[PATCH] D148827: -fsanitize=function: support C

Fangrui Song via Phabricator via cfe-commits cfe-commits at lists.llvm.org
Sat Jun 17 11:06:04 PDT 2023 

MaskRay added a comment.

In D148827#4424237 <https://reviews.llvm.org/D148827#4424237>, @uabelho wrote:

> Hi,
>
> A question: it seems like this messes with alignment on functions?
> So with input program al.c:
>
>   __attribute__((aligned(64)))
>   void alignedfn(void) {
>     __asm("nop");
>   }
>   void alignedfn2(void) {
>     __asm("nop");
>   }
>   int main(void){}
>
> if we compile with -fsanitize=function we get:
>
>   -> clang al.c -o al.o -c -fsanitize=function
>   -> nm al.o
>   0000000000000008 T alignedfn
>   0000000000000018 T alignedfn2
>   0000000000000028 T main
>
> So alignedfn and alignedfn2 doesn't seem to be aligned as we said.
> Without -fsanitize=function:
>
>   -> clang al.c -o al.o -c 
>   -> nm al.o
>   0000000000000000 T alignedfn
>   0000000000000010 T alignedfn2
>   0000000000000020 T main
>
> I guess the data put before the functions get aligned but not the functions themselves. Should I write a ticket about this?

When `__attribute__((aligned(...)))` is used with an instrumentation that places extra bytes before the function label, I think it is unclear what the desired behavior should be.
This applies to many instructions including `-fsanitize=kcfi`, `-fsanitize=function`, and `-fpatchable-function-entry=N,M` (M>0).
It's unclear whether this attribute applies to the first byte of the function or the first intended instruction.
For example, with `-fpatchable-function-entry=2,2`, we can make `st_value(foo)%64=2`.

  gcc -c -fpatchable-function-entry=2,2 -xc =(printf '__attribute__((aligned(64))) void foo() {}') -o a.o
  clang -c -fpatchable-function-entry=2,2 -xc =(printf '__attribute__((aligned(64))) void foo() {}') -o a.o

I acknowledge that https://gcc.gnu.org/onlinedocs/gcc/Common-Function-Attributes.html says "The aligned attribute specifies a minimum alignment for the first instruction of the function, measured in bytes.", but I think the GCC documentation doesn't consider these instructions.
I consider Clang's behavior working as intended.

(Other angles: with PPC64 ELFv2, the local entry, the target destination of a function call, is not aligned by `__attribute__((aligned(...)))`. `__attribute__((aligned(...)))` is usually for performance reasons and has different tradeoff with `-fsanitize=function`.)


Repository:
  rG LLVM Github Monorepo

CHANGES SINCE LAST ACTION
  https://reviews.llvm.org/D148827/new/

https://reviews.llvm.org/D148827

More information about the cfe-commits mailing list