[all-commits] [llvm/llvm-project] a8a2c6: [BOLT] Gadget scanner: fix LR to be safe in leaf f...
Anatoly Trosinenko via All-commits
all-commits at lists.llvm.org
Wed Jun 25 03:11:45 PDT 2025
Branch: refs/heads/main
Home: https://github.com/llvm/llvm-project
Commit: a8a2c6fa882d8e3956cd189ff9f654bf91ced4b1
https://github.com/llvm/llvm-project/commit/a8a2c6fa882d8e3956cd189ff9f654bf91ced4b1
Author: Anatoly Trosinenko <atrosinenko at accesssoftek.com>
Date: 2025-06-25 (Wed, 25 Jun 2025)
Changed paths:
M bolt/lib/Passes/PAuthGadgetScanner.cpp
M bolt/test/binary-analysis/AArch64/gs-pacret-autiasp.s
M bolt/test/binary-analysis/AArch64/gs-pauth-authentication-oracles.s
M bolt/test/binary-analysis/AArch64/gs-pauth-debug-output.s
M bolt/test/binary-analysis/AArch64/gs-pauth-signing-oracles.s
Log Message:
-----------
[BOLT] Gadget scanner: fix LR to be safe in leaf functions without CFG (#141824)
After a label in a function without CFG information, use a reasonably
pessimistic estimation of register state (assume that any register that
can be clobbered in this function was actually clobbered) instead of the
most pessimistic "all registers are unsafe". This is the same estimation
as used by the dataflow variant of the analysis when the preceding
instruction is not known for sure.
Without this, leaf functions without CFG information are likely to have
false positive reports about non-protected return instructions, as
1) LR is unlikely to be signed and authenticated in a leaf function and
2) LR is likely to be used by a return instruction near the end of the
function and
3) the register state is likely to be reset at least once during the
linear scan through the function
To unsubscribe from these emails, change your notification settings at https://github.com/llvm/llvm-project/settings/notifications
More information about the All-commits
mailing list