This is an archive of the discontinued LLVM Phabricator instance.

Paths

Table of Contentst

-
lib/CodeGen/
-
CodeGen/
14/20
CGCXX.cpp
24/26
CGClass.cpp
-
CodeGenModule.h
-
test/CodeGenCXX/
-
CodeGenCXX/
1/1
sanitize-dtor-bit-field.cpp
-
sanitize-dtor-nontrivial-virtual-base.cpp
2/4
sanitize-dtor-repress-aliasing.cpp

Differential D12022

Refactored dtor sanitizing into EHScopeStack
ClosedPublic

Authored by nmusgrave on Aug 13 2015, 5:25 PM.

Download Raw Diff

Details

Reviewers

kcc
eugenis
rsmith

Commits

rG866af2d6d142: Refactored dtor sanitizing into EHScopeStack
rC246815: Refactored dtor sanitizing into EHScopeStack

Summary

Dtor sanitization handled amidst other dtor cleanups,
between cleaning bases and fields. Sanitizer call pushed onto
stack of cleanup operations.

Diff Detail

Event Timeline

nmusgrave updated this revision to Diff 32115.Aug 13 2015, 5:25 PM

nmusgrave retitled this revision from to Refactored dtor sanitizing into EHScopeStack.

nmusgrave updated this object.

nmusgrave added reviewers: eugenis, kcc.

Refactoring dtor sanitizing emission order
support for virtual functions & virtual bases WIP

Refactoring dtor sanitizing emission order
support for virtual functions & virtual bases WIP
Repress dtor aliasing when sanitizing in dtor

This patch needs tests.

lib/CodeGen/CGCXX.cpp
35	We should still emit as alias if the derived class has no new fields. Effectively, you need to check the same conditions as in SanitizeDtor class, to avoid pointlessly suppressing alias generation in cases when we end up not poisoning any memory. Also, this should take the msan function attribute into account. Don't fold it into the same statement as CXXCtorDtorAliases, and add a comment explaining why this is done.
lib/CodeGen/CGClass.cpp
1544	This is no longer true.
1548	extra empty line
1593	Move this line above to group it with related code (Fn assignment).

In D12022#226237, @eugenis wrote:

This patch needs tests.

The runtime test dtor-derived-class.cpp fails without this patch. I'll write a cfe test as well to verify the virtual function table is properly initialized

In D12022#228180, @nmusgrave wrote:

In D12022#226237, @eugenis wrote:

This patch needs tests.

The runtime test dtor-derived-class.cpp fails without this patch. I'll write a cfe test as well to verify the virtual function table is properly initialized

A good test in cfe would involve a class with a base class, a virtual base class, and a non-trivial member, and would check the order of calls in the derived class destructor.

+cfe-commits

CFE test for dtor aliasing, and repression of aliasing in dtor code generation.

More complex testing for destruction order. Tests class with base, virtual base, trivial, and nontrivial member to ensure destruction order is correct.

The test for virtual base that you added effectively disables the aliasing test, because Derived now has non-trivial members.
Move it to a separate file.

test/CodeGenCXX/sanitize-dtor-repress-aliasing.cpp
39	I don't think this is interesting.
48	That's a lot of checks. How about: CHECK-LABEL: define {{.}}ZN7DerivedD1Ev* CHECK-NOT: ret void CHECK: call void {{.}}ZN7DerivedD2Ev* CHECK-NOT: ret void CHECK: call void {{.}}ZN11VirtualBaseD2Ev* CHECK: ret void And the same in ZN7DerivedD2Ev. And remove all other destructors.

Poisoning on field-by-field basis, with collective poisoning of trivial members when possible.
Cleaned up implementation of calculating region to poison in dtor.

eugenis added inline comments.Aug 21 2015, 3:54 PM

lib/CodeGen/CGCXX.cpp
41	I'm not sure this is correct. It says not to use an alias if D has trivial body. Should not it be the other way around?

nmusgrave added inline comments.Aug 21 2015, 4:27 PM

lib/CodeGen/CGCXX.cpp
41	It's counter-intuitive: TryEmitBaseDestructorAsAlias returns false when TryEmitDefinitionAsAlias returns false. TryEmitDefinitionAsAlias returns false when an alias is successfully created (line 216 in this CL)

nmusgrave added inline comments.Aug 21 2015, 4:38 PM

lib/CodeGen/CGCXX.cpp
41	For example: line 3711 of clang/lib/CodeGen/MicrosoftCXXABI.cpp bool ProducedAlias = !CGM.TryEmitDefinitionAsAlias( GlobalDecl(dtor, Dtor_Complete), GlobalDecl(dtor, Dtor_Base), true); ^uses the negation of the function's return value

eugenis added inline comments.Aug 21 2015, 5:21 PM

lib/CodeGen/CGClass.cpp
1581	Why do you need to special-case pointers?

nmusgrave added inline comments.Aug 21 2015, 5:23 PM

lib/CodeGen/CGClass.cpp
1581	FieldHasTrivialDestructorBody doesn't catch pointers- it identifies their base type as some class, and returns false

Refactoring dtor sanitizing emission order
support for virtual functions & virtual bases WIP
Repress dtor aliasing when sanitizing in dtor
CFE test for dtor aliasing, and repression of aliasing in dtor code generation.
More complex testing for destruction order.
Poison trivial members one-by-one.
Poisoning on field-by-field basis, with collective poisoning of trivial members when possible.
Cleaned up implementation of calculating region to poison in dtor.
Checking for existence of a single trivial field.

Refactored for simpler trivial field checking

eugenis added inline comments.Aug 24 2015, 5:55 PM

lib/CodeGen/CGCXX.cpp
37	This is unused.
40	This is unnecessary: Layout.getFieldCount() > 0
124	This function is called from TryEmitBaseDestructorAsAlias. This check is stronger than the one in the calling function, so that one has no effect. Maybe move the check to this function?
lib/CodeGen/CGClass.cpp
1357	Remove context from arguments, use CGF.getContext() Consider making this a method of CodegenFunction
1490	extra line
1501	unrelated changes
1708	Only do this if sanitizing. I think this needs to be NormalAndEHCleanup

Simplify function invocations

Check flags before dtor sanitizing

eugenis added inline comments.Aug 25 2015, 1:30 PM

lib/CodeGen/CGCXX.cpp
31	I think this should be called "HasFieldWithTrivialDestructor". Also, pass D->getParent() to this function instead of D.

Simplify parameters, rename function, for examining fields of class to destroy.

Richard, would you mind taking a look a this change?

Checking for existence of fields to poison in alias emission.

nmusgrave added inline comments.Aug 28 2015, 9:52 AM

test/CodeGenCXX/sanitize-dtor-repress-aliasing.cpp
31	Its checking that my aliasing is repressed when appropriate.Should I keep or get rid of this test case?

eugenis added inline comments.Aug 28 2015, 1:50 PM

test/CodeGenCXX/sanitize-dtor-repress-aliasing.cpp
31	Hm, it looks like my comment was for some older version of this code. Keep it. You can make it a bit more resistant against unrelated changes. We only need to check that both D1 and D2 destructors appear in the vtable, and don't care about any of the i8* casts. Smth like this: @_ZTV7Derived = {{.}}@_ZN7DerivedD1Ev{{.}}@_ZN7DerivedD0Ev

Alias-repressing test case ignores casting of pointers.

rsmith added inline comments.Sep 1 2015, 3:03 PM

lib/CodeGen/CGCXX.cpp
34–36	I assume the rationale here is that the field and base class destructors will mark their storage as destroyed, so there's nothing else to mark? This may mean that vptrs and padding bytes don't get marked as destroyed, is that OK?
37–39	This check seems to be redundant, since `TryEmitDefinitionAsAlias` checks the same thing. Remove this copy?
126	This function isn't (or wasn't) specific to destructors; I think you should be checking for this as part of your `if` below rather than asserting it.
127–129	Please reorder this after the quicker, higher-level checks below. (Maybe move it to just before we create the mangled name?)
lib/CodeGen/CGClass.cpp
1339–1340	This appears redundant; we'd return `true` for pointers on line 1341 anyway. (`getBaseElementType` only strips off array types, not pointer types).
1551	Add full stop.
1556	You're only counting the direct fields here, not the inherited ones.
1557–1560	unsigned totalFields = std::distance(Dtor->getParent()->field_begin(), Dtor->getParent()->field_end());
1569	todo -> TODO (or FIXME)
1623	I think this is off by one. `layoutEndOffset` is the index of the first field that is not poisoned, so this will trigger if we're poisoning up to, but not including, the last field, as well as triggering if we're poisoning the last field.
1646–1647	Maybe do this once in `Emit` (if you poison anything) rather than doing it every time you emit a poison call?
1708	Please add a comment here. "Mark the lifetime of fields as ending after field destructors run and before we destroy base classes." or similar.

eugenis added inline comments.Sep 1 2015, 3:12 PM

lib/CodeGen/CGCXX.cpp
34–36	Yes, each (sub-)object poisons its storage in the base destructor, and only does it for fields that don't have their own destructors to avoid double-poisoning. Poisoning vptr would be interesting. Yes, current implementation fails to do this. Padding - less so, but it would make the tool a little bit more predictable.

Simplified implementation of class field poisoning, to avoid redundant counting and conditional checks. Expensive checks delayed.

nmusgrave added inline comments.Sep 1 2015, 4:49 PM

lib/CodeGen/CGCXX.cpp
34–36	vptr poisoning will be implemented in another CL after this is approved

eugenis added inline comments.Sep 2 2015, 4:59 PM

lib/CodeGen/CGCXX.cpp
37	This simply suppresses all dtor alias under UseAfterDtor, effectively disabling the second check below. Remove it.
122	formatting
139	... with trivial destructors
lib/CodeGen/CGClass.cpp
1552	Probably better check Dtor->getParent()->field_empty() for consistency.
1556	disable tail calls only when !field_empty()

Update comments, consistent style for attribute checking.

LGTM but please wait for Richard's answer

lib/CodeGen/CGClass.cpp
1556	oh, right, that's already the case.

I'd like to see some tests for poisoning bitfields, and particularly anonymous bitfields (I think the code works fine in those cases, but they're a bit special so explicitly testing them is useful).

lib/CodeGen/CGCXX.cpp
143	&& goes on previous line.
lib/CodeGen/CGClass.cpp
1552	This check is equivalent and more efficient.
1564	Can you use a range for?
1592	Doxygenize this comment (use ///, \param).

Testing sanitizing bit fields.

Refined testing for bit fields.

rsmith added inline comments.Sep 3 2015, 2:19 PM

lib/CodeGen/CGCXX.cpp
138–145	Having checked a bit more, I think this test should go in `TryEmitBaseDestructorAsAlias`: it's OK to emit the complete object destructor for a class as an alias for the base subobject constructor for the same class even if this sanitizer is enabled, but it's not OK to emit the destructor for the class as an alias for a base class's destructor (which is what `TryEmitBaseDestructorAsAlias` is checking). The check then becomes a lot simpler: with the sanitizer enabled, for each field we will do exactly one of (a) invoke a destructor (which will poison the memory) or (b) poison the memory ourselves. So if the sanitizer is enabled, we can emit an alias only if the derived class has no fields.
lib/CodeGen/CGClass.cpp
1564–1565	Separately declaring `F` and `Field` seems unnecessary; how about: for (const FieldDecl *Field : Dtor->getParent()->fields()) {
1597–1598	Initialize these as you declare them, rather than separately: llvm::ConstantInt OffsetSizePtr = llvm::ConstantInt::get( // ... llvm::Value OffsetPtr = // ...
test/CodeGenCXX/sanitize-dtor-bit-field.cpp
2	It'd also be good to test for the case where a bit-field is adjacent to non-sanitized fields: struct A { char c; ~A(); }; struct B { A x; int n : 1; A y; };

Simplified fields and checks for aliasing.

LGTM with a couple of tweaks.

lib/CodeGen/CGCXX.cpp
44–45	You can just use `!D->getParent()->field_empty()`
lib/CodeGen/CGClass.cpp
1293	I think you no longer need to make these functions members.

This revision is now accepted and ready to land.Sep 3 2015, 3:12 PM

Clean method headers, style.

nmusgrave closed this revision.Sep 3 2015, 4:08 PM

Revision Contents

Path

Size

lib/

CodeGen/

CGCXX.cpp

6 lines

CGClass.cpp

171 lines

CodeGenModule.h

7 lines

test/

CodeGenCXX/

sanitize-dtor-bit-field.cpp

84 lines

sanitize-dtor-nontrivial-virtual-base.cpp

82 lines

sanitize-dtor-repress-aliasing.cpp

30 lines

Commit	Tree	Parents	Author	Summary	Date
f0bfd8dae9e3	7351c63a7936	47820d7307bc	Naomi Mugsrave	Clean method headers, style.	Sep 3 2015, 3:33 PM
47820d7307bc	a3af5605c9ce	dd44e01bc8f2	Naomi Mugsrave	Simplified fields and checks for aliasing.	Sep 3 2015, 2:53 PM
dd44e01bc8f2	01742a9a0887	8df49fd49d09	Naomi Mugsrave	Refined testing for bit fields.	Sep 3 2015, 11:18 AM
8df49fd49d09	ed76275ef01b	95246197e426	Naomi Mugsrave	Testing sanitizing bit fields.	Sep 3 2015, 10:33 AM
95246197e426	23faf898097e	560d94318c07	Naomi Mugsrave	Update comments, consistent style for attribute checking.	Sep 2 2015, 5:07 PM
560d94318c07	c04e5649f6cf	cf50b2c35ba3	Naomi Mugsrave	Simplified implementation of class field poisoning.	Sep 1 2015, 4:30 PM
cf50b2c35ba3	07f2e4914a0f	f49f22def8c6	Naomi Mugsrave	Alias-repressing test case ignores casting of pointers.	Aug 28 2015, 2:05 PM
f49f22def8c6	0607a59e4f00	2c94d3fa5708	Naomi Mugsrave	Checking for existence of fields to poison in alias emission.	Aug 28 2015, 9:49 AM
2c94d3fa5708	11fb76bf6c86	36c3994a6e87	Naomi Mugsrave	Simplify parameters, rename function, for examining fields of class to destroy.	Aug 25 2015, 1:44 PM
36c3994a6e87	db521a46410f	c817c7a5270c	Naomi Mugsrave	Check flags before dtor sanitizing	Aug 25 2015, 12:02 PM
c817c7a5270c	3eba13a254e9	ed4720b38cc0	Naomi Mugsrave	Simplify function invocations	Aug 24 2015, 6:48 PM
ed4720b38cc0	e78642ae71b4	30b2c0b86a6b	Naomi Mugsrave	Refactored for simpler trivial field checking	Aug 24 2015, 11:49 AM
30b2c0b86a6b	77f6afe22774	7b475f6cacc1	Naomi Mugsrave	Checking for existence of a single trivial field.	Aug 23 2015, 5:27 PM
7b475f6cacc1	37d83ba34259	6861f6721224	Naomi Mugsrave	Cleaned up implementation of calculating region to poison in dtor.	Aug 21 2015, 3:29 PM
6861f6721224	f39a10bdda5e	7cbe07f47a56	Naomi Mugsrave	Poisoning on field-by-field basis, with collective poisoning of trivial members… (Show More…)	Aug 21 2015, 3:13 PM
7cbe07f47a56	1fdaa3fd3248	e2a8705f2203	Naomi Mugsrave	Poison trivial members one-by-one.	Aug 20 2015, 2:55 PM
e2a8705f2203	be106a3e8fa5	03aa9c1d4bc3	Naomi Mugsrave	More complex testing for destruction order.	Aug 19 2015, 1:50 PM
03aa9c1d4bc3	75a700d427dc	c1051c58db71	Naomi Mugsrave	CFE test for dtor aliasing, and repression of aliasing in dtor code generation.	Aug 19 2015, 1:03 PM
c1051c58db71	86f6d864760b	66943d072b31	Naomi Mugsrave	Repress dtor aliasing when sanitizing in dtor	Aug 17 2015, 5:14 PM
66943d072b31	9ca58667ab00	d5d5dd04f4c2	Naomi Mugsrave	support for virtual functions & virtual bases WIP	Aug 14 2015, 12:20 PM
d5d5dd04f4c2	ae8a43ed760c	7647921e6e6d	Naomi Mugsrave	Refactoring dtor sanitizing emission order	Aug 14 2015, 11:41 AM
7647921e6e6d	959fd5debb9d	88755a81c3b2	Naomi Mugsrave	Refactored dtor sanitizing into EHScopeStack (Show More…)	Aug 13 2015, 5:24 PM

Diff 33982

lib/CodeGen/CGCXX.cpp

	Show All 22 Lines
	#include "clang/AST/Mangle.h"			#include "clang/AST/Mangle.h"
	#include "clang/AST/RecordLayout.h"			#include "clang/AST/RecordLayout.h"
	#include "clang/AST/StmtCXX.h"			#include "clang/AST/StmtCXX.h"
	#include "clang/Frontend/CodeGenOptions.h"			#include "clang/Frontend/CodeGenOptions.h"
	#include "llvm/ADT/StringExtras.h"			#include "llvm/ADT/StringExtras.h"
	using namespace clang;			using namespace clang;
	using namespace CodeGen;			using namespace CodeGen;

	/// Try to emit a base destructor as an alias to its primary			/// Try to emit a base destructor as an alias to its primary
				eugenisUnsubmitted Done Reply Inline Actions I think this should be called "HasFieldWithTrivialDestructor". Also, pass D->getParent() to this function instead of D. eugenis: I think this should be called "HasFieldWithTrivialDestructor". Also, pass D->getParent() to…
	/// base-class destructor.			/// base-class destructor.
	bool CodeGenModule::TryEmitBaseDestructorAsAlias(const CXXDestructorDecl *D) {			bool CodeGenModule::TryEmitBaseDestructorAsAlias(const CXXDestructorDecl *D) {
	if (!getCodeGenOpts().CXXCtorDtorAliases)			if (!getCodeGenOpts().CXXCtorDtorAliases)
	return true;			return true;
				eugenisUnsubmitted Done Reply Inline Actions We should still emit as alias if the derived class has no new fields. Effectively, you need to check the same conditions as in SanitizeDtor class, to avoid pointlessly suppressing alias generation in cases when we end up not poisoning any memory. Also, this should take the msan function attribute into account. Don't fold it into the same statement as CXXCtorDtorAliases, and add a comment explaining why this is done. eugenis: We should still emit as alias if the derived class has no new fields. Effectively, you need to…

				rsmithUnsubmitted Not Done Reply Inline Actions I assume the rationale here is that the field and base class destructors will mark their storage as destroyed, so there's nothing else to mark? This may mean that vptrs and padding bytes don't get marked as destroyed, is that OK? rsmith: I assume the rationale here is that the field and base class destructors will mark their…
				eugenisUnsubmitted Not Done Reply Inline Actions Yes, each (sub-)object poisons its storage in the base destructor, and only does it for fields that don't have their own destructors to avoid double-poisoning. Poisoning vptr would be interesting. Yes, current implementation fails to do this. Padding - less so, but it would make the tool a little bit more predictable. eugenis: Yes, each (sub-)object poisons its storage in the base destructor, and only does it for fields…
				nmusgraveAuthorUnsubmitted Not Done Reply Inline Actions vptr poisoning will be implemented in another CL after this is approved nmusgrave: vptr poisoning will be implemented in another CL after this is approved
	// Producing an alias to a base class ctor/dtor can degrade debug quality			// Producing an alias to a base class ctor/dtor can degrade debug quality
				eugenisUnsubmitted Done Reply Inline Actions This is unused. eugenis: This is unused.
				eugenisUnsubmitted Done Reply Inline Actions This simply suppresses all dtor alias under UseAfterDtor, effectively disabling the second check below. Remove it. eugenis: This simply suppresses all dtor alias under UseAfterDtor, effectively disabling the second…
	// as the debugger cannot tell them apart.			// as the debugger cannot tell them apart.
	if (getCodeGenOpts().OptimizationLevel == 0)			if (getCodeGenOpts().OptimizationLevel == 0)
				rsmithUnsubmitted Done Reply Inline Actions This check seems to be redundant, since `TryEmitDefinitionAsAlias` checks the same thing. Remove this copy? rsmith: This check seems to be redundant, since `TryEmitDefinitionAsAlias` checks the same thing.
	return true;			return true;
				eugenisUnsubmitted Done Reply Inline Actions This is unnecessary: Layout.getFieldCount() > 0 eugenis: This is unnecessary: Layout.getFieldCount() > 0

				eugenisUnsubmitted Not Done Reply Inline Actions I'm not sure this is correct. It says not to use an alias if D has trivial body. Should not it be the other way around? eugenis: I'm not sure this is correct. It says not to use an alias if D has trivial body. Should not it…
				nmusgraveAuthorUnsubmitted Not Done Reply Inline Actions It's counter-intuitive: TryEmitBaseDestructorAsAlias returns false when TryEmitDefinitionAsAlias returns false. TryEmitDefinitionAsAlias returns false when an alias is successfully created (line 216 in this CL) nmusgrave: It's counter-intuitive: TryEmitBaseDestructorAsAlias returns false when…
				nmusgraveAuthorUnsubmitted Not Done Reply Inline Actions For example: line 3711 of clang/lib/CodeGen/MicrosoftCXXABI.cpp bool ProducedAlias = !CGM.TryEmitDefinitionAsAlias( GlobalDecl(dtor, Dtor_Complete), GlobalDecl(dtor, Dtor_Base), true); ^uses the negation of the function's return value nmusgrave: For example: line 3711 of clang/lib/CodeGen/MicrosoftCXXABI.cpp bool ProducedAlias = !CGM.
				// If sanitizing memory to check for use-after-dtor, do not emit as
				// an alias, unless this class owns no members.
				if (getCodeGenOpts().SanitizeMemoryUseAfterDtor &&
				!D->getParent()->field_empty())
				rsmithUnsubmitted Done Reply Inline Actions You can just use `!D->getParent()->field_empty()` rsmith: You can just use `!D->getParent()->field_empty()`
				return true;

	// If the destructor doesn't have a trivial body, we have to emit it			// If the destructor doesn't have a trivial body, we have to emit it
	// separately.			// separately.
	if (!D->hasTrivialBody())			if (!D->hasTrivialBody())
	return true;			return true;

	const CXXRecordDecl *Class = D->getParent();			const CXXRecordDecl *Class = D->getParent();

	// We are going to instrument this destructor, so give up even if it is			// We are going to instrument this destructor, so give up even if it is
	▲ Show 20 Lines • Show All 58 Lines • ▼ Show 20 Lines
	}			}

	/// Try to emit a definition as a global alias for another definition.			/// Try to emit a definition as a global alias for another definition.
	/// If \p InEveryTU is true, we know that an equivalent alias can be produced			/// If \p InEveryTU is true, we know that an equivalent alias can be produced
	/// in every translation unit.			/// in every translation unit.
	bool CodeGenModule::TryEmitDefinitionAsAlias(GlobalDecl AliasDecl,			bool CodeGenModule::TryEmitDefinitionAsAlias(GlobalDecl AliasDecl,
	GlobalDecl TargetDecl,			GlobalDecl TargetDecl,
	bool InEveryTU) {			bool InEveryTU) {
	if (!getCodeGenOpts().CXXCtorDtorAliases)			if (!getCodeGenOpts().CXXCtorDtorAliases)
				eugenisUnsubmitted Done Reply Inline Actions formatting eugenis: formatting
	return true;			return true;

				eugenisUnsubmitted Done Reply Inline Actions This function is called from TryEmitBaseDestructorAsAlias. This check is stronger than the one in the calling function, so that one has no effect. Maybe move the check to this function? eugenis: This function is called from TryEmitBaseDestructorAsAlias. This check is stronger than the one…
	// The alias will use the linkage of the referent. If we can't			// The alias will use the linkage of the referent. If we can't
	// support aliases with that linkage, fail.			// support aliases with that linkage, fail.
				rsmithUnsubmitted Done Reply Inline Actions This function isn't (or wasn't) specific to destructors; I think you should be checking for this as part of your `if` below rather than asserting it. rsmith: This function isn't (or wasn't) specific to destructors; I think you should be checking for…
	llvm::GlobalValue::LinkageTypes Linkage = getFunctionLinkage(AliasDecl);			llvm::GlobalValue::LinkageTypes Linkage = getFunctionLinkage(AliasDecl);

	// We can't use an alias if the linkage is not valid for one.			// We can't use an alias if the linkage is not valid for one.
				rsmithUnsubmitted Done Reply Inline Actions Please reorder this after the quicker, higher-level checks below. (Maybe move it to just before we create the mangled name?) rsmith: Please reorder this after the quicker, higher-level checks below. (Maybe move it to just before…
	if (!llvm::GlobalAlias::isValidLinkage(Linkage))			if (!llvm::GlobalAlias::isValidLinkage(Linkage))
	return true;			return true;

	// Don't create a weak alias for a dllexport'd symbol.			// Don't create a weak alias for a dllexport'd symbol.
	if (AliasDecl.getDecl()->hasAttr<DLLExportAttr>() &&			if (AliasDecl.getDecl()->hasAttr<DLLExportAttr>() &&
	llvm::GlobalValue::isWeakForLinker(Linkage))			llvm::GlobalValue::isWeakForLinker(Linkage))
	return true;			return true;

	llvm::GlobalValue::LinkageTypes TargetLinkage =			llvm::GlobalValue::LinkageTypes TargetLinkage =
	getFunctionLinkage(TargetDecl);			getFunctionLinkage(TargetDecl);
				eugenisUnsubmitted Done Reply Inline Actions ... with trivial destructors eugenis: ... with trivial destructors

	// Check if we have it already.			// Check if we have it already.
	StringRef MangledName = getMangledName(AliasDecl);			StringRef MangledName = getMangledName(AliasDecl);
	llvm::GlobalValue *Entry = GetGlobalValue(MangledName);			llvm::GlobalValue *Entry = GetGlobalValue(MangledName);
				rsmithUnsubmitted Done Reply Inline Actions && goes on previous line. rsmith: && goes on previous line.
	if (Entry && !Entry->isDeclaration())			if (Entry && !Entry->isDeclaration())
	return false;			return false;
				rsmithUnsubmitted Done Reply Inline Actions Having checked a bit more, I think this test should go in `TryEmitBaseDestructorAsAlias`: it's OK to emit the complete object destructor for a class as an alias for the base subobject constructor for the same class even if this sanitizer is enabled, but it's not OK to emit the destructor for the class as an alias for a base class's destructor (which is what `TryEmitBaseDestructorAsAlias` is checking). The check then becomes a lot simpler: with the sanitizer enabled, for each field we will do exactly one of (a) invoke a destructor (which will poison the memory) or (b) poison the memory ourselves. So if the sanitizer is enabled, we can emit an alias only if the derived class has no fields. rsmith: Having checked a bit more, I think this test should go in `TryEmitBaseDestructorAsAlias`: it's…
	if (Replacements.count(MangledName))			if (Replacements.count(MangledName))
	return false;			return false;

	// Derive the type for the alias.			// Derive the type for the alias.
	llvm::PointerType *AliasType			llvm::PointerType *AliasType
	= getTypes().GetFunctionType(AliasDecl)->getPointerTo();			= getTypes().GetFunctionType(AliasDecl)->getPointerTo();

	// Find the referent. Some aliases might require a bitcast, in			// Find the referent. Some aliases might require a bitcast, in
	▲ Show 20 Lines • Show All 167 Lines • Show Last 20 Lines

lib/CodeGen/CGClass.cpp

Show First 20 Lines • Show All 1,284 Lines • ▼ Show 20 Lines	void CodeGenFunction::EmitCtorPrologue(const CXXConstructorDecl *CD,
}		}
CM.finish();		CM.finish();
}		}

static bool		static bool
FieldHasTrivialDestructorBody(ASTContext &Context, const FieldDecl *Field);		FieldHasTrivialDestructorBody(ASTContext &Context, const FieldDecl *Field);

static bool		static bool
HasTrivialDestructorBody(ASTContext &Context,		HasTrivialDestructorBody(ASTContext &Context,
		rsmithUnsubmitted Done Reply Inline Actions I think you no longer need to make these functions members. rsmith: I think you no longer need to make these functions members.
const CXXRecordDecl *BaseClassDecl,		const CXXRecordDecl *BaseClassDecl,
const CXXRecordDecl *MostDerivedClassDecl)		const CXXRecordDecl *MostDerivedClassDecl)
{		{
// If the destructor is trivial we don't have to check anything else.		// If the destructor is trivial we don't have to check anything else.
if (BaseClassDecl->hasTrivialDestructor())		if (BaseClassDecl->hasTrivialDestructor())
return true;		return true;

if (!BaseClassDecl->getDestructor()->hasTrivialBody())		if (!BaseClassDecl->getDestructor()->hasTrivialBody())
Show All 27 Lines	if (BaseClassDecl == MostDerivedClassDecl) {
}		}
}		}

return true;		return true;
}		}

static bool		static bool
FieldHasTrivialDestructorBody(ASTContext &Context,		FieldHasTrivialDestructorBody(ASTContext &Context,
const FieldDecl *Field)		const FieldDecl *Field)
{		{
QualType FieldBaseElementType = Context.getBaseElementType(Field->getType());		QualType FieldBaseElementType = Context.getBaseElementType(Field->getType());

		rsmithUnsubmitted Done Reply Inline Actions This appears redundant; we'd return `true` for pointers on line 1341 anyway. (`getBaseElementType` only strips off array types, not pointer types). rsmith: This appears redundant; we'd return `true` for pointers on line 1341 anyway.
const RecordType *RT = FieldBaseElementType->getAs<RecordType>();		const RecordType *RT = FieldBaseElementType->getAs<RecordType>();
if (!RT)		if (!RT)
return true;		return true;

CXXRecordDecl *FieldClassDecl = cast<CXXRecordDecl>(RT->getDecl());		CXXRecordDecl *FieldClassDecl = cast<CXXRecordDecl>(RT->getDecl());

// The destructor for an implicit anonymous union member is never invoked.		// The destructor for an implicit anonymous union member is never invoked.
if (FieldClassDecl->isUnion() && FieldClassDecl->isAnonymousStructOrUnion())		if (FieldClassDecl->isUnion() && FieldClassDecl->isAnonymousStructOrUnion())
return false;		return false;

return HasTrivialDestructorBody(Context, FieldClassDecl, FieldClassDecl);		return HasTrivialDestructorBody(Context, FieldClassDecl, FieldClassDecl);
}		}

/// CanSkipVTablePointerInitialization - Check whether we need to initialize		/// CanSkipVTablePointerInitialization - Check whether we need to initialize
/// any vtable pointers before calling this destructor.		/// any vtable pointers before calling this destructor.
static bool CanSkipVTablePointerInitialization(ASTContext &Context,		static bool CanSkipVTablePointerInitialization(CodeGenFunction &CGF,
const CXXDestructorDecl *Dtor) {		const CXXDestructorDecl *Dtor) {
		eugenisUnsubmitted Done Reply Inline Actions Remove context from arguments, use CGF.getContext() Consider making this a method of CodegenFunction eugenis: Remove context from arguments, use CGF.getContext() Consider making this a method of…
if (!Dtor->hasTrivialBody())		if (!Dtor->hasTrivialBody())
return false;		return false;

// Check the fields.		// Check the fields.
const CXXRecordDecl *ClassDecl = Dtor->getParent();		const CXXRecordDecl *ClassDecl = Dtor->getParent();
for (const auto *Field : ClassDecl->fields())		for (const auto *Field : ClassDecl->fields())
if (!FieldHasTrivialDestructorBody(Context, Field))		if (!FieldHasTrivialDestructorBody(CGF.getContext(), Field))
return false;		return false;

return true;		return true;
}		}

// Generates function call for handling object poisoning, passing in
// references to 'this' and its size as arguments.
// Disables tail call elimination, to prevent the current stack frame from
// disappearing from the stack trace.
static void EmitDtorSanitizerCallback(CodeGenFunction &CGF,
const CXXDestructorDecl *Dtor) {
const ASTRecordLayout &Layout =
CGF.getContext().getASTRecordLayout(Dtor->getParent());

// Nothing to poison
if(Layout.getFieldCount() == 0)
return;

// Construct pointer to region to begin poisoning, and calculate poison
// size, so that only members declared in this class are poisoned.
llvm::Value *OffsetPtr;
CharUnits::QuantityType PoisonSize;
ASTContext &Context = CGF.getContext();

llvm::ConstantInt *OffsetSizePtr = llvm::ConstantInt::get(
CGF.SizeTy, Context.toCharUnitsFromBits(Layout.getFieldOffset(0)).
getQuantity());

OffsetPtr = CGF.Builder.CreateGEP(CGF.Builder.CreateBitCast(
CGF.LoadCXXThis(), CGF.Int8PtrTy), OffsetSizePtr);

PoisonSize = Layout.getSize().getQuantity() -
Context.toCharUnitsFromBits(Layout.getFieldOffset(0)).getQuantity();

llvm::Value *Args[] = {
CGF.Builder.CreateBitCast(OffsetPtr, CGF.VoidPtrTy),
llvm::ConstantInt::get(CGF.SizeTy, PoisonSize)};

llvm::Type *ArgTypes[] = {CGF.VoidPtrTy, CGF.SizeTy};

llvm::FunctionType *FnType =
llvm::FunctionType::get(CGF.VoidTy, ArgTypes, false);
llvm::Value *Fn =
CGF.CGM.CreateRuntimeFunction(FnType, "__sanitizer_dtor_callback");

// Disables tail call elimination, to prevent the current stack frame from
// disappearing from the stack trace.
CGF.CurFn->addFnAttr("disable-tail-calls", "true");
CGF.EmitNounwindRuntimeCall(Fn, Args);
}

/// EmitDestructorBody - Emits the body of the current destructor.		/// EmitDestructorBody - Emits the body of the current destructor.
void CodeGenFunction::EmitDestructorBody(FunctionArgList &Args) {		void CodeGenFunction::EmitDestructorBody(FunctionArgList &Args) {
const CXXDestructorDecl *Dtor = cast<CXXDestructorDecl>(CurGD.getDecl());		const CXXDestructorDecl *Dtor = cast<CXXDestructorDecl>(CurGD.getDecl());
CXXDtorType DtorType = CurGD.getDtorType();		CXXDtorType DtorType = CurGD.getDtorType();

Stmt *Body = Dtor->getBody();		Stmt *Body = Dtor->getBody();
if (Body)		if (Body)
incrementProfileCounter(Body);		incrementProfileCounter(Body);
▲ Show 20 Lines • Show All 47 Lines • ▼ Show 20 Lines	void CodeGenFunction::EmitDestructorBody(FunctionArgList &Args) {

case Dtor_Base:		case Dtor_Base:
assert(Body);		assert(Body);

// Enter the cleanup scopes for fields and non-virtual bases.		// Enter the cleanup scopes for fields and non-virtual bases.
EnterDtorCleanups(Dtor, Dtor_Base);		EnterDtorCleanups(Dtor, Dtor_Base);

// Initialize the vtable pointers before entering the body.		// Initialize the vtable pointers before entering the body.
if (!CanSkipVTablePointerInitialization(getContext(), Dtor))		if (!CanSkipVTablePointerInitialization(*this, Dtor))
InitializeVTablePointers(Dtor->getParent());		InitializeVTablePointers(Dtor->getParent());

if (isTryBody)		if (isTryBody)
EmitStmt(cast<CXXTryStmt>(Body)->getTryBlock());		EmitStmt(cast<CXXTryStmt>(Body)->getTryBlock());
else if (Body)		else if (Body)
EmitStmt(Body);		EmitStmt(Body);
else {		else {
assert(Dtor->isImplicit() && "bodyless dtor not implicit");		assert(Dtor->isImplicit() && "bodyless dtor not implicit");
// nothing to do besides what's in the epilogue		// nothing to do besides what's in the epilogue
}		}
// -fapple-kext must inline any call to this dtor into		// -fapple-kext must inline any call to this dtor into
// the caller's body.		// the caller's body.
if (getLangOpts().AppleKext)		if (getLangOpts().AppleKext)
CurFn->addFnAttr(llvm::Attribute::AlwaysInline);		CurFn->addFnAttr(llvm::Attribute::AlwaysInline);

// Insert memory-poisoning instrumentation, before final clean ups,
// to ensure this class's members are protected from invalid access.
if (CGM.getCodeGenOpts().SanitizeMemoryUseAfterDtor
&& SanOpts.has(SanitizerKind::Memory))
EmitDtorSanitizerCallback(*this, Dtor);

break;		break;
}		}

// Jump out through the epilogue cleanups.		// Jump out through the epilogue cleanups.
DtorEpilogue.ForceCleanup();		DtorEpilogue.ForceCleanup();

// Exit the try if applicable.		// Exit the try if applicable.
if (isTryBody)		if (isTryBody)
Show All 25 Lines	void Emit(CodeGenFunction &CGF, Flags flags) override {
const CXXRecordDecl *ClassDecl = Dtor->getParent();		const CXXRecordDecl *ClassDecl = Dtor->getParent();
CGF.EmitDeleteCall(Dtor->getOperatorDelete(), CGF.LoadCXXThis(),		CGF.EmitDeleteCall(Dtor->getOperatorDelete(), CGF.LoadCXXThis(),
CGF.getContext().getTagDeclType(ClassDecl));		CGF.getContext().getTagDeclType(ClassDecl));
}		}
};		};

struct CallDtorDeleteConditional final : EHScopeStack::Cleanup {		struct CallDtorDeleteConditional final : EHScopeStack::Cleanup {
llvm::Value *ShouldDeleteCondition;		llvm::Value *ShouldDeleteCondition;
public:		public:
		eugenisUnsubmitted Done Reply Inline Actions extra line eugenis: extra line
CallDtorDeleteConditional(llvm::Value *ShouldDeleteCondition)		CallDtorDeleteConditional(llvm::Value *ShouldDeleteCondition)
: ShouldDeleteCondition(ShouldDeleteCondition) {		: ShouldDeleteCondition(ShouldDeleteCondition) {
assert(ShouldDeleteCondition != nullptr);		assert(ShouldDeleteCondition != nullptr);
}		}

void Emit(CodeGenFunction &CGF, Flags flags) override {		void Emit(CodeGenFunction &CGF, Flags flags) override {
llvm::BasicBlock *callDeleteBB = CGF.createBasicBlock("dtor.call_delete");		llvm::BasicBlock *callDeleteBB = CGF.createBasicBlock("dtor.call_delete");
llvm::BasicBlock *continueBB = CGF.createBasicBlock("dtor.continue");		llvm::BasicBlock *continueBB = CGF.createBasicBlock("dtor.continue");
llvm::Value *ShouldCallDelete		llvm::Value *ShouldCallDelete
= CGF.Builder.CreateIsNull(ShouldDeleteCondition);		= CGF.Builder.CreateIsNull(ShouldDeleteCondition);
CGF.Builder.CreateCondBr(ShouldCallDelete, continueBB, callDeleteBB);		CGF.Builder.CreateCondBr(ShouldCallDelete, continueBB, callDeleteBB);
		eugenisUnsubmitted Done Reply Inline Actions unrelated changes eugenis: unrelated changes

CGF.EmitBlock(callDeleteBB);		CGF.EmitBlock(callDeleteBB);
const CXXDestructorDecl *Dtor = cast<CXXDestructorDecl>(CGF.CurCodeDecl);		const CXXDestructorDecl *Dtor = cast<CXXDestructorDecl>(CGF.CurCodeDecl);
const CXXRecordDecl *ClassDecl = Dtor->getParent();		const CXXRecordDecl *ClassDecl = Dtor->getParent();
CGF.EmitDeleteCall(Dtor->getOperatorDelete(), CGF.LoadCXXThis(),		CGF.EmitDeleteCall(Dtor->getOperatorDelete(), CGF.LoadCXXThis(),
CGF.getContext().getTagDeclType(ClassDecl));		CGF.getContext().getTagDeclType(ClassDecl));
CGF.Builder.CreateBr(continueBB);		CGF.Builder.CreateBr(continueBB);

CGF.EmitBlock(continueBB);		CGF.EmitBlock(continueBB);
}		}
};		};

class DestroyField final : public EHScopeStack::Cleanup {		class DestroyField final : public EHScopeStack::Cleanup {
const FieldDecl *field;		const FieldDecl *field;
CodeGenFunction::Destroyer *destroyer;		CodeGenFunction::Destroyer *destroyer;
bool useEHCleanupForArray;		bool useEHCleanupForArray;

public:		public:
DestroyField(const FieldDecl field, CodeGenFunction::Destroyer destroyer,		DestroyField(const FieldDecl field, CodeGenFunction::Destroyer destroyer,
bool useEHCleanupForArray)		bool useEHCleanupForArray)
: field(field), destroyer(destroyer),		: field(field), destroyer(destroyer),
useEHCleanupForArray(useEHCleanupForArray) {}		useEHCleanupForArray(useEHCleanupForArray) {}

void Emit(CodeGenFunction &CGF, Flags flags) override {		void Emit(CodeGenFunction &CGF, Flags flags) override {
// Find the address of the field.		// Find the address of the field.
llvm::Value *thisValue = CGF.LoadCXXThis();		llvm::Value *thisValue = CGF.LoadCXXThis();
QualType RecordTy = CGF.getContext().getTagDeclType(field->getParent());		QualType RecordTy = CGF.getContext().getTagDeclType(field->getParent());
LValue ThisLV = CGF.MakeAddrLValue(thisValue, RecordTy);		LValue ThisLV = CGF.MakeAddrLValue(thisValue, RecordTy);
LValue LV = CGF.EmitLValueForField(ThisLV, field);		LValue LV = CGF.EmitLValueForField(ThisLV, field);
assert(LV.isSimple());		assert(LV.isSimple());

CGF.emitDestroy(LV.getAddress(), field->getType(), destroyer,		CGF.emitDestroy(LV.getAddress(), field->getType(), destroyer,
flags.isForNormalCleanup() && useEHCleanupForArray);		flags.isForNormalCleanup() && useEHCleanupForArray);
}		}
};		};

		class SanitizeDtor final : public EHScopeStack::Cleanup {
		const CXXDestructorDecl *Dtor;

		public:
		SanitizeDtor(const CXXDestructorDecl *Dtor) : Dtor(Dtor) {}

		// Generate function call for handling object poisoning.
		eugenisUnsubmitted Done Reply Inline Actions This is no longer true. eugenis: This is no longer true.
		// Disables tail call elimination, to prevent the current stack frame
		// from disappearing from the stack trace.
		void Emit(CodeGenFunction &CGF, Flags flags) override {
		const ASTRecordLayout &Layout =
		eugenisUnsubmitted Done Reply Inline Actions extra empty line eugenis: extra empty line
		CGF.getContext().getASTRecordLayout(Dtor->getParent());

		// Nothing to poison.
		rsmithUnsubmitted Done Reply Inline Actions Add full stop. rsmith: Add full stop.
		if (Layout.getFieldCount() == 0)
		eugenisUnsubmitted Done Reply Inline Actions Probably better check Dtor->getParent()->field_empty() for consistency. eugenis: Probably better check Dtor->getParent()->field_empty() for consistency.
		rsmithUnsubmitted Done Reply Inline Actions This check is equivalent and more efficient. rsmith: This check is equivalent and more efficient.
		return;

		// Prevent the current stack frame from disappearing from the stack trace.
		CGF.CurFn->addFnAttr("disable-tail-calls", "true");
		rsmithUnsubmitted Done Reply Inline Actions You're only counting the direct fields here, not the inherited ones. rsmith: You're only counting the direct fields here, not the inherited ones.
		eugenisUnsubmitted Not Done Reply Inline Actions disable tail calls only when !field_empty() eugenis: disable tail calls only when !field_empty()
		eugenisUnsubmitted Not Done Reply Inline Actions oh, right, that's already the case. eugenis: oh, right, that's already the case.

		// Construct pointer to region to begin poisoning, and calculate poison
		// size, so that only members declared in this class are poisoned.
		ASTContext &Context = CGF.getContext();
		rsmithUnsubmitted Done Reply Inline Actions unsigned totalFields = std::distance(Dtor->getParent()->field_begin(), Dtor->getParent()->field_end()); rsmith: unsigned totalFields = std::distance(Dtor->getParent()->field_begin()…
		unsigned fieldIndex = 0;
		int startIndex = -1;
		// RecordDecl::field_iterator Field;
		for (const FieldDecl *Field : Dtor->getParent()->fields()) {
		rsmithUnsubmitted Done Reply Inline Actions Can you use a range for? rsmith: Can you use a range for?
		// Poison field if it is trivial
		rsmithUnsubmitted Done Reply Inline Actions Separately declaring `F` and `Field` seems unnecessary; how about: for (const FieldDecl Field : Dtor->getParent()->fields()) { rsmith:* Separately declaring `F` and `Field` seems unnecessary; how about: for (const FieldDecl…
		if (FieldHasTrivialDestructorBody(Context, Field)) {
		// Start sanitizing at this field
		if (startIndex < 0)
		startIndex = fieldIndex;
		rsmithUnsubmitted Done Reply Inline Actions todo -> TODO (or FIXME) rsmith: todo -> TODO (or FIXME)

		// Currently on the last field, and it must be poisoned with the
		// current block.
		if (fieldIndex == Layout.getFieldCount() - 1) {
		PoisonBlock(CGF, startIndex, Layout.getFieldCount());
		}
		} else if (startIndex >= 0) {
		// No longer within a block of memory to poison, so poison the block
		PoisonBlock(CGF, startIndex, fieldIndex);
		// Re-set the start index
		startIndex = -1;
		}
		eugenisUnsubmitted Done Reply Inline Actions Why do you need to special-case pointers? eugenis: Why do you need to special-case pointers?
		nmusgraveAuthorUnsubmitted Done Reply Inline Actions FieldHasTrivialDestructorBody doesn't catch pointers- it identifies their base type as some class, and returns false nmusgrave: FieldHasTrivialDestructorBody doesn't catch pointers- it identifies their base type as some…
		fieldIndex += 1;
		}
		}

		private:
		/// \param layoutStartOffset: index of the ASTRecordLayout field to
		/// start poisoning (inclusive)
		/// \param layoutEndOffset: index of the ASTRecordLayout field to
		/// end poisoning (exclusive)
		void PoisonBlock(CodeGenFunction &CGF, unsigned layoutStartOffset,
		unsigned layoutEndOffset) {
		rsmithUnsubmitted Done Reply Inline Actions Doxygenize this comment (use ///, \param). rsmith: Doxygenize this comment (use ///, \param).
		ASTContext &Context = CGF.getContext();
		eugenisUnsubmitted Done Reply Inline Actions Move this line above to group it with related code (Fn assignment). eugenis: Move this line above to group it with related code (Fn assignment).
		const ASTRecordLayout &Layout =
		Context.getASTRecordLayout(Dtor->getParent());

		llvm::ConstantInt *OffsetSizePtr = llvm::ConstantInt::get(
		CGF.SizeTy,
		rsmithUnsubmitted Done Reply Inline Actions Initialize these as you declare them, rather than separately: llvm::ConstantInt OffsetSizePtr = llvm::ConstantInt::get( // ... llvm::Value OffsetPtr = // ... rsmith: Initialize these as you declare them, rather than separately: llvm::ConstantInt…
		Context.toCharUnitsFromBits(Layout.getFieldOffset(layoutStartOffset))
		.getQuantity());

		llvm::Value *OffsetPtr = CGF.Builder.CreateGEP(
		CGF.Builder.CreateBitCast(CGF.LoadCXXThis(), CGF.Int8PtrTy),
		OffsetSizePtr);

		CharUnits::QuantityType PoisonSize;
		if (layoutEndOffset >= Layout.getFieldCount()) {
		PoisonSize = Layout.getNonVirtualSize().getQuantity() -
		Context.toCharUnitsFromBits(
		Layout.getFieldOffset(layoutStartOffset))
		.getQuantity();
		} else {
		PoisonSize = Context.toCharUnitsFromBits(
		Layout.getFieldOffset(layoutEndOffset) -
		Layout.getFieldOffset(layoutStartOffset))
		.getQuantity();
		}

		if (PoisonSize == 0)
		return;

		// Pass in void pointer and size of region as arguments to runtime
		// function
		rsmithUnsubmitted Done Reply Inline Actions I think this is off by one. `layoutEndOffset` is the index of the first field that is not poisoned, so this will trigger if we're poisoning up to, but not including, the last field, as well as triggering if we're poisoning the last field. rsmith: I think this is off by one. `layoutEndOffset` is the index of the first field that is not…
		llvm::Value *Args[] = {CGF.Builder.CreateBitCast(OffsetPtr, CGF.VoidPtrTy),
		llvm::ConstantInt::get(CGF.SizeTy, PoisonSize)};

		llvm::Type *ArgTypes[] = {CGF.VoidPtrTy, CGF.SizeTy};

		llvm::FunctionType *FnType =
		llvm::FunctionType::get(CGF.VoidTy, ArgTypes, false);
		llvm::Value *Fn =
		CGF.CGM.CreateRuntimeFunction(FnType, "__sanitizer_dtor_callback");
		CGF.EmitNounwindRuntimeCall(Fn, Args);
		}
		};
}		}

/// \brief Emit all code that comes at the end of class's		/// \brief Emit all code that comes at the end of class's
/// destructor. This is to call destructors on members and base classes		/// destructor. This is to call destructors on members and base classes
/// in reverse order of their construction.		/// in reverse order of their construction.
void CodeGenFunction::EnterDtorCleanups(const CXXDestructorDecl *DD,		void CodeGenFunction::EnterDtorCleanups(const CXXDestructorDecl *DD,
CXXDtorType DtorType) {		CXXDtorType DtorType) {
assert((!DD->isTrivial() \|\| DD->hasAttr<DLLExportAttr>()) &&		assert((!DD->isTrivial() \|\| DD->hasAttr<DLLExportAttr>()) &&
"Should not emit dtor epilogue for non-exported trivial dtor!");		"Should not emit dtor epilogue for non-exported trivial dtor!");

// The deleting-destructor phase just needs to call the appropriate		// The deleting-destructor phase just needs to call the appropriate
// operator delete that Sema picked up.		// operator delete that Sema picked up.
		rsmithUnsubmitted Done Reply Inline Actions Maybe do this once in `Emit` (if you poison anything) rather than doing it every time you emit a poison call? rsmith: Maybe do this once in `Emit` (if you poison anything) rather than doing it every time you emit…
if (DtorType == Dtor_Deleting) {		if (DtorType == Dtor_Deleting) {
assert(DD->getOperatorDelete() &&		assert(DD->getOperatorDelete() &&
"operator delete missing - EnterDtorCleanups");		"operator delete missing - EnterDtorCleanups");
if (CXXStructorImplicitParamValue) {		if (CXXStructorImplicitParamValue) {
// If there is an implicit param to the deleting dtor, it's a boolean		// If there is an implicit param to the deleting dtor, it's a boolean
// telling whether we should call delete at the end of the dtor.		// telling whether we should call delete at the end of the dtor.
EHStack.pushCleanup<CallDtorDeleteConditional>(		EHStack.pushCleanup<CallDtorDeleteConditional>(
NormalAndEHCleanup, CXXStructorImplicitParamValue);		NormalAndEHCleanup, CXXStructorImplicitParamValue);
▲ Show 20 Lines • Show All 44 Lines • ▼ Show 20 Lines	for (const auto &Base : ClassDecl->bases()) {
if (BaseClassDecl->hasTrivialDestructor())		if (BaseClassDecl->hasTrivialDestructor())
continue;		continue;

EHStack.pushCleanup<CallBaseDtor>(NormalAndEHCleanup,		EHStack.pushCleanup<CallBaseDtor>(NormalAndEHCleanup,
BaseClassDecl,		BaseClassDecl,
/BaseIsVirtual/ false);		/BaseIsVirtual/ false);
}		}

		// Poison fields such that access after their destructors are
		eugenisUnsubmitted Done Reply Inline Actions Only do this if sanitizing. I think this needs to be NormalAndEHCleanup eugenis: 1. Only do this if sanitizing. 2. I think this needs to be NormalAndEHCleanup
		rsmithUnsubmitted Done Reply Inline Actions Please add a comment here. "Mark the lifetime of fields as ending after field destructors run and before we destroy base classes." or similar. rsmith: Please add a comment here. "Mark the lifetime of fields as ending after field destructors run…
		// invoked, and before the base class destructor runs, is invalid.
		if (CGM.getCodeGenOpts().SanitizeMemoryUseAfterDtor &&
		SanOpts.has(SanitizerKind::Memory))
		EHStack.pushCleanup<SanitizeDtor>(NormalAndEHCleanup, DD);

// Destroy direct fields.		// Destroy direct fields.
for (const auto *Field : ClassDecl->fields()) {		for (const auto *Field : ClassDecl->fields()) {
QualType type = Field->getType();		QualType type = Field->getType();
QualType::DestructionKind dtorKind = type.isDestructedType();		QualType::DestructionKind dtorKind = type.isDestructedType();
if (!dtorKind) continue;		if (!dtorKind) continue;

// Anonymous union members do not have their destructors called.		// Anonymous union members do not have their destructors called.
const RecordType *RT = type->getAsUnionType();		const RecordType *RT = type->getAsUnionType();
▲ Show 20 Lines • Show All 823 Lines • Show Last 20 Lines

lib/CodeGen/CodeGenModule.h

Show First 20 Lines • Show All 1,093 Lines • ▼ Show 20 Lines	public:
void addDeferredVTable(const CXXRecordDecl *RD) {		void addDeferredVTable(const CXXRecordDecl *RD) {
DeferredVTables.push_back(RD);		DeferredVTables.push_back(RD);
}		}

/// Emit code for a singal global function or var decl. Forward declarations		/// Emit code for a singal global function or var decl. Forward declarations
/// are emitted lazily.		/// are emitted lazily.
void EmitGlobal(GlobalDecl D);		void EmitGlobal(GlobalDecl D);

		bool
		HasTrivialDestructorBody(ASTContext &Context,
		const CXXRecordDecl *BaseClassDecl,
		const CXXRecordDecl *MostDerivedClassDecl);
		bool
		FieldHasTrivialDestructorBody(ASTContext &Context, const FieldDecl *Field);

bool TryEmitDefinitionAsAlias(GlobalDecl Alias, GlobalDecl Target,		bool TryEmitDefinitionAsAlias(GlobalDecl Alias, GlobalDecl Target,
bool InEveryTU);		bool InEveryTU);
bool TryEmitBaseDestructorAsAlias(const CXXDestructorDecl *D);		bool TryEmitBaseDestructorAsAlias(const CXXDestructorDecl *D);

/// Set attributes for a global definition.		/// Set attributes for a global definition.
void setFunctionDefinitionAttributes(const FunctionDecl *D,		void setFunctionDefinitionAttributes(const FunctionDecl *D,
llvm::Function *F);		llvm::Function *F);

▲ Show 20 Lines • Show All 159 Lines • Show Last 20 Lines

test/CodeGenCXX/sanitize-dtor-bit-field.cpp

This file was added.

				// Test -fsanitize-memory-use-after-dtor
				// RUN: %clang_cc1 -O0 -fsanitize=memory -fsanitize-memory-use-after-dtor -disable-llvm-optzns -std=c++11 -triple=x86_64-pc-linux -emit-llvm -o - %s \| FileCheck %s
				rsmithUnsubmitted Done Reply Inline Actions It'd also be good to test for the case where a bit-field is adjacent to non-sanitized fields: struct A { char c; ~A(); }; struct B { A x; int n : 1; A y; }; rsmith: It'd also be good to test for the case where a bit-field is adjacent to non-sanitized fields…
				// RUN: %clang_cc1 -O1 -fsanitize=memory -fsanitize-memory-use-after-dtor -disable-llvm-optzns -std=c++11 -triple=x86_64-pc-linux -emit-llvm -o - %s \| FileCheck %s

				// 24 bytes total
				struct Packed {
				// Packed into 4 bytes
				unsigned int a : 1;
				unsigned int b : 1;
				//unsigned int c : 1;
				// Force alignment to next 4 bytes
				unsigned int : 0;
				unsigned int d : 1;
				// Force alignment, 8 more bytes
				double e = 5.0;
				// 4 bytes
				unsigned int f : 1;
				~Packed() {}
				};
				Packed p;


				// 1 byte total
				struct Empty {
				unsigned int : 0;
				~Empty() {}
				};
				Empty e;


				// 4 byte total
				struct Simple {
				unsigned int a : 1;
				~Simple() {}
				};
				Simple s;


				// 8 bytes total
				struct Anon {
				// 1 byte
				unsigned int a : 1;
				unsigned int b : 2;
				// Force alignment to next byte
				unsigned int : 0;
				unsigned int c : 1;
				~Anon() {}
				};
				Anon an;


				struct CharStruct {
				char c;
				~CharStruct();
				};

				struct Adjacent {
				CharStruct a;
				int b : 1;
				CharStruct c;
				~Adjacent() {}
				};
				Adjacent ad;


				// CHECK-LABEL: define {{.*}}PackedD2Ev
				// CHECK: call void @__sanitizer_dtor_callback{{.*}}i64 17
				// CHECK: ret void

				// CHECK-LABEL: define {{.*}}EmptyD2Ev
				// CHECK-NOT: call void @__sanitizer_dtor_callback{{.*}}i64 0
				// CHECK: ret void

				// CHECK-LABEL: define {{.*}}SimpleD2Ev
				// CHECK: call void @__sanitizer_dtor_callback{{.*}}i64 1
				// CHECK: ret void

				// CHECK-LABEL: define {{.*}}AnonD2Ev
				// CHECK: call void @__sanitizer_dtor_callback{{.*}}i64 5
				// CHECK: ret void

				// CHECK-LABEL: define {{.*}}AdjacentD2Ev
				// CHECK: call void @__sanitizer_dtor_callback{{.*}}i64 1
				// CHECK: ret void

test/CodeGenCXX/sanitize-dtor-nontrivial-virtual-base.cpp

This file was added.

				// RUN: %clang_cc1 -fsanitize=memory -O0 -fsanitize-memory-use-after-dtor -std=c++11 -triple=x86_64-pc-linux -emit-llvm -o - %s \| FileCheck %s
				// RUN: %clang_cc1 -fsanitize=memory -O1 -fsanitize-memory-use-after-dtor -std=c++11 -triple=x86_64-pc-linux -emit-llvm -o - %s \| FileCheck %s

				template <class T>
				class Vector {
				public:
				int size;
				~Vector() {
				size += 1;
				}
				};

				struct Base {
				int b1;
				double b2;
				Base() {
				b1 = 5;
				b2 = 10.989;
				}
				virtual ~Base() {}
				};

				struct VirtualBase {
				int vb1;
				int vb2;
				VirtualBase() {
				vb1 = 10;
				vb2 = 11;
				}
				virtual ~VirtualBase() {}
				};

				struct Derived : public Base, public virtual VirtualBase {
				int d1;
				Vector<int> v;
				int d2;
				Derived() {
				d1 = 10;
				}
				~Derived() {}
				};

				Derived d;

				// Destruction order:
				// Derived: int, Vector, Base, VirtualBase

				// CHECK-LABEL: define {{.*}}ZN7DerivedD1Ev
				// CHECK: call void {{.*}}ZN11VirtualBaseD2Ev
				// CHECK: ret void

				// CHECK-LABEL: define {{.*}}ZN7DerivedD0Ev
				// CHECK: ret void

				// CHECK-LABEL: define {{.*}}ZN11VirtualBaseD1Ev
				// CHECK: ret void

				// CHECK-LABEL: define {{.*}}ZN11VirtualBaseD0Ev
				// CHECK: ret void

				// poison 2 ints
				// CHECK-LABEL: define {{.*}}ZN11VirtualBaseD2Ev
				// CHECK: call void {{.}}sanitizer_dtor_callback({{.}}, i64 8)
				// CHECK: ret void

				// poison int and double
				// CHECK-LABEL: define {{.*}}ZN4BaseD2Ev
				// CHECK: call void {{.}}sanitizer_dtor_callback({{.}}, i64 16)
				// CHECK: ret void

				// poison int, ignore vector, poison int
				// CHECK-LABEL: define {{.*}}ZN7DerivedD2Ev
				// CHECK: call void {{.*}}ZN6VectorIiED1Ev
				// CHECK: call void {{.}}sanitizer_dtor_callback({{.}}, i64 4)
				// CHECK: call void {{.}}sanitizer_dtor_callback({{.}}, i64 4)
				// CHECK: call void {{.*}}ZN4BaseD2Ev
				// CHECK: ret void

				// poison int
				// CHECK-LABEL: define {{.*}}ZN6VectorIiED2Ev
				// CHECK: call void {{.}}sanitizer_dtor_callback({{.}}, i64 4)
				// CHECK: ret void

test/CodeGenCXX/sanitize-dtor-repress-aliasing.cpp

This file was added.

				// Test -fsanitize-memory-use-after-dtor
				// RUN: %clang_cc1 -fsanitize=memory -O1 -fsanitize-memory-use-after-dtor -std=c++11 -triple=x86_64-pc-linux -emit-llvm -o - %s \| FileCheck %s
				// RUN: %clang_cc1 -fsanitize=memory -O2 -fsanitize-memory-use-after-dtor -std=c++11 -triple=x86_64-pc-linux -emit-llvm -o - %s \| FileCheck %s

				template <class T>
				class Vector {
				public:
				int size;
				~Vector() {}
				};

				// Virtual function table for the derived class only contains
				// its own destructors, with no aliasing to base class dtors.
				struct Base {
				Vector<int> v;
				int x;
				Base() { x = 5; }
				virtual ~Base() {}
				};

				struct Derived : public Base {
				int z;
				Derived() { z = 10; }
				~Derived() {}
				};

				Derived d;

				// Definition of virtual function table
				// CHECK: @_ZTV7Derived = {{.}}@_ZN7DerivedD1Ev{{.}}@_ZN7DerivedD0Ev
				eugenisUnsubmitted Done Reply Inline Actions That's a lot of checks. How about: CHECK-LABEL: define {{.}}ZN7DerivedD1Ev* CHECK-NOT: ret void CHECK: call void {{.}}ZN7DerivedD2Ev* CHECK-NOT: ret void CHECK: call void {{.}}ZN11VirtualBaseD2Ev* CHECK: ret void And the same in ZN7DerivedD2Ev. And remove all other destructors. eugenis: That's a lot of checks. How about: // CHECK-LABEL: define {{.*}}ZN7DerivedD1Ev // CHECK-NOT…
				eugenisUnsubmitted Not Done Reply Inline Actions I don't think this is interesting. eugenis: I don't think this is interesting.
				nmusgraveAuthorUnsubmitted Not Done Reply Inline Actions Its checking that my aliasing is repressed when appropriate.Should I keep or get rid of this test case? nmusgrave: Its checking that my aliasing is repressed when appropriate.Should I keep or get rid of this…
				eugenisUnsubmitted Done Reply Inline Actions Hm, it looks like my comment was for some older version of this code. Keep it. You can make it a bit more resistant against unrelated changes. We only need to check that both D1 and D2 destructors appear in the vtable, and don't care about any of the i8* casts. Smth like this: @_ZTV7Derived = {{.}}@_ZN7DerivedD1Ev{{.}}@_ZN7DerivedD0Ev eugenis: Hm, it looks like my comment was for some older version of this code. Keep it. You can make it…