To have finer control of IR uwtable attribute generation. For target code generation,
IR nounwind and uwtable may have some interaction. However, for frontend, there are
no semantic interactions so the this new nouwtable is marked "SimpleHandler = 1".
Details
Diff Detail
- Repository
- rG LLVM Github Monorepo
Unit Tests
Time | Test | |
---|---|---|
3,030 ms | x64 debian > libFuzzer.libFuzzer::fuzzer-finalstats.test |
Event Timeline
Do we have any evidence that users need this level of control or will understand how to properly use the attribute? The command line option makes sense to me because it's an all-or-nothing flag, but I'm not certain I understand the need for per-function control. Also, if a user gets this wrong (applies the attribute where they shouldn't), what is the failure mode (does it introduce any exploitable behavior)?
Thanks for taking a look!
https://github.com/llvm/llvm-project/blob/064a08cd955019da9130f1109bfa534e79b8ec7c/llvm/include/llvm/IR/Function.h#L639-L641, per-function unwind table entry depends on both nounwind and uwtable. We have nothrow attribute for nounwind but not nouwtable for uwtable. With this, a user could use function attributes to control unwind table entry generation which could only be achieved by inline assembly or writing assembly files directly. I'd consider this a companion of nothrow. So making them both per-function attribute seems natural?
Also, if a user gets this wrong (applies the attribute where they shouldn't), what is the failure mode (does it introduce any exploitable behavior)?
The flag may only suppress unwind table emission instead of causing more, the lack of unwind table may only stop control flow rather than giving it more freedom. So I think this is safe from a security perspective. Using it wrong may cause unnecessary crashes just like any other memory bugs, but not a malicious binary.
Thank you for the explanations, that helped. :-)
You're missing all of the semantic tests (that the attr takes no arguments, only applies to function-like things, etc). Also, the subject you picked is FunctionLike so you should have some test coverage showing how this works when calling through a function pointer with the attribute (or you should pick a more appropriate subject if that one is wrong).
clang/include/clang/Basic/AttrDocs.td | ||
---|---|---|
4545–4546 |