shylie/llvm-project
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

[BOLT][AArch64] Allow binary-analysis and heatmap tool to run with pac-ret binaries (#136664)

Browse Source 
OpNegateRAState support is only needed for tools that produce binaries.
This commit is contained in:
Gergely Bálint 2025-04-30 14:41:11 +02:00 committed by GitHub
parent 1180740ced
commit 5b20b5721a
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
2 changed files with 23 additions and 9 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
bolt/docs/BinaryAnalysis.md
View File

@ -180,12 +180,6 @@ The following are current known cases of false negatives:
[prototype branch](
https://github.com/llvm/llvm-project/compare/main...kbeyls:llvm-project:bolt-gadget-scanner-prototype).
BOLT cannot currently handle functions with `cfi_negate_ra_state` correctly,
i.e. any binaries built with `-mbranch-protection=pac-ret`. The scanner is meant
to be used on specifically such binaries, so this is a major limitation! Work is
going on in PR [#120064](https://github.com/llvm/llvm-project/pull/120064) to
fix this.
## How to add your own binary analysis
_TODO: this section needs to be written. Ideally, we should have a simple

26
bolt/lib/Core/BinaryFunction.cpp
View File

@ -65,6 +65,8 @@ extern cl::opt<bool> StrictMode;
extern cl::opt<bool> UpdateDebugSections;
extern cl::opt<unsigned> Verbosity;
extern bool BinaryAnalysisMode;
extern bool HeatmapMode;
extern bool processAllFunctions();
static cl::opt<bool> CheckEncoding(
@ -2760,13 +2762,19 @@ private:
}
case MCCFIInstruction::OpAdjustCfaOffset:
case MCCFIInstruction::OpWindowSave:
case MCCFIInstruction::OpNegateRAState:
case MCCFIInstruction::OpNegateRAStateWithPC:
case MCCFIInstruction::OpLLVMDefAspaceCfa:
case MCCFIInstruction::OpLabel:
case MCCFIInstruction::OpValOffset:
llvm_unreachable("unsupported CFI opcode");
break;
case MCCFIInstruction::OpNegateRAState:
if (!(opts::BinaryAnalysisMode || opts::HeatmapMode)) {
llvm_unreachable("BOLT-ERROR: binaries using pac-ret hardening (e.g. "
"as produced by '-mbranch-protection=pac-ret') are "
"currently not supported by BOLT.");
}
break;
case MCCFIInstruction::OpRememberState:
case MCCFIInstruction::OpRestoreState:
case MCCFIInstruction::OpGnuArgsSize:
@ -2900,13 +2908,19 @@ struct CFISnapshotDiff : public CFISnapshot {
return CFAReg == Instr.getRegister() && CFAOffset == Instr.getOffset();
case MCCFIInstruction::OpAdjustCfaOffset:
case MCCFIInstruction::OpWindowSave:
case MCCFIInstruction::OpNegateRAState:
case MCCFIInstruction::OpNegateRAStateWithPC:
case MCCFIInstruction::OpLLVMDefAspaceCfa:
case MCCFIInstruction::OpLabel:
case MCCFIInstruction::OpValOffset:
llvm_unreachable("unsupported CFI opcode");
return false;
case MCCFIInstruction::OpNegateRAState:
if (!(opts::BinaryAnalysisMode || opts::HeatmapMode)) {
llvm_unreachable("BOLT-ERROR: binaries using pac-ret hardening (e.g. "
"as produced by '-mbranch-protection=pac-ret') are "
"currently not supported by BOLT.");
}
break;
case MCCFIInstruction::OpRememberState:
case MCCFIInstruction::OpRestoreState:
case MCCFIInstruction::OpGnuArgsSize:
@ -3051,13 +3065,19 @@ BinaryFunction::unwindCFIState(int32_t FromState, int32_t ToState,
break;
case MCCFIInstruction::OpAdjustCfaOffset:
case MCCFIInstruction::OpWindowSave:
case MCCFIInstruction::OpNegateRAState:
case MCCFIInstruction::OpNegateRAStateWithPC:
case MCCFIInstruction::OpLLVMDefAspaceCfa:
case MCCFIInstruction::OpLabel:
case MCCFIInstruction::OpValOffset:
llvm_unreachable("unsupported CFI opcode");
break;
case MCCFIInstruction::OpNegateRAState:
if (!(opts::BinaryAnalysisMode || opts::HeatmapMode)) {
llvm_unreachable("BOLT-ERROR: binaries using pac-ret hardening (e.g. "
"as produced by '-mbranch-protection=pac-ret') are "
"currently not supported by BOLT.");
}
break;
case MCCFIInstruction::OpGnuArgsSize:
// do not affect CFI state
break;