This is an archive of the discontinued LLVM Phabricator instance.

Differential D122673

Add kcfi_unchecked attribute
AbandonedPublic

Authored by samitolvanen on Mar 29 2022, 11:15 AM.

Details

Reviewers
aaron.ballman
pcc
nickdesaulniers
ardb
kees
joaomoreira
Summary

With -fsanitize=kcfi, disabling indirect call checking using the
no_sanitize attribute or the sanitizer special case list is not
fine-grained enough in cases where we want to disable checking
only for specific calls. The kcfi_unchecked attribute applies to
functions and function pointers and allows disabling indirect calls
made using an annotated pointer.

Depends on D119296

Diff Detail

Event Timeline

samitolvanen created this revision.Mar 29 2022, 11:15 AM
Herald added a project: Restricted Project. · View Herald TranscriptMar 29 2022, 11:15 AM
Herald added subscribers: jdoerfert, martong. · View Herald Transcript
samitolvanen requested review of this revision.Mar 29 2022, 11:15 AM
Herald added a project: Restricted Project. · View Herald TranscriptMar 29 2022, 11:15 AM
Herald added a subscriber: cfe-commits. · View Herald Transcript
samitolvanen added a comment.Mar 29 2022, 11:21 AM

Note that this was split from D119296.

In the previous discussion, @joaomoreira pointed out that this is very similar to nocf_check and proposed reusing that attribute. In an offline discussion, @pcc was concerned that an attribute may not be the right approach here and suggested a __builtin_kcfi_unchecked(function(args)) built-in function to avoid changing the type system.

I would appreciate hearing your thoughts.

Harbormaster completed remote builds in B156806: Diff 418934.Mar 30 2022, 8:03 AM
aaron.ballman added a comment.Apr 11 2022, 12:02 PM
In D122673#3414650, @samitolvanen wrote:

Note that this was split from D119296.

In the previous discussion, @joaomoreira pointed out that this is very similar to nocf_check and proposed reusing that attribute. In an offline discussion, @pcc was concerned that an attribute may not be the right approach here and suggested a __builtin_kcfi_unchecked(function(args)) built-in function to avoid changing the type system.

I would appreciate hearing your thoughts.

I tend to be very wary of modifying the type system with attributes -- questions always arise of what the type system effects are of the attribute. e.g., does it impact overload sets or template specialization? Name mangling? If it doesn't have type system impacts... why does it need to be in the type system at all? This also matters because adding more bits to types can have unintended side effects like accidentally reducing the depth of template instantiations we can process (because of the extra memory pressure). So while I'm not certain what you and @pcc talked about, it does seem like an approach at least worth thinking about, especially because this patch needs to bump the size of Type.

clang/include/clang/AST/Type.h
1832

Needing to bump this limit worries me. It's correct for the changes, but it means that Type just because even more expensive and so I wonder how this will impact compile time performance.

samitolvanen added a comment.Apr 11 2022, 12:05 PM
In D122673#3443498, @aaron.ballman wrote:

I tend to be very wary of modifying the type system with attributes -- questions always arise of what the type system effects are of the attribute. e.g., does it impact overload sets or template specialization? Name mangling? If it doesn't have type system impacts... why does it need to be in the type system at all? This also matters because adding more bits to types can have unintended side effects like accidentally reducing the depth of template instantiations we can process (because of the extra memory pressure). So while I'm not certain what you and @pcc talked about, it does seem like an approach at least worth thinking about, especially because this patch needs to bump the size of Type.

Sure, I agree. I'll take a look at the built-in approach. Do you have any thoughts about reusing nocf_check, which is essentially identical to this proposed attribute, just currently limited to x86 CET?

aaron.ballman added a comment.Apr 11 2022, 12:14 PM
In D122673#3443518, @samitolvanen wrote:
In D122673#3443498, @aaron.ballman wrote:

I tend to be very wary of modifying the type system with attributes -- questions always arise of what the type system effects are of the attribute. e.g., does it impact overload sets or template specialization? Name mangling? If it doesn't have type system impacts... why does it need to be in the type system at all? This also matters because adding more bits to types can have unintended side effects like accidentally reducing the depth of template instantiations we can process (because of the extra memory pressure). So while I'm not certain what you and @pcc talked about, it does seem like an approach at least worth thinking about, especially because this patch needs to bump the size of Type.

Sure, I agree. I'll take a look at the built-in approach. Do you have any thoughts about reusing nocf_check, which is essentially identical to this proposed attribute, just currently limited to x86 CET?

I was thinking about that, but I don't think it's possible to reuse that (however, I must admit that I don't know the semantic details about either of these attributes very well, so I may be missing something). nocf_check is allowed on any X86 target, and kcfi_unchecked is allowed on x86-64. It seems like that target would still need a way to differentiate between the semantics because the attributes do different things. Or have I misunderstood something about the relationship between nocf_check and this attribute? (If the semantics aren't just "essentially identical" but are "actually identical" for x86-64, then this option seems more viable.)

joaomoreira added a comment.EditedApr 11 2022, 2:15 PM

In the previous discussion, @joaomoreira pointed out that this is very similar to nocf_check and proposed reusing that attribute. In an offline discussion, @pcc was concerned that an attribute may not be the right approach here and suggested a __builtin_kcfi_unchecked(function(args)) built-in function to avoid changing the type system.

I'm still thinking a bit about this/needing some time to provide a proper review, but just to not hold the thoughts back since this is moving.

A consideration I can foresee with extending the type system with an attribute is that you then tie the function pointer prototype to the attribute for assignments and this will later require some casting magic if you want to invoke functions without kcfi_unchecked through a kcfi_unchecked pointer (which I assume should be doable). OTOH, it would be nice to get warnings when assigning a kcfi_unchecked function to pointers which will later be used in checked indirect calls (yet, it would be better to have explicit warning about the inconsistency instead of implicit type mismatching ones).

Regarding nocf_check, my understanding is that the kernel IBT support assumes CET/IBT to be orthogonal to KCFI -- with that said, kernel implementation is set to never use or allow no-track prefixes, meaning that the above situation never happens for IBT (since there are no nocf_check function pointers). OTOH, I assume that there could be situations where you want the function pointer call to be relaxed/coarse-grained? If yes, this would need to be done through a different attribute other than nocf_check, since this sets the compiler to emit notrack prefixes that are invalid in kernel.

With all the above, it seems to me that using a kcfi-specific builtin could be the more flexible option.

samitolvanen abandoned this revision.Apr 13 2022, 11:38 AM

Alright, thanks for the feedback everyone! I'll abandon this patch and look into adding a built-in function instead.

samitolvanen mentioned this in D124211: Add __builtin_kcfi_call_unchecked.Apr 28 2022, 11:33 AM

Revision Contents

PathSize
clang/
include/
clang/
AST/
20 lines
7 lines
Basic/
6 lines
25 lines
CodeGen/
10 lines
lib/
AST/
2 lines
2 lines
5 lines
CodeGen/
1 line
9 lines
Sema/
3 lines
16 lines
Serialization/
1 line
test/
CodeGen/
126 lines
49 lines
Misc/
1 line
Sema/
18 lines
14 lines

Diff 418934

clang/include/clang/AST/Type.h

Show First 20 LinesShow All 1,585 Lines▼ Show 20 Linesprotected:
class FunctionTypeBitfields { class FunctionTypeBitfields {
friend class FunctionProtoType; friend class FunctionProtoType;
friend class FunctionType; friend class FunctionType;
unsigned : NumTypeBits; unsigned : NumTypeBits;
/// Extra information which affects how the function is called, like /// Extra information which affects how the function is called, like
/// regparm and the calling convention. /// regparm and the calling convention.
unsigned ExtInfo : 13; unsigned ExtInfo : 14;
/// The ref-qualifier associated with a \c FunctionProtoType. /// The ref-qualifier associated with a \c FunctionProtoType.
/// ///
/// This is a value of type \c RefQualifierKind. /// This is a value of type \c RefQualifierKind.
unsigned RefQualifier : 2; unsigned RefQualifier : 2;
/// Used only by FunctionProtoType, put here to pack with the /// Used only by FunctionProtoType, put here to pack with the
/// other bitfields. /// other bitfields.
▲ Show 20 LinesShow All 221 Lines▼ Show 20 Linesprivate:
} }
protected: protected:
friend class ASTContext; friend class ASTContext;
Type(TypeClass tc, QualType canon, TypeDependence Dependence) Type(TypeClass tc, QualType canon, TypeDependence Dependence)
: ExtQualsTypeCommonBase(this, : ExtQualsTypeCommonBase(this,
canon.isNull() ? QualType(this_(), 0) : canon) { canon.isNull() ? QualType(this_(), 0) : canon) {
static_assert(sizeof(*this) <= 8 + sizeof(ExtQualsTypeCommonBase), static_assert(sizeof(*this) <= 16 + sizeof(ExtQualsTypeCommonBase),
aaron.ballmanUnsubmitted
Not Done
ReplyInline Actions

Needing to bump this limit worries me. It's correct for the changes, but it means that Type just because even more expensive and so I wonder how this will impact compile time performance.

aaron.ballman: Needing to bump this limit worries me. It's correct for the changes, but it means that `Type`…
"changing bitfields changed sizeof(Type)!"); "changing bitfields changed sizeof(Type)!");
static_assert(alignof(decltype(*this)) % sizeof(void *) == 0, static_assert(alignof(decltype(*this)) % sizeof(void *) == 0,
"Insufficient alignment!"); "Insufficient alignment!");
TypeBits.TC = tc; TypeBits.TC = tc;
TypeBits.Dependence = static_cast<unsigned>(Dependence); TypeBits.Dependence = static_cast<unsigned>(Dependence);
TypeBits.CacheValid = false; TypeBits.CacheValid = false;
TypeBits.CachedLocalOrUnnamed = false; TypeBits.CachedLocalOrUnnamed = false;
TypeBits.CachedLinkage = NoLinkage; TypeBits.CachedLinkage = NoLinkage;
▲ Show 20 LinesShow All 1,826 Lines▼ Show 20 Lines class ExtInfo {
friend class FunctionType; friend class FunctionType;
// Feel free to rearrange or add bits, but if you go over 16, you'll need to // Feel free to rearrange or add bits, but if you go over 16, you'll need to
// adjust the Bits field below, and if you add bits, you'll need to adjust // adjust the Bits field below, and if you add bits, you'll need to adjust
// Type::FunctionTypeBitfields::ExtInfo as well. // Type::FunctionTypeBitfields::ExtInfo as well.
// | CC |noreturn|produces|nocallersavedregs|regparm|nocfcheck|cmsenscall| // | CC |noreturn|produces|nocallersavedregs|regparm|nocfcheck|cmsenscall|
// |0 .. 4| 5 | 6 | 7 |8 .. 10| 11 | 12 | // |0 .. 4| 5 | 6 | 7 |8 .. 10| 11 | 12 |
// |kcfiunchecked|
// | 13 |
// //
// regparm is either 0 (no regparm attribute) or the regparm value+1. // regparm is either 0 (no regparm attribute) or the regparm value+1.
enum { CallConvMask = 0x1F }; enum { CallConvMask = 0x1F };
enum { NoReturnMask = 0x20 }; enum { NoReturnMask = 0x20 };
enum { ProducesResultMask = 0x40 }; enum { ProducesResultMask = 0x40 };
enum { NoCallerSavedRegsMask = 0x80 }; enum { NoCallerSavedRegsMask = 0x80 };
enum { enum {
RegParmMask = 0x700, RegParmMask = 0x700,
RegParmOffset = 8 RegParmOffset = 8
}; };
enum { NoCfCheckMask = 0x800 }; enum { NoCfCheckMask = 0x800 };
enum { CmseNSCallMask = 0x1000 }; enum { CmseNSCallMask = 0x1000 };
enum { KCFIUncheckedMask = 0x2000 };
uint16_t Bits = CC_C; uint16_t Bits = CC_C;
ExtInfo(unsigned Bits) : Bits(static_cast<uint16_t>(Bits)) {} ExtInfo(unsigned Bits) : Bits(static_cast<uint16_t>(Bits)) {}
public: public:
// Constructor with no defaults. Use this when you know that you // Constructor with no defaults. Use this when you know that you
// have all the elements (when reading an AST file for example). // have all the elements (when reading an AST file for example).
ExtInfo(bool noReturn, bool hasRegParm, unsigned regParm, CallingConv cc, ExtInfo(bool noReturn, bool hasRegParm, unsigned regParm, CallingConv cc,
bool producesResult, bool noCallerSavedRegs, bool NoCfCheck, bool producesResult, bool noCallerSavedRegs, bool NoCfCheck,
bool cmseNSCall) { bool cmseNSCall, bool kcfiUnchecked) {
assert((!hasRegParm || regParm < 7) && "Invalid regparm value"); assert((!hasRegParm || regParm < 7) && "Invalid regparm value");
Bits = ((unsigned)cc) | (noReturn ? NoReturnMask : 0) | Bits = ((unsigned)cc) | (noReturn ? NoReturnMask : 0) |
(producesResult ? ProducesResultMask : 0) | (producesResult ? ProducesResultMask : 0) |
(noCallerSavedRegs ? NoCallerSavedRegsMask : 0) | (noCallerSavedRegs ? NoCallerSavedRegsMask : 0) |
(hasRegParm ? ((regParm + 1) << RegParmOffset) : 0) | (hasRegParm ? ((regParm + 1) << RegParmOffset) : 0) |
(NoCfCheck ? NoCfCheckMask : 0) | (NoCfCheck ? NoCfCheckMask : 0) |
(cmseNSCall ? CmseNSCallMask : 0); (cmseNSCall ? CmseNSCallMask : 0) |
(kcfiUnchecked ? KCFIUncheckedMask : 0);
} }
// Constructor with all defaults. Use when for example creating a // Constructor with all defaults. Use when for example creating a
// function known to use defaults. // function known to use defaults.
ExtInfo() = default; ExtInfo() = default;
// Constructor with just the calling convention, which is an important part // Constructor with just the calling convention, which is an important part
// of the canonical type. // of the canonical type.
ExtInfo(CallingConv CC) : Bits(CC) {} ExtInfo(CallingConv CC) : Bits(CC) {}
bool getNoReturn() const { return Bits & NoReturnMask; } bool getNoReturn() const { return Bits & NoReturnMask; }
bool getProducesResult() const { return Bits & ProducesResultMask; } bool getProducesResult() const { return Bits & ProducesResultMask; }
bool getCmseNSCall() const { return Bits & CmseNSCallMask; } bool getCmseNSCall() const { return Bits & CmseNSCallMask; }
bool getNoCallerSavedRegs() const { return Bits & NoCallerSavedRegsMask; } bool getNoCallerSavedRegs() const { return Bits & NoCallerSavedRegsMask; }
bool getNoCfCheck() const { return Bits & NoCfCheckMask; } bool getNoCfCheck() const { return Bits & NoCfCheckMask; }
bool getKCFIUnchecked() const { return Bits & KCFIUncheckedMask; }
bool getHasRegParm() const { return ((Bits & RegParmMask) >> RegParmOffset) != 0; } bool getHasRegParm() const { return ((Bits & RegParmMask) >> RegParmOffset) != 0; }
unsigned getRegParm() const { unsigned getRegParm() const {
unsigned RegParm = (Bits & RegParmMask) >> RegParmOffset; unsigned RegParm = (Bits & RegParmMask) >> RegParmOffset;
if (RegParm > 0) if (RegParm > 0)
--RegParm; --RegParm;
return RegParm; return RegParm;
} }
Show All 40 Lines public:
ExtInfo withNoCfCheck(bool noCfCheck) const { ExtInfo withNoCfCheck(bool noCfCheck) const {
if (noCfCheck) if (noCfCheck)
return ExtInfo(Bits | NoCfCheckMask); return ExtInfo(Bits | NoCfCheckMask);
else else
return ExtInfo(Bits & ~NoCfCheckMask); return ExtInfo(Bits & ~NoCfCheckMask);
} }
ExtInfo withKCFIUnchecked(bool kcfiUnchecked) const {
if (kcfiUnchecked)
return ExtInfo(Bits | KCFIUncheckedMask);
else
return ExtInfo(Bits & ~KCFIUncheckedMask);
}
ExtInfo withRegParm(unsigned RegParm) const { ExtInfo withRegParm(unsigned RegParm) const {
assert(RegParm < 7 && "Invalid regparm value"); assert(RegParm < 7 && "Invalid regparm value");
return ExtInfo((Bits & ~RegParmMask) | return ExtInfo((Bits & ~RegParmMask) |
((RegParm + 1) << RegParmOffset)); ((RegParm + 1) << RegParmOffset));
} }
ExtInfo withCallingConv(CallingConv cc) const { ExtInfo withCallingConv(CallingConv cc) const {
return ExtInfo((Bits & ~CallConvMask) | (unsigned) cc); return ExtInfo((Bits & ~CallConvMask) | (unsigned) cc);
▲ Show 20 LinesShow All 3,564 LinesShow Last 20 Lines

clang/include/clang/AST/TypeProperties.td

Show First 20 LinesShow All 281 Lines▼ Show 20 Lines def : Property<"noCallerSavedRegs", Bool> {
let Read = [{ node->getExtInfo().getNoCallerSavedRegs() }]; let Read = [{ node->getExtInfo().getNoCallerSavedRegs() }];
} }
def : Property<"noCfCheck", Bool> { def : Property<"noCfCheck", Bool> {
let Read = [{ node->getExtInfo().getNoCfCheck() }]; let Read = [{ node->getExtInfo().getNoCfCheck() }];
} }
def : Property<"cmseNSCall", Bool> { def : Property<"cmseNSCall", Bool> {
let Read = [{ node->getExtInfo().getCmseNSCall() }]; let Read = [{ node->getExtInfo().getCmseNSCall() }];
} }
def : Property<"kcfiUnchecked", Bool> {
let Read = [{ node->getExtInfo().getKCFIUnchecked() }];
}
} }
let Class = FunctionNoProtoType in { let Class = FunctionNoProtoType in {
def : Creator<[{ def : Creator<[{
auto extInfo = FunctionType::ExtInfo(noReturn, hasRegParm, regParm, auto extInfo = FunctionType::ExtInfo(noReturn, hasRegParm, regParm,
callingConvention, producesResult, callingConvention, producesResult,
noCallerSavedRegs, noCfCheck, noCallerSavedRegs, noCfCheck,
cmseNSCall); cmseNSCall, kcfiUnchecked);
return ctx.getFunctionNoProtoType(returnType, extInfo); return ctx.getFunctionNoProtoType(returnType, extInfo);
}]>; }]>;
} }
let Class = FunctionProtoType in { let Class = FunctionProtoType in {
def : Property<"variadic", Bool> { def : Property<"variadic", Bool> {
let Read = [{ node->isVariadic() }]; let Read = [{ node->isVariadic() }];
} }
Show All 17 Lines let Read = [{ node->hasExtParameterInfos()
? node->getExtParameterInfos() ? node->getExtParameterInfos()
: llvm::ArrayRef<FunctionProtoType::ExtParameterInfo>() }]; : llvm::ArrayRef<FunctionProtoType::ExtParameterInfo>() }];
} }
def : Creator<[{ def : Creator<[{
auto extInfo = FunctionType::ExtInfo(noReturn, hasRegParm, regParm, auto extInfo = FunctionType::ExtInfo(noReturn, hasRegParm, regParm,
callingConvention, producesResult, callingConvention, producesResult,
noCallerSavedRegs, noCfCheck, noCallerSavedRegs, noCfCheck,
cmseNSCall); cmseNSCall, kcfiUnchecked);
FunctionProtoType::ExtProtoInfo epi; FunctionProtoType::ExtProtoInfo epi;
epi.ExtInfo = extInfo; epi.ExtInfo = extInfo;
epi.Variadic = variadic; epi.Variadic = variadic;
epi.HasTrailingReturn = trailingReturn; epi.HasTrailingReturn = trailingReturn;
epi.TypeQuals = methodQualifiers; epi.TypeQuals = methodQualifiers;
epi.RefQualifier = refQualifier; epi.RefQualifier = refQualifier;
epi.ExceptionSpec = exceptionSpecifier; epi.ExceptionSpec = exceptionSpecifier;
epi.ExtParameterInfos = epi.ExtParameterInfos =
▲ Show 20 LinesShow All 595 LinesShow Last 20 Lines

clang/include/clang/Basic/Attr.td

Show First 20 LinesShow All 3,030 Lines▼ Show 20 Lines
def CFICanonicalJumpTable : InheritableAttr { def CFICanonicalJumpTable : InheritableAttr {
let Spellings = [Clang<"cfi_canonical_jump_table">]; let Spellings = [Clang<"cfi_canonical_jump_table">];
let Subjects = SubjectList<[Function], ErrorDiag>; let Subjects = SubjectList<[Function], ErrorDiag>;
let Documentation = [CFICanonicalJumpTableDocs]; let Documentation = [CFICanonicalJumpTableDocs];
let SimpleHandler = 1; let SimpleHandler = 1;
} }
def KCFIUnchecked : DeclOrTypeAttr, TargetSpecificAttr<TargetArch<["aarch64", "aarch64_be", "x86_64"]>> {
let Spellings = [Clang<"kcfi_unchecked">];
let Subjects = SubjectList<[FunctionLike]>;
let Documentation = [KCFIUncheckedDocs];
}
// C/C++ Thread safety attributes (e.g. for deadlock, data race checking) // C/C++ Thread safety attributes (e.g. for deadlock, data race checking)
// Not all of these attributes will be given a [[]] spelling. The attributes // Not all of these attributes will be given a [[]] spelling. The attributes
// which require access to function parameter names cannot use the [[]] spelling // which require access to function parameter names cannot use the [[]] spelling
// because they are not written in the type position. Some attributes are given // because they are not written in the type position. Some attributes are given
// an updated captability-based name and the older name will only be supported // an updated captability-based name and the older name will only be supported
// under the GNU-style spelling. // under the GNU-style spelling.
def GuardedVar : InheritableAttr { def GuardedVar : InheritableAttr {
let Spellings = [Clang<"guarded_var", 0>]; let Spellings = [Clang<"guarded_var", 0>];
▲ Show 20 LinesShow All 893 LinesShow Last 20 Lines

clang/include/clang/Basic/AttrDocs.td

Show First 20 LinesShow All 5,428 Lines▼ Show 20 Lines.. code-block: c++
int __attribute__((noderef)) &y = x; // warning: 'noderef' can only be used on an array or pointer type int __attribute__((noderef)) &y = x; // warning: 'noderef' can only be used on an array or pointer type
.. code-block: objc .. code-block: objc
id __attribute__((noderef)) obj = [NSObject new]; // warning: 'noderef' can only be used on an array or pointer type id __attribute__((noderef)) obj = [NSObject new]; // warning: 'noderef' can only be used on an array or pointer type
}]; }];
} }
def KCFIUncheckedDocs : Documentation {
let Category = DocCatFunction;
let Content = [{
The ``kcfi_unchecked`` attribute causes Clang to not emit :ref:`KCFI<kcfi>`
checks for indirect calls made through annotated function types.
.. code-block:: c
int f1(void) { return 0; }
int (*p1)(void) = f1;
p1(); // checked
int (*p2)(void) __attribute__((kcfi_unchecked)) = f1;
p2(); // unchecked
typedef typeof(f1) * __attribute__((kcfi_unchecked) unchecked_t;
((unchecked_t)f1)(); // unchecked
unchecked_t p3 = f1;
p3(); // unchecked
}];
}
def ReinitializesDocs : Documentation { def ReinitializesDocs : Documentation {
let Category = DocCatFunction; let Category = DocCatFunction;
let Content = [{ let Content = [{
The ``reinitializes`` attribute can be applied to a non-static, non-const C++ The ``reinitializes`` attribute can be applied to a non-static, non-const C++
member function to indicate that this member function reinitializes the entire member function to indicate that this member function reinitializes the entire
object to a known state, independent of the previous state of the object. object to a known state, independent of the previous state of the object.
This attribute can be interpreted by static analyzers that warn about uses of an This attribute can be interpreted by static analyzers that warn about uses of an
▲ Show 20 LinesShow All 926 LinesShow Last 20 Lines

clang/include/clang/CodeGen/CGFunctionInfo.h

Show First 20 LinesShow All 583 Lines▼ Show 20 Linesclass CGFunctionInfo final
unsigned RegParm : 3; unsigned RegParm : 3;
/// Whether this function has nocf_check attribute. /// Whether this function has nocf_check attribute.
unsigned NoCfCheck : 1; unsigned NoCfCheck : 1;
/// Log 2 of the maximum vector width. /// Log 2 of the maximum vector width.
unsigned MaxVectorWidth : 4; unsigned MaxVectorWidth : 4;
/// Whether this function has kcfi_unchecked attribute.
unsigned KCFIUnchecked : 1;
RequiredArgs Required; RequiredArgs Required;
/// The struct representing all arguments passed in memory. Only used when /// The struct representing all arguments passed in memory. Only used when
/// passing non-trivial types with inalloca. Not part of the profile. /// passing non-trivial types with inalloca. Not part of the profile.
llvm::StructType *ArgStruct; llvm::StructType *ArgStruct;
unsigned ArgStructAlign : 31; unsigned ArgStructAlign : 31;
unsigned HasExtParameterInfos : 1; unsigned HasExtParameterInfos : 1;
▲ Show 20 LinesShow All 72 Lines▼ Show 20 Linespublic:
bool isReturnsRetained() const { return ReturnsRetained; } bool isReturnsRetained() const { return ReturnsRetained; }
/// Whether this function no longer saves caller registers. /// Whether this function no longer saves caller registers.
bool isNoCallerSavedRegs() const { return NoCallerSavedRegs; } bool isNoCallerSavedRegs() const { return NoCallerSavedRegs; }
/// Whether this function has nocf_check attribute. /// Whether this function has nocf_check attribute.
bool isNoCfCheck() const { return NoCfCheck; } bool isNoCfCheck() const { return NoCfCheck; }
/// Whether this function has kcfi_unchecked attribute.
bool isKCFIUnchecked() const { return KCFIUnchecked; }
/// getASTCallingConvention() - Return the AST-specified calling /// getASTCallingConvention() - Return the AST-specified calling
/// convention. /// convention.
CallingConv getASTCallingConvention() const { CallingConv getASTCallingConvention() const {
return CallingConv(ASTCallingConvention); return CallingConv(ASTCallingConvention);
} }
/// getCallingConvention - Return the user specified calling /// getCallingConvention - Return the user specified calling
/// convention, which has been translated into an LLVM CC. /// convention, which has been translated into an LLVM CC.
Show All 10 Linespublic:
bool getHasRegParm() const { return HasRegParm; } bool getHasRegParm() const { return HasRegParm; }
unsigned getRegParm() const { return RegParm; } unsigned getRegParm() const { return RegParm; }
FunctionType::ExtInfo getExtInfo() const { FunctionType::ExtInfo getExtInfo() const {
return FunctionType::ExtInfo(isNoReturn(), getHasRegParm(), getRegParm(), return FunctionType::ExtInfo(isNoReturn(), getHasRegParm(), getRegParm(),
getASTCallingConvention(), isReturnsRetained(), getASTCallingConvention(), isReturnsRetained(),
isNoCallerSavedRegs(), isNoCfCheck(), isNoCallerSavedRegs(), isNoCfCheck(),
isCmseNSCall()); isCmseNSCall(), isKCFIUnchecked());
} }
CanQualType getReturnType() const { return getArgsBuffer()[0].type; } CanQualType getReturnType() const { return getArgsBuffer()[0].type; }
ABIArgInfo &getReturnInfo() { return getArgsBuffer()[0].info; } ABIArgInfo &getReturnInfo() { return getArgsBuffer()[0].info; }
const ABIArgInfo &getReturnInfo() const { return getArgsBuffer()[0].info; } const ABIArgInfo &getReturnInfo() const { return getArgsBuffer()[0].info; }
ArrayRef<ExtParameterInfo> getExtParameterInfos() const { ArrayRef<ExtParameterInfo> getExtParameterInfos() const {
Show All 36 Lines void Profile(llvm::FoldingSetNodeID &ID) {
ID.AddBoolean(ChainCall); ID.AddBoolean(ChainCall);
ID.AddBoolean(NoReturn); ID.AddBoolean(NoReturn);
ID.AddBoolean(ReturnsRetained); ID.AddBoolean(ReturnsRetained);
ID.AddBoolean(NoCallerSavedRegs); ID.AddBoolean(NoCallerSavedRegs);
ID.AddBoolean(HasRegParm); ID.AddBoolean(HasRegParm);
ID.AddInteger(RegParm); ID.AddInteger(RegParm);
ID.AddBoolean(NoCfCheck); ID.AddBoolean(NoCfCheck);
ID.AddBoolean(CmseNSCall); ID.AddBoolean(CmseNSCall);
ID.AddBoolean(KCFIUnchecked);
ID.AddInteger(Required.getOpaqueData()); ID.AddInteger(Required.getOpaqueData());
ID.AddBoolean(HasExtParameterInfos); ID.AddBoolean(HasExtParameterInfos);
if (HasExtParameterInfos) { if (HasExtParameterInfos) {
for (auto paramInfo : getExtParameterInfos()) for (auto paramInfo : getExtParameterInfos())
ID.AddInteger(paramInfo.getOpaqueValue()); ID.AddInteger(paramInfo.getOpaqueValue());
} }
getReturnType().Profile(ID); getReturnType().Profile(ID);
for (const auto &I : arguments()) for (const auto &I : arguments())
Show All 12 Lines static void Profile(llvm::FoldingSetNodeID &ID,
ID.AddBoolean(ChainCall); ID.AddBoolean(ChainCall);
ID.AddBoolean(info.getNoReturn()); ID.AddBoolean(info.getNoReturn());
ID.AddBoolean(info.getProducesResult()); ID.AddBoolean(info.getProducesResult());
ID.AddBoolean(info.getNoCallerSavedRegs()); ID.AddBoolean(info.getNoCallerSavedRegs());
ID.AddBoolean(info.getHasRegParm()); ID.AddBoolean(info.getHasRegParm());
ID.AddInteger(info.getRegParm()); ID.AddInteger(info.getRegParm());
ID.AddBoolean(info.getNoCfCheck()); ID.AddBoolean(info.getNoCfCheck());
ID.AddBoolean(info.getCmseNSCall()); ID.AddBoolean(info.getCmseNSCall());
ID.AddBoolean(info.getKCFIUnchecked());
ID.AddInteger(required.getOpaqueData()); ID.AddInteger(required.getOpaqueData());
ID.AddBoolean(!paramInfos.empty()); ID.AddBoolean(!paramInfos.empty());
if (!paramInfos.empty()) { if (!paramInfos.empty()) {
for (auto paramInfo : paramInfos) for (auto paramInfo : paramInfos)
ID.AddInteger(paramInfo.getOpaqueValue()); ID.AddInteger(paramInfo.getOpaqueValue());
} }
resultType.Profile(ID); resultType.Profile(ID);
for (ArrayRef<CanQualType>::iterator for (ArrayRef<CanQualType>::iterator
Show All 10 Lines

clang/lib/AST/ASTContext.cpp

  • This file is larger than 256 KB, so syntax highlighting is disabled by default.
Show First 20 LinesShow All 10,037 Lines▼ Show 20 Lines if (lbaseInfo.getRegParm() != rbaseInfo.getRegParm())
return {}; return {};
if (lbaseInfo.getProducesResult() != rbaseInfo.getProducesResult()) if (lbaseInfo.getProducesResult() != rbaseInfo.getProducesResult())
return {}; return {};
if (lbaseInfo.getNoCallerSavedRegs() != rbaseInfo.getNoCallerSavedRegs()) if (lbaseInfo.getNoCallerSavedRegs() != rbaseInfo.getNoCallerSavedRegs())
return {}; return {};
if (lbaseInfo.getNoCfCheck() != rbaseInfo.getNoCfCheck()) if (lbaseInfo.getNoCfCheck() != rbaseInfo.getNoCfCheck())
return {}; return {};
if (lbaseInfo.getKCFIUnchecked() != rbaseInfo.getKCFIUnchecked())
return {};
// FIXME: some uses, e.g. conditional exprs, really want this to be 'both'. // FIXME: some uses, e.g. conditional exprs, really want this to be 'both'.
bool NoReturn = lbaseInfo.getNoReturn() || rbaseInfo.getNoReturn(); bool NoReturn = lbaseInfo.getNoReturn() || rbaseInfo.getNoReturn();
if (lbaseInfo.getNoReturn() != NoReturn) if (lbaseInfo.getNoReturn() != NoReturn)
allLTypes = false; allLTypes = false;
if (rbaseInfo.getNoReturn() != NoReturn) if (rbaseInfo.getNoReturn() != NoReturn)
allRTypes = false; allRTypes = false;
▲ Show 20 LinesShow All 2,253 LinesShow Last 20 Lines

clang/lib/AST/ASTStructuralEquivalence.cpp

Show First 20 LinesShow All 613 Lines▼ Show 20 Lines if (EI1.getRegParm() != EI2.getRegParm())
return false; return false;
if (EI1.getProducesResult() != EI2.getProducesResult()) if (EI1.getProducesResult() != EI2.getProducesResult())
return false; return false;
if (EI1.getNoCallerSavedRegs() != EI2.getNoCallerSavedRegs()) if (EI1.getNoCallerSavedRegs() != EI2.getNoCallerSavedRegs())
return false; return false;
if (EI1.getNoCfCheck() != EI2.getNoCfCheck()) if (EI1.getNoCfCheck() != EI2.getNoCfCheck())
return false; return false;
if (EI1.getKCFIUnchecked() != EI2.getKCFIUnchecked())
return false;
return true; return true;
} }
/// Check the equivalence of exception specifications. /// Check the equivalence of exception specifications.
static bool IsEquivalentExceptionSpec(StructuralEquivalenceContext &Context, static bool IsEquivalentExceptionSpec(StructuralEquivalenceContext &Context,
const FunctionProtoType *Proto1, const FunctionProtoType *Proto1,
const FunctionProtoType *Proto2) { const FunctionProtoType *Proto2) {
▲ Show 20 LinesShow All 1,533 LinesShow Last 20 Lines

clang/lib/AST/TypePrinter.cpp

Show First 20 LinesShow All 998 Lines▼ Show 20 Lines if (Info.getProducesResult())
OS << " __attribute__((ns_returns_retained))"; OS << " __attribute__((ns_returns_retained))";
if (Info.getRegParm()) if (Info.getRegParm())
OS << " __attribute__((regparm (" OS << " __attribute__((regparm ("
<< Info.getRegParm() << ")))"; << Info.getRegParm() << ")))";
if (Info.getNoCallerSavedRegs()) if (Info.getNoCallerSavedRegs())
OS << " __attribute__((no_caller_saved_registers))"; OS << " __attribute__((no_caller_saved_registers))";
if (Info.getNoCfCheck()) if (Info.getNoCfCheck())
OS << " __attribute__((nocf_check))"; OS << " __attribute__((nocf_check))";
if (Info.getKCFIUnchecked())
OS << " __attribute__((kcfi_unchecked))";
} }
void TypePrinter::printFunctionNoProtoBefore(const FunctionNoProtoType *T, void TypePrinter::printFunctionNoProtoBefore(const FunctionNoProtoType *T,
raw_ostream &OS) { raw_ostream &OS) {
// If needed for precedence reasons, wrap the inner part in grouping parens. // If needed for precedence reasons, wrap the inner part in grouping parens.
SaveAndRestore<bool> PrevPHIsEmpty(HasEmptyPlaceHolder, false); SaveAndRestore<bool> PrevPHIsEmpty(HasEmptyPlaceHolder, false);
printBefore(T->getReturnType(), OS); printBefore(T->getReturnType(), OS);
if (!PrevPHIsEmpty.get()) if (!PrevPHIsEmpty.get())
▲ Show 20 LinesShow All 708 Lines▼ Show 20 Lines#include "clang/Basic/AttrList.inc"
case attr::NSReturnsRetained: case attr::NSReturnsRetained:
OS << "ns_returns_retained"; OS << "ns_returns_retained";
break; break;
// FIXME: When Sema learns to form this AttributedType, avoid printing the // FIXME: When Sema learns to form this AttributedType, avoid printing the
// attribute again in printFunctionProtoAfter. // attribute again in printFunctionProtoAfter.
case attr::AnyX86NoCfCheck: OS << "nocf_check"; break; case attr::AnyX86NoCfCheck: OS << "nocf_check"; break;
case attr::KCFIUnchecked:
OS << "kcfi_unchecked";
break;
case attr::CDecl: OS << "cdecl"; break; case attr::CDecl: OS << "cdecl"; break;
case attr::FastCall: OS << "fastcall"; break; case attr::FastCall: OS << "fastcall"; break;
case attr::StdCall: OS << "stdcall"; break; case attr::StdCall: OS << "stdcall"; break;
case attr::ThisCall: OS << "thiscall"; break; case attr::ThisCall: OS << "thiscall"; break;
case attr::SwiftCall: OS << "swiftcall"; break; case attr::SwiftCall: OS << "swiftcall"; break;
case attr::SwiftAsyncCall: OS << "swiftasynccall"; break; case attr::SwiftAsyncCall: OS << "swiftasynccall"; break;
case attr::VectorCall: OS << "vectorcall"; break; case attr::VectorCall: OS << "vectorcall"; break;
case attr::Pascal: OS << "pascal"; break; case attr::Pascal: OS << "pascal"; break;
▲ Show 20 LinesShow All 571 LinesShow Last 20 Lines

clang/lib/CodeGen/CGCall.cpp

Show First 20 LinesShow All 819 Lines▼ Show 20 LinesCGFunctionInfo *CGFunctionInfo::create(unsigned llvmCC,
FI->ASTCallingConvention = info.getCC(); FI->ASTCallingConvention = info.getCC();
FI->InstanceMethod = instanceMethod; FI->InstanceMethod = instanceMethod;
FI->ChainCall = chainCall; FI->ChainCall = chainCall;
FI->CmseNSCall = info.getCmseNSCall(); FI->CmseNSCall = info.getCmseNSCall();
FI->NoReturn = info.getNoReturn(); FI->NoReturn = info.getNoReturn();
FI->ReturnsRetained = info.getProducesResult(); FI->ReturnsRetained = info.getProducesResult();
FI->NoCallerSavedRegs = info.getNoCallerSavedRegs(); FI->NoCallerSavedRegs = info.getNoCallerSavedRegs();
FI->NoCfCheck = info.getNoCfCheck(); FI->NoCfCheck = info.getNoCfCheck();
FI->KCFIUnchecked = info.getKCFIUnchecked();
FI->Required = required; FI->Required = required;
FI->HasRegParm = info.getHasRegParm(); FI->HasRegParm = info.getHasRegParm();
FI->RegParm = info.getRegParm(); FI->RegParm = info.getRegParm();
FI->ArgStruct = nullptr; FI->ArgStruct = nullptr;
FI->ArgStructAlign = 0; FI->ArgStructAlign = 0;
FI->NumArgs = argTypes.size(); FI->NumArgs = argTypes.size();
FI->HasExtParameterInfos = !paramInfos.empty(); FI->HasExtParameterInfos = !paramInfos.empty();
FI->getArgsBuffer()[0].type = resultType; FI->getArgsBuffer()[0].type = resultType;
▲ Show 20 LinesShow All 4,777 LinesShow Last 20 Lines

clang/lib/CodeGen/CGExpr.cpp

Show First 20 LinesShow All 5,309 Lines▼ Show 20 Lines if (CGM.getCodeGenOpts().SanitizeCfiCrossDso && CrossDsoTypeId) {
CastedCallee, StaticData); CastedCallee, StaticData);
} else { } else {
EmitCheck(std::make_pair(TypeTest, SanitizerKind::CFIICall), EmitCheck(std::make_pair(TypeTest, SanitizerKind::CFIICall),
SanitizerHandler::CFICheckFail, StaticData, SanitizerHandler::CFICheckFail, StaticData,
{CastedCallee, llvm::UndefValue::get(IntPtrTy)}); {CastedCallee, llvm::UndefValue::get(IntPtrTy)});
} }
} }
if (SanOpts.has(SanitizerKind::KCFI) && IsIndirectCall) if (SanOpts.has(SanitizerKind::KCFI) && IsIndirectCall) {
if ((!TargetDecl || !TargetDecl->hasAttr<KCFIUncheckedAttr>()) &&
!getFunctionExtInfo(CalleeType).getKCFIUnchecked())
EmitKCFICheck(Callee.getFunctionPointer(), EmitKCFICheck(Callee.getFunctionPointer(),
CGM.CreateKCFITypeId(QualType(FnType, 0))); CGM.CreateKCFITypeId(QualType(FnType, 0)));
}
CallArgList Args; CallArgList Args;
if (Chain) if (Chain)
Args.add(RValue::get(Builder.CreateBitCast(Chain, CGM.VoidPtrTy)), Args.add(RValue::get(Builder.CreateBitCast(Chain, CGM.VoidPtrTy)),
CGM.getContext().VoidPtrTy); CGM.getContext().VoidPtrTy);
// C++17 requires that we evaluate arguments to a call using assignment syntax // C++17 requires that we evaluate arguments to a call using assignment syntax
// right-to-left, and that we evaluate arguments to certain other operators // right-to-left, and that we evaluate arguments to certain other operators
▲ Show 20 LinesShow All 228 LinesShow Last 20 Lines

clang/lib/Sema/SemaDeclAttr.cpp

  • This file is larger than 256 KB, so syntax highlighting is disabled by default.
Show First 20 LinesShow All 8,461 Lines▼ Show 20 Lines case ParsedAttr::AT_NoReturn:
handleNoReturnAttr(S, D, AL); handleNoReturnAttr(S, D, AL);
break; break;
case ParsedAttr::AT_CXX11NoReturn: case ParsedAttr::AT_CXX11NoReturn:
handleStandardNoReturnAttr(S, D, AL); handleStandardNoReturnAttr(S, D, AL);
break; break;
case ParsedAttr::AT_AnyX86NoCfCheck: case ParsedAttr::AT_AnyX86NoCfCheck:
handleNoCfCheckAttr(S, D, AL); handleNoCfCheckAttr(S, D, AL);
break; break;
case ParsedAttr::AT_KCFIUnchecked:
handleSimpleAttribute<KCFIUncheckedAttr>(S, D, AL);
break;
case ParsedAttr::AT_NoThrow: case ParsedAttr::AT_NoThrow:
if (!AL.isUsedAsTypeAttr()) if (!AL.isUsedAsTypeAttr())
handleSimpleAttribute<NoThrowAttr>(S, D, AL); handleSimpleAttribute<NoThrowAttr>(S, D, AL);
break; break;
case ParsedAttr::AT_CUDAShared: case ParsedAttr::AT_CUDAShared:
handleSharedAttr(S, D, AL); handleSharedAttr(S, D, AL);
break; break;
case ParsedAttr::AT_VecReturn: case ParsedAttr::AT_VecReturn:
▲ Show 20 LinesShow All 794 LinesShow Last 20 Lines

clang/lib/Sema/SemaType.cpp

  • This file is larger than 256 KB, so syntax highlighting is disabled by default.
Show First 20 LinesShow All 130 Lines▼ Show 20 Lines
// Function type attributes. // Function type attributes.
#define FUNCTION_TYPE_ATTRS_CASELIST \ #define FUNCTION_TYPE_ATTRS_CASELIST \
case ParsedAttr::AT_NSReturnsRetained: \ case ParsedAttr::AT_NSReturnsRetained: \
case ParsedAttr::AT_NoReturn: \ case ParsedAttr::AT_NoReturn: \
case ParsedAttr::AT_Regparm: \ case ParsedAttr::AT_Regparm: \
case ParsedAttr::AT_CmseNSCall: \ case ParsedAttr::AT_CmseNSCall: \
case ParsedAttr::AT_AnyX86NoCallerSavedRegisters: \ case ParsedAttr::AT_AnyX86NoCallerSavedRegisters: \
case ParsedAttr::AT_AnyX86NoCfCheck: \ case ParsedAttr::AT_AnyX86NoCfCheck: \
case ParsedAttr::AT_KCFIUnchecked: \
CALLING_CONV_ATTRS_CASELIST CALLING_CONV_ATTRS_CASELIST
// Microsoft-specific type qualifiers. // Microsoft-specific type qualifiers.
#define MS_TYPE_ATTRS_CASELIST \ #define MS_TYPE_ATTRS_CASELIST \
case ParsedAttr::AT_Ptr32: \ case ParsedAttr::AT_Ptr32: \
case ParsedAttr::AT_Ptr64: \ case ParsedAttr::AT_Ptr64: \
case ParsedAttr::AT_SPtr: \ case ParsedAttr::AT_SPtr: \
case ParsedAttr::AT_UPtr case ParsedAttr::AT_UPtr
▲ Show 20 LinesShow All 7,453 Lines▼ Show 20 Lines if (!unwrapped.isFunctionType())
return true; return true;
FunctionType::ExtInfo EI = FunctionType::ExtInfo EI =
unwrapped.get()->getExtInfo().withNoCfCheck(true); unwrapped.get()->getExtInfo().withNoCfCheck(true);
type = unwrapped.wrap(S, S.Context.adjustFunctionType(unwrapped.get(), EI)); type = unwrapped.wrap(S, S.Context.adjustFunctionType(unwrapped.get(), EI));
return true; return true;
} }
if (attr.getKind() == ParsedAttr::AT_KCFIUnchecked) {
if (S.CheckAttrTarget(attr) || S.CheckAttrNoArgs(attr))
return true;
// If this is not a function type, warning will be asserted by subject
// check.
if (!unwrapped.isFunctionType())
return true;
FunctionType::ExtInfo EI =
unwrapped.get()->getExtInfo().withKCFIUnchecked(true);
type = unwrapped.wrap(S, S.Context.adjustFunctionType(unwrapped.get(), EI));
return true;
}
if (attr.getKind() == ParsedAttr::AT_Regparm) { if (attr.getKind() == ParsedAttr::AT_Regparm) {
unsigned value; unsigned value;
if (S.CheckRegparmAttr(attr, value)) if (S.CheckRegparmAttr(attr, value))
return true; return true;
// Delay if this is not a function type. // Delay if this is not a function type.
if (!unwrapped.isFunctionType()) if (!unwrapped.isFunctionType())
return false; return false;
▲ Show 20 LinesShow All 1,538 LinesShow Last 20 Lines

clang/lib/Serialization/ASTWriter.cpp

Show First 20 LinesShow All 606 Lines▼ Show 20 Linesvoid ASTWriter::WriteTypeAbbrevs() {
Abv->Add(BitCodeAbbrevOp(BitCodeAbbrevOp::Fixed, 1)); // NoReturn Abv->Add(BitCodeAbbrevOp(BitCodeAbbrevOp::Fixed, 1)); // NoReturn
Abv->Add(BitCodeAbbrevOp(0)); // HasRegParm Abv->Add(BitCodeAbbrevOp(0)); // HasRegParm
Abv->Add(BitCodeAbbrevOp(0)); // RegParm Abv->Add(BitCodeAbbrevOp(0)); // RegParm
Abv->Add(BitCodeAbbrevOp(BitCodeAbbrevOp::Fixed, 4)); // CC Abv->Add(BitCodeAbbrevOp(BitCodeAbbrevOp::Fixed, 4)); // CC
Abv->Add(BitCodeAbbrevOp(0)); // ProducesResult Abv->Add(BitCodeAbbrevOp(0)); // ProducesResult
Abv->Add(BitCodeAbbrevOp(0)); // NoCallerSavedRegs Abv->Add(BitCodeAbbrevOp(0)); // NoCallerSavedRegs
Abv->Add(BitCodeAbbrevOp(0)); // NoCfCheck Abv->Add(BitCodeAbbrevOp(0)); // NoCfCheck
Abv->Add(BitCodeAbbrevOp(BitCodeAbbrevOp::Fixed, 1)); // CmseNSCall Abv->Add(BitCodeAbbrevOp(BitCodeAbbrevOp::Fixed, 1)); // CmseNSCall
Abv->Add(BitCodeAbbrevOp(0)); // KCFIUnchecked
// FunctionProtoType // FunctionProtoType
Abv->Add(BitCodeAbbrevOp(0)); // IsVariadic Abv->Add(BitCodeAbbrevOp(0)); // IsVariadic
Abv->Add(BitCodeAbbrevOp(0)); // HasTrailingReturn Abv->Add(BitCodeAbbrevOp(0)); // HasTrailingReturn
Abv->Add(BitCodeAbbrevOp(0)); // TypeQuals Abv->Add(BitCodeAbbrevOp(0)); // TypeQuals
Abv->Add(BitCodeAbbrevOp(0)); // RefQualifier Abv->Add(BitCodeAbbrevOp(0)); // RefQualifier
Abv->Add(BitCodeAbbrevOp(EST_None)); // ExceptionSpec Abv->Add(BitCodeAbbrevOp(EST_None)); // ExceptionSpec
Abv->Add(BitCodeAbbrevOp(BitCodeAbbrevOp::VBR, 6)); // NumParams Abv->Add(BitCodeAbbrevOp(BitCodeAbbrevOp::VBR, 6)); // NumParams
Abv->Add(BitCodeAbbrevOp(BitCodeAbbrevOp::Array)); Abv->Add(BitCodeAbbrevOp(BitCodeAbbrevOp::Array));
▲ Show 20 LinesShow All 6,305 LinesShow Last 20 Lines

clang/test/CodeGen/kcfi_unchecked.c

  • This file was added.
// RUN: %clang_cc1 -triple x86_64-unknown-linux-gnu -emit-llvm -fsanitize=kcfi -o - %s | FileCheck %s
#if !__has_feature(kcfi)
#error Missing kcfi
#endif
// CHECK-LABEL: define dso_local i32 @f1(){{.*}} prefix i32 [[#%d,HASH:]]
int f1(void) { return 0; }
typedef int (*fn_t)(void);
typedef int (*fn_unchecked_t)(void) __attribute__((kcfi_unchecked));
typedef typeof(f1) *fn_typeof_t;
typedef typeof(f1) *__attribute__((kcfi_unchecked)) fn_typeof_unchecked_t;
// CHECK-LABEL: define{{.*}} i32 @checked()
int checked(void) {
// CHECK: call void @llvm.kcfi.check(i8* %[[#]], i32 [[#HASH]])
// CHECK-NEXT: call i32 %
return ({ &f1; })();
}
// CHECK-LABEL: define{{.*}} i32 @checked_typedef_cast()
int checked_typedef_cast(void) {
// CHECK: call void @llvm.kcfi.check(i8* %[[#]], i32 [[#HASH]])
// CHECK-NEXT: call i32 %
return ({ (fn_t) & f1; })();
}
// CHECK-LABEL: define{{.*}} i32 @checked_outside_typedef_cast()
int checked_outside_typedef_cast(void) {
// CHECK: call void @llvm.kcfi.check(i8* %[[#]], i32 [[#HASH]])
// CHECK-NEXT: call i32 %
return ((fn_t)({ &f1; }))();
}
// CHECK-LABEL: define{{.*}} i32 @checked_typeof_typedef_cast()
int checked_typeof_typedef_cast(void) {
// CHECK: call void @llvm.kcfi.check(i8* %[[#]], i32 [[#HASH]])
// CHECK-NEXT: call i32 %
return ({ (fn_typeof_t) & f1; })();
}
// CHECK-LABEL: define{{.*}} i32 @checked_var()
int checked_var(void) {
// CHECK: call void @llvm.kcfi.check(i8* %[[#]], i32 [[#HASH]])
// CHECK-NEXT: call i32 %
fn_t p = f1;
return p();
}
// CHECK-LABEL: define{{.*}} i32 @checked_param(i32 ()*
int checked_param(fn_t p) {
// CHECK: call void @llvm.kcfi.check(i8* %[[#]], i32 [[#HASH]])
// CHECK-NEXT: call i32 %
return p();
}
// CHECK-LABEL: define{{.*}} i32 @unchecked_typedef_cast()
int unchecked_typedef_cast(void) {
// CHECK-NOT: call void @llvm.kcfi.check
// CHECK: call i32 %
return ({ (fn_unchecked_t) & f1; })();
}
// CHECK-LABEL: define{{.*}} i32 @unchecked_outside_typedef_cast()
int unchecked_outside_typedef_cast(void) {
// CHECK-NOT: call void @llvm.kcfi.check
// CHECK: call i32 %
return ((fn_unchecked_t)({ &f1; }))();
}
// CHECK-LABEL: define{{.*}} i32 @unchecked_typeof_typedef_cast()
int unchecked_typeof_typedef_cast(void) {
// CHECK-NOT: call void @llvm.kcfi.check
// CHECK: call i32 %
return ({ (fn_typeof_unchecked_t) & f1; })();
}
// CHECK-LABEL: define{{.*}} i32 @unchecked_compound_var()
int unchecked_compound_var(void) {
// CHECK-NOT: call void @llvm.kcfi.check
// CHECK: call i32 %
return ({
fn_unchecked_t p = (fn_unchecked_t)f1;
p;
})();
}
// CHECK-LABEL: define{{.*}} i32 @unchecked_compound_local_typedef_cast()
int unchecked_compound_local_typedef_cast(void) {
// CHECK-NOT: call void @llvm.kcfi.check
// CHECK: call i32 %
return ({
typedef typeof(f1) *__attribute__((kcfi_unchecked)) fn_local_unchecked_t;
(fn_local_unchecked_t) & f1;
})();
}
// CHECK-LABEL: define{{.*}} i32 @unchecked_var()
int unchecked_var(void) {
// CHECK-NOT: call void @llvm.kcfi.check
// CHECK: call i32 %
fn_unchecked_t p = (fn_unchecked_t)f1;
return p();
}
// CHECK-LABEL: define{{.*}} i32 @unchecked_var_attr()
int unchecked_var_attr(void) {
// CHECK-NOT: call void @llvm.kcfi.check
// CHECK: call i32 %
fn_t __attribute__((kcfi_unchecked)) p = (fn_t __attribute__((kcfi_unchecked)))f1;
return p();
}
// CHECK-LABEL: define{{.*}} i32 @unchecked_type_cast()
int unchecked_type_cast(void) {
// CHECK-NOT: call void @llvm.kcfi.check
// CHECK: call i32 @f1
return ((fn_unchecked_t)f1)();
}
// CHECK-LABEL: define{{.*}} i32 @unchecked_var_cast()
int unchecked_var_cast(void) {
// CHECK-NOT: call void @llvm.kcfi.check
// CHECK: call i32 @f1
return ((fn_t __attribute__((kcfi_unchecked)))f1)();
}
// CHECK-LABEL: define{{.*}} i32 @unchecked_cast()
int unchecked_cast(void) {
// CHECK-NOT: call void @llvm.kcfi.check
// CHECK: call i32 @f1
return ((int (*__attribute__((kcfi_unchecked)))(void))f1)();
}
// CHECK-LABEL: define{{.*}} i32 @unchecked_param(i32 ()*
int unchecked_param(fn_t __attribute__((kcfi_unchecked)) p) {
// CHECK-NOT: call void @llvm.kcfi.check
// CHECK: call i32 %
return p();
}

clang/test/CodeGen/kcfi_unchecked.cpp

  • This file was added.
// RUN: %clang_cc1 -triple x86_64-unknown-linux-gnu -emit-llvm -fsanitize=kcfi -o - %s | FileCheck %s
#if !__has_feature(kcfi)
#error Missing kcfi
#endif
// CHECK-LABEL: define{{.*}} i32 @_Z2f1v(){{.*}} prefix i32 [[#%d,HASH:]]
int f1(void) { return 0; }
// CHECK-LABEL: define{{.*}} i32 @_Z2f2v(){{.*}} prefix i32 [[#%d,HASH2:]]
unsigned int f2(void) { return 1; }
template <typename T> int call(T p) { return p(); }
// CHECK-LABEL: define{{.*}} i32 @_Z7checkedv()
int checked() {
// CHECK: call void @llvm.kcfi.check(i8* %[[#]], i32 [[#HASH]])
// CHECK-NEXT: call{{.*}} i32 %[[#]]()
return ({ &f1; })();
}
// CHECK-LABEL: define{{.*}} i32 @_Z16checked_templatev()
int checked_template() {
// CHECK: call{{.*}} i32 @_Z4callIPFjvEEiT_(i32 ()*{{.*}} @_Z2f2v)
return call(f2);
}
// CHECK-LABEL: define{{.*}} i32 @_Z4callIPFjvEEiT_(i32 ()*{{.*}} %p)
// CHECK: call void @llvm.kcfi.check(i8* %[[#]], i32 [[#HASH2]])
// CHECK-NEXT: call{{.*}} i32 %[[#]]()
// CHECK-LABEL: define{{.*}} i32 @_Z19unchecked_template1v()
int unchecked_template1() {
using unchecked_t = int (*)() [[clang::kcfi_unchecked]];
unchecked_t p = (unchecked_t)f1;
// CHECK: call{{.*}} i32 @_Z4callIPFivEEiT_(i32 ()*{{.*}} %[[#]])
return call(p);
}
// CHECK-LABEL: define{{.*}} i32 @_Z4callIPFivEEiT_(i32 ()*{{.*}} %p)
// CHECK-NOT: call void @llvm.kcfi.check
// CHECK: call{{.*}} i32 %[[#]]()
// CHECK-LABEL: define{{.*}} i32 @_Z19unchecked_template2v()
int unchecked_template2() {
using unchecked_t = int (*)() [[clang::kcfi_unchecked]];
// CHECK: call{{.*}} i32 @_Z4callIPFivEEiT_(i32 ()*{{.*}} @_Z2f2v)
return call((unchecked_t)f2);
}

clang/test/Misc/pragma-attribute-supported-attributes-list.test

Show First 20 LinesShow All 70 Lines▼ Show 20 Lines
// CHECK-NEXT: Flatten (SubjectMatchRule_function) // CHECK-NEXT: Flatten (SubjectMatchRule_function)
// CHECK-NEXT: GNUInline (SubjectMatchRule_function) // CHECK-NEXT: GNUInline (SubjectMatchRule_function)
// CHECK-NEXT: HIPManaged (SubjectMatchRule_variable) // CHECK-NEXT: HIPManaged (SubjectMatchRule_variable)
// CHECK-NEXT: Hot (SubjectMatchRule_function) // CHECK-NEXT: Hot (SubjectMatchRule_function)
// CHECK-NEXT: IBAction (SubjectMatchRule_objc_method_is_instance) // CHECK-NEXT: IBAction (SubjectMatchRule_objc_method_is_instance)
// CHECK-NEXT: IFunc (SubjectMatchRule_function) // CHECK-NEXT: IFunc (SubjectMatchRule_function)
// CHECK-NEXT: InitPriority (SubjectMatchRule_variable) // CHECK-NEXT: InitPriority (SubjectMatchRule_variable)
// CHECK-NEXT: InternalLinkage (SubjectMatchRule_variable, SubjectMatchRule_function, SubjectMatchRule_record) // CHECK-NEXT: InternalLinkage (SubjectMatchRule_variable, SubjectMatchRule_function, SubjectMatchRule_record)
// CHECK-NEXT: KCFIUnchecked (SubjectMatchRule_hasType_functionType)
// CHECK-NEXT: LTOVisibilityPublic (SubjectMatchRule_record) // CHECK-NEXT: LTOVisibilityPublic (SubjectMatchRule_record)
// CHECK-NEXT: Leaf (SubjectMatchRule_function) // CHECK-NEXT: Leaf (SubjectMatchRule_function)
// CHECK-NEXT: LoaderUninitialized (SubjectMatchRule_variable_is_global) // CHECK-NEXT: LoaderUninitialized (SubjectMatchRule_variable_is_global)
// CHECK-NEXT: Lockable (SubjectMatchRule_record) // CHECK-NEXT: Lockable (SubjectMatchRule_record)
// CHECK-NEXT: MIGServerRoutine (SubjectMatchRule_function, SubjectMatchRule_objc_method, SubjectMatchRule_block) // CHECK-NEXT: MIGServerRoutine (SubjectMatchRule_function, SubjectMatchRule_objc_method, SubjectMatchRule_block)
// CHECK-NEXT: MSStruct (SubjectMatchRule_record) // CHECK-NEXT: MSStruct (SubjectMatchRule_record)
// CHECK-NEXT: MicroMips (SubjectMatchRule_function) // CHECK-NEXT: MicroMips (SubjectMatchRule_function)
// CHECK-NEXT: MinSize (SubjectMatchRule_function, SubjectMatchRule_objc_method) // CHECK-NEXT: MinSize (SubjectMatchRule_function, SubjectMatchRule_objc_method)
▲ Show 20 LinesShow All 110 LinesShow Last 20 Lines

clang/test/Sema/attr-kcfi_unchecked.c

  • This file was added.
// RUN: %clang_cc1 %s -verify -fsyntax-only
int a __attribute__((kcfi_unchecked)); // expected-warning {{'kcfi_unchecked' attribute only applies to functions and function pointers}}
void *p __attribute__((kcfi_unchecked)); // expected-warning {{'kcfi_unchecked' attribute only applies to functions and function pointers}}
void (*f)(void) __attribute__((kcfi_unchecked));
void (*g)(void) __attribute__((kcfi_unchecked("argument"))); // expected-error {{'kcfi_unchecked' attribute takes no arguments}}
typedef unsigned long l_unchecked_t __attribute__((kcfi_unchecked)); // expected-warning {{'kcfi_unchecked' attribute only applies to functions and function pointers}}
typedef int (*f_unchecked_t)(void) __attribute__((kcfi_unchecked));
void f1(unsigned long p __attribute__((kcfi_unchecked))) {} // expected-warning {{'kcfi_unchecked' attribute only applies to functions and function pointers}}
void f2(void *p __attribute__((kcfi_unchecked))) {} // expected-warning {{'kcfi_unchecked' attribute only applies to functions and function pointers}}
void f3(void (*p)(void) __attribute__((kcfi_unchecked))) {}
void f4(void) __attribute__((kcfi_unchecked)) {}
void test(void) {
((void (*__attribute__((kcfi_unchecked)))(void))f4)();
}

clang/test/Sema/attr-kcfi_unchecked.cpp

  • This file was added.
// RUN: %clang_cc1 -triple x86_64-unknown-unknown -verify -std=c++11 -fsyntax-only %s
typedef void (*fn_unchecked_t)(void) [[clang::kcfi_unchecked]]; // no-warning
typedef void (*fn_t)(void);
int [[clang::kcfi_unchecked]] i; // expected-error {{'kcfi_unchecked' attribute cannot be applied to types}}
void f1(double i [[clang::kcfi_unchecked]]) {} // expected-warning {{'kcfi_unchecked' attribute only applies to functions and function pointers}}
void f2(fn_t f) {
fn_unchecked_t p = f; // expected-error {{cannot initialize a variable of type}}
p(); // no-warning
}
[[clang::kcfi_unchecked("argument")]] int f3(); // expected-error {{'kcfi_unchecked' attribute takes no arguments}}