Support opaque pointers

Author: tetsuo-cpp

.github/workflows/ci.yml

@@ -23,7 +23,7 @@ jobs:
       matrix:
         image:
           - { name: 'ubuntu', tag: '20.04' }
-        llvm: ['13', '14']
+        llvm: ['14']
 
     runs-on: ubuntu-20.04
     container:
@@ -94,7 +94,7 @@ jobs:
       fail-fast: false
       matrix:
         os: ['macos-11']
-        llvm: ['13', '14']
+        llvm: ['14']
 
     runs-on: ${{ matrix.os }}
 
@@ -217,7 +217,7 @@ jobs:
     runs-on: ubuntu-latest
     strategy:
       matrix:
-        llvm: ["13", "14"]
+        llvm: ["14"]
         ubuntu: ["20.04"]
     steps:
     - uses: actions/checkout@v2

bin/lift/Lift.cpp

@@ -240,6 +240,7 @@ int main(int argc, char *argv[]) {
   // Make sure `--address` and `--entry_address` are in-bounds for the target
   // architecture's address size.
   llvm::LLVMContext context;
+  context.enableOpaquePointers();
   auto arch = remill::Arch::Get(context, FLAGS_os, FLAGS_arch);
   const uint64_t addr_mask = ~0ULL >> (64UL - arch->address_size);
   if (FLAGS_address != (FLAGS_address & addr_mask)) {
@@ -259,7 +260,6 @@ int main(int argc, char *argv[]) {
 
   std::unique_ptr<llvm::Module> module(remill::LoadArchSemantics(arch.get()));
 
-  const auto state_ptr_type = arch->StatePointerType();
   const auto mem_ptr_type = arch->MemoryPointerType();
 
   Memory memory = UnhexlifyInputBytes(addr_mask);
@@ -343,10 +343,10 @@ int main(int argc, char *argv[]) {
           << "Invalid register name '" << reg_name.str()
           << "' used in output slice list '" << FLAGS_slice_outputs << "'";
 
-      arg_types.push_back(llvm::PointerType::get(reg->type, 0));
+      arg_types.push_back(llvm::PointerType::get(context, 0));
     }
 
-    const auto state_type = state_ptr_type->getPointerElementType();
+    const auto state_type = llvm::PointerType::get(context, 0);
     const auto func_type =
         llvm::FunctionType::get(mem_ptr_type, arg_types, false);
     const auto func = llvm::Function::Create(

include/remill/Arch/Arch.h

@@ -125,7 +125,8 @@ struct Register {
   // The directly enclosed registers.
   std::vector<const Register *> children;
 
-  void CompteGEPAccessors(const llvm::DataLayout &dl, llvm::Type *state_type);
+  void ComputeGEPAccessors(const llvm::DataLayout &dl,
+                           llvm::StructType *state_type);
 };
 
 class Arch {
@@ -159,6 +160,10 @@ class Arch {
   // Return the type of a lifted function.
   llvm::FunctionType *LiftedFunctionType(void) const;
 
+  // Returns the type of the register window. If the architecture doesn't have a register window, a
+  // null pointer will be returned.
+  llvm::StructType *RegisterWindowType() const;
+
   // Apply `cb` to every register.
   void ForEachRegister(std::function<void(const Register *)> cb) const;
 

include/remill/Arch/Runtime/Types.h

@@ -34,6 +34,7 @@
 
 struct State;
 struct Memory;
+struct RegisterWindow;
 
 // Address in the source architecture type. We don't use a `uintptr_t` because
 // that might be specific to the destination architecture type.

include/remill/BC/Compat/PointerType.h

@@ -30,6 +30,7 @@ class LLVMContext;
 class IntegerType;
 class BasicBlock;
 class Value;
+class Type;
 }  // namespace llvm
 
 namespace remill {
@@ -78,8 +79,9 @@ class InstructionLifter {
                            bool is_delayed = false);
 
   // Load the address of a register.
-  llvm::Value *LoadRegAddress(llvm::BasicBlock *block, llvm::Value *state_ptr,
-                              std::string_view reg_name) const;
+  std::pair<llvm::Value *, llvm::Type *>
+  LoadRegAddress(llvm::BasicBlock *block, llvm::Value *state_ptr,
+                 std::string_view reg_name) const;
 
   // Load the value of a register.
   llvm::Value *LoadRegValue(llvm::BasicBlock *block, llvm::Value *state_ptr,

include/remill/BC/InstructionLifter.h

@@ -83,13 +83,15 @@ llvm::CallInst *AddTerminatingTailCall(llvm::BasicBlock *source_block,
 
 // Find a local variable defined in the entry block of the function. We use
 // this to find register variables.
-llvm::Value *FindVarInFunction(llvm::BasicBlock *block, std::string_view name,
-                               bool allow_failure = false);
+std::pair<llvm::Value *, llvm::Type *>
+FindVarInFunction(llvm::BasicBlock *block, std::string_view name,
+                  bool allow_failure = false);
 
 // Find a local variable defined in the entry block of the function. We use
 // this to find register variables.
-llvm::Value *FindVarInFunction(llvm::Function *func, std::string_view name,
-                               bool allow_failure = false);
+std::pair<llvm::Value *, llvm::Type *>
+FindVarInFunction(llvm::Function *func, std::string_view name,
+                  bool allow_failure = false);
 
 // Find the machine state pointer. The machine state pointer is, by convention,
 // passed as the first argument to every lifted function.

include/remill/BC/Util.h

@@ -237,7 +237,7 @@ llvm::StructType *Arch::StateStructType(void) const {
 llvm::PointerType *Arch::StatePointerType(void) const {
   CHECK(impl)
       << "Have you not run `PrepareModule` on a loaded semantics module?";
-  return llvm::PointerType::get(impl->state_type, 0);
+  return llvm::PointerType::get(*context, 0);
 }
 
 // Return the type of an address, i.e. `addr_t` in the semantics.
@@ -259,6 +259,12 @@ llvm::FunctionType *Arch::LiftedFunctionType(void) const {
   return impl->lifted_function_type;
 }
 
+llvm::StructType *Arch::RegisterWindowType(void) const {
+  CHECK(impl)
+      << "Have you not run `PrepareModule` on a loaded semantics module?";
+  return impl->register_window_type;
+}
+
 // Return information about the register at offset `offset` in the `State`
 // structure.
 const Register *Arch::RegisterAtStateOffset(uint64_t offset) const {
@@ -386,11 +392,11 @@ namespace {
 
 // These variables must always be defined within any lifted function.
 static bool BlockHasSpecialVars(llvm::Function *basic_block) {
-  return FindVarInFunction(basic_block, kStateVariableName, true) &&
-         FindVarInFunction(basic_block, kMemoryVariableName, true) &&
-         FindVarInFunction(basic_block, kPCVariableName, true) &&
-         FindVarInFunction(basic_block, kNextPCVariableName, true) &&
-         FindVarInFunction(basic_block, kBranchTakenVariableName, true);
+  return FindVarInFunction(basic_block, kStateVariableName, true).first &&
+         FindVarInFunction(basic_block, kMemoryVariableName, true).first &&
+         FindVarInFunction(basic_block, kPCVariableName, true).first &&
+         FindVarInFunction(basic_block, kNextPCVariableName, true).first &&
+         FindVarInFunction(basic_block, kBranchTakenVariableName, true).first;
 }
 
 // Add attributes to llvm::Argument in a way portable across LLVMs
@@ -444,10 +450,9 @@ namespace {
 
 // Compute the total offset of a GEP chain.
 static uint64_t TotalOffset(const llvm::DataLayout &dl, llvm::Value *base,
-                            llvm::Type *state_ptr_type) {
+                            llvm::StructType *state_type) {
   uint64_t total_offset = 0;
-  const auto state_size =
-      dl.getTypeAllocSize(state_ptr_type->getPointerElementType());
+  const auto state_size = dl.getTypeAllocSize(state_type);
   while (base) {
     if (auto gep = llvm::dyn_cast<llvm::GEPOperator>(base); gep) {
       llvm::APInt accumulated_offset(dl.getPointerSizeInBits(0), 0, false);
@@ -468,7 +473,7 @@ static uint64_t TotalOffset(const llvm::DataLayout &dl, llvm::Value *base,
     } else if (auto pti = llvm::dyn_cast<llvm::PtrToIntOperator>(base); pti) {
       base = pti->getOperand(0);
 
-    } else if (base->getType() == state_ptr_type) {
+    } else if (base->getType()->isPointerTy()) {
       break;
 
     } else {
@@ -482,27 +487,21 @@ static uint64_t TotalOffset(const llvm::DataLayout &dl, llvm::Value *base,
 
 static llvm::Value *
 FinishAddressOf(llvm::IRBuilder<> &ir, const llvm::DataLayout &dl,
-                llvm::Type *state_ptr_type, size_t state_size,
-                const Register *reg, unsigned addr_space,
-                llvm::Value *gep) {
+                llvm::StructType *state_type, size_t state_size,
+                const Register *reg, unsigned addr_space, llvm::Value *gep) {
 
 
-  auto gep_offset = TotalOffset(dl, gep, state_ptr_type);
-  auto gep_type_at_offset = gep->getType()->getPointerElementType();
+  auto gep_offset = TotalOffset(dl, gep, state_type);
 
   CHECK_LT(gep_offset, state_size);
 
   const auto index_type = reg->gep_index_list[0]->getType();
-  const auto goal_ptr_type = llvm::PointerType::get(reg->type, addr_space);
+  const auto goal_ptr_type = llvm::PointerType::get(ir.getContext(), addr_space);
 
   // Best case: we've found a value field in the structure that
   // is located at the correct byte offset.
   if (gep_offset == reg->offset) {
-    if (gep_type_at_offset == reg->type) {
-      return gep;
-
-    } else if (auto const_gep = llvm::dyn_cast<llvm::Constant>(gep);
-               const_gep) {
+    if (auto const_gep = llvm::dyn_cast<llvm::Constant>(gep); const_gep) {
       return llvm::ConstantExpr::getBitCast(const_gep, goal_ptr_type);
 
     } else {
@@ -539,22 +538,26 @@ FinishAddressOf(llvm::IRBuilder<> &ir, const llvm::DataLayout &dl,
 
   if (auto const_gep = llvm::dyn_cast<llvm::Constant>(gep); const_gep) {
     const_gep = llvm::ConstantExpr::getBitCast(
-        const_gep, llvm::PointerType::get(byte_type, addr_space));
+        const_gep, llvm::PointerType::get(ir.getContext(), addr_space));
     const_gep = llvm::ConstantExpr::getGetElementPtr(byte_type, const_gep,
                                                      elem_indexes);
     return llvm::ConstantExpr::getBitCast(const_gep, goal_ptr_type);
 
   } else {
-    gep = ir.CreateBitCast(gep, llvm::PointerType::get(byte_type, addr_space));
+    gep = ir.CreateBitCast(gep, llvm::PointerType::get(ir.getContext(), addr_space));
     gep = ir.CreateGEP(byte_type, gep, elem_indexes);
     return ir.CreateBitCast(gep, goal_ptr_type);
   }
 }
 
 }  // namespace
 
-void Register::CompteGEPAccessors(const llvm::DataLayout &dl,
-                                  llvm::Type *state_type) {
+void Register::ComputeGEPAccessors(const llvm::DataLayout &dl,
+                                   llvm::StructType *state_type) {
+  if (!state_type) {
+    state_type = arch->state_type;
+  }
+
   if (gep_type_at_offset || !state_type) {
     return;
   }
@@ -585,15 +588,13 @@ llvm::Value *Register::AddressOf(llvm::Value *state_ptr,
   CHECK_NOTNULL(state_ptr_type);
   const auto addr_space = state_ptr_type->getAddressSpace();
 
-  const auto state_type =
-      llvm::dyn_cast<llvm::StructType>(state_ptr_type->getPointerElementType());
-  CHECK_NOTNULL(state_type);
+  const auto state_type = arch->state_type;
 
   const auto module = ir.GetInsertBlock()->getParent()->getParent();
   const auto &dl = module->getDataLayout();
 
   if (!gep_type_at_offset) {
-    const_cast<Register *>(this)->CompteGEPAccessors(dl, state_type);
+    const_cast<Register *>(this)->ComputeGEPAccessors(dl, state_type);
   }
 
   llvm::Value *gep = nullptr;
@@ -607,7 +608,7 @@ llvm::Value *Register::AddressOf(llvm::Value *state_ptr,
 
   auto state_size = dl.getTypeAllocSize(state_type);
   auto ret = FinishAddressOf(
-      ir, dl, state_ptr_type, state_size, this, addr_space, gep);
+      ir, dl, state_type, state_size, this, addr_space, gep);
 
   // Add the metadata to `inst`.
   if (auto inst = llvm::dyn_cast<llvm::Instruction>(ret); inst) {
@@ -722,7 +723,7 @@ void Arch::InitializeEmptyLiftedFunction(llvm::Function *func) const {
   //            `FinishLiftedFunctionInitialization`.
 
   ir.CreateStore(state,
-                 ir.CreateAlloca(llvm::PointerType::get(impl->state_type, 0),
+                 ir.CreateAlloca(llvm::PointerType::get(context, 0),
                                  nullptr, "STATE"));
   ir.CreateStore(memory,
                  ir.CreateAlloca(impl->memory_type, nullptr, "MEMORY"));
@@ -757,7 +758,7 @@ const Register *Arch::AddRegister(const char *reg_name_, llvm::Type *val_type,
   auto reg_impl = new Register(reg_name, offset, dl.getTypeAllocSize(val_type),
                                val_type, parent_reg, impl.get());
 
-  reg_impl->CompteGEPAccessors(dl, impl->state_type);
+  reg_impl->ComputeGEPAccessors(dl, impl->state_type);
 
   reg = reg_impl;
   impl->registers.emplace_back(reg_impl);
@@ -803,10 +804,20 @@ void Arch::InitFromSemanticsModule(llvm::Module *module) const {
   const auto &dl = module->getDataLayout();
   const auto basic_block = module->getFunction("__remill_jump");
   CHECK_NOTNULL(basic_block);
-  const auto state_ptr_type =
-      NthArgument(basic_block, kStatePointerArgNum)->getType();
-  const auto state_type =
-      llvm::dyn_cast<llvm::StructType>(state_ptr_type->getPointerElementType());
+
+  const auto *state_global = module->getGlobalVariable("__remill_state");
+  CHECK_NOTNULL(state_global);
+  auto *state_type = llvm::dyn_cast<llvm::StructType>(state_global->getValueType());
+  CHECK_NOTNULL(state_type);
+
+  const auto *register_window_global =
+      module->getGlobalVariable("__remill_register_window");
+  if (register_window_global) {
+    auto *register_window_type = llvm::dyn_cast<llvm::StructType>(
+        register_window_global->getValueType());
+    CHECK_NOTNULL(register_window_type);
+    impl->register_window_type = register_window_type;
+  }
 
   impl->state_type = state_type;
   impl->reg_by_offset.resize(dl.getTypeAllocSize(state_type));

lib/Arch/Arch.cpp

@@ -43,6 +43,9 @@ class ArchImpl {
   // Lifted function type.
   llvm::FunctionType *lifted_function_type{nullptr};
 
+  // Register window type.
+  llvm::StructType *register_window_type{nullptr};
+
   // Metadata type ID for remill registers.
   unsigned reg_md_id{0};
 

lib/Arch/Arch.h

@@ -27,10 +27,22 @@
 //        addresses taken, and so this prevents dead argument elimination.
 extern "C" void __remill_mark_as_used(const void *);
 
+extern State __remill_state;
+
+#if defined(REMILL_ON_SPARC32) || defined(REMILL_ON_SPARC64)
+extern RegisterWindow __remill_register_window;
+#endif
+
 // This is just a hack to make sure all these functions appear in the bitcode
 // file!
 [[gnu::used]] extern "C" void __remill_intrinsics(void) {
 
+  USED(__remill_state);
+
+#if defined(REMILL_ON_SPARC32) || defined(REMILL_ON_SPARC64)
+  USED(__remill_register_window);
+#endif
+
   USED(__remill_read_memory_8);
   USED(__remill_read_memory_16);
   USED(__remill_read_memory_32);