[all-commits] [llvm/llvm-project] 81360e: [CFI] Fix Direct Call Issues in CFI Dispatch Table...
Oskar Wirga via All-commits
all-commits at lists.llvm.org
Wed Dec 6 12:57:12 PST 2023
Branch: refs/heads/main
Home: https://github.com/llvm/llvm-project
Commit: 81360ec58217c42b288d1267aba4836f880b19ba
https://github.com/llvm/llvm-project/commit/81360ec58217c42b288d1267aba4836f880b19ba
Author: Oskar Wirga <10386631+oskarwirga at users.noreply.github.com>
Date: 2023-12-06 (Wed, 06 Dec 2023)
Changed paths:
M llvm/lib/Transforms/IPO/LowerTypeTests.cpp
M llvm/test/Transforms/LowerTypeTests/aarch64-jumptable.ll
A llvm/test/Transforms/LowerTypeTests/cfi-nounwind-direct-call.ll
A llvm/test/Transforms/LowerTypeTests/cfi-unwind-direct-call.ll
M llvm/test/Transforms/LowerTypeTests/function-arm-thumb.ll
M llvm/test/Transforms/LowerTypeTests/function-thumb-bti.ll
M llvm/test/Transforms/LowerTypeTests/function.ll
M llvm/test/Transforms/LowerTypeTests/x86-jumptable.ll
Log Message:
-----------
[CFI] Fix Direct Call Issues in CFI Dispatch Table (#69663)
I discovered two issues for when a CFI dispatch table entry is used as a
direct call.
# Inlining
There is the possibility that the dispatch table entry contains only a
single function pointer:
```
; Function Attrs: naked nocf_check
define private void @.cfi.jumptable() #6 align 8 { entry:
call void asm sideeffect "jmp ${0:c}@plt\0Aint3\0Aint3\0Aint3\0A", "s"(ptr @_Z7throw_ei)
unreachable
}
```
If this function is inlined, the unreachable follows and ruins the
containing function.
# Exception Handling
The dispatch table is always marked NoUnwind. This is fine if the
entries are never used directly, but if a direct call is used which the
containing function expects to throw, it will no longer throw and the
exception handling code will be lost.
More information about the All-commits
mailing list