[PATCH] D11613: repress tail call optimization when performing use-after-dtor sanitization

Naomi Musgrave nmusgrave at google.com
Thu Jul 30 10:50:54 PDT 2015


nmusgrave updated this revision to Diff 31051.
nmusgrave marked 2 inline comments as done.
nmusgrave added a comment.

- simplified test case


http://reviews.llvm.org/D11613

Files:
  lib/CodeGen/CGClass.cpp
  test/CodeGenCXX/sanitize-dtor-tail-call.cpp

Index: test/CodeGenCXX/sanitize-dtor-tail-call.cpp
===================================================================
--- /dev/null
+++ test/CodeGenCXX/sanitize-dtor-tail-call.cpp
@@ -0,0 +1,23 @@
+// Test -fsanitize-memory-use-after-dtor
+// RUN: %clang_cc1 -fsanitize=memory -fsanitize-memory-use-after-dtor -disable-llvm-optzns -std=c++11 -triple=x86_64-pc-linux -emit-llvm -o - %s | FileCheck %s
+// RUN: %clang_cc1 -O1 -fsanitize=memory -fsanitize-memory-use-after-dtor -disable-llvm-optzns -std=c++11 -triple=x86_64-pc-linux -emit-llvm -o - %s | FileCheck %s
+
+struct Simple {
+  int x_;
+  Simple() {
+    x_ = 5;
+  }
+  ~Simple() {
+    x_ += 1;
+  }
+};
+
+Simple s;
+// Simple internal member is poisoned by compiler-generated dtor
+// CHECK: define {{.*}}SimpleD2Ev{{.*}} [[ATTRIBUTE:#[0-9]+]]
+// CHECK: {{^ *}}call void @__sanitizer_dtor_callback
+// CHECK-NOT: call void @__sanitizer_dtor_callback
+// CHECK: ret void
+
+// Destructor does not emit any tail calls
+// CHECK: attributes [[ATTRIBUTE]] = {{.*}}"disable-tail-calls"="true"
Index: lib/CodeGen/CGClass.cpp
===================================================================
--- lib/CodeGen/CGClass.cpp
+++ lib/CodeGen/CGClass.cpp
@@ -1369,6 +1369,8 @@
 
 // Generates function call for handling object poisoning, passing in
 // references to 'this' and its size as arguments.
+// Disables tail call elimination, to prevent the current stack frame from
+// disappearing from the stack trace.
 static void EmitDtorSanitizerCallback(CodeGenFunction &CGF,
                                       const CXXDestructorDecl *Dtor) {
   const ASTRecordLayout &Layout =
@@ -1383,6 +1385,8 @@
       llvm::FunctionType::get(CGF.VoidTy, ArgTypes, false);
   llvm::Value *Fn =
       CGF.CGM.CreateRuntimeFunction(FnType, "__sanitizer_dtor_callback");
+
+  CGF.CurFn->addFnAttr("disable-tail-calls", "true");
   CGF.EmitNounwindRuntimeCall(Fn, Args);
 }
 


-------------- next part --------------
A non-text attachment was scrubbed...
Name: D11613.31051.patch
Type: text/x-patch
Size: 1920 bytes
Desc: not available
URL: <http://lists.llvm.org/pipermail/cfe-commits/attachments/20150730/420ba19f/attachment.bin>


More information about the cfe-commits mailing list