bd61bacb04eaac6fdc3107136413b6ccdb9273e5.

The original change tickled a stack corruption/memory bug
exercised by an SDK test. After the test code runs and
returns, the test harness needs to get the gtest "this"
pointer from rbx. Usually rbx is saved/restored on/from
the stack.

With calls like (a) early_gtest_func -> (b) gtest_framework_func
-> (c) actual_test_func -> (d)..., the pre-patched code
used rbx in both (b) and (c), so stored a copy of rbx at
both (b) and (c). The stack corruption corrupted (c).
Since the pre-patched code still had a copy in (b), it
could use rbx fine in (a). However, the newer code
would use the corrupted version from (c) in (a).

BUG= https://code.google.com/p/nativeclient/issues/detail?id=3867
R=stichnot@chromium.org

Review URL: https://codereview.chromium.org/310353002

4 months agoPNaCl: Remove warnings about TLS/init_array variables being unreferenced
Mark Seaborn [Mon, 2 Jun 2014 17:13:51 +0000 (10:13 -0700)]
PNaCl: Remove warnings about TLS/init_array variables being unreferenced

For example:

Warning: Variable __fini_array_start not referenced
Warning: Variable __fini_array_end not referenced
Warning: Variable __tls_template_start not referenced
Warning: Variable __tls_template_tdata_end not referenced
Warning: Variable __tls_template_end not referenced
Warning: Variable __tls_template_alignment not referenced

These warnings often occur when building libc-free programs.  This is
actually fairly common, so it makes sense to drop these warnings.
They're too noisy -- they hardly ever indicate a problem.

BUG=none
TEST=none
R=jvoung@chromium.org

Review URL: https://codereview.chromium.org/303273005

4 months agoAdd assembly for abbreviations in pnacl-bcdis.
Karl Schimpf [Mon, 2 Jun 2014 16:15:34 +0000 (09:15 -0700)]
Add assembly for abbreviations in pnacl-bcdis.

Adds assembly syntax for abbreviations, and the corresponding abbreviation
index when the abbreviation is used.

BUG= https://code.google.com/p/nativeclient/issues/detail?id=3814
R=jvoung@chromium.org

Review URL: https://codereview.chromium.org/296193006

5 months agoRevert tablegen localmods for 32-bit naclcalls. Use normal calls.
Jan Voung [Fri, 30 May 2014 16:31:06 +0000 (09:31 -0700)]
Revert tablegen localmods for 32-bit naclcalls. Use normal calls.

There isn't much reason for these extra TD nodes.
Unlike 64-bit nacl, there isn't a difference in
pointer size in the data layout. Moreover, there are
separate non-codegen nodes for the assembler's convenience
"isAsmParserOnly = 1" nodes. Those are for parsing
"naclcall" (which aligns to end of bundle) vs "call" (which
does not align to end) in .S files. We might move to a
model where NaCl always aligns any "call" instruction it
sees anyway.

The 64-bit naclcalls are a bit hairier since we have a
different pointer size from normal X86, so can't reuse the
normal 64-bit tablegen nodes. Either pattern matching will
fail, or register copies will fail w/ things like:

mov %edi, %rax // ???
jmp *%rax

This has a side-effect of redoing the "Remove the Defs list
in X86InstrNaCl naclcall, since calls now use regmask."
CL's effects for 32-bit, to regain some of the speedups.
This also makes the x86-32 backend more similar to the ARM
backend, in that NaCl did not need a special call node.

E.g., the dip from landing and the undip from reverting:
https://chromeperf.appspot.com/report?masters=NativeClient&bots=lucid_64-newlib-x86_32-pnacl-spec&tests=naclperf%2Fcompiletime_gcc&checked=core&start_rev=13220&end_rev=13252

How to get that for 64-bit calls still TBD.

BUG=none
R=stichnot@chromium.org

Review URL: https://codereview.chromium.org/306913002

5 months agoRevert "Remove the Defs list in X86InstrNaCl naclcall, since calls now use regmask."
Jan Voung [Wed, 28 May 2014 02:12:25 +0000 (19:12 -0700)]
Revert "Remove the Defs list in X86InstrNaCl naclcall, since calls now use regmask."

This reverts commit bd61bacb04eaac6fdc3107136413b6ccdb9273e5.

It appears to be causing a miscompile in the SDK nacl_io_socket_test debug
build, leading to a segfault in some gtest code. Revert for now since
correct code is better than 5-10% faster compile time in O2.

BUG= https://code.google.com/p/chromium/issues/detail?id=377084
R=stichnot@chromium.org

Review URL: https://codereview.chromium.org/294393006

5 months agoPNaCl: Fix setjmp() by adding the "returns_twice" attribute back
Mark Seaborn [Sun, 25 May 2014 00:21:02 +0000 (17:21 -0700)]
PNaCl: Fix setjmp() by adding the "returns_twice" attribute back

This fixes a bug in which stack slots could get reused by the backend.

BUG=https://code.google.com/p/nativeclient/issues/detail?id=3733
TEST=lit test + run_longjmp_stackslots_test being added to NaCl Scons tests
R=jfb@chromium.org

Review URL: https://codereview.chromium.org/293313002

5 months agoNaCl: Fix memset() for Non-SFI ARM
Mark Seaborn [Fri, 23 May 2014 20:51:13 +0000 (13:51 -0700)]
NaCl: Fix memset() for Non-SFI ARM

The backend was calling memset() but using the calling conventions for
__aeabi_memset(), which swap two of the arguments.  We need to extend
the existing NaCl localmod to fix this.

Declare EnableARMAEABIFunctions so that another file can refer to it.

BUG=https://code.google.com/p/nativeclient/issues/detail?id=3809
TEST=run_memcpy_move_set_test_irt + new lit test
R=dschuff@chromium.org

Review URL: https://codereview.chromium.org/291333002

5 months agoFix compiler error for mac-pnacl-x86_32 for CL 298803005.
Karl Schimpf [Fri, 23 May 2014 20:10:00 +0000 (13:10 -0700)]
Fix compiler error for mac-pnacl-x86_32 for CL 298803005.

src/llvm/lib/Bitcode/NaCl/Analysis/NaClObjDump.cpp:1640:
error: no matching function for call to
'<unnamed>::SignRotatedInt::SignRotatedInt(<unnamed>::SignRotatedInt)'

BUG=None
R=jfb@chromium.org

Review URL: https://codereview.chromium.org/292363007

5 months agoAdd assembly code for the constants block in pnacl-bcdis.
Karl Schimpf [Fri, 23 May 2014 17:49:04 +0000 (10:49 -0700)]
Add assembly code for the constants block in pnacl-bcdis.

BUG= https://code.google.com/p/nativeclient/issues/detail?id=3814
R=jvoung@chromium.org

Review URL: https://codereview.chromium.org/298803005

5 months agoRemove writing useless abbreviation by the PNaCl bitcode writer.
Karl Schimpf [Fri, 23 May 2014 17:33:35 +0000 (10:33 -0700)]
Remove writing useless abbreviation by the PNaCl bitcode writer.

That is: TYPE_POINTER_ABBREV  [8, fixed(3), 0]

BUG=None
R=jvoung@chromium.org

Review URL: https://codereview.chromium.org/294213003

5 months agoFix include file dependency in NaClObjDumpStream.h
Karl Schimpf [Fri, 23 May 2014 16:54:58 +0000 (09:54 -0700)]
Fix include file dependency in NaClObjDumpStream.h

BUG= None
R=jvoung@chromium.org

Review URL: https://codereview.chromium.org/299923002

5 months agoAdd support for building subzero with LLVM
Derek Schuff [Thu, 22 May 2014 23:22:13 +0000 (16:22 -0700)]
Add support for building subzero with LLVM

Since subzero depends on LLVM components, it makes sense to build it
along with the LLVM build. Also, toolchain_build doesn't have support
for a target to depend on another target's working directory. We may want
to fix that in the future, but for now it's simpler to do the build
together with LLVM.

This CL allows subzero to be built from an external directory similar to
the way clang is. However we just use a Make variable directly insetad
of a configure flag to avoid regenerating autoconf files.

R=jvoung@chromium.org, stichnot@chromium.org
BUG=

Review URL: https://codereview.chromium.org/299753004

5 months agoAbstract out memory pool notion from PNaCl text formatter.
Karl Schimpf [Thu, 22 May 2014 22:34:31 +0000 (15:34 -0700)]
Abstract out memory pool notion from PNaCl text formatter.

The PNaCl bitcode objdumper defines several simple memory pools for
different kinds of token directives. Abstracts out this concept
with a template, simplifying the code.

BUG=None
R=jvoung@chromium.org

Review URL: https://codereview.chromium.org/298683007

5 months agoRemoving FlagSfi* in LLVM -- check Subtarget->isTargetNaCl() instead.
Jan Voung [Thu, 22 May 2014 22:27:28 +0000 (15:27 -0700)]
Removing FlagSfi* in LLVM -- check Subtarget->isTargetNaCl() instead.

We can't remove the flags just yet because the driver still refers to them.
So, as a first step just don't use the flag. Then after a deps roll, I'll remove
the references from the driver, and then we can remove the flags themselves.

For the constant pool disabling, check useConstIslands
instead of FlagSfiDisableCP, and initialize UseConstIslands
appropriately for NaCl.

Had to adjust some of the tests slightly:
(*) some did not expect sandboxing, but expected a specific instruction seq
(*) one fast-isel case only handled static relocations w/ constant islands disabled.

Remove FlagSfiZeroMask right now, since there are no users
in NaCl repo. The other flags are still there because the
NaCl repo's pnacl-translate.py still refers to them.

BUG= https://code.google.com/p/nativeclient/issues/detail?id=3858
R=dschuff@chromium.org, jfb@chromium.org

Review URL: https://codereview.chromium.org/293063007

5 months agoAdd recognition of abbreviation records in pnacl-bcdis.
Karl Schimpf [Wed, 21 May 2014 21:36:55 +0000 (14:36 -0700)]
Add recognition of abbreviation records in pnacl-bcdis.

Adds code to uses a listener to capture abbreviations in
pnacl-bcdis.

Also discovered that ExitBlock's were not being handled
very consistenly (between using a Listener or not) when
using class NaClBitcodeParser. Cleaned up this issue.

BUG= https://code.google.com/p/nativeclient/issues/detail?id=3814
R=jvoung@chromium.org

Review URL: https://codereview.chromium.org/289033003