Add a "xcheri-std-compat" mode to LLVM #756
Open
+1,926
−379
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
The new "cheri-common" feature will be used as the base for CHERI functionality that is common across all variants (CHERIv9, CHERIoT and the RISC-V standard extension).
…rsing No functional change intended.
This may have been needed before ISAInfo handled custom extensions, but now we can just defer to ISAInfo. No functional change intended
The upcoming standard no longer includes cgetoffset (and cgetaddr has been removed in ISAv9). For now the assembly code still accepts cgetaddr and converts it to a move, but use an intrinsic call instead as that can be optimized to a subregister read on next use rather the requiring an explicit move.
This also handles implied features and therefore is more future-proof than a simple string comparison.
The new -mxcheri-std-compat can be used to enable a compilation mode that only permits the subset of CHERI instructions that will be available in the upcoming CHERI standard (while still using the current opcodes rather than the new ones). It is not yet useful to use the -mxcheri-std-compat as it disables many instructions that are generated internally and will therefore result in crashes, but it can be used to check that assembly code does not rely on instructions that will no longer be available.
CGetOffset is not part of the standard so we have to expand it to `cap.addr - cap.base` instead.
There is no CGetSealed in the RISC-V standard, use GCTYPE instead.
CSetOffset is not part of the standard so we have to use CSetAddr(CGetBase+offset) instead.
CClearTag is not part of the standard. Expand this to CSetHigh (which always clears the tag bit) with the existing capability metadata bits
CRRL is not part of the standard so we need to use `((len + ~mask) & mask)` instead. This was found while compiling a function with a variable length stack allocation.
Previously the compiler would just fail with a cannot select/invalid instruction predicates error. With this commit we now emit a C frontend error pointing at the line where the unsupported builtin is used instead of crashing. The end result is essentially the same but the new behaviour is a lot more user-friendly.
These will not be expanded but instead just emit an error.
It should use underscores not dashes since that results in separate tokens and also means __riscv_xcheri is no longer defined.
This can be used to conditionally compile code.
These will be needed since jr.cap no longer exists in the standard.
Support these loads by changing to the appropriate mode before and after the load operation. This adds quite a bit of boilerplate but I don't see a better approach for supporting this.
Same as the previous commit.
Need to use -1 and not zero!
arichardson
commented
Feb 7, 2025
| @@ -2639,10 +2651,16 @@ Sema::CheckBuiltinFunctionCall(FunctionDecl *FDecl, unsigned BuiltinID, | |||
| } | |||
| break; | |||
| } | |||
| case Builtin::BI__builtin_cheri_cap_load_tags: | |||
There was a problem hiding this comment.
I guess we could expand this to lc+cgettag, but I think an error if it's not support might make it clearer that the optimized version does not exist?
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
This limits the instructions that are emitted to the ones that are also supported in the upcoming RISC-V standard.
The only new instructions are modesw.cap and modesw.int which will need to be supported in QEMU for hybrid mode code.