File: speculation-hardening-sls-blr.mir

package info (click to toggle)
swiftlang 6.1.3-2
  • links: PTS, VCS
  • area: main
  • in suites: forky, sid
  • size: 2,791,604 kB
  • sloc: cpp: 9,901,740; ansic: 2,201,431; asm: 1,091,827; python: 308,252; objc: 82,166; f90: 80,126; lisp: 38,358; pascal: 25,559; sh: 20,429; ml: 5,058; perl: 4,745; makefile: 4,484; awk: 3,535; javascript: 3,018; xml: 918; fortran: 664; cs: 573; ruby: 396
file content (59 lines) | stat: -rw-r--r-- 2,476 bytes parent folder | download | duplicates (10) 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
 
# RUN: llc -verify-machineinstrs -mtriple=aarch64-none-linux-gnu \
# RUN:     -start-before aarch64-sls-hardening \
# RUN:     -stop-after aarch64-sls-hardening -o - %s \
# RUN:   | FileCheck %s --check-prefixes=CHECK \
# RUN:                  --implicit-check-not=__llvm_slsblr_thunk_x7
# RUN: llc -verify-machineinstrs -mtriple=aarch64-none-linux-gnu \
# RUN:     -start-before aarch64-sls-hardening \
# RUN:     -asm-verbose=0 -o - %s \
# RUN:   | FileCheck %s --check-prefixes=ASM \
# RUN:                  --implicit-check-not=__llvm_slsblr_thunk_x7

# Check that the BLR SLS hardening transforms a BLR into a BL with operands as
# expected.
--- |
  @a = dso_local local_unnamed_addr global i32 (...)* null, align 8
  @b = dso_local local_unnamed_addr global i32 0, align 4

  define dso_local void @fn1() local_unnamed_addr "target-features"="+harden-sls-blr" {
  entry:
    %0 = load i32 ()*, i32 ()** bitcast (i32 (...)** @a to i32 ()**), align 8
    %call = tail call i32 %0() nounwind
    store i32 %call, i32* @b, align 4
    ret void
  }
...
---
name:            fn1
tracksRegLiveness: true
body:             |
  ; CHECK-LABEL: name: fn1
  bb.0.entry:
    liveins: $lr

    early-clobber $sp = frame-setup STRXpre killed $lr, $sp, -16 ; :: (store (s64) into %stack.0)
    frame-setup CFI_INSTRUCTION def_cfa_offset 16
    frame-setup CFI_INSTRUCTION offset $w30, -16
    renamable $x8 = ADRP target-flags(aarch64-page) @a
    renamable $x8 = LDRXui killed renamable $x8, target-flags(aarch64-pageoff, aarch64-nc) @a :: (dereferenceable load (s64) from `i32 ()** bitcast (i32 (...)** @a to i32 ()**)`)
    BLRNoIP killed renamable $x8, csr_aarch64_aapcs, implicit-def dead $lr, implicit $sp, implicit-def $sp, implicit-def $w0
  ; CHECK:  BL <mcsymbol __llvm_slsblr_thunk_x8>, csr_aarch64_aapcs, implicit-def dead $lr, implicit $sp, implicit-def $sp, implicit-def $w0, implicit killed $x8
    renamable $x8 = ADRP target-flags(aarch64-page) @b
    STRWui killed renamable $w0, killed renamable $x8, target-flags(aarch64-pageoff, aarch64-nc) @b :: (store (s32) into @b)
    early-clobber $sp, $lr = frame-destroy LDRXpost $sp, 16 ; :: (load (s64) from %stack.0)
    RET undef $lr


...

# CHECK: name: __llvm_slsblr_thunk_x8
#
# CHECK:       $x16 = ORRXrs $xzr, $x8, 0
# CHECK-NEXT:  BR $x16
# CHECK-NEXT:  SpeculationBarrierISBDSBEndBB

# ASM-LABEL: __llvm_slsblr_thunk_x8:
# ASM-NEXT:    mov x16, x8
# ASM-NEXT:    br  x16
# ASM-NEXT:    dsb sy
# ASM-NEXT:    isb