[PATCH] D122783: [PowerPC] Mark side effects of Power9 darn instruction
Qiu Chaofan via Phabricator via llvm-commits
llvm-commits at lists.llvm.org
Wed Mar 30 23:54:47 PDT 2022
qiucf created this revision.
Herald added subscribers: shchenz, kbarton, hiraditya, nemanjai.
Herald added a project: All.
qiucf requested review of this revision.
Herald added a project: LLVM.
Herald added a subscriber: llvm-commits.
This fixes CVE-2019-15847 ( https://gcc.gnu.org/bugzilla/show_bug.cgi?id=91481 ).
For following case:
#include <stdio.h>
#include <stdint.h>
int main()
{
uint64_t darn[32];
for(size_t i = 0; i != 32; ++i)
darn[i] = __builtin_darn();
for(size_t i = 0; i != 32; ++i)
printf("%016lX\n", darn[i]);
return 0;
}
32 outputs are the same, however they should be different.
Repository:
rG LLVM Github Monorepo
https://reviews.llvm.org/D122783
Files:
llvm/include/llvm/IR/IntrinsicsPowerPC.td
llvm/lib/Target/PowerPC/PPCInstr64Bit.td
llvm/test/CodeGen/PowerPC/builtins-ppc-p9-darn.ll
Index: llvm/test/CodeGen/PowerPC/builtins-ppc-p9-darn.ll
===================================================================
--- llvm/test/CodeGen/PowerPC/builtins-ppc-p9-darn.ll
+++ llvm/test/CodeGen/PowerPC/builtins-ppc-p9-darn.ll
@@ -33,6 +33,18 @@
ret i32 %0
}
+define i64 @darn_side_effect() {
+; CHECK-LABEL: darn_side_effect:
+; CHECK: # %bb.0: # %entry
+; CHECK-NEXT: darn 3, 2
+; CHECK-NEXT: darn 3, 1
+; CHECK-NEXT: blr
+entry:
+ %0 = call i64 @llvm.ppc.darnraw()
+ %1 = call i64 @llvm.ppc.darn()
+ ret i64 %1
+}
+
declare i64 @llvm.ppc.darn()
declare i64 @llvm.ppc.darnraw()
declare i32 @llvm.ppc.darn32()
Index: llvm/lib/Target/PowerPC/PPCInstr64Bit.td
===================================================================
--- llvm/lib/Target/PowerPC/PPCInstr64Bit.td
+++ llvm/lib/Target/PowerPC/PPCInstr64Bit.td
@@ -1014,8 +1014,6 @@
def SETB8 : XForm_44<31, 128, (outs g8rc:$RT), (ins crrc:$BFA),
"setb $RT, $BFA", IIC_IntGeneral>, isPPC64;
}
-def DARN : XForm_45<31, 755, (outs g8rc:$RT), (ins u2imm:$L),
- "darn $RT, $L", IIC_LdStLD>, isPPC64;
def ADDPCIS : DXForm<19, 2, (outs g8rc:$RT), (ins i32imm:$D),
"addpcis $RT, $D", IIC_BrB, []>, isPPC64;
def MODSD : XForm_8<31, 777, (outs g8rc:$rT), (ins g8rc:$rA, g8rc:$rB),
@@ -1040,6 +1038,11 @@
[(set i64:$rD, (mul i64:$rA, imm64SExt16:$imm))]>;
}
+let hasSideEffects = 1 in {
+def DARN : XForm_45<31, 755, (outs g8rc:$RT), (ins u2imm:$L),
+ "darn $RT, $L", IIC_LdStLD>, isPPC64;
+}
+
let hasSideEffects = 0 in {
defm RLDIMI : MDForm_1r<30, 3, (outs g8rc:$rA),
(ins g8rc:$rSi, g8rc:$rS, u6imm:$SH, u6imm:$MBE),
Index: llvm/include/llvm/IR/IntrinsicsPowerPC.td
===================================================================
--- llvm/include/llvm/IR/IntrinsicsPowerPC.td
+++ llvm/include/llvm/IR/IntrinsicsPowerPC.td
@@ -63,11 +63,14 @@
// Generate a random number
def int_ppc_darn : GCCBuiltin<"__builtin_darn">,
- Intrinsic<[llvm_i64_ty], [], [IntrNoMem]>;
+ Intrinsic<[llvm_i64_ty], [],
+ [IntrNoMerge, IntrHasSideEffects]>;
def int_ppc_darnraw : GCCBuiltin<"__builtin_darn_raw">,
- Intrinsic<[llvm_i64_ty], [], [IntrNoMem]>;
+ Intrinsic<[llvm_i64_ty], [],
+ [IntrNoMerge, IntrHasSideEffects]>;
def int_ppc_darn32 : GCCBuiltin<"__builtin_darn_32">,
- Intrinsic<[llvm_i32_ty], [], [IntrNoMem]>;
+ Intrinsic<[llvm_i32_ty], [],
+ [IntrNoMerge, IntrHasSideEffects]>;
// Bit permute doubleword
def int_ppc_bpermd : GCCBuiltin<"__builtin_bpermd">,
-------------- next part --------------
A non-text attachment was scrubbed...
Name: D122783.419336.patch
Type: text/x-patch
Size: 2814 bytes
Desc: not available
URL: <http://lists.llvm.org/pipermail/llvm-commits/attachments/20220331/1a877683/attachment.bin>
More information about the llvm-commits
mailing list