summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
Diffstat
-rw-r--r--llvm/lib/CodeGen/CFGuardLongjmp.cpp238
-rw-r--r--llvm/lib/Transforms/CFGuard/CFGuard.cpp612
-rw-r--r--llvm/lib/Transforms/CFGuard/CMakeLists.txt18
-rw-r--r--llvm/test/CodeGen/AArch64/cfguard-checks.ll294
-rw-r--r--llvm/test/CodeGen/AArch64/cfguard-module-flag.ll50
-rw-r--r--llvm/test/CodeGen/ARM/cfguard-checks.ll302
-rw-r--r--llvm/test/CodeGen/ARM/cfguard-module-flag.ll52
-rw-r--r--llvm/test/CodeGen/X86/cfguard-checks.ll462
-rw-r--r--llvm/test/CodeGen/X86/cfguard-module-flag.ll52
-rw-r--r--llvm/test/CodeGen/X86/cfguard-x86-64-vectorcall.ll76
-rw-r--r--llvm/test/CodeGen/X86/cfguard-x86-vectorcall.ll86
11 files changed, 1121 insertions, 1121 deletions
diff --git a/llvm/lib/CodeGen/CFGuardLongjmp.cpp b/llvm/lib/CodeGen/CFGuardLongjmp.cpp
index 42ad22b6cfa..1ae84714625 100644
--- a/llvm/lib/CodeGen/CFGuardLongjmp.cpp
+++ b/llvm/lib/CodeGen/CFGuardLongjmp.cpp
@@ -1,119 +1,119 @@
-//===-- CFGuardLongjmp.cpp - Longjmp symbols for CFGuard --------*- C++ -*-===//
-//
-// Part of the LLVM Project, under the Apache License v2.0 with LLVM Exceptions.
-// See https://llvm.org/LICENSE.txt for license information.
-// SPDX-License-Identifier: Apache-2.0 WITH LLVM-exception
-//
-//===----------------------------------------------------------------------===//
-///
-/// \file
-/// This file contains a machine function pass to insert a symbol after each
-/// call to _setjmp and store this in the MachineFunction's LongjmpTargets
-/// vector. This will be used to emit the table of valid longjmp targets used
-/// by Control Flow Guard.
-///
-//===----------------------------------------------------------------------===//
-
-#include "llvm/ADT/Statistic.h"
-#include "llvm/CodeGen/MachineBasicBlock.h"
-#include "llvm/CodeGen/MachineFunctionPass.h"
-#include "llvm/CodeGen/MachineInstr.h"
-#include "llvm/CodeGen/MachineModuleInfo.h"
-#include "llvm/CodeGen/MachineOperand.h"
-#include "llvm/CodeGen/Passes.h"
-
-using namespace llvm;
-
-#define DEBUG_TYPE "cfguard-longjmp"
-
-STATISTIC(CFGuardLongjmpTargets,
- "Number of Control Flow Guard longjmp targets");
-
-namespace {
-
-/// MachineFunction pass to insert a symbol after each call to _setjmp and store
-/// this in the MachineFunction's LongjmpTargets vector.
-class CFGuardLongjmp : public MachineFunctionPass {
-public:
- static char ID;
-
- CFGuardLongjmp() : MachineFunctionPass(ID) {
- initializeCFGuardLongjmpPass(*PassRegistry::getPassRegistry());
- }
-
- StringRef getPassName() const override {
- return "Control Flow Guard longjmp targets";
- }
-
- bool runOnMachineFunction(MachineFunction &MF) override;
-};
-
-} // end anonymous namespace
-
-char CFGuardLongjmp::ID = 0;
-
-INITIALIZE_PASS(CFGuardLongjmp, "CFGuardLongjmp",
- "Insert symbols at valid longjmp targets for /guard:cf", false,
- false)
-FunctionPass *llvm::createCFGuardLongjmpPass() { return new CFGuardLongjmp(); }
-
-bool CFGuardLongjmp::runOnMachineFunction(MachineFunction &MF) {
-
- // Skip modules for which the cfguard flag is not set.
- if (!MF.getMMI().getModule()->getModuleFlag("cfguard"))
- return false;
-
- // Skip functions that do not have calls to _setjmp.
- if (!MF.getFunction().callsFunctionThatReturnsTwice())
- return false;
-
- SmallVector<MachineInstr *, 8> SetjmpCalls;
-
- // Iterate over all instructions in the function and add calls to functions
- // that return twice to the list of targets.
- for (MachineBasicBlock &MBB : MF) {
- for (MachineInstr &MI : MBB) {
-
- // Skip instructions that are not calls.
- if (!MI.isCall() || MI.getNumOperands() < 1)
- continue;
-
- // Iterate over operands to find calls to global functions.
- for (MachineOperand &MO : MI.operands()) {
- if (!MO.isGlobal())
- continue;
-
- auto *F = dyn_cast<Function>(MO.getGlobal());
- if (!F)
- continue;
-
- // If the instruction calls a function that returns twice, add
- // it to the list of targets.
- if (F->hasFnAttribute(Attribute::ReturnsTwice)) {
- SetjmpCalls.push_back(&MI);
- break;
- }
- }
- }
- }
-
- if (SetjmpCalls.empty())
- return false;
-
- unsigned SetjmpNum = 0;
-
- // For each possible target, create a new symbol and insert it immediately
- // after the call to setjmp. Add this symbol to the MachineFunction's list
- // of longjmp targets.
- for (MachineInstr *Setjmp : SetjmpCalls) {
- SmallString<128> SymbolName;
- raw_svector_ostream(SymbolName) << "$cfgsj_" << MF.getName() << SetjmpNum++;
- MCSymbol *SjSymbol = MF.getContext().getOrCreateSymbol(SymbolName);
-
- Setjmp->setPostInstrSymbol(MF, SjSymbol);
- MF.addLongjmpTarget(SjSymbol);
- CFGuardLongjmpTargets++;
- }
-
- return true;
-}
+//===-- CFGuardLongjmp.cpp - Longjmp symbols for CFGuard --------*- C++ -*-===//
+//
+// Part of the LLVM Project, under the Apache License v2.0 with LLVM Exceptions.
+// See https://llvm.org/LICENSE.txt for license information.
+// SPDX-License-Identifier: Apache-2.0 WITH LLVM-exception
+//
+//===----------------------------------------------------------------------===//
+///
+/// \file
+/// This file contains a machine function pass to insert a symbol after each
+/// call to _setjmp and store this in the MachineFunction's LongjmpTargets
+/// vector. This will be used to emit the table of valid longjmp targets used
+/// by Control Flow Guard.
+///
+//===----------------------------------------------------------------------===//
+
+#include "llvm/ADT/Statistic.h"
+#include "llvm/CodeGen/MachineBasicBlock.h"
+#include "llvm/CodeGen/MachineFunctionPass.h"
+#include "llvm/CodeGen/MachineInstr.h"
+#include "llvm/CodeGen/MachineModuleInfo.h"
+#include "llvm/CodeGen/MachineOperand.h"
+#include "llvm/CodeGen/Passes.h"
+
+using namespace llvm;
+
+#define DEBUG_TYPE "cfguard-longjmp"
+
+STATISTIC(CFGuardLongjmpTargets,
+ "Number of Control Flow Guard longjmp targets");
+
+namespace {
+
+/// MachineFunction pass to insert a symbol after each call to _setjmp and store
+/// this in the MachineFunction's LongjmpTargets vector.
+class CFGuardLongjmp : public MachineFunctionPass {
+public:
+ static char ID;
+
+ CFGuardLongjmp() : MachineFunctionPass(ID) {
+ initializeCFGuardLongjmpPass(*PassRegistry::getPassRegistry());
+ }
+
+ StringRef getPassName() const override {
+ return "Control Flow Guard longjmp targets";
+ }
+
+ bool runOnMachineFunction(MachineFunction &MF) override;
+};
+
+} // end anonymous namespace
+
+char CFGuardLongjmp::ID = 0;
+
+INITIALIZE_PASS(CFGuardLongjmp, "CFGuardLongjmp",
+ "Insert symbols at valid longjmp targets for /guard:cf", false,
+ false)
+FunctionPass *llvm::createCFGuardLongjmpPass() { return new CFGuardLongjmp(); }
+
+bool CFGuardLongjmp::runOnMachineFunction(MachineFunction &MF) {
+
+ // Skip modules for which the cfguard flag is not set.
+ if (!MF.getMMI().getModule()->getModuleFlag("cfguard"))
+ return false;
+
+ // Skip functions that do not have calls to _setjmp.
+ if (!MF.getFunction().callsFunctionThatReturnsTwice())
+ return false;
+
+ SmallVector<MachineInstr *, 8> SetjmpCalls;
+
+ // Iterate over all instructions in the function and add calls to functions
+ // that return twice to the list of targets.
+ for (MachineBasicBlock &MBB : MF) {
+ for (MachineInstr &MI : MBB) {
+
+ // Skip instructions that are not calls.
+ if (!MI.isCall() || MI.getNumOperands() < 1)
+ continue;
+
+ // Iterate over operands to find calls to global functions.
+ for (MachineOperand &MO : MI.operands()) {
+ if (!MO.isGlobal())
+ continue;
+
+ auto *F = dyn_cast<Function>(MO.getGlobal());
+ if (!F)
+ continue;
+
+ // If the instruction calls a function that returns twice, add
+ // it to the list of targets.
+ if (F->hasFnAttribute(Attribute::ReturnsTwice)) {
+ SetjmpCalls.push_back(&MI);
+ break;
+ }
+ }
+ }
+ }
+
+ if (SetjmpCalls.empty())
+ return false;
+
+ unsigned SetjmpNum = 0;
+
+ // For each possible target, create a new symbol and insert it immediately
+ // after the call to setjmp. Add this symbol to the MachineFunction's list
+ // of longjmp targets.
+ for (MachineInstr *Setjmp : SetjmpCalls) {
+ SmallString<128> SymbolName;
+ raw_svector_ostream(SymbolName) << "$cfgsj_" << MF.getName() << SetjmpNum++;
+ MCSymbol *SjSymbol = MF.getContext().getOrCreateSymbol(SymbolName);
+
+ Setjmp->setPostInstrSymbol(MF, SjSymbol);
+ MF.addLongjmpTarget(SjSymbol);
+ CFGuardLongjmpTargets++;
+ }
+
+ return true;
+}
diff --git a/llvm/lib/Transforms/CFGuard/CFGuard.cpp b/llvm/lib/Transforms/CFGuard/CFGuard.cpp
index 9517e21ffde..3eca00691e0 100644
--- a/llvm/lib/Transforms/CFGuard/CFGuard.cpp
+++ b/llvm/lib/Transforms/CFGuard/CFGuard.cpp
@@ -1,307 +1,307 @@
-//===-- CFGuard.cpp - Control Flow Guard checks -----------------*- C++ -*-===//
-//
-// Part of the LLVM Project, under the Apache License v2.0 with LLVM Exceptions.
-// See https://llvm.org/LICENSE.txt for license information.
-// SPDX-License-Identifier: Apache-2.0 WITH LLVM-exception
-//
-//===----------------------------------------------------------------------===//
-///
-/// \file
-/// This file contains the IR transform to add Microsoft's Control Flow Guard
-/// checks on Windows targets.
-///
-//===----------------------------------------------------------------------===//
-
-#include "llvm/Transforms/CFGuard.h"
-#include "llvm/ADT/SmallVector.h"
-#include "llvm/ADT/Statistic.h"
-#include "llvm/ADT/Triple.h"
-#include "llvm/IR/CallingConv.h"
-#include "llvm/IR/IRBuilder.h"
-#include "llvm/IR/Instruction.h"
-#include "llvm/InitializePasses.h"
-#include "llvm/Pass.h"
-
-using namespace llvm;
-
-using OperandBundleDef = OperandBundleDefT<Value *>;
-
-#define DEBUG_TYPE "cfguard"
-
-STATISTIC(CFGuardCounter, "Number of Control Flow Guard checks added");
-
-namespace {
-
-/// Adds Control Flow Guard (CFG) checks on indirect function calls/invokes.
-/// These checks ensure that the target address corresponds to the start of an
-/// address-taken function. X86_64 targets use the CF_Dispatch mechanism. X86,
-/// ARM, and AArch64 targets use the CF_Check machanism.
-class CFGuard : public FunctionPass {
-public:
- static char ID;
-
- enum Mechanism { CF_Check, CF_Dispatch };
-
- // Default constructor required for the INITIALIZE_PASS macro.
- CFGuard() : FunctionPass(ID) {
- initializeCFGuardPass(*PassRegistry::getPassRegistry());
- // By default, use the guard check mechanism.
- GuardMechanism = CF_Check;
- }
-
- // Recommended constructor used to specify the type of guard mechanism.
- CFGuard(Mechanism Var) : FunctionPass(ID) {
- initializeCFGuardPass(*PassRegistry::getPassRegistry());
- GuardMechanism = Var;
- }
-
- /// Inserts a Control Flow Guard (CFG) check on an indirect call using the CFG
- /// check mechanism. When the image is loaded, the loader puts the appropriate
- /// guard check function pointer in the __guard_check_icall_fptr global
- /// symbol. This checks that the target address is a valid address-taken
- /// function. The address of the target function is passed to the guard check
- /// function in an architecture-specific register (e.g. ECX on 32-bit X86,
- /// X15 on Aarch64, and R0 on ARM). The guard check function has no return
- /// value (if the target is invalid, the guard check funtion will raise an
- /// error).
- ///
- /// For example, the following LLVM IR:
- /// \code
- /// %func_ptr = alloca i32 ()*, align 8
- /// store i32 ()* @target_func, i32 ()** %func_ptr, align 8
- /// %0 = load i32 ()*, i32 ()** %func_ptr, align 8
- /// %1 = call i32 %0()
- /// \endcode
- ///
- /// is transformed to:
- /// \code
- /// %func_ptr = alloca i32 ()*, align 8
- /// store i32 ()* @target_func, i32 ()** %func_ptr, align 8
- /// %0 = load i32 ()*, i32 ()** %func_ptr, align 8
- /// %1 = load void (i8*)*, void (i8*)** @__guard_check_icall_fptr
- /// %2 = bitcast i32 ()* %0 to i8*
- /// call cfguard_checkcc void %1(i8* %2)
- /// %3 = call i32 %0()
- /// \endcode
- ///
- /// For example, the following X86 assembly code:
- /// \code
- /// movl $_target_func, %eax
- /// calll *%eax
- /// \endcode
- ///
- /// is transformed to:
- /// \code
- /// movl $_target_func, %ecx
- /// calll *___guard_check_icall_fptr
- /// calll *%ecx
- /// \endcode
- ///
- /// \param CB indirect call to instrument.
- void insertCFGuardCheck(CallBase *CB);
-
- /// Inserts a Control Flow Guard (CFG) check on an indirect call using the CFG
- /// dispatch mechanism. When the image is loaded, the loader puts the
- /// appropriate guard check function pointer in the
- /// __guard_dispatch_icall_fptr global symbol. This checks that the target
- /// address is a valid address-taken function and, if so, tail calls the
- /// target. The target address is passed in an architecture-specific register
- /// (e.g. RAX on X86_64), with all other arguments for the target function
- /// passed as usual.
- ///
- /// For example, the following LLVM IR:
- /// \code
- /// %func_ptr = alloca i32 ()*, align 8
- /// store i32 ()* @target_func, i32 ()** %func_ptr, align 8
- /// %0 = load i32 ()*, i32 ()** %func_ptr, align 8
- /// %1 = call i32 %0()
- /// \endcode
- ///
- /// is transformed to:
- /// \code
- /// %func_ptr = alloca i32 ()*, align 8
- /// store i32 ()* @target_func, i32 ()** %func_ptr, align 8
- /// %0 = load i32 ()*, i32 ()** %func_ptr, align 8
- /// %1 = load i32 ()*, i32 ()** @__guard_dispatch_icall_fptr
- /// %2 = call i32 %1() [ "cfguardtarget"(i32 ()* %0) ]
- /// \endcode
- ///
- /// For example, the following X86_64 assembly code:
- /// \code
- /// leaq target_func(%rip), %rax
- /// callq *%rax
- /// \endcode
- ///
- /// is transformed to:
- /// \code
- /// leaq target_func(%rip), %rax
- /// callq *__guard_dispatch_icall_fptr(%rip)
- /// \endcode
- ///
- /// \param CB indirect call to instrument.
- void insertCFGuardDispatch(CallBase *CB);
-
- bool doInitialization(Module &M) override;
- bool runOnFunction(Function &F) override;
-
-private:
- // Only add checks if the module has the cfguard=2 flag.
- int cfguard_module_flag = 0;
- Mechanism GuardMechanism = CF_Check;
- FunctionType *GuardFnType = nullptr;
- PointerType *GuardFnPtrType = nullptr;
- Constant *GuardFnGlobal = nullptr;
-};
-
-} // end anonymous namespace
-
-void CFGuard::insertCFGuardCheck(CallBase *CB) {
-
- assert(Triple(CB->getModule()->getTargetTriple()).isOSWindows() &&
- "Only applicable for Windows targets");
- assert(CB->isIndirectCall() &&
- "Control Flow Guard checks can only be added to indirect calls");
-
- IRBuilder<> B(CB);
- Value *CalledOperand = CB->getCalledOperand();
-
- // Load the global symbol as a pointer to the check function.
- LoadInst *GuardCheckLoad = B.CreateLoad(GuardFnPtrType, GuardFnGlobal);
-
- // Create new call instruction. The CFGuard check should always be a call,
- // even if the original CallBase is an Invoke or CallBr instruction.
- CallInst *GuardCheck =
- B.CreateCall(GuardFnType, GuardCheckLoad,
- {B.CreateBitCast(CalledOperand, B.getInt8PtrTy())});
-
- // Ensure that the first argument is passed in the correct register
- // (e.g. ECX on 32-bit X86 targets).
- GuardCheck->setCallingConv(CallingConv::CFGuard_Check);
-}
-
-void CFGuard::insertCFGuardDispatch(CallBase *CB) {
-
- assert(Triple(CB->getModule()->getTargetTriple()).isOSWindows() &&
- "Only applicable for Windows targets");
- assert(CB->isIndirectCall() &&
- "Control Flow Guard checks can only be added to indirect calls");
-
- IRBuilder<> B(CB);
- Value *CalledOperand = CB->getCalledOperand();
- Type *CalledOperandType = CalledOperand->getType();
-
- // Cast the guard dispatch global to the type of the called operand.
- PointerType *PTy = PointerType::get(CalledOperandType, 0);
- if (GuardFnGlobal->getType() != PTy)
- GuardFnGlobal = ConstantExpr::getBitCast(GuardFnGlobal, PTy);
-
- // Load the global as a pointer to a function of the same type.
- LoadInst *GuardDispatchLoad = B.CreateLoad(CalledOperandType, GuardFnGlobal);
-
- // Add the original call target as a cfguardtarget operand bundle.
- SmallVector<llvm::OperandBundleDef, 1> Bundles;
- CB->getOperandBundlesAsDefs(Bundles);
- Bundles.emplace_back("cfguardtarget", CalledOperand);
-
- // Create a copy of the call/invoke instruction and add the new bundle.
- CallBase *NewCB;
- if (CallInst *CI = dyn_cast<CallInst>(CB)) {
- NewCB = CallInst::Create(CI, Bundles, CB);
- } else {
- assert(isa<InvokeInst>(CB) && "Unknown indirect call type");
- InvokeInst *II = cast<InvokeInst>(CB);
- NewCB = llvm::InvokeInst::Create(II, Bundles, CB);
- }
-
- // Change the target of the call to be the guard dispatch function.
- NewCB->setCalledOperand(GuardDispatchLoad);
-
- // Replace the original call/invoke with the new instruction.
- CB->replaceAllUsesWith(NewCB);
-
- // Delete the original call/invoke.
- CB->eraseFromParent();
-}
-
-bool CFGuard::doInitialization(Module &M) {
-
- // Check if this module has the cfguard flag and read its value.
- if (auto *MD =
- mdconst::extract_or_null<ConstantInt>(M.getModuleFlag("cfguard")))
- cfguard_module_flag = MD->getZExtValue();
-
- // Skip modules for which CFGuard checks have been disabled.
- if (cfguard_module_flag != 2)
- return false;
-
- // Set up prototypes for the guard check and dispatch functions.
- GuardFnType = FunctionType::get(Type::getVoidTy(M.getContext()),
- {Type::getInt8PtrTy(M.getContext())}, false);
- GuardFnPtrType = PointerType::get(GuardFnType, 0);
-
- // Get or insert the guard check or dispatch global symbols.
- if (GuardMechanism == CF_Check) {
- GuardFnGlobal =
- M.getOrInsertGlobal("__guard_check_icall_fptr", GuardFnPtrType);
- } else {
- assert(GuardMechanism == CF_Dispatch && "Invalid CFGuard mechanism");
- GuardFnGlobal =
- M.getOrInsertGlobal("__guard_dispatch_icall_fptr", GuardFnPtrType);
- }
-
- return true;
-}
-
-bool CFGuard::runOnFunction(Function &F) {
-
- // Skip modules and functions for which CFGuard checks have been disabled.
- if (cfguard_module_flag != 2 || F.hasFnAttribute(Attribute::NoCfCheck))
- return false;
-
- SmallVector<CallBase *, 8> IndirectCalls;
-
- // Iterate over the instructions to find all indirect call/invoke/callbr
- // instructions. Make a separate list of pointers to indirect
- // call/invoke/callbr instructions because the original instructions will be
- // deleted as the checks are added.
- for (BasicBlock &BB : F.getBasicBlockList()) {
- for (Instruction &I : BB.getInstList()) {
- auto *CB = dyn_cast<CallBase>(&I);
- if (CB && CB->isIndirectCall()) {
- IndirectCalls.push_back(CB);
- CFGuardCounter++;
- }
- }
- }
-
- // If no checks are needed, return early and add this attribute to indicate
- // that subsequent CFGuard passes can skip this function.
- if (IndirectCalls.empty()) {
- F.addFnAttr(Attribute::NoCfCheck);
- return false;
- }
-
- // For each indirect call/invoke, add the appropriate dispatch or check.
- if (GuardMechanism == CF_Dispatch) {
- for (CallBase *CB : IndirectCalls) {
- insertCFGuardDispatch(CB);
- }
- } else {
- for (CallBase *CB : IndirectCalls) {
- insertCFGuardCheck(CB);
- }
- }
-
- return true;
-}
-
-char CFGuard::ID = 0;
-INITIALIZE_PASS(CFGuard, "CFGuard", "CFGuard", false, false)
-
-FunctionPass *llvm::createCFGuardCheckPass() {
- return new CFGuard(CFGuard::CF_Check);
-}
-
-FunctionPass *llvm::createCFGuardDispatchPass() {
- return new CFGuard(CFGuard::CF_Dispatch);
+//===-- CFGuard.cpp - Control Flow Guard checks -----------------*- C++ -*-===//
+//
+// Part of the LLVM Project, under the Apache License v2.0 with LLVM Exceptions.
+// See https://llvm.org/LICENSE.txt for license information.
+// SPDX-License-Identifier: Apache-2.0 WITH LLVM-exception
+//
+//===----------------------------------------------------------------------===//
+///
+/// \file
+/// This file contains the IR transform to add Microsoft's Control Flow Guard
+/// checks on Windows targets.
+///
+//===----------------------------------------------------------------------===//
+
+#include "llvm/Transforms/CFGuard.h"
+#include "llvm/ADT/SmallVector.h"
+#include "llvm/ADT/Statistic.h"
+#include "llvm/ADT/Triple.h"
+#include "llvm/IR/CallingConv.h"
+#include "llvm/IR/IRBuilder.h"
+#include "llvm/IR/Instruction.h"
+#include "llvm/InitializePasses.h"
+#include "llvm/Pass.h"
+
+using namespace llvm;
+
+using OperandBundleDef = OperandBundleDefT<Value *>;
+
+#define DEBUG_TYPE "cfguard"
+
+STATISTIC(CFGuardCounter, "Number of Control Flow Guard checks added");
+
+namespace {
+
+/// Adds Control Flow Guard (CFG) checks on indirect function calls/invokes.
+/// These checks ensure that the target address corresponds to the start of an
+/// address-taken function. X86_64 targets use the CF_Dispatch mechanism. X86,
+/// ARM, and AArch64 targets use the CF_Check machanism.
+class CFGuard : public FunctionPass {
+public:
+ static char ID;
+
+ enum Mechanism { CF_Check, CF_Dispatch };
+
+ // Default constructor required for the INITIALIZE_PASS macro.
+ CFGuard() : FunctionPass(ID) {
+ initializeCFGuardPass(*PassRegistry::getPassRegistry());
+ // By default, use the guard check mechanism.
+ GuardMechanism = CF_Check;
+ }
+
+ // Recommended constructor used to specify the type of guard mechanism.
+ CFGuard(Mechanism Var) : FunctionPass(ID) {
+ initializeCFGuardPass(*PassRegistry::getPassRegistry());
+ GuardMechanism = Var;
+ }
+
+ /// Inserts a Control Flow Guard (CFG) check on an indirect call using the CFG
+ /// check mechanism. When the image is loaded, the loader puts the appropriate
+ /// guard check function pointer in the __guard_check_icall_fptr global
+ /// symbol. This checks that the target address is a valid address-taken
+ /// function. The address of the target function is passed to the guard check
+ /// function in an architecture-specific register (e.g. ECX on 32-bit X86,
+ /// X15 on Aarch64, and R0 on ARM). The guard check function has no return
+ /// value (if the target is invalid, the guard check funtion will raise an
+ /// error).
+ ///
+ /// For example, the following LLVM IR:
+ /// \code
+ /// %func_ptr = alloca i32 ()*, align 8
+ /// store i32 ()* @target_func, i32 ()** %func_ptr, align 8
+ /// %0 = load i32 ()*, i32 ()** %func_ptr, align 8
+ /// %1 = call i32 %0()
+ /// \endcode
+ ///
+ /// is transformed to:
+ /// \code
+ /// %func_ptr = alloca i32 ()*, align 8
+ /// store i32 ()* @target_func, i32 ()** %func_ptr, align 8
+ /// %0 = load i32 ()*, i32 ()** %func_ptr, align 8
+ /// %1 = load void (i8*)*, void (i8*)** @__guard_check_icall_fptr
+ /// %2 = bitcast i32 ()* %0 to i8*
+ /// call cfguard_checkcc void %1(i8* %2)
+ /// %3 = call i32 %0()
+ /// \endcode
+ ///
+ /// For example, the following X86 assembly code:
+ /// \code
+ /// movl $_target_func, %eax
+ /// calll *%eax
+ /// \endcode
+ ///
+ /// is transformed to:
+ /// \code
+ /// movl $_target_func, %ecx
+ /// calll *___guard_check_icall_fptr
+ /// calll *%ecx
+ /// \endcode
+ ///
+ /// \param CB indirect call to instrument.
+ void insertCFGuardCheck(CallBase *CB);
+
+ /// Inserts a Control Flow Guard (CFG) check on an indirect call using the CFG
+ /// dispatch mechanism. When the image is loaded, the loader puts the
+ /// appropriate guard check function pointer in the
+ /// __guard_dispatch_icall_fptr global symbol. This checks that the target
+ /// address is a valid address-taken function and, if so, tail calls the
+ /// target. The target address is passed in an architecture-specific register
+ /// (e.g. RAX on X86_64), with all other arguments for the target function
+ /// passed as usual.
+ ///
+ /// For example, the following LLVM IR:
+ /// \code
+ /// %func_ptr = alloca i32 ()*, align 8
+ /// store i32 ()* @target_func, i32 ()** %func_ptr, align 8
+ /// %0 = load i32 ()*, i32 ()** %func_ptr, align 8
+ /// %1 = call i32 %0()
+ /// \endcode
+ ///
+ /// is transformed to:
+ /// \code
+ /// %func_ptr = alloca i32 ()*, align 8
+ /// store i32 ()* @target_func, i32 ()** %func_ptr, align 8
+ /// %0 = load i32 ()*, i32 ()** %func_ptr, align 8
+ /// %1 = load i32 ()*, i32 ()** @__guard_dispatch_icall_fptr
+ /// %2 = call i32 %1() [ "cfguardtarget"(i32 ()* %0) ]
+ /// \endcode
+ ///
+ /// For example, the following X86_64 assembly code:
+ /// \code
+ /// leaq target_func(%rip), %rax
+ /// callq *%rax
+ /// \endcode
+ ///
+ /// is transformed to:
+ /// \code
+ /// leaq target_func(%rip), %rax
+ /// callq *__guard_dispatch_icall_fptr(%rip)
+ /// \endcode
+ ///
+ /// \param CB indirect call to instrument.
+ void insertCFGuardDispatch(CallBase *CB);
+
+ bool doInitialization(Module &M) override;
+ bool runOnFunction(Function &F) override;
+
+private:
+ // Only add checks if the module has the cfguard=2 flag.
+ int cfguard_module_flag = 0;
+ Mechanism GuardMechanism = CF_Check;
+ FunctionType *GuardFnType = nullptr;
+ PointerType *GuardFnPtrType = nullptr;
+ Constant *GuardFnGlobal = nullptr;
+};
+
+} // end anonymous namespace
+
+void CFGuard::insertCFGuardCheck(CallBase *CB) {
+
+ assert(Triple(CB->getModule()->getTargetTriple()).isOSWindows() &&
+ "Only applicable for Windows targets");
+ assert(CB->isIndirectCall() &&
+ "Control Flow Guard checks can only be added to indirect calls");
+
+ IRBuilder<> B(CB);
+ Value *CalledOperand = CB->getCalledOperand();
+
+ // Load the global symbol as a pointer to the check function.
+ LoadInst *GuardCheckLoad = B.CreateLoad(GuardFnPtrType, GuardFnGlobal);
+
+ // Create new call instruction. The CFGuard check should always be a call,
+ // even if the original CallBase is an Invoke or CallBr instruction.
+ CallInst *GuardCheck =
+ B.CreateCall(GuardFnType, GuardCheckLoad,
+ {B.CreateBitCast(CalledOperand, B.getInt8PtrTy())});
+
+ // Ensure that the first argument is passed in the correct register
+ // (e.g. ECX on 32-bit X86 targets).
+ GuardCheck->setCallingConv(CallingConv::CFGuard_Check);
+}
+
+void CFGuard::insertCFGuardDispatch(CallBase *CB) {
+
+ assert(Triple(CB->getModule()->getTargetTriple()).isOSWindows() &&
+ "Only applicable for Windows targets");
+ assert(CB->isIndirectCall() &&
+ "Control Flow Guard checks can only be added to indirect calls");
+
+ IRBuilder<> B(CB);
+ Value *CalledOperand = CB->getCalledOperand();
+ Type *CalledOperandType = CalledOperand->getType();
+
+ // Cast the guard dispatch global to the type of the called operand.
+ PointerType *PTy = PointerType::get(CalledOperandType, 0);
+ if (GuardFnGlobal->getType() != PTy)
+ GuardFnGlobal = ConstantExpr::getBitCast(GuardFnGlobal, PTy);
+
+ // Load the global as a pointer to a function of the same type.
+ LoadInst *GuardDispatchLoad = B.CreateLoad(CalledOperandType, GuardFnGlobal);
+
+ // Add the original call target as a cfguardtarget operand bundle.
+ SmallVector<llvm::OperandBundleDef, 1> Bundles;
+ CB->getOperandBundlesAsDefs(Bundles);
+ Bundles.emplace_back("cfguardtarget", CalledOperand);
+
+ // Create a copy of the call/invoke instruction and add the new bundle.
+ CallBase *NewCB;
+ if (CallInst *CI = dyn_cast<CallInst>(CB)) {
+ NewCB = CallInst::Create(CI, Bundles, CB);
+ } else {
+ assert(isa<InvokeInst>(CB) && "Unknown indirect call type");
+ InvokeInst *II = cast<InvokeInst>(CB);
+ NewCB = llvm::InvokeInst::Create(II, Bundles, CB);
+ }
+
+ // Change the target of the call to be the guard dispatch function.
+ NewCB->setCalledOperand(GuardDispatchLoad);
+
+ // Replace the original call/invoke with the new instruction.
+ CB->replaceAllUsesWith(NewCB);
+
+ // Delete the original call/invoke.
+ CB->eraseFromParent();
+}
+
+bool CFGuard::doInitialization(Module &M) {
+
+ // Check if this module has the cfguard flag and read its value.
+ if (auto *MD =
+ mdconst::extract_or_null<ConstantInt>(M.getModuleFlag("cfguard")))
+ cfguard_module_flag = MD->getZExtValue();
+
+ // Skip modules for which CFGuard checks have been disabled.
+ if (cfguard_module_flag != 2)
+ return false;
+
+ // Set up prototypes for the guard check and dispatch functions.
+ GuardFnType = FunctionType::get(Type::getVoidTy(M.getContext()),
+ {Type::getInt8PtrTy(M.getContext())}, false);
+ GuardFnPtrType = PointerType::get(GuardFnType, 0);
+
+ // Get or insert the guard check or dispatch global symbols.
+ if (GuardMechanism == CF_Check) {
+ GuardFnGlobal =
+ M.getOrInsertGlobal("__guard_check_icall_fptr", GuardFnPtrType);
+ } else {
+ assert(GuardMechanism == CF_Dispatch && "Invalid CFGuard mechanism");
+ GuardFnGlobal =
+ M.getOrInsertGlobal("__guard_dispatch_icall_fptr", GuardFnPtrType);
+ }
+
+ return true;
+}
+
+bool CFGuard::runOnFunction(Function &F) {
+
+ // Skip modules and functions for which CFGuard checks have been disabled.
+ if (cfguard_module_flag != 2 || F.hasFnAttribute(Attribute::NoCfCheck))
+ return false;
+
+ SmallVector<CallBase *, 8> IndirectCalls;
+
+ // Iterate over the instructions to find all indirect call/invoke/callbr
+ // instructions. Make a separate list of pointers to indirect
+ // call/invoke/callbr instructions because the original instructions will be
+ // deleted as the checks are added.
+ for (BasicBlock &BB : F.getBasicBlockList()) {
+ for (Instruction &I : BB.getInstList()) {
+ auto *CB = dyn_cast<CallBase>(&I);
+ if (CB && CB->isIndirectCall()) {
+ IndirectCalls.push_back(CB);
+ CFGuardCounter++;
+ }
+ }
+ }
+
+ // If no checks are needed, return early and add this attribute to indicate
+ // that subsequent CFGuard passes can skip this function.
+ if (IndirectCalls.empty()) {
+ F.addFnAttr(Attribute::NoCfCheck);
+ return false;
+ }
+
+ // For each indirect call/invoke, add the appropriate dispatch or check.
+ if (GuardMechanism == CF_Dispatch) {
+ for (CallBase *CB : IndirectCalls) {
+ insertCFGuardDispatch(CB);
+ }
+ } else {
+ for (CallBase *CB : IndirectCalls) {
+ insertCFGuardCheck(CB);
+ }
+ }
+
+ return true;
+}
+
+char CFGuard::ID = 0;
+INITIALIZE_PASS(CFGuard, "CFGuard", "CFGuard", false, false)
+
+FunctionPass *llvm::createCFGuardCheckPass() {
+ return new CFGuard(CFGuard::CF_Check);
+}
+
+FunctionPass *llvm::createCFGuardDispatchPass() {
+ return new CFGuard(CFGuard::CF_Dispatch);
} \ No newline at end of file
diff --git a/llvm/lib/Transforms/CFGuard/CMakeLists.txt b/llvm/lib/Transforms/CFGuard/CMakeLists.txt
index 65d3a0f0b6f..b7518019b1a 100644
--- a/llvm/lib/Transforms/CFGuard/CMakeLists.txt
+++ b/llvm/lib/Transforms/CFGuard/CMakeLists.txt
@@ -1,9 +1,9 @@
-add_llvm_library(LLVMCFGuard
- CFGuard.cpp
-
- ADDITIONAL_HEADER_DIRS
- ${LLVM_MAIN_INCLUDE_DIR}/llvm/Transforms
-
- DEPENDS
- intrinsics_gen
- )
+add_llvm_library(LLVMCFGuard
+ CFGuard.cpp
+
+ ADDITIONAL_HEADER_DIRS
+ ${LLVM_MAIN_INCLUDE_DIR}/llvm/Transforms
+
+ DEPENDS
+ intrinsics_gen
+ )
diff --git a/llvm/test/CodeGen/AArch64/cfguard-checks.ll b/llvm/test/CodeGen/AArch64/cfguard-checks.ll
index 4b6a7ebc243..627741c4b6f 100644
--- a/llvm/test/CodeGen/AArch64/cfguard-checks.ll
+++ b/llvm/test/CodeGen/AArch64/cfguard-checks.ll
@@ -1,147 +1,147 @@
-; RUN: llc < %s -mtriple=aarch64-pc-windows-msvc | FileCheck %s
-; Control Flow Guard is currently only available on Windows
-
-; Test that Control Flow Guard checks are correctly added when required.
-
-
-declare i32 @target_func()
-
-
-; Test that Control Flow Guard checks are not added to functions with nocf_checks attribute.
-define i32 @func_nocf_checks() #0 {
-entry:
- %func_ptr = alloca i32 ()*, align 8
- store i32 ()* @target_func, i32 ()** %func_ptr, align 8
- %0 = load i32 ()*, i32 ()** %func_ptr, align 8
- %1 = call i32 %0()
- ret i32 %1
-
- ; CHECK-LABEL: func_nocf_checks
- ; CHECK: adrp x8, target_func
- ; CHECK: add x8, x8, target_func
- ; CHECK-NOT: __guard_check_icall_fptr
- ; CHECK: blr x8
-}
-attributes #0 = { nocf_check }
-
-
-; Test that Control Flow Guard checks are added even at -O0.
-define i32 @func_optnone_cf() #1 {
-entry:
- %func_ptr = alloca i32 ()*, align 8
- store i32 ()* @target_func, i32 ()** %func_ptr, align 8
- %0 = load i32 ()*, i32 ()** %func_ptr, align 8
- %1 = call i32 %0()
- ret i32 %1
-
- ; The call to __guard_check_icall_fptr should come immediately before the call to the target function.
- ; CHECK-LABEL: func_optnone_cf
- ; CHECK: adrp x8, __guard_check_icall_fptr
- ; CHECK: add x9, x8, __guard_check_icall_fptr
- ; CHECK: adrp x8, target_func
- ; CHECK: add x8, x8, target_func
- ; CHECK: ldr x9, [x9]
- ; CHECK: mov x15, x8
- ; CHECK: blr x9
- ; CHECK-NEXT: blr x8
-}
-attributes #1 = { noinline optnone }
-
-
-; Test that Control Flow Guard checks are correctly added in optimized code (common case).
-define i32 @func_cf() {
-entry:
- %func_ptr = alloca i32 ()*, align 8
- store i32 ()* @target_func, i32 ()** %func_ptr, align 8
- %0 = load i32 ()*, i32 ()** %func_ptr, align 8
- %1 = call i32 %0()
- ret i32 %1
-
- ; The call to __guard_check_icall_fptr should come immediately before the call to the target function.
- ; CHECK-LABEL: func_cf
- ; CHECK: adrp x8, __guard_check_icall_fptr
- ; CHECK: ldr x9, [x8, __guard_check_icall_fptr]
- ; CHECK: adrp x8, target_func
- ; CHECK: add x8, x8, target_func
- ; CHECK: mov x15, x8
- ; CHECK: blr x9
- ; CHECK-NEXT: blr x8
-}
-
-
-; Test that Control Flow Guard checks are correctly added on invoke instructions.
-define i32 @func_cf_invoke() personality i8* bitcast (void ()* @h to i8*) {
-entry:
- %0 = alloca i32, align 4
- %func_ptr = alloca i32 ()*, align 8
- store i32 ()* @target_func, i32 ()** %func_ptr, align 8
- %1 = load i32 ()*, i32 ()** %func_ptr, align 8
- %2 = invoke i32 %1()
- to label %invoke.cont unwind label %lpad
-invoke.cont: ; preds = %entry
- ret i32 %2
-
-lpad: ; preds = %entry
- %tmp = landingpad { i8*, i32 }
- catch i8* null
- ret i32 -1
-
- ; The call to __guard_check_icall_fptr should come immediately before the call to the target function.
- ; CHECK-LABEL: func_cf_invoke
- ; CHECK: adrp x8, __guard_check_icall_fptr
- ; CHECK: ldr x9, [x8, __guard_check_icall_fptr]
- ; CHECK: adrp x8, target_func
- ; CHECK: add x8, x8, target_func
- ; CHECK: mov x15, x8
- ; CHECK: blr x9
- ; CHECK-NEXT: .Ltmp0:
- ; CHECK-NEXT: blr x8
- ; CHECK: ; %invoke.cont
- ; CHECK: ; %lpad
-}
-
-declare void @h()
-
-
-; Test that longjmp targets have public labels and are included in the .gljmp section.
-%struct._SETJMP_FLOAT128 = type { [2 x i64] }
-@buf1 = internal global [16 x %struct._SETJMP_FLOAT128] zeroinitializer, align 16
-
-define i32 @func_cf_setjmp() {
- %1 = alloca i32, align 4
- %2 = alloca i32, align 4
- store i32 0, i32* %1, align 4
- store i32 -1, i32* %2, align 4
- %3 = call i8* @llvm.frameaddress(i32 0)
- %4 = call i32 @_setjmp(i8* bitcast ([16 x %struct._SETJMP_FLOAT128]* @buf1 to i8*), i8* %3) #2
-
- ; CHECK-LABEL: func_cf_setjmp
- ; CHECK: bl _setjmp
- ; CHECK-NEXT: $cfgsj_func_cf_setjmp0:
-
- %5 = call i8* @llvm.frameaddress(i32 0)
- %6 = call i32 @_setjmp(i8* bitcast ([16 x %struct._SETJMP_FLOAT128]* @buf1 to i8*), i8* %5) #3
-
- ; CHECK: bl _setjmp
- ; CHECK-NEXT: $cfgsj_func_cf_setjmp1:
-
- store i32 1, i32* %2, align 4
- %7 = load i32, i32* %2, align 4
- ret i32 %7
-
- ; CHECK: .section .gljmp$y,"dr"
- ; CHECK-NEXT: .symidx $cfgsj_func_cf_setjmp0
- ; CHECK-NEXT: .symidx $cfgsj_func_cf_setjmp1
-}
-
-declare i8* @llvm.frameaddress(i32)
-
-; Function Attrs: returns_twice
-declare dso_local i32 @_setjmp(i8*, i8*) #2
-
-attributes #2 = { returns_twice }
-attributes #3 = { returns_twice }
-
-
-!llvm.module.flags = !{!0}
-!0 = !{i32 2, !"cfguard", i32 2}
+; RUN: llc < %s -mtriple=aarch64-pc-windows-msvc | FileCheck %s
+; Control Flow Guard is currently only available on Windows
+
+; Test that Control Flow Guard checks are correctly added when required.
+
+
+declare i32 @target_func()
+
+
+; Test that Control Flow Guard checks are not added to functions with nocf_checks attribute.
+define i32 @func_nocf_checks() #0 {
+entry:
+ %func_ptr = alloca i32 ()*, align 8
+ store i32 ()* @target_func, i32 ()** %func_ptr, align 8
+ %0 = load i32 ()*, i32 ()** %func_ptr, align 8
+ %1 = call i32 %0()
+ ret i32 %1
+
+ ; CHECK-LABEL: func_nocf_checks
+ ; CHECK: adrp x8, target_func
+ ; CHECK: add x8, x8, target_func
+ ; CHECK-NOT: __guard_check_icall_fptr
+ ; CHECK: blr x8
+}
+attributes #0 = { nocf_check }
+
+
+; Test that Control Flow Guard checks are added even at -O0.
+define i32 @func_optnone_cf() #1 {
+entry:
+ %func_ptr = alloca i32 ()*, align 8
+ store i32 ()* @target_func, i32 ()** %func_ptr, align 8
+ %0 = load i32 ()*, i32 ()** %func_ptr, align 8
+ %1 = call i32 %0()
+ ret i32 %1
+
+ ; The call to __guard_check_icall_fptr should come immediately before the call to the target function.
+ ; CHECK-LABEL: func_optnone_cf
+ ; CHECK: adrp x8, __guard_check_icall_fptr
+ ; CHECK: add x9, x8, __guard_check_icall_fptr
+ ; CHECK: adrp x8, target_func
+ ; CHECK: add x8, x8, target_func
+ ; CHECK: ldr x9, [x9]
+ ; CHECK: mov x15, x8
+ ; CHECK: blr x9
+ ; CHECK-NEXT: blr x8
+}
+attributes #1 = { noinline optnone }
+
+
+; Test that Control Flow Guard checks are correctly added in optimized code (common case).
+define i32 @func_cf() {
+entry:
+ %func_ptr = alloca i32 ()*, align 8
+ store i32 ()* @target_func, i32 ()** %func_ptr, align 8
+ %0 = load i32 ()*, i32 ()** %func_ptr, align 8
+ %1 = call i32 %0()
+ ret i32 %1
+
+ ; The call to __guard_check_icall_fptr should come immediately before the call to the target function.
+ ; CHECK-LABEL: func_cf
+ ; CHECK: adrp x8, __guard_check_icall_fptr
+ ; CHECK: ldr x9, [x8, __guard_check_icall_fptr]
+ ; CHECK: adrp x8, target_func
+ ; CHECK: add x8, x8, target_func
+ ; CHECK: mov x15, x8
+ ; CHECK: blr x9
+ ; CHECK-NEXT: blr x8
+}
+
+
+; Test that Control Flow Guard checks are correctly added on invoke instructions.
+define i32 @func_cf_invoke() personality i8* bitcast (void ()* @h to i8*) {
+entry:
+ %0 = alloca i32, align 4
+ %func_ptr = alloca i32 ()*, align 8
+ store i32 ()* @target_func, i32 ()** %func_ptr, align 8
+ %1 = load i32 ()*, i32 ()** %func_ptr, align 8
+ %2 = invoke i32 %1()
+ to label %invoke.cont unwind label %lpad
+invoke.cont: ; preds = %entry
+ ret i32 %2
+
+lpad: ; preds = %entry
+ %tmp = landingpad { i8*, i32 }
+ catch i8* null
+ ret i32 -1
+
+ ; The call to __guard_check_icall_fptr should come immediately before the call to the target function.
+ ; CHECK-LABEL: func_cf_invoke
+ ; CHECK: adrp x8, __guard_check_icall_fptr
+ ; CHECK: ldr x9, [x8, __guard_check_icall_fptr]
+ ; CHECK: adrp x8, target_func
+ ; CHECK: add x8, x8, target_func
+ ; CHECK: mov x15, x8
+ ; CHECK: blr x9
+ ; CHECK-NEXT: .Ltmp0:
+ ; CHECK-NEXT: blr x8
+ ; CHECK: ; %invoke.cont
+ ; CHECK: ; %lpad
+}
+
+declare void @h()
+
+
+; Test that longjmp targets have public labels and are included in the .gljmp section.
+%struct._SETJMP_FLOAT128 = type { [2 x i64] }
+@buf1 = internal global [16 x %struct._SETJMP_FLOAT128] zeroinitializer, align 16
+
+define i32 @func_cf_setjmp() {
+ %1 = alloca i32, align 4
+ %2 = alloca i32, align 4
+ store i32 0, i32* %1, align 4
+ store i32 -1, i32* %2, align 4
+ %3 = call i8* @llvm.frameaddress(i32 0)
+ %4 = call i32 @_setjmp(i8* bitcast ([16 x %struct._SETJMP_FLOAT128]* @buf1 to i8*), i8* %3) #2
+
+ ; CHECK-LABEL: func_cf_setjmp
+ ; CHECK: bl _setjmp
+ ; CHECK-NEXT: $cfgsj_func_cf_setjmp0:
+
+ %5 = call i8* @llvm.frameaddress(i32 0)
+ %6 = call i32 @_setjmp(i8* bitcast ([16 x %struct._SETJMP_FLOAT128]* @buf1 to i8*), i8* %5) #3
+
+ ; CHECK: bl _setjmp
+ ; CHECK-NEXT: $cfgsj_func_cf_setjmp1:
+
+ store i32 1, i32* %2, align 4
+ %7 = load i32, i32* %2, align 4
+ ret i32 %7
+
+ ; CHECK: .section .gljmp$y,"dr"
+ ; CHECK-NEXT: .symidx $cfgsj_func_cf_setjmp0
+ ; CHECK-NEXT: .symidx $cfgsj_func_cf_setjmp1
+}
+
+declare i8* @llvm.frameaddress(i32)
+
+; Function Attrs: returns_twice
+declare dso_local i32 @_setjmp(i8*, i8*) #2
+
+attributes #2 = { returns_twice }
+attributes #3 = { returns_twice }
+
+
+!llvm.module.flags = !{!0}
+!0 = !{i32 2, !"cfguard", i32 2}
diff --git a/llvm/test/CodeGen/AArch64/cfguard-module-flag.ll b/llvm/test/CodeGen/AArch64/cfguard-module-flag.ll
index 25c53019d93..8eb77b6adba 100644
--- a/llvm/test/CodeGen/AArch64/cfguard-module-flag.ll
+++ b/llvm/test/CodeGen/AArch64/cfguard-module-flag.ll
@@ -1,25 +1,25 @@
-
-; RUN: llc < %s -mtriple=aarch64-pc-windows-msvc | FileCheck %s
-; Control Flow Guard is currently only available on Windows
-
-; Test that Control Flow Guard checks are not added in modules with the
-; cfguard=1 flag (emit tables but no checks).
-
-
-declare void @target_func()
-
-define void @func_in_module_without_cfguard() #0 {
-entry:
- %func_ptr = alloca void ()*, align 8
- store void ()* @target_func, void ()** %func_ptr, align 8
- %0 = load void ()*, void ()** %func_ptr, align 8
-
- call void %0()
- ret void
-
- ; CHECK-NOT: __guard_check_icall_fptr
- ; CHECK-NOT: __guard_dispatch_icall_fptr
-}
-
-!llvm.module.flags = !{!0}
-!0 = !{i32 2, !"cfguard", i32 1}
+
+; RUN: llc < %s -mtriple=aarch64-pc-windows-msvc | FileCheck %s
+; Control Flow Guard is currently only available on Windows
+
+; Test that Control Flow Guard checks are not added in modules with the
+; cfguard=1 flag (emit tables but no checks).
+
+
+declare void @target_func()
+
+define void @func_in_module_without_cfguard() #0 {
+entry:
+ %func_ptr = alloca void ()*, align 8
+ store void ()* @target_func, void ()** %func_ptr, align 8
+ %0 = load void ()*, void ()** %func_ptr, align 8
+
+ call void %0()
+ ret void
+
+ ; CHECK-NOT: __guard_check_icall_fptr
+ ; CHECK-NOT: __guard_dispatch_icall_fptr
+}
+
+!llvm.module.flags = !{!0}
+!0 = !{i32 2, !"cfguard", i32 1}
diff --git a/llvm/test/CodeGen/ARM/cfguard-checks.ll b/llvm/test/CodeGen/ARM/cfguard-checks.ll
index 1835bcfc1b5..c75afc614c7 100644
--- a/llvm/test/CodeGen/ARM/cfguard-checks.ll
+++ b/llvm/test/CodeGen/ARM/cfguard-checks.ll
@@ -1,151 +1,151 @@
-; RUN: llc < %s -mtriple=arm-pc-windows-msvc | FileCheck %s
-; Control Flow Guard is currently only available on Windows
-
-; Test that Control Flow Guard checks are correctly added when required.
-
-
-declare i32 @target_func()
-
-
-; Test that Control Flow Guard checks are not added to functions with nocf_checks attribute.
-define i32 @func_nocf_checks() #0 {
-entry:
- %func_ptr = alloca i32 ()*, align 8
- store i32 ()* @target_func, i32 ()** %func_ptr, align 8
- %0 = load i32 ()*, i32 ()** %func_ptr, align 8
- %1 = call arm_aapcs_vfpcc i32 %0()
- ret i32 %1
-
- ; CHECK-LABEL: func_nocf_checks
- ; CHECK: movw r0, :lower16:target_func
- ; CHECK: movt r0, :upper16:target_func
- ; CHECK-NOT: __guard_check_icall_fptr
- ; CHECK: blx r0
-}
-attributes #0 = { nocf_check "target-cpu"="cortex-a9" "target-features"="+armv7-a,+dsp,+fp16,+neon,+strict-align,+thumb-mode,+vfp3"}
-
-
-; Test that Control Flow Guard checks are added even at -O0.
-define i32 @func_optnone_cf() #1 {
-entry:
- %func_ptr = alloca i32 ()*, align 8
- store i32 ()* @target_func, i32 ()** %func_ptr, align 8
- %0 = load i32 ()*, i32 ()** %func_ptr, align 8
- %1 = call i32 %0()
- ret i32 %1
-
- ; The call to __guard_check_icall_fptr should come immediately before the call to the target function.
- ; CHECK-LABEL: func_optnone_cf
- ; CHECK: movw r0, :lower16:target_func
- ; CHECK: movt r0, :upper16:target_func
- ; CHECK: str r0, [sp]
- ; CHECK: ldr r4, [sp]
- ; CHECK: movw r0, :lower16:__guard_check_icall_fptr
- ; CHECK: movt r0, :upper16:__guard_check_icall_fptr
- ; CHECK: ldr r1, [r0]
- ; CHECK: mov r0, r4
- ; CHECK: blx r1
- ; CHECK-NEXT: blx r4
-}
-attributes #1 = { noinline optnone "target-cpu"="cortex-a9" "target-features"="+armv7-a,+dsp,+fp16,+neon,+strict-align,+thumb-mode,+vfp3"}
-
-
-; Test that Control Flow Guard checks are correctly added in optimized code (common case).
-define i32 @func_cf() #2 {
-entry:
- %func_ptr = alloca i32 ()*, align 8
- store i32 ()* @target_func, i32 ()** %func_ptr, align 8
- %0 = load i32 ()*, i32 ()** %func_ptr, align 8
- %1 = call i32 %0()
- ret i32 %1
-
- ; The call to __guard_check_icall_fptr should come immediately before the call to the target function.
- ; CHECK-LABEL: func_cf
- ; CHECK: movw r0, :lower16:__guard_check_icall_fptr
- ; CHECK: movt r0, :upper16:__guard_check_icall_fptr
- ; CHECK: ldr r1, [r0]
- ; CHECK: movw r4, :lower16:target_func
- ; CHECK: movt r4, :upper16:target_func
- ; CHECK: mov r0, r4
- ; CHECK: blx r1
- ; CHECK-NEXT: blx r4
-}
-attributes #2 = { "target-cpu"="cortex-a9" "target-features"="+armv7-a,+dsp,+fp16,+neon,+strict-align,+thumb-mode,+vfp3"}
-
-
-; Test that Control Flow Guard checks are correctly added on invoke instructions.
-define i32 @func_cf_invoke() #2 personality i8* bitcast (void ()* @h to i8*) {
-entry:
- %0 = alloca i32, align 4
- %func_ptr = alloca i32 ()*, align 8
- store i32 ()* @target_func, i32 ()** %func_ptr, align 8
- %1 = load i32 ()*, i32 ()** %func_ptr, align 8
- %2 = invoke i32 %1()
- to label %invoke.cont unwind label %lpad
-invoke.cont: ; preds = %entry
- ret i32 %2
-
-lpad: ; preds = %entry
- %tmp = landingpad { i8*, i32 }
- catch i8* null
- ret i32 -1
-
- ; The call to __guard_check_icall_fptr should come immediately before the call to the target function.
- ; CHECK-LABEL: func_cf_invoke
- ; CHECK: movw r0, :lower16:__guard_check_icall_fptr
- ; CHECK: movt r0, :upper16:__guard_check_icall_fptr
- ; CHECK: ldr r1, [r0]
- ; CHECK: movw r4, :lower16:target_func
- ; CHECK: movt r4, :upper16:target_func
- ; CHECK: mov r0, r4
- ; CHECK: blx r1
- ; CHECK-NEXT: $Mtmp0:
- ; CHECK-NEXT: blx r4
- ; CHECK: ; %invoke.cont
- ; CHECK: ; %lpad
-}
-
-declare void @h()
-
-
-; Test that longjmp targets have public labels and are included in the .gljmp section.
-%struct._SETJMP_FLOAT128 = type { [2 x i64] }
-@buf1 = internal global [16 x %struct._SETJMP_FLOAT128] zeroinitializer, align 16
-
-define i32 @func_cf_setjmp() #2 {
- %1 = alloca i32, align 4
- %2 = alloca i32, align 4
- store i32 0, i32* %1, align 4
- store i32 -1, i32* %2, align 4
- %3 = call i8* @llvm.frameaddress(i32 0)
- %4 = call i32 @_setjmp(i8* bitcast ([16 x %struct._SETJMP_FLOAT128]* @buf1 to i8*), i8* %3) #3
-
- ; CHECK-LABEL: func_cf_setjmp
- ; CHECK: bl _setjmp
- ; CHECK-NEXT: $cfgsj_func_cf_setjmp0:
-
- %5 = call i8* @llvm.frameaddress(i32 0)
- %6 = call i32 @_setjmp(i8* bitcast ([16 x %struct._SETJMP_FLOAT128]* @buf1 to i8*), i8* %5) #3
-
- ; CHECK: bl _setjmp
- ; CHECK-NEXT: $cfgsj_func_cf_setjmp1:
-
- store i32 1, i32* %2, align 4
- %7 = load i32, i32* %2, align 4
- ret i32 %7
-
- ; CHECK: .section .gljmp$y,"dr"
- ; CHECK-NEXT: .symidx $cfgsj_func_cf_setjmp0
- ; CHECK-NEXT: .symidx $cfgsj_func_cf_setjmp1
-}
-
-declare i8* @llvm.frameaddress(i32)
-
-; Function Attrs: returns_twice
-declare dso_local i32 @_setjmp(i8*, i8*) #3
-
-attributes #3 = { returns_twice }
-
-
-!llvm.module.flags = !{!0}
-!0 = !{i32 2, !"cfguard", i32 2}
+; RUN: llc < %s -mtriple=arm-pc-windows-msvc | FileCheck %s
+; Control Flow Guard is currently only available on Windows
+
+; Test that Control Flow Guard checks are correctly added when required.
+
+
+declare i32 @target_func()
+
+
+; Test that Control Flow Guard checks are not added to functions with nocf_checks attribute.
+define i32 @func_nocf_checks() #0 {
+entry:
+ %func_ptr = alloca i32 ()*, align 8
+ store i32 ()* @target_func, i32 ()** %func_ptr, align 8
+ %0 = load i32 ()*, i32 ()** %func_ptr, align 8
+ %1 = call arm_aapcs_vfpcc i32 %0()
+ ret i32 %1
+
+ ; CHECK-LABEL: func_nocf_checks
+ ; CHECK: movw r0, :lower16:target_func
+ ; CHECK: movt r0, :upper16:target_func
+ ; CHECK-NOT: __guard_check_icall_fptr
+ ; CHECK: blx r0
+}
+attributes #0 = { nocf_check "target-cpu"="cortex-a9" "target-features"="+armv7-a,+dsp,+fp16,+neon,+strict-align,+thumb-mode,+vfp3"}
+
+
+; Test that Control Flow Guard checks are added even at -O0.
+define i32 @func_optnone_cf() #1 {
+entry:
+ %func_ptr = alloca i32 ()*, align 8
+ store i32 ()* @target_func, i32 ()** %func_ptr, align 8
+ %0 = load i32 ()*, i32 ()** %func_ptr, align 8
+ %1 = call i32 %0()
+ ret i32 %1
+
+ ; The call to __guard_check_icall_fptr should come immediately before the call to the target function.
+ ; CHECK-LABEL: func_optnone_cf
+ ; CHECK: movw r0, :lower16:target_func
+ ; CHECK: movt r0, :upper16:target_func
+ ; CHECK: str r0, [sp]
+ ; CHECK: ldr r4, [sp]
+ ; CHECK: movw r0, :lower16:__guard_check_icall_fptr
+ ; CHECK: movt r0, :upper16:__guard_check_icall_fptr
+ ; CHECK: ldr r1, [r0]
+ ; CHECK: mov r0, r4
+ ; CHECK: blx r1
+ ; CHECK-NEXT: blx r4
+}
+attributes #1 = { noinline optnone "target-cpu"="cortex-a9" "target-features"="+armv7-a,+dsp,+fp16,+neon,+strict-align,+thumb-mode,+vfp3"}
+
+
+; Test that Control Flow Guard checks are correctly added in optimized code (common case).
+define i32 @func_cf() #2 {
+entry:
+ %func_ptr = alloca i32 ()*, align 8
+ store i32 ()* @target_func, i32 ()** %func_ptr, align 8
+ %0 = load i32 ()*, i32 ()** %func_ptr, align 8
+ %1 = call i32 %0()
+ ret i32 %1
+
+ ; The call to __guard_check_icall_fptr should come immediately before the call to the target function.
+ ; CHECK-LABEL: func_cf
+ ; CHECK: movw r0, :lower16:__guard_check_icall_fptr
+ ; CHECK: movt r0, :upper16:__guard_check_icall_fptr
+ ; CHECK: ldr r1, [r0]
+ ; CHECK: movw r4, :lower16:target_func
+ ; CHECK: movt r4, :upper16:target_func
+ ; CHECK: mov r0, r4
+ ; CHECK: blx r1
+ ; CHECK-NEXT: blx r4
+}
+attributes #2 = { "target-cpu"="cortex-a9" "target-features"="+armv7-a,+dsp,+fp16,+neon,+strict-align,+thumb-mode,+vfp3"}
+
+
+; Test that Control Flow Guard checks are correctly added on invoke instructions.
+define i32 @func_cf_invoke() #2 personality i8* bitcast (void ()* @h to i8*) {
+entry:
+ %0 = alloca i32, align 4
+ %func_ptr = alloca i32 ()*, align 8
+ store i32 ()* @target_func, i32 ()** %func_ptr, align 8
+ %1 = load i32 ()*, i32 ()** %func_ptr, align 8
+ %2 = invoke i32 %1()
+ to label %invoke.cont unwind label %lpad
+invoke.cont: ; preds = %entry
+ ret i32 %2
+
+lpad: ; preds = %entry
+ %tmp = landingpad { i8*, i32 }
+ catch i8* null
+ ret i32 -1
+
+ ; The call to __guard_check_icall_fptr should come immediately before the call to the target function.
+ ; CHECK-LABEL: func_cf_invoke
+ ; CHECK: movw r0, :lower16:__guard_check_icall_fptr
+ ; CHECK: movt r0, :upper16:__guard_check_icall_fptr
+ ; CHECK: ldr r1, [r0]
+ ; CHECK: movw r4, :lower16:target_func
+ ; CHECK: movt r4, :upper16:target_func
+ ; CHECK: mov r0, r4
+ ; CHECK: blx r1
+ ; CHECK-NEXT: $Mtmp0:
+ ; CHECK-NEXT: blx r4
+ ; CHECK: ; %invoke.cont
+ ; CHECK: ; %lpad
+}
+
+declare void @h()
+
+
+; Test that longjmp targets have public labels and are included in the .gljmp section.
+%struct._SETJMP_FLOAT128 = type { [2 x i64] }
+@buf1 = internal global [16 x %struct._SETJMP_FLOAT128] zeroinitializer, align 16
+
+define i32 @func_cf_setjmp() #2 {
+ %1 = alloca i32, align 4
+ %2 = alloca i32, align 4
+ store i32 0, i32* %1, align 4
+ store i32 -1, i32* %2, align 4
+ %3 = call i8* @llvm.frameaddress(i32 0)
+ %4 = call i32 @_setjmp(i8* bitcast ([16 x %struct._SETJMP_FLOAT128]* @buf1 to i8*), i8* %3) #3
+
+ ; CHECK-LABEL: func_cf_setjmp
+ ; CHECK: bl _setjmp
+ ; CHECK-NEXT: $cfgsj_func_cf_setjmp0:
+
+ %5 = call i8* @llvm.frameaddress(i32 0)
+ %6 = call i32 @_setjmp(i8* bitcast ([16 x %struct._SETJMP_FLOAT128]* @buf1 to i8*), i8* %5) #3
+
+ ; CHECK: bl _setjmp
+ ; CHECK-NEXT: $cfgsj_func_cf_setjmp1:
+
+ store i32 1, i32* %2, align 4
+ %7 = load i32, i32* %2, align 4
+ ret i32 %7
+
+ ; CHECK: .section .gljmp$y,"dr"
+ ; CHECK-NEXT: .symidx $cfgsj_func_cf_setjmp0
+ ; CHECK-NEXT: .symidx $cfgsj_func_cf_setjmp1
+}
+
+declare i8* @llvm.frameaddress(i32)
+
+; Function Attrs: returns_twice
+declare dso_local i32 @_setjmp(i8*, i8*) #3
+
+attributes #3 = { returns_twice }
+
+
+!llvm.module.flags = !{!0}
+!0 = !{i32 2, !"cfguard", i32 2}
diff --git a/llvm/test/CodeGen/ARM/cfguard-module-flag.ll b/llvm/test/CodeGen/ARM/cfguard-module-flag.ll
index 87878a084dc..72f4b026ae0 100644
--- a/llvm/test/CodeGen/ARM/cfguard-module-flag.ll
+++ b/llvm/test/CodeGen/ARM/cfguard-module-flag.ll
@@ -1,26 +1,26 @@
-
-; RUN: llc < %s -mtriple=arm-pc-windows-msvc | FileCheck %s
-; Control Flow Guard is currently only available on Windows
-
-; Test that Control Flow Guard checks are not added in modules with the
-; cfguard=1 flag (emit tables but no checks).
-
-
-declare void @target_func()
-
-define void @func_in_module_without_cfguard() #0 {
-entry:
- %func_ptr = alloca void ()*, align 8
- store void ()* @target_func, void ()** %func_ptr, align 8
- %0 = load void ()*, void ()** %func_ptr, align 8
-
- call void %0()
- ret void
-
- ; CHECK-NOT: __guard_check_icall_fptr
- ; CHECK-NOT: __guard_dispatch_icall_fptr
-}
-attributes #0 = { "correctly-rounded-divide-sqrt-fp-math"="false" "disable-tail-calls"="false" "less-precise-fpmad"="false" "no-frame-pointer-elim"="true" "no-frame-pointer-elim-non-leaf" "no-infs-fp-math"="false" "no-nans-fp-math"="false" "no-signed-zeros-fp-math"="false" "no-trapping-math"="false" "stack-protector-buffer-size"="8" "target-cpu"="cortex-a9" "target-features"="+armv7-a,+dsp,+fp16,+neon,+strict-align,+thumb-mode,+vfp3" "unsafe-fp-math"="false" "use-soft-float"="false"}
-
-!llvm.module.flags = !{!0}
-!0 = !{i32 2, !"cfguard", i32 1}
+
+; RUN: llc < %s -mtriple=arm-pc-windows-msvc | FileCheck %s
+; Control Flow Guard is currently only available on Windows
+
+; Test that Control Flow Guard checks are not added in modules with the
+; cfguard=1 flag (emit tables but no checks).
+
+
+declare void @target_func()
+
+define void @func_in_module_without_cfguard() #0 {
+entry:
+ %func_ptr = alloca void ()*, align 8
+ store void ()* @target_func, void ()** %func_ptr, align 8
+ %0 = load void ()*, void ()** %func_ptr, align 8
+
+ call void %0()
+ ret void
+
+ ; CHECK-NOT: __guard_check_icall_fptr
+ ; CHECK-NOT: __guard_dispatch_icall_fptr
+}
+attributes #0 = { "correctly-rounded-divide-sqrt-fp-math"="false" "disable-tail-calls"="false" "less-precise-fpmad"="false" "no-frame-pointer-elim"="true" "no-frame-pointer-elim-non-leaf" "no-infs-fp-math"="false" "no-nans-fp-math"="false" "no-signed-zeros-fp-math"="false" "no-trapping-math"="false" "stack-protector-buffer-size"="8" "target-cpu"="cortex-a9" "target-features"="+armv7-a,+dsp,+fp16,+neon,+strict-align,+thumb-mode,+vfp3" "unsafe-fp-math"="false" "use-soft-float"="false"}
+
+!llvm.module.flags = !{!0}
+!0 = !{i32 2, !"cfguard", i32 1}
diff --git a/llvm/test/CodeGen/X86/cfguard-checks.ll b/llvm/test/CodeGen/X86/cfguard-checks.ll
index 5a930afef13..d2cd3c9f3ee 100644
--- a/llvm/test/CodeGen/X86/cfguard-checks.ll
+++ b/llvm/test/CodeGen/X86/cfguard-checks.ll
@@ -1,231 +1,231 @@
-; RUN: llc < %s -mtriple=i686-pc-windows-msvc | FileCheck %s -check-prefix=X32
-; RUN: llc < %s -mtriple=x86_64-pc-windows-msvc | FileCheck %s -check-prefix=X64
-; Control Flow Guard is currently only available on Windows
-
-; Test that Control Flow Guard checks are correctly added when required.
-
-
-declare i32 @target_func()
-
-
-; Test that Control Flow Guard checks are not added to functions with nocf_checks attribute.
-define i32 @func_nocf_checks() #0 {
-entry:
- %func_ptr = alloca i32 ()*, align 8
- store i32 ()* @target_func, i32 ()** %func_ptr, align 8
- %0 = load i32 ()*, i32 ()** %func_ptr, align 8
- %1 = call i32 %0()
- ret i32 %1
-
- ; X32-LABEL: func_nocf_checks
- ; X32: movl $_target_func, %eax
- ; X32-NOT: __guard_check_icall_fptr
- ; X32: calll *%eax
-
- ; X64-LABEL: func_nocf_checks
- ; X64: leaq target_func(%rip), %rax
- ; X64-NOT: __guard_dispatch_icall_fptr
- ; X64: callq *%rax
-}
-attributes #0 = { nocf_check }
-
-
-; Test that Control Flow Guard checks are added even at -O0.
-; FIXME Ideally these checks should be added as a single call instruction, as in the optimized case.
-define i32 @func_optnone_cf() #1 {
-entry:
- %func_ptr = alloca i32 ()*, align 8
- store i32 ()* @target_func, i32 ()** %func_ptr, align 8
- %0 = load i32 ()*, i32 ()** %func_ptr, align 8
- %1 = call i32 %0()
- ret i32 %1
-
- ; On i686, the call to __guard_check_icall_fptr should come immediately before the call to the target function.
- ; X32-LABEL: func_optnone_cf
- ; X32: leal _target_func, %eax
- ; X32: movl %eax, (%esp)
- ; X32: movl (%esp), %ecx
- ; X32: movl ___guard_check_icall_fptr, %eax
- ; X32: calll *%eax
- ; X32-NEXT: calll *%ecx
-
- ; On x86_64, __guard_dispatch_icall_fptr tail calls the function, so there should be only one call instruction.
- ; X64-LABEL: func_optnone_cf
- ; X64: leaq target_func(%rip), %rax
- ; X64: movq __guard_dispatch_icall_fptr(%rip), %rcx
- ; X64: callq *%rcx
- ; X64-NOT: callq
-}
-attributes #1 = { noinline optnone }
-
-
-; Test that Control Flow Guard checks are correctly added in optimized code (common case).
-define i32 @func_cf() {
-entry:
- %func_ptr = alloca i32 ()*, align 8
- store i32 ()* @target_func, i32 ()** %func_ptr, align 8
- %0 = load i32 ()*, i32 ()** %func_ptr, align 8
- %1 = call i32 %0()
- ret i32 %1
-
- ; On i686, the call to __guard_check_icall_fptr should come immediately before the call to the target function.
- ; X32-LABEL: func_cf
- ; X32: movl $_target_func, %esi
- ; X32: movl $_target_func, %ecx
- ; X32: calll *___guard_check_icall_fptr
- ; X32-NEXT: calll *%esi
-
- ; On x86_64, __guard_dispatch_icall_fptr tail calls the function, so there should be only one call instruction.
- ; X64-LABEL: func_cf
- ; X64: leaq target_func(%rip), %rax
- ; X64: callq *__guard_dispatch_icall_fptr(%rip)
- ; X64-NOT: callq
-}
-
-
-; Test that Control Flow Guard checks are correctly added on invoke instructions.
-define i32 @func_cf_invoke() personality i8* bitcast (void ()* @h to i8*) {
-entry:
- %0 = alloca i32, align 4
- %func_ptr = alloca i32 ()*, align 8
- store i32 ()* @target_func, i32 ()** %func_ptr, align 8
- %1 = load i32 ()*, i32 ()** %func_ptr, align 8
- %2 = invoke i32 %1()
- to label %invoke.cont unwind label %lpad
-invoke.cont: ; preds = %entry
- ret i32 %2
-
-lpad: ; preds = %entry
- %tmp = landingpad { i8*, i32 }
- catch i8* null
- ret i32 -1
-
- ; On i686, the call to __guard_check_icall_fptr should come immediately before the call to the target function.
- ; X32-LABEL: func_cf_invoke
- ; X32: movl $_target_func, %esi
- ; X32: movl $_target_func, %ecx
- ; X32: calll *___guard_check_icall_fptr
- ; X32-NEXT: calll *%esi
- ; X32: # %invoke.cont
- ; X32: # %lpad
-
- ; On x86_64, __guard_dispatch_icall_fptr tail calls the function, so there should be only one call instruction.
- ; X64-LABEL: func_cf_invoke
- ; X64: leaq target_func(%rip), %rax
- ; X64: callq *__guard_dispatch_icall_fptr(%rip)
- ; X64-NOT: callq
- ; X64: # %invoke.cont
- ; X64: # %lpad
-}
-
-declare void @h()
-
-
-; Test that Control Flow Guard preserves floating point arguments.
-declare double @target_func_doubles(double, double, double, double)
-
-define double @func_cf_doubles() {
-entry:
- %func_ptr = alloca double (double, double, double, double)*, align 8
- store double (double, double, double, double)* @target_func_doubles, double (double, double, double, double)** %func_ptr, align 8
- %0 = load double (double, double, double, double)*, double (double, double, double, double)** %func_ptr, align 8
- %1 = call double %0(double 1.000000e+00, double 2.000000e+00, double 3.000000e+00, double 4.000000e+00)
- ret double %1
-
- ; On i686, the call to __guard_check_icall_fptr should come immediately before the call to the target function.
- ; X32-LABEL: func_cf_doubles
- ; X32: movl $_target_func_doubles, %esi
- ; X32: movl $_target_func_doubles, %ecx
- ; X32: calll *___guard_check_icall_fptr
- ; X32: calll *%esi
-
-
- ; On x86_64, __guard_dispatch_icall_fptr tail calls the function, so there should be only one call instruction.
- ; X64-LABEL: func_cf_doubles
- ; X64: leaq target_func_doubles(%rip), %rax
- ; X64: movsd __real@3ff0000000000000(%rip), %xmm0
- ; X64: movsd __real@4000000000000000(%rip), %xmm1
- ; X64: movsd __real@4008000000000000(%rip), %xmm2
- ; X64: movsd __real@4010000000000000(%rip), %xmm3
- ; X64: callq *__guard_dispatch_icall_fptr(%rip)
- ; X64-NOT: callq
-}
-
-
-; Test that Control Flow Guard checks are correctly added for tail calls.
-define i32 @func_cf_tail() {
-entry:
- %func_ptr = alloca i32 ()*, align 8
- store i32 ()* @target_func, i32 ()** %func_ptr, align 8
- %0 = load i32 ()*, i32 ()** %func_ptr, align 8
- %1 = musttail call i32 %0()
- ret i32 %1
-
- ; On i686, the call to __guard_check_icall_fptr should come immediately before the call to the target function.
- ; X32-LABEL: func_cf_tail
- ; X32: movl $_target_func, %ecx
- ; X32: calll *___guard_check_icall_fptr
- ; X32: movl $_target_func, %eax
- ; X32: jmpl *%eax # TAILCALL
- ; X32-NOT: calll
-
- ; X64-LABEL: func_cf_tail
- ; X64: leaq target_func(%rip), %rax
- ; X64: movq __guard_dispatch_icall_fptr(%rip), %rcx
- ; X64: rex64 jmpq *%rcx # TAILCALL
- ; X64-NOT: callq
-}
-
-
-; Test that longjmp targets have public labels and are included in the .gljmp section.
-%struct._SETJMP_FLOAT128 = type { [2 x i64] }
-@buf1 = internal global [16 x %struct._SETJMP_FLOAT128] zeroinitializer, align 16
-
-define i32 @func_cf_setjmp() {
- %1 = alloca i32, align 4
- %2 = alloca i32, align 4
- store i32 0, i32* %1, align 4
- store i32 -1, i32* %2, align 4
- %3 = call i8* @llvm.frameaddress(i32 0)
- %4 = call i32 @_setjmp(i8* bitcast ([16 x %struct._SETJMP_FLOAT128]* @buf1 to i8*), i8* %3) #2
-
- ; X32-LABEL: func_cf_setjmp
- ; X32: calll __setjmp
- ; X32-NEXT: $cfgsj_func_cf_setjmp0:
-
- ; X64-LABEL: func_cf_setjmp
- ; X64: callq _setjmp
- ; X64-NEXT: $cfgsj_func_cf_setjmp0:
-
- %5 = call i8* @llvm.frameaddress(i32 0)
- %6 = call i32 @_setjmp(i8* bitcast ([16 x %struct._SETJMP_FLOAT128]* @buf1 to i8*), i8* %5) #2
-
- ; X32: calll __setjmp
- ; X32-NEXT: $cfgsj_func_cf_setjmp1:
-
- ; X64: callq _setjmp
- ; X64-NEXT: $cfgsj_func_cf_setjmp1:
-
- store i32 1, i32* %2, align 4
- %7 = load i32, i32* %2, align 4
- ret i32 %7
-
- ; X32: .section .gljmp$y,"dr"
- ; X32-NEXT: .symidx $cfgsj_func_cf_setjmp0
- ; X32-NEXT: .symidx $cfgsj_func_cf_setjmp1
-
- ; X64: .section .gljmp$y,"dr"
- ; X64-NEXT: .symidx $cfgsj_func_cf_setjmp0
- ; X64-NEXT: .symidx $cfgsj_func_cf_setjmp1
-}
-
-declare i8* @llvm.frameaddress(i32)
-
-; Function Attrs: returns_twice
-declare dso_local i32 @_setjmp(i8*, i8*) #2
-
-attributes #2 = { returns_twice }
-
-
-!llvm.module.flags = !{!0}
-!0 = !{i32 2, !"cfguard", i32 2}
+; RUN: llc < %s -mtriple=i686-pc-windows-msvc | FileCheck %s -check-prefix=X32
+; RUN: llc < %s -mtriple=x86_64-pc-windows-msvc | FileCheck %s -check-prefix=X64
+; Control Flow Guard is currently only available on Windows
+
+; Test that Control Flow Guard checks are correctly added when required.
+
+
+declare i32 @target_func()
+
+
+; Test that Control Flow Guard checks are not added to functions with nocf_checks attribute.
+define i32 @func_nocf_checks() #0 {
+entry:
+ %func_ptr = alloca i32 ()*, align 8
+ store i32 ()* @target_func, i32 ()** %func_ptr, align 8
+ %0 = load i32 ()*, i32 ()** %func_ptr, align 8
+ %1 = call i32 %0()
+ ret i32 %1
+
+ ; X32-LABEL: func_nocf_checks
+ ; X32: movl $_target_func, %eax
+ ; X32-NOT: __guard_check_icall_fptr
+ ; X32: calll *%eax
+
+ ; X64-LABEL: func_nocf_checks
+ ; X64: leaq target_func(%rip), %rax
+ ; X64-NOT: __guard_dispatch_icall_fptr
+ ; X64: callq *%rax
+}
+attributes #0 = { nocf_check }
+
+
+; Test that Control Flow Guard checks are added even at -O0.
+; FIXME Ideally these checks should be added as a single call instruction, as in the optimized case.
+define i32 @func_optnone_cf() #1 {
+entry:
+ %func_ptr = alloca i32 ()*, align 8
+ store i32 ()* @target_func, i32 ()** %func_ptr, align 8
+ %0 = load i32 ()*, i32 ()** %func_ptr, align 8
+ %1 = call i32 %0()
+ ret i32 %1
+
+ ; On i686, the call to __guard_check_icall_fptr should come immediately before the call to the target function.
+ ; X32-LABEL: func_optnone_cf
+ ; X32: leal _target_func, %eax
+ ; X32: movl %eax, (%esp)
+ ; X32: movl (%esp), %ecx
+ ; X32: movl ___guard_check_icall_fptr, %eax
+ ; X32: calll *%eax
+ ; X32-NEXT: calll *%ecx
+
+ ; On x86_64, __guard_dispatch_icall_fptr tail calls the function, so there should be only one call instruction.
+ ; X64-LABEL: func_optnone_cf
+ ; X64: leaq target_func(%rip), %rax
+ ; X64: movq __guard_dispatch_icall_fptr(%rip), %rcx
+ ; X64: callq *%rcx
+ ; X64-NOT: callq
+}
+attributes #1 = { noinline optnone }
+
+
+; Test that Control Flow Guard checks are correctly added in optimized code (common case).
+define i32 @func_cf() {
+entry:
+ %func_ptr = alloca i32 ()*, align 8
+ store i32 ()* @target_func, i32 ()** %func_ptr, align 8
+ %0 = load i32 ()*, i32 ()** %func_ptr, align 8
+ %1 = call i32 %0()
+ ret i32 %1
+
+ ; On i686, the call to __guard_check_icall_fptr should come immediately before the call to the target function.
+ ; X32-LABEL: func_cf
+ ; X32: movl $_target_func, %esi
+ ; X32: movl $_target_func, %ecx
+ ; X32: calll *___guard_check_icall_fptr
+ ; X32-NEXT: calll *%esi
+
+ ; On x86_64, __guard_dispatch_icall_fptr tail calls the function, so there should be only one call instruction.
+ ; X64-LABEL: func_cf
+ ; X64: leaq target_func(%rip), %rax
+ ; X64: callq *__guard_dispatch_icall_fptr(%rip)
+ ; X64-NOT: callq
+}
+
+
+; Test that Control Flow Guard checks are correctly added on invoke instructions.
+define i32 @func_cf_invoke() personality i8* bitcast (void ()* @h to i8*) {
+entry:
+ %0 = alloca i32, align 4
+ %func_ptr = alloca i32 ()*, align 8
+ store i32 ()* @target_func, i32 ()** %func_ptr, align 8
+ %1 = load i32 ()*, i32 ()** %func_ptr, align 8
+ %2 = invoke i32 %1()
+ to label %invoke.cont unwind label %lpad
+invoke.cont: ; preds = %entry
+ ret i32 %2
+
+lpad: ; preds = %entry
+ %tmp = landingpad { i8*, i32 }
+ catch i8* null
+ ret i32 -1
+
+ ; On i686, the call to __guard_check_icall_fptr should come immediately before the call to the target function.
+ ; X32-LABEL: func_cf_invoke
+ ; X32: movl $_target_func, %esi
+ ; X32: movl $_target_func, %ecx
+ ; X32: calll *___guard_check_icall_fptr
+ ; X32-NEXT: calll *%esi
+ ; X32: # %invoke.cont
+ ; X32: # %lpad
+
+ ; On x86_64, __guard_dispatch_icall_fptr tail calls the function, so there should be only one call instruction.
+ ; X64-LABEL: func_cf_invoke
+ ; X64: leaq target_func(%rip), %rax
+ ; X64: callq *__guard_dispatch_icall_fptr(%rip)
+ ; X64-NOT: callq
+ ; X64: # %invoke.cont
+ ; X64: # %lpad
+}
+
+declare void @h()
+
+
+; Test that Control Flow Guard preserves floating point arguments.
+declare double @target_func_doubles(double, double, double, double)
+
+define double @func_cf_doubles() {
+entry:
+ %func_ptr = alloca double (double, double, double, double)*, align 8
+ store double (double, double, double, double)* @target_func_doubles, double (double, double, double, double)** %func_ptr, align 8
+ %0 = load double (double, double, double, double)*, double (double, double, double, double)** %func_ptr, align 8
+ %1 = call double %0(double 1.000000e+00, double 2.000000e+00, double 3.000000e+00, double 4.000000e+00)
+ ret double %1
+
+ ; On i686, the call to __guard_check_icall_fptr should come immediately before the call to the target function.
+ ; X32-LABEL: func_cf_doubles
+ ; X32: movl $_target_func_doubles, %esi
+ ; X32: movl $_target_func_doubles, %ecx
+ ; X32: calll *___guard_check_icall_fptr
+ ; X32: calll *%esi
+
+
+ ; On x86_64, __guard_dispatch_icall_fptr tail calls the function, so there should be only one call instruction.
+ ; X64-LABEL: func_cf_doubles
+ ; X64: leaq target_func_doubles(%rip), %rax
+ ; X64: movsd __real@3ff0000000000000(%rip), %xmm0
+ ; X64: movsd __real@4000000000000000(%rip), %xmm1
+ ; X64: movsd __real@4008000000000000(%rip), %xmm2
+ ; X64: movsd __real@4010000000000000(%rip), %xmm3
+ ; X64: callq *__guard_dispatch_icall_fptr(%rip)
+ ; X64-NOT: callq
+}
+
+
+; Test that Control Flow Guard checks are correctly added for tail calls.
+define i32 @func_cf_tail() {
+entry:
+ %func_ptr = alloca i32 ()*, align 8
+ store i32 ()* @target_func, i32 ()** %func_ptr, align 8
+ %0 = load i32 ()*, i32 ()** %func_ptr, align 8
+ %1 = musttail call i32 %0()
+ ret i32 %1
+
+ ; On i686, the call to __guard_check_icall_fptr should come immediately before the call to the target function.
+ ; X32-LABEL: func_cf_tail
+ ; X32: movl $_target_func, %ecx
+ ; X32: calll *___guard_check_icall_fptr
+ ; X32: movl $_target_func, %eax
+ ; X32: jmpl *%eax # TAILCALL
+ ; X32-NOT: calll
+
+ ; X64-LABEL: func_cf_tail
+ ; X64: leaq target_func(%rip), %rax
+ ; X64: movq __guard_dispatch_icall_fptr(%rip), %rcx
+ ; X64: rex64 jmpq *%rcx # TAILCALL
+ ; X64-NOT: callq
+}
+
+
+; Test that longjmp targets have public labels and are included in the .gljmp section.
+%struct._SETJMP_FLOAT128 = type { [2 x i64] }
+@buf1 = internal global [16 x %struct._SETJMP_FLOAT128] zeroinitializer, align 16
+
+define i32 @func_cf_setjmp() {
+ %1 = alloca i32, align 4
+ %2 = alloca i32, align 4
+ store i32 0, i32* %1, align 4
+ store i32 -1, i32* %2, align 4
+ %3 = call i8* @llvm.frameaddress(i32 0)
+ %4 = call i32 @_setjmp(i8* bitcast ([16 x %struct._SETJMP_FLOAT128]* @buf1 to i8*), i8* %3) #2
+
+ ; X32-LABEL: func_cf_setjmp
+ ; X32: calll __setjmp
+ ; X32-NEXT: $cfgsj_func_cf_setjmp0:
+
+ ; X64-LABEL: func_cf_setjmp
+ ; X64: callq _setjmp
+ ; X64-NEXT: $cfgsj_func_cf_setjmp0:
+
+ %5 = call i8* @llvm.frameaddress(i32 0)
+ %6 = call i32 @_setjmp(i8* bitcast ([16 x %struct._SETJMP_FLOAT128]* @buf1 to i8*), i8* %5) #2
+
+ ; X32: calll __setjmp
+ ; X32-NEXT: $cfgsj_func_cf_setjmp1:
+
+ ; X64: callq _setjmp
+ ; X64-NEXT: $cfgsj_func_cf_setjmp1:
+
+ store i32 1, i32* %2, align 4
+ %7 = load i32, i32* %2, align 4
+ ret i32 %7
+
+ ; X32: .section .gljmp$y,"dr"
+ ; X32-NEXT: .symidx $cfgsj_func_cf_setjmp0
+ ; X32-NEXT: .symidx $cfgsj_func_cf_setjmp1
+
+ ; X64: .section .gljmp$y,"dr"
+ ; X64-NEXT: .symidx $cfgsj_func_cf_setjmp0
+ ; X64-NEXT: .symidx $cfgsj_func_cf_setjmp1
+}
+
+declare i8* @llvm.frameaddress(i32)
+
+; Function Attrs: returns_twice
+declare dso_local i32 @_setjmp(i8*, i8*) #2
+
+attributes #2 = { returns_twice }
+
+
+!llvm.module.flags = !{!0}
+!0 = !{i32 2, !"cfguard", i32 2}
diff --git a/llvm/test/CodeGen/X86/cfguard-module-flag.ll b/llvm/test/CodeGen/X86/cfguard-module-flag.ll
index 1b2e71c1a45..0ed58b392aa 100644
--- a/llvm/test/CodeGen/X86/cfguard-module-flag.ll
+++ b/llvm/test/CodeGen/X86/cfguard-module-flag.ll
@@ -1,26 +1,26 @@
-
-; RUN: llc < %s -mtriple=i686-pc-windows-msvc | FileCheck %s -check-prefix=X32
-; RUN: llc < %s -mtriple=x86_64-pc-windows-msvc | FileCheck %s -check-prefix=X64
-; Control Flow Guard is currently only available on Windows
-
-; Test that Control Flow Guard checks are not added in modules with the
-; cfguard=1 flag (emit tables but no checks).
-
-
-declare void @target_func()
-
-define void @func_in_module_without_cfguard() #0 {
-entry:
- %func_ptr = alloca void ()*, align 8
- store void ()* @target_func, void ()** %func_ptr, align 8
- %0 = load void ()*, void ()** %func_ptr, align 8
-
- call void %0()
- ret void
-
- ; X32-NOT: __guard_check_icall_fptr
- ; X64-NOT: __guard_dispatch_icall_fptr
-}
-
-!llvm.module.flags = !{!0}
-!0 = !{i32 2, !"cfguard", i32 1}
+
+; RUN: llc < %s -mtriple=i686-pc-windows-msvc | FileCheck %s -check-prefix=X32
+; RUN: llc < %s -mtriple=x86_64-pc-windows-msvc | FileCheck %s -check-prefix=X64
+; Control Flow Guard is currently only available on Windows
+
+; Test that Control Flow Guard checks are not added in modules with the
+; cfguard=1 flag (emit tables but no checks).
+
+
+declare void @target_func()
+
+define void @func_in_module_without_cfguard() #0 {
+entry:
+ %func_ptr = alloca void ()*, align 8
+ store void ()* @target_func, void ()** %func_ptr, align 8
+ %0 = load void ()*, void ()** %func_ptr, align 8
+
+ call void %0()
+ ret void
+
+ ; X32-NOT: __guard_check_icall_fptr
+ ; X64-NOT: __guard_dispatch_icall_fptr
+}
+
+!llvm.module.flags = !{!0}
+!0 = !{i32 2, !"cfguard", i32 1}
diff --git a/llvm/test/CodeGen/X86/cfguard-x86-64-vectorcall.ll b/llvm/test/CodeGen/X86/cfguard-x86-64-vectorcall.ll
index a554ebeeb90..be7acc53137 100644
--- a/llvm/test/CodeGen/X86/cfguard-x86-64-vectorcall.ll
+++ b/llvm/test/CodeGen/X86/cfguard-x86-64-vectorcall.ll
@@ -1,38 +1,38 @@
-; RUN: llc < %s -mtriple=x86_64-pc-windows-msvc | FileCheck %s -check-prefix=X64
-; Control Flow Guard is currently only available on Windows
-
-
-; Test that Control Flow Guard checks are correctly added for x86_64 vector calls.
-define void @func_cf_vector_x64(void (%struct.HVA)* %0, %struct.HVA* %1) #0 {
-entry:
- %2 = alloca %struct.HVA, align 8
- %3 = bitcast %struct.HVA* %2 to i8*
- %4 = bitcast %struct.HVA* %1 to i8*
- call void @llvm.memcpy.p0i8.p0i8.i64(i8* align 8 %3, i8* align 8 %4, i64 32, i1 false)
- %5 = load %struct.HVA, %struct.HVA* %2, align 8
- call x86_vectorcallcc void %0(%struct.HVA inreg %5)
- ret void
-
- ; X64-LABEL: func_cf_vector_x64
- ; X64: movq %rcx, %rax
- ; X64: movups (%rdx), %xmm0
- ; X64: movups 16(%rdx), %xmm1
- ; X64: movaps %xmm0, 32(%rsp)
- ; X64: movaps %xmm1, 48(%rsp)
- ; X64: movsd 32(%rsp), %xmm0 # xmm0 = mem[0],zero
- ; X64: movsd 40(%rsp), %xmm1 # xmm1 = mem[0],zero
- ; X64: movsd 48(%rsp), %xmm2 # xmm2 = mem[0],zero
- ; X64: movsd 56(%rsp), %xmm3 # xmm3 = mem[0],zero
- ; X64: callq *__guard_dispatch_icall_fptr(%rip)
- ; X64-NOT: callq
-}
-attributes #0 = { "target-cpu"="x86-64" "target-features"="+cx8,+fxsr,+mmx,+sse,+sse2,+x87" }
-
-%struct.HVA = type { double, double, double, double }
-
-declare void @llvm.memcpy.p0i8.p0i8.i64(i8* nocapture writeonly, i8* nocapture readonly, i64, i1 immarg) #1
-attributes #1 = { argmemonly nounwind willreturn }
-
-
-!llvm.module.flags = !{!0}
-!0 = !{i32 2, !"cfguard", i32 2}
+; RUN: llc < %s -mtriple=x86_64-pc-windows-msvc | FileCheck %s -check-prefix=X64
+; Control Flow Guard is currently only available on Windows
+
+
+; Test that Control Flow Guard checks are correctly added for x86_64 vector calls.
+define void @func_cf_vector_x64(void (%struct.HVA)* %0, %struct.HVA* %1) #0 {
+entry:
+ %2 = alloca %struct.HVA, align 8
+ %3 = bitcast %struct.HVA* %2 to i8*
+ %4 = bitcast %struct.HVA* %1 to i8*
+ call void @llvm.memcpy.p0i8.p0i8.i64(i8* align 8 %3, i8* align 8 %4, i64 32, i1 false)
+ %5 = load %struct.HVA, %struct.HVA* %2, align 8
+ call x86_vectorcallcc void %0(%struct.HVA inreg %5)
+ ret void
+
+ ; X64-LABEL: func_cf_vector_x64
+ ; X64: movq %rcx, %rax
+ ; X64: movups (%rdx), %xmm0
+ ; X64: movups 16(%rdx), %xmm1
+ ; X64: movaps %xmm0, 32(%rsp)
+ ; X64: movaps %xmm1, 48(%rsp)
+ ; X64: movsd 32(%rsp), %xmm0 # xmm0 = mem[0],zero
+ ; X64: movsd 40(%rsp), %xmm1 # xmm1 = mem[0],zero
+ ; X64: movsd 48(%rsp), %xmm2 # xmm2 = mem[0],zero
+ ; X64: movsd 56(%rsp), %xmm3 # xmm3 = mem[0],zero
+ ; X64: callq *__guard_dispatch_icall_fptr(%rip)
+ ; X64-NOT: callq
+}
+attributes #0 = { "target-cpu"="x86-64" "target-features"="+cx8,+fxsr,+mmx,+sse,+sse2,+x87" }
+
+%struct.HVA = type { double, double, double, double }
+
+declare void @llvm.memcpy.p0i8.p0i8.i64(i8* nocapture writeonly, i8* nocapture readonly, i64, i1 immarg) #1
+attributes #1 = { argmemonly nounwind willreturn }
+
+
+!llvm.module.flags = !{!0}
+!0 = !{i32 2, !"cfguard", i32 2}
diff --git a/llvm/test/CodeGen/X86/cfguard-x86-vectorcall.ll b/llvm/test/CodeGen/X86/cfguard-x86-vectorcall.ll
index 0f31f5ba4b6..25e3691913c 100644
--- a/llvm/test/CodeGen/X86/cfguard-x86-vectorcall.ll
+++ b/llvm/test/CodeGen/X86/cfguard-x86-vectorcall.ll
@@ -1,43 +1,43 @@
-; RUN: llc < %s -mtriple=i686-pc-windows-msvc | FileCheck %s -check-prefix=X32
-; Control Flow Guard is currently only available on Windows
-
-
-; Test that Control Flow Guard checks are correctly added for x86 vector calls.
-define void @func_cf_vector_x86(void (%struct.HVA)* %0, %struct.HVA* %1) #0 {
-entry:
- %2 = alloca %struct.HVA, align 8
- %3 = bitcast %struct.HVA* %2 to i8*
- %4 = bitcast %struct.HVA* %1 to i8*
- call void @llvm.memcpy.p0i8.p0i8.i32(i8* align 8 %3, i8* align 8 %4, i32 32, i1 false)
- %5 = load %struct.HVA, %struct.HVA* %2, align 8
- call x86_vectorcallcc void %0(%struct.HVA inreg %5)
- ret void
-
- ; X32-LABEL: func_cf_vector_x86
- ; X32: movl 12(%ebp), %eax
- ; X32: movl 8(%ebp), %ecx
- ; X32: movsd 24(%eax), %xmm4 # xmm4 = mem[0],zero
- ; X32: movsd %xmm4, 24(%esp)
- ; X32: movsd 16(%eax), %xmm5 # xmm5 = mem[0],zero
- ; X32: movsd %xmm5, 16(%esp)
- ; X32: movsd (%eax), %xmm6 # xmm6 = mem[0],zero
- ; X32: movsd 8(%eax), %xmm7 # xmm7 = mem[0],zero
- ; X32: movsd %xmm7, 8(%esp)
- ; X32: movsd %xmm6, (%esp)
- ; X32: calll *___guard_check_icall_fptr
- ; X32: movaps %xmm6, %xmm0
- ; X32: movaps %xmm7, %xmm1
- ; X32: movaps %xmm5, %xmm2
- ; X32: movaps %xmm4, %xmm3
- ; X32: calll *%ecx
-}
-attributes #0 = { "target-cpu"="pentium4" "target-features"="+cx8,+fxsr,+mmx,+sse,+sse2,+x87" }
-
-%struct.HVA = type { double, double, double, double }
-
-declare void @llvm.memcpy.p0i8.p0i8.i32(i8* nocapture writeonly, i8* nocapture readonly, i32, i1 immarg) #1
-attributes #1 = { argmemonly nounwind willreturn }
-
-
-!llvm.module.flags = !{!0}
-!0 = !{i32 2, !"cfguard", i32 2}
+; RUN: llc < %s -mtriple=i686-pc-windows-msvc | FileCheck %s -check-prefix=X32
+; Control Flow Guard is currently only available on Windows
+
+
+; Test that Control Flow Guard checks are correctly added for x86 vector calls.
+define void @func_cf_vector_x86(void (%struct.HVA)* %0, %struct.HVA* %1) #0 {
+entry:
+ %2 = alloca %struct.HVA, align 8
+ %3 = bitcast %struct.HVA* %2 to i8*
+ %4 = bitcast %struct.HVA* %1 to i8*
+ call void @llvm.memcpy.p0i8.p0i8.i32(i8* align 8 %3, i8* align 8 %4, i32 32, i1 false)
+ %5 = load %struct.HVA, %struct.HVA* %2, align 8
+ call x86_vectorcallcc void %0(%struct.HVA inreg %5)
+ ret void
+
+ ; X32-LABEL: func_cf_vector_x86
+ ; X32: movl 12(%ebp), %eax
+ ; X32: movl 8(%ebp), %ecx
+ ; X32: movsd 24(%eax), %xmm4 # xmm4 = mem[0],zero
+ ; X32: movsd %xmm4, 24(%esp)
+ ; X32: movsd 16(%eax), %xmm5 # xmm5 = mem[0],zero
+ ; X32: movsd %xmm5, 16(%esp)
+ ; X32: movsd (%eax), %xmm6 # xmm6 = mem[0],zero
+ ; X32: movsd 8(%eax), %xmm7 # xmm7 = mem[0],zero
+ ; X32: movsd %xmm7, 8(%esp)
+ ; X32: movsd %xmm6, (%esp)
+ ; X32: calll *___guard_check_icall_fptr
+ ; X32: movaps %xmm6, %xmm0
+ ; X32: movaps %xmm7, %xmm1
+ ; X32: movaps %xmm5, %xmm2
+ ; X32: movaps %xmm4, %xmm3
+ ; X32: calll *%ecx
+}
+attributes #0 = { "target-cpu"="pentium4" "target-features"="+cx8,+fxsr,+mmx,+sse,+sse2,+x87" }
+
+%struct.HVA = type { double, double, double, double }
+
+declare void @llvm.memcpy.p0i8.p0i8.i32(i8* nocapture writeonly, i8* nocapture readonly, i32, i1 immarg) #1
+attributes #1 = { argmemonly nounwind willreturn }
+
+
+!llvm.module.flags = !{!0}
+!0 = !{i32 2, !"cfguard", i32 2}
OpenPOWER on IntegriCloud