[PATCH] D148665: Change -fsanitize=function to place two words before the function entry

Fangrui Song via Phabricator via cfe-commits cfe-commits at lists.llvm.org
Tue Apr 18 15:14:16 PDT 2023 

MaskRay created this revision.
MaskRay added reviewers: dmgreen, lenary, pcc, peter.smith.
Herald added subscribers: Enna1, hiraditya, kristof.beyls.
Herald added a project: All.
MaskRay requested review of this revision.
Herald added projects: clang, Sanitizers, LLVM.
Herald added subscribers: llvm-commits, Sanitizers, cfe-commits.

The current implementation of -fsanitize=function places two words (the prolog
signature and the RTTI proxy) at the function entry, which makes the feature
incompatible with Intel Indirect Branch Tracking that needs an ENDBR instruction
at the function entry. To allow the combination, move the two words before the
function entry, similar to -fsanitize=kcfi.

The code will also be shared with my pending patch implementing
-fsanitize=function for AArch64 (Branch Target Identification has a similar
requirement).

---

For the removed function in AsmPrinter.cpp, remove an assert: `mdconst::extract`
already asserts non-nullness.

For compiler-rt/test/ubsan/TestCases/TypeCheck/Function/function.cpp,
when the function doesn't have prolog/epilog (-O1 and above), after moving the two words,
the address of the function equals the address of ret instruction,
so symbolizing the function will additionally get a non-zero column number.
Adjust the test to allow an optional column number.

    .long   846595819
    .long   .L__llvm_rtti_proxy-_Z1fv
  _Z1fv:   // symbolizing here retrieves the line table entry from the second .loc
    .file   0 ...
    .loc    0 1 0
    .cfi_startproc
    .loc    0 2 1 prologue_end
    retq


Repository:
  rG LLVM Github Monorepo

https://reviews.llvm.org/D148665

Files:
  clang/lib/CodeGen/CGExpr.cpp
  compiler-rt/test/ubsan/TestCases/TypeCheck/Function/function.cpp
  llvm/lib/CodeGen/AsmPrinter/AsmPrinter.cpp
  llvm/test/CodeGen/X86/func-sanitizer.ll
  llvm/test/CodeGen/X86/patchable-function-entry-ibt.ll

-------------- next part --------------
A non-text attachment was scrubbed...
Name: D148665.514754.patch
Type: text/x-patch
Size: 6637 bytes
Desc: not available
URL: <http://lists.llvm.org/pipermail/cfe-commits/attachments/20230418/dd7cac09/attachment.bin>

More information about the cfe-commits mailing list