Hi, I'm writting an intrinsics for the X86 plateform that replace every 'call' instruction by a 'push ret_addr' followed by a 'jmp func_addr'. I'm doing this in the X86ISelLowering class with a custom inserter. So if I have something like this: 0x0 call foobar 0x1 ... the call will be replaced like this: 0x0 push 0x2 0x1 jmp foobar_addr 0x2 ... This works fine in -O0, but when I try to compile in -O1,2,3, my program fails. Since there is no more 'call' instruction, the optimizations in the backend remove the operation that manage the function's arguments (I guess it thinks the arguments are not needed anymore). How can I resolve this problem? Is there a specific pass that remove unused values that I can disabled? Cheers
>From the department of ignorance and stupid suggestions: Run thisconversion after other passes that deal with call instructions? Side question: Is this targeting some unusual x86 architecture, as I believe this would be quite detrimental to performance on modern CPUs, as they use the pair of call/return to do predictive execution, so if you remove the CALL, the return will "unbalance" the call stack management, and lead to slower execution. -- Mats On 26 January 2015 at 13:21, Rinaldini Julien <julien.rinaldini at heig-vd.ch> wrote:> Hi, > > I'm writting an intrinsics for the X86 plateform that replace every > 'call' instruction by a 'push ret_addr' followed by a 'jmp func_addr'. > I'm doing this in the X86ISelLowering class with a custom inserter. > > So if I have something like this: > > 0x0 call foobar > 0x1 ... > > the call will be replaced like this: > > 0x0 push 0x2 > 0x1 jmp foobar_addr > 0x2 ... > > This works fine in -O0, but when I try to compile in -O1,2,3, my program > fails. Since there is no more 'call' instruction, the optimizations in > the backend remove the operation that manage the function's arguments (I > guess it thinks the arguments are not needed anymore). > > How can I resolve this problem? Is there a specific pass that remove > unused values that I can disabled? > > Cheers > _______________________________________________ > LLVM Developers mailing list > LLVMdev at cs.uiuc.edu http://llvm.cs.uiuc.edu > http://lists.cs.uiuc.edu/mailman/listinfo/llvmdev
> From the department of ignorance and stupid suggestions: Run this > conversion after other passes that deal with call instructions?Yes, but my modifications are not made in a MachineFunctionPass, it's a custom inserter for an intrinsic... I'm not sure when intrinsic lowering is applied, but I guess before any MachineFunctionPass? So I'm not sure I can chosse the order at this point.> Side question: Is this targeting some unusual x86 architecture, as I > believe this would be quite detrimental to performance on modern CPUs, > as they use the pair of call/return to do predictive execution, so if > you remove the CALL, the return will "unbalance" the call stack > management, and lead to slower execution.The goal here is to add some obfuscation to the final binary, so some performance loss is excepted! Cheers
On 26 January 2015 at 06:18, mats petersson <mats at planetcatfish.com> wrote:> From the department of ignorance and stupid suggestions: Run this > conversion after other passes that deal with call instructions?This is almost certainly the way to do it. The immediate problem is probably that the jmp isn't being marked with the usual call operands telling LLVM that it uses that argument-marshalling registers and defines the result ones. But even if you fix that x86's JMP is marked isTerminator, isBarrier and so on; that means LLVM's optimisers assume it only comes at the end of a basic block. Putting it in the middle is just wrong code waiting to happen. So I'd suggest either expanding a normal call in X86MCInstLower.cpp, or creating a new call pseudo-instruction (with sensible flags) that gets expanded there. Cheers. Tim.
Maybe Matching Threads
- [LLVMdev] Backend optimizations
- [LLVMdev] Compilation problem when addind a library
- [LLVMdev] Problems with optimizations and va_arg intrinsic
- [LLVMdev] Problem with MachineFunctionPass and JMP
- [LLVMdev] Publication -- LLVM-Obfuscator - Software Protection for the Masses