[all-commits] [llvm/llvm-project] 7af2b5: [AArch64][v8.5A] Omit BTI for non-addr-taken stati...

Simon Tatham via All-commits all-commits at lists.llvm.org
Tue Apr 8 03:44:35 PDT 2025 

  Branch: refs/heads/main
  Home:   https://github.com/llvm/llvm-project
  Commit: 7af2b51e761f49974a64c3009882239cea618f2a
      https://github.com/llvm/llvm-project/commit/7af2b51e761f49974a64c3009882239cea618f2a
  Author: Simon Tatham <simon.tatham at arm.com>
  Date:   2025-04-08 (Tue, 08 Apr 2025)

  Changed paths:
    M llvm/lib/Target/AArch64/AArch64BranchTargets.cpp
    M llvm/test/CodeGen/AArch64/patchable-function-entry-bti.ll

  Log Message:
  -----------
  [AArch64][v8.5A] Omit BTI for non-addr-taken static fns on Linux (#134669)

This is a conditional revert of cca40aa8d8aa732, which made LLVM's
branch-target-enforcement mode generate BTI at the start of _every_
function, even in the case where the function has internal linkage and
its address is never taken for use in an indirect call.

The rationale was that it might turn out at link time that a direct call
to the function spanned a larger distance than the range of a BL
instruction (say, if the translation unit generated multiple code
sections and the linker put them a very long way apart). Then the linker
might insert a long-branch thunk using an indirect call instruction.

SYSVABI64 has now clarified that in this situation the static linker may
not assume that the target function is safe to call directly. If it
needs to use this strategy, it's responsible for also generating a
'landing pad' near the target function, with a BTI followed by a direct
branch, and using that as the target of the long-distance indirect call.

https://github.com/ARM-software/abi-aa/commit/606ce44fe4d3419c15cd9ed598f18fb5d520fcfc

LLD complies with this spec as of commit 098b0d18add97de.

So if we're compiling in a mode that respects SYSVABI64, such as
targeting Linux, it's safe to leave out the BTI at the start of a
function with internal linkage if we can prove that its address isn't
either used in an indirect call in _this_ translation unit or passed out
of the object.

Therefore, this patch goes back to the behavior before cca40aa8d8aa732,
leaving out BTIs in functions that can't be called indirectly, but only
if the target triple is Linux. (I wasn't able to find a more precise
query for "is this a SYSVABI64-compliant platform?", but Linux certainly
is, and this check at least fails in the safe direction - if in doubt,
we put in all the BTIs that might be necessary.)



To unsubscribe from these emails, change your notification settings at https://github.com/llvm/llvm-project/settings/notifications

More information about the All-commits mailing list