[llvm-branch-commits] [llvm] [MTE] add stack frame history buffer (PR #86356)

Mon May 20 17:18:05 PDT 2024

https://github.com/fmayer updated https://github.com/llvm/llvm-project/pull/86356

>From a64c5d63a4df7f59845291ca0d634466713b1ff8 Mon Sep 17 00:00:00 2001
From: Florian Mayer <fmayer at google.com>
Date: Fri, 29 Mar 2024 16:53:52 -0700
Subject: [PATCH 1/6] update

Created using spr 1.3.4
---
 llvm/lib/Target/AArch64/AArch64StackTagging.cpp | 1 -
 1 file changed, 1 deletion(-)

diff --git a/llvm/lib/Target/AArch64/AArch64StackTagging.cpp b/llvm/lib/Target/AArch64/AArch64StackTagging.cpp
index a6e236386d5ba..6538abea83290 100644
--- a/llvm/lib/Target/AArch64/AArch64StackTagging.cpp
+++ b/llvm/lib/Target/AArch64/AArch64StackTagging.cpp
@@ -489,7 +489,6 @@ Instruction *AArch64StackTagging::insertBaseTaggedPointer(
 
     auto *IntptrTy = IRB.getIntPtrTy(M.getDataLayout());
     Value *SlotPtr = memtag::getAndroidSlotPtr(IRB, StackMteSlot);
-    SlotPtr->setName("TLS_SLOT_STACK_MTE");
     auto *ThreadLong = IRB.CreateLoad(IntptrTy, SlotPtr);
     Value *TaggedFP = IRB.CreateOr(
         memtag::getFP(IRB),

>From 8591fb38c7e065862a0814792a368e2983b8b10c Mon Sep 17 00:00:00 2001
From: Florian Mayer <fmayer at google.com>
Date: Mon, 29 Apr 2024 14:45:16 -0700
Subject: [PATCH 2/6] api lvl

Created using spr 1.3.4
---
 llvm/lib/Target/AArch64/AArch64StackTagging.cpp | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/llvm/lib/Target/AArch64/AArch64StackTagging.cpp b/llvm/lib/Target/AArch64/AArch64StackTagging.cpp
index 840635315eee0..e38cce94a5cc0 100644
--- a/llvm/lib/Target/AArch64/AArch64StackTagging.cpp
+++ b/llvm/lib/Target/AArch64/AArch64StackTagging.cpp
@@ -484,7 +484,7 @@ Instruction *AArch64StackTagging::insertBaseTaggedPointer(
   Base->setName("basetag");
   auto TargetTriple = Triple(M.getTargetTriple());
   if (ClRecordStackHistory == instr && TargetTriple.isAndroid() &&
-      TargetTriple.isAArch64() && !TargetTriple.isAndroidVersionLT(35)) {
+      TargetTriple.isAArch64() && !TargetTriple.isAndroidVersionLT(36)) {
     constexpr int StackMteSlot = -3;
     constexpr uint64_t TagMask = 0xFULL << 56;
 

>From 66fbd757608c44b04d64de3f058ce813b14706fe Mon Sep 17 00:00:00 2001
From: Florian Mayer <fmayer at google.com>
Date: Mon, 29 Apr 2024 16:00:09 -0700
Subject: [PATCH 3/6] hidden

Created using spr 1.3.4
---
 llvm/lib/Target/AArch64/AArch64StackTagging.cpp | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/llvm/lib/Target/AArch64/AArch64StackTagging.cpp b/llvm/lib/Target/AArch64/AArch64StackTagging.cpp
index e38cce94a5cc0..43d82a1234f7a 100644
--- a/llvm/lib/Target/AArch64/AArch64StackTagging.cpp
+++ b/llvm/lib/Target/AArch64/AArch64StackTagging.cpp
@@ -102,7 +102,7 @@ static cl::opt<RecordStackHistoryMode> ClRecordStackHistory(
     cl::values(clEnumVal(none, "Do not record stack ring history"),
                clEnumVal(instr, "Insert instructions into the prologue for "
                                 "storing into the stack ring buffer")),
-    cl::Hidden, cl::init(instr));
+    cl::Hidden, cl::init(none));
 
 static const Align kTagGranuleSize = Align(16);
 

>From 62c281253d2e5b38619b3395bcb5f0aa7cb3e8d8 Mon Sep 17 00:00:00 2001
From: Florian Mayer <fmayer at google.com>
Date: Mon, 6 May 2024 17:40:16 -0700
Subject: [PATCH 4/6] fp

Created using spr 1.3.4
---
 llvm/lib/Target/AArch64/AArch64FrameLowering.cpp | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/llvm/lib/Target/AArch64/AArch64FrameLowering.cpp b/llvm/lib/Target/AArch64/AArch64FrameLowering.cpp
index c86c98eed24f0..491a46e03b1d1 100644
--- a/llvm/lib/Target/AArch64/AArch64FrameLowering.cpp
+++ b/llvm/lib/Target/AArch64/AArch64FrameLowering.cpp
@@ -2497,7 +2497,8 @@ AArch64FrameLowering::getFrameIndexReference(const MachineFunction &MF, int FI,
   return resolveFrameIndexReference(
       MF, FI, FrameReg,
       /*PreferFP=*/
-      MF.getFunction().hasFnAttribute(Attribute::SanitizeHWAddress),
+      MF.getFunction().hasFnAttribute(Attribute::SanitizeHWAddress) ||
+          MF.getFunction().hasFnAttribute(Attribute::SanitizeMemTag),
       /*ForSimm=*/false);
 }
 

>From 79ec757be06ccfb2ed9ae744d945820a8c67fa49 Mon Sep 17 00:00:00 2001
From: Florian Mayer <fmayer at google.com>
Date: Mon, 20 May 2024 15:20:18 -0700
Subject: [PATCH 5/6] comment

Created using spr 1.3.4
---
 llvm/lib/Target/AArch64/AArch64StackTagging.cpp | 5 ++++-
 1 file changed, 4 insertions(+), 1 deletion(-)

diff --git a/llvm/lib/Target/AArch64/AArch64StackTagging.cpp b/llvm/lib/Target/AArch64/AArch64StackTagging.cpp
index 8d53fb1d4c14b..eab3a90e57e20 100644
--- a/llvm/lib/Target/AArch64/AArch64StackTagging.cpp
+++ b/llvm/lib/Target/AArch64/AArch64StackTagging.cpp
@@ -485,8 +485,11 @@ Instruction *AArch64StackTagging::insertBaseTaggedPointer(
   auto TargetTriple = Triple(M.getTargetTriple());
   // This is not a stable ABI for now, so only allow in dev builds with API
   // level 10000.
+  // The ThreadLong format is the same as with HWASan, but the entries for
+  // stack MTE take two slots (16 bytes).
   if (ClRecordStackHistory == instr && TargetTriple.isAndroid() &&
-      TargetTriple.isAArch64() && !TargetTriple.isAndroidVersionLT(10000)) {
+      TargetTriple.isAArch64() && !TargetTriple.isAndroidVersionLT(10000) &&
+      !AllocasToInstrument.empty()) {
     constexpr int StackMteSlot = -3;
     constexpr uint64_t TagMask = 0xFULL << 56;
 

>From 6e81792e4d5c246ec45f4660f293ea894be04c94 Mon Sep 17 00:00:00 2001
From: Florian Mayer <fmayer at google.com>
Date: Mon, 20 May 2024 17:17:52 -0700
Subject: [PATCH 6/6] codegen test

Created using spr 1.3.4
---
 .../CodeGen/AArch64/stack-tagging-prologue.ll    | 16 ++++++++++++++++
 1 file changed, 16 insertions(+)

diff --git a/llvm/test/CodeGen/AArch64/stack-tagging-prologue.ll b/llvm/test/CodeGen/AArch64/stack-tagging-prologue.ll
index 729ad28b0aed6..3f55f3cc9a2e2 100644
--- a/llvm/test/CodeGen/AArch64/stack-tagging-prologue.ll
+++ b/llvm/test/CodeGen/AArch64/stack-tagging-prologue.ll
@@ -1,5 +1,6 @@
 ; RUN: opt < %s -aarch64-stack-tagging -stack-tagging-use-stack-safety=0 -S -o - | FileCheck %s --check-prefixes=CHECK
 ; RUN: opt < %s -aarch64-stack-tagging -stack-tagging-use-stack-safety=0 -S -stack-tagging-record-stack-history=instr -o - | FileCheck %s --check-prefixes=INSTR
+; RUN llc -mattr=+mte -stack-tagging-use-stack-safety=0 -stack-tagging-record-stack-history=instr %s -o - | FileCheck %s --check-prefixes=ASMINSTR
 
 
 target datalayout = "e-m:e-i8:8:32-i16:16:32-i64:64-i128:128-n32:64-S128"
@@ -28,6 +29,7 @@ entry:
 ; CHECK:  [[TX:%.*]] = call ptr @llvm.aarch64.tagp.{{.*}}(ptr [[X]], ptr [[BASE]], i64 0)
 ; CHECK:  ret void
 
+; INSTR-LABEL: define void @OneVar(
 ; INSTR:  [[BASE:%.*]] = call ptr @llvm.aarch64.irg.sp(i64 0)
 ; INSTR:  [[TLS:%.*]] = call ptr @llvm.thread.pointer()
 ; INSTR:  [[TLS_SLOT:%.*]] = getelementptr i8, ptr [[TLS]], i32 -24
@@ -51,3 +53,17 @@ entry:
 ; INSTR:  [[X:%.*]] = alloca { i32, [12 x i8] }, align 16
 ; INSTR:  [[TX:%.*]] = call ptr @llvm.aarch64.tagp.{{.*}}(ptr [[X]], ptr [[BASE]], i64 0)
 ; INSTR:  [[PC:!.*]] = !{!"pc"}
+
+; ASMINSTR-LABEL: OneVar:
+; ASMINSTR:  mrs	[[TLS:x.*]], TPIDR_EL0
+; ASMINSTR:  irg	[[BASE:x.*]], sp
+; ASMINSTR:  adr	[[PC:x.*]], #0
+; ASMINSTR:  ldur	[[TLS_SLOT:x.*]], [[[TLS]], #-24]
+; ASMINSTR:  and	[[SP_TAG:x.*]], [[BASE]], #0xf00000000000000
+; ASMINSTR:  orr	[[TAGGED_FP]], x29, [[SP_TAG]]
+; ASMINSTR:  asr	[[TLS_SIZE:x.*]], [[TLS_SLOT]], #56
+; ASMINSTR:  add	[[NEXT_TLS_VALUE_BEFORE_WRAP:x.*]], [[TLS_SLOT]], #16
+; ASMINSTR:  stp	[[PC]], [[TAGGED_FP]], [[[TLS_SLOT]]]
+; ASMINSTR:  bic	[[NEXT_TLS_VALUE:x.*]], [[NEXT_TLS_VALUE_BEFORE_WRAP]], [[TLS_SIZE]], lsl #12
+; ASMINSTR:  stur	[[NEXT_TLS_VALUE]], [[[TLS]], #-24]
+; ASMINSTR:  stg	[[BASE]], [[[BASE]]]

