similar to: funnel shift, select, and poison

Don't we need to distinguish funnel shift from the more specific rotate? I'm not seeing how rotate (a single input op shifted by some amount) gets into trouble like funnel shift (two variables concatenated and shifted by some amount). Eg, if in pseudo IR we have: %funnel_shift = fshl %x, %y, %sh ; this is problematic because either x or y can be poison, but we may not touch the poison when

We have these transforms from funnel shift to a simpler shift op: // fshl(X, 0, C) -> shl X, C // fshl(X, undef, C) -> shl X, C // fshl(0, X, C) -> lshr X, (BW-C) // fshl(undef, X, C) -> lshr X, (BW-C) These were part of: https://reviews.llvm.org/D54778 In all cases, one operand must be 0 or undef and the shift amount is a constant, so I think these are safe.

If I got poison propagation right, it's probably only by luck! Hopefully, the funnel shift bug is fixed here: https://reviews.llvm.org/rL354905 Nuno, IIUC this means that you do *not* need to change the funnel shift semantics in Alive. So I think that means we're still on track to go with John's suggestion that only select and phi can block poison? (I don't know of any

You are right: select in SDAG has to be poison-blocking as well, otherwise the current lowering from IR's select to SDAG's select would be wrong. Which makes the select->or transformation incorrect at SDAG level as well. I guess until recently people believed that poison in SDAG wasn't much of a problem (myself included). I was convinced otherwise with the test cases that

On 2/25/2019 1:24 PM, John Regehr via llvm-dev wrote: > > This is a sound transformation only if foo() returns poison when it is > called with poison as an argument. Then how do you interpret "poison has to propagate through calls"? A typical analysis of a function will either see a call or the inlined body. If "call(poison)" cannot be assumed to be a poison, then

On 2/25/2019 12:28 PM, John Regehr via llvm-dev wrote: > Poison has to propagate through calls and loads/stores, or else > basically nothing works. Consider this: %v0 = call i32 @foo(poison) nounwind/readnone store i32 %v0, i32* %valid_address If we assume that poison propagates through calls, we could then optimize this to %v0 = poison store poison, i32* %valid_address If

On 2/25/2019 11:15 AM, John Regehr via llvm-dev wrote: > I'd just like to add that the general question here is "where does > poison stop propagating" and this question needs to be definitively > answered by this community. Does a call stop poison? Whatever the decision is may be contradicted after inlining, so what should such a call return? A superposition of poison

> Transforms/InstCombine/select.ll > ================================ > define i1 @trueval_is_true(i1 %C, i1 %X) { >  %R = select i1 %C, i1 1, i1 %X >  ret i1 %R > } > => > define i1 @trueval_is_true(i1 %C, i1 %X) { >  %R = or i1 %C, %X >  ret i1 %R > } > ERROR: Target is more poisonous than source (when %C = #x1 & %X = poison) > > (there are

The R code below produces (after running for a few minutes on a decent computer) the plot shown at the following location: http://n2.nabble.com/Is-there-a-physical-and-quantitative-explanation-for-this-plot--td2542321.html I'm just taking the mean of a given set of random variables, where the set size is increased. There appears to be a quick convergence and then a pretty steady variance

As previously discussed in an RFC <http://lists.llvm.org/pipermail/llvm-dev/2018-October/126690.html>, the RISC-V backend has i64 as the only legal integer type for the RV64 target. Thanks to variable-sized register class support, this means there is no need for duplication of either patterns or instruction definitions for RV32 and RV64. It's worth noting that RV64I is a different base

for the function funnelplot(), how do I include 95% confidence intervals for the effect estimate ( ie. / \ )? -- View this message in context: http://www.nabble.com/funnel-plots-tp24003106p24003106.html Sent from the R help mailing list archive at Nabble.com.

I know OpenSSH currently supports PKCS11 devices (such as smartcards) for publickey authentication, but I would love to see PKCS11 extended further. It is currently possible to perform PKCS11 certificate authentication, via pam_krb5.so (on Linux at least and likely something similar on other *NIX) which allows smartcard auth to a Kerberos (including AD) server, where a TGT can also be granted.

On Thu, 13 Dec 2018 at 21:41, Friedman, Eli <efriedma at codeaurora.org> wrote: > > On 12/13/2018 6:25 AM, Alex Bradbury wrote: > > There's also likely to be cases where you want to calculate the demanded bits > > in order to determine if e.g. a W-suffixed instruction can be selected for > > `(somoeop (zexti32 GPR:$rs1), (zexti32 GPR:$rs2))`. This is easy to match

The proposed mitigation for variant 2 of CVE-2017-5715, “branch target injection”, is to send all indirect branches through an instruction sequence known as a retpoline. Because the purpose of a retpoline is to prevent attacker-controlled speculation, we also end up losing the benefits of benign speculation, which can lead to a measurable loss of performance. We can regain some of those benefits

Wouldn't a branch funnel open the door to a type 1 attack? E.g. if the code looks like this, then a branch funnel basically turns into a standard type 1 pattern AFAICT: struct Base { virtual int f(long) = 0; }; struct A : Base { int f(long x) override { return 0; }; }; struct B : Base { int f(long x) override { // As in listing 1 in

Hi, Sean Silva via llvm-dev wrote: > Wouldn't a branch funnel open the door to a type 1 attack? Only if the code looks exactly as you wrote it. If I understand this correctly the problem with indirect branches is that the "gadget", the code leaking the data, could be *anywhere* in the binary, giving the attacker much more freedom. So restricting these calls to one of the

On 7/2/2018 3:16 PM, Sanjay Patel wrote: > I also agree that the per-element rotate for vectors is what we want for > this intrinsic. > > So I have this so far: > > declare i32 @llvm.catshift.i32(i32 %a, i32 %b, i32 %shift_amount) > declare <2 x i32> @llvm.catshift.v2i32(<2 x i32> %a, <2 x i32> %b, <2 x i32> %shift_amount) > > For

Alon, I should have provided more background. You are assuming that I could perform the PKINIT prior to connecting to the SSH server. In this case (and others) there is an interest in not exposing the kerberos servers to the world and thus someone connecting remotely would not be able to obtain a TGT or do a PKINIT. The goal would be for SSH to handle all the auth and only after connecting to

Hi all, Just ran into some issue with the originate AMI command. It seems that there is a limit of around 120 calls I can place with the originate command simutanously. By that I mean sending Asterisk a lot of originate command very fast. Anyone know if there is a limitation? Thnx. -------------- next part -------------- An HTML attachment was scrubbed... URL:

Alon, On 12/18/2018 06:52 PM, Alon Bar-Lev wrote: > OK... So you have an issue... > > First, you need to delegate your smartcard to remote machine, probably > using unix socket redirection managed by openssh. This can be done in > many levels... > 1. Delegate USB device, this will enable only exclusive usage of the > smartcard by remote machine. > 2. Delegate PC/SC, this