kit

jit_tls_relax_test.c (8844B)

---

 /* In-process JIT TLS Local-Exec relaxation for the Windows (COFF) TEB idiom.
  *
  * The single-threaded JIT rewrites the PE TLS-access idiom (read TEB
  * ThreadLocalStoragePointer, index by `_tls_index`, then `+ SECREL(var)`) to
  * address the in-image .tls instance directly, dropping the TEB/`_tls_index`
  * indirection (see src/link/link_jit.c and the per-arch jit_tls_le_relax). The
  * aarch64 path is verified end-to-end on the Windows VM; this pins the
  * byte-level rewrite for BOTH arches, and is the only automated guard for the
  * x86-64 idiom (x64-windows self-host can't run end-to-end yet).
  *
  * Each case hand-encodes the exact idiom the codegen emits
  * (x64_tls_addr_of_win64 / aa_tls_addr_of_win), drives the relax, and asserts
  * the result is the in-image address materialization. The x64 builder is pinned
  * to a golden captured from real `kit cc -c` disassembly so it can't drift away
  * from the codegen it must match.
  *
  * Exit 0 = pass; non-zero = fail. */
 
 #include <stdint.h>
 #include <string.h>
 
 #include <kit/core.h>
 
 #include "core/core.h"
 #include "lib/kit_unit.h"
 #include "obj/obj.h"
 
 /* Reached via LinkArchDesc.jit_tls_le_relax; not exposed in a header. */
 void x64_jit_tls_le_relax(Compiler* c, RelocKind k, u8* site, u64 storage,
                           u64 site_pc);
 void aa64_jit_tls_le_relax(Compiler* c, RelocKind k, u8* site, u64 storage,
                            u64 site_pc);
 
 static KitUnit g_u;
 #define EXPECT(cond, ...) CU_EXPECT(&g_u, cond, __VA_ARGS__)
 
 static KitCompiler* compiler_for(KitArchKind arch) {
   static KitCompiler* aa64 = NULL;
   static KitCompiler* x64 = NULL;
   KitCompiler** slot = arch == KIT_ARCH_ARM_64 ? &aa64 : &x64;
   if (!*slot) {
     /* Windows/COFF so the compiler matches the idiom's origin; only the panic
      * path reads it, so the exact spec barely matters. */
     KitTargetSpec t = kit_unit_target(arch, KIT_OS_WINDOWS, KIT_OBJ_COFF);
     if (kit_unit_compiler_new(&g_u, t, slot) != KIT_OK || !*slot) {
       fprintf(stderr, "compiler_new failed for arch=%d\n", (int)arch);
       exit(2);
     }
   }
   return *slot;
 }
 
 static u32 rd32(const u8* p) {
   return (u32)p[0] | ((u32)p[1] << 8) | ((u32)p[2] << 16) | ((u32)p[3] << 24);
 }
 
 /* ---- x86-64 -------------------------------------------------------------- */
 
 /* Emit the 4-instruction Win64 TLS idiom for destination register `rd` into
  * `b`, mirroring x64_tls_addr_of_win64 byte-for-byte. Returns total length;
  * *site_off receives the offset of the trailing lea's SECREL disp32. */
 static u32 x64_emit_idiom(u8* b, u32 rd, u32* site_off) {
   u32 n = 0;
   /* (1) mov rd, gs:[0x58]  (9 bytes) */
   b[n++] = 0x65;
   b[n++] = (u8)(0x48u | ((rd & 8u) ? 0x04u : 0u));
   b[n++] = 0x8B;
   b[n++] = (u8)(((rd & 7u) << 3) | 4u);
   b[n++] = 0x25;
   b[n++] = 0x58;
   b[n++] = 0;
   b[n++] = 0;
   b[n++] = 0;
   /* (2) mov r11d, [rip+_tls_index]  (7 bytes) */
   b[n++] = 0x44;
   b[n++] = 0x8B;
   b[n++] = 0x1D;
   b[n++] = 0;
   b[n++] = 0;
   b[n++] = 0;
   b[n++] = 0;
   /* (3) mov rd, [rd+r11*8]  (4 or 5 bytes) */
   b[n++] = (u8)(0x4Au | ((rd & 8u) ? 0x05u : 0u));
   b[n++] = 0x8B;
   if ((rd & 7u) == 5u) {
     b[n++] = (u8)((1u << 6) | ((rd & 7u) << 3) | 4u);
     b[n++] = (u8)(0xD8u | (rd & 7u));
     b[n++] = 0;
   } else {
     b[n++] = (u8)(((rd & 7u) << 3) | 4u);
     b[n++] = (u8)(0xD8u | (rd & 7u));
   }
   /* (4) lea rd, [rd + sym@SECREL]  (7 or 8 bytes) */
   b[n++] = (u8)(0x48u | ((rd & 8u) ? 0x05u : 0u));
   b[n++] = 0x8D;
   if ((rd & 7u) == 4u) {
     b[n++] = (u8)((2u << 6) | ((rd & 7u) << 3) | 4u);
     b[n++] = (u8)((4u << 3) | (rd & 7u));
   } else {
     b[n++] = (u8)((2u << 6) | ((rd & 7u) << 3) | (rd & 7u));
   }
   *site_off = n;
   b[n++] = 0;
   b[n++] = 0;
   b[n++] = 0;
   b[n++] = 0;
   return n;
 }
 
 static void x64_check(u32 rd) {
   u8 buf[40];
   u32 site_off;
   u32 total = x64_emit_idiom(buf, rd, &site_off);
   /* Distinct write/runtime "addresses": disp must use site_pc, not &buf. */
   const u64 site_pc = 0x140005000ull + site_off;
   const u64 storage = 0x140009123ull;
   u32 lea = total - 7u; /* the rewritten 7-byte rip-lea sits at the block end */
   i64 want_disp = (i64)storage - (i64)(site_pc + 4u);
   u32 i;
   x64_jit_tls_le_relax(compiler_for(KIT_ARCH_X86_64), R_COFF_SECREL,
                        &buf[site_off], storage, site_pc);
   for (i = 0; i < lea; ++i)
     EXPECT(buf[i] == 0x90u, "x64 rd=%u: byte %u not NOP (0x%02x)", rd, i,
            buf[i]);
   EXPECT(buf[lea] == (u8)(0x48u | ((rd >= 8u) ? 0x04u : 0u)),
          "x64 rd=%u: lea REX 0x%02x", rd, buf[lea]);
   EXPECT(buf[lea + 1] == 0x8Du, "x64 rd=%u: lea opcode 0x%02x", rd,
          buf[lea + 1]);
   EXPECT(buf[lea + 2] == (u8)(((rd & 7u) << 3) | 5u),
          "x64 rd=%u: lea modrm 0x%02x", rd, buf[lea + 2]);
   EXPECT((i32)rd32(&buf[lea + 3]) == (i32)want_disp,
          "x64 rd=%u: disp 0x%08x want 0x%08x", rd, rd32(&buf[lea + 3]),
          (u32)want_disp);
 }
 
 /* Pin x64_emit_idiom to real codegen: the rd=r8 idiom captured from
  * `kit cc -target x86_64-windows -c` disassembly. A drift in the builder (and
  * thus a relax tested against a fictional idiom) turns this red. */
 static void x64_golden(void) {
   static const u8 want[] = {0x65, 0x4c, 0x8b, 0x04, 0x25, 0x58, 0x00, 0x00,
                             0x00, 0x44, 0x8b, 0x1d, 0x00, 0x00, 0x00, 0x00,
                             0x4f, 0x8b, 0x04, 0xd8, 0x4d, 0x8d, 0x80, 0x00,
                             0x00, 0x00, 0x00};
   u8 buf[40];
   u32 site_off;
   u32 total = x64_emit_idiom(buf, 8u /* r8 */, &site_off);
   EXPECT(total == sizeof want, "x64 golden length %u != %zu", total,
          sizeof want);
   EXPECT(memcmp(buf, want, sizeof want) == 0, "x64 golden idiom mismatch");
 }
 
 /* ---- aarch64 ------------------------------------------------------------- */
 
 #define AA_NOP 0xd503201fu
 
 static u32 aa_add_imm(u32 rd, u32 rn, u32 imm12, u32 sh) {
   return 0x91000000u | (sh << 22) | ((imm12 & 0xfffu) << 10) | ((rn & 0x1fu)
          << 5) | (rd & 0x1fu);
 }
 
 /* Emit the 7-instruction Win64/aarch64 TLS idiom for `rd` (aa_tls_addr_of_win).
  * Only instruction (6) — the HIGH12A add the relax keys on — needs a faithful
  * encoding; the rest are placeholders the relax overwrites unconditionally. */
 static u32 aa_emit_idiom(u32* w, u32 rd) {
   w[0] = 0xf9400240u | (18u << 5) | rd; /* ldr rd,[x18,#0x58]  (placeholder) */
   w[1] = 0x90000010u;                   /* adrp x16,_tls_index */
   w[2] = aa_add_imm(16u, 16u, 0u, 0u);  /* add  x16,x16,:lo12: */
   w[3] = 0xb9400210u;                   /* ldr  w16,[x16]      */
   w[4] = 0xf8607a00u | rd;              /* ldr  rd,[rd,x16,lsl#3] */
   w[5] = aa_add_imm(rd, rd, 0u, 1u);    /* add  rd,rd,:secrel_hi12: (HIGH12A) */
   w[6] = aa_add_imm(rd, rd, 0u, 0u);    /* add  rd,rd,:secrel_lo12: (LOW12A) */
   return 5u; /* word index of the HIGH12A site the relax keys on */
 }
 
 /* Decode ADRP+ADD (the relax's output) back to the absolute address it
  * materializes, so we confirm it equals `storage`. */
 static u64 aa_decode_adrp_add(u32 adrp, u32 add, u64 adrp_pc) {
   u32 immlo = (adrp >> 29) & 0x3u;
   u32 immhi = (adrp >> 5) & 0x7ffffu;
   i64 imm = (i64)(((u64)immhi << 2) | immlo);
   if (imm & (1ll << 20)) imm -= (1ll << 21); /* sign-extend 21 bits */
   u64 page = (adrp_pc & ~0xfffull) + ((u64)imm << 12);
   return page + ((add >> 10) & 0xfffu);
 }
 
 static void aa_check(u32 rd) {
   u32 w[7];
   u32 site_i = aa_emit_idiom(w, rd);
   const u64 site_pc = 0x140005000ull + site_i * 4u;
   const u64 storage = 0x140009123ull;
   u8* site = (u8*)&w[site_i];
   u32 i;
   aa64_jit_tls_le_relax(compiler_for(KIT_ARCH_ARM_64),
                         R_COFF_AARCH64_SECREL_HIGH12A, site, storage, site_pc);
   for (i = 0; i < 4u; ++i) /* instructions (1)-(4) -> NOP */
     EXPECT(w[i] == AA_NOP, "aa64 rd=%u: insn %u not NOP (0x%08x)", rd, i, w[i]);
   EXPECT((w[4] & 0x9f000000u) == 0x90000000u && (w[4] & 0x1fu) == rd,
          "aa64 rd=%u: insn(5) not ADRP rd (0x%08x)", rd, w[4]);
   EXPECT((w[5] & 0xff800000u) == 0x91000000u && (w[5] & 0x1fu) == rd &&
              ((w[5] >> 5) & 0x1fu) == rd,
          "aa64 rd=%u: insn(6) not ADD rd,rd,#imm (0x%08x)", rd, w[5]);
   EXPECT(w[6] == AA_NOP, "aa64 rd=%u: insn(7) not NOP (0x%08x)", rd, w[6]);
   EXPECT(aa_decode_adrp_add(w[4], w[5], site_pc - 4u) == storage,
          "aa64 rd=%u: ADRP+ADD != storage", rd);
 }
 
 int main(void) {
   /* Cover the x64 length-variant branches: rd&7==4 (rsp/r12 -> lea sib),
    * rd&7==5 (rbp/r13 -> mov disp8), and rd>=8 (REX.R/B). */
   static const u32 x64_rds[] = {0, 1, 4, 5, 8, 12, 13};
   static const u32 aa_rds[] = {0, 1, 9, 20};
   size_t i;
   kit_unit_init(&g_u);
   x64_golden();
   for (i = 0; i < sizeof x64_rds / sizeof x64_rds[0]; ++i) x64_check(x64_rds[i]);
   for (i = 0; i < sizeof aa_rds / sizeof aa_rds[0]; ++i) aa_check(aa_rds[i]);
   kit_unit_summary(&g_u, "jit_tls_relax_test");
   return kit_unit_status(&g_u);
 }