This is an archive of the discontinued LLVM Phabricator instance.

Differential D100919

[AArch64] Support customizing stack protector guard
ClosedPublic

Authored by nickdesaulniers on Apr 20 2021, 6:47 PM.

Details

Reviewers
xiangzhangllvm
efriedma
MaskRay
DavidSpickett
ostannard
momchil.velikov
sdesmalen
paulwalker-arm
t.p.northover
paquette
djtodoro
vsk
bsmith
junparser
joechrisellis
dmgreen
SjoerdMeijer
fhahn
Commits
rG0f417789192e: [AArch64] Support customizing stack protector guard
Summary

Follow up to D88631 but for aarch64; the Linux kernel uses the command
line flags:

  1. -mstack-protector-guard=sysreg
  2. -mstack-protector-guard-reg=sp_el0
  3. -mstack-protector-guard-offset=0

to use the system register sp_el0 for the stack canary, enabling the
kernel to have a unique stack canary per task (like a thread, but not
limited to userspace as the kernel can preempt itself).

Address pr/47341 for aarch64.

Fixes: https://github.com/ClangBuiltLinux/linux/issues/289
Signed-off-by: Nick Desaulniers <ndesaulniers@google.com>

Diff Detail

Event Timeline

nickdesaulniers created this revision.Apr 20 2021, 6:47 PM
Herald added subscribers: dexonsmith, danielkiss, hiraditya, kristof.beyls. · View Herald TranscriptApr 20 2021, 6:47 PM
nickdesaulniers requested review of this revision.Apr 20 2021, 6:47 PM
Herald added projects: Restricted Project, Restricted Project. · View Herald TranscriptApr 20 2021, 6:47 PM
Herald added subscribers: llvm-commits, cfe-commits. · View Herald Transcript
nickdesaulniers added a comment.Apr 20 2021, 6:48 PM

I still have some todos that I will get to tomorrow, but posting this early for review.

nickdesaulniers added inline comments.Apr 20 2021, 6:49 PM
clang/lib/Driver/ToolChains/Clang.cpp
3150

TODO: can we re-use AArch64SysReg::lookupSysRegByName in the frontend?

xiangzhangllvm accepted this revision.Apr 20 2021, 7:36 PM

I didn't find any problem in the main context of the patch, +1 first.

This revision is now accepted and ready to land.Apr 20 2021, 7:36 PM
nickdesaulniers planned changes to this revision.Apr 20 2021, 8:07 PM

Pretty sure I need to do something with non-zero values of -mstack-protector-guard-offset=0.

Harbormaster completed remote builds in B99868: Diff 339072.Apr 20 2021, 8:44 PM
kristof.beyls added inline comments.Apr 21 2021, 12:39 AM
clang/test/Driver/stack-protector-guard.c
26

I guess you meant to type "-target arm-linux-gnueabi"?

nickdesaulniers added inline comments.Apr 23 2021, 4:19 PM
clang/lib/Driver/ToolChains/Clang.cpp
3111

TODO: tls is not supported on aarch64 in GCC.

3126

TODO: GCC treats this as mutually exclusive when OPT_mstack_protector_guard_EQ == global.

Herald added a subscriber: tmatheson. · View Herald TranscriptApr 23 2021, 4:19 PM
nickdesaulniers updated this revision to Diff 340192.Apr 23 2021, 4:20 PM
  • fix 32b ARM triple, add test for non-zero offset, actually load ptr
This revision is now accepted and ready to land.Apr 23 2021, 4:20 PM
nickdesaulniers planned changes to this revision.Apr 23 2021, 4:20 PM
nickdesaulniers marked an inline comment as done.
nickdesaulniers added inline comments.
llvm/test/CodeGen/AArch64/stack-guard-sysreg-nonzero-offset.ll
1 ↗(On Diff #340192)

This can be combined with the other test by using different CHECK prefixes.

nickdesaulniers added inline comments.Apr 23 2021, 4:24 PM
llvm/lib/Target/AArch64/AArch64InstrInfo.cpp
1914–1915

@efriedma can you please check that I have these flags correct? I'm not sure that I do. Also, I suspect that I can't allocated a virtual register for the result of the LDR, since this is post-RA?

nickdesaulniers updated this revision to Diff 340212.Apr 23 2021, 5:40 PM
  • combine tests, clean up Clang drivers slightly
This revision is now accepted and ready to land.Apr 23 2021, 5:40 PM
nickdesaulniers added inline comments.Apr 23 2021, 5:40 PM
clang/lib/Driver/ToolChains/Clang.cpp
3126

And it does so inconsistently; it errors for aarch64, but does literally nothing (no warning, no change to codegen) for x86. I don't plan to be bug compatible here.

3150

I don't think so because llvm/lib/Target/AArch64/Utils/AArch64BaseInfo.h is under lib/ not include/. Not sure if I should just remove reg validation?

Harbormaster completed remote builds in B100694: Diff 340192.Apr 23 2021, 5:47 PM
Harbormaster completed remote builds in B100713: Diff 340212.Apr 23 2021, 7:49 PM
nickdesaulniers added subscribers: jyknight, echristo.Apr 26 2021, 12:44 PM
nickdesaulniers added inline comments.
clang/lib/Driver/ToolChains/Clang.cpp
3150

Guidance provided by @echristo and @jyknight was that we should avoid such linkage requirements on Target/, so instead I'll work on adding a helper to clang/lib/Driver/ToolChains/Arch/AArch64.cpp that duplicates logic from AArch64SysReg::lookupSysRegByName.

nickdesaulniers planned changes to this revision.Apr 26 2021, 12:44 PM
nickdesaulniers added inline comments.Apr 26 2021, 1:03 PM
clang/lib/Driver/ToolChains/Clang.cpp
3150

It looks like there's ~1000 possible sysregs for aarch64 ATM; do we really want to add all of those to clang?

nickdesaulniers mentioned this in D101325: [CodeGenOptions] make StackProtectorGuardOffset signed.Apr 26 2021, 2:20 PM
nickdesaulniers added a child revision: D101325: [CodeGenOptions] make StackProtectorGuardOffset signed.Apr 26 2021, 2:20 PM
nickdesaulniers updated this revision to Diff 340652.Apr 26 2021, 2:28 PM
  • add support for NPOT and negative offsets
This revision is now accepted and ready to land.Apr 26 2021, 2:28 PM
Harbormaster completed remote builds in B101026: Diff 340652.Apr 26 2021, 2:28 PM
nickdesaulniers added inline comments.Apr 26 2021, 2:29 PM
clang/lib/Driver/ToolChains/Clang.cpp
3150

I'm going to post that as a separate commit/review on top of this series, that way it doesn't pollute this code review. This is ready to be reviewed.

nickdesaulniers added a parent revision: D101327: [Clang][Driver] validate sysregs for -mstack-protector-guard-reg=.Apr 26 2021, 2:55 PM
DavidSpickett added a subscriber: DavidSpickett.Apr 27 2021, 1:59 AM
DavidSpickett added inline comments.
clang/lib/Driver/ToolChains/Clang.cpp
3117

Shouldn't this also allow "tls"? At least that's what the previous code works out to, I don't know if that actually works on AArch64 or if it just didn't error.

3150

If the number of different registers people actually use with this option is somewhere < 10 I'd just hardcode the names here as needed. (a large amount of those sysregs won't be suitable for this purpose anyway)

DavidSpickett added inline comments.Apr 27 2021, 2:18 AM
clang/test/Driver/stack-protector-guard.c
59

I'm not sure if this is due to your code or the error machinery itself but these errors are strangely written.

I'd expect:

error: invalid value 'tls' in 'mstack-protector-guard='tls', valid arguments to '-mstack-protector-guard=' are:sysreg global'

Maybe it's assuming that there could be multiple values and ',' means that list option treats the value as a list? Or it's not using the right value and the comma is meant to be after the ='' as in my example.

DavidSpickett added a reviewer: DavidSpickett.Apr 27 2021, 2:18 AM
nickdesaulniers mentioned this in rGea8416bf4df4: [CodeGenOptions] make StackProtectorGuardOffset signed.Apr 27 2021, 10:13 AM
nickdesaulniers updated this revision to Diff 340905.Apr 27 2021, 10:30 AM
nickdesaulniers marked 3 inline comments as done.
  • prefer err_drv_invalid_value
clang/lib/Driver/ToolChains/Clang.cpp
3117

I don't think so; GCC seems to support tls for x86 but not for aarch64.
https://godbolt.org/z/6WjEPfhT5

3150

Right, I figure that can be a separate decision from the rest of the implementation, I've forked that off in https://reviews.llvm.org/D101327. Whether it lands or not doesn't matter to me.

clang/test/Driver/stack-protector-guard.c
59

Sure, err_drv_invalid_value would be better.

Harbormaster completed remote builds in B101217: Diff 340905.Apr 27 2021, 10:30 AM
nickdesaulniers mentioned this in D101327: [Clang][Driver] validate sysregs for -mstack-protector-guard-reg=.Apr 27 2021, 11:07 AM
nickdesaulniers marked an inline comment as not done.Apr 27 2021, 11:13 AM
nickdesaulniers added inline comments.
clang/test/Driver/stack-protector-guard.c
59

Ah, err_drv_invalid_value_with_suggestion puts single quotes around the third parameter %2. Let me send a patch cleaning that up, then I'll rebase this on that.

nickdesaulniers added a child revision: D101387: [Clang] remove text extension from diag::err_drv_invalid_value_with_suggestion.Apr 27 2021, 11:30 AM
nickdesaulniers updated this revision to Diff 340932.Apr 27 2021, 11:40 AM
nickdesaulniers marked an inline comment as done.Apr 27 2021, 11:40 AM
Harbormaster completed remote builds in B101232: Diff 340932.Apr 27 2021, 11:41 AM
tmatheson removed a subscriber: tmatheson.Apr 27 2021, 10:30 PM
DavidSpickett added inline comments.Apr 28 2021, 5:55 AM
clang/include/clang/Basic/CodeGenOptions.h
385

This is now used for TLS on x86 and sysreg on AArch64 so how about:

/// The TLS base register when StackProtectorGuard is "tls", or register
/// used to store the stack canary for "sysreg".
/// On x86 this can be "fs" or "gs".
/// On AArch64 this can only be "sp_el0".
clang/lib/Driver/ToolChains/Clang.cpp
3117

Fair enough, seems unlikely it would work in any case.

llvm/test/CodeGen/AArch64/stack-guard-sysreg.ll
21

What does NPOT stand for here, something to do with the offset not being a multiple of 8 bytes?

nickdesaulniers mentioned this in D101387: [Clang] remove text extension from diag::err_drv_invalid_value_with_suggestion.May 3 2021, 11:11 AM
nickdesaulniers updated this revision to Diff 342905.May 4 2021, 4:40 PM
nickdesaulniers marked an inline comment as done.
  • rebase, update comment
nickdesaulniers marked an inline comment as done.May 4 2021, 4:40 PM
nickdesaulniers added inline comments.
llvm/test/CodeGen/AArch64/stack-guard-sysreg.ll
21

Non Power Of Two

Harbormaster completed remote builds in B102641: Diff 342905.May 4 2021, 4:40 PM
nickdesaulniers added inline comments.May 4 2021, 5:25 PM
llvm/lib/Target/AArch64/AArch64InstrInfo.cpp
1914–1915

@efriedma bumping for review; otherwise can you suggest another reviewer?

nickdesaulniers updated this revision to Diff 342921.May 4 2021, 5:49 PM
  • prefer addDef, explicit register kills
Harbormaster completed remote builds in B102653: Diff 342921.May 4 2021, 5:50 PM
nickdesaulniers added inline comments.May 4 2021, 5:51 PM
llvm/lib/Target/AArch64/AArch64InstrInfo.cpp
1914–1915

In particular, I'm most curious about the use of RegState::Renamable; the result of reading via mrs is a temporary; but this is post-RA, so isn't it too late for further register renaming?

nickdesaulniers added inline comments.May 4 2021, 5:53 PM
llvm/lib/Target/AArch64/AArch64InstrInfo.cpp
1914–1915

Additionally, if it's a temporary, should it be RegState::Implicit?

DavidSpickett added a reviewer: ostannard.May 5 2021, 1:22 AM
DavidSpickett added a subscriber: ostannard.

All my comments have been answered. Perhaps @ostannard can check AArch64InstrInfo.cpp ?

nickdesaulniers added reviewers: momchil.velikov, sdesmalen, paulwalker-arm, t.p.northover.May 6 2021, 9:06 AM
nickdesaulniers added a reviewer: paquette.
nickdesaulniers added reviewers: djtodoro, vsk.May 7 2021, 10:27 AM
nickdesaulniers added a comment.May 10 2021, 2:45 PM

bumping for review

nickdesaulniers added reviewers: bsmith, junparser, joechrisellis, dmgreen, SjoerdMeijer, fhahn.May 10 2021, 2:48 PM
DavidSpickett requested changes to this revision.EditedMay 11 2021, 2:34 AM

This is probably not showing up in review queues as it got accepted accidentally at some point. I'm going to "Request Changes" then I think you'll need to refresh the diff to get it back into active review.
(I don't know of any other way to "give up" an accept revision)

This revision now requires changes to proceed.May 11 2021, 2:34 AM
dmgreen added a comment.May 11 2021, 3:12 AM

I don't know a huge amount about stack protectors.

It's worth adding -verify-machineinstrs to the tests, to check the code passes the internal checks.

llvm/lib/Target/AArch64/AArch64InstrInfo.cpp
1917

What is StackProtectorGuardOffset, and could is be out of range for the load? That is something that verify-machineinstrs won't currently check for.

1920

Defs come before Uses in machine instructions.

nickdesaulniers updated this revision to Diff 344549.May 11 2021, 1:12 PM
nickdesaulniers marked an inline comment as done.
  • reorder USE/DEF, add -verify-machineinstrs
nickdesaulniers added a comment.May 11 2021, 1:12 PM
In D100919#2750125, @dmgreen wrote:

It's worth adding -verify-machineinstrs to the tests, to check the code passes the internal checks.

Done.

llvm/lib/Target/AArch64/AArch64InstrInfo.cpp
1917

It's passed from the front end; it's an offset added to the pointer load. The Linux kernel uses a value in 1100-1200 range. GCC will let you use whatever large value and keep appending adds for constants greater than 32200: https://godbolt.org/z/1xhbEPbKG, but YAGNI.

Harbormaster completed remote builds in B103847: Diff 344549.May 11 2021, 1:13 PM
dmgreen added inline comments.May 11 2021, 2:12 PM
llvm/lib/Target/AArch64/AArch64InstrInfo.cpp
1917

OK. It might be worth at least issuing a report_fatal_error if it is out of the range of the instructions handled here. Otherwise the error might be non-obvious, it just truncating the immediate during codegen.

nickdesaulniers added inline comments.May 11 2021, 4:48 PM
llvm/lib/Target/AArch64/AArch64InstrInfo.cpp
1917

Indeed, in particular it looks like the range of LDR is 0-32760 which is sufficient for the kernel, but the range for LDUR is only -256-255, which is not.

nickdesaulniers planned changes to this revision.May 11 2021, 4:48 PM
nickdesaulniers updated this revision to Diff 345587.May 14 2021, 5:02 PM
  • support up to +/- 4096 non-multiples of 8. We could get crazy with psuedo instructions and register scavenging, but this is really overkill; the very first case of positive multiple's of 8 < 32670 will be 99% of the kernel's use case.
Herald added a subscriber: dang. · View Herald TranscriptMay 14 2021, 5:02 PM
Harbormaster completed remote builds in B104615: Diff 345587.May 14 2021, 5:03 PM
nickdesaulniers marked 2 inline comments as done.May 14 2021, 5:03 PM
dmgreen accepted this revision.May 17 2021, 3:35 AM

Thanks. This sounds good to me, if David agrees.

llvm/lib/Target/AArch64/AArch64InstrInfo.cpp
1909

-> Unknown

1951

It may be possible to do something earlier, where a we add the MOVi32imm earlier before registry allocation and use that as the register for the ldr offset. That would keep it simpler than trying to find scratch registers, and may be optimized better by the pipeline.

DavidSpickett accepted this revision.May 17 2021, 3:53 AM

LGTM with one nit.

llvm/lib/Target/AArch64/AArch64InstrInfo.cpp
1916

For all the if/else here I'd include the braces. I know that once the preprocessor is done it'll be a one line if but visually it's confusing.

This revision is now accepted and ready to land.May 17 2021, 3:53 AM
nickdesaulniers updated this revision to Diff 345949.May 17 2021, 11:37 AM
  • braces, typo fix, add comment about additional approaches
Harbormaster completed remote builds in B104872: Diff 345949.May 17 2021, 11:38 AM
nickdesaulniers marked 3 inline comments as done.May 17 2021, 11:40 AM
nickdesaulniers added inline comments.
llvm/lib/Target/AArch64/AArch64InstrInfo.cpp
1951

Sure; added that as a comment; hopefully we wont need it, but "never say never (again)."

nickdesaulniers marked an inline comment as done.May 17 2021, 11:40 AM

Appreciate the reviews; ++beers_owed;

This revision was landed with ongoing or failed builds.May 17 2021, 11:49 AM
Closed by commit rG0f417789192e: [AArch64] Support customizing stack protector guard (authored by nickdesaulniers). · Explain Why
This revision was automatically updated to reflect the committed changes.
nickdesaulniers added a commit: rG0f417789192e: [AArch64] Support customizing stack protector guard.
nickdesaulniers mentioned this in D102742: [IR] make stack-protector-guard-* flags into module attrs.May 18 2021, 5:51 PM
nickdesaulniers mentioned this in rG033138ea452f: [IR] make stack-protector-guard-* flags into module attrs.May 21 2021, 4:02 PM
nickdesaulniers mentioned this in D112768: [ARM] implement support for TLS register based stack protector.Oct 28 2021, 4:49 PM

Revision Contents

PathSize
clang/
include/
clang/
Basic/
1 line
lib/
CodeGen/
5 lines
Driver/
ToolChains/
22 lines
test/
Driver/
18 lines
llvm/
include/
llvm/
Target/
8 lines
lib/
CodeGen/
2 lines
Target/
AArch64/
24 lines
test/
CodeGen/
AArch64/
73 lines

Diff 340905

clang/include/clang/Basic/CodeGenOptions.h

Show First 20 LinesShow All 376 Lines▼ Show 20 Linespublic:
/// The guard style used for stack protector to get a initial value, this /// The guard style used for stack protector to get a initial value, this
/// value usually be gotten from TLS or get from __stack_chk_guard, or some /// value usually be gotten from TLS or get from __stack_chk_guard, or some
/// other styles we may implement in the future. /// other styles we may implement in the future.
std::string StackProtectorGuard; std::string StackProtectorGuard;
/// The TLS base register when StackProtectorGuard is "tls". /// The TLS base register when StackProtectorGuard is "tls".
/// On x86 this can be "fs" or "gs". /// On x86 this can be "fs" or "gs".
/// On AArch64 this can be any value of llvm::AArch64SysReg::SysReg.
DavidSpickettUnsubmitted
Done
ReplyInline Actions

This is now used for TLS on x86 and sysreg on AArch64 so how about:

/// The TLS base register when StackProtectorGuard is "tls", or register
/// used to store the stack canary for "sysreg".
/// On x86 this can be "fs" or "gs".
/// On AArch64 this can only be "sp_el0".
DavidSpickett: This is now used for TLS on x86 and sysreg on AArch64 so how about: ``` /// The TLS base…
std::string StackProtectorGuardReg; std::string StackProtectorGuardReg;
/// Path to blocklist file specifying which objects /// Path to blocklist file specifying which objects
/// (files, functions) listed for instrumentation by sanitizer /// (files, functions) listed for instrumentation by sanitizer
/// coverage pass should actually not be instrumented. /// coverage pass should actually not be instrumented.
std::vector<std::string> SanitizeCoverageBlocklistFiles; std::vector<std::string> SanitizeCoverageBlocklistFiles;
/// Executable and command-line used to create a given CompilerInvocation. /// Executable and command-line used to create a given CompilerInvocation.
▲ Show 20 LinesShow All 76 LinesShow Last 20 Lines

clang/lib/CodeGen/BackendUtil.cpp

Show First 20 LinesShow All 549 Lines▼ Show 20 Linesstatic bool initTargetOptions(DiagnosticsEngine &Diags,
Options.EnableMachineFunctionSplitter = CodeGenOpts.SplitMachineFunctions; Options.EnableMachineFunctionSplitter = CodeGenOpts.SplitMachineFunctions;
Options.FunctionSections = CodeGenOpts.FunctionSections; Options.FunctionSections = CodeGenOpts.FunctionSections;
Options.DataSections = CodeGenOpts.DataSections; Options.DataSections = CodeGenOpts.DataSections;
Options.IgnoreXCOFFVisibility = LangOpts.IgnoreXCOFFVisibility; Options.IgnoreXCOFFVisibility = LangOpts.IgnoreXCOFFVisibility;
Options.UniqueSectionNames = CodeGenOpts.UniqueSectionNames; Options.UniqueSectionNames = CodeGenOpts.UniqueSectionNames;
Options.UniqueBasicBlockSectionNames = Options.UniqueBasicBlockSectionNames =
CodeGenOpts.UniqueBasicBlockSectionNames; CodeGenOpts.UniqueBasicBlockSectionNames;
Options.StackProtectorGuard = Options.StackProtectorGuard =
llvm::StringSwitch<llvm::StackProtectorGuards>(CodeGenOpts llvm::StringSwitch<llvm::StackProtectorGuards>(
.StackProtectorGuard) CodeGenOpts.StackProtectorGuard)
.Case("tls", llvm::StackProtectorGuards::TLS) .Case("tls", llvm::StackProtectorGuards::TLS)
.Case("global", llvm::StackProtectorGuards::Global) .Case("global", llvm::StackProtectorGuards::Global)
.Case("sysreg", llvm::StackProtectorGuards::SysReg)
.Default(llvm::StackProtectorGuards::None); .Default(llvm::StackProtectorGuards::None);
Options.StackProtectorGuardOffset = CodeGenOpts.StackProtectorGuardOffset; Options.StackProtectorGuardOffset = CodeGenOpts.StackProtectorGuardOffset;
Options.StackProtectorGuardReg = CodeGenOpts.StackProtectorGuardReg; Options.StackProtectorGuardReg = CodeGenOpts.StackProtectorGuardReg;
Options.TLSSize = CodeGenOpts.TLSSize; Options.TLSSize = CodeGenOpts.TLSSize;
Options.EmulatedTLS = CodeGenOpts.EmulatedTLS; Options.EmulatedTLS = CodeGenOpts.EmulatedTLS;
Options.ExplicitEmulatedTLS = CodeGenOpts.ExplicitEmulatedTLS; Options.ExplicitEmulatedTLS = CodeGenOpts.ExplicitEmulatedTLS;
Options.DebuggerTuning = CodeGenOpts.getDebuggerTuning(); Options.DebuggerTuning = CodeGenOpts.getDebuggerTuning();
Options.EmitStackSizeSection = CodeGenOpts.StackSizeSection; Options.EmitStackSizeSection = CodeGenOpts.StackSizeSection;
▲ Show 20 LinesShow All 1,107 LinesShow Last 20 Lines

clang/lib/Driver/ToolChains/Clang.cpp

  • This file is larger than 256 KB, so syntax highlighting is disabled by default.
Show First 20 LinesShow All 3,096 Lines▼ Show 20 Lines if (Str.startswith("ssp-buffer-size=")) {
CmdArgs.push_back("-stack-protector-buffer-size"); CmdArgs.push_back("-stack-protector-buffer-size");
// FIXME: Verify the argument is a valid integer. // FIXME: Verify the argument is a valid integer.
CmdArgs.push_back(Args.MakeArgString(Str.drop_front(16))); CmdArgs.push_back(Args.MakeArgString(Str.drop_front(16)));
} }
A->claim(); A->claim();
} }
} }
// First support "tls" and "global" for X86 target.
// TODO: Support "sysreg" for AArch64.
const std::string &TripleStr = EffectiveTriple.getTriple(); const std::string &TripleStr = EffectiveTriple.getTriple();
if (Arg *A = Args.getLastArg(options::OPT_mstack_protector_guard_EQ)) { if (Arg *A = Args.getLastArg(options::OPT_mstack_protector_guard_EQ)) {
StringRef Value = A->getValue(); StringRef Value = A->getValue();
if (!EffectiveTriple.isX86() && !EffectiveTriple.isAArch64()) if (!EffectiveTriple.isX86() && !EffectiveTriple.isAArch64())
D.Diag(diag::err_drv_unsupported_opt_for_target) D.Diag(diag::err_drv_unsupported_opt_for_target)
<< A->getAsString(Args) << TripleStr; << A->getAsString(Args) << TripleStr;
if (Value != "tls" && Value != "global") { if (EffectiveTriple.isX86() && Value != "tls" && Value != "global") {
nickdesaulniersAuthorUnsubmitted
Done
ReplyInline Actions

TODO: tls is not supported on aarch64 in GCC.

nickdesaulniers: TODO: tls is not supported on aarch64 in GCC.
D.Diag(diag::err_drv_invalid_value_with_suggestion) D.Diag(diag::err_drv_invalid_value_with_suggestion)
<< A->getOption().getName() << Value << A->getOption().getName() << Value
<< "valid arguments to '-mstack-protector-guard=' are:tls global"; << "valid arguments to '-mstack-protector-guard=' are:tls global";
return; return;
} }
if (EffectiveTriple.isAArch64() && Value != "sysreg" && Value != "global") {
DavidSpickettUnsubmitted
Done
ReplyInline Actions

Shouldn't this also allow "tls"? At least that's what the previous code works out to, I don't know if that actually works on AArch64 or if it just didn't error.

DavidSpickett: Shouldn't this also allow "tls"? At least that's what the previous code works out to, I don't…
nickdesaulniersAuthorUnsubmitted
Done
ReplyInline Actions

I don't think so; GCC seems to support tls for x86 but not for aarch64.
https://godbolt.org/z/6WjEPfhT5

nickdesaulniers: I don't think so; GCC seems to support `tls` for x86 but not for aarch64. https://godbolt.
DavidSpickettUnsubmitted
Done
ReplyInline Actions

Fair enough, seems unlikely it would work in any case.

DavidSpickett: Fair enough, seems unlikely it would work in any case.
D.Diag(diag::err_drv_invalid_value_with_suggestion)
<< A->getOption().getName() << Value
<< "valid arguments to '-mstack-protector-guard=' are:sysreg global";
return;
}
A->render(Args, CmdArgs); A->render(Args, CmdArgs);
} }
if (Arg *A = Args.getLastArg(options::OPT_mstack_protector_guard_offset_EQ)) { if (Arg *A = Args.getLastArg(options::OPT_mstack_protector_guard_offset_EQ)) {
nickdesaulniersAuthorUnsubmitted
Done
ReplyInline Actions

TODO: GCC treats this as mutually exclusive when OPT_mstack_protector_guard_EQ == global.

nickdesaulniers: TODO: GCC treats this as mutually exclusive when OPT_mstack_protector_guard_EQ == global.
nickdesaulniersAuthorUnsubmitted
Done
ReplyInline Actions

And it does so inconsistently; it errors for aarch64, but does literally nothing (no warning, no change to codegen) for x86. I don't plan to be bug compatible here.

nickdesaulniers: And it does so inconsistently; it errors for aarch64, but does literally nothing (no warning…
StringRef Value = A->getValue(); StringRef Value = A->getValue();
if (!EffectiveTriple.isX86()) if (!EffectiveTriple.isX86() && !EffectiveTriple.isAArch64())
D.Diag(diag::err_drv_unsupported_opt_for_target) D.Diag(diag::err_drv_unsupported_opt_for_target)
<< A->getAsString(Args) << TripleStr; << A->getAsString(Args) << TripleStr;
int Offset; int Offset;
if (Value.getAsInteger(10, Offset)) { if (Value.getAsInteger(10, Offset)) {
D.Diag(diag::err_drv_invalid_value) << A->getOption().getName() << Value; D.Diag(diag::err_drv_invalid_value) << A->getOption().getName() << Value;
return; return;
} }
A->render(Args, CmdArgs); A->render(Args, CmdArgs);
} }
if (Arg *A = Args.getLastArg(options::OPT_mstack_protector_guard_reg_EQ)) { if (Arg *A = Args.getLastArg(options::OPT_mstack_protector_guard_reg_EQ)) {
StringRef Value = A->getValue(); StringRef Value = A->getValue();
if (!EffectiveTriple.isX86()) if (!EffectiveTriple.isX86() && !EffectiveTriple.isAArch64())
D.Diag(diag::err_drv_unsupported_opt_for_target) D.Diag(diag::err_drv_unsupported_opt_for_target)
<< A->getAsString(Args) << TripleStr; << A->getAsString(Args) << TripleStr;
if (EffectiveTriple.isX86() && (Value != "fs" && Value != "gs")) { if (EffectiveTriple.isX86() && (Value != "fs" && Value != "gs")) {
D.Diag(diag::err_drv_invalid_value_with_suggestion) D.Diag(diag::err_drv_invalid_value_with_suggestion)
<< A->getOption().getName() << Value << A->getOption().getName() << Value
<< "for X86, valid arguments to '-mstack-protector-guard-reg=' are:fs gs"; << "for X86, valid arguments to '-mstack-protector-guard-reg=' are:fs gs";
return; return;
} }
if (EffectiveTriple.isAArch64() && Value != "sp_el0") {
nickdesaulniersAuthorUnsubmitted
Done
ReplyInline Actions

TODO: can we re-use AArch64SysReg::lookupSysRegByName in the frontend?

nickdesaulniers: TODO: can we re-use `AArch64SysReg::lookupSysRegByName` in the frontend?
nickdesaulniersAuthorUnsubmitted
Done
ReplyInline Actions

I don't think so because llvm/lib/Target/AArch64/Utils/AArch64BaseInfo.h is under lib/ not include/. Not sure if I should just remove reg validation?

nickdesaulniers: I don't think so because `llvm/lib/Target/AArch64/Utils/AArch64BaseInfo.h` is under lib/ not…
nickdesaulniersAuthorUnsubmitted
Done
ReplyInline Actions

Guidance provided by @echristo and @jyknight was that we should avoid such linkage requirements on Target/, so instead I'll work on adding a helper to clang/lib/Driver/ToolChains/Arch/AArch64.cpp that duplicates logic from AArch64SysReg::lookupSysRegByName.

nickdesaulniers: Guidance provided by @echristo and @jyknight was that we should avoid such linkage requirements…
nickdesaulniersAuthorUnsubmitted
Done
ReplyInline Actions

It looks like there's ~1000 possible sysregs for aarch64 ATM; do we really want to add all of those to clang?

nickdesaulniers: It looks like there's ~1000 possible sysregs for aarch64 ATM; do we really want to add all of…
nickdesaulniersAuthorUnsubmitted
Done
ReplyInline Actions

I'm going to post that as a separate commit/review on top of this series, that way it doesn't pollute this code review. This is ready to be reviewed.

nickdesaulniers: I'm going to post that as a separate commit/review on top of this series, that way it doesn't…
DavidSpickettUnsubmitted
Done
ReplyInline Actions

If the number of different registers people actually use with this option is somewhere < 10 I'd just hardcode the names here as needed. (a large amount of those sysregs won't be suitable for this purpose anyway)

DavidSpickett: If the number of different registers people actually use with this option is somewhere < 10 I'd…
nickdesaulniersAuthorUnsubmitted
Done
ReplyInline Actions

Right, I figure that can be a separate decision from the rest of the implementation, I've forked that off in https://reviews.llvm.org/D101327. Whether it lands or not doesn't matter to me.

nickdesaulniers: Right, I figure that can be a separate decision from the rest of the implementation, I've…
D.Diag(diag::err_drv_invalid_value) << A->getOption().getName() << Value;
return;
}
A->render(Args, CmdArgs); A->render(Args, CmdArgs);
} }
} }
static void RenderSCPOptions(const ToolChain &TC, const ArgList &Args, static void RenderSCPOptions(const ToolChain &TC, const ArgList &Args,
ArgStringList &CmdArgs) { ArgStringList &CmdArgs) {
const llvm::Triple &EffectiveTriple = TC.getEffectiveTriple(); const llvm::Triple &EffectiveTriple = TC.getEffectiveTriple();
▲ Show 20 LinesShow All 4,507 LinesShow Last 20 Lines

clang/test/Driver/stack-protector-guard.c

Show All 17 Lines
// RUN: not %clang -target arm-eabi-c -mstack-protector-guard=tls %s 2>&1 | \ // RUN: not %clang -target arm-eabi-c -mstack-protector-guard=tls %s 2>&1 | \
// RUN: FileCheck -check-prefix=INVALID-ARCH %s // RUN: FileCheck -check-prefix=INVALID-ARCH %s
// INVALID-ARCH: unsupported option '-mstack-protector-guard=tls' for target // INVALID-ARCH: unsupported option '-mstack-protector-guard=tls' for target
// RUN: not %clang -target powerpc64le-linux-gnu -mstack-protector-guard-reg=fs %s 2>&1 | \ // RUN: not %clang -target powerpc64le-linux-gnu -mstack-protector-guard-reg=fs %s 2>&1 | \
// RUN: FileCheck -check-prefix=INVALID-ARCH2 %s // RUN: FileCheck -check-prefix=INVALID-ARCH2 %s
// INVALID-ARCH2: unsupported option '-mstack-protector-guard-reg=fs' for target // INVALID-ARCH2: unsupported option '-mstack-protector-guard-reg=fs' for target
// RUN: not %clang -target aarch64-linux-gnu -mstack-protector-guard-offset=10 %s 2>&1 | \ // RUN: not %clang -target arm-linux-gnueabi -mstack-protector-guard-offset=10 %s 2>&1 | \
kristof.beylsUnsubmitted
Done
ReplyInline Actions

I guess you meant to type "-target arm-linux-gnueabi"?

kristof.beyls: I guess you meant to type "-target arm-linux-gnueabi"?
// RUN: FileCheck -check-prefix=INVALID-ARCH3 %s // RUN: FileCheck -check-prefix=INVALID-ARCH3 %s
// INVALID-ARCH3: unsupported option '-mstack-protector-guard-offset=10' for target // INVALID-ARCH3: unsupported option '-mstack-protector-guard-offset=10' for target
// Invalid option value // Invalid option value
// RUN: not %clang -target x86_64-unknown-unknown -c -mstack-protector-guard-reg=cs %s 2>&1 | \ // RUN: not %clang -target x86_64-unknown-unknown -c -mstack-protector-guard-reg=cs %s 2>&1 | \
// RUN: FileCheck -check-prefix=INVALID-REG %s // RUN: FileCheck -check-prefix=INVALID-REG %s
// RUN: not %clang -target x86_64-unknown-unknown -c -mstack-protector-guard-reg=ds %s 2>&1 | \ // RUN: not %clang -target x86_64-unknown-unknown -c -mstack-protector-guard-reg=ds %s 2>&1 | \
// RUN: FileCheck -check-prefix=INVALID-REG %s // RUN: FileCheck -check-prefix=INVALID-REG %s
// CHECK-FS: "-cc1" {{.*}}"-mstack-protector-guard-reg=fs" // CHECK-FS: "-cc1" {{.*}}"-mstack-protector-guard-reg=fs"
// CHECK-GS: "-cc1" {{.*}}"-mstack-protector-guard-reg=gs" // CHECK-GS: "-cc1" {{.*}}"-mstack-protector-guard-reg=gs"
// INVALID-REG: error: invalid value {{.*}} in 'mstack-protector-guard-reg=','for X86, valid arguments to '-mstack-protector-guard-reg=' are:fs gs' // INVALID-REG: error: invalid value {{.*}} in 'mstack-protector-guard-reg=','for X86, valid arguments to '-mstack-protector-guard-reg=' are:fs gs'
// RUN: %clang -### -target x86_64-unknown-unknown -mstack-protector-guard-offset=30 %s 2>&1 | \ // RUN: %clang -### -target x86_64-unknown-unknown -mstack-protector-guard-offset=30 %s 2>&1 | \
// RUN: FileCheck -check-prefix=CHECK-OFFSET %s // RUN: FileCheck -check-prefix=CHECK-OFFSET %s
// CHECK-OFFSET: "-cc1" {{.*}}"-mstack-protector-guard-offset=30" // CHECK-OFFSET: "-cc1" {{.*}}"-mstack-protector-guard-offset=30"
// RUN: %clang -### -target aarch64-linux-gnu -mstack-protector-guard=sysreg \
// RUN: -mstack-protector-guard-reg=sp_el0 \
// RUN: -mstack-protector-guard-offset=0 %s 2>&1 | \
// RUN: FileCheck -check-prefix=CHECK-AARCH64 %s
// RUN: %clang -### -target aarch64-linux-gnu \
// RUN: -mstack-protector-guard=tls %s 2>&1 | \
// RUN: FileCheck -check-prefix=INVALID-VALUE-AARCH64 %s
// RUN: %clang -### -target aarch64-linux-gnu -mstack-protector-guard=sysreg \
// RUN: -mstack-protector-guard-reg=foo \
// RUN: -mstack-protector-guard-offset=0 %s 2>&1 | \
// RUN: FileCheck -check-prefix=INVALID-REG-AARCH64 %s
// CHECK-AARCH64: "-cc1" {{.*}}"-mstack-protector-guard=sysreg" "-mstack-protector-guard-offset=0" "-mstack-protector-guard-reg=sp_el0"
// INVALID-VALUE-AARCH64: error: invalid value 'tls' in 'mstack-protector-guard=','valid arguments to '-mstack-protector-guard=' are:sysreg global'
// INVALID-REG-AARCH64: error: invalid value 'foo' in 'mstack-protector-guard-reg='
DavidSpickettUnsubmitted
Done
ReplyInline Actions

I'm not sure if this is due to your code or the error machinery itself but these errors are strangely written.

I'd expect:

error: invalid value 'tls' in 'mstack-protector-guard='tls', valid arguments to '-mstack-protector-guard=' are:sysreg global'

Maybe it's assuming that there could be multiple values and ',' means that list option treats the value as a list? Or it's not using the right value and the comma is meant to be after the ='' as in my example.

DavidSpickett: I'm not sure if this is due to your code or the error machinery itself but these errors are…
nickdesaulniersAuthorUnsubmitted
Done
ReplyInline Actions

Sure, err_drv_invalid_value would be better.

nickdesaulniers: Sure, `err_drv_invalid_value` would be better.
nickdesaulniersAuthorUnsubmitted
Done
ReplyInline Actions

Ah, err_drv_invalid_value_with_suggestion puts single quotes around the third parameter %2. Let me send a patch cleaning that up, then I'll rebase this on that.

nickdesaulniers: Ah, `err_drv_invalid_value_with_suggestion` puts single quotes around the third parameter `%2`.

llvm/include/llvm/Target/TargetOptions.h

Show First 20 LinesShow All 67 Lines▼ Show 20 Lines Labels, // Do not use Basic Block Sections but label basic blocks. This
// is useful when associating profile counts from virtual addresses // is useful when associating profile counts from virtual addresses
// to basic blocks. // to basic blocks.
Preset, // Similar to list but the blocks are identified by passes which Preset, // Similar to list but the blocks are identified by passes which
// seek to use Basic Block Sections, e.g. MachineFunctionSplitter. // seek to use Basic Block Sections, e.g. MachineFunctionSplitter.
// This option cannot be set via the command line. // This option cannot be set via the command line.
None // Do not use Basic Block Sections. None // Do not use Basic Block Sections.
}; };
enum class StackProtectorGuards { enum class StackProtectorGuards { None, TLS, Global, SysReg };
None,
TLS,
Global
};
enum class EABI { enum class EABI {
Unknown, Unknown,
Default, // Default means not specified Default, // Default means not specified
EABI4, // Target-specific (either 4, 5 or gnu depending on triple). EABI4, // Target-specific (either 4, 5 or gnu depending on triple).
EABI5, EABI5,
GNU GNU
}; };
▲ Show 20 LinesShow All 240 Lines▼ Show 20 Lines public:
unsigned ForceDwarfFrameSection : 1; unsigned ForceDwarfFrameSection : 1;
/// Emit XRay Function Index section /// Emit XRay Function Index section
unsigned XRayOmitFunctionIndex : 1; unsigned XRayOmitFunctionIndex : 1;
/// Stack protector guard offset to use. /// Stack protector guard offset to use.
int StackProtectorGuardOffset = INT_MAX; int StackProtectorGuardOffset = INT_MAX;
/// Stack protector guard mode to use, e.g. tls, global. /// Stack protector guard mode to use, e.g. tls, global, sysreg.
StackProtectorGuards StackProtectorGuard = StackProtectorGuards StackProtectorGuard =
StackProtectorGuards::None; StackProtectorGuards::None;
/// Stack protector guard reg to use, e.g. usually fs or gs in X86. /// Stack protector guard reg to use, e.g. usually fs or gs in X86.
std::string StackProtectorGuardReg = "None"; std::string StackProtectorGuardReg = "None";
/// FloatABIType - This setting is set by -float-abi=xxx option is specfied /// FloatABIType - This setting is set by -float-abi=xxx option is specfied
/// on the command line. This setting may either be Default, Soft, or Hard. /// on the command line. This setting may either be Default, Soft, or Hard.
▲ Show 20 LinesShow All 71 LinesShow Last 20 Lines

llvm/lib/CodeGen/CommandFlags.cpp

Show First 20 LinesShow All 497 Lines▼ Show 20 Lines
} }
llvm::StackProtectorGuards llvm::StackProtectorGuards
codegen::getStackProtectorGuardMode(llvm::TargetOptions &Options) { codegen::getStackProtectorGuardMode(llvm::TargetOptions &Options) {
if (getStackProtectorGuard() == "tls") if (getStackProtectorGuard() == "tls")
return StackProtectorGuards::TLS; return StackProtectorGuards::TLS;
if (getStackProtectorGuard() == "global") if (getStackProtectorGuard() == "global")
return StackProtectorGuards::Global; return StackProtectorGuards::Global;
if (getStackProtectorGuard() == "sysreg")
return StackProtectorGuards::SysReg;
if (getStackProtectorGuard() != "none") { if (getStackProtectorGuard() != "none") {
ErrorOr<std::unique_ptr<MemoryBuffer>> MBOrErr = ErrorOr<std::unique_ptr<MemoryBuffer>> MBOrErr =
MemoryBuffer::getFile(getStackProtectorGuard()); MemoryBuffer::getFile(getStackProtectorGuard());
if (!MBOrErr) if (!MBOrErr)
errs() << "error illegal stack protector guard mode: " errs() << "error illegal stack protector guard mode: "
<< MBOrErr.getError().message() << "\n"; << MBOrErr.getError().message() << "\n";
else else
Options.BBSectionsFuncListBuf = std::move(*MBOrErr); Options.BBSectionsFuncListBuf = std::move(*MBOrErr);
▲ Show 20 LinesShow All 211 LinesShow Last 20 Lines

llvm/lib/Target/AArch64/AArch64InstrInfo.cpp

  • This file is larger than 256 KB, so syntax highlighting is disabled by default.
Show First 20 LinesShow All 1,895 Lines▼ Show 20 Lines BuildMI(MBB, FirstEpilogSEH, DL, TII->get(AArch64::ADDXri))
.addReg(AArch64::X0, RegState::Define) .addReg(AArch64::X0, RegState::Define)
.addReg(AArch64::X0) .addReg(AArch64::X0)
.addMBB(TargetMBB) .addMBB(TargetMBB)
.addImm(0); .addImm(0);
return true; return true;
} }
Register Reg = MI.getOperand(0).getReg(); Register Reg = MI.getOperand(0).getReg();
if (MI.getOpcode() == AArch64::LOAD_STACK_GUARD) {
TargetOptions Options = MI.getParent()->getParent()->getTarget().Options;
if (Options.StackProtectorGuard == StackProtectorGuards::SysReg) {
const AArch64SysReg::SysReg *SrcReg =
AArch64SysReg::lookupSysRegByName(Options.StackProtectorGuardReg);
assert(SrcReg && "Unable to encode SysReg");
dmgreenUnsubmitted
Done
ReplyInline Actions

-> Unknown

dmgreen: -> Unknown
BuildMI(MBB, MI, DL, get(AArch64::MRS))
.addReg(Reg, RegState::Define)
.addImm(SrcReg->Encoding);
if (Options.StackProtectorGuardOffset % 8 == 0)
BuildMI(MBB, MI, DL, get(AArch64::LDRXui))
.addReg(Reg, getKillRegState(false))
nickdesaulniersAuthorUnsubmitted
Done
ReplyInline Actions

@efriedma can you please check that I have these flags correct? I'm not sure that I do. Also, I suspect that I can't allocated a virtual register for the result of the LDR, since this is post-RA?

nickdesaulniers: @efriedma can you please check that I have these flags correct? I'm not sure that I do. Also…
nickdesaulniersAuthorUnsubmitted
Done
ReplyInline Actions

@efriedma bumping for review; otherwise can you suggest another reviewer?

nickdesaulniers: @efriedma bumping for review; otherwise can you suggest another reviewer?
nickdesaulniersAuthorUnsubmitted
Done
ReplyInline Actions

In particular, I'm most curious about the use of RegState::Renamable; the result of reading via mrs is a temporary; but this is post-RA, so isn't it too late for further register renaming?

nickdesaulniers: In particular, I'm most curious about the use of `RegState::Renamable`; the result of reading…
nickdesaulniersAuthorUnsubmitted
Done
ReplyInline Actions

Additionally, if it's a temporary, should it be RegState::Implicit?

nickdesaulniers: Additionally, if it's a temporary, should it be `RegState::Implicit`?
.addReg(Reg, RegState::Define)
DavidSpickettUnsubmitted
Done
ReplyInline Actions

For all the if/else here I'd include the braces. I know that once the preprocessor is done it'll be a one line if but visually it's confusing.

DavidSpickett: For all the if/else here I'd include the braces. I know that once the preprocessor is done…
.addImm(Options.StackProtectorGuardOffset >> 3);
dmgreenUnsubmitted
Done
ReplyInline Actions

What is StackProtectorGuardOffset, and could is be out of range for the load? That is something that verify-machineinstrs won't currently check for.

dmgreen: What is StackProtectorGuardOffset, and could is be out of range for the load? That is something…
nickdesaulniersAuthorUnsubmitted
Done
ReplyInline Actions

It's passed from the front end; it's an offset added to the pointer load. The Linux kernel uses a value in 1100-1200 range. GCC will let you use whatever large value and keep appending adds for constants greater than 32200: https://godbolt.org/z/1xhbEPbKG, but YAGNI.

nickdesaulniers: It's passed from the front end; it's an offset added to the pointer load. The Linux kernel…
dmgreenUnsubmitted
Done
ReplyInline Actions

OK. It might be worth at least issuing a report_fatal_error if it is out of the range of the instructions handled here. Otherwise the error might be non-obvious, it just truncating the immediate during codegen.

dmgreen: OK. It might be worth at least issuing a report_fatal_error if it is out of the range of the…
nickdesaulniersAuthorUnsubmitted
Done
ReplyInline Actions

Indeed, in particular it looks like the range of LDR is 0-32760 which is sufficient for the kernel, but the range for LDUR is only -256-255, which is not.

nickdesaulniers: Indeed, in particular it looks like the range of LDR is 0-32760 which is sufficient for the…
else
BuildMI(MBB, MI, DL, get(AArch64::LDURXi))
.addReg(Reg, getKillRegState(false))
dmgreenUnsubmitted
Done
ReplyInline Actions

Defs come before Uses in machine instructions.

dmgreen: Defs come before Uses in machine instructions.
.addReg(Reg, RegState::Define)
.addImm(Options.StackProtectorGuardOffset);
MBB.erase(MI);
return true;
}
}
const GlobalValue *GV = const GlobalValue *GV =
cast<GlobalValue>((*MI.memoperands_begin())->getValue()); cast<GlobalValue>((*MI.memoperands_begin())->getValue());
const TargetMachine &TM = MBB.getParent()->getTarget(); const TargetMachine &TM = MBB.getParent()->getTarget();
unsigned OpFlags = Subtarget.ClassifyGlobalReference(GV, TM); unsigned OpFlags = Subtarget.ClassifyGlobalReference(GV, TM);
const unsigned char MO_NC = AArch64II::MO_NC; const unsigned char MO_NC = AArch64II::MO_NC;
if ((OpFlags & AArch64II::MO_GOT) != 0) { if ((OpFlags & AArch64II::MO_GOT) != 0) {
BuildMI(MBB, MI, DL, get(AArch64::LOADgot), Reg) BuildMI(MBB, MI, DL, get(AArch64::LOADgot), Reg)
.addGlobalAddress(GV, 0, OpFlags); .addGlobalAddress(GV, 0, OpFlags);
if (Subtarget.isTargetILP32()) { if (Subtarget.isTargetILP32()) {
unsigned Reg32 = TRI->getSubReg(Reg, AArch64::sub_32); unsigned Reg32 = TRI->getSubReg(Reg, AArch64::sub_32);
BuildMI(MBB, MI, DL, get(AArch64::LDRWui)) BuildMI(MBB, MI, DL, get(AArch64::LDRWui))
.addDef(Reg32, RegState::Dead) .addDef(Reg32, RegState::Dead)
.addUse(Reg, RegState::Kill) .addUse(Reg, RegState::Kill)
.addImm(0) .addImm(0)
.addMemOperand(*MI.memoperands_begin()) .addMemOperand(*MI.memoperands_begin())
.addDef(Reg, RegState::Implicit); .addDef(Reg, RegState::Implicit);
} else { } else {
BuildMI(MBB, MI, DL, get(AArch64::LDRXui), Reg) BuildMI(MBB, MI, DL, get(AArch64::LDRXui), Reg)
.addReg(Reg, RegState::Kill) .addReg(Reg, RegState::Kill)
.addImm(0) .addImm(0)
.addMemOperand(*MI.memoperands_begin()); .addMemOperand(*MI.memoperands_begin());
} }
} else if (TM.getCodeModel() == CodeModel::Large) { } else if (TM.getCodeModel() == CodeModel::Large) {
dmgreenUnsubmitted
Done
ReplyInline Actions

It may be possible to do something earlier, where a we add the MOVi32imm earlier before registry allocation and use that as the register for the ldr offset. That would keep it simpler than trying to find scratch registers, and may be optimized better by the pipeline.

dmgreen: It may be possible to do something earlier, where a we add the MOVi32imm earlier before…
nickdesaulniersAuthorUnsubmitted
Done
ReplyInline Actions

Sure; added that as a comment; hopefully we wont need it, but "never say never (again)."

nickdesaulniers: Sure; added that as a comment; hopefully we wont need it, but "never say never (again)."
assert(!Subtarget.isTargetILP32() && "how can large exist in ILP32?"); assert(!Subtarget.isTargetILP32() && "how can large exist in ILP32?");
BuildMI(MBB, MI, DL, get(AArch64::MOVZXi), Reg) BuildMI(MBB, MI, DL, get(AArch64::MOVZXi), Reg)
.addGlobalAddress(GV, 0, AArch64II::MO_G0 | MO_NC) .addGlobalAddress(GV, 0, AArch64II::MO_G0 | MO_NC)
.addImm(0); .addImm(0);
BuildMI(MBB, MI, DL, get(AArch64::MOVKXi), Reg) BuildMI(MBB, MI, DL, get(AArch64::MOVKXi), Reg)
.addReg(Reg, RegState::Kill) .addReg(Reg, RegState::Kill)
.addGlobalAddress(GV, 0, AArch64II::MO_G1 | MO_NC) .addGlobalAddress(GV, 0, AArch64II::MO_G1 | MO_NC)
.addImm(16); .addImm(16);
▲ Show 20 LinesShow All 5,434 LinesShow Last 20 Lines

llvm/test/CodeGen/AArch64/stack-guard-sysreg.ll

  • This file was added.
; RUN: llc %s --stack-protector-guard=sysreg \
; RUN: --stack-protector-guard-reg=sp_el0 \
; RUN: --stack-protector-guard-offset=0 -o - | \
; RUN: FileCheck --check-prefix=CHECK --check-prefix=CHECK-NO-OFFSET %s
; RUN: llc %s --stack-protector-guard=sysreg \
; RUN: --stack-protector-guard-reg=sp_el0 \
; RUN: --stack-protector-guard-offset=8 -o - | \
; RUN: FileCheck --check-prefix=CHECK --check-prefix=CHECK-POSITIVE-OFFSET %s
; RUN: llc %s --stack-protector-guard=sysreg \
; RUN: --stack-protector-guard-reg=sp_el0 \
; RUN: --stack-protector-guard-offset=-8 -o - | \
; RUN: FileCheck --check-prefix=CHECK --check-prefix=CHECK-NEGATIVE-OFFSET %s
; RUN: llc %s --stack-protector-guard=sysreg \
; RUN: --stack-protector-guard-reg=sp_el0 \
; RUN: --stack-protector-guard-offset=1 -o - | \
; RUN: FileCheck --check-prefix=CHECK --check-prefix=CHECK-NPOT-OFFSET %s
; RUN: llc %s --stack-protector-guard=sysreg \
; RUN: --stack-protector-guard-reg=sp_el0 \
; RUN: --stack-protector-guard-offset=-1 -o - | \
; RUN: FileCheck --check-prefix=CHECK --check-prefix=CHECK-NPOT-NEG-OFFSET %s
DavidSpickettUnsubmitted
Done
ReplyInline Actions

What does NPOT stand for here, something to do with the offset not being a multiple of 8 bytes?

DavidSpickett: What does NPOT stand for here, something to do with the offset not being a multiple of 8 bytes?
nickdesaulniersAuthorUnsubmitted
Done
ReplyInline Actions

Non Power Of Two

nickdesaulniers: Non Power Of Two
target triple = "aarch64-unknown-linux-gnu"
; Verify that we `mrs` from `SP_EL0` twice, rather than load from
; __stack_chk_guard.
define dso_local void @foo(i64 %t) local_unnamed_addr #0 {
; CHECK-LABEL: foo:
; CHECK: // %bb.0: // %entry
; CHECK-NEXT: stp x29, x30, [sp, #-16]! // 16-byte Folded Spill
; CHECK-NEXT: mov x29, sp
; CHECK-NEXT: sub sp, sp, #16 // =16
; CHECK-NEXT: .cfi_def_cfa w29, 16
; CHECK-NEXT: .cfi_offset w30, -8
; CHECK-NEXT: .cfi_offset w29, -16
; CHECK-NEXT: mrs x8, SP_EL0
; CHECK-NO-OFFSET: ldr x8, [x8]
; CHECK-POSITIVE-OFFSET: ldr x8, [x8, #8]
; CHECK-NEGATIVE-OFFSET: ldr x8, [x8, #-8]
; CHECK-NPOT-OFFSET: ldur x8, [x8, #1]
; CHECK-NPOT-NEG-OFFSET: ldur x8, [x8, #-1]
; CHECK-NEXT: lsl x9, x0, #2
; CHECK-NEXT: add x9, x9, #15 // =15
; CHECK-NEXT: and x9, x9, #0xfffffffffffffff0
; CHECK-NEXT: stur x8, [x29, #-8]
; CHECK-NEXT: mov x8, sp
; CHECK-NEXT: sub x0, x8, x9
; CHECK-NEXT: mov sp, x0
; CHECK-NEXT: bl baz
; CHECK-NEXT: ldur x8, [x29, #-8]
; CHECK-NEXT: mrs x9, SP_EL0
; CHECK-NO-OFFSET: ldr x9, [x9]
; CHECK-POSITIVE-OFFSET: ldr x9, [x9, #8]
; CHECK-NEGATIVE-OFFSET: ldr x9, [x9, #-8]
; CHECK-NPOT-OFFSET: ldur x9, [x9, #1]
; CHECK-NPOT-NEG-OFFSET: ldur x9, [x9, #-1]
; CHECK-NEXT: cmp x9, x8
; CHECK-NEXT: b.ne .LBB0_2
; CHECK-NEXT: // %bb.1: // %entry
; CHECK-NEXT: mov sp, x29
; CHECK-NEXT: ldp x29, x30, [sp], #16 // 16-byte Folded Reload
; CHECK-NEXT: ret
; CHECK-NEXT: .LBB0_2: // %entry
; CHECK-NEXT: bl __stack_chk_fail
; CHECK-NOT: __stack_chk_guard
entry:
%vla = alloca i32, i64 %t, align 4
call void @baz(i32* nonnull %vla)
ret void
}
declare dso_local void @baz(i32*) local_unnamed_addr
attributes #0 = { sspstrong }