This is an archive of the discontinued LLVM Phabricator instance.

Differential D75181

[AArch64] Handle BTI/PAC in case of generated functions.
AbandonedPublic

Authored by danielkiss on Feb 26 2020, 7:46 AM.

Details

Reviewers
chill
pcc
olista01
asl
jdoerfert
peter.smith
srhines
nickdesaulniers
tamas.petz
ab
Summary

Functions can be added not just by the fronted and PAC/BTI attributes
should be added to those too. The new pass manages the attributes.
After this change the all runtime created functions like _clang_call_terminate
or constructor that is emitted by a sanitizer will be handled for PAC/BTI if applicable.

Diff Detail

Event Timeline

danielkiss created this revision.Feb 26 2020, 7:46 AM
Herald added a reviewer: jdoerfert. · View Herald TranscriptFeb 26 2020, 7:46 AM
Herald added a project: Restricted Project. · View Herald Transcript
Herald added subscribers: cfe-commits, aheejin, kristof.beyls, sbc100. · View Herald Transcript
Harbormaster completed remote builds in B47309: Diff 246724.Feb 26 2020, 8:05 AM
danielkiss updated this revision to Diff 247201.Feb 28 2020, 3:05 AM
danielkiss retitled this revision from [Clang][AArch64] Add default arguments to runtime functions. to [AArch64] Handle BTI/PAC in case of generated functions..
danielkiss edited the summary of this revision. (Show Details)
danielkiss added a project: Restricted Project.

Previous version of the patch handled only the functions that are created in clang. Sanitizers can't see the codegen options therefore they also disables BTI.
This version of the patch is less invasive in my opinion, effects only aarch64.
branch-target-enforcement(BTI) and sign-return-address(PAC) are added to all function that comes from clang frontend.
If the backend encounters with the function without BTI attribute but the module is compiled with BTI then it assumes it should be made BTI compatible.

Herald added subscribers: llvm-commits, hiraditya. · View Herald TranscriptFeb 28 2020, 3:05 AM
Harbormaster completed remote builds in B47563: Diff 247201.Feb 28 2020, 3:25 AM
chill added a comment.Mar 2 2020, 6:53 AM

That said, my comments are not of the "over my dead body" kind ;)

clang/lib/CodeGen/CGCall.cpp
1827

I would really prefer to not set values "true" or "false" for the attribute: we don't really have tri-state logic there (absent/present-true/present-false), and those values just add some not-very useful string processing.

1830

What do we get from setting the PACBTI state in the default function attributes? We still have
to do a per function processing, we can just as well avoid repeating the logic, and spare us some
adding and potentially removing attributes churn.

llvm/lib/Target/AArch64/AArch64AsmPrinter.cpp
200

This should be "true", although the comment might turn out moot.

If we somehow end up with a function, that does not have that attribute, we should clear the
ELF flag.

201–202

... that kind of string processing, here and elsewhere.

llvm/lib/Target/AArch64/AArch64BranchTargets.cpp
61–65

Isn't there some redundancy with the two calls to getFnAttribute and to hasFnAttribute ?

chill added inline comments.Mar 2 2020, 6:56 AM
llvm/lib/Target/AArch64/AArch64AsmPrinter.cpp
200

Oh, I see, those are the cases of sanitizer functions, created at LLVM level, that don't have the attribute.
Please, leave a comment in that sense.

danielkiss updated this revision to Diff 248201.Mar 4 2020, 9:11 AM

Thanks for the comments, patch is improved
isStringAttribute() check removed, the attribute is always a string in this case or "null" so the check is not needed.
Function level the attribute is now only change when needed, so as the function level attribute is expected to be rare I hope the performance won't be impacted by the patch.
I kept the "tri-state" logic because of the emitted functions. Introducing a "branch-target-enforcement-disabled" attribute seems even more confusing for me.

danielkiss marked 4 inline comments as done.Mar 4 2020, 9:16 AM
danielkiss added inline comments.
clang/lib/CodeGen/CGCall.cpp
1827

the attribute will be "absent" for the runtime emitted function.

1830

in the new patch the per function processing will change the attribute only if really need.

llvm/lib/Target/AArch64/AArch64BranchTargets.cpp
62

emmited -> emitted

danielkiss updated this revision to Diff 248222.Mar 4 2020, 9:39 AM
danielkiss marked an inline comment as done.
danielkiss updated this revision to Diff 250191.Mar 13 2020, 6:53 AM
danielkiss marked an inline comment as done.

Patch is rebased, test is updated.

danielkiss added reviewers: peter.smith, srhines, nickdesaulniers.Mar 20 2020, 3:51 PM
danielkiss added a comment.Mar 30 2020, 5:35 AM

ping

chill added inline comments.Apr 1 2020, 12:16 AM
clang/lib/CodeGen/CGCall.cpp
1827

How about setting the attribute for LLVM created functions at the time of creation, just like Clang created functions
get their attribute at the time of creation?

1830

Sure, but that's duplication of code/logic, it's a source of countless issues "oh, here's the place I should fix that thing ... oh noes, turns out I have to fix ten more ... hope I've found all ..." ;)

llvm/lib/Target/AArch64/AArch64AsmPrinter.cpp
200

Or, as mentioned in the other comment, check if it's possible to set the attribute at the time of creation (from module attributes?). Tri-state logic is added complexity, if it's necessary, it's necessary, but if it's not, better make it simpler.

danielkiss added inline comments.Apr 1 2020, 2:42 AM
clang/lib/CodeGen/CGCall.cpp
1827

Attributes are not always set in clang as I see:
CodeGenModule::CreateRuntimeFunction() -> CodeGenModule::GetOrCreateLLVMFunction
CreateRuntimeFunction could be fixed but, the common location for LLVM created function is the llvm::Function::Create() where the CodeGenOpts and LangOpts are no available.
Adding target specific code there seems not right for me.

danielkiss marked an inline comment as done.Apr 2 2020, 6:49 AM
danielkiss added inline comments.
clang/lib/CodeGen/TargetInfo.cpp
5149–5152

I'm going to rebase the patch. I add there a new attribute here "ignore-branch-target-enforcement"
so then the "branch-target-enforcement"="true"/"false" could be just "branch-target-enforcement".

tamas.petz added a subscriber: tamas.petz.Apr 2 2020, 9:10 AM
danielkiss updated this revision to Diff 254761.Apr 3 2020, 5:54 AM

The patched is rebased and the hopefully the logic is now simpler.

tamas.petz added inline comments.Apr 3 2020, 9:00 AM
clang/lib/CodeGen/CGCall.cpp
1826–1827

LangOptions has the following functions:

  • hasSignReturnAddress()
  • isSignReturnAddressWithAKey()
  • isSignReturnAddressScopeAll()

With these functions some of these lines can be significantly reduced.

1836

Use getLangOpts(). isSignReturnAddressWithAKey()

clang/lib/CodeGen/CodeGenModule.cpp
595

Use new functions please.

danielkiss updated this revision to Diff 255347.Apr 6 2020, 8:05 AM
danielkiss added a reviewer: tamas.petz.

Fix review comments from Tamas.

danielkiss marked 3 inline comments as done.Apr 6 2020, 8:06 AM
chill added inline comments.Apr 7 2020, 9:23 AM
clang/lib/CodeGen/TargetInfo.cpp
5149–5152

TBH, that's worse, IMHO.

Ideally, I *think* we'd like *every* LLVM IR function that the backend sees,
regardless of how, why and by whom it is created, to have (or not have)
the three existing PACBTI attributes "sign-return-address", "sign-return-address-key", and "branch-target-enforcement", so the backend can generate code accordingly.

The module attributes are LLVM IR metadata, and AFAIK LLVM IR metadata is an optional extra,
it should not affect correctness.
Indeed, *module* metadata is a somwhat grey area, better not use it if there a way around it.

tellenbach added a subscriber: tellenbach.Apr 7 2020, 10:00 AM
tamas.petz added inline comments.Apr 7 2020, 10:44 AM
clang/lib/CodeGen/TargetInfo.cpp
5149–5152

Which case are you trying to handle here?
Is this the case, for example, when -mbranch-protection=standard is set but a function has _attribute _((target("branch-protection=none")))?

danielkiss added inline comments.Apr 8 2020, 2:02 PM
clang/lib/CodeGen/TargetInfo.cpp
5149–5152

Chill: I think I have code that solve that for clang created functions, but functions created in llvm I don't have any idea.

Tamas: yes, that is the case when module is compiled with bti but the function is not ( "none" or "pac-ret" and so on. )

danielkiss updated this revision to Diff 268383.Jun 4 2020, 1:37 AM
danielkiss edited the summary of this revision. (Show Details)

Patch is refactored, the new pass smooth out the attribute issues.
This version fixes issues with _clang_call_terminate, sanitisers and the CFI.
New pass might need a new file, I'm not yet convinced myself.

danielkiss added a comment.Jun 4 2020, 12:49 PM

depends on D80791

danielkiss mentioned this in D81251: [AArch64] Add BTI to CFI jumptables..Jun 5 2020, 4:28 AM
danielkiss added a parent revision: D80791: [AArch64] Generate .note.gnu.property based on module flags..Jun 9 2020, 10:15 AM
danielkiss added a child revision: D81251: [AArch64] Add BTI to CFI jumptables..
chill added a reviewer: ab.Jul 31 2020, 3:02 AM
Herald added a subscriber: nikic. · View Herald TranscriptJul 31 2020, 3:02 AM
chill added a comment.Aug 4 2020, 4:29 AM

This approach looks way too hackish to me with multiple opposing attributes ("sign-return-address" vs. "ignore-sign-return-address")
and some convoluted logic to resolve the contradiction.

danielkiss added a comment.Aug 4 2020, 7:47 AM

Would it be better to add a new value to "sign-return-address" as "none"? I don't see any other alternative option, I'm open to any other idea.

danielkiss mentioned this in D80791: [AArch64] Generate .note.gnu.property based on module flags..Aug 5 2020, 2:30 AM
ktkachov added a subscriber: ktkachov.Aug 5 2020, 7:49 AM
In D75181#2193447, @danielkiss wrote:

Would it be better to add a new value to "sign-return-address" as "none"? I don't see any other alternative option, I'm open to any other idea.

FWIW GCC has a "sign-return-address" function attribute with a default value of "none". It is considered deprecated, however, in favour of "branch-protection"

danielkiss added a comment.Aug 5 2020, 8:38 AM

FWIW GCC has a "sign-return-address" function attribute with a default value of "none". It is considered deprecated, however, in favour of "branch-protection"

This is just the internal representation, the function attribute in C/C++ source is the "branch-protection".

Old version of the patch used attribute value to represent the "ignore"/disabled state https://reviews.llvm.org/D75181?id=247201 so I have no idea what would be the right solution.

chill added a comment.Aug 5 2020, 12:16 PM
In D75181#2193447, @danielkiss wrote:

I don't see any other alternative option, I'm open to any other idea.

My original idea was to pass options to LLVM. I'll come up with a patch in a day or two (if it works) and then we'll see.

danielkiss abandoned this revision.Aug 29 2020, 5:41 AM

Abandoning in favour of D85649.

Revision Contents

Diff 250191

clang/lib/CodeGen/CGCall.cpp

Show First 20 LinesShow All 1,816 Lines▼ Show 20 Lines if (getLangOpts().CUDA && getLangOpts().CUDAIsDevice) {
FuncAttrs.addAttribute(llvm::Attribute::NoUnwind); FuncAttrs.addAttribute(llvm::Attribute::NoUnwind);
} }
for (StringRef Attr : CodeGenOpts.DefaultFunctionAttrs) { for (StringRef Attr : CodeGenOpts.DefaultFunctionAttrs) {
StringRef Var, Value; StringRef Var, Value;
std::tie(Var, Value) = Attr.split('='); std::tie(Var, Value) = Attr.split('=');
FuncAttrs.addAttribute(Var, Value); FuncAttrs.addAttribute(Var, Value);
} }
if (CodeGenOpts.BranchTargetEnforcement) {
FuncAttrs.addAttribute("branch-target-enforcement", "true");
chillUnsubmitted
Not Done
ReplyInline Actions

I would really prefer to not set values "true" or "false" for the attribute: we don't really have tri-state logic there (absent/present-true/present-false), and those values just add some not-very useful string processing.

chill: I would really prefer to not set values "true" or "false" for the attribute: we don't really…
danielkissAuthorUnsubmitted
Done
ReplyInline Actions

the attribute will be "absent" for the runtime emitted function.

danielkiss: the attribute will be "absent" for the runtime emitted function.
chillUnsubmitted
Not Done
ReplyInline Actions

How about setting the attribute for LLVM created functions at the time of creation, just like Clang created functions
get their attribute at the time of creation?

chill: How about setting the attribute for LLVM created functions at the time of creation, just like…
danielkissAuthorUnsubmitted
Not Done
ReplyInline Actions

Attributes are not always set in clang as I see:
CodeGenModule::CreateRuntimeFunction() -> CodeGenModule::GetOrCreateLLVMFunction
CreateRuntimeFunction could be fixed but, the common location for LLVM created function is the llvm::Function::Create() where the CodeGenOpts and LangOpts are no available.
Adding target specific code there seems not right for me.

danielkiss: Attributes are not always set in clang as I see: CodeGenModule::CreateRuntimeFunction() ->…
tamas.petzUnsubmitted
Done
ReplyInline Actions

LangOptions has the following functions:

  • hasSignReturnAddress()
  • isSignReturnAddressWithAKey()
  • isSignReturnAddressScopeAll()

With these functions some of these lines can be significantly reduced.

tamas.petz: LangOptions has the following functions: - hasSignReturnAddress()…
}
auto RASignKind = CodeGenOpts.getSignReturnAddress();
chillUnsubmitted
Done
ReplyInline Actions

What do we get from setting the PACBTI state in the default function attributes? We still have
to do a per function processing, we can just as well avoid repeating the logic, and spare us some
adding and potentially removing attributes churn.

chill: What do we get from setting the PACBTI state in the default function attributes? We still have…
danielkissAuthorUnsubmitted
Done
ReplyInline Actions

in the new patch the per function processing will change the attribute only if really need.

danielkiss: in the new patch the per function processing will change the attribute only if really need.
chillUnsubmitted
Not Done
ReplyInline Actions

Sure, but that's duplication of code/logic, it's a source of countless issues "oh, here's the place I should fix that thing ... oh noes, turns out I have to fix ten more ... hope I've found all ..." ;)

chill: Sure, but that's duplication of code/logic, it's a source of countless issues "oh, here's the…
if (RASignKind != CodeGenOptions::SignReturnAddressScope::None) {
FuncAttrs.addAttribute(
"sign-return-address",
RASignKind == CodeGenOptions::SignReturnAddressScope::All ? "all"
: "non-leaf");
auto RASignKey = CodeGenOpts.getSignReturnAddressKey();
tamas.petzUnsubmitted
Done
ReplyInline Actions

Use getLangOpts(). isSignReturnAddressWithAKey()

tamas.petz: Use getLangOpts(). isSignReturnAddressWithAKey()
FuncAttrs.addAttribute(
"sign-return-address-key",
RASignKey == CodeGenOptions::SignReturnAddressKeyValue::AKey ? "a_key"
: "b_key");
}
} }
void CodeGenModule::AddDefaultFnAttrs(llvm::Function &F) { void CodeGenModule::AddDefaultFnAttrs(llvm::Function &F) {
llvm::AttrBuilder FuncAttrs; llvm::AttrBuilder FuncAttrs;
ConstructDefaultFnAttrList(F.getName(), F.hasOptNone(), ConstructDefaultFnAttrList(F.getName(), F.hasOptNone(),
/* AttrOnCallSite = */ false, FuncAttrs); /* AttrOnCallSite = */ false, FuncAttrs);
F.addAttributes(llvm::AttributeList::FunctionIndex, FuncAttrs); F.addAttributes(llvm::AttributeList::FunctionIndex, FuncAttrs);
} }
▲ Show 20 LinesShow All 2,998 LinesShow Last 20 Lines

clang/lib/CodeGen/CGDeclCXX.cpp

Show First 20 LinesShow All 400 Lines▼ Show 20 Lines if (RASignKind != CodeGenOptions::SignReturnAddressScope::None) {
auto RASignKey = getCodeGenOpts().getSignReturnAddressKey(); auto RASignKey = getCodeGenOpts().getSignReturnAddressKey();
Fn->addFnAttr("sign-return-address-key", Fn->addFnAttr("sign-return-address-key",
RASignKey == CodeGenOptions::SignReturnAddressKeyValue::AKey RASignKey == CodeGenOptions::SignReturnAddressKeyValue::AKey
? "a_key" ? "a_key"
: "b_key"); : "b_key");
} }
if (getCodeGenOpts().BranchTargetEnforcement) if (getCodeGenOpts().BranchTargetEnforcement)
Fn->addFnAttr("branch-target-enforcement"); Fn->addFnAttr("branch-target-enforcement", "true");
return Fn; return Fn;
} }
/// Create a global pointer to a function that will initialize a global /// Create a global pointer to a function that will initialize a global
/// variable. The user has requested that this pointer be emitted in a specific /// variable. The user has requested that this pointer be emitted in a specific
/// section. /// section.
void CodeGenModule::EmitPointerToInitFunc(const VarDecl *D, void CodeGenModule::EmitPointerToInitFunc(const VarDecl *D,
▲ Show 20 LinesShow All 365 LinesShow Last 20 Lines

clang/lib/CodeGen/CodeGenModule.cpp

Show First 20 LinesShow All 581 Lines▼ Show 20 Linesvoid CodeGenModule::Release() {
if (CodeGenOpts.CFProtectionBranch && if (CodeGenOpts.CFProtectionBranch &&
Target.checkCFProtectionBranchSupported(getDiags())) { Target.checkCFProtectionBranchSupported(getDiags())) {
// Indicate that we want to instrument branch control flow protection. // Indicate that we want to instrument branch control flow protection.
getModule().addModuleFlag(llvm::Module::Override, "cf-protection-branch", getModule().addModuleFlag(llvm::Module::Override, "cf-protection-branch",
1); 1);
} }
if (CodeGenOpts.BranchTargetEnforcement) {
getModule().addModuleFlag(llvm::Module::Override,
"branch-target-enforcement", 1);
}
CodeGenOptions::SignReturnAddressScope Scope =
tamas.petzUnsubmitted
Done
ReplyInline Actions

Use new functions please.

tamas.petz: Use new functions please.
CodeGenOpts.getSignReturnAddress();
if (Scope != CodeGenOptions::SignReturnAddressScope::None) {
getModule().addModuleFlag(
llvm::Module::Override, "sign-return-address",
Scope == CodeGenOptions::SignReturnAddressScope::All
? llvm::MDString::get(VMContext, "all")
: llvm::MDString::get(VMContext, "non-leaf"));
getModule().addModuleFlag(
llvm::Module::Override, "sign-return-address-key",
CodeGenOpts.getSignReturnAddressKey() ==
CodeGenOptions::SignReturnAddressKeyValue::AKey
? llvm::MDString::get(VMContext, "a_key")
: llvm::MDString::get(VMContext, "b_key"));
}
if (LangOpts.CUDAIsDevice && getTriple().isNVPTX()) { if (LangOpts.CUDAIsDevice && getTriple().isNVPTX()) {
// Indicate whether __nvvm_reflect should be configured to flush denormal // Indicate whether __nvvm_reflect should be configured to flush denormal
// floating point values to 0. (This corresponds to its "__CUDA_FTZ" // floating point values to 0. (This corresponds to its "__CUDA_FTZ"
// property.) // property.)
getModule().addModuleFlag(llvm::Module::Override, "nvvm-reflect-ftz", getModule().addModuleFlag(llvm::Module::Override, "nvvm-reflect-ftz",
CodeGenOpts.FP32DenormalMode.Output != CodeGenOpts.FP32DenormalMode.Output !=
llvm::DenormalMode::IEEE); llvm::DenormalMode::IEEE);
} }
▲ Show 20 LinesShow All 5,373 LinesShow Last 20 Lines

clang/lib/CodeGen/TargetInfo.cpp

  • This file is larger than 256 KB, so syntax highlighting is disabled by default.
Show First 20 LinesShow All 5,100 Lines▼ Show 20 Linespublic:
bool doesReturnSlotInterfereWithArgs() const override { return false; } bool doesReturnSlotInterfereWithArgs() const override { return false; }
void setTargetAttributes(const Decl *D, llvm::GlobalValue *GV, void setTargetAttributes(const Decl *D, llvm::GlobalValue *GV,
CodeGen::CodeGenModule &CGM) const override { CodeGen::CodeGenModule &CGM) const override {
const FunctionDecl *FD = dyn_cast_or_null<FunctionDecl>(D); const FunctionDecl *FD = dyn_cast_or_null<FunctionDecl>(D);
if (!FD) if (!FD)
return; return;
CodeGenOptions::SignReturnAddressScope Scope = CGM.getCodeGenOpts().getSignReturnAddress();
CodeGenOptions::SignReturnAddressKeyValue Key = CGM.getCodeGenOpts().getSignReturnAddressKey();
bool BranchTargetEnforcement = CGM.getCodeGenOpts().BranchTargetEnforcement;
if (const auto *TA = FD->getAttr<TargetAttr>()) { if (const auto *TA = FD->getAttr<TargetAttr>()) {
ParsedTargetAttr Attr = TA->parse(); ParsedTargetAttr Attr = TA->parse();
if (!Attr.BranchProtection.empty()) { if (!Attr.BranchProtection.empty()) {
TargetInfo::BranchProtectionInfo BPI; TargetInfo::BranchProtectionInfo BPI;
StringRef Error; StringRef Error;
CodeGenOptions::SignReturnAddressScope Scope =
CGM.getCodeGenOpts().getSignReturnAddress();
CodeGenOptions::SignReturnAddressKeyValue Key =
CGM.getCodeGenOpts().getSignReturnAddressKey();
bool BranchTargetEnforcement =
CGM.getCodeGenOpts().BranchTargetEnforcement;
(void)CGM.getTarget().validateBranchProtection(Attr.BranchProtection, (void)CGM.getTarget().validateBranchProtection(Attr.BranchProtection,
BPI, Error); BPI, Error);
assert(Error.empty()); assert(Error.empty());
auto *Fn = cast<llvm::Function>(GV);
// Update flags only when differ from the codegen flags.
if (Scope != BPI.SignReturnAddr || Key != BPI.SignKey) {
Scope = BPI.SignReturnAddr; Scope = BPI.SignReturnAddr;
Key = BPI.SignKey; Key = BPI.SignKey;
BranchTargetEnforcement = BPI.BranchTargetEnforcement;
}
}
auto *Fn = cast<llvm::Function>(GV);
if (Scope != CodeGenOptions::SignReturnAddressScope::None) { if (Scope != CodeGenOptions::SignReturnAddressScope::None) {
Fn->addFnAttr("sign-return-address", Fn->addFnAttr("sign-return-address",
Scope == CodeGenOptions::SignReturnAddressScope::All Scope == CodeGenOptions::SignReturnAddressScope::All
? "all" ? "all"
: "non-leaf"); : "non-leaf");
Fn->addFnAttr("sign-return-address-key", Fn->addFnAttr("sign-return-address-key",
Key == CodeGenOptions::SignReturnAddressKeyValue::AKey Key == CodeGenOptions::SignReturnAddressKeyValue::AKey
? "a_key" ? "a_key"
: "b_key"); : "b_key");
} else {
Fn->removeAttribute(llvm::AttributeList::FunctionIndex,
"sign-return-address");
Fn->removeAttribute(llvm::AttributeList::FunctionIndex,
"sign-return-address-key");
}
}
if (BranchTargetEnforcement != BPI.BranchTargetEnforcement) {
if (BPI.BranchTargetEnforcement)
Fn->addFnAttr("branch-target-enforcement", "true");
else
Fn->addFnAttr("branch-target-enforcement", "false");
danielkissAuthorUnsubmitted
Done
ReplyInline Actions

I'm going to rebase the patch. I add there a new attribute here "ignore-branch-target-enforcement"
so then the "branch-target-enforcement"="true"/"false" could be just "branch-target-enforcement".

danielkiss: I'm going to rebase the patch. I add there a new attribute here "ignore-branch-target…
chillUnsubmitted
Not Done
ReplyInline Actions

TBH, that's worse, IMHO.

Ideally, I *think* we'd like *every* LLVM IR function that the backend sees,
regardless of how, why and by whom it is created, to have (or not have)
the three existing PACBTI attributes "sign-return-address", "sign-return-address-key", and "branch-target-enforcement", so the backend can generate code accordingly.

The module attributes are LLVM IR metadata, and AFAIK LLVM IR metadata is an optional extra,
it should not affect correctness.
Indeed, *module* metadata is a somwhat grey area, better not use it if there a way around it.

chill: TBH, that's worse, IMHO. Ideally, I *think* we'd like *every* LLVM IR function that the…
tamas.petzUnsubmitted
Not Done
ReplyInline Actions

Which case are you trying to handle here?
Is this the case, for example, when -mbranch-protection=standard is set but a function has _attribute _((target("branch-protection=none")))?

tamas.petz: Which case are you trying to handle here? Is this the case, for example, when -mbranch…
danielkissAuthorUnsubmitted
Not Done
ReplyInline Actions

Chill: I think I have code that solve that for clang created functions, but functions created in llvm I don't have any idea.

Tamas: yes, that is the case when module is compiled with bti but the function is not ( "none" or "pac-ret" and so on. )

danielkiss: Chill: I think I have code that solve that for clang created functions, but functions created…
}
}
} }
if (BranchTargetEnforcement)
Fn->addFnAttr("branch-target-enforcement");
} }
llvm::Value *decodeReturnAddress(CodeGen::CodeGenFunction &CGF, llvm::Value *decodeReturnAddress(CodeGen::CodeGenFunction &CGF,
llvm::Value *Address) const override { llvm::Value *Address) const override {
CodeGenOptions::SignReturnAddressScope Scope = CodeGenOptions::SignReturnAddressScope Scope =
CGF.CGM.getCodeGenOpts().getSignReturnAddress(); CGF.CGM.getCodeGenOpts().getSignReturnAddress();
if (Scope == CodeGenOptions::SignReturnAddressScope::None) { if (Scope == CodeGenOptions::SignReturnAddressScope::None) {
return Address; return Address;
} }
▲ Show 20 LinesShow All 4,995 LinesShow Last 20 Lines

clang/test/CodeGen/aarch64-branch-protection-attr.c

// REQUIRES: aarch64-registered-target // REQUIRES: aarch64-registered-target
// RUN: %clang_cc1 -triple aarch64-unknown-unknown-eabi -emit-llvm -target-cpu generic -target-feature +v8.5a %s -o - \ // RUN: %clang_cc1 -triple aarch64-unknown-unknown-eabi -emit-llvm -target-cpu generic -target-feature +v8.5a %s -o - \
// RUN: | FileCheck %s --check-prefix=CHECK --check-prefix=NO-OVERRIDE // RUN: | FileCheck %s --check-prefix=CHECK --check-prefix=NO-OVERRIDE
// RUN: %clang_cc1 -triple aarch64-unknown-unknown-eabi -emit-llvm -target-cpu generic -target-feature +v8.5a %s -o - \ // RUN: %clang_cc1 -triple aarch64-unknown-unknown-eabi -emit-llvm -target-cpu generic -target-feature +v8.5a %s -o - \
// RUN: -msign-return-address=non-leaf -msign-return-address-key=a_key -mbranch-target-enforce \ // RUN: -msign-return-address=non-leaf -msign-return-address-key=a_key -mbranch-target-enforce \
// RUN: | FileCheck %s --check-prefix=CHECK --check-prefix=OVERRIDE // RUN: | FileCheck %s --check-prefix=CHECK --check-prefix=OVERRIDE
void missing() {} void missing() {}
// NO-OVERRIDE: define void @missing() #[[#NONE:]] // NO-OVERRIDE: define void @missing() #[[#NONE:]]
// OVERRIDE: define void @missing() #[[#STD:]] // OVERRIDE: define void @missing() #[[#STD:]]
__attribute__ ((target("branch-protection=none"))) __attribute__ ((target("branch-protection=none")))
void none() {} void none() {}
// NO-OVERRIDE: define void @none() #[[#NONE]] // NO-OVERRIDE: define void @none() #[[#NONE:]]
// OVERRIDE: define void @none() #[[#NONE:]] // OVERRIDE: define void @none() #[[#NONE:]]
__attribute__ ((target("branch-protection=standard"))) __attribute__ ((target("branch-protection=standard")))
void std() {} void std() {}
// NO-OVERRIDE: define void @std() #[[#STD:]] // NO-OVERRIDE: define void @std() #[[#STD:]]
// OVERRIDE: define void @std() #[[#STD]] // OVERRIDE: define void @std() #[[#STD]]
__attribute__ ((target("branch-protection=bti"))) __attribute__ ((target("branch-protection=bti")))
Show All 28 Lines
__attribute__ ((target("branch-protection=pac-ret+b-key+leaf"))) __attribute__ ((target("branch-protection=pac-ret+b-key+leaf")))
void bkeyleaf0() {} void bkeyleaf0() {}
// NO-OVERRIDE: define void @bkeyleaf0() #[[#PACBKEYLEAF:]] // NO-OVERRIDE: define void @bkeyleaf0() #[[#PACBKEYLEAF:]]
// OVERRIDE: define void @bkeyleaf0() #[[#PACBKEYLEAF:]] // OVERRIDE: define void @bkeyleaf0() #[[#PACBKEYLEAF:]]
__attribute__ ((target("branch-protection=pac-ret+leaf+b-key"))) __attribute__ ((target("branch-protection=pac-ret+leaf+b-key")))
void bkeyleaf1() {} void bkeyleaf1() {}
// NO-OVERRIDE: define void @bkeyleaf1() #[[#PACBKEYLEAF]] // NO-OVERRIDE: define void @bkeyleaf1() #[[#PACBKEYLEAF:]]
// OVERRIDE: define void @bkeyleaf1() #[[#PACBKEYLEAF]] // OVERRIDE: define void @bkeyleaf1() #[[#PACBKEYLEAF:]]
__attribute__ ((target("branch-protection=pac-ret+leaf+bti"))) __attribute__ ((target("branch-protection=pac-ret+leaf+bti")))
void btileaf() {} void btileaf() {}
// NO-OVERRIDE: define void @btileaf() #[[#BTIPACLEAF:]] // NO-OVERRIDE: define void @btileaf() #[[#BTIPACLEAF:]]
// OVERRIDE: define void @btileaf() #[[#BTIPACLEAF:]] // OVERRIDE: define void @btileaf() #[[#BTIPACLEAF:]]
// CHECK-DAG: attributes #[[#NONE]] // NO-OVERRIDE-DAG: attributes #[[#NONE]] = { {{.*}}
// OVERRIDE-DAG: attributes #[[#NONE]] = { {{.*}} "branch-target-enforcement"="false"
// CHECK-DAG: attributes #[[#STD]] = { {{.*}} "branch-target-enforcement" {{.*}} "sign-return-address"="non-leaf" "sign-return-address-key"="a_key" // CHECK-DAG: attributes #[[#STD]] = { {{.*}} "branch-target-enforcement"="true" {{.*}} "sign-return-address"="non-leaf" "sign-return-address-key"="a_key"
// CHECK-DAG: attributes #[[#BTI]] = { {{.*}}"branch-target-enforcement" // CHECK-DAG: attributes #[[#BTI]] = { {{.*}} "branch-target-enforcement"="true"
// CHECK-DAG: attributes #[[#PAC]] = { {{.*}} "sign-return-address"="non-leaf" "sign-return-address-key"="a_key" // NO-OVERRIDE-DAG: attributes #[[#PAC]] = { {{.*}} "sign-return-address"="non-leaf" "sign-return-address-key"="a_key"
// OVERRIDE-DAG: attributes #[[#PAC]] = { {{.*}} "branch-target-enforcement"="false" {{.*}} "sign-return-address"="non-leaf" "sign-return-address-key"="a_key"
// CHECK-DAG: attributes #[[#PACLEAF]] = { {{.*}} "sign-return-address"="all" "sign-return-address-key"="a_key" // NO-OVERRIDE-DAG: attributes #[[#PACLEAF]] = { {{.*}} "sign-return-address"="all" "sign-return-address-key"="a_key"
// OVERRIDE-DAG: attributes #[[#PACLEAF]] = { {{.*}} "branch-target-enforcement"="false" {{.*}} "sign-return-address"="all" "sign-return-address-key"="a_key"
// CHECK-DAG: attributes #[[#PACBKEY]] = { {{.*}} "sign-return-address"="non-leaf" "sign-return-address-key"="b_key" // NO-OVERRIDE-DAG: attributes #[[#PACBKEY]] = { {{.*}} "sign-return-address"="non-leaf" "sign-return-address-key"="b_key"
// OVERRIDE: attributes #[[#PACBKEY]] = { {{.*}} "branch-target-enforcement"="false" {{.*}} "sign-return-address"="non-leaf" "sign-return-address-key"="b_key"
// CHECK-DAG: attributes #[[#PACBKEYLEAF]] = { {{.*}} "sign-return-address"="all" "sign-return-address-key"="b_key" // NO-OVERRIDE-DAG: attributes #[[#PACBKEYLEAF]] = { {{.*}} "sign-return-address"="all" "sign-return-address-key"="b_key"
// OVERRIDE-DAG: attributes #[[#PACBKEYLEAF]] = { {{.*}} "branch-target-enforcement"="false" {{.*}} "sign-return-address"="all" "sign-return-address-key"="b_key"
// CHECK-DAG: attributes #[[#BTIPACLEAF]] = { {{.*}}"branch-target-enforcement" {{.*}} "sign-return-address"="all" "sign-return-address-key"="a_key" // CHECK-DAG: attributes #[[#BTIPACLEAF]] = { {{.*}} "branch-target-enforcement"="true" {{.*}} "sign-return-address"="all" "sign-return-address-key"="a_key"

clang/test/CodeGen/aarch64-sign-return-address.c

Show All 12 Lines
// CHECK: @foo() #[[ATTR:[0-9]*]] // CHECK: @foo() #[[ATTR:[0-9]*]]
// //
// NONE-NOT: "sign-return-address"={{.*}} // NONE-NOT: "sign-return-address"={{.*}}
// PARTIAL: "sign-return-address"="non-leaf" // PARTIAL: "sign-return-address"="non-leaf"
// ALL: "sign-return-address"="all" // ALL: "sign-return-address"="all"
// BTE: "branch-target-enforcement" // BTE: "branch-target-enforcement"="true"
// A-KEY: "sign-return-address-key"="a_key" // A-KEY: "sign-return-address-key"="a_key"
// B-KEY: "sign-return-address-key"="b_key" // B-KEY: "sign-return-address-key"="b_key"
void foo() {} void foo() {}

clang/test/CodeGenCXX/aarch64-branch-target_clang_call_terminate.cpp

  • This file was added.
// RUN: %clang -target aarch64-linux-android -mbranch-protection=none -c %s -o - | \
// RUN: llvm-objdump -d -mattr=+bti - | FileCheck %s --check-prefix=CHECK --check-prefix=CHECK-NONE
// RUN: %clang -target aarch64-linux-android -mbranch-protection=pac-ret -c %s -o - | \
// RUN: llvm-objdump -d -mattr=+bti - | FileCheck %s --check-prefix=CHECK --check-prefix=CHECK-NONE
// RUN: %clang -target aarch64-linux-android -mbranch-protection=pac-ret+leaf -c %s -o - | \
// RUN: llvm-objdump -d -mattr=+bti - | FileCheck %s --check-prefix=CHECK --check-prefix=CHECK-NONE
// RUN: %clang -target aarch64-linux-android -mbranch-protection=pac-ret+b-key -c %s -o - | \
// RUN: llvm-objdump -d -mattr=+bti - | FileCheck %s --check-prefix=CHECK --check-prefix=CHECK-NONE
// RUN: %clang -target aarch64-linux-android -mbranch-protection=pac-ret+b-key+leaf -c %s -o - | \
// RUN: llvm-objdump -d -mattr=+bti - | FileCheck %s --check-prefix=CHECK --check-prefix=CHECK-NONE
// RUN: %clang -target aarch64-linux-android -mbranch-protection=standard -c %s -o - | \
// RUN: llvm-objdump -d -mattr=+bti - | FileCheck %s --check-prefix=CHECK --check-prefix=CHECK-BTI
// RUN: %clang -target aarch64-linux-android -mbranch-protection=bti -c %s -o - | \
// RUN: llvm-objdump -d -mattr=+bti - | FileCheck %s --check-prefix=CHECK --check-prefix=CHECK-BTI
// RUN: %clang -target aarch64-linux-android -mbranch-protection=pac-ret+b-key+leaf+bti -c %s -o - | \
// RUN: llvm-objdump -d -mattr=+bti - | FileCheck %s --check-prefix=CHECK --check-prefix=CHECK-BTI
void a();
void d();
void c() {
try {
d();
} catch (...) {
a();
}
}
// CHECK-BTI: 0000000000000000 __clang_call_terminate:
// CHECK-BTI-NEXT: bti c
// CHECK-BTI-NEXT: str x30, [sp, #-16]!
// CHECK-NONE: 0000000000000000 __clang_call_terminate:
// CHECK-NONE-NEXT: str x30, [sp, #-16]!

clang/test/CodeGenCXX/aarch64-sign-return-address-static-ctor.cpp

Show All 32 Lines
// CHECK: @[[CTOR_FN]]() #[[ATTR:[0-9]*]] // CHECK: @[[CTOR_FN]]() #[[ATTR:[0-9]*]]
// CHECK-NONE-NOT: "sign-return-address"={{.*}} // CHECK-NONE-NOT: "sign-return-address"={{.*}}
// CHECK-PARTIAL: "sign-return-address"="non-leaf" // CHECK-PARTIAL: "sign-return-address"="non-leaf"
// CHECK-ALL: "sign-return-address"="all" // CHECK-ALL: "sign-return-address"="all"
// CHECK-A-KEY: "sign-return-address-key"="a_key" // CHECK-A-KEY: "sign-return-address-key"="a_key"
// CHECK-B-KEY: "sign-return-address-key"="b_key" // CHECK-B-KEY: "sign-return-address-key"="b_key"
// CHECK-BTE: "branch-target-enforcement" // CHECK-BTE: "branch-target-enforcement"="true"

llvm/lib/Target/AArch64/AArch64AsmPrinter.cpp

Show First 20 LinesShow All 181 Lines▼ Show 20 Lines
} // end anonymous namespace } // end anonymous namespace
void AArch64AsmPrinter::emitStartOfAsmFile(Module &M) { void AArch64AsmPrinter::emitStartOfAsmFile(Module &M) {
if (!TM.getTargetTriple().isOSBinFormatELF()) if (!TM.getTargetTriple().isOSBinFormatELF())
return; return;
// Assemble feature flags that may require creation of a note section. // Assemble feature flags that may require creation of a note section.
unsigned Flags = ELF::GNU_PROPERTY_AARCH64_FEATURE_1_BTI | unsigned Flags = 0;
ELF::GNU_PROPERTY_AARCH64_FEATURE_1_PAC; if (M.getModuleFlag("branch-target-enforcement"))
Flags |= ELF::GNU_PROPERTY_AARCH64_FEATURE_1_BTI;
if (M.getModuleFlag("sign-return-address"))
Flags |= ELF::GNU_PROPERTY_AARCH64_FEATURE_1_PAC;
if (any_of(M, [](const Function &F) { if (any_of(M, [](const Function &F) {
return !F.isDeclaration() && if (F.isDeclaration())
!F.hasFnAttribute("branch-target-enforcement"); return false;
return F.getFnAttribute("branch-target-enforcement")
.getValueAsString() == "false";
chillUnsubmitted
Not Done
ReplyInline Actions

This should be "true", although the comment might turn out moot.

If we somehow end up with a function, that does not have that attribute, we should clear the
ELF flag.

chill: This should be "true", although the comment might turn out moot. If we somehow end up with a…
chillUnsubmitted
Not Done
ReplyInline Actions

Oh, I see, those are the cases of sanitizer functions, created at LLVM level, that don't have the attribute.
Please, leave a comment in that sense.

chill: Oh, I see, those are the cases of sanitizer functions, created at LLVM level, that don't have…
chillUnsubmitted
Not Done
ReplyInline Actions

Or, as mentioned in the other comment, check if it's possible to set the attribute at the time of creation (from module attributes?). Tri-state logic is added complexity, if it's necessary, it's necessary, but if it's not, better make it simpler.

chill: Or, as mentioned in the other comment, check if it's possible to set the attribute at the time…
})) { })) {
Flags &= ~ELF::GNU_PROPERTY_AARCH64_FEATURE_1_BTI; Flags &= ~ELF::GNU_PROPERTY_AARCH64_FEATURE_1_BTI;
chillUnsubmitted
Not Done
ReplyInline Actions

... that kind of string processing, here and elsewhere.

chill: ... that kind of string processing, here and elsewhere.
} }
if ((Flags & ELF::GNU_PROPERTY_AARCH64_FEATURE_1_BTI) == 0 && if ((Flags & ELF::GNU_PROPERTY_AARCH64_FEATURE_1_BTI) == 0 &&
any_of(M, [](const Function &F) { any_of(M, [](const Function &F) {
return F.hasFnAttribute("branch-target-enforcement"); if (F.isDeclaration())
return false;
if (!F.hasFnAttribute("branch-target-enforcement"))
return false;
return F.getFnAttribute("branch-target-enforcement")
.getValueAsString() == "true";
})) { })) {
errs() << "warning: some functions compiled with BTI and some compiled " errs() << "warning: some functions compiled with BTI and some compiled "
"without BTI\n" "without BTI\n"
<< "warning: not setting BTI in feature flags\n"; << "warning: not setting BTI in feature flags\n";
} }
if (any_of(M, [](const Function &F) { if (any_of(M, [](const Function &F) {
if (F.isDeclaration()) if (F.isDeclaration())
▲ Show 20 LinesShow All 1,116 LinesShow Last 20 Lines

llvm/lib/Target/AArch64/AArch64BranchTargets.cpp

Show First 20 LinesShow All 52 Lines▼ Show 20 Lines
} }
FunctionPass *llvm::createAArch64BranchTargetsPass() { FunctionPass *llvm::createAArch64BranchTargetsPass() {
return new AArch64BranchTargets(); return new AArch64BranchTargets();
} }
bool AArch64BranchTargets::runOnMachineFunction(MachineFunction &MF) { bool AArch64BranchTargets::runOnMachineFunction(MachineFunction &MF) {
const Function &F = MF.getFunction(); const Function &F = MF.getFunction();
if (!F.hasFnAttribute("branch-target-enforcement"))
// LLVM emmitted function won't have the attribute.
danielkissAuthorUnsubmitted
Done
ReplyInline Actions

emmited -> emitted

danielkiss: emmited -> emitted
if (!F.hasFnAttribute("branch-target-enforcement")) {
// Fall back to the module flag, add BTI if the module is compiled with it.
if (!MF.getMMI().getModule()->getModuleFlag("branch-target-enforcement"))
chillUnsubmitted
Done
ReplyInline Actions

Isn't there some redundancy with the two calls to getFnAttribute and to hasFnAttribute ?

chill: Isn't there some redundancy with the two calls to `getFnAttribute` and to `hasFnAttribute` ?
return false;
} else {
// Explicitly requested to not generate BTI.
if (F.getFnAttribute("branch-target-enforcement").getValueAsString() ==
"false")
return false; return false;
}
LLVM_DEBUG( LLVM_DEBUG(
dbgs() << "********** AArch64 Branch Targets **********\n" dbgs() << "********** AArch64 Branch Targets **********\n"
<< "********** Function: " << MF.getName() << '\n'); << "********** Function: " << MF.getName() << '\n');
// LLVM does not consider basic blocks which are the targets of jump tables // LLVM does not consider basic blocks which are the targets of jump tables
// to be address-taken (the address can't escape anywhere else), but they are // to be address-taken (the address can't escape anywhere else), but they are
// used for indirect branches, so need BTI instructions. // used for indirect branches, so need BTI instructions.
▲ Show 20 LinesShow All 63 LinesShow Last 20 Lines

llvm/lib/Target/AArch64/AArch64CallLowering.cpp

Show First 20 LinesShow All 759 Lines▼ Show 20 Linesstatic unsigned getCallOpcode(const Function &CallerF, bool IsIndirect,
if (!IsTailCall) if (!IsTailCall)
return IsIndirect ? AArch64::BLR : AArch64::BL; return IsIndirect ? AArch64::BLR : AArch64::BL;
if (!IsIndirect) if (!IsIndirect)
return AArch64::TCRETURNdi; return AArch64::TCRETURNdi;
// When BTI is enabled, we need to use TCRETURNriBTI to make sure that we use // When BTI is enabled, we need to use TCRETURNriBTI to make sure that we use
// x16 or x17. // x16 or x17.
if (CallerF.hasFnAttribute("branch-target-enforcement")) if (CallerF.getFnAttribute("branch-target-enforcement").getValueAsString() ==
"true")
return AArch64::TCRETURNriBTI; return AArch64::TCRETURNriBTI;
return AArch64::TCRETURNri; return AArch64::TCRETURNri;
} }
bool AArch64CallLowering::lowerTailCall( bool AArch64CallLowering::lowerTailCall(
MachineIRBuilder &MIRBuilder, CallLoweringInfo &Info, MachineIRBuilder &MIRBuilder, CallLoweringInfo &Info,
SmallVectorImpl<ArgInfo> &OutArgs) const { SmallVectorImpl<ArgInfo> &OutArgs) const {
MachineFunction &MF = MIRBuilder.getMF(); MachineFunction &MF = MIRBuilder.getMF();
const Function &F = MF.getFunction(); const Function &F = MF.getFunction();
MachineRegisterInfo &MRI = MF.getRegInfo(); MachineRegisterInfo &MRI = MF.getRegInfo();
const AArch64TargetLowering &TLI = *getTLI<AArch64TargetLowering>(); const AArch64TargetLowering &TLI = *getTLI<AArch64TargetLowering>();
AArch64FunctionInfo *FuncInfo = MF.getInfo<AArch64FunctionInfo>(); AArch64FunctionInfo *FuncInfo = MF.getInfo<AArch64FunctionInfo>();
// True when we're tail calling, but without -tailcallopt. // True when we're tail calling, but without -tailcallopt.
bool IsSibCall = !MF.getTarget().Options.GuaranteedTailCallOpt; bool IsSibCall = !MF.getTarget().Options.GuaranteedTailCallOpt;
// TODO: Right now, regbankselect doesn't know how to handle the rtcGPR64 // TODO: Right now, regbankselect doesn't know how to handle the rtcGPR64
// register class. Until we can do that, we should fall back here. // register class. Until we can do that, we should fall back here.
if (F.hasFnAttribute("branch-target-enforcement")) { if (F.getFnAttribute("branch-target-enforcement").getValueAsString() ==
"true") {
LLVM_DEBUG( LLVM_DEBUG(
dbgs() << "Cannot lower indirect tail calls with BTI enabled yet.\n"); dbgs() << "Cannot lower indirect tail calls with BTI enabled yet.\n");
return false; return false;
} }
// Find out which ABI gets to decide where things go. // Find out which ABI gets to decide where things go.
CallingConv::ID CalleeCC = Info.CallConv; CallingConv::ID CalleeCC = Info.CallConv;
CCAssignFn *AssignFnFixed; CCAssignFn *AssignFnFixed;
▲ Show 20 LinesShow All 229 LinesShow Last 20 Lines

llvm/lib/Target/AArch64/AArch64InstrInfo.cpp

Show First 20 LinesShow All 5,853 Lines▼ Show 20 Lines auto SetCandidateCallInfo =
for (outliner::Candidate &C : RepeatedSequenceLocs) for (outliner::Candidate &C : RepeatedSequenceLocs)
C.setCallInfo(CallID, NumBytesForCall); C.setCallInfo(CallID, NumBytesForCall);
}; };
unsigned FrameID = MachineOutlinerDefault; unsigned FrameID = MachineOutlinerDefault;
NumBytesToCreateFrame += 4; NumBytesToCreateFrame += 4;
bool HasBTI = any_of(RepeatedSequenceLocs, [](outliner::Candidate &C) { bool HasBTI = any_of(RepeatedSequenceLocs, [](outliner::Candidate &C) {
return C.getMF()->getFunction().hasFnAttribute("branch-target-enforcement"); return C.getMF()
->getFunction()
.getFnAttribute("branch-target-enforcement")
.getValueAsString() == "true";
}); });
// Returns true if an instructions is safe to fix up, false otherwise. // Returns true if an instructions is safe to fix up, false otherwise.
auto IsSafeToFixup = [this, &TRI](MachineInstr &MI) { auto IsSafeToFixup = [this, &TRI](MachineInstr &MI) {
if (MI.isCall()) if (MI.isCall())
return true; return true;
if (!MI.modifiesRegister(AArch64::SP, &TRI) && if (!MI.modifiesRegister(AArch64::SP, &TRI) &&
▲ Show 20 LinesShow All 842 LinesShow Last 20 Lines

llvm/lib/Target/AArch64/AArch64InstrInfo.td

  • This file is larger than 256 KB, so syntax highlighting is disabled by default.
Show First 20 LinesShow All 564 Lines▼ Show 20 Lines
// the Function object through the <Target>Subtarget and objections were raised // the Function object through the <Target>Subtarget and objections were raised
// to that (see post-commit review comments for r301750). // to that (see post-commit review comments for r301750).
let RecomputePerFunction = 1 in { let RecomputePerFunction = 1 in {
def ForCodeSize : Predicate<"shouldOptForSize(MF)">; def ForCodeSize : Predicate<"shouldOptForSize(MF)">;
def NotForCodeSize : Predicate<"!shouldOptForSize(MF)">; def NotForCodeSize : Predicate<"!shouldOptForSize(MF)">;
// Avoid generating STRQro if it is slow, unless we're optimizing for code size. // Avoid generating STRQro if it is slow, unless we're optimizing for code size.
def UseSTRQro : Predicate<"!Subtarget->isSTRQroSlow() || shouldOptForSize(MF)">; def UseSTRQro : Predicate<"!Subtarget->isSTRQroSlow() || shouldOptForSize(MF)">;
def UseBTI : Predicate<[{ MF->getFunction().hasFnAttribute("branch-target-enforcement") }]>; def UseBTI : Predicate<[{ MF->getFunction().getFnAttribute("branch-target-enforcement").getValueAsString() == "true" }]>;
def NotUseBTI : Predicate<[{ !MF->getFunction().hasFnAttribute("branch-target-enforcement") }]>; def NotUseBTI : Predicate<[{ !(MF->getFunction().getFnAttribute("branch-target-enforcement").getValueAsString() == "true") }]>;
// Toggles patterns which aren't beneficial in GlobalISel when we aren't // Toggles patterns which aren't beneficial in GlobalISel when we aren't
// optimizing. This allows us to selectively use patterns without impacting // optimizing. This allows us to selectively use patterns without impacting
// SelectionDAG's behaviour. // SelectionDAG's behaviour.
// FIXME: One day there will probably be a nicer way to check for this, but // FIXME: One day there will probably be a nicer way to check for this, but
// today is not that day. // today is not that day.
def OptimizedGISelOrOtherSelector : Predicate<"!MF->getFunction().hasOptNone() || MF->getProperties().hasProperty(MachineFunctionProperties::Property::FailedISel) || !MF->getProperties().hasProperty(MachineFunctionProperties::Property::Legalized)">; def OptimizedGISelOrOtherSelector : Predicate<"!MF->getFunction().hasOptNone() || MF->getProperties().hasProperty(MachineFunctionProperties::Property::FailedISel) || !MF->getProperties().hasProperty(MachineFunctionProperties::Property::Legalized)">;
} }
▲ Show 20 LinesShow All 6,766 LinesShow Last 20 Lines

llvm/test/CodeGen/AArch64/branch-target-enforcement-indirect-calls.ll

Show All 14 Lines
define void @bti_disabled(void ()* %p) { define void @bti_disabled(void ()* %p) {
entry: entry:
tail call void %p() tail call void %p()
; CHECK: br x0 ; CHECK: br x0
ret void ret void
} }
define void @bti_enabled(void ()* %p) "branch-target-enforcement" { define void @bti_enabled(void ()* %p) "branch-target-enforcement"="true" {
entry: entry:
tail call void %p() tail call void %p()
; CHECK: br {{x16|x17}} ; CHECK: br {{x16|x17}}
ret void ret void
} }

llvm/test/CodeGen/AArch64/branch-target-enforcement.mir

# RUN: llc -run-pass=aarch64-branch-targets %s -o - | FileCheck %s # RUN: llc -run-pass=aarch64-branch-targets %s -o - | FileCheck %s
--- | --- |
target datalayout = "e-m:e-i8:8:32-i16:16:32-i64:64-i128:128-n32:64-S128" target datalayout = "e-m:e-i8:8:32-i16:16:32-i64:64-i128:128-n32:64-S128"
target triple = "aarch64-arm-none-eabi" target triple = "aarch64-arm-none-eabi"
define hidden i32 @simple_external() "branch-target-enforcement" { define hidden i32 @simple_external() "branch-target-enforcement"="true" {
entry: entry:
ret i32 0 ret i32 0
} }
define internal i32 @simple_internal() "branch-target-enforcement" { define internal i32 @simple_internal() "branch-target-enforcement"="true" {
entry: entry:
ret i32 0 ret i32 0
} }
define hidden i32 @ptr_auth() "branch-target-enforcement" { define hidden i32 @ptr_auth() "branch-target-enforcement"="true" {
entry: entry:
tail call void asm sideeffect "", "~{lr}"() tail call void asm sideeffect "", "~{lr}"()
ret i32 0 ret i32 0
} }
define hidden i32 @ptr_auth_b() "branch-target-enforcement" { define hidden i32 @ptr_auth_b() "branch-target-enforcement"="true" {
entry: entry:
tail call void asm sideeffect "", "~{lr}"() tail call void asm sideeffect "", "~{lr}"()
ret i32 0 ret i32 0
} }
define hidden i32 @jump_table(i32 %a) "branch-target-enforcement" { define hidden i32 @jump_table(i32 %a) "branch-target-enforcement"="true" {
entry: entry:
switch i32 %a, label %sw.epilog [ switch i32 %a, label %sw.epilog [
i32 1, label %sw.bb i32 1, label %sw.bb
i32 2, label %sw.bb1 i32 2, label %sw.bb1
i32 3, label %sw.bb2 i32 3, label %sw.bb2
i32 4, label %sw.bb3 i32 4, label %sw.bb3
i32 5, label %sw.bb4 i32 5, label %sw.bb4
] ]
Show All 19 Lines sw.bb4: ; preds = %entry
br label %sw.epilog br label %sw.epilog
sw.epilog: ; preds = %entry, %sw.bb4, %sw.bb3, %sw.bb2, %sw.bb1, %sw.bb sw.epilog: ; preds = %entry, %sw.bb4, %sw.bb3, %sw.bb2, %sw.bb1, %sw.bb
ret i32 0 ret i32 0
} }
@label_address.addr = internal unnamed_addr global i8* blockaddress(@label_address, %return), align 8 @label_address.addr = internal unnamed_addr global i8* blockaddress(@label_address, %return), align 8
define hidden i32 @label_address() "branch-target-enforcement" { define hidden i32 @label_address() "branch-target-enforcement"="true" {
entry: entry:
%0 = load i8*, i8** @label_address.addr, align 8 %0 = load i8*, i8** @label_address.addr, align 8
indirectbr i8* %0, [label %return, label %lab2] indirectbr i8* %0, [label %return, label %lab2]
lab2: ; preds = %entry lab2: ; preds = %entry
br label %.split br label %.split
return: ; preds = %entry return: ; preds = %entry
br label %.split br label %.split
.split: ; preds = %lab2, %return .split: ; preds = %lab2, %return
%merge = phi i8* [ blockaddress(@label_address, %lab2), %return ], [ blockaddress(@label_address, %return), %lab2 ] %merge = phi i8* [ blockaddress(@label_address, %lab2), %return ], [ blockaddress(@label_address, %return), %lab2 ]
%merge2 = phi i32 [ 1, %return ], [ 2, %lab2 ] %merge2 = phi i32 [ 1, %return ], [ 2, %lab2 ]
store i8* %merge, i8** @label_address.addr, align 8 store i8* %merge, i8** @label_address.addr, align 8
ret i32 %merge2 ret i32 %merge2
} }
define hidden i32 @label_address_entry() "branch-target-enforcement" { define hidden i32 @label_address_entry() "branch-target-enforcement"="true" {
entry: entry:
%0 = load i8*, i8** @label_address.addr, align 8 %0 = load i8*, i8** @label_address.addr, align 8
indirectbr i8* %0, [label %return, label %lab2] indirectbr i8* %0, [label %return, label %lab2]
lab2: ; preds = %entry lab2: ; preds = %entry
br label %.split br label %.split
return: ; preds = %entry return: ; preds = %entry
br label %.split br label %.split
.split: ; preds = %lab2, %return .split: ; preds = %lab2, %return
%merge = phi i8* [ blockaddress(@label_address, %lab2), %return ], [ blockaddress(@label_address, %return), %lab2 ] %merge = phi i8* [ blockaddress(@label_address, %lab2), %return ], [ blockaddress(@label_address, %return), %lab2 ]
%merge2 = phi i32 [ 1, %return ], [ 2, %lab2 ] %merge2 = phi i32 [ 1, %return ], [ 2, %lab2 ]
store i8* %merge, i8** @label_address.addr, align 8 store i8* %merge, i8** @label_address.addr, align 8
ret i32 %merge2 ret i32 %merge2
} }
define hidden i32 @debug_ptr_auth() "branch-target-enforcement" { define hidden i32 @debug_ptr_auth() "branch-target-enforcement"="true" {
entry: entry:
tail call void asm sideeffect "", "~{lr}"() tail call void asm sideeffect "", "~{lr}"()
ret i32 0 ret i32 0
} }
... ...
--- ---
# External function, could be addres-taken elsewhere so needs BTI JC. # External function, could be addres-taken elsewhere so needs BTI JC.
▲ Show 20 LinesShow All 248 LinesShow Last 20 Lines

llvm/test/CodeGen/AArch64/bti-branch-relaxation.ll

Show First 20 LinesShow All 55 Lines▼ Show 20 Lines
declare dso_local void @g2(...) local_unnamed_addr #0 declare dso_local void @g2(...) local_unnamed_addr #0
declare dso_local void @g3(...) local_unnamed_addr #0 declare dso_local void @g3(...) local_unnamed_addr #0
declare dso_local void @e(...) local_unnamed_addr #0 declare dso_local void @e(...) local_unnamed_addr #0
declare dso_local i64 @llvm.aarch64.space(i32, i64) local_unnamed_addr #0 declare dso_local i64 @llvm.aarch64.space(i32, i64) local_unnamed_addr #0
attributes #0 = { nounwind "branch-target-enforcement" "correctly-rounded-divide-sqrt-fp-math"="false" "disable-tail-calls"="false" "frame-pointer"="all" "less-precise-fpmad"="false" "min-legal-vector-width"="0" "no-infs-fp-math"="false" "no-jump-tables"="false" "no-nans-fp-math"="false" "no-signed-zeros-fp-math"="false" "no-trapping-math"="false" "stack-protector-buffer-size"="8" "target-cpu"="generic" "target-features"="+neon,+v8.5a" "unsafe-fp-math"="false" "use-soft-float"="false" } attributes #0 = { nounwind "branch-target-enforcement"="true" "correctly-rounded-divide-sqrt-fp-math"="false" "disable-tail-calls"="false" "frame-pointer"="all" "less-precise-fpmad"="false" "min-legal-vector-width"="0" "no-infs-fp-math"="false" "no-jump-tables"="false" "no-nans-fp-math"="false" "no-signed-zeros-fp-math"="false" "no-trapping-math"="false" "stack-protector-buffer-size"="8" "target-cpu"="generic" "target-features"="+neon,+v8.5a" "unsafe-fp-math"="false" "use-soft-float"="false" }

llvm/test/CodeGen/AArch64/machine-outliner-bti.mir

Show All 9 Lines
# instruction. We make of this for general tail-calls (tested elsewhere), but # instruction. We make of this for general tail-calls (tested elsewhere), but
# don't currently make use of this in the outliner. # don't currently make use of this in the outliner.
# CHECK-NOT: OUTLINED_FUNCTION_ # CHECK-NOT: OUTLINED_FUNCTION_
--- | --- |
@g = hidden local_unnamed_addr global i32 0, align 4 @g = hidden local_unnamed_addr global i32 0, align 4
define hidden void @bar(void ()* nocapture %f) "branch-target-enforcement" { define hidden void @bar(void ()* nocapture %f) "branch-target-enforcement"="true" {
entry: entry:
ret void ret void
} }
declare void @foo() declare void @foo()
... ...
--- ---
name: bar name: bar
Show All 18 Lines

llvm/test/CodeGen/AArch64/machine-outliner-outline-bti.ll

; RUN: llc -mtriple aarch64--none-eabi < %s | FileCheck %s ; RUN: llc -mtriple aarch64--none-eabi < %s | FileCheck %s
; The BTI instruction cannot be outlined, because it needs to be the very first ; The BTI instruction cannot be outlined, because it needs to be the very first
; instruction executed after an indirect call. ; instruction executed after an indirect call.
@g = hidden global i32 0, align 4 @g = hidden global i32 0, align 4
define hidden void @foo() minsize "branch-target-enforcement" { define hidden void @foo() minsize "branch-target-enforcement"="true" {
entry: entry:
; CHECK: hint #34 ; CHECK: hint #34
; CHECK: b OUTLINED_FUNCTION_0 ; CHECK: b OUTLINED_FUNCTION_0
store volatile i32 1, i32* @g, align 4 store volatile i32 1, i32* @g, align 4
ret void ret void
} }
define hidden void @bar() minsize "branch-target-enforcement" { define hidden void @bar() minsize "branch-target-enforcement"="true" {
entry: entry:
; CHECK: hint #34 ; CHECK: hint #34
; CHECK: b OUTLINED_FUNCTION_0 ; CHECK: b OUTLINED_FUNCTION_0
store volatile i32 1, i32* @g, align 4 store volatile i32 1, i32* @g, align 4
ret void ret void
} }
No newline at end of file

llvm/test/CodeGen/AArch64/note-gnu-property-pac-bti-0.ll

; RUN: llc -mtriple=aarch64-linux %s -o - | \ ; RUN: llc -mtriple=aarch64-linux %s -o - | \
; RUN: FileCheck %s --check-prefix=ASM ; RUN: FileCheck %s --check-prefix=ASM
; RUN: llc -mtriple=aarch64-linux %s -filetype=obj -o - | \ ; RUN: llc -mtriple=aarch64-linux %s -filetype=obj -o - | \
; RUN: llvm-readelf --notes | FileCheck %s --check-prefix=OBJ ; RUN: llvm-readelf --notes | FileCheck %s --check-prefix=OBJ
@x = common dso_local global i32 0, align 4 @x = common dso_local global i32 0, align 4
attributes #0 = { "branch-target-enforcement" } attributes #0 = { "branch-target-enforcement"="true" }
!llvm.module.flags = !{!0, !1}
!0 = !{i32 4, !"branch-target-enforcement", i32 1}
!1 = !{i32 4, !"sign-return-address", !"all"}
; Both attributes present in a file with no functions. ; Both attributes present in a file with no functions.
; ASM: .word 3221225472 ; ASM: .word 3221225472
; ASM-NEXT: .word 4 ; ASM-NEXT: .word 4
; ASM-NEXT .word 3 ; ASM-NEXT .word 3
; OBJ: Properties: aarch64 feature: BTI, PAC ; OBJ: Properties: aarch64 feature: BTI, PAC

llvm/test/CodeGen/AArch64/note-gnu-property-pac-bti-1.ll

; RUN: llc -mtriple=aarch64-linux %s -o - | \ ; RUN: llc -mtriple=aarch64-linux %s -o - | \
; RUN: FileCheck %s --check-prefix=ASM ; RUN: FileCheck %s --check-prefix=ASM
; RUN: llc -mtriple=aarch64-linux %s -filetype=obj -o - | \ ; RUN: llc -mtriple=aarch64-linux %s -filetype=obj -o - | \
; RUN: llvm-readelf --notes | FileCheck %s --check-prefix=OBJ ; RUN: llvm-readelf --notes | FileCheck %s --check-prefix=OBJ
define dso_local i32 @f() #0 { define dso_local i32 @f() #0 {
entry: entry:
ret i32 0 ret i32 0
} }
attributes #0 = { "branch-target-enforcement" } attributes #0 = { "branch-target-enforcement"="true" }
!llvm.module.flags = !{!0}
!0 = !{i32 4, !"branch-target-enforcement", i32 1}
; BTI attribute present ; BTI attribute present
; ASM: .word 3221225472 ; ASM: .word 3221225472
; ASM-NEXT: .word 4 ; ASM-NEXT: .word 4
; ASM-NEXT .word 1 ; ASM-NEXT .word 1
; OBJ: Properties: aarch64 feature: BTI ; OBJ: Properties: aarch64 feature: BTI

llvm/test/CodeGen/AArch64/note-gnu-property-pac-bti-2.ll

; RUN: llc -mtriple=aarch64-linux %s -o - | \ ; RUN: llc -mtriple=aarch64-linux %s -o - | \
; RUN: FileCheck %s --check-prefix=ASM ; RUN: FileCheck %s --check-prefix=ASM
; RUN: llc -mtriple=aarch64-linux %s -filetype=obj -o - | \ ; RUN: llc -mtriple=aarch64-linux %s -filetype=obj -o - | \
; RUN: llvm-readelf --notes | FileCheck %s --check-prefix=OBJ ; RUN: llvm-readelf --notes | FileCheck %s --check-prefix=OBJ
define dso_local i32 @f() #0 { define dso_local i32 @f() #0 {
entry: entry:
ret i32 0 ret i32 0
} }
attributes #0 = { "sign-return-address"="all" } attributes #0 = { "sign-return-address"="all" }
!llvm.module.flags = !{!0}
!0 = !{i32 4, !"sign-return-address", !"all"}
; PAC attribute present ; PAC attribute present
; ASM: .word 3221225472 ; ASM: .word 3221225472
; ASM-NEXT: .word 4 ; ASM-NEXT: .word 4
; ASM-NEXT .word 2 ; ASM-NEXT .word 2
; OBJ: Properties: aarch64 feature: PAC ; OBJ: Properties: aarch64 feature: PAC

llvm/test/CodeGen/AArch64/note-gnu-property-pac-bti-3.ll

; RUN: llc -mtriple=aarch64-linux %s -o - | \ ; RUN: llc -mtriple=aarch64-linux %s -o - | \
; RUN: FileCheck %s --check-prefix=ASM ; RUN: FileCheck %s --check-prefix=ASM
; RUN: llc -mtriple=aarch64-linux %s -filetype=obj -o - | \ ; RUN: llc -mtriple=aarch64-linux %s -filetype=obj -o - | \
; RUN: llvm-readelf --notes | FileCheck %s --check-prefix=OBJ ; RUN: llvm-readelf --notes | FileCheck %s --check-prefix=OBJ
define dso_local i32 @f() #0 { define dso_local i32 @f() #0 {
entry: entry:
ret i32 0 ret i32 0
} }
attributes #0 = { "branch-target-enforcement" "sign-return-address"="non-leaf" } attributes #0 = { "branch-target-enforcement"="true" "sign-return-address"="non-leaf" }
!llvm.module.flags = !{!0, !1}
!0 = !{i32 4, !"branch-target-enforcement", i32 1}
!1 = !{i32 4, !"sign-return-address", !"non-leaf"}
; Both attribute present ; Both attribute present
; ASM: .word 3221225472 ; ASM: .word 3221225472
; ASM-NEXT: .word 4 ; ASM-NEXT: .word 4
; ASM-NEXT .word 3 ; ASM-NEXT .word 3
; OBJ: Properties: aarch64 feature: BTI, PAC ; OBJ: Properties: aarch64 feature: BTI, PAC

llvm/test/CodeGen/AArch64/note-gnu-property-pac-bti-4.ll

; RUN: llc -mtriple=aarch64-linux %s -o - | \ ; RUN: llc -mtriple=aarch64-linux %s -o - | \
; RUN: FileCheck %s --check-prefix=ASM ; RUN: FileCheck %s --check-prefix=ASM
; RUN: llc -mtriple=aarch64-linux %s -filetype=obj -o - | \ ; RUN: llc -mtriple=aarch64-linux %s -filetype=obj -o - | \
; RUN: llvm-readelf --notes | FileCheck %s --check-prefix=OBJ ; RUN: llvm-readelf --notes | FileCheck %s --check-prefix=OBJ
define dso_local i32 @f() #0 { define dso_local i32 @f() #0 {
entry: entry:
ret i32 0 ret i32 0
} }
define dso_local i32 @g() #1 { define dso_local i32 @g() #1 {
entry: entry:
ret i32 0 ret i32 0
} }
attributes #0 = { "branch-target-enforcement" "sign-return-address"="non-leaf" } attributes #0 = { "branch-target-enforcement"="true" "sign-return-address"="non-leaf" }
attributes #1 = { "branch-target-enforcement" } attributes #1 = { "branch-target-enforcement"="true" }
!llvm.module.flags = !{!0}
!0 = !{i32 4, !"branch-target-enforcement", i32 1}
; Only the common atttribute (BTI) ; Only the common atttribute (BTI)
; ASM: .word 3221225472 ; ASM: .word 3221225472
; ASM-NEXT: .word 4 ; ASM-NEXT: .word 4
; ASM-NEXT .word 1 ; ASM-NEXT .word 1
; OBJ: Properties: aarch64 feature: BTI ; OBJ: Properties: aarch64 feature: BTI

llvm/test/CodeGen/AArch64/note-gnu-property-pac-bti-5.ll

; RUN: llc -mtriple=aarch64-linux %s -o - 2>&1 | \ ; RUN: llc -mtriple=aarch64-linux %s -o - 2>&1 | \
; RUN: FileCheck %s --check-prefix=ASM ; RUN: FileCheck %s --check-prefix=ASM
; RUN: llc -mtriple=aarch64-linux %s -filetype=obj -o - | \ ; RUN: llc -mtriple=aarch64-linux %s -filetype=obj -o - | \
; RUN: llvm-readelf --notes | FileCheck %s --check-prefix=OBJ ; RUN: llvm-readelf --notes | FileCheck %s --check-prefix=OBJ
define dso_local i32 @f() #0 { define dso_local i32 @f() #0 {
entry: entry:
ret i32 0 ret i32 0
} }
define dso_local i32 @g() #1 { define dso_local i32 @g() #1 {
entry: entry:
ret i32 0 ret i32 0
} }
attributes #0 = { "branch-target-enforcement" "sign-return-address"="non-leaf" } attributes #0 = { "branch-target-enforcement"="true" "sign-return-address"="non-leaf" }
attributes #1 = { "branch-target-enforcement"="false" "sign-return-address"="all" }
!llvm.module.flags = !{!0, !1}
!0 = !{i32 4, !"branch-target-enforcement", i32 1}
!1 = !{i32 4, !"sign-return-address", !"all"}
attributes #1 = { "sign-return-address"="all" }
; Only the common atttribute (PAC) ; Only the common atttribute (PAC)
; ASM: warning: not setting BTI in feature flags ; ASM: warning: not setting BTI in feature flags
; ASM: .word 3221225472 ; ASM: .word 3221225472
; ASM-NEXT: .word 4 ; ASM-NEXT: .word 4
; ASM-NEXT .word 2 ; ASM-NEXT .word 2
; OBJ: Properties: aarch64 feature: PAC ; OBJ: Properties: aarch64 feature: PAC

llvm/test/CodeGen/AArch64/note-gnu-property-pac-bti-6.ll

Show All 11 Lines
entry: entry:
ret i32 0 ret i32 0
} }
attributes #0 = { "sign-return-address"="non-leaf" } attributes #0 = { "sign-return-address"="non-leaf" }
attributes #1 = { "sign-return-address"="none" } attributes #1 = { "sign-return-address"="none" }
!llvm.module.flags = !{!0}
!0 = !{i32 4, !"sign-return-address", !"non-leaf"}
; No common attribute, no note section ; No common attribute, no note section
; ASM-NOT: .note.gnu.property ; ASM-NOT: .note.gnu.property
; OBJ-NOT: .note.gnu.property ; OBJ-NOT: .note.gnu.property

llvm/test/CodeGen/AArch64/note-gnu-property-pac-bti-7.ll

; RUN: llc -mtriple=aarch64-linux %s -o - 2>&1 | \ ; RUN: llc -mtriple=aarch64-linux %s -o - 2>&1 | \
; RUN: FileCheck %s --check-prefix=ASM ; RUN: FileCheck %s --check-prefix=ASM
; RUN: llc -mtriple=aarch64-linux %s -filetype=obj -o - | \ ; RUN: llc -mtriple=aarch64-linux %s -filetype=obj -o - | \
; RUN: llvm-readelf -S | FileCheck %s --check-prefix=OBJ ; RUN: llvm-readelf -S | FileCheck %s --check-prefix=OBJ
define dso_local i32 @f() #0 { define dso_local i32 @f() #0 {
entry: entry:
ret i32 0 ret i32 0
} }
define dso_local i32 @g() #1 { define dso_local i32 @g() #1 {
entry: entry:
ret i32 0 ret i32 0
} }
attributes #0 = { "sign-return-address"="non-leaf" } attributes #0 = { "branch-target-enforcement"="false" "sign-return-address"="non-leaf" }
attributes #1 = { "branch-target-enforcement" } attributes #1 = { "branch-target-enforcement"="true" }
!llvm.module.flags = !{!0}
!0 = !{i32 4, !"branch-target-enforcement", i32 1}
; No common attribute, no note section ; No common attribute, no note section
; ASM: warning: not setting BTI in feature flags ; ASM: warning: not setting BTI in feature flags
; ASM-NOT: .note.gnu.property ; ASM-NOT: .note.gnu.property
; OBJ-NOT: .note.gnu.property ; OBJ-NOT: .note.gnu.property

llvm/test/CodeGen/AArch64/note-gnu-property-pac-bti-8.ll

; RUN: llc -mtriple=aarch64-linux %s -o - | \ ; RUN: llc -mtriple=aarch64-linux %s -o - | \
; RUN: FileCheck %s --check-prefix=ASM ; RUN: FileCheck %s --check-prefix=ASM
; RUN: llc -mtriple=aarch64-linux %s -filetype=obj -o - | \ ; RUN: llc -mtriple=aarch64-linux %s -filetype=obj -o - | \
; RUN: llvm-readelf --notes | FileCheck %s --check-prefix=OBJ ; RUN: llvm-readelf --notes | FileCheck %s --check-prefix=OBJ
define dso_local i32 @f() #0 { define dso_local i32 @f() #0 {
entry: entry:
%r = tail call i32 @g() %r = tail call i32 @g()
ret i32 %r ret i32 %r
} }
declare dso_local i32 @g() declare dso_local i32 @g()
attributes #0 = { "branch-target-enforcement" } attributes #0 = { "branch-target-enforcement"="true" }
!llvm.module.flags = !{!0}
!0 = !{i32 4, !"branch-target-enforcement", i32 1}
; Declarations don't prevent setting BTI ; Declarations don't prevent setting BTI
; ASM: .word 3221225472 ; ASM: .word 3221225472
; ASM-NEXT: .word 4 ; ASM-NEXT: .word 4
; ASM-NEXT .word 1 ; ASM-NEXT .word 1
; OBJ: Properties: aarch64 feature: BTI ; OBJ: Properties: aarch64 feature: BTI

llvm/test/CodeGen/AArch64/note-gnu-property-pac-bti-9.ll

  • This file was added.
; RUN: llc -mtriple=aarch64-linux %s -o - | \
; RUN: FileCheck %s --check-prefix=ASM
; RUN: llc -mtriple=aarch64-linux %s -filetype=obj -o - | \
; RUN: llvm-readelf --notes | FileCheck %s --check-prefix=OBJ
define dso_local i32 @f() #0 {
entry:
ret i32 0
}
define dso_local i32 @g() {
entry:
ret i32 0
}
attributes #0 = { "branch-target-enforcement"="true" }
!llvm.module.flags = !{!0}
!0 = !{i32 4, !"branch-target-enforcement", i32 1}
; Only the common atttribute (BTI)
; ASM: .word 3221225472
; ASM-NEXT: .word 4
; ASM-NEXT .word 1
; OBJ: Properties: aarch64 feature: BTI

llvm/test/CodeGen/AArch64/patchable-function-entry-bti.ll

; RUN: llc -mtriple=aarch64 %s -o - | FileCheck %s ; RUN: llc -mtriple=aarch64 %s -o - | FileCheck %s
define void @f0() "patchable-function-entry"="0" "branch-target-enforcement" { define void @f0() "patchable-function-entry"="0" "branch-target-enforcement"="true" {
; CHECK-LABEL: f0: ; CHECK-LABEL: f0:
; CHECK-NEXT: .Lfunc_begin0: ; CHECK-NEXT: .Lfunc_begin0:
; CHECK: // %bb.0: ; CHECK: // %bb.0:
; CHECK-NEXT: hint #34 ; CHECK-NEXT: hint #34
; CHECK-NEXT: ret ; CHECK-NEXT: ret
; CHECK-NOT: .section __patchable_function_entries ; CHECK-NOT: .section __patchable_function_entries
ret void ret void
} }
;; -fpatchable-function-entry=1 -mbranch-protection=bti ;; -fpatchable-function-entry=1 -mbranch-protection=bti
;; For M=0, place the label .Lpatch0 after the initial BTI. ;; For M=0, place the label .Lpatch0 after the initial BTI.
define void @f1() "patchable-function-entry"="1" "branch-target-enforcement" { define void @f1() "patchable-function-entry"="1" "branch-target-enforcement"="true" {
; CHECK-LABEL: f1: ; CHECK-LABEL: f1:
; CHECK-NEXT: .Lfunc_begin1: ; CHECK-NEXT: .Lfunc_begin1:
; CHECK-NEXT: .cfi_startproc ; CHECK-NEXT: .cfi_startproc
; CHECK-NEXT: // %bb.0: ; CHECK-NEXT: // %bb.0:
; CHECK-NEXT: hint #34 ; CHECK-NEXT: hint #34
; CHECK-NEXT: .Lpatch0: ; CHECK-NEXT: .Lpatch0:
; CHECK-NEXT: nop ; CHECK-NEXT: nop
; CHECK-NEXT: ret ; CHECK-NEXT: ret
; CHECK: .section __patchable_function_entries,"awo",@progbits,f1{{$}} ; CHECK: .section __patchable_function_entries,"awo",@progbits,f1{{$}}
; CHECK-NEXT: .p2align 3 ; CHECK-NEXT: .p2align 3
; CHECK-NEXT: .xword .Lpatch0 ; CHECK-NEXT: .xword .Lpatch0
ret void ret void
} }
;; -fpatchable-function-entry=2,1 -mbranch-protection=bti ;; -fpatchable-function-entry=2,1 -mbranch-protection=bti
define void @f2_1() "patchable-function-entry"="1" "patchable-function-prefix"="1" "branch-target-enforcement" { define void @f2_1() "patchable-function-entry"="1" "patchable-function-prefix"="1" "branch-target-enforcement"="true" {
; CHECK-LABEL: .type f2_1,@function ; CHECK-LABEL: .type f2_1,@function
; CHECK-NEXT: .Ltmp0: ; CHECK-NEXT: .Ltmp0:
; CHECK-NEXT: nop ; CHECK-NEXT: nop
; CHECK-NEXT: f2_1: ; CHECK-NEXT: f2_1:
; CHECK-NEXT: .Lfunc_begin2: ; CHECK-NEXT: .Lfunc_begin2:
; CHECK-NEXT: .cfi_startproc ; CHECK-NEXT: .cfi_startproc
; CHECK-NEXT: // %bb.0: ; CHECK-NEXT: // %bb.0:
; CHECK-NEXT: hint #34 ; CHECK-NEXT: hint #34
; CHECK-NEXT: nop ; CHECK-NEXT: nop
; CHECK-NEXT: ret ; CHECK-NEXT: ret
; CHECK: .Lfunc_end2: ; CHECK: .Lfunc_end2:
; CHECK-NEXT: .size f2_1, .Lfunc_end2-f2_1 ; CHECK-NEXT: .size f2_1, .Lfunc_end2-f2_1
; CHECK: .section __patchable_function_entries,"awo",@progbits,f2_1{{$}} ; CHECK: .section __patchable_function_entries,"awo",@progbits,f2_1{{$}}
; CHECK-NEXT: .p2align 3 ; CHECK-NEXT: .p2align 3
; CHECK-NEXT: .xword .Ltmp0 ; CHECK-NEXT: .xword .Ltmp0
ret void ret void
} }
;; -fpatchable-function-entry=1 -mbranch-protection=bti ;; -fpatchable-function-entry=1 -mbranch-protection=bti
;; For M=0, don't create .Lpatch0 if the initial instruction is not BTI, ;; For M=0, don't create .Lpatch0 if the initial instruction is not BTI,
;; even if other basic blocks may have BTI. ;; even if other basic blocks may have BTI.
define internal void @f1i(i64 %v) "patchable-function-entry"="1" "branch-target-enforcement" { define internal void @f1i(i64 %v) "patchable-function-entry"="1" "branch-target-enforcement"="true" {
; CHECK-LABEL: f1i: ; CHECK-LABEL: f1i:
; CHECK-NEXT: .Lfunc_begin3: ; CHECK-NEXT: .Lfunc_begin3:
; CHECK: // %bb.0: ; CHECK: // %bb.0:
; CHECK-NEXT: nop ; CHECK-NEXT: nop
;; Other basic blocks have BTI, but they don't affect our decision to not create .Lpatch0 ;; Other basic blocks have BTI, but they don't affect our decision to not create .Lpatch0
; CHECK: .LBB{{.+}} // %sw.bb1 ; CHECK: .LBB{{.+}} // %sw.bb1
; CHECK-NEXT: hint #36 ; CHECK-NEXT: hint #36
; CHECK: .section __patchable_function_entries,"awo",@progbits,f1i{{$}} ; CHECK: .section __patchable_function_entries,"awo",@progbits,f1i{{$}}
Show All 25 Lines