r263578 - [cfi] Don't emit checks for disabled CFI kinds.

Evgeniy Stepanov via cfe-commits cfe-commits at lists.llvm.org
Tue Mar 15 13:19:30 PDT 2016 

Author: eugenis
Date: Tue Mar 15 15:19:29 2016
New Revision: 263578

URL: http://llvm.org/viewvc/llvm-project?rev=263578&view=rev
Log:
[cfi] Don't emit checks for disabled CFI kinds.

In the cross-DSO CFI mode clang emits __cfi_check_fail that handles
errors triggered from other modules with targets in the current
module. With this change, __cfi_check_fail will handle errors for
CFI kinds that are not enabled in the current module as if they
have the trapping behaviour (-fsanitize-trap=...).

This fixes a bug where some combinations of -fsanitize* flags may
result in a link failure due to a missing sanitizer runtime library
for the diagnostic calls in __cfi_check_fail.

Added:
    cfe/trunk/test/CodeGen/cfi-check-fail2.c
      - copied, changed from r263574, cfe/trunk/test/CodeGen/cfi-check-fail.c
Modified:
    cfe/trunk/lib/CodeGen/CGExpr.cpp
    cfe/trunk/test/CodeGen/cfi-check-fail.c

Modified: cfe/trunk/lib/CodeGen/CGExpr.cpp
URL: http://llvm.org/viewvc/llvm-project/cfe/trunk/lib/CodeGen/CGExpr.cpp?rev=263578&r1=263577&r2=263578&view=diff
==============================================================================
--- cfe/trunk/lib/CodeGen/CGExpr.cpp (original)
+++ cfe/trunk/lib/CodeGen/CGExpr.cpp Tue Mar 15 15:19:29 2016
@@ -2479,16 +2479,12 @@ void CodeGenFunction::EmitCheck(
   assert(JointCond);
 
   CheckRecoverableKind RecoverKind = getRecoverableKind(Checked[0].second);
-  // In cross-DSO CFI mode this code is used to generate __cfi_check_fail, which
-  // includes all checks, even those that are not in SanOpts.
-  assert(CGM.getCodeGenOpts().SanitizeCfiCrossDso ||
-         SanOpts.has(Checked[0].second));
+  assert(SanOpts.has(Checked[0].second));
 #ifndef NDEBUG
   for (int i = 1, n = Checked.size(); i < n; ++i) {
     assert(RecoverKind == getRecoverableKind(Checked[i].second) &&
            "All recoverable kinds in a single check must be same!");
-    assert(CGM.getCodeGenOpts().SanitizeCfiCrossDso ||
-           SanOpts.has(Checked[i].second));
+    assert(SanOpts.has(Checked[i].second));
   }
 #endif
 
@@ -2670,8 +2666,11 @@ void CodeGenFunction::EmitCfiCheckFail()
     SanitizerMask Mask = CheckKindMaskPair.second;
     llvm::Value *Cond =
         Builder.CreateICmpNE(CheckKind, llvm::ConstantInt::get(Int8Ty, Kind));
-    EmitCheck(std::make_pair(Cond, Mask), "cfi_check_fail", {},
-              {Data, Addr, ValidVtable});
+    if (CGM.getLangOpts().Sanitize.has(Mask))
+      EmitCheck(std::make_pair(Cond, Mask), "cfi_check_fail", {},
+                {Data, Addr, ValidVtable});
+    else
+      EmitTrapCheck(Cond);
   }
 
   FinishFunction();

Modified: cfe/trunk/test/CodeGen/cfi-check-fail.c
URL: http://llvm.org/viewvc/llvm-project/cfe/trunk/test/CodeGen/cfi-check-fail.c?rev=263578&r1=263577&r2=263578&view=diff
==============================================================================
--- cfe/trunk/test/CodeGen/cfi-check-fail.c (original)
+++ cfe/trunk/test/CodeGen/cfi-check-fail.c Tue Mar 15 15:19:29 2016
@@ -1,4 +1,5 @@
-// RUN: %clang_cc1 -triple x86_64-unknown-linux -O0 -fsanitize=cfi-icall -fsanitize-cfi-cross-dso \
+// RUN: %clang_cc1 -triple x86_64-unknown-linux -O0 -fsanitize-cfi-cross-dso \
+// RUN:     -fsanitize=cfi-icall,cfi-nvcall,cfi-vcall,cfi-unrelated-cast,cfi-derived-cast \
 // RUN:     -fsanitize-trap=cfi-icall,cfi-nvcall -fsanitize-recover=cfi-vcall,cfi-unrelated-cast \
 // RUN:     -emit-llvm -o - %s | FileCheck %s
 

Copied: cfe/trunk/test/CodeGen/cfi-check-fail2.c (from r263574, cfe/trunk/test/CodeGen/cfi-check-fail.c)
URL: http://llvm.org/viewvc/llvm-project/cfe/trunk/test/CodeGen/cfi-check-fail2.c?p2=cfe/trunk/test/CodeGen/cfi-check-fail2.c&p1=cfe/trunk/test/CodeGen/cfi-check-fail.c&r1=263574&r2=263578&rev=263578&view=diff
==============================================================================
--- cfe/trunk/test/CodeGen/cfi-check-fail.c (original)
+++ cfe/trunk/test/CodeGen/cfi-check-fail2.c Tue Mar 15 15:19:29 2016
@@ -1,5 +1,6 @@
-// RUN: %clang_cc1 -triple x86_64-unknown-linux -O0 -fsanitize=cfi-icall -fsanitize-cfi-cross-dso \
-// RUN:     -fsanitize-trap=cfi-icall,cfi-nvcall -fsanitize-recover=cfi-vcall,cfi-unrelated-cast \
+// __cfi_check_fail codegen when not all CFI checkers are enabled.
+// RUN: %clang_cc1 -triple x86_64-unknown-linux -O0 -fsanitize-cfi-cross-dso \
+// RUN:     -fsanitize=cfi-vcall \
 // RUN:     -emit-llvm -o - %s | FileCheck %s
 
 void caller(void (*f)()) {
@@ -30,8 +31,8 @@ void caller(void (*f)()) {
 // CHECK: [[HANDLE0]]:
 // CHECK:   %[[DATA0:.*]] = ptrtoint i8* %[[DATA]] to i64,
 // CHECK:   %[[ADDR0:.*]] = ptrtoint i8* %[[ADDR]] to i64,
-// CHECK:   call void @__ubsan_handle_cfi_check_fail(i64 %[[DATA0]], i64 %[[ADDR0]], i64 %[[VTVALID]])
-// CHECK:   br label %[[CONT1]]
+// CHECK:   call void @__ubsan_handle_cfi_check_fail_abort(i64 %[[DATA0]], i64 %[[ADDR0]], i64 %[[VTVALID]])
+// CHECK:   unreachable
 
 // CHECK: [[CONT1]]:
 // CHECK:   %[[NOT_1:.*]] = icmp ne i8 %[[KIND]], 1
@@ -43,23 +44,19 @@ void caller(void (*f)()) {
 
 // CHECK: [[CONT2]]:
 // CHECK:   %[[NOT_2:.*]] = icmp ne i8 %[[KIND]], 2
-// CHECK:   br i1 %[[NOT_2]], label %[[CONT3:.*]], label %[[HANDLE2:.*]], !prof
+// CHECK:   br i1 %[[NOT_2]], label %[[CONT3:.*]], label %[[HANDLE2:.*]], !nosanitize
 
 // CHECK: [[HANDLE2]]:
-// CHECK:   %[[DATA2:.*]] = ptrtoint i8* %[[DATA]] to i64,
-// CHECK:   %[[ADDR2:.*]] = ptrtoint i8* %[[ADDR]] to i64,
-// CHECK:   call void @__ubsan_handle_cfi_check_fail_abort(i64 %[[DATA2]], i64 %[[ADDR2]], i64 %[[VTVALID]])
-// CHECK:   unreachable
+// CHECK-NEXT:   call void @llvm.trap()
+// CHECK-NEXT:   unreachable
 
 // CHECK: [[CONT3]]:
 // CHECK:   %[[NOT_3:.*]] = icmp ne i8 %[[KIND]], 3
-// CHECK:   br i1 %[[NOT_3]], label %[[CONT4:.*]], label %[[HANDLE3:.*]], !prof
+// CHECK:   br i1 %[[NOT_3]], label %[[CONT4:.*]], label %[[HANDLE3:.*]], !nosanitize
 
 // CHECK: [[HANDLE3]]:
-// CHECK:   %[[DATA3:.*]] = ptrtoint i8* %[[DATA]] to i64,
-// CHECK:   %[[ADDR3:.*]] = ptrtoint i8* %[[ADDR]] to i64,
-// CHECK:   call void @__ubsan_handle_cfi_check_fail(i64 %[[DATA3]], i64 %[[ADDR3]], i64 %[[VTVALID]])
-// CHECK:   br label %[[CONT4]]
+// CHECK-NEXT:   call void @llvm.trap()
+// CHECK-NEXT:   unreachable
 
 // CHECK: [[CONT4]]:
 // CHECK:   %[[NOT_4:.*]] = icmp ne i8 %[[KIND]], 4

More information about the cfe-commits mailing list