[llvm] [AArch64][PAC] Combine signing with address materialization (PR #130809)
Oliver Hunt via llvm-commits
llvm-commits at lists.llvm.org
Wed Mar 26 15:09:57 PDT 2025
ojhunt wrote:
> > One thing I'd like to see is a test case that tries to induce an oracle using the intrinsics in C
>
> @ojhunt Do you suggest adding a real C source to `clang/test` or just adding LLVM IR emitted for C functions like these to LLVM tests introduced by this PR (and checking both MIR and final asm listing - among other things, this would check that dead instructions left by `EmitInstrWithCustomInserter` are eliminated down the pipeline)?
Yes, I was thinking a `clang/test` test, but maybe IR with intervening asm node would be sufficient? I don't know the IR well enough to know how hard it would be to get tests similar to my above pseudo-c :D
>
> > In an ideal world - out of scope for this change - I think we'd like to error out if we ever see a read from memory into an unauthenticated sign, or a spill and subsequent read of an authenticated value.
>
> IIUC there are a few cases when the former is valid - such as in a dynamic loader, so an opt-out machinery will be needed (such as maybe some function attribute).
Yeah, if we were to do something like this for generic loads (not just restore from spill) we'd probably want a new "trust me I know what I'm doing" signing intrinsic that is explicitly permitted to bypass such a guard. Note I'm not suggesting anything like this for this PR, it's very much a future work idea :D
https://github.com/llvm/llvm-project/pull/130809
More information about the llvm-commits
mailing list