gas: aarch64: testsuite: add new tests for SCFI

Similar to the x86_64 testcases, some .s files contain the corresponding CFI directives. This helps in validating the synthesized CFI by running those tests with and without the --scfi=experimental command line option. GAS issues some diagnostics, enabled by default, with --scfi=experimental. The diagnostics have been added with an intent to help user correct inadvertent errors in their hand-written asm. An error is issued when GAS finds that input asm is not amenable to accurate CFI synthesis. The existing scfi-diag-*.s tests in the gas/testsuite/gas/scfi/x86_64 directory test some SCFI diagnostics already: - (#1) "Warning: SCFI: Asymetrical register restore" - (#2) "Error: SCFI: usage of REG_FP as scratch not supported" - (#3) "Error: SCFI: unsupported stack manipulation pattern" - (#4) "Error: untraceable control flow for func 'XXX'" In the newly added aarch64 testsuite, further tests for additional diagnostics have been added: - scfi-diag-1.s in this patch highlights an aarch64-specific diagnostic: (#5) "Warning: SCFI: ignored probable save/restore op with reg offset" Additionally, some testcases are added to showcase the (currently) unsupported patterns, e.g., scfi-unsupported-1.s mov x16, 4384 sub sp, sp, x16 gas/testsuite/: * gas/scfi/README: Update comment to include aarch64. * gas/scfi/aarch64/scfi-aarch64.exp: New file. * gas/scfi/aarch64/ginsn-arith-1.l: New test. * gas/scfi/aarch64/ginsn-arith-1.s: New test. * gas/scfi/aarch64/ginsn-cofi-1.l: New test. * gas/scfi/aarch64/ginsn-cofi-1.s: New test. * gas/scfi/aarch64/ginsn-ldst-1.l: New test. * gas/scfi/aarch64/ginsn-ldst-1.s: New test. * gas/scfi/aarch64/scfi-callee-saved-fp-1.d: New test. * gas/scfi/aarch64/scfi-callee-saved-fp-1.l: New test. * gas/scfi/aarch64/scfi-callee-saved-fp-1.s: New test. * gas/scfi/aarch64/scfi-callee-saved-fp-2.d: New test. * gas/scfi/aarch64/scfi-callee-saved-fp-2.l: New test. * gas/scfi/aarch64/scfi-callee-saved-fp-2.s: New test. * gas/scfi/aarch64/scfi-cb-1.d: New test. * gas/scfi/aarch64/scfi-cb-1.l: New test. * gas/scfi/aarch64/scfi-cb-1.s: New test. * gas/scfi/aarch64/scfi-cfg-1.d: New test. * gas/scfi/aarch64/scfi-cfg-1.l: New test. * gas/scfi/aarch64/scfi-cfg-1.s: New test. * gas/scfi/aarch64/scfi-cfg-2.d: New test. * gas/scfi/aarch64/scfi-cfg-2.l: New test. * gas/scfi/aarch64/scfi-cfg-2.s: New test. * gas/scfi/aarch64/scfi-cfg-3.d: New test. * gas/scfi/aarch64/scfi-cfg-3.l: New test. * gas/scfi/aarch64/scfi-cfg-3.s: New test. * gas/scfi/aarch64/scfi-cfg-4.l: New test. * gas/scfi/aarch64/scfi-cfg-4.s: New test. * gas/scfi/aarch64/scfi-cond-br-1.d: New test. * gas/scfi/aarch64/scfi-cond-br-1.l: New test. * gas/scfi/aarch64/scfi-cond-br-1.s: New test. * gas/scfi/aarch64/scfi-diag-1.l: New test. * gas/scfi/aarch64/scfi-diag-1.s: New test. * gas/scfi/aarch64/scfi-diag-2.l: New test. * gas/scfi/aarch64/scfi-diag-2.s: New test. * gas/scfi/aarch64/scfi-diag-3.l: New test. * gas/scfi/aarch64/scfi-diag-3.s: New test. * gas/scfi/aarch64/scfi-ldrp-1.d: New test. * gas/scfi/aarch64/scfi-ldrp-1.l: New test. * gas/scfi/aarch64/scfi-ldrp-1.s: New test. * gas/scfi/aarch64/scfi-ldrp-2.d: New test. * gas/scfi/aarch64/scfi-ldrp-2.l: New test. * gas/scfi/aarch64/scfi-ldrp-2.s: New test. * gas/scfi/aarch64/scfi-ldstnap-1.d: New test. * gas/scfi/aarch64/scfi-ldstnap-1.l: New test. * gas/scfi/aarch64/scfi-ldstnap-1.s: New test. * gas/scfi/aarch64/scfi-strp-1.d: New test. * gas/scfi/aarch64/scfi-strp-1.l: New test. * gas/scfi/aarch64/scfi-strp-1.s: New test. * gas/scfi/aarch64/scfi-strp-2.d: New test. * gas/scfi/aarch64/scfi-strp-2.l: New test. * gas/scfi/aarch64/scfi-strp-2.s: New test. * gas/scfi/aarch64/scfi-unsupported-1.l: New test. * gas/scfi/aarch64/scfi-unsupported-1.s: New test. * gas/scfi/aarch64/scfi-unsupported-2.l: New test. * gas/scfi/aarch64/scfi-unsupported-2.s: New test.
MediaTek-Labs · Jul 19, 2024 · 0331cd9 · 0331cd9
1 parent 29085f7
commit 0331cd9
Show file tree

Hide file tree

Showing 59 changed files with 1,501 additions and 1 deletion.
diff --git a/gas/testsuite/gas/scfi/README b/gas/testsuite/gas/scfi/README
@@ -1,6 +1,6 @@
 Notes on the SCFI testsuite in GAS:
 
-* At this time, SCFI machinery is only supported for x86_64.
+* At this time, SCFI machinery is only supported for x86_64 and aarch64.
 
 * When adding more core SCFI tests (scfi-* tests), please keep CFI
   annotations updated in the .s files.  Ideally the test should be run with and

diff --git a/gas/testsuite/gas/scfi/aarch64/ginsn-arith-1.l b/gas/testsuite/gas/scfi/aarch64/ginsn-arith-1.l
@@ -0,0 +1,40 @@
+.*: Assembler messages:
+.*:13: Error: SCFI: unsupported stack manipulation pattern
+.*:19: Error: SCFI: forward pass failed for func 'foo'
+
+AARCH64 GAS  .*
+
+
+   1              	# Testcase for a variety of arith instructions
+   2              		.text
+   3              		.align  2
+   4              		.global foo
+   5              		.type   foo, %function
+   5              	ginsn: SYM FUNC_BEGIN
+   6              	foo:
+   6              	ginsn: SYM foo
+   7 \?\?\?\? FF830091 		add     sp, sp, 32
+   7              	ginsn: ADD %r31, 32, %r31
+   8 \?\?\?\? FD5B21B1 		adds    x29, sp, 2134
+   8              	ginsn: ADD %r31, 2134, %r29
+   9 \?\?\?\? FF8300D1 		sub     sp, sp, 32
+   9              	ginsn: SUB %r31, 32, %r31
+  10 \?\?\?\? FD5B21F1 		subs    x29, sp, 2134
+  10              	ginsn: SUB %r31, 2134, %r29
+  11 \?\?\?\? FD63228B 		add     x29, sp, x2
+  11              	ginsn: ADD %r31, %r2, %r29
+  12 \?\?\?\? FD6323CB 		sub     x29, sp, x3
+  12              	ginsn: SUB %r31, %r3, %r29
+  13 \?\?\?\? BF63238B 		add     sp, x29, x3
+  13              	ginsn: ADD %r29, %r3, %r31
+  14 \?\?\?\? BF6322CB 		sub     sp, x29, x2
+  14              	ginsn: SUB %r29, %r2, %r31
+  15 \?\?\?\? 1F48220B 		add     wsp, w0, w2, lsl 2
+  15              	ginsn: OTH 0, 0, %r31
+  16 \?\?\?\? A4C0228B 		add     x4, x5, x2, sxtw
+  17 \?\?\?\? BFC0228B 		add     sp, x5, x2, sxtw
+  17              	ginsn: OTH 0, 0, %r31
+  18 \?\?\?\? C0035FD6 		ret
+  18              	ginsn: RET
+  19              		.size   foo, .-foo
+  19              	ginsn: SYM FUNC_END
diff --git a/gas/testsuite/gas/scfi/aarch64/ginsn-arith-1.s b/gas/testsuite/gas/scfi/aarch64/ginsn-arith-1.s
@@ -0,0 +1,19 @@
+# Testcase for a variety of arith instructions
+	.text
+	.align  2
+	.global foo
+	.type   foo, %function
+foo:
+	add     sp, sp, 32
+	adds    x29, sp, 2134
+	sub     sp, sp, 32
+	subs    x29, sp, 2134
+	add     x29, sp, x2
+	sub     x29, sp, x3
+	add     sp, x29, x3
+	sub     sp, x29, x2
+	add     wsp, w0, w2, lsl 2
+	add     x4, x5, x2, sxtw
+	add     sp, x5, x2, sxtw
+	ret
+	.size   foo, .-foo
diff --git a/gas/testsuite/gas/scfi/aarch64/ginsn-cofi-1.l b/gas/testsuite/gas/scfi/aarch64/ginsn-cofi-1.l
@@ -0,0 +1,30 @@
+.*: Assembler messages:
+.*:16: Error: untraceable control flow for func 'foo'
+
+AARCH64 GAS  .*
+
+   1              	# Testcase for a variety of change of flow instructions
+   2              	# Because some of these are indirect branches, SCFI will bail out
+   3              	# with an error.  This test merely checks that the ginsn creation
+   4              	# process can handle these insns gracefully.
+   5              		.text
+   6              		.align  2
+   7              		.global foo
+   8              		.type   foo, %function
+   8              	ginsn: SYM FUNC_BEGIN
+   9              	foo:
+   9              	ginsn: SYM foo
+  10 \?\?\?\? 00000094 		bl      dump_bt
+  10              	ginsn: CALL
+  11 \?\?\?\? 02000014 		b       .L3
+  11              	ginsn: JMP 
+  12 \?\?\?\? 20021FD6 		br      x17
+  12              	ginsn: JMP %r17, 
+  13              	.L3:
+  13              	ginsn: SYM .L3
+  14 \?\?\?\? 60003FD6 		blr     x3
+  14              	ginsn: CALL
+  15 \?\?\?\? C0035FD6 		ret
+  15              	ginsn: RET
+  16              		.size   foo, .-foo
+  16              	ginsn: SYM FUNC_END
diff --git a/gas/testsuite/gas/scfi/aarch64/ginsn-cofi-1.s b/gas/testsuite/gas/scfi/aarch64/ginsn-cofi-1.s
@@ -0,0 +1,16 @@
+# Testcase for a variety of change of flow instructions
+# Because some of these are indirect branches, SCFI will bail out
+# with an error.  This test merely checks that the ginsn creation
+# process can handle these insns gracefully.
+	.text
+	.align  2
+	.global foo
+	.type   foo, %function
+foo:
+	bl      dump_bt
+	b       .L3
+	br      x17
+.L3:
+	blr     x3
+	ret
+	.size   foo, .-foo
diff --git a/gas/testsuite/gas/scfi/aarch64/ginsn-ldst-1.l b/gas/testsuite/gas/scfi/aarch64/ginsn-ldst-1.l
@@ -0,0 +1,101 @@
+AARCH64 GAS  .*
+
+   1              	# Testcase for a variety of ld st instructions.
+   2              	# stg ops must generate the sp update arithmetic insn, when applicable
+   3              	# due to writeback.
+   4              		.text
+   5              		.align  2
+   6              		.global foo
+   7              		.type   foo, %function
+   7              	ginsn: SYM FUNC_BEGIN
+   8              	foo:
+   8              	ginsn: SYM foo
+   9              	# ldstpair_indexed
+  10 0000 FF7F8629 		stp     wzr, wzr, \[sp, 48\]!
+  10              	ginsn: ADD %r31, 48, %r31
+  11 0004 E00782A9 		stp     x0, x1, \[sp, 32\]!
+  11              	ginsn: ADD %r31, 32, %r31
+  11              	ginsn: STORE %r0, \[%r31\+0\]
+  11              	ginsn: STORE %r1, \[%r31\+8\]
+  12 0008 E827BC6D 		stp     d8, d9, \[sp, -64\]!
+  12              	ginsn: ADD %r31, -64, %r31
+  12              	ginsn: STORE %r72, \[%r31\+0\]
+  12              	ginsn: STORE %r73, \[%r31\+8\]
+  13 000c E827C46C 		ldp     d8, d9, \[sp\], 64
+  13              	ginsn: LOAD \[%r31\+0\], %r72
+  13              	ginsn: LOAD \[%r31\+8\], %r73
+  13              	ginsn: ADD %r31, 64, %r31
+  14              	# 32-bit FP regs
+  15 0010 E51BB42D 		stp     s5, s6, \[sp, -96\]!
+  15              	ginsn: ADD %r31, -96, %r31
+  16 0014 E51BCC2C 		ldp     s5, s6, \[sp\], 96
+  16              	ginsn: ADD %r31, 96, %r31
+  17              	# 32-bit INT regs
+  18 0018 E10BB029 		stp     w1, w2, \[sp, -128\]!
+  18              	ginsn: ADD %r31, -128, %r31
+  19 001c E10BD028 		ldp     w1, w2, \[sp\], 128
+  19              	ginsn: ADD %r31, 128, %r31
+  20              	# ldstpair_off
+  21 0020 E00702AD 		stp     q0, q1, \[sp, 64\]
+  21              	ginsn: STORE %r64, \[%r31\+64\]
+  21              	ginsn: STORE %r65, \[%r31\+80\]
+  22 0024 FF7F0629 		stp     wzr, wzr, \[sp, 48\]
+  23 0028 1F7840AD 		ldp     q31, q30, \[x0\]
+  23              	ginsn: LOAD \[%r0\+0\], %r95
+  23              	ginsn: LOAD \[%r0\+16\], %r94
+  24 002c FF4F01A9 	        stp     xzr, x19, \[sp, 16\]
+  24              	ginsn: STORE %r19, \[%r31\+24\]
+  25 0030 F37F01A9 	        stp     x19, xzr, \[sp, 16\]
+  25              	ginsn: STORE %r19, \[%r31\+16\]
+  26              	# ldst_imm9
+  27 0034 E78F4F38 		ldrb    w7, \[sp, 248\]!
+  27              	ginsn: ADD %r31, 248, %r31
+  28 0038 FD0FC33C 		ldr     q29, \[sp, 48\]!
+  28              	ginsn: ADD %r31, 48, %r31
+  28              	ginsn: LOAD \[%r31\+0\], %r93
+  29 003c FF0F42B8 		ldr     wzr, \[sp, 32\]!
+  29              	ginsn: ADD %r31, 32, %r31
+  30 0040 E30742F8 		ldr     x3, \[sp\], 32
+  30              	ginsn: LOAD \[%r31\+0\], %r3
+AARCH64 GAS  .*
+
+
+  30              	ginsn: ADD %r31, 32, %r31
+  31              	# 32-bit ldr
+  32 0044 E10744BC 		ldr     s1, \[sp\], 64
+  32              	ginsn: ADD %r31, 64, %r31
+  33              	# ldst_pos
+  34 0048 FF3340B9 		ldr     wzr, \[sp, 48\]
+  35 004c FD1300F9 		str     x29, \[sp, 32\]
+  35              	ginsn: STORE %r29, \[%r31\+32\]
+  36 0050 FD1340F9 		ldr     x29, \[sp, 32\]
+  36              	ginsn: LOAD \[%r31\+32\], %r29
+  37              	# store tag
+  38 0054 FF2F20D9 		stg     sp, \[sp, 32\]!
+  38              	ginsn: ADD %r31, 32, %r31
+  39              	# store tag pair
+  40 0058 FBF38169 		stgp    x27, x28, \[sp, 48\]!
+  40              	ginsn: ADD %r31, 48, %r31
+  41              	# ldpsw / ldrsw
+  42 005c F353E069 		ldpsw   x19, x20, \[sp, -256\]!
+  42              	ginsn: ADD %r31, -256, %r31
+  43 0060 F50F98B8 		ldrsw   x21, \[sp, -128\]!
+  43              	ginsn: ADD %r31, -128, %r31
+  44              	# ldrsb / ldrsh
+  45 0064 F70F9938 		ldrsb   x23, \[sp, -112\]!
+  45              	ginsn: ADD %r31, -112, %r31
+  46 0068 F88F9978 		ldrsh   x24, \[sp, -104\]!
+  46              	ginsn: ADD %r31, -104, %r31
+  47              	# ldrb / ldrh / strb / strh
+  48 006c F90F5A38 		ldrb    w25, \[sp, -96\]!
+  48              	ginsn: ADD %r31, -96, %r31
+  49 0070 FA8F5A78 		ldrh    w26, \[sp, -88\]!
+  49              	ginsn: ADD %r31, -88, %r31
+  50 0074 F90F1A38 		strb    w25, \[sp, -96\]!
+  50              	ginsn: ADD %r31, -96, %r31
+  51 0078 FA8F1A78 		strh    w26, \[sp, -88\]!
+  51              	ginsn: ADD %r31, -88, %r31
+  52 007c C0035FD6 		ret
+  52              	ginsn: RET
+  53              		.size   foo, .-foo
+  53              	ginsn: SYM FUNC_END
diff --git a/gas/testsuite/gas/scfi/aarch64/ginsn-ldst-1.s b/gas/testsuite/gas/scfi/aarch64/ginsn-ldst-1.s
@@ -0,0 +1,53 @@
+# Testcase for a variety of ld st instructions.
+# stg ops must generate the sp update arithmetic insn, when applicable
+# due to writeback.
+	.text
+	.align  2
+	.global foo
+	.type   foo, %function
+foo:
+# ldstpair_indexed
+	stp     wzr, wzr, [sp, 48]!
+	stp     x0, x1, [sp, 32]!
+	stp     d8, d9, [sp, -64]!
+	ldp     d8, d9, [sp], 64
+# 32-bit FP regs
+	stp     s5, s6, [sp, -96]!
+	ldp     s5, s6, [sp], 96
+# 32-bit INT regs
+	stp     w1, w2, [sp, -128]!
+	ldp     w1, w2, [sp], 128
+# ldstpair_off
+	stp     q0, q1, [sp, 64]
+	stp     wzr, wzr, [sp, 48]
+	ldp     q31, q30, [x0]
+        stp     xzr, x19, [sp, 16]
+        stp     x19, xzr, [sp, 16]
+# ldst_imm9
+	ldrb    w7, [sp, 248]!
+	ldr     q29, [sp, 48]!
+	ldr     wzr, [sp, 32]!
+	ldr     x3, [sp], 32
+# 32-bit ldr
+	ldr     s1, [sp], 64
+# ldst_pos
+	ldr     wzr, [sp, 48]
+	str     x29, [sp, 32]
+	ldr     x29, [sp, 32]
+# store tag
+	stg     sp, [sp, 32]!
+# store tag pair
+	stgp    x27, x28, [sp, 48]!
+# ldpsw / ldrsw
+	ldpsw   x19, x20, [sp, -256]!
+	ldrsw   x21, [sp, -128]!
+# ldrsb / ldrsh
+	ldrsb   x23, [sp, -112]!
+	ldrsh   x24, [sp, -104]!
+# ldrb / ldrh / strb / strh
+	ldrb    w25, [sp, -96]!
+	ldrh    w26, [sp, -88]!
+	strb    w25, [sp, -96]!
+	strh    w26, [sp, -88]!
+	ret
+	.size   foo, .-foo
diff --git a/gas/testsuite/gas/scfi/aarch64/ginsn-misc-1.l b/gas/testsuite/gas/scfi/aarch64/ginsn-misc-1.l
@@ -0,0 +1,48 @@
+.*: Assembler messages:
+.*:13: Error: SCFI: unsupported stack manipulation pattern
+.*:33: Error: SCFI: forward pass failed for func 'foo'
+
+AARCH64 GAS  .*
+
+
+   1              	# Testcase for a variety of misc instructions.
+   2              	# Ensure graceful handling, irrespective of ginsn generation.
+   3              	# - ldrsw, ldpsw ops need a mention: they are 32-bit loads from memory
+   4              	#   and cannot be used for reg restore.  For CFI purposes, the width has to be
+   5              	#   8 bytes or more. Expect no memory ginsn ever as ginsn do not track width
+   6              	#   of memory accesses yet.
+   7              	symbol:
+   8 \?\?\?\? 7700     		.string "w"
+   9              	
+  10              		.type   foo, %function
+  10              	ginsn: SYM FUNC_BEGIN
+  11              	foo:
+  11              	ginsn: SYM foo
+  12 \?\?\?\? 00000000 		adrp    x0, symbol
+  12      0090
+  13 \?\?\?\? 1F000091 		add     sp, x0, :lo12:symbol
+  13              	ginsn: OTH 0, 0, %r31
+  14 \?\?\?\? 2000A0F2 		movk    x0, 0x1, lsl 16
+  15 \?\?\?\? E10380F9 		prfm    PLDL1STRM, \[sp\]
+  16 \?\?\?\? E013DF9A 		irg     x0, sp
+  17 \?\?\?\? 000820D9 		stg     x0, \[x0\]
+  18 \?\?\?\? F5DB3C69 		stgp    x21, x22, \[sp, -112\]
+  19 \?\?\?\? E03FBF91 		addg    x0, sp, #0x3f0, #0xf
+  20 \?\?\?\? 1F3CAA91 		addg    sp, x0, #0x2a0, #0xf
+  20              	ginsn: OTH 0, 0, %r31
+  21 \?\?\?\? F4577069 		ldpsw   x20, x21, \[sp, -128\]
+  22 \?\?\?\? F3534069 	        ldpsw   x19, x20, \[sp\]
+  23 \?\?\?\? 9B0080B9 	        ldrsw   x27, \[x4\]
+  24 \?\?\?\? F4038039 		ldrsb   x20, \[sp\]
+  25 \?\?\?\? F4038079 		ldrsh   x20, \[sp\]
+  26              	# Test a few insn with wzr / xzr
+  27 \?\?\?\? 3F0480D2 	        mov     xzr, 33
+  28 \?\?\?\? E0031FAA 	        mov     x0, xzr
+  29 \?\?\?\? 1F00018B 	        add     xzr, x0, x1
+  30 \?\?\?\? 3F603F8B 	        add     sp, x1, xzr
+  30              	ginsn: ADD %r1, %r31, %r31
+  31 \?\?\?\? FF031F8B 		add     xzr, xzr, xzr
+  32 \?\?\?\? C0035FD6 		ret
+  32              	ginsn: RET
+  33              		.size   foo,.-foo
+  33              	ginsn: SYM FUNC_END
diff --git a/gas/testsuite/gas/scfi/aarch64/ginsn-misc-1.s b/gas/testsuite/gas/scfi/aarch64/ginsn-misc-1.s
@@ -0,0 +1,33 @@
+# Testcase for a variety of misc instructions.
+# Ensure graceful handling, irrespective of ginsn generation.
+# - ldrsw, ldpsw ops need a mention: they are 32-bit loads from memory
+#   and cannot be used for reg restore.  For CFI purposes, the width has to be
+#   8 bytes or more. Expect no memory ginsn ever as ginsn do not track width
+#   of memory accesses yet.
+symbol:
+	.string "w"
+
+	.type   foo, %function
+foo:
+	adrp    x0, symbol
+	add     sp, x0, :lo12:symbol
+	movk    x0, 0x1, lsl 16
+	prfm    PLDL1STRM, [sp]
+	irg     x0, sp
+	stg     x0, [x0]
+	stgp    x21, x22, [sp, -112]
+	addg    x0, sp, #0x3f0, #0xf
+	addg    sp, x0, #0x2a0, #0xf
+	ldpsw   x20, x21, [sp, -128]
+        ldpsw   x19, x20, [sp]
+        ldrsw   x27, [x4]
+	ldrsb   x20, [sp]
+	ldrsh   x20, [sp]
+# Test a few insn with wzr / xzr
+        mov     xzr, 33
+        mov     x0, xzr
+        add     xzr, x0, x1
+        add     sp, x1, xzr
+	add     xzr, xzr, xzr
+	ret
+	.size   foo,.-foo