Some instructions operate on addresses but only affect cache state and do not really affect data at that memory address.
This issue covers how to best represent and separate cache addresses versus memory address in the IR so that tools can act on them appropriately without having to dispatch by opcode.
Tracing tools like drmemtrace often have separate types for cache operations versus memory accesses. drmemtrace has separate cache flush record types. And something like a taint tracking tool might not consider a cache operation to propagate "taint" or other metadata, while a memory operation does.
Some examples of specific instructions here:
The goal here is to come to consensus on which operations most tools would want to treat as memory accesses vs cache state changes, and then agree on what the best IR representation is for each (register operand for cache operation and memory operand for memory access?). We would then change the DR decoder to achieve consistent treatment (e.g., change OP_clflush to not have a memory operand).
Some instructions operate on addresses but only affect cache state and do not really affect data at that memory address.
This issue covers how to best represent and separate cache addresses versus memory address in the IR so that tools can act on them appropriately without having to dispatch by opcode.
Tracing tools like drmemtrace often have separate types for cache operations versus memory accesses. drmemtrace has separate cache flush record types. And something like a taint tracking tool might not consider a cache operation to propagate "taint" or other metadata, while a memory operation does.
Some examples of specific instructions here:
On x86 OP_clflush's address is a memory operand, while OP_monitor and OP_umonitor are register operands. It seems like these should all be treated the same. Xref Add x86 decoder/encoder support for the WAITPKG extension. #7917 (comment).
On AArch64,
DC ZVA, unlike otherDCoperations, is not a cache operation but rather operates directly on memory. In AArch64: Implement effective address of DC ZVA cache zero operation #4329 we changed its operand to a memory reference, so tools will treat it as such. (Use the actual written address range in DC ZVA's memory operand #4400 covers another complexity with it.) AArch64 cache operations require special handling by drmemtrace (xref AArch64 prefetch and flush instructions are not marked by drmemtrace #4328).The goal here is to come to consensus on which operations most tools would want to treat as memory accesses vs cache state changes, and then agree on what the best IR representation is for each (register operand for cache operation and memory operand for memory access?). We would then change the DR decoder to achieve consistent treatment (e.g., change OP_clflush to not have a memory operand).