[llvm] r343969 - [AArch64][v8.5A] Don't create BR instructions in outliner when BTI enabled

Oliver Stannard via llvm-commits llvm-commits at lists.llvm.org
Mon Oct 8 07:12:08 PDT 2018 

Author: olista01
Date: Mon Oct  8 07:12:08 2018
New Revision: 343969

URL: http://llvm.org/viewvc/llvm-project?rev=343969&view=rev
Log:
[AArch64][v8.5A] Don't create BR instructions in outliner when BTI enabled

When branch target identification is enabled, we can only do indirect
tail-calls through x16 or x17. This means that the outliner can't
transform a BLR instruction at the end of an outlined region into a BR.

Differential revision: https://reviews.llvm.org/D52869


Added:
    llvm/trunk/test/CodeGen/AArch64/machine-outliner-bti.mir
Modified:
    llvm/trunk/lib/Target/AArch64/AArch64InstrInfo.cpp

Modified: llvm/trunk/lib/Target/AArch64/AArch64InstrInfo.cpp
URL: http://llvm.org/viewvc/llvm-project/llvm/trunk/lib/Target/AArch64/AArch64InstrInfo.cpp?rev=343969&r1=343968&r2=343969&view=diff
==============================================================================
--- llvm/trunk/lib/Target/AArch64/AArch64InstrInfo.cpp (original)
+++ llvm/trunk/lib/Target/AArch64/AArch64InstrInfo.cpp Mon Oct  8 07:12:08 2018
@@ -5084,6 +5084,13 @@ AArch64InstrInfo::getOutliningCandidateI
   unsigned FrameID = MachineOutlinerDefault;
   unsigned NumBytesToCreateFrame = 4;
 
+  bool HasBTI =
+      std::any_of(RepeatedSequenceLocs.begin(), RepeatedSequenceLocs.end(),
+                  [](outliner::Candidate &C) {
+                    return C.getMF()->getFunction().hasFnAttribute(
+                        "branch-target-enforcement");
+                  });
+
   // If the last instruction in any candidate is a terminator, then we should
   // tail call all of the candidates.
   if (RepeatedSequenceLocs[0].back()->isTerminator()) {
@@ -5092,7 +5099,8 @@ AArch64InstrInfo::getOutliningCandidateI
     SetCandidateCallInfo(MachineOutlinerTailCall, 4);
   }
 
-  else if (LastInstrOpcode == AArch64::BL || LastInstrOpcode == AArch64::BLR) {
+  else if (LastInstrOpcode == AArch64::BL ||
+           (LastInstrOpcode == AArch64::BLR && !HasBTI)) {
     // FIXME: Do we need to check if the code after this uses the value of LR?
     FrameID = MachineOutlinerThunk;
     NumBytesToCreateFrame = 0;

Added: llvm/trunk/test/CodeGen/AArch64/machine-outliner-bti.mir
URL: http://llvm.org/viewvc/llvm-project/llvm/trunk/test/CodeGen/AArch64/machine-outliner-bti.mir?rev=343969&view=auto
==============================================================================
--- llvm/trunk/test/CodeGen/AArch64/machine-outliner-bti.mir (added)
+++ llvm/trunk/test/CodeGen/AArch64/machine-outliner-bti.mir Mon Oct  8 07:12:08 2018
@@ -0,0 +1,44 @@
+# RUN: llc -mtriple=aarch64--- -run-pass=prologepilog -run-pass=machine-outliner -verify-machineinstrs %s -o - | FileCheck %s
+
+# AArch64 Branch Target Enforcement treats the BR and BLR indirect branch
+# instructions differently. The BLR instruction can only target a BTI C
+# instruction, and the BR instruction can only target a BTI J instruction. We
+# always start indirectly-called functions with BTI C, so the outliner must not
+# transform a BLR instruction into a BR instruction.
+
+# There is an exception to this: BR X16 and BR X17 can also target a BTI C
+# instruction. We make of this for general tail-calls (tested elsewhere), but
+# don't currently make use of this in the outliner.
+
+# CHECK-NOT: OUTLINED_FUNCTION_
+
+--- |
+  @g = hidden local_unnamed_addr global i32 0, align 4
+
+  define hidden void @bar(void ()* nocapture %f) "branch-target-enforcement" {
+  entry:
+    ret void
+  }
+
+  declare void @foo()
+...
+---
+name:            bar
+tracksRegLiveness: true
+body:             |
+  bb.0.entry:
+    liveins: $x20, $x21, $lr, $x19
+
+    HINT 34
+
+    STRWui renamable $w21, renamable $x20, target-flags(aarch64-pageoff, aarch64-nc) @g :: (store 4 into @g)
+    BLR renamable $x19, csr_aarch64_aapcs, implicit-def dead $lr, implicit $sp, implicit-def $sp
+
+    STRWui renamable $w21, renamable $x20, target-flags(aarch64-pageoff, aarch64-nc) @g :: (store 4 into @g)
+    BLR renamable $x19, csr_aarch64_aapcs, implicit-def dead $lr, implicit $sp, implicit-def $sp
+
+    STRWui killed renamable $w21, killed renamable $x20, target-flags(aarch64-pageoff, aarch64-nc) @g :: (store 4 into @g)
+    BLR killed renamable $x19, csr_aarch64_aapcs, implicit-def dead $lr, implicit $sp, implicit-def $sp
+
+    TCRETURNdi @foo, 0, csr_aarch64_aapcs, implicit $sp
+...

More information about the llvm-commits mailing list