This is an archive of the discontinued LLVM Phabricator instance.

Differential D16823

[cfi] Safe handling of unaddressable vtable pointers (clang).
ClosedPublic

Authored by eugenis on Feb 2 2016, 2:17 PM.

Details

Reviewers
kcc
samsonov
pcc
Summary

Avoid crashing when printing diagnostics for vtable-related CFI
errors. In diagnostic mode, the frontend does an additional check of
the vtable pointer against the set of all known vtable addresses and
lets the runtime handler know if it is safe to inspect the vtable.

Diff Detail

Repository
rL LLVM

Event Timeline

eugenis updated this revision to Diff 46703.Feb 2 2016, 2:17 PM
eugenis retitled this revision from to [cfi] Safe handling of unaddressable vtable pointers (clang)..
eugenis updated this object.
eugenis added reviewers: pcc, kcc.
eugenis set the repository for this revision to rL LLVM.
eugenis added a subscriber: cfe-commits.
samsonov added a subscriber: samsonov.Feb 2 2016, 2:33 PM
samsonov added inline comments.
lib/CodeGen/CGExpr.cpp
2493

This is really ugly. Why are you not passing it down in DynamicArgs? Is it performance penalty you don't want to pay if the check will not succeed? How large will it be?

eugenis added inline comments.Feb 2 2016, 2:45 PM
lib/CodeGen/CGExpr.cpp
2493

Yes, I want this code to be on the failing side of the check.
This would cost about the same as the check itself, so I suspect it could double the overhead.

pcc added inline comments.Feb 2 2016, 2:55 PM
lib/CodeGen/CGExpr.cpp
2493

I would just emit the call unconditionally. We don't care too much about the performance in non-trapping mode, and if it becomes a problem in practice we can see if we can have the optimizer move the call into the conditional block (which I suspect it already knows how to do).

lib/CodeGen/CodeGenModule.cpp
4067

This conditional doesn't look right. It should be something like

if (sanitize.has(this) && !sanitizetrap.has(this)) ||
   (sanitize.has(that) && !sanitizetrap.has(that)) ||
...

But that's sufficiently ugly that I wonder if we should just do this unconditionally. It shouldn't make a difference to the generated code either way.

eugenis added inline comments.Feb 2 2016, 3:43 PM
lib/CodeGen/CGExpr.cpp
2493

I care about performance in non-trapping mode.
Doing this change would not make the code any less ugly. For example, EmitCheck may not use the argument if the check has -fsanitize-trap behaviour, in which case we get an unused llvm.bitset.test call that affects some of the clang tests.

eugenis updated this revision to Diff 46718.Feb 2 2016, 4:08 PM

Moved bitset.text call outside.
LLVM is smart enough to sink it along the cold branch, so performance should not suffer.

eugenis updated this revision to Diff 46723.Feb 2 2016, 4:23 PM
eugenis marked an inline comment as done.
eugenis added inline comments.
lib/CodeGen/CodeGenModule.cpp
4067

I don't like emitting all these bitset entries if they are not needed.
Fixed.

samsonov added inline comments.Feb 2 2016, 5:38 PM
lib/CodeGen/CGExpr.cpp
2642

This is almost the same as EmitVTablePtrCheck, but with ZExt? Is the difference intentional/important? Is it possible to extract this logic (getting "all-vtables" metadata and running bitset test) to a function?

lib/CodeGen/CodeGenModule.cpp
4034

Hm, can you write this as a loop?

eugenis added inline comments.Feb 2 2016, 6:03 PM
lib/CodeGen/CGExpr.cpp
2642

Not important. Zext makes the test a bit simpler.
Extracting these two lines to a function is surely possible, but is it worth it?

samsonov accepted this revision.Feb 3 2016, 10:38 AM
samsonov added a reviewer: samsonov.

LGTM

lib/CodeGen/CGClass.cpp
2608

Can we rewrite this as if-elseif-else block now?

lib/CodeGen/CGExpr.cpp
2642

Probably not, as long as we have the test coverage.

This revision is now accepted and ready to land.Feb 3 2016, 10:38 AM
eugenis updated this revision to Diff 46807.Feb 3 2016, 11:38 AM
eugenis edited edge metadata.
eugenis added inline comments.
lib/CodeGen/CGClass.cpp
2608

even better, with 2 early returns.

eugenis closed this revision.Feb 3 2016, 2:26 PM

http://llvm.org/viewvc/llvm-project?rev=259716&view=rev

Revision Contents

PathSize
lib/
CodeGen/
13 lines
14 lines
3 lines
25 lines
test/
CodeGen/
8 lines
CodeGenCXX/
22 lines
33 lines

Diff 46723

lib/CodeGen/CGClass.cpp

Show First 20 LinesShow All 2,599 Lines▼ Show 20 Linesvoid CodeGenFunction::EmitVTablePtrCheck(const CXXRecordDecl *RD,
llvm::Constant *StaticData[] = { llvm::Constant *StaticData[] = {
llvm::ConstantInt::get(Int8Ty, TCK), llvm::ConstantInt::get(Int8Ty, TCK),
EmitCheckSourceLocation(Loc), EmitCheckSourceLocation(Loc),
EmitCheckTypeDescriptor(QualType(RD->getTypeForDecl(), 0)), EmitCheckTypeDescriptor(QualType(RD->getTypeForDecl(), 0)),
}; };
auto TypeId = CGM.CreateCfiIdForTypeMetadata(MD); auto TypeId = CGM.CreateCfiIdForTypeMetadata(MD);
if (CGM.getCodeGenOpts().SanitizeCfiCrossDso && TypeId) { if (CGM.getCodeGenOpts().SanitizeCfiCrossDso && TypeId) {
samsonovUnsubmitted
Not Done
ReplyInline Actions

Can we rewrite this as if-elseif-else block now?

samsonov: Can we rewrite this as if-elseif-else block now?
eugenisAuthorUnsubmitted
Not Done
ReplyInline Actions

even better, with 2 early returns.

eugenis: even better, with 2 early returns.
EmitCfiSlowPathCheck(M, BitSetTest, TypeId, CastedVTable, StaticData); EmitCfiSlowPathCheck(M, BitSetTest, TypeId, CastedVTable, StaticData);
} else { } else {
if (CGM.getCodeGenOpts().SanitizeTrap.has(M)) {
EmitTrapCheck(BitSetTest);
return;
}
llvm::Value *AllVtables = llvm::MetadataAsValue::get(
CGM.getLLVMContext(),
llvm::MDString::get(CGM.getLLVMContext(), "all-vtables"));
llvm::Value *ValidVtable =
Builder.CreateCall(CGM.getIntrinsic(llvm::Intrinsic::bitset_test),
{CastedVTable, AllVtables});
EmitCheck(std::make_pair(BitSetTest, M), "cfi_check_fail", StaticData, EmitCheck(std::make_pair(BitSetTest, M), "cfi_check_fail", StaticData,
CastedVTable); {CastedVTable, ValidVtable});
} }
} }
// FIXME: Ideally Expr::IgnoreParenNoopCasts should do this, but it doesn't do // FIXME: Ideally Expr::IgnoreParenNoopCasts should do this, but it doesn't do
// quite what we want. // quite what we want.
static const Expr *skipNoOpCastsAndParens(const Expr *E) { static const Expr *skipNoOpCastsAndParens(const Expr *E) {
while (true) { while (true) {
if (const ParenExpr *PE = dyn_cast<ParenExpr>(E)) { if (const ParenExpr *PE = dyn_cast<ParenExpr>(E)) {
▲ Show 20 LinesShow All 192 LinesShow Last 20 Lines

lib/CodeGen/CGExpr.cpp

Show First 20 LinesShow All 2,484 Lines▼ Show 20 Lines#endif
// Give hint that we very much don't expect to execute the handler // Give hint that we very much don't expect to execute the handler
// Value chosen to match UR_NONTAKEN_WEIGHT, see BranchProbabilityInfo.cpp // Value chosen to match UR_NONTAKEN_WEIGHT, see BranchProbabilityInfo.cpp
llvm::MDBuilder MDHelper(getLLVMContext()); llvm::MDBuilder MDHelper(getLLVMContext());
llvm::MDNode *Node = MDHelper.createBranchWeights((1U << 20) - 1, 1); llvm::MDNode *Node = MDHelper.createBranchWeights((1U << 20) - 1, 1);
Branch->setMetadata(llvm::LLVMContext::MD_prof, Node); Branch->setMetadata(llvm::LLVMContext::MD_prof, Node);
EmitBlock(Handlers); EmitBlock(Handlers);
// Handler functions take an i8* pointing to the (handler-specific) static // Handler functions take an i8* pointing to the (handler-specific) static
// information block, followed by a sequence of intptr_t arguments // information block, followed by a sequence of intptr_t arguments
samsonovUnsubmitted
Not Done
ReplyInline Actions

This is really ugly. Why are you not passing it down in DynamicArgs? Is it performance penalty you don't want to pay if the check will not succeed? How large will it be?

samsonov: This is really ugly. Why are you not passing it down in DynamicArgs? Is it performance penalty…
eugenisAuthorUnsubmitted
Not Done
ReplyInline Actions

Yes, I want this code to be on the failing side of the check.
This would cost about the same as the check itself, so I suspect it could double the overhead.

eugenis: Yes, I want this code to be on the failing side of the check. This would cost about the same as…
pccUnsubmitted
Not Done
ReplyInline Actions

I would just emit the call unconditionally. We don't care too much about the performance in non-trapping mode, and if it becomes a problem in practice we can see if we can have the optimizer move the call into the conditional block (which I suspect it already knows how to do).

pcc: I would just emit the call unconditionally. We don't care too much about the performance in non…
eugenisAuthorUnsubmitted
Not Done
ReplyInline Actions

I care about performance in non-trapping mode.
Doing this change would not make the code any less ugly. For example, EmitCheck may not use the argument if the check has -fsanitize-trap behaviour, in which case we get an unused llvm.bitset.test call that affects some of the clang tests.

eugenis: I care about performance in non-trapping mode. Doing this change would not make the code any…
// representing operand values. // representing operand values.
SmallVector<llvm::Value *, 4> Args; SmallVector<llvm::Value *, 4> Args;
SmallVector<llvm::Type *, 4> ArgTypes; SmallVector<llvm::Type *, 4> ArgTypes;
Args.reserve(DynamicArgs.size() + 1); Args.reserve(DynamicArgs.size() + 1);
ArgTypes.reserve(DynamicArgs.size() + 1); ArgTypes.reserve(DynamicArgs.size() + 1);
// Emit handler arguments and create handler function type. // Emit handler arguments and create handler function type.
if (!StaticArgs.empty()) { if (!StaticArgs.empty()) {
▲ Show 20 LinesShow All 129 Lines▼ Show 20 Linesvoid CodeGenFunction::EmitCfiCheckFail() {
llvm::Value *V = Builder.CreateConstGEP2_32( llvm::Value *V = Builder.CreateConstGEP2_32(
CfiCheckFailDataTy, CfiCheckFailDataTy,
Builder.CreatePointerCast(Data, CfiCheckFailDataTy->getPointerTo(0)), 0, Builder.CreatePointerCast(Data, CfiCheckFailDataTy->getPointerTo(0)), 0,
0); 0);
Address CheckKindAddr(V, getIntAlign()); Address CheckKindAddr(V, getIntAlign());
llvm::Value *CheckKind = Builder.CreateLoad(CheckKindAddr); llvm::Value *CheckKind = Builder.CreateLoad(CheckKindAddr);
llvm::Value *AllVtables = llvm::MetadataAsValue::get(
CGM.getLLVMContext(),
llvm::MDString::get(CGM.getLLVMContext(), "all-vtables"));
llvm::Value *ValidVtable = Builder.CreateZExt(
samsonovUnsubmitted
Not Done
ReplyInline Actions

This is almost the same as EmitVTablePtrCheck, but with ZExt? Is the difference intentional/important? Is it possible to extract this logic (getting "all-vtables" metadata and running bitset test) to a function?

samsonov: This is almost the same as EmitVTablePtrCheck, but with ZExt? Is the difference…
eugenisAuthorUnsubmitted
Not Done
ReplyInline Actions

Not important. Zext makes the test a bit simpler.
Extracting these two lines to a function is surely possible, but is it worth it?

eugenis: Not important. Zext makes the test a bit simpler. Extracting these two lines to a function is…
samsonovUnsubmitted
Not Done
ReplyInline Actions

Probably not, as long as we have the test coverage.

samsonov: Probably not, as long as we have the test coverage.
Builder.CreateCall(CGM.getIntrinsic(llvm::Intrinsic::bitset_test),
{Addr, AllVtables}),
IntPtrTy);
const std::pair<int, SanitizerMask> CheckKinds[] = { const std::pair<int, SanitizerMask> CheckKinds[] = {
{CFITCK_VCall, SanitizerKind::CFIVCall}, {CFITCK_VCall, SanitizerKind::CFIVCall},
{CFITCK_NVCall, SanitizerKind::CFINVCall}, {CFITCK_NVCall, SanitizerKind::CFINVCall},
{CFITCK_DerivedCast, SanitizerKind::CFIDerivedCast}, {CFITCK_DerivedCast, SanitizerKind::CFIDerivedCast},
{CFITCK_UnrelatedCast, SanitizerKind::CFIUnrelatedCast}, {CFITCK_UnrelatedCast, SanitizerKind::CFIUnrelatedCast},
{CFITCK_ICall, SanitizerKind::CFIICall}}; {CFITCK_ICall, SanitizerKind::CFIICall}};
SmallVector<std::pair<llvm::Value *, SanitizerMask>, 5> Checks; SmallVector<std::pair<llvm::Value *, SanitizerMask>, 5> Checks;
for (auto CheckKindMaskPair : CheckKinds) { for (auto CheckKindMaskPair : CheckKinds) {
int Kind = CheckKindMaskPair.first; int Kind = CheckKindMaskPair.first;
SanitizerMask Mask = CheckKindMaskPair.second; SanitizerMask Mask = CheckKindMaskPair.second;
llvm::Value *Cond = llvm::Value *Cond =
Builder.CreateICmpNE(CheckKind, llvm::ConstantInt::get(Int8Ty, Kind)); Builder.CreateICmpNE(CheckKind, llvm::ConstantInt::get(Int8Ty, Kind));
EmitCheck(std::make_pair(Cond, Mask), "cfi_check_fail", {}, {Data, Addr}); EmitCheck(std::make_pair(Cond, Mask), "cfi_check_fail", {},
{Data, Addr, ValidVtable});
} }
FinishFunction(); FinishFunction();
// The only reference to this function will be created during LTO link. // The only reference to this function will be created during LTO link.
// Make sure it survives until then. // Make sure it survives until then.
CGM.addUsedGlobal(F); CGM.addUsedGlobal(F);
} }
▲ Show 20 LinesShow All 1,304 Lines▼ Show 20 Lines llvm::Constant *StaticData[] = {
EmitCheckSourceLocation(E->getLocStart()), EmitCheckSourceLocation(E->getLocStart()),
EmitCheckTypeDescriptor(QualType(FnType, 0)), EmitCheckTypeDescriptor(QualType(FnType, 0)),
}; };
if (CGM.getCodeGenOpts().SanitizeCfiCrossDso && TypeId) { if (CGM.getCodeGenOpts().SanitizeCfiCrossDso && TypeId) {
EmitCfiSlowPathCheck(SanitizerKind::CFIICall, BitSetTest, TypeId, EmitCfiSlowPathCheck(SanitizerKind::CFIICall, BitSetTest, TypeId,
CastedCallee, StaticData); CastedCallee, StaticData);
} else { } else {
EmitCheck(std::make_pair(BitSetTest, SanitizerKind::CFIICall), EmitCheck(std::make_pair(BitSetTest, SanitizerKind::CFIICall),
"cfi_check_fail", StaticData, CastedCallee); "cfi_check_fail", StaticData,
{CastedCallee, llvm::UndefValue::get(IntPtrTy)});
} }
} }
CallArgList Args; CallArgList Args;
if (Chain) if (Chain)
Args.add(RValue::get(Builder.CreateBitCast(Chain, CGM.VoidPtrTy)), Args.add(RValue::get(Builder.CreateBitCast(Chain, CGM.VoidPtrTy)),
CGM.getContext().VoidPtrTy); CGM.getContext().VoidPtrTy);
EmitCallArgs(Args, dyn_cast<FunctionProtoType>(FnType), E->arguments(), EmitCallArgs(Args, dyn_cast<FunctionProtoType>(FnType), E->arguments(),
▲ Show 20 LinesShow All 167 LinesShow Last 20 Lines

lib/CodeGen/CodeGenModule.h

Show First 20 LinesShow All 1,122 Lines▼ Show 20 Linespublic:
/// Create a metadata identifier for the given type. This may either be an /// Create a metadata identifier for the given type. This may either be an
/// MDString (for external identifiers) or a distinct unnamed MDNode (for /// MDString (for external identifiers) or a distinct unnamed MDNode (for
/// internal identifiers). /// internal identifiers).
llvm::Metadata *CreateMetadataIdentifierForType(QualType T); llvm::Metadata *CreateMetadataIdentifierForType(QualType T);
/// Create a bitset entry for the given function and add it to BitsetsMD. /// Create a bitset entry for the given function and add it to BitsetsMD.
void CreateFunctionBitSetEntry(const FunctionDecl *FD, llvm::Function *F); void CreateFunctionBitSetEntry(const FunctionDecl *FD, llvm::Function *F);
/// Returns whether this module needs the "all-vtables" bitset.
bool NeedAllVtablesBitSet() const;
/// Create a bitset entry for the given vtable and add it to BitsetsMD. /// Create a bitset entry for the given vtable and add it to BitsetsMD.
void CreateVTableBitSetEntry(llvm::NamedMDNode *BitsetsMD, void CreateVTableBitSetEntry(llvm::NamedMDNode *BitsetsMD,
llvm::GlobalVariable *VTable, CharUnits Offset, llvm::GlobalVariable *VTable, CharUnits Offset,
const CXXRecordDecl *RD); const CXXRecordDecl *RD);
/// \breif Get the declaration of std::terminate for the platform. /// \breif Get the declaration of std::terminate for the platform.
llvm::Constant *getTerminateFn(); llvm::Constant *getTerminateFn();
▲ Show 20 LinesShow All 120 LinesShow Last 20 Lines

lib/CodeGen/CodeGenModule.cpp

Show First 20 LinesShow All 4,021 Lines▼ Show 20 Linesllvm::Metadata *CodeGenModule::CreateMetadataIdentifierForType(QualType T) {
} else { } else {
InternalId = llvm::MDNode::getDistinct(getLLVMContext(), InternalId = llvm::MDNode::getDistinct(getLLVMContext(),
llvm::ArrayRef<llvm::Metadata *>()); llvm::ArrayRef<llvm::Metadata *>());
} }
return InternalId; return InternalId;
} }
/// Returns whether this module needs the "all-vtables" bitset.
bool CodeGenModule::NeedAllVtablesBitSet() const {
// Returns true if at least one of vtable-based CFI checkers is enabled and
// is not in the trapping mode.
return ((LangOpts.Sanitize.has(SanitizerKind::CFIVCall) &&
samsonovUnsubmitted
Not Done
ReplyInline Actions

Hm, can you write this as a loop?

samsonov: Hm, can you write this as a loop?
!CodeGenOpts.SanitizeTrap.has(SanitizerKind::CFIVCall)) ||
(LangOpts.Sanitize.has(SanitizerKind::CFINVCall) &&
!CodeGenOpts.SanitizeTrap.has(SanitizerKind::CFINVCall)) ||
(LangOpts.Sanitize.has(SanitizerKind::CFIDerivedCast) &&
!CodeGenOpts.SanitizeTrap.has(SanitizerKind::CFIDerivedCast)) ||
(LangOpts.Sanitize.has(SanitizerKind::CFIUnrelatedCast) &&
!CodeGenOpts.SanitizeTrap.has(SanitizerKind::CFIUnrelatedCast)));
}
void CodeGenModule::CreateVTableBitSetEntry(llvm::NamedMDNode *BitsetsMD, void CodeGenModule::CreateVTableBitSetEntry(llvm::NamedMDNode *BitsetsMD,
llvm::GlobalVariable *VTable, llvm::GlobalVariable *VTable,
CharUnits Offset, CharUnits Offset,
const CXXRecordDecl *RD) { const CXXRecordDecl *RD) {
llvm::Metadata *MD = llvm::Metadata *MD =
CreateMetadataIdentifierForType(QualType(RD->getTypeForDecl(), 0)); CreateMetadataIdentifierForType(QualType(RD->getTypeForDecl(), 0));
llvm::Metadata *BitsetOps[] = { llvm::Metadata *BitsetOps[] = {
MD, llvm::ConstantAsMetadata::get(VTable), MD, llvm::ConstantAsMetadata::get(VTable),
llvm::ConstantAsMetadata::get( llvm::ConstantAsMetadata::get(
llvm::ConstantInt::get(Int64Ty, Offset.getQuantity()))}; llvm::ConstantInt::get(Int64Ty, Offset.getQuantity()))};
BitsetsMD->addOperand(llvm::MDTuple::get(getLLVMContext(), BitsetOps)); BitsetsMD->addOperand(llvm::MDTuple::get(getLLVMContext(), BitsetOps));
if (CodeGenOpts.SanitizeCfiCrossDso) { if (CodeGenOpts.SanitizeCfiCrossDso) {
if (auto TypeId = CreateCfiIdForTypeMetadata(MD)) { if (auto TypeId = CreateCfiIdForTypeMetadata(MD)) {
llvm::Metadata *BitsetOps2[] = { llvm::Metadata *BitsetOps2[] = {
llvm::ConstantAsMetadata::get(TypeId), llvm::ConstantAsMetadata::get(TypeId),
llvm::ConstantAsMetadata::get(VTable), llvm::ConstantAsMetadata::get(VTable),
llvm::ConstantAsMetadata::get( llvm::ConstantAsMetadata::get(
llvm::ConstantInt::get(Int64Ty, Offset.getQuantity()))}; llvm::ConstantInt::get(Int64Ty, Offset.getQuantity()))};
BitsetsMD->addOperand(llvm::MDTuple::get(getLLVMContext(), BitsetOps2)); BitsetsMD->addOperand(llvm::MDTuple::get(getLLVMContext(), BitsetOps2));
} }
} }
if (NeedAllVtablesBitSet()) {
pccUnsubmitted
Done
ReplyInline Actions

This conditional doesn't look right. It should be something like

if (sanitize.has(this) && !sanitizetrap.has(this)) ||
   (sanitize.has(that) && !sanitizetrap.has(that)) ||
...

But that's sufficiently ugly that I wonder if we should just do this unconditionally. It shouldn't make a difference to the generated code either way.

pcc: This conditional doesn't look right. It should be something like ```if (sanitize.has(this) &&…
eugenisAuthorUnsubmitted
Not Done
ReplyInline Actions

I don't like emitting all these bitset entries if they are not needed.
Fixed.

eugenis: I don't like emitting all these bitset entries if they are not needed. Fixed.
llvm::Metadata *MD = llvm::MDString::get(getLLVMContext(), "all-vtables");
llvm::Metadata *BitsetOps[] = {
MD, llvm::ConstantAsMetadata::get(VTable),
llvm::ConstantAsMetadata::get(
llvm::ConstantInt::get(Int64Ty, Offset.getQuantity()))};
// Avoid adding a node to BitsetsMD twice.
if (!llvm::MDTuple::getIfExists(getLLVMContext(), BitsetOps))
BitsetsMD->addOperand(llvm::MDTuple::get(getLLVMContext(), BitsetOps));
}
} }
// Fills in the supplied string map with the set of target features for the // Fills in the supplied string map with the set of target features for the
// passed in function. // passed in function.
void CodeGenModule::getFunctionFeatureMap(llvm::StringMap<bool> &FeatureMap, void CodeGenModule::getFunctionFeatureMap(llvm::StringMap<bool> &FeatureMap,
const FunctionDecl *FD) { const FunctionDecl *FD) {
StringRef TargetCPU = Target.getTargetOpts().CPU; StringRef TargetCPU = Target.getTargetOpts().CPU;
if (const auto *TD = FD->getAttr<TargetAttr>()) { if (const auto *TD = FD->getAttr<TargetAttr>()) {
Show All 29 Lines

test/CodeGen/cfi-check-fail.c

Show All 16 Lines
// CHECK: [[TRAP]]: // CHECK: [[TRAP]]:
// CHECK-NEXT: call void @llvm.trap() // CHECK-NEXT: call void @llvm.trap()
// CHECK-NEXT: unreachable // CHECK-NEXT: unreachable
// CHECK: [[CONT0]]: // CHECK: [[CONT0]]:
// CHECK: %[[A:.*]] = bitcast i8* %[[DATA]] to { i8, { i8*, i32, i32 }, i8* }* // CHECK: %[[A:.*]] = bitcast i8* %[[DATA]] to { i8, { i8*, i32, i32 }, i8* }*
// CHECK: %[[KINDPTR:.*]] = getelementptr {{.*}} %[[A]], i32 0, i32 0 // CHECK: %[[KINDPTR:.*]] = getelementptr {{.*}} %[[A]], i32 0, i32 0
// CHECK: %[[KIND:.*]] = load i8, i8* %[[KINDPTR]], align 4 // CHECK: %[[KIND:.*]] = load i8, i8* %[[KINDPTR]], align 4
// CHECK: %[[VTVALID0:.*]] = call i1 @llvm.bitset.test(i8* %[[ADDR]], metadata !"all-vtables")
// CHECK: %[[VTVALID:.*]] = zext i1 %[[VTVALID0]] to i64
// CHECK: %[[NOT_0:.*]] = icmp ne i8 %[[KIND]], 0 // CHECK: %[[NOT_0:.*]] = icmp ne i8 %[[KIND]], 0
// CHECK: br i1 %[[NOT_0]], label %[[CONT1:.*]], label %[[HANDLE0:.*]], !prof // CHECK: br i1 %[[NOT_0]], label %[[CONT1:.*]], label %[[HANDLE0:.*]], !prof
// CHECK: [[HANDLE0]]: // CHECK: [[HANDLE0]]:
// CHECK: %[[DATA0:.*]] = ptrtoint i8* %[[DATA]] to i64, // CHECK: %[[DATA0:.*]] = ptrtoint i8* %[[DATA]] to i64,
// CHECK: %[[ADDR0:.*]] = ptrtoint i8* %[[ADDR]] to i64, // CHECK: %[[ADDR0:.*]] = ptrtoint i8* %[[ADDR]] to i64,
// CHECK: call void @__ubsan_handle_cfi_check_fail(i64 %[[DATA0]], i64 %[[ADDR0]]) // CHECK: call void @__ubsan_handle_cfi_check_fail(i64 %[[DATA0]], i64 %[[ADDR0]], i64 %[[VTVALID]])
// CHECK: br label %[[CONT1]] // CHECK: br label %[[CONT1]]
// CHECK: [[CONT1]]: // CHECK: [[CONT1]]:
// CHECK: %[[NOT_1:.*]] = icmp ne i8 %[[KIND]], 1 // CHECK: %[[NOT_1:.*]] = icmp ne i8 %[[KIND]], 1
// CHECK: br i1 %[[NOT_1]], label %[[CONT2:.*]], label %[[HANDLE1:.*]], !nosanitize // CHECK: br i1 %[[NOT_1]], label %[[CONT2:.*]], label %[[HANDLE1:.*]], !nosanitize
// CHECK: [[HANDLE1]]: // CHECK: [[HANDLE1]]:
// CHECK-NEXT: call void @llvm.trap() // CHECK-NEXT: call void @llvm.trap()
// CHECK-NEXT: unreachable // CHECK-NEXT: unreachable
// CHECK: [[CONT2]]: // CHECK: [[CONT2]]:
// CHECK: %[[NOT_2:.*]] = icmp ne i8 %[[KIND]], 2 // CHECK: %[[NOT_2:.*]] = icmp ne i8 %[[KIND]], 2
// CHECK: br i1 %[[NOT_2]], label %[[CONT3:.*]], label %[[HANDLE2:.*]], !prof // CHECK: br i1 %[[NOT_2]], label %[[CONT3:.*]], label %[[HANDLE2:.*]], !prof
// CHECK: [[HANDLE2]]: // CHECK: [[HANDLE2]]:
// CHECK: %[[DATA2:.*]] = ptrtoint i8* %[[DATA]] to i64, // CHECK: %[[DATA2:.*]] = ptrtoint i8* %[[DATA]] to i64,
// CHECK: %[[ADDR2:.*]] = ptrtoint i8* %[[ADDR]] to i64, // CHECK: %[[ADDR2:.*]] = ptrtoint i8* %[[ADDR]] to i64,
// CHECK: call void @__ubsan_handle_cfi_check_fail_abort(i64 %[[DATA2]], i64 %[[ADDR2]]) // CHECK: call void @__ubsan_handle_cfi_check_fail_abort(i64 %[[DATA2]], i64 %[[ADDR2]], i64 %[[VTVALID]])
// CHECK: unreachable // CHECK: unreachable
// CHECK: [[CONT3]]: // CHECK: [[CONT3]]:
// CHECK: %[[NOT_3:.*]] = icmp ne i8 %[[KIND]], 3 // CHECK: %[[NOT_3:.*]] = icmp ne i8 %[[KIND]], 3
// CHECK: br i1 %[[NOT_3]], label %[[CONT4:.*]], label %[[HANDLE3:.*]], !prof // CHECK: br i1 %[[NOT_3]], label %[[CONT4:.*]], label %[[HANDLE3:.*]], !prof
// CHECK: [[HANDLE3]]: // CHECK: [[HANDLE3]]:
// CHECK: %[[DATA3:.*]] = ptrtoint i8* %[[DATA]] to i64, // CHECK: %[[DATA3:.*]] = ptrtoint i8* %[[DATA]] to i64,
// CHECK: %[[ADDR3:.*]] = ptrtoint i8* %[[ADDR]] to i64, // CHECK: %[[ADDR3:.*]] = ptrtoint i8* %[[ADDR]] to i64,
// CHECK: call void @__ubsan_handle_cfi_check_fail(i64 %[[DATA3]], i64 %[[ADDR3]]) // CHECK: call void @__ubsan_handle_cfi_check_fail(i64 %[[DATA3]], i64 %[[ADDR3]], i64 %[[VTVALID]])
// CHECK: br label %[[CONT4]] // CHECK: br label %[[CONT4]]
// CHECK: [[CONT4]]: // CHECK: [[CONT4]]:
// CHECK: %[[NOT_4:.*]] = icmp ne i8 %[[KIND]], 4 // CHECK: %[[NOT_4:.*]] = icmp ne i8 %[[KIND]], 4
// CHECK: br i1 %[[NOT_4]], label %[[CONT5:.*]], label %[[HANDLE4:.*]], !nosanitize // CHECK: br i1 %[[NOT_4]], label %[[CONT5:.*]], label %[[HANDLE4:.*]], !nosanitize
// CHECK: [[HANDLE4]]: // CHECK: [[HANDLE4]]:
// CHECK-NEXT: call void @llvm.trap() // CHECK-NEXT: call void @llvm.trap()
// CHECK-NEXT: unreachable // CHECK-NEXT: unreachable
// CHECK: [[CONT5]]: // CHECK: [[CONT5]]:
// CHECK: ret void // CHECK: ret void

test/CodeGenCXX/cfi-cast.cpp

// RUN: %clang_cc1 -triple x86_64-unknown-linux -fsanitize=cfi-derived-cast -fsanitize-trap=cfi-derived-cast -emit-llvm -o - %s | FileCheck -check-prefix=CHECK-DCAST %s // RUN: %clang_cc1 -triple x86_64-unknown-linux -std=c++11 -fsanitize=cfi-derived-cast -fsanitize-trap=cfi-derived-cast -emit-llvm -o - %s | FileCheck -check-prefix=CHECK-DCAST %s
// RUN: %clang_cc1 -triple x86_64-unknown-linux -fsanitize=cfi-unrelated-cast -fsanitize-trap=cfi-unrelated-cast -emit-llvm -o - %s | FileCheck -check-prefix=CHECK-UCAST %s // RUN: %clang_cc1 -triple x86_64-unknown-linux -std=c++11 -fsanitize=cfi-unrelated-cast -fsanitize-trap=cfi-unrelated-cast -emit-llvm -o - %s | FileCheck -check-prefix=CHECK-UCAST %s
// RUN: %clang_cc1 -triple x86_64-unknown-linux -fsanitize=cfi-unrelated-cast,cfi-cast-strict -fsanitize-trap=cfi-unrelated-cast,cfi-cast-strict -emit-llvm -o - %s | FileCheck -check-prefix=CHECK-UCAST-STRICT %s // RUN: %clang_cc1 -triple x86_64-unknown-linux -std=c++11 -fsanitize=cfi-unrelated-cast,cfi-cast-strict -fsanitize-trap=cfi-unrelated-cast,cfi-cast-strict -emit-llvm -o - %s | FileCheck -check-prefix=CHECK-UCAST-STRICT %s
// In this test the main thing we are searching for is something like // In this test the main thing we are searching for is something like
// 'metadata !"1B"' where "1B" is the mangled name of the class we are // 'metadata !"1B"' where "1B" is the mangled name of the class we are
// casting to (or maybe its base class in non-strict mode). // casting to (or maybe its base class in non-strict mode).
struct A { struct A {
virtual void f(); virtual void f();
int i() const; int i() const;
Show All 11 Linesvoid abp(A *a) {
// CHECK-DCAST-NEXT: br i1 [[P]], label %[[CONTBB:[^ ]*]], label %[[TRAPBB:[^ ,]*]] // CHECK-DCAST-NEXT: br i1 [[P]], label %[[CONTBB:[^ ]*]], label %[[TRAPBB:[^ ,]*]]
// CHECK-DCAST: [[TRAPBB]] // CHECK-DCAST: [[TRAPBB]]
// CHECK-DCAST-NEXT: call void @llvm.trap() // CHECK-DCAST-NEXT: call void @llvm.trap()
// CHECK-DCAST-NEXT: unreachable // CHECK-DCAST-NEXT: unreachable
// CHECK-DCAST: [[CONTBB]] // CHECK-DCAST: [[CONTBB]]
// CHECK-DCAST: ret // CHECK-DCAST: ret
static_cast<B*>(a); (void)static_cast<B*>(a);
} }
// CHECK-DCAST-LABEL: define void @_Z3abrR1A // CHECK-DCAST-LABEL: define void @_Z3abrR1A
void abr(A &a) { void abr(A &a) {
// CHECK-DCAST: [[P:%[^ ]*]] = call i1 @llvm.bitset.test(i8* {{%[^ ]*}}, metadata !"_ZTS1B") // CHECK-DCAST: [[P:%[^ ]*]] = call i1 @llvm.bitset.test(i8* {{%[^ ]*}}, metadata !"_ZTS1B")
// CHECK-DCAST-NEXT: br i1 [[P]], label %[[CONTBB:[^ ]*]], label %[[TRAPBB:[^ ,]*]] // CHECK-DCAST-NEXT: br i1 [[P]], label %[[CONTBB:[^ ]*]], label %[[TRAPBB:[^ ,]*]]
// CHECK-DCAST: [[TRAPBB]] // CHECK-DCAST: [[TRAPBB]]
// CHECK-DCAST-NEXT: call void @llvm.trap() // CHECK-DCAST-NEXT: call void @llvm.trap()
// CHECK-DCAST-NEXT: unreachable // CHECK-DCAST-NEXT: unreachable
// CHECK-DCAST: [[CONTBB]] // CHECK-DCAST: [[CONTBB]]
// CHECK-DCAST: ret // CHECK-DCAST: ret
static_cast<B&>(a); (void)static_cast<B&>(a);
} }
// CHECK-DCAST-LABEL: define void @_Z4abrrO1A // CHECK-DCAST-LABEL: define void @_Z4abrrO1A
void abrr(A &&a) { void abrr(A &&a) {
// CHECK-DCAST: [[P:%[^ ]*]] = call i1 @llvm.bitset.test(i8* {{%[^ ]*}}, metadata !"_ZTS1B") // CHECK-DCAST: [[P:%[^ ]*]] = call i1 @llvm.bitset.test(i8* {{%[^ ]*}}, metadata !"_ZTS1B")
// CHECK-DCAST-NEXT: br i1 [[P]], label %[[CONTBB:[^ ]*]], label %[[TRAPBB:[^ ,]*]] // CHECK-DCAST-NEXT: br i1 [[P]], label %[[CONTBB:[^ ]*]], label %[[TRAPBB:[^ ,]*]]
// CHECK-DCAST: [[TRAPBB]] // CHECK-DCAST: [[TRAPBB]]
// CHECK-DCAST-NEXT: call void @llvm.trap() // CHECK-DCAST-NEXT: call void @llvm.trap()
// CHECK-DCAST-NEXT: unreachable // CHECK-DCAST-NEXT: unreachable
// CHECK-DCAST: [[CONTBB]] // CHECK-DCAST: [[CONTBB]]
// CHECK-DCAST: ret // CHECK-DCAST: ret
static_cast<B&&>(a); (void)static_cast<B&&>(a);
} }
// CHECK-UCAST-LABEL: define void @_Z3vbpPv // CHECK-UCAST-LABEL: define void @_Z3vbpPv
void vbp(void *p) { void vbp(void *p) {
// CHECK-UCAST: [[P:%[^ ]*]] = call i1 @llvm.bitset.test(i8* {{%[^ ]*}}, metadata !"_ZTS1B") // CHECK-UCAST: [[P:%[^ ]*]] = call i1 @llvm.bitset.test(i8* {{%[^ ]*}}, metadata !"_ZTS1B")
// CHECK-UCAST-NEXT: br i1 [[P]], label %[[CONTBB:[^ ]*]], label %[[TRAPBB:[^ ,]*]] // CHECK-UCAST-NEXT: br i1 [[P]], label %[[CONTBB:[^ ]*]], label %[[TRAPBB:[^ ,]*]]
// CHECK-UCAST: [[TRAPBB]] // CHECK-UCAST: [[TRAPBB]]
// CHECK-UCAST-NEXT: call void @llvm.trap() // CHECK-UCAST-NEXT: call void @llvm.trap()
// CHECK-UCAST-NEXT: unreachable // CHECK-UCAST-NEXT: unreachable
// CHECK-UCAST: [[CONTBB]] // CHECK-UCAST: [[CONTBB]]
// CHECK-UCAST: ret // CHECK-UCAST: ret
static_cast<B*>(p); (void)static_cast<B*>(p);
} }
// CHECK-UCAST-LABEL: define void @_Z3vbrRc // CHECK-UCAST-LABEL: define void @_Z3vbrRc
void vbr(char &r) { void vbr(char &r) {
// CHECK-UCAST: [[P:%[^ ]*]] = call i1 @llvm.bitset.test(i8* {{%[^ ]*}}, metadata !"_ZTS1B") // CHECK-UCAST: [[P:%[^ ]*]] = call i1 @llvm.bitset.test(i8* {{%[^ ]*}}, metadata !"_ZTS1B")
// CHECK-UCAST-NEXT: br i1 [[P]], label %[[CONTBB:[^ ]*]], label %[[TRAPBB:[^ ,]*]] // CHECK-UCAST-NEXT: br i1 [[P]], label %[[CONTBB:[^ ]*]], label %[[TRAPBB:[^ ,]*]]
// CHECK-UCAST: [[TRAPBB]] // CHECK-UCAST: [[TRAPBB]]
// CHECK-UCAST-NEXT: call void @llvm.trap() // CHECK-UCAST-NEXT: call void @llvm.trap()
// CHECK-UCAST-NEXT: unreachable // CHECK-UCAST-NEXT: unreachable
// CHECK-UCAST: [[CONTBB]] // CHECK-UCAST: [[CONTBB]]
// CHECK-UCAST: ret // CHECK-UCAST: ret
reinterpret_cast<B&>(r); (void)reinterpret_cast<B&>(r);
} }
// CHECK-UCAST-LABEL: define void @_Z4vbrrOc // CHECK-UCAST-LABEL: define void @_Z4vbrrOc
void vbrr(char &&r) { void vbrr(char &&r) {
// CHECK-UCAST: [[P:%[^ ]*]] = call i1 @llvm.bitset.test(i8* {{%[^ ]*}}, metadata !"_ZTS1B") // CHECK-UCAST: [[P:%[^ ]*]] = call i1 @llvm.bitset.test(i8* {{%[^ ]*}}, metadata !"_ZTS1B")
// CHECK-UCAST-NEXT: br i1 [[P]], label %[[CONTBB:[^ ]*]], label %[[TRAPBB:[^ ,]*]] // CHECK-UCAST-NEXT: br i1 [[P]], label %[[CONTBB:[^ ]*]], label %[[TRAPBB:[^ ,]*]]
// CHECK-UCAST: [[TRAPBB]] // CHECK-UCAST: [[TRAPBB]]
// CHECK-UCAST-NEXT: call void @llvm.trap() // CHECK-UCAST-NEXT: call void @llvm.trap()
// CHECK-UCAST-NEXT: unreachable // CHECK-UCAST-NEXT: unreachable
// CHECK-UCAST: [[CONTBB]] // CHECK-UCAST: [[CONTBB]]
// CHECK-UCAST: ret // CHECK-UCAST: ret
reinterpret_cast<B&&>(r); (void)reinterpret_cast<B&&>(r);
} }
// CHECK-UCAST-LABEL: define void @_Z3vcpPv // CHECK-UCAST-LABEL: define void @_Z3vcpPv
// CHECK-UCAST-STRICT-LABEL: define void @_Z3vcpPv // CHECK-UCAST-STRICT-LABEL: define void @_Z3vcpPv
void vcp(void *p) { void vcp(void *p) {
// CHECK-UCAST: call i1 @llvm.bitset.test(i8* {{%[^ ]*}}, metadata !"_ZTS1A") // CHECK-UCAST: call i1 @llvm.bitset.test(i8* {{%[^ ]*}}, metadata !"_ZTS1A")
// CHECK-UCAST-STRICT: call i1 @llvm.bitset.test(i8* {{%[^ ]*}}, metadata !"_ZTS1C") // CHECK-UCAST-STRICT: call i1 @llvm.bitset.test(i8* {{%[^ ]*}}, metadata !"_ZTS1C")
static_cast<C*>(p); (void)static_cast<C*>(p);
} }
// CHECK-UCAST-LABEL: define void @_Z3bcpP1B // CHECK-UCAST-LABEL: define void @_Z3bcpP1B
// CHECK-UCAST-STRICT-LABEL: define void @_Z3bcpP1B // CHECK-UCAST-STRICT-LABEL: define void @_Z3bcpP1B
void bcp(B *p) { void bcp(B *p) {
// CHECK-UCAST: call i1 @llvm.bitset.test(i8* {{%[^ ]*}}, metadata !"_ZTS1A") // CHECK-UCAST: call i1 @llvm.bitset.test(i8* {{%[^ ]*}}, metadata !"_ZTS1A")
// CHECK-UCAST-STRICT: call i1 @llvm.bitset.test(i8* {{%[^ ]*}}, metadata !"_ZTS1C") // CHECK-UCAST-STRICT: call i1 @llvm.bitset.test(i8* {{%[^ ]*}}, metadata !"_ZTS1C")
(C *)p; (void)(C *)p;
} }
// CHECK-UCAST-LABEL: define void @_Z8bcp_callP1B // CHECK-UCAST-LABEL: define void @_Z8bcp_callP1B
// CHECK-UCAST-STRICT-LABEL: define void @_Z8bcp_callP1B // CHECK-UCAST-STRICT-LABEL: define void @_Z8bcp_callP1B
void bcp_call(B *p) { void bcp_call(B *p) {
// CHECK-UCAST: call i1 @llvm.bitset.test(i8* {{%[^ ]*}}, metadata !"_ZTS1A") // CHECK-UCAST: call i1 @llvm.bitset.test(i8* {{%[^ ]*}}, metadata !"_ZTS1A")
// CHECK-UCAST-STRICT: call i1 @llvm.bitset.test(i8* {{%[^ ]*}}, metadata !"_ZTS1C") // CHECK-UCAST-STRICT: call i1 @llvm.bitset.test(i8* {{%[^ ]*}}, metadata !"_ZTS1C")
((C *)p)->f(); ((C *)p)->f();
Show All 9 Lines

test/CodeGenCXX/cfi-vcall.cpp

// RUN: %clang_cc1 -triple x86_64-unknown-linux -fsanitize=cfi-vcall -fsanitize-trap=cfi-vcall -emit-llvm -o - %s | FileCheck --check-prefix=CHECK --check-prefix=ITANIUM --check-prefix=NDIAG %s // RUN: %clang_cc1 -triple x86_64-unknown-linux -fsanitize=cfi-vcall -fsanitize-trap=cfi-vcall -emit-llvm -o - %s | FileCheck --check-prefix=CHECK --check-prefix=ITANIUM --check-prefix=ITANIUM-NDIAG --check-prefix=NDIAG %s
// RUN: %clang_cc1 -triple x86_64-unknown-linux -fsanitize=cfi-vcall -emit-llvm -o - %s | FileCheck --check-prefix=CHECK --check-prefix=ITANIUM --check-prefix=DIAG --check-prefix=DIAG-ABORT %s // RUN: %clang_cc1 -triple x86_64-unknown-linux -fsanitize=cfi-vcall -emit-llvm -o - %s | FileCheck --check-prefix=CHECK --check-prefix=ITANIUM --check-prefix=ITANIUM-DIAG --check-prefix=DIAG --check-prefix=DIAG-ABORT %s
// RUN: %clang_cc1 -triple x86_64-unknown-linux -fsanitize=cfi-vcall -fsanitize-recover=cfi-vcall -emit-llvm -o - %s | FileCheck --check-prefix=CHECK --check-prefix=ITANIUM --check-prefix=DIAG --check-prefix=DIAG-RECOVER %s // RUN: %clang_cc1 -triple x86_64-unknown-linux -fsanitize=cfi-vcall -fsanitize-recover=cfi-vcall -emit-llvm -o - %s | FileCheck --check-prefix=CHECK --check-prefix=ITANIUM --check-prefix=DIAG --check-prefix=DIAG-RECOVER %s
// RUN: %clang_cc1 -triple x86_64-pc-windows-msvc -fsanitize=cfi-vcall -fsanitize-trap=cfi-vcall -emit-llvm -o - %s | FileCheck --check-prefix=CHECK --check-prefix=MS --check-prefix=NDIAG %s // RUN: %clang_cc1 -triple x86_64-pc-windows-msvc -fsanitize=cfi-vcall -fsanitize-trap=cfi-vcall -emit-llvm -o - %s | FileCheck --check-prefix=CHECK --check-prefix=MS --check-prefix=NDIAG %s
// MS: @[[VTA:[0-9]*]] {{.*}} comdat($"\01??_7A@@6B@") // MS: @[[VTA:[0-9]*]] {{.*}} comdat($"\01??_7A@@6B@")
// MS: @[[VTB:[0-9]*]] {{.*}} comdat($"\01??_7B@@6B0@@") // MS: @[[VTB:[0-9]*]] {{.*}} comdat($"\01??_7B@@6B0@@")
// MS: @[[VTAinB:[0-9]*]] {{.*}} comdat($"\01??_7B@@6BA@@@") // MS: @[[VTAinB:[0-9]*]] {{.*}} comdat($"\01??_7B@@6BA@@@")
// MS: @[[VTAinC:[0-9]*]] {{.*}} comdat($"\01??_7C@@6B@") // MS: @[[VTAinC:[0-9]*]] {{.*}} comdat($"\01??_7C@@6B@")
// MS: @[[VTBinD:[0-9]*]] {{.*}} comdat($"\01??_7D@?A@@6BB@@@") // MS: @[[VTBinD:[0-9]*]] {{.*}} comdat($"\01??_7D@?A@@6BB@@@")
Show All 39 Lines
void D::f() { void D::f() {
} }
void D::h() { void D::h() {
} }
// DIAG: @[[SRC:.*]] = private unnamed_addr constant [{{.*}} x i8] c"{{.*}}cfi-vcall.cpp\00", align 1 // DIAG: @[[SRC:.*]] = private unnamed_addr constant [{{.*}} x i8] c"{{.*}}cfi-vcall.cpp\00", align 1
// DIAG: @[[TYPE:.*]] = private unnamed_addr constant { i16, i16, [4 x i8] } { i16 -1, i16 0, [4 x i8] c"'A'\00" } // DIAG: @[[TYPE:.*]] = private unnamed_addr constant { i16, i16, [4 x i8] } { i16 -1, i16 0, [4 x i8] c"'A'\00" }
// DIAG: @[[BADTYPESTATIC:.*]] = private unnamed_addr global { i8, { [{{.*}} x i8]*, i32, i32 }, { i16, i16, [4 x i8] }* } { i8 0, { [{{.*}} x i8]*, i32, i32 } { [{{.*}} x i8]* @[[SRC]], i32 [[@LINE+21]], i32 3 }, { i16, i16, [4 x i8] }* @[[TYPE]] } // DIAG: @[[BADTYPESTATIC:.*]] = private unnamed_addr global { i8, { [{{.*}} x i8]*, i32, i32 }, { i16, i16, [4 x i8] }* } { i8 0, { [{{.*}} x i8]*, i32, i32 } { [{{.*}} x i8]* @[[SRC]], i32 [[@LINE+23]], i32 3 }, { i16, i16, [4 x i8] }* @[[TYPE]] }
// ITANIUM: define void @_Z2afP1A // ITANIUM: define void @_Z2afP1A
// MS: define void @"\01?af@@YAXPEAUA@@@Z" // MS: define void @"\01?af@@YAXPEAUA@@@Z"
void af(A *a) { void af(A *a) {
// ITANIUM: [[P:%[^ ]*]] = call i1 @llvm.bitset.test(i8* [[VT:%[^ ]*]], metadata !"_ZTS1A") // ITANIUM: [[P:%[^ ]*]] = call i1 @llvm.bitset.test(i8* [[VT:%[^ ]*]], metadata !"_ZTS1A")
// MS: [[P:%[^ ]*]] = call i1 @llvm.bitset.test(i8* [[VT:%[^ ]*]], metadata !"?AUA@@") // MS: [[P:%[^ ]*]] = call i1 @llvm.bitset.test(i8* [[VT:%[^ ]*]], metadata !"?AUA@@")
// DIAG-NEXT: [[VTVALID0:%[^ ]*]] = call i1 @llvm.bitset.test(i8* [[VT]], metadata !"all-vtables")
// CHECK-NEXT: br i1 [[P]], label %[[CONTBB:[^ ,]*]], label %[[TRAPBB:[^ ,]*]] // CHECK-NEXT: br i1 [[P]], label %[[CONTBB:[^ ,]*]], label %[[TRAPBB:[^ ,]*]]
// CHECK-NEXT: {{^$}} // CHECK-NEXT: {{^$}}
// CHECK: [[TRAPBB]] // CHECK: [[TRAPBB]]
// NDIAG-NEXT: call void @llvm.trap() // NDIAG-NEXT: call void @llvm.trap()
// NDIAG-NEXT: unreachable // NDIAG-NEXT: unreachable
// DIAG-NEXT: [[VTINT:%[^ ]*]] = ptrtoint i8* [[VT]] to i64 // DIAG-NEXT: [[VTINT:%[^ ]*]] = ptrtoint i8* [[VT]] to i64
// DIAG-ABORT-NEXT: call void @__ubsan_handle_cfi_check_fail_abort(i8* getelementptr inbounds ({{.*}} @[[BADTYPESTATIC]], i32 0, i32 0), i64 [[VTINT]]) // DIAG-NEXT: [[VTVALID:%[^ ]*]] = zext i1 [[VTVALID0]] to i64
// DIAG-ABORT-NEXT: call void @__ubsan_handle_cfi_check_fail_abort(i8* getelementptr inbounds ({{.*}} @[[BADTYPESTATIC]], i32 0, i32 0), i64 [[VTINT]], i64 [[VTVALID]])
// DIAG-ABORT-NEXT: unreachable // DIAG-ABORT-NEXT: unreachable
// DIAG-RECOVER-NEXT: call void @__ubsan_handle_cfi_check_fail(i8* getelementptr inbounds ({{.*}} @[[BADTYPESTATIC]], i32 0, i32 0), i64 [[VTINT]]) // DIAG-RECOVER-NEXT: call void @__ubsan_handle_cfi_check_fail(i8* getelementptr inbounds ({{.*}} @[[BADTYPESTATIC]], i32 0, i32 0), i64 [[VTINT]], i64 [[VTVALID]])
// DIAG-RECOVER-NEXT: br label %[[CONTBB]] // DIAG-RECOVER-NEXT: br label %[[CONTBB]]
// CHECK: [[CONTBB]] // CHECK: [[CONTBB]]
// CHECK: call void % // CHECK: call void %
a->f(); a->f();
} }
// ITANIUM: define internal void @_Z3df1PN12_GLOBAL__N_11DE // ITANIUM: define internal void @_Z3df1PN12_GLOBAL__N_11DE
▲ Show 20 LinesShow All 69 Lines▼ Show 20 Lines
void f(D *d) { void f(D *d) {
// ITANIUM: {{%[^ ]*}} = call i1 @llvm.bitset.test(i8* {{%[^ ]*}}, metadata !"_ZTSN5test21DE") // ITANIUM: {{%[^ ]*}} = call i1 @llvm.bitset.test(i8* {{%[^ ]*}}, metadata !"_ZTSN5test21DE")
// MS: {{%[^ ]*}} = call i1 @llvm.bitset.test(i8* {{%[^ ]*}}, metadata !"?AUA@test2@@") // MS: {{%[^ ]*}} = call i1 @llvm.bitset.test(i8* {{%[^ ]*}}, metadata !"?AUA@test2@@")
d->m_fn1(); d->m_fn1();
} }
} }
// Check for the expected number of elements (9 or 15 respectively). // Check for the expected number of elements (15 or 23 respectively).
// MS: !llvm.bitsets = !{[[X:[^,]*(,[^,]*){8}]]} // MS-NDIAG: !llvm.bitsets = !{[[X:[^,]*(,[^,]*){9}]]}
// ITANIUM: !llvm.bitsets = !{[[X:[^,]*(,[^,]*){14}]]} // MS-DIAG: !llvm.bitsets = !{[[X:[^,]*(,[^,]*){15}]]}
// ITANIUM-NDIAG: !llvm.bitsets = !{[[X:[^,]*(,[^,]*){14}]]}
// ITANIUM-DIAG: !llvm.bitsets = !{[[X:[^,]*(,[^,]*){23}]]}
// ITANIUM-DAG: !{!"_ZTS1A", [3 x i8*]* @_ZTV1A, i64 16} // ITANIUM-DAG: !{!"_ZTS1A", [3 x i8*]* @_ZTV1A, i64 16}
// ITANIUM-DIAG-DAG: !{!"all-vtables", [3 x i8*]* @_ZTV1A, i64 16}
// ITANIUM-DAG: !{!"_ZTS1A", [7 x i8*]* @_ZTCN12_GLOBAL__N_11DE0_1B, i64 32} // ITANIUM-DAG: !{!"_ZTS1A", [7 x i8*]* @_ZTCN12_GLOBAL__N_11DE0_1B, i64 32}
// ITANIUM-DIAG-DAG: !{!"all-vtables", [7 x i8*]* @_ZTCN12_GLOBAL__N_11DE0_1B, i64 32}
// ITANIUM-DAG: !{!"_ZTS1B", [7 x i8*]* @_ZTCN12_GLOBAL__N_11DE0_1B, i64 32} // ITANIUM-DAG: !{!"_ZTS1B", [7 x i8*]* @_ZTCN12_GLOBAL__N_11DE0_1B, i64 32}
// ITANIUM-DAG: !{!"_ZTS1A", [9 x i8*]* @_ZTCN12_GLOBAL__N_11DE8_1C, i64 64} // ITANIUM-DAG: !{!"_ZTS1A", [9 x i8*]* @_ZTCN12_GLOBAL__N_11DE8_1C, i64 64}
// ITANIUM-DIAG-DAG: !{!"all-vtables", [9 x i8*]* @_ZTCN12_GLOBAL__N_11DE8_1C, i64 64}
// ITANIUM-DAG: !{!"_ZTS1C", [9 x i8*]* @_ZTCN12_GLOBAL__N_11DE8_1C, i64 32} // ITANIUM-DAG: !{!"_ZTS1C", [9 x i8*]* @_ZTCN12_GLOBAL__N_11DE8_1C, i64 32}
// ITANIUM-DAG: !{!"_ZTS1A", [12 x i8*]* @_ZTVN12_GLOBAL__N_11DE, i64 32} // ITANIUM-DAG: !{!"_ZTS1A", [12 x i8*]* @_ZTVN12_GLOBAL__N_11DE, i64 32}
// ITANIUM-DIAG-DAG: !{!"all-vtables", [12 x i8*]* @_ZTVN12_GLOBAL__N_11DE, i64 32}
// ITANIUM-DAG: !{!"_ZTS1B", [12 x i8*]* @_ZTVN12_GLOBAL__N_11DE, i64 32} // ITANIUM-DAG: !{!"_ZTS1B", [12 x i8*]* @_ZTVN12_GLOBAL__N_11DE, i64 32}
// ITANIUM-DAG: !{!"_ZTS1C", [12 x i8*]* @_ZTVN12_GLOBAL__N_11DE, i64 88} // ITANIUM-DAG: !{!"_ZTS1C", [12 x i8*]* @_ZTVN12_GLOBAL__N_11DE, i64 88}
// ITANIUM-DIAG-DAG: !{!"all-vtables", [12 x i8*]* @_ZTVN12_GLOBAL__N_11DE, i64 88}
// ITANIUM-DAG: !{![[DTYPE]], [12 x i8*]* @_ZTVN12_GLOBAL__N_11DE, i64 32} // ITANIUM-DAG: !{![[DTYPE]], [12 x i8*]* @_ZTVN12_GLOBAL__N_11DE, i64 32}
// ITANIUM-DAG: !{!"_ZTS1A", [7 x i8*]* @_ZTV1B, i64 32} // ITANIUM-DAG: !{!"_ZTS1A", [7 x i8*]* @_ZTV1B, i64 32}
// ITANIUM-DIAG-DAG: !{!"all-vtables", [7 x i8*]* @_ZTV1B, i64 32}
// ITANIUM-DAG: !{!"_ZTS1B", [7 x i8*]* @_ZTV1B, i64 32} // ITANIUM-DAG: !{!"_ZTS1B", [7 x i8*]* @_ZTV1B, i64 32}
// ITANIUM-DAG: !{!"_ZTS1A", [5 x i8*]* @_ZTV1C, i64 32} // ITANIUM-DAG: !{!"_ZTS1A", [5 x i8*]* @_ZTV1C, i64 32}
// ITANIUM-DAG: !{!"_ZTS1C", [5 x i8*]* @_ZTV1C, i64 32} // ITANIUM-DAG: !{!"_ZTS1C", [5 x i8*]* @_ZTV1C, i64 32}
// ITANIUM-DAG: !{!"_ZTS1A", [3 x i8*]* @_ZTVZ3foovE2FA, i64 16} // ITANIUM-DAG: !{!"_ZTS1A", [3 x i8*]* @_ZTVZ3foovE2FA, i64 16}
// ITANIUM-DAG: !{!{{[0-9]+}}, [3 x i8*]* @_ZTVZ3foovE2FA, i64 16} // ITANIUM-DAG: !{!{{[0-9]+}}, [3 x i8*]* @_ZTVZ3foovE2FA, i64 16}
// MS-DAG: !{!"?AUA@@", [2 x i8*]* @[[VTA]], i64 8} // MS-DAG: !{!"?AUA@@", [2 x i8*]* @[[VTA]], i64 8}
// MS-DIAG-DAG: !{!"all-vtables", [2 x i8*]* @[[VTA]], i64 8}
// MS-DAG: !{!"?AUB@@", [3 x i8*]* @[[VTB]], i64 8} // MS-DAG: !{!"?AUB@@", [3 x i8*]* @[[VTB]], i64 8}
// MS-DIAG-DAG: !{!"all-vtables", [3 x i8*]* @[[VTB]], i64 8}
// MS-DAG: !{!"?AUA@@", [2 x i8*]* @[[VTAinB]], i64 8} // MS-DAG: !{!"?AUA@@", [2 x i8*]* @[[VTAinB]], i64 8}
// MS-DIAG-DAG: !{!"all-vtables", [2 x i8*]* @[[VTAinB]], i64 8}
// MS-DAG: !{!"?AUA@@", [2 x i8*]* @[[VTAinC]], i64 8} // MS-DAG: !{!"?AUA@@", [2 x i8*]* @[[VTAinC]], i64 8}
// MS-DIAG-DAG: !{!"all-vtables", [2 x i8*]* @[[VTAinC]], i64 8}
// MS-DAG: !{!"?AUB@@", [3 x i8*]* @[[VTBinD]], i64 8} // MS-DAG: !{!"?AUB@@", [3 x i8*]* @[[VTBinD]], i64 8}
// MS-DIAG-DAG: !{!"all-vtables", [3 x i8*]* @[[VTBinD]], i64 8}
// MS-DAG: !{![[DTYPE]], [3 x i8*]* @[[VTBinD]], i64 8} // MS-DAG: !{![[DTYPE]], [3 x i8*]* @[[VTBinD]], i64 8}
// MS-DAG: !{!"?AUA@@", [2 x i8*]* @[[VTAinBinD]], i64 8} // MS-DAG: !{!"?AUA@@", [2 x i8*]* @[[VTAinBinD]], i64 8}
// MS-DIAG-DAG: !{!"all-vtables", [2 x i8*]* @[[VTAinBinD]], i64 8}
// MS-DAG: !{!"?AUA@@", [2 x i8*]* @[[VTFA]], i64 8} // MS-DAG: !{!"?AUA@@", [2 x i8*]* @[[VTFA]], i64 8}
// MS-DIAG-DAG: !{!"all-vtables", [2 x i8*]* @[[VTFA]], i64 8}
// MS-DAG: !{!{{[0-9]+}}, [2 x i8*]* @[[VTFA]], i64 8} // MS-DAG: !{!{{[0-9]+}}, [2 x i8*]* @[[VTFA]], i64 8}