<html><head><meta http-equiv="Content-Type" content="text/html charset=us-ascii"></head><body style="word-wrap: break-word; -webkit-nbsp-mode: space; -webkit-line-break: after-white-space;" class=""><br class=""><div><blockquote type="cite" class=""><div class="">On Oct 13, 2017, at 4:33 PM, Peter Collingbourne <<a href="mailto:peter@pcc.me.uk" class="">peter@pcc.me.uk</a>> wrote:</div><br class="Apple-interchange-newline"><div class=""><div dir="ltr" class=""><br class=""><div class="gmail_extra"><br class=""><div class="gmail_quote">On Fri, Oct 13, 2017 at 4:19 PM, Vedant Kumar <span dir="ltr" class=""><<a href="mailto:vsk@apple.com" target="_blank" class="">vsk@apple.com</a>></span> wrote:<br class=""><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex"><div style="word-wrap:break-word" class=""><br class=""><div class=""><span class="gmail-"><blockquote type="cite" class=""><div class="">On Oct 13, 2017, at 4:08 PM, Peter Collingbourne <<a href="mailto:peter@pcc.me.uk" target="_blank" class="">peter@pcc.me.uk</a>> wrote:</div><br class="gmail-m_-1168769028488826600Apple-interchange-newline"><div class=""><div dir="ltr" class=""><div class="gmail_extra"><div class="gmail_quote">On Fri, Oct 13, 2017 at 4:06 PM, Peter Collingbourne <span dir="ltr" class=""><<a href="mailto:peter@pcc.me.uk" target="_blank" class="">peter@pcc.me.uk</a>></span> wrote:<br class=""><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex"><div dir="ltr" class=""><div class="">Here's a small reproducer.</div><div class=""><br class=""></div><div class="">struct A {</div><div class="">  virtual void f(...);</div><div class="">};</div><div class=""><br class=""></div><div class="">struct B : virtual A {</div><div class="">  virtual void b();</div><div class="">  virtual void f(...);</div><div class="">};</div><div class=""><br class=""></div><div class="">void B::f(...) {}</div><div class=""><br class=""></div><div class="">$ clang++ -fsanitize=function fsan.cpp -ffunction-sections -fdata-sections -c -o /dev/null<br class=""></div><div class=""><div class="">fatal error: error in backend: Cannot represent a difference across sections</div></div><div class=""><br class=""></div><div class="">Looking at the IR I see this function definition:</div><div class="">define void @_ZTv0_n24_N1B1fEz(%struct.B* %this, ...) unnamed_addr #0 align 2 prologue <{ i32, i32 }> <{ i32 846595819, i32 trunc (i64 sub (i64 ptrtoint (i8** @0 to i64), i64 ptrtoint (void (%struct.B*, ...)* @_ZN1B1fEz to i64)) to i32) }> {<br class=""></div><div class="">which appears to cause the error.</div><div class=""><br class=""></div><div class="">I get basically the same IR if I use a Darwin target triple, so this isn't a Linux-specific issue. (On Darwin we end up successfully creating an object file, but the embedded offset in the text section will presumably be incorrect.)</div><div class=""><br class=""></div><div class="">Note that we're emitting prologue data on virtual functions, which is unnecessary because -fsanitize=function only checks indirect calls via function pointers. So I imagine that one way to solve the problem would be to turn off prologue data emission on non-virtual functions.</div></div></blockquote><div class=""><br class=""></div><div class="">Sorry, I meant "limit prologue data emission to non-virtual functions".</div></div></div></div></div></blockquote><div class=""><br class=""></div></span><div class="">That's independently a great idea :).</div><div class=""><br class=""></div><div class="">I don't see a problem in the IR you've showed above, however. Why do you expect the embedded offset to be incorrect? This program links and runs fine on Darwin:</div><div class=""><br class=""></div><div class="">---</div><div class=""><span class="gmail-"><div class="">struct A {</div><div class="">  virtual void f(...) {}</div><div class="">};</div><div class=""><br class=""></div><div class="">struct B : virtual A {</div><div class="">  virtual void b() {}</div><div class="">  virtual void f(...);</div><div class="">};</div><div class=""><br class=""></div><div class="">void B::f(...) {}</div><div class=""><br class=""></div></span><div class="">int main() {</div><div class="">  A a;</div><div class="">  a.f();</div><div class=""><br class=""></div><div class="">  B b;</div><div class="">  b.f();</div><div class="">  b.b();</div><div class="">  return 0;</div><div class="">}</div><div class="">---</div><div class=""><br class=""></div><div class="">The "Cannot represent difference..." error appears limited to ELF and Wasm, afaik.</div></div></div></div></blockquote><div class=""><br class=""></div><div class="">In order to find the RTTI data for a function, the generated code will add the embedded offset to the function's address in order to find the global that contains the pointer to the RTTI data. So if we were to compute the address of _ZTv0_n24_N1B1fEz's global, we would compute the value:</div><div class="">_ZTv0_n24_N1B1fEz + (@0 -_ZN1B1fEz)</div><div class="">which, of course, will not yield the address of @0.</div><div class=""><br class=""></div><div class="">I would certainly expect your program to run correctly because we do not try to interpret the prologue data when calling a virtual function, so the incorrectness of the offset has no effect on the program's execution.</div></div></div></div></div></blockquote><div><br class=""></div>Thanks for explaining. I am still confused on one point.</div><div><br class=""></div><div>Calling a function pointer to a virtual member doesn't seem to trigger a UBSan type check. I can see why "_ZTv0_n24_N1B1fEz + (@0 -_ZN1B1fEz)" doesn't make sense, but I don't know how we'd ever get there. Consider:</div><div><br class=""></div><div>---</div><span class="">class A {<br class="">public:<br class="">  virtual int f() = 0;<br class="">};<br class=""><br class="">class B : public A {<br class="">  int f() { return 42; }<br class="">};<br class=""><br class="">struct C {<br class="">  void g() {}<br class="">  static void h() {}<br class="">};<br class=""><br class="">int main() {<br class="">  auto h = &C::h;<br class="">  h(); // type checked<br class=""><br class="">  C c;<br class="">  void (C::*g)() = &C::g;<br class="">  (c.*g)(); // not checked<br class=""><br class="">  int (A::*f)() = &A::f;<br class="">  A *a = new B;<br class="">  return (a->*f)(); // not checked<br class="">}</span><div class=""><span class="">---<br class=""></span><div><br class=""></div><div>So, I'm not sure how we would get into a situation where we compute "_ZTv0_n24_N1B1fEz + (@0 -_ZN1B1fEz)". In the last code example I posted, there are also no calls to the function type check handler.</div><div><br class=""></div><div>At any rate, I implemented your idea to not emit signatures for virtual methods:</div><div><a href="https://reviews.llvm.org/D38913" class="">https://reviews.llvm.org/D38913</a></div><div><br class=""></div><div>It's at least good for a code size savings, and it might fix the issue Eric and Han are seeing. I'd appreciate any feedback.</div><div><br class=""></div><div>thanks,</div><div>vedant</div><div><br class=""></div><div><br class=""><blockquote type="cite" class=""><div class=""><div dir="ltr" class=""><div class="gmail_extra"><div class="gmail_quote"><div class=""><br class=""></div><div class="">Peter</div><div class=""><br class=""></div><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex"><div style="word-wrap:break-word" class=""><div class=""><div class=""><span class="gmail-HOEnZb"><font color="#888888" class=""><div class=""><br class=""></div><div class="">vedant</div></font></span></div><div class=""><div class="gmail-h5"><br class=""><blockquote type="cite" class=""><div class=""><div dir="ltr" class=""><div class="gmail_extra"><div class="gmail_quote"><div class=""><br class=""></div><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex"><div dir="ltr" class=""><div class="">Peter</div></div><div class="gmail_extra"><div class=""><div class="gmail-m_-1168769028488826600h5"><br class=""><div class="gmail_quote">On Fri, Oct 13, 2017 at 3:06 PM, Vedant Kumar <span dir="ltr" class=""><<a href="mailto:vsk@apple.com" target="_blank" class="">vsk@apple.com</a>></span> wrote:<br class=""><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex"><div style="word-wrap:break-word" class=""><br class=""><div class=""><span class=""><blockquote type="cite" class=""><div class="">On Oct 13, 2017, at 2:52 PM, Eric Christopher <<a href="mailto:echristo@gmail.com" target="_blank" class="">echristo@gmail.com</a>> wrote:</div><br class="gmail-m_-1168769028488826600m_-3309266437497712727m_1661471059887043044Apple-interchange-newline"><div class=""><div dir="ltr" style="font-family:Helvetica;font-size:12px;font-style:normal;font-variant-caps:normal;font-weight:normal;letter-spacing:normal;text-align:start;text-indent:0px;text-transform:none;white-space:normal;word-spacing:0px" class=""><br class=""><br class=""><div class="gmail_quote"><div dir="ltr" class="">On Fri, Oct 13, 2017 at 2:50 PM Vedant Kumar <<a href="mailto:vsk@apple.com" target="_blank" class="">vsk@apple.com</a>> wrote:<br class=""></div><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex"><div style="word-wrap:break-word" class=""><div class=""><blockquote type="cite" class=""><div class="">On Oct 13, 2017, at 1:44 PM, Eric Christopher <<a href="mailto:echristo@gmail.com" target="_blank" class="">echristo@gmail.com</a>> wrote:</div><br class="gmail-m_-1168769028488826600m_-3309266437497712727m_1661471059887043044m_2234658512918948257Apple-interchange-newline"><div class=""><div dir="ltr" class=""><br class=""><br class=""><div class="gmail_quote"><div dir="ltr" class="">On Fri, Oct 13, 2017 at 1:42 PM Vedant Kumar <<a href="mailto:vsk@apple.com" target="_blank" class="">vsk@apple.com</a>> wrote:<br class=""></div><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex"><div style="word-wrap:break-word" class=""><div class=""><blockquote type="cite" class=""><div class="">On Oct 13, 2017, at 1:39 PM, Vedant Kumar <<a href="mailto:vsk@apple.com" target="_blank" class="">vsk@apple.com</a>> wrote:</div><br class="gmail-m_-1168769028488826600m_-3309266437497712727m_1661471059887043044m_2234658512918948257m_-5414524569825149145Apple-interchange-newline"><div class=""><div style="word-wrap:break-word" class=""><div class="">Hey Eric,</div><div class=""><br class=""></div><div class="">I'm sorry for the breakage. I made sure to check the run-time tests in compiler-rt but we could have missing coverage there.</div><div class=""><br class=""></div><div class="">The original version of this patch restricted the prologue data changes to Darwin only. We can switch back to that easily, just let me know.</div></div></div></blockquote><div class=""><br class=""></div></div></div><div style="word-wrap:break-word" class=""><div class="">Actually I'll go ahead and work a patch up.</div></div><div style="word-wrap:break-word" class=""><div class=""><br class=""></div></div></blockquote><div class=""><br class=""></div><div class="">Appreciated :)</div><div class=""><br class=""></div><div class="">Basically we were getting an error of:</div><div class=""><br class=""></div><div class=""><span style="color:rgb(33,33,33);font-size:13px" class="">error: Cannot represent a difference across sections</span><br style="color:rgb(33,33,33);font-size:13px" class=""></div><div class=""><span style="color:rgb(33,33,33);font-size:13px" class=""><br class=""></span></div><div class=""><span style="color:rgb(33,33,33);font-size:13px" class="">trying to compile things with the current code.</span></div></div></div></div></blockquote><div class=""><br class=""></div></div></div><div style="word-wrap:break-word" class=""><div class=""><div class="">Oh I see.. well, we started using a difference between the address of a function and the address of a global, so the error makes sense.</div><div class=""><br class=""></div><div class="">I'd be interested in any factors that could narrow the problem down (e.g using a specific linker, using -ffunction-sections, using data-sections, etc). Basically I'm not sure why this would work on some Linux setups but not others.</div><div class=""><br class=""></div></div></div></blockquote><div class=""><br class=""></div><div class="">Definitely using the latter two options and gold as a linker. I'll see what Han can come up with.</div></div></div></div></blockquote><div class=""><br class=""></div></span>Gotcha. Well, -ffunction-sections appears to be untested in compiler-rt/test/ubsan, at least.</div><div class=""><br class=""></div><div class="">There's a test somewhere in there called function.cpp -- it would be great if we could cover the *-sections options there. I'm not sure whether that's what caused the failure, but the extra coverage couldn't hurt :). I would do it myself but I don't have a Linux machine to test on.</div><span class="gmail-m_-1168769028488826600m_-3309266437497712727HOEnZb"><font color="#888888" class=""><div class=""><br class=""></div><div class="">vedant</div></font></span><div class=""><div class="gmail-m_-1168769028488826600m_-3309266437497712727h5"><div class=""><br class=""><blockquote type="cite" class=""><div class=""><div dir="ltr" style="font-family:Helvetica;font-size:12px;font-style:normal;font-variant-caps:normal;font-weight:normal;letter-spacing:normal;text-align:start;text-indent:0px;text-transform:none;white-space:normal;word-spacing:0px" class=""><div class="gmail_quote"><div class=""> </div><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex"><div style="word-wrap:break-word" class=""><div class=""><div class=""></div><div class="">While we figure that out here's a patch to limit the impact on non-Darwin platforms:</div><div class=""><a href="https://reviews.llvm.org/D38903" target="_blank" class="">https://reviews.llvm.org/D3890<wbr class="">3</a></div></div></div></blockquote><div class=""><br class=""></div><div class="">*goes a looking*</div><div class=""><br class=""></div><div class="">Thanks!</div><div class=""><br class=""></div><div class="">-eric </div><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex"><div style="word-wrap:break-word" class=""><div class=""><div class=""><br class=""></div><div class="">vedant</div></div></div><div style="word-wrap:break-word" class=""><div class=""><br class=""><blockquote type="cite" class=""><div class=""><div dir="ltr" class=""><div class="gmail_quote"><div class=""><span style="color:rgb(33,33,33);font-size:13px" class=""><br class=""></span></div><div class=""><span style="color:rgb(33,33,33);font-size:13px" class="">Thanks!</span></div><div class=""><br class=""></div><div class=""><font color="#212121" class="">-eric</font></div><div class=""> </div><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex"><div style="word-wrap:break-word" class=""><div class=""></div><div class="">vedant</div></div><div style="word-wrap:break-word" class=""><div class=""><br class=""><blockquote type="cite" class=""><div class=""><div style="word-wrap:break-word" class=""><div class=""><br class=""></div><div class="">vedant</div><div class=""><br class=""></div><br class=""><div class=""><blockquote type="cite" class=""><div class="">On Oct 13, 2017, at 1:33 PM, Eric Christopher <<a href="mailto:echristo@gmail.com" target="_blank" class="">echristo@gmail.com</a>> wrote:</div><br class="gmail-m_-1168769028488826600m_-3309266437497712727m_1661471059887043044m_2234658512918948257m_-5414524569825149145Apple-interchange-newline"><div class=""><div dir="ltr" class="">Hi Vedant,<div class=""><br class=""></div><div class="">So this actually broke -fsanitize=function on linux. Han is working up a testcase for it, but letting you know for now that we'll probably need some change here.</div><div class=""><br class=""></div><div class="">-eric<br class=""><br class=""><div class="gmail_quote"><div dir="ltr" class="">On Tue, Sep 12, 2017 at 5:05 PM Vedant Kumar via cfe-commits <<a href="mailto:cfe-commits@lists.llvm.org" target="_blank" class="">cfe-commits@lists.llvm.org</a>> wrote:<br class=""></div><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex">Author: vedantk<br class="">Date: Tue Sep 12 17:04:35 2017<br class="">New Revision: 313096<br class=""><br class="">URL:<span class="gmail-m_-1168769028488826600m_-3309266437497712727m_1661471059887043044Apple-converted-space"> </span><a href="http://llvm.org/viewvc/llvm-project?rev=313096&view=rev" rel="noreferrer" target="_blank" class="">http://llvm.org/viewvc/ll<wbr class="">vm-project?rev=313096&view=rev</a><br class="">Log:<br class="">[ubsan] Function Sanitizer: Don't require writable text segments<br class=""><br class="">This change will make it possible to use -fsanitize=function on Darwin and<br class="">possibly on other platforms. It fixes an issue with the way RTTI is stored into<br class="">function prologue data.<br class=""><br class="">On Darwin, addresses stored in prologue data can't require run-time fixups and<br class="">must be PC-relative. Run-time fixups are undesirable because they necessitate<br class="">writable text segments, which can lead to security issues. And absolute<br class="">addresses are undesirable because they break PIE mode.<br class=""><br class="">The fix is to create a private global which points to the RTTI, and then to<br class="">encode a PC-relative reference to the global into prologue data.<br class=""><br class="">Differential Revision:<span class="gmail-m_-1168769028488826600m_-3309266437497712727m_1661471059887043044Apple-converted-space"> </span><a href="https://reviews.llvm.org/D37597" rel="noreferrer" target="_blank" class="">https://reviews.llvm<wbr class="">.org/D37597</a><br class=""><br class="">Modified:<br class="">   <span class="gmail-m_-1168769028488826600m_-3309266437497712727m_1661471059887043044Apple-converted-space"> </span>cfe/trunk/lib/CodeGen/CGExpr<wbr class="">.cpp<br class="">   <span class="gmail-m_-1168769028488826600m_-3309266437497712727m_1661471059887043044Apple-converted-space"> </span>cfe/trunk/lib/CodeGen/CodeGe<wbr class="">nFunction.cpp<br class="">   <span class="gmail-m_-1168769028488826600m_-3309266437497712727m_1661471059887043044Apple-converted-space"> </span>cfe/trunk/lib/CodeGen/CodeGe<wbr class="">nFunction.h<br class="">   <span class="gmail-m_-1168769028488826600m_-3309266437497712727m_1661471059887043044Apple-converted-space"> </span>cfe/trunk/lib/CodeGen/Target<wbr class="">Info.cpp<br class="">   <span class="gmail-m_-1168769028488826600m_-3309266437497712727m_1661471059887043044Apple-converted-space"> </span>cfe/trunk/test/CodeGenCXX/ca<wbr class="">tch-undef-behavior.cpp<br class=""><br class="">Modified: cfe/trunk/lib/CodeGen/CGExpr.c<wbr class="">pp<br class="">URL:<span class="gmail-m_-1168769028488826600m_-3309266437497712727m_1661471059887043044Apple-converted-space"> </span><a href="http://llvm.org/viewvc/llvm-project/cfe/trunk/lib/CodeGen/CGExpr.cpp?rev=313096&r1=313095&r2=313096&view=diff" rel="noreferrer" target="_blank" class="">http://llvm.org/viewvc/ll<wbr class="">vm-project/cfe/trunk/lib/CodeG<wbr class="">en/CGExpr.cpp?rev=313096&r1=31<wbr class="">3095&r2=313096&view=diff</a><br class="">==============================<wbr class="">==============================<wbr class="">==================<br class="">--- cfe/trunk/lib/CodeGen/CGExpr.c<wbr class="">pp (original)<br class="">+++ cfe/trunk/lib/CodeGen/CGExpr.c<wbr class="">pp Tue Sep 12 17:04:35 2017<br class="">@@ -4409,10 +4409,7 @@ RValue CodeGenFunction::EmitCall(Qual<wbr class="">Typ<br class="">       SanitizerScope SanScope(this);<br class="">       llvm::Constant *FTRTTIConst =<br class="">           CGM.GetAddrOfRTTIDescriptor(Q<wbr class="">ualType(FnType, 0), /*ForEH=*/true);<br class="">-      llvm::Type *PrefixStructTyElems[] = {<br class="">-        PrefixSig->getType(),<br class="">-        FTRTTIConst->getType()<br class="">-      };<br class="">+      llvm::Type *PrefixStructTyElems[] = {PrefixSig->getType(), Int32Ty};<br class="">       llvm::StructType *PrefixStructTy = llvm::StructType::get(<br class="">           CGM.getLLVMContext(), PrefixStructTyElems, /*isPacked=*/true);<br class=""><br class="">@@ -4433,8 +4430,10 @@ RValue CodeGenFunction::EmitCall(Qual<wbr class="">Typ<br class="">       EmitBlock(TypeCheck);<br class="">       llvm::Value *CalleeRTTIPtr =<br class="">           Builder.CreateConstGEP2_32(Pr<wbr class="">efixStructTy, CalleePrefixStruct, 0, 1);<br class="">-      llvm::Value *CalleeRTTI =<br class="">+      llvm::Value *CalleeRTTIEncoded =<br class="">           Builder.CreateAlignedLoad(Cal<wbr class="">leeRTTIPtr, getPointerAlign());<br class="">+      llvm::Value *CalleeRTTI =<br class="">+          DecodeAddrUsedInPrologue(Calle<wbr class="">ePtr, CalleeRTTIEncoded);<br class="">       llvm::Value *CalleeRTTIMatch =<br class="">           Builder.CreateICmpEQ(CalleeRT<wbr class="">TI, FTRTTIConst);<br class="">       llvm::Constant *StaticData[] = {<br class=""><br class="">Modified: cfe/trunk/lib/CodeGen/CodeGenF<wbr class="">unction.cpp<br class="">URL:<span class="gmail-m_-1168769028488826600m_-3309266437497712727m_1661471059887043044Apple-converted-space"> </span><a href="http://llvm.org/viewvc/llvm-project/cfe/trunk/lib/CodeGen/CodeGenFunction.cpp?rev=313096&r1=313095&r2=313096&view=diff" rel="noreferrer" target="_blank" class="">http://llvm.org/viewvc/ll<wbr class="">vm-project/cfe/trunk/lib/CodeG<wbr class="">en/CodeGenFunction.cpp?rev=313<wbr class="">096&r1=313095&r2=313096&view=<wbr class="">diff</a><br class="">==============================<wbr class="">==============================<wbr class="">==================<br class="">--- cfe/trunk/lib/CodeGen/CodeGenF<wbr class="">unction.cpp (original)<br class="">+++ cfe/trunk/lib/CodeGen/CodeGenF<wbr class="">unction.cpp Tue Sep 12 17:04:35 2017<br class="">@@ -429,6 +429,43 @@ bool CodeGenFunction::ShouldXRayIns<wbr class="">trume<br class="">   return CGM.getCodeGenOpts().XRayInstr<wbr class="">umentFunctions;<br class=""> }<br class=""><br class="">+llvm::Constant *<br class="">+CodeGenFunction::EncodeAddrFo<wbr class="">rUseInPrologue(llvm::Function *F,<br class="">+                                            llvm::Constant *Addr) {<br class="">+  // Addresses stored in prologue data can't require run-time fixups and must<br class="">+  // be PC-relative. Run-time fixups are undesirable because they necessitate<br class="">+  // writable text segments, which are unsafe. And absolute addresses are<br class="">+  // undesirable because they break PIE mode.<br class="">+<br class="">+  // Add a layer of indirection through a private global. Taking its address<br class="">+  // won't result in a run-time fixup, even if Addr has linkonce_odr linkage.<br class="">+  auto *GV = new llvm::GlobalVariable(CGM.getMo<wbr class="">dule(), Addr->getType(),<br class="">+                                      /*isConstant=*/true,<br class="">+                                      llvm::GlobalValue::PrivateLink<wbr class="">age, Addr);<br class="">+<br class="">+  // Create a PC-relative address.<br class="">+  auto *GOTAsInt = llvm::ConstantExpr::getPtrToIn<wbr class="">t(GV, IntPtrTy);<br class="">+  auto *FuncAsInt = llvm::ConstantExpr::getPtrToIn<wbr class="">t(F, IntPtrTy);<br class="">+  auto *PCRelAsInt = llvm::ConstantExpr::getSub(GOT<wbr class="">AsInt, FuncAsInt);<br class="">+  return (IntPtrTy == Int32Ty)<br class="">+             ? PCRelAsInt<br class="">+             : llvm::ConstantExpr::getTrunc(P<wbr class="">CRelAsInt, Int32Ty);<br class="">+}<br class="">+<br class="">+llvm::Value *<br class="">+CodeGenFunction::DecodeAddrUs<wbr class="">edInPrologue(llvm::Value *F,<br class="">+                                          llvm::Value *EncodedAddr) {<br class="">+  // Reconstruct the address of the global.<br class="">+  auto *PCRelAsInt = Builder.CreateSExt(EncodedAddr<wbr class="">, IntPtrTy);<br class="">+  auto *FuncAsInt = Builder.CreatePtrToInt(F, IntPtrTy, "<a href="http://func_addr.int/" rel="noreferrer" target="_blank" class="">func_addr.int</a>");<br class="">+  auto *GOTAsInt = Builder.CreateAdd(PCRelAsInt, FuncAsInt, "<a href="http://global_addr.int/" rel="noreferrer" target="_blank" class="">global_addr.int</a>");<br class="">+  auto *GOTAddr = Builder.CreateIntToPtr(GOTAsIn<wbr class="">t, Int8PtrPtrTy, "global_addr");<br class="">+<br class="">+  // Load the original pointer through the global.<br class="">+  return Builder.CreateLoad(Address(GOT<wbr class="">Addr, getPointerAlign()),<br class="">+                            "decoded_addr");<br class="">+}<br class="">+<br class=""> /// EmitFunctionInstrumentation - Emit LLVM code to call the specified<br class=""> /// instrumentation function with the current function and the call site, if<br class=""> /// function instrumentation is enabled.<br class="">@@ -856,7 +893,10 @@ void CodeGenFunction::StartFunction<wbr class="">(Glob<br class="">               CGM.getTargetCodeGenInfo().ge<wbr class="">tUBSanFunctionSignature(CGM)) {<br class="">         llvm::Constant *FTRTTIConst =<br class="">             CGM.GetAddrOfRTTIDescriptor(F<wbr class="">D->getType(), /*ForEH=*/true);<br class="">-        llvm::Constant *PrologueStructElems[] = { PrologueSig, FTRTTIConst };<br class="">+        llvm::Constant *FTRTTIConstEncoded =<br class="">+            EncodeAddrForUseInPrologue(Fn, FTRTTIConst);<br class="">+        llvm::Constant *PrologueStructElems[] = {PrologueSig,<br class="">+                                                 FTRTTIConstEncoded};<br class="">         llvm::Constant *PrologueStructConst =<br class="">             llvm::ConstantStruct::getAnon<wbr class="">(PrologueStructElems, /*Packed=*/true);<br class="">         Fn->setPrologueData(PrologueS<wbr class="">tructConst);<br class=""><br class="">Modified: cfe/trunk/lib/CodeGen/CodeGenF<wbr class="">unction.h<br class="">URL:<span class="gmail-m_-1168769028488826600m_-3309266437497712727m_1661471059887043044Apple-converted-space"> </span><a href="http://llvm.org/viewvc/llvm-project/cfe/trunk/lib/CodeGen/CodeGenFunction.h?rev=313096&r1=313095&r2=313096&view=diff" rel="noreferrer" target="_blank" class="">http://llvm.org/viewvc/ll<wbr class="">vm-project/cfe/trunk/lib/CodeG<wbr class="">en/CodeGenFunction.h?rev=31309<wbr class="">6&r1=313095&r2=313096&view=dif<wbr class="">f</a><br class="">==============================<wbr class="">==============================<wbr class="">==================<br class="">--- cfe/trunk/lib/CodeGen/CodeGenF<wbr class="">unction.h (original)<br class="">+++ cfe/trunk/lib/CodeGen/CodeGenF<wbr class="">unction.h Tue Sep 12 17:04:35 2017<br class="">@@ -1776,6 +1776,15 @@ public:<br class="">   /// EmitMCountInstrumentation - Emit call to .mcount.<br class="">   void EmitMCountInstrumentation();<br class=""><br class="">+  /// Encode an address into a form suitable for use in a function prologue.<br class="">+  llvm::Constant *EncodeAddrForUseInPrologue(ll<wbr class="">vm::Function *F,<br class="">+                                             llvm::Constant *Addr);<br class="">+<br class="">+  /// Decode an address used in a function prologue, encoded by \c<br class="">+  /// EncodeAddrForUseInPrologue.<br class="">+  llvm::Value *DecodeAddrUsedInPrologue(llvm<wbr class="">::Value *F,<br class="">+                                        llvm::Value *EncodedAddr);<br class="">+<br class="">   /// EmitFunctionProlog - Emit the target specific LLVM code to load the<br class="">   /// arguments for the given function. This is also responsible for naming the<br class="">   /// LLVM function arguments.<br class=""><br class="">Modified: cfe/trunk/lib/CodeGen/TargetIn<wbr class="">fo.cpp<br class="">URL:<span class="gmail-m_-1168769028488826600m_-3309266437497712727m_1661471059887043044Apple-converted-space"> </span><a href="http://llvm.org/viewvc/llvm-project/cfe/trunk/lib/CodeGen/TargetInfo.cpp?rev=313096&r1=313095&r2=313096&view=diff" rel="noreferrer" target="_blank" class="">http://llvm.org/viewvc/ll<wbr class="">vm-project/cfe/trunk/lib/CodeG<wbr class="">en/TargetInfo.cpp?rev=313096&r<wbr class="">1=313095&r2=313096&view=diff</a><br class="">==============================<wbr class="">==============================<wbr class="">==================<br class="">--- cfe/trunk/lib/CodeGen/TargetIn<wbr class="">fo.cpp (original)<br class="">+++ cfe/trunk/lib/CodeGen/TargetIn<wbr class="">fo.cpp Tue Sep 12 17:04:35 2017<br class="">@@ -1086,8 +1086,8 @@ public:<br class="">   getUBSanFunctionSignature(Cod<wbr class="">eGen::CodeGenModule &CGM) const override {<br class="">     unsigned Sig = (0xeb << 0) |  // jmp rel8<br class="">                   <span class="gmail-m_-1168769028488826600m_-3309266437497712727m_1661471059887043044Apple-converted-space"> </span>(0x06 << 8) |  //           .+0x08<br class="">-                   ('F' << 16) |<br class="">-                   ('T' << 24);<br class="">+                   ('v' << 16) |<br class="">+                   ('2' << 24);<br class="">     return llvm::ConstantInt::get(CGM.Int<wbr class="">32Ty, Sig);<br class="">   }<br class=""><br class="">@@ -2277,17 +2277,10 @@ public:<br class=""><br class="">   llvm::Constant *<br class="">   getUBSanFunctionSignature(Cod<wbr class="">eGen::CodeGenModule &CGM) const override {<br class="">-    unsigned Sig;<br class="">-    if (getABIInfo().has64BitPointers<wbr class="">())<br class="">-      Sig = (0xeb << 0) |  // jmp rel8<br class="">-            (0x0a << 8) |  //           .+0x0c<br class="">-            ('F' << 16) |<br class="">-            ('T' << 24);<br class="">-    else<br class="">-      Sig = (0xeb << 0) |  // jmp rel8<br class="">-            (0x06 << 8) |  //           .+0x08<br class="">-            ('F' << 16) |<br class="">-            ('T' << 24);<br class="">+    unsigned Sig = (0xeb << 0) | // jmp rel8<br class="">+                   (0x06 << 8) | //           .+0x08<br class="">+                   ('v' << 16) |<br class="">+                   ('2' << 24);<br class="">     return llvm::ConstantInt::get(CGM.Int<wbr class="">32Ty, Sig);<br class="">   }<br class=""><br class=""><br class="">Modified: cfe/trunk/test/CodeGenCXX/catc<wbr class="">h-undef-behavior.cpp<br class="">URL:<span class="gmail-m_-1168769028488826600m_-3309266437497712727m_1661471059887043044Apple-converted-space"> </span><a href="http://llvm.org/viewvc/llvm-project/cfe/trunk/test/CodeGenCXX/catch-undef-behavior.cpp?rev=313096&r1=313095&r2=313096&view=diff" rel="noreferrer" target="_blank" class="">http://llvm.org/viewvc/ll<wbr class="">vm-project/cfe/trunk/test/Code<wbr class="">GenCXX/catch-undef-behavior.cp<wbr class="">p?rev=313096&r1=313095&r2=3130<wbr class="">96&view=diff</a><br class="">==============================<wbr class="">==============================<wbr class="">==================<br class="">--- cfe/trunk/test/CodeGenCXX/catc<wbr class="">h-undef-behavior.cpp (original)<br class="">+++ cfe/trunk/test/CodeGenCXX/catc<wbr class="">h-undef-behavior.cpp Tue Sep 12 17:04:35 2017<br class="">@@ -16,6 +16,10 @@ struct S {<br class=""> // Check that type mismatch handler is not modified by ASan.<br class=""> // CHECK-ASAN: private unnamed_addr global { { [{{.*}} x i8]*, i32, i32 }, { i16, i16, [4 x i8] }*, i8*, i8 } { {{.*}}, { i16, i16, [4 x i8] }* [[TYPE_DESCR]], {{.*}} }<br class=""><br class="">+// CHECK: [[IndirectRTTI_ZTIFvPFviEE:@.+<wbr class="">]] = private constant i8* bitcast ({ i8*, i8* }* @_ZTIFvPFviEE to i8*)<br class="">+// CHECK-X86: [[IndirectRTTI_ZTIFvPFviEE:@.+<wbr class="">]] = private constant i8* bitcast ({ i8*, i8* }* @_ZTIFvPFviEE to i8*)<br class="">+// CHECK-X32: [[IndirectRTTI_ZTIFvPFviEE:@.+<wbr class="">]] = private constant i8* bitcast ({ i8*, i8* }* @_ZTIFvPFviEE to i8*)<br class="">+<br class=""> struct T : S {};<br class=""><br class=""> // CHECK-LABEL: @_Z17reference_binding<br class="">@@ -395,23 +399,30 @@ void downcast_reference(B &b) {<br class="">   // CHECK-NEXT: br i1 [[AND]]<br class=""> }<br class=""><br class="">-// CHECK-LABEL: @_Z22indirect_function_callPFv<wbr class="">iE({{.*}} prologue <{ i32, i8* }> <{ i32 1413876459, i8* bitcast ({ i8*, i8* }* @_ZTIFvPFviEE to i8*) }><br class="">-// CHECK-X32: @_Z22indirect_function_callPFv<wbr class="">iE({{.*}} prologue <{ i32, i8* }> <{ i32 1413875435, i8* bitcast ({ i8*, i8* }* @_ZTIFvPFviEE to i8*) }><br class="">-// CHECK-X86: @_Z22indirect_function_callPFv<wbr class="">iE({{.*}} prologue <{ i32, i8* }> <{ i32 1413875435, i8* bitcast ({ i8*, i8* }* @_ZTIFvPFviEE to i8*) }><br class="">+//<br class="">+// CHECK-LABEL: @_Z22indirect_function_callPFv<wbr class="">iE({{.*}} prologue <{ i32, i32 }> <{ i32 846595819, i32 trunc (i64 sub (i64 ptrtoint (i8** {{.*}} to i64), i64 ptrtoint (void (void (i32)*)* @_Z22indirect_function_callPFv<wbr class="">iE to i64)) to i32) }><br class="">+// CHECK-X32: @_Z22indirect_function_callPFv<wbr class="">iE({{.*}} prologue <{ i32, i32 }> <{ i32 846595819, i32 sub (i32 ptrtoint (i8** [[IndirectRTTI_ZTIFvPFviEE]] to i32), i32 ptrtoint (void (void (i32)*)* @_Z22indirect_function_callPFv<wbr class="">iE to i32)) }><br class="">+// CHECK-X86: @_Z22indirect_function_callPFv<wbr class="">iE({{.*}} prologue <{ i32, i32 }> <{ i32 846595819, i32 sub (i32 ptrtoint (i8** [[IndirectRTTI_ZTIFvPFviEE]] to i32), i32 ptrtoint (void (void (i32)*)* @_Z22indirect_function_callPFv<wbr class="">iE to i32)) }><br class=""> void indirect_function_call(void (*p)(int)) {<br class="">-  // CHECK: [[PTR:%.+]] = bitcast void (i32)* {{.*}} to <{ i32, i8* }>*<br class="">+  // CHECK: [[PTR:%.+]] = bitcast void (i32)* {{.*}} to <{ i32, i32 }>*<br class=""><br class="">   // Signature check<br class="">-  // CHECK-NEXT: [[SIGPTR:%.+]] = getelementptr <{ i32, i8* }>, <{ i32, i8* }>* [[PTR]], i32 0, i32 0<br class="">+  // CHECK-NEXT: [[SIGPTR:%.+]] = getelementptr <{ i32, i32 }>, <{ i32, i32 }>* [[PTR]], i32 0, i32 0<br class="">   // CHECK-NEXT: [[SIG:%.+]] = load i32, i32* [[SIGPTR]]<br class="">-  // CHECK-NEXT: [[SIGCMP:%.+]] = icmp eq i32 [[SIG]], 1413876459<br class="">+  // CHECK-NEXT: [[SIGCMP:%.+]] = icmp eq i32 [[SIG]], 846595819<br class="">   // CHECK-NEXT: br i1 [[SIGCMP]]<br class=""><br class="">   // RTTI pointer check<br class="">-  // CHECK: [[RTTIPTR:%.+]] = getelementptr <{ i32, i8* }>, <{ i32, i8* }>* [[PTR]], i32 0, i32 1<br class="">-  // CHECK-NEXT: [[RTTI:%.+]] = load i8*, i8** [[RTTIPTR]]<br class="">+  // CHECK: [[RTTIPTR:%.+]] = getelementptr <{ i32, i32 }>, <{ i32, i32 }>* [[PTR]], i32 0, i32 1<br class="">+  // CHECK-NEXT: [[RTTIEncIntTrunc:%.+]] = load i32, i32* [[RTTIPTR]]<br class="">+  // CHECK-NEXT: [[RTTIEncInt:%.+]] = sext i32 [[RTTIEncIntTrunc]] to i64<br class="">+  // CHECK-NEXT: [[FuncAddrInt:%.+]] = ptrtoint void (i32)* {{.*}} to i64<br class="">+  // CHECK-NEXT: [[IndirectGVInt:%.+]] = add i64 [[RTTIEncInt]], [[FuncAddrInt]]<br class="">+  // CHECK-NEXT: [[IndirectGV:%.+]] = inttoptr i64 [[IndirectGVInt]] to i8**<br class="">+  // CHECK-NEXT: [[RTTI:%.+]] = load i8*, i8** [[IndirectGV]], align 8<br class="">   // CHECK-NEXT: [[RTTICMP:%.+]] = icmp eq i8* [[RTTI]], bitcast ({ i8*, i8* }* @_ZTIFviE to i8*)<br class="">   // CHECK-NEXT: br i1 [[RTTICMP]]<br class="">+<br class="">   p(42);<br class=""> }<br class=""><br class=""><br class=""><br class="">______________________________<wbr class="">_________________<br class="">cfe-commits mailing list<br class=""><a href="mailto:cfe-commits@lists.llvm.org" target="_blank" class="">cfe-commits@lists.llvm.org</a><br class=""><a href="http://lists.llvm.org/cgi-bin/mailman/listinfo/cfe-commits" rel="noreferrer" target="_blank" class="">http://lists.llvm.org/cgi-bin/<wbr class="">mailman/listinfo/cfe-commits</a></blockquote></div></div></div></div></blockquote></div></div></div></blockquote></div></div></blockquote></div></div></div></blockquote></div></div></blockquote></div></div></div></blockquote></div><br class=""></div></div></div></blockquote></div><br class=""><br clear="all" class=""><div class=""><br class=""></div></div></div><span class="gmail-m_-1168769028488826600HOEnZb"><font color="#888888" class="">-- <br class=""><div class="gmail-m_-1168769028488826600m_-3309266437497712727gmail_signature"><div dir="ltr" class="">-- <div class="">Peter</div></div></div>
</font></span></div>
</blockquote></div><br class=""><br clear="all" class=""><div class=""><br class=""></div>-- <br class=""><div class="gmail-m_-1168769028488826600gmail_signature"><div dir="ltr" class="">-- <div class="">Peter</div></div></div>
</div></div>
</div></blockquote></div></div></div><br class=""></div></blockquote></div><br class=""><br clear="all" class=""><div class=""><br class=""></div>-- <br class=""><div class="gmail_signature"><div dir="ltr" class="">-- <div class="">Peter</div></div></div>
</div></div>
</div></blockquote></div><br class=""></div></body></html>