[vm] Add Zicfiss.

TEST=ci, local qemu
Change-Id: Iea22fff14362a6eef937f22ab9121376c7e27014
Reviewed-on: https://dart-review.googlesource.com/c/sdk/+/460883
Reviewed-by: Alexander Aprelev <[email protected]>
Commit-Queue: Ryan Macnak <[email protected]>

Author: rmacnak-google

runtime/vm/compiler/assembler/assembler_riscv.cc

@@ -573,19 +573,19 @@ void MicroAssembler::fencei() {
 
 void MicroAssembler::ecall() {
   ASSERT(Supports(RV_I));
-  EmitIType(ECALL, ZR, F3_0, ZR, SYSTEM);
+  EmitIType(ECALL, ZR, PRIV, ZR, SYSTEM);
 }
 void MicroAssembler::ebreak() {
   ASSERT(Supports(RV_I));
   if (Supports(RV_C)) {
     c_ebreak();
     return;
   }
-  EmitIType(EBREAK, ZR, F3_0, ZR, SYSTEM);
+  EmitIType(EBREAK, ZR, PRIV, ZR, SYSTEM);
 }
 void MicroAssembler::SimulatorPrintObject(Register rs1) {
   ASSERT(Supports(RV_I));
-  EmitIType(ECALL, rs1, F3_0, ZR, SYSTEM);
+  EmitIType(ECALL, rs1, PRIV, ZR, SYSTEM);
 }
 
 void MicroAssembler::csrrw(Register rd, uint32_t csr, Register rs1) {
@@ -1969,6 +1969,51 @@ void MicroAssembler::fleqd(Register rd, FRegister rs1, FRegister rs2) {
   EmitRType(FCMPD, rs2, rs1, FLEQ, rd, OPFP);
 }
 
+void MicroAssembler::sspush(Register rs2) {
+  ASSERT((rs2 == Register(1)) || (rs2 == Register(5)));
+  ASSERT(Supports(RV_Zicfiss));
+  if (Supports(RV_C) && (rs2 == Register(1))) {
+    Emit16(C_SSPUSH);
+  } else {
+    EmitRType(SSPUSH, rs2, ZR, F3_100, ZR, SYSTEM);
+  }
+}
+
+void MicroAssembler::sspopchk(Register rs1) {
+  ASSERT((rs1 == Register(1)) || (rs1 == Register(5)));
+  ASSERT(Supports(RV_Zicfiss));
+  if (Supports(RV_C) && (rs1 == Register(5))) {
+    Emit16(C_SSPOPCHK);
+  } else {
+    EmitIType(SSPOPCHK, rs1, F3_100, ZR, SYSTEM);
+  }
+}
+
+void MicroAssembler::ssrdp(Register rd) {
+  ASSERT(Supports(RV_Zicfiss));
+  EmitIType(SSRDP, ZR, F3_100, rd, SYSTEM);
+}
+
+void MicroAssembler::ssamoswapw(Register rd,
+                                Register rs2,
+                                Address addr,
+                                std::memory_order order) {
+  ASSERT(addr.offset() == 0);
+  ASSERT(Supports(RV_Zicfiss));
+  EmitRType(SSAMOSWAP, order, rs2, addr.base(), WIDTH32, rd, AMO);
+}
+
+#if XLEN >= 64
+void MicroAssembler::ssamoswapd(Register rd,
+                                Register rs2,
+                                Address addr,
+                                std::memory_order order) {
+  ASSERT(addr.offset() == 0);
+  ASSERT(Supports(RV_Zicfiss));
+  EmitRType(SSAMOSWAP, order, rs2, addr.base(), WIDTH64, rd, AMO);
+}
+#endif  // XLEN >= 64
+
 void MicroAssembler::lb(Register rd, Address addr, std::memory_order order) {
   ASSERT(addr.offset() == 0);
   ASSERT((order == std::memory_order_acquire) ||
@@ -2187,6 +2232,7 @@ void MicroAssembler::c_lui(Register rd, uintptr_t imm) {
   ASSERT(Supports(RV_C));
   ASSERT(rd != ZR);
   ASSERT(rd != SP);
+  ASSERT(imm != 0);
   Emit16(C_LUI | EncodeCRd(rd) | EncodeCUImm(imm));
 }
 
@@ -2747,6 +2793,20 @@ void MicroAssembler::EmitR4Type(FRegister rs3,
   Emit32(e);
 }
 
+void MicroAssembler::EmitIType(Funct12 funct12,
+                               Register rs1,
+                               Funct3 funct3,
+                               Register rd,
+                               Opcode opcode) {
+  uint32_t e = 0;
+  e |= EncodeFunct12(funct12);
+  e |= EncodeRs1(rs1);
+  e |= EncodeFunct3(funct3);
+  e |= EncodeRd(rd);
+  e |= EncodeOpcode(opcode);
+  Emit32(e);
+}
+
 void MicroAssembler::EmitIType(intptr_t imm,
                                Register rs1,
                                Funct3 funct3,

runtime/vm/compiler/assembler/assembler_riscv.h

@@ -708,6 +708,21 @@ class MicroAssembler : public AssemblerBase {
   void fltqd(Register rd, FRegister rs1, FRegister rs2);
   void fleqd(Register rd, FRegister rs1, FRegister rs2);
 
+  // ==== Zicfiss: Shadow stack ====
+  void sspush(Register rs2);
+  void sspopchk(Register rs1);
+  void ssrdp(Register rd);
+  void ssamoswapw(Register rd,
+                  Register rs2,
+                  Address addr,
+                  std::memory_order order = std::memory_order_relaxed);
+#if XLEN >= 64
+  void ssamoswapd(Register rd,
+                  Register rs2,
+                  Address addr,
+                  std::memory_order order = std::memory_order_relaxed);
+#endif  // XLEN >= 64
+
   // ==== Zalasr: Load-acquire, store-release ====
   void lb(Register rd, Address addr, std::memory_order order);
   void lh(Register rd, Address addr, std::memory_order order);
@@ -889,6 +904,11 @@ class MicroAssembler : public AssemblerBase {
                   FRegister rd,
                   Opcode opcode);
 
+  void EmitIType(Funct12 funct12,
+                 Register rs1,
+                 Funct3 funct3,
+                 Register rd,
+                 Opcode opcode);
   void EmitIType(intptr_t imm,
                  Register rs1,
                  Funct3 funct3,

runtime/vm/compiler/assembler/assembler_riscv_test.cc

@@ -8597,6 +8597,144 @@ ASSEMBLER_TEST_RUN(StoreDoubleWordRelease, test) {
 }
 #endif  // XLEN >= 64
 
+ASSEMBLER_TEST_GENERATE(ShadowStack, assembler) {
+  __ SetExtensions(RV_G | RV_Zicfiss);
+  Label f;
+  __ sspush(RA);
+  __ jal(RA2, &f);
+  __ sspopchk(RA);
+  __ ret();
+  __ Bind(&f);
+  __ sspush(RA2);
+  __ sspopchk(RA2);
+  __ jr(RA2);
+}
+ASSEMBLER_TEST_RUN(ShadowStack, test) {
+  EXPECT_DISASSEMBLY(
+      "ce104073 sspush ra\n"
+      "00c002ef jal t0, +12\n"
+      "cdc0c073 sspopchk ra\n"
+      "00008067 ret\n"
+      "ce504073 sspush t0\n"
+      "cdc2c073 sspopchk t0\n"
+      "00028067 jr t0\n");
+  EXPECT_EQ(0, Call(test->entry(), 0));
+}
+
+ASSEMBLER_TEST_GENERATE(CompressedShadowStack, assembler) {
+  __ SetExtensions(RV_GC | RV_Zicfiss);
+  Label f;
+  __ sspush(RA);
+  __ jal(RA2, &f);
+  __ sspopchk(RA);
+  __ ret();
+  __ Bind(&f);
+  __ sspush(RA2);
+  __ sspopchk(RA2);
+  __ jr(RA2);
+}
+ASSEMBLER_TEST_RUN(CompressedShadowStack, test) {
+  EXPECT_DISASSEMBLY(
+      "    6081 sspush ra\n"
+      "00a002ef jal t0, +10\n"
+      "cdc0c073 sspopchk ra\n"
+      "    8082 ret\n"
+      "ce504073 sspush t0\n"
+      "    6281 sspopchk t0\n"
+      "    8282 jr t0\n");
+  EXPECT_EQ(0, Call(test->entry(), 0));
+}
+
+ASSEMBLER_TEST_GENERATE(ShadowStackAmoSwapWord, assembler) {
+  __ SetExtensions(RV_G | RV_Zicfiss);
+  __ ssamoswapw(A0, A1, Address(A0));
+  __ ret();
+}
+ASSEMBLER_TEST_RUN(ShadowStackAmoSwapWord, test) {
+  EXPECT_DISASSEMBLY(
+      "48b5252f ssamoswap.w a0, a1, (a0)\n"
+      "00008067 ret\n");
+  // Not running: would trap.
+}
+
+#if XLEN >= 64
+ASSEMBLER_TEST_GENERATE(ShadowStackAmoSwapDoubleWord, assembler) {
+  __ SetExtensions(RV_G | RV_Zicfiss);
+  __ ssamoswapd(A0, A1, Address(A0));
+  __ ret();
+}
+ASSEMBLER_TEST_RUN(ShadowStackAmoSwapDoubleWord, test) {
+  EXPECT_DISASSEMBLY(
+      "48b5352f ssamoswap.d a0, a1, (a0)\n"
+      "00008067 ret\n");
+  // Not running: would trap.
+}
+#endif  // XLEN >= 64
+
+ASSEMBLER_TEST_GENERATE(ShadowStackLongJump, assembler) {
+  __ SetExtensions(RV_G | RV_Zicfiss);
+  Label nlr, func2, setjmp, longjmp, ss_disabled;
+  __ sspush(RA);
+  __ subi(SP, SP, 6 * target::kWordSize);
+  __ sx(RA, Address(SP, 5 * target::kWordSize));
+  __ sx(FP, Address(SP, 4 * target::kWordSize));
+  __ addi(FP, SP, 6 * target::kWordSize);
+  __ addi(A0, SP, 0 * target::kWordSize);
+  __ jal(&setjmp);
+  __ bnez(A0, &nlr);
+  __ addi(A0, SP, 0 * target::kWordSize);
+  __ jal(&func2);
+  __ Bind(&nlr);
+  __ lx(FP, Address(SP, 4 * target::kWordSize));
+  __ lx(RA, Address(SP, 5 * target::kWordSize));
+  __ addi(SP, SP, 6 * target::kWordSize);
+  __ sspopchk(RA);
+  __ ret();
+
+  __ Bind(&func2);
+  __ sspush(RA);
+  __ subi(SP, SP, 2 * target::kWordSize);
+  __ sx(RA, Address(SP, 1 * target::kWordSize));
+  __ sx(FP, Address(SP, 0 * target::kWordSize));
+  __ addi(FP, SP, 1 * target::kWordSize);
+  __ jal(&longjmp);
+  __ lx(FP, Address(SP, 0 * target::kWordSize));
+  __ lx(RA, Address(SP, 1 * target::kWordSize));
+  __ addi(SP, SP, 2 * target::kWordSize);
+  __ sspopchk(RA);
+  __ ret();
+
+  __ Bind(&setjmp);
+  __ sx(RA, Address(A0, 0 * target::kWordSize));
+  __ sx(SP, Address(A0, 1 * target::kWordSize));
+  __ sx(FP, Address(A0, 2 * target::kWordSize));
+  __ ssrdp(A1);
+  __ sx(A1, Address(A0, 3 * target::kWordSize));
+  __ li(A0, 0);
+  __ ret();
+
+  __ Bind(&longjmp);
+  __ lx(RA, Address(A0, 0 * target::kWordSize));
+  __ lx(SP, Address(A0, 1 * target::kWordSize));
+  __ lx(FP, Address(A0, 2 * target::kWordSize));
+  __ lx(A1, Address(A0, 3 * target::kWordSize));
+  __ beqz(A1, &ss_disabled);
+  __ csrw(0x011, A1);
+  __ Bind(&ss_disabled);
+  __ li(A0, 1);
+  __ ret();
+}
+ASSEMBLER_TEST_RUN(ShadowStackLongJump, test) {
+#if defined(DART_INCLUDE_SIMULATOR)
+  Simulator::Current()->set_ss_enabled(true);
+  EXPECT_EQ(1, Call(test->entry()));
+  Simulator::Current()->set_ss_enabled(false);
+  EXPECT_EQ(1, Call(test->entry()));
+#else
+  EXPECT_EQ(1, Call(test->entry()));
+#endif
+}
+
 ASSEMBLER_TEST_GENERATE(LoadImmediate_MaxInt32, assembler) {
   __ SetExtensions(RV_GC);
   __ LoadImmediate(A0, kMaxInt32);

runtime/vm/compiler/assembler/disassembler_riscv.cc

@@ -294,8 +294,14 @@ void RISCVDisassembler::DisassembleInstruction(CInstr instr) {
     case C_LUI:
       if (instr.rd() == SP) {
         Print("addi 'rd, 'rs1, 'i16imm", instr, RV_C);
-      } else {
+      } else if ((instr.rd() != ZR) && (instr.u_imm() != 0)) {
         Print("lui 'rd, 'uimm", instr, RV_C);
+      } else if (instr.encoding() == C_SSPUSH) {
+        Print("sspush ra", instr, RV_Zicfiss | RV_C);
+      } else if (instr.encoding() == C_SSPOPCHK) {
+        Print("sspopchk t0", instr, RV_Zicfiss | RV_C);
+      } else {
+        UnknownInstruction(instr);
       }
       break;
     case C_ADDI:
@@ -1104,7 +1110,7 @@ void RISCVDisassembler::DisassembleMISCMEM(Instr instr) {
 
 void RISCVDisassembler::DisassembleSYSTEM(Instr instr) {
   switch (instr.funct3()) {
-    case 0:
+    case PRIV:
       switch (instr.funct12()) {
         case ECALL:
           if (instr.rs1() == ZR) {
@@ -1120,6 +1126,22 @@ void RISCVDisassembler::DisassembleSYSTEM(Instr instr) {
           UnknownInstruction(instr);
       }
       break;
+    case F3_100: {
+      if ((instr.funct7() == SSPUSH) && (instr.rd() == ZR) &&
+          (instr.rs1() == ZR) &&
+          ((instr.rs2() == Register(1)) || (instr.rs2() == Register(5)))) {
+        Print("sspush 'rs2", instr, RV_Zicfiss);
+      } else if ((instr.funct12() == SSPOPCHK) && (instr.rd() == ZR) &&
+                 ((instr.rs1() == Register(1)) ||
+                  (instr.rs1() == Register(5)))) {
+        Print("sspopchk 'rs1", instr, RV_Zicfiss);
+      } else if ((instr.funct12() == SSRDP) && (instr.rs1() == ZR)) {
+        Print("ssrdp 'rd", instr, RV_Zicfiss);
+      } else {
+        UnknownInstruction(instr);
+      }
+      break;
+    }
     case CSRRW:
       if (instr.rd() == ZR) {
         Print("csrw 'csr, 'rs1", instr, RV_I);
@@ -1309,6 +1331,9 @@ void RISCVDisassembler::DisassembleAMO32(Instr instr) {
     case STOREORDERED:
       Print("sw'order 'rs2, ('rs1)", instr, RV_Zalasr);
       break;
+    case SSAMOSWAP:
+      Print("ssamoswap.w'order 'rd, 'rs2, ('rs1)", instr, RV_Zicfiss);
+      break;
     default:
       UnknownInstruction(instr);
   }
@@ -1356,6 +1381,9 @@ void RISCVDisassembler::DisassembleAMO64(Instr instr) {
     case STOREORDERED:
       Print("sd'order 'rs2, ('rs1)", instr, RV_Zalasr);
       break;
+    case SSAMOSWAP:
+      Print("ssamoswap.d'order 'rd, 'rs2, ('rs1)", instr, RV_Zicfiss);
+      break;
 #endif
     default:
       UnknownInstruction(instr);

runtime/vm/compiler/stub_code_compiler_riscv.cc

@@ -1417,6 +1417,9 @@ void StubCodeCompiler::GenerateInvokeDartCodeStub() {
 
 #if defined(DART_TARGET_OS_FUCHSIA) || defined(DART_TARGET_OS_ANDROID)
   __ sx(GP, Address(A3, target::Thread::saved_shadow_call_stack_offset()));
+  // TODO(riscv): Enable once Fuchsia/Android have Zimop in their baseline.
+  // __ ssrdp(TMP);
+  // __ sx(TMP, Address(A3, target::Thread::saved_ss_offset()));
 #elif defined(USING_SHADOW_CALL_STACK)
 #error Unimplemented
 #endif
@@ -3001,6 +3004,12 @@ void StubCodeCompiler::GenerateJumpToFrameStub() {
   // and Exceptions::JumpToFrame, otherwise the shadow call stack might
   // eventually overflow.
   __ lx(GP, Address(THR, target::Thread::saved_shadow_call_stack_offset()));
+  // TODO(riscv): Enable once Fuchsia/Android have Zimop in their baseline.
+  // __ lx(TMP, Address(THR, target::Thread::saved_ss_offset()));
+  // Label ss_disabled;
+  // __ beqz(TMP, &ss_disabled);
+  // __ csrw(0x011, TMP);
+  // __ Bind(&ss_disabled);
 #elif defined(USING_SHADOW_CALL_STACK)
 #error Unimplemented
 #endif