1 // Tests for the cfi-vcall feature: 2 // RUN: %clang_cc1 -flto -flto-unit -triple x86_64-unknown-linux -fvisibility hidden -fsanitize=cfi-vcall -fsanitize-trap=cfi-vcall -emit-llvm -o - %s | FileCheck --check-prefix=CFI --check-prefix=CFI-NVT --check-prefix=ITANIUM --check-prefix=TT-ITANIUM --check-prefix=NDIAG %s 3 // RUN: %clang_cc1 -flto -flto-unit -triple x86_64-unknown-linux -fvisibility hidden -fsanitize=cfi-vcall -emit-llvm -o - %s | FileCheck --check-prefix=CFI --check-prefix=CFI-NVT --check-prefix=ITANIUM --check-prefix=TT-ITANIUM --check-prefix=ITANIUM-DIAG --check-prefix=DIAG --check-prefix=DIAG-ABORT %s 4 // RUN: %clang_cc1 -flto -flto-unit -triple x86_64-unknown-linux -fvisibility hidden -fsanitize=cfi-vcall -fsanitize-recover=cfi-vcall -emit-llvm -o - %s | FileCheck --check-prefix=CFI --check-prefix=CFI-NVT --check-prefix=ITANIUM --check-prefix=TT-ITANIUM --check-prefix=ITANIUM-DIAG --check-prefix=DIAG --check-prefix=DIAG-RECOVER %s 5 // RUN: %clang_cc1 -flto -flto-unit -triple x86_64-pc-windows-msvc -fsanitize=cfi-vcall -fsanitize-trap=cfi-vcall -emit-llvm -o - %s | FileCheck --check-prefix=CFI --check-prefix=CFI-NVT --check-prefix=MS --check-prefix=TT-MS --check-prefix=NDIAG %s 6 7 // Tests for the whole-program-vtables feature: 8 // RUN: %clang_cc1 -flto -flto-unit -triple x86_64-unknown-linux -fvisibility hidden -fwhole-program-vtables -emit-llvm -o - %s | FileCheck --check-prefix=VTABLE-OPT --check-prefix=ITANIUM --check-prefix=TT-ITANIUM %s 9 // RUN: %clang_cc1 -flto -flto-unit -triple x86_64-unknown-linux -fwhole-program-vtables -emit-llvm -o - %s | FileCheck --check-prefix=VTABLE-OPT --check-prefix=ITANIUM-DEFAULTVIS --check-prefix=TT-ITANIUM %s 10 // RUN: %clang_cc1 -flto -flto-unit -triple x86_64-pc-windows-msvc -fwhole-program-vtables -emit-llvm -o - %s | FileCheck --check-prefix=VTABLE-OPT --check-prefix=MS --check-prefix=TT-MS %s 11 12 // Tests for cfi + whole-program-vtables: 13 // RUN: %clang_cc1 -flto -flto-unit -triple x86_64-unknown-linux -fvisibility hidden -fsanitize=cfi-vcall -fsanitize-trap=cfi-vcall -fwhole-program-vtables -emit-llvm -o - %s | FileCheck --check-prefix=CFI --check-prefix=CFI-VT --check-prefix=ITANIUM --check-prefix=TC-ITANIUM %s 14 // RUN: %clang_cc1 -flto -flto-unit -triple x86_64-pc-windows-msvc -fsanitize=cfi-vcall -fsanitize-trap=cfi-vcall -fwhole-program-vtables -emit-llvm -o - %s | FileCheck --check-prefix=CFI --check-prefix=CFI-VT --check-prefix=MS --check-prefix=TC-MS %s 15 16 // ITANIUM: @_ZTV1A = {{[^!]*}}, !type [[A16:![0-9]+]] 17 // ITANIUM-DIAG-SAME: !type [[ALL16:![0-9]+]] 18 // ITANIUM-SAME: !type [[AF16:![0-9]+]] 19 20 // ITANIUM: @_ZTV1B = {{[^!]*}}, !type [[A32:![0-9]+]] 21 // ITANIUM-DIAG-SAME: !type [[ALL32:![0-9]+]] 22 // ITANIUM-SAME: !type [[AF32:![0-9]+]] 23 // ITANIUM-SAME: !type [[AF40:![0-9]+]] 24 // ITANIUM-SAME: !type [[AF48:![0-9]+]] 25 // ITANIUM-SAME: !type [[B32:![0-9]+]] 26 // ITANIUM-DIAG-SAME: !type [[ALL32]] 27 // ITANIUM-SAME: !type [[BF32:![0-9]+]] 28 // ITANIUM-SAME: !type [[BF40:![0-9]+]] 29 // ITANIUM-SAME: !type [[BF48:![0-9]+]] 30 31 // ITANIUM: @_ZTV1C = {{[^!]*}}, !type [[A32]] 32 // ITANIUM-DIAG-SAME: !type [[ALL32]] 33 // ITANIUM-SAME: !type [[AF32]] 34 // ITANIUM-SAME: !type [[C32:![0-9]+]] 35 // ITANIUM-DIAG-SAME: !type [[ALL32]] 36 // ITANIUM-SAME: !type [[CF32:![0-9]+]] 37 38 // DIAG: @[[SRC:.*]] = private unnamed_addr constant [{{.*}} x i8] c"{{.*}}type-metadata.cpp\00", align 1 39 // DIAG: @[[TYPE:.*]] = private unnamed_addr constant { i16, i16, [4 x i8] } { i16 -1, i16 0, [4 x i8] c"'A'\00" } 40 // DIAG: @[[BADTYPESTATIC:.*]] = private unnamed_addr global { i8, { [{{.*}} x i8]*, i32, i32 }, { i16, i16, [4 x i8] }* } { i8 0, { [{{.*}} x i8]*, i32, i32 } { [{{.*}} x i8]* @[[SRC]], i32 123, i32 3 }, { i16, i16, [4 x i8] }* @[[TYPE]] } 41 42 // ITANIUM: @_ZTVN12_GLOBAL__N_11DE = {{[^!]*}}, !type [[A32]] 43 // ITANIUM-DIAG-SAME: !type [[ALL32]] 44 // ITANIUM-SAME: !type [[AF32]] 45 // ITANIUM-SAME: !type [[AF40]] 46 // ITANIUM-SAME: !type [[AF48]] 47 // ITANIUM-SAME: !type [[B32]] 48 // ITANIUM-DIAG-SAME: !type [[ALL32]] 49 // ITANIUM-SAME: !type [[BF32]] 50 // ITANIUM-SAME: !type [[BF40]] 51 // ITANIUM-SAME: !type [[BF48]] 52 // ITANIUM-SAME: !type [[C88:![0-9]+]] 53 // ITANIUM-DIAG-SAME: !type [[ALL88:![0-9]+]] 54 // ITANIUM-SAME: !type [[CF32]] 55 // ITANIUM-SAME: !type [[CF40:![0-9]+]] 56 // ITANIUM-SAME: !type [[CF48:![0-9]+]] 57 // ITANIUM-SAME: !type [[D32:![0-9]+]] 58 // ITANIUM-DIAG-SAME: !type [[ALL32]] 59 // ITANIUM-SAME: !type [[DF32:![0-9]+]] 60 // ITANIUM-SAME: !type [[DF40:![0-9]+]] 61 // ITANIUM-SAME: !type [[DF48:![0-9]+]] 62 63 // ITANIUM: @_ZTCN12_GLOBAL__N_11DE0_1B = {{[^!]*}}, !type [[A32]] 64 // ITANIUM-DIAG-SAME: !type [[ALL32]] 65 // ITANIUM-SAME: !type [[B32]] 66 // ITANIUM-DIAG-SAME: !type [[ALL32]] 67 68 // ITANIUM: @_ZTCN12_GLOBAL__N_11DE8_1C = {{[^!]*}}, !type [[A64:![0-9]+]] 69 // ITANIUM-DIAG-SAME: !type [[ALL64:![0-9]+]] 70 // ITANIUM-SAME: !type [[AF64:![0-9]+]] 71 // ITANIUM-SAME: !type [[C32]] 72 // ITANIUM-DIAG-SAME: !type [[ALL32]] 73 // ITANIUM-SAME: !type [[CF64:![0-9]+]] 74 75 // ITANIUM: @_ZTVZ3foovE2FA = {{[^!]*}}, !type [[A16]] 76 // ITANIUM-DIAG-SAME: !type [[ALL16]] 77 // ITANIUM-SAME: !type [[AF16]] 78 // ITANIUM-SAME: !type [[FA16:![0-9]+]] 79 // ITANIUM-DIAG-SAME: !type [[ALL16]] 80 // ITANIUM-SAME: !type [[FAF16:![0-9]+]] 81 82 // MS: comdat($"??_7A@@6B@"), !type [[A8:![0-9]+]] 83 // MS: comdat($"??_7B@@6B0@@"), !type [[B8:![0-9]+]] 84 // MS: comdat($"??_7B@@6BA@@@"), !type [[A8]] 85 // MS: comdat($"??_7C@@6B@"), !type [[A8]] 86 // MS: comdat($"??_7D@?A0x{{[^@]*}}@@6BB@@@"), !type [[B8]], !type [[D8:![0-9]+]] 87 // MS: comdat($"??_7D@?A0x{{[^@]*}}@@6BA@@@"), !type [[A8]] 88 // MS: comdat($"??_7FA@?1??foo@@YAXXZ@6B@"), !type [[A8]], !type [[FA8:![0-9]+]] 89 90 struct A { 91 A(); 92 virtual void f(); 93 }; 94 95 struct B : virtual A { 96 B(); 97 virtual void g(); 98 virtual void h(); 99 }; 100 101 struct C : virtual A { 102 C(); 103 }; 104 105 namespace { 106 107 struct D : B, C { 108 D(); 109 virtual void f(); 110 virtual void h(); 111 }; 112 113 } 114 115 A::A() {} 116 B::B() {} 117 C::C() {} 118 D::D() {} 119 120 void A::f() { 121 } 122 123 void B::g() { 124 } 125 126 void D::f() { 127 } 128 129 void D::h() { 130 } 131 132 // ITANIUM: define hidden void @_Z2afP1A 133 // ITANIUM-DEFAULTVIS: define void @_Z2afP1A 134 // MS: define dso_local void @"?af@@YAXPEAUA@@@Z" 135 void af(A *a) { 136 // TT-ITANIUM: [[P:%[^ ]*]] = call i1 @llvm.type.test(i8* [[VT:%[^ ]*]], metadata !"_ZTS1A") 137 // TT-MS: [[P:%[^ ]*]] = call i1 @llvm.type.test(i8* [[VT:%[^ ]*]], metadata !"?AUA@@") 138 // TC-ITANIUM: [[PAIR:%[^ ]*]] = call { i8*, i1 } @llvm.type.checked.load(i8* {{%[^ ]*}}, i32 0, metadata !"_ZTS1A") 139 // TC-MS: [[PAIR:%[^ ]*]] = call { i8*, i1 } @llvm.type.checked.load(i8* {{%[^ ]*}}, i32 0, metadata !"?AUA@@") 140 // CFI-VT: [[P:%[^ ]*]] = extractvalue { i8*, i1 } [[PAIR]], 1 141 // DIAG-NEXT: [[VTVALID0:%[^ ]*]] = call i1 @llvm.type.test(i8* [[VT]], metadata !"all-vtables") 142 // VTABLE-OPT: call void @llvm.assume(i1 [[P]]) 143 // CFI-NEXT: br i1 [[P]], label %[[CONTBB:[^ ,]*]], label %[[TRAPBB:[^ ,]*]] 144 // CFI-NEXT: {{^$}} 145 146 // CFI: [[TRAPBB]] 147 // NDIAG-NEXT: call void @llvm.trap() 148 // NDIAG-NEXT: unreachable 149 // DIAG-NEXT: [[VTINT:%[^ ]*]] = ptrtoint i8* [[VT]] to i64 150 // DIAG-NEXT: [[VTVALID:%[^ ]*]] = zext i1 [[VTVALID0]] to i64 151 // DIAG-ABORT-NEXT: call void @__ubsan_handle_cfi_check_fail_abort(i8* getelementptr inbounds ({{.*}} @[[BADTYPESTATIC]], i32 0, i32 0), i64 [[VTINT]], i64 [[VTVALID]]) 152 // DIAG-ABORT-NEXT: unreachable 153 // DIAG-RECOVER-NEXT: call void @__ubsan_handle_cfi_check_fail(i8* getelementptr inbounds ({{.*}} @[[BADTYPESTATIC]], i32 0, i32 0), i64 [[VTINT]], i64 [[VTVALID]]) 154 // DIAG-RECOVER-NEXT: br label %[[CONTBB]] 155 156 // CFI: [[CONTBB]] 157 // CFI-NVT: [[PTR:%[^ ]*]] = load 158 // CFI-VT: [[PTRI8:%[^ ]*]] = extractvalue { i8*, i1 } [[PAIR]], 0 159 // CFI-VT: [[PTR:%[^ ]*]] = bitcast i8* [[PTRI8]] to 160 // CFI: call void [[PTR]] 161 #line 123 162 a->f(); 163 } 164 165 // ITANIUM: define internal void @_Z3df1PN12_GLOBAL__N_11DE 166 // MS: define internal void @"?df1@@YAXPEAUD@?A0x{{[^@]*}}@@@Z" 167 void df1(D *d) { 168 // TT-ITANIUM: {{%[^ ]*}} = call i1 @llvm.type.test(i8* {{%[^ ]*}}, metadata ![[DTYPE:[0-9]+]]) 169 // TT-MS: {{%[^ ]*}} = call i1 @llvm.type.test(i8* {{%[^ ]*}}, metadata !"?AUA@@") 170 // TC-ITANIUM: {{%[^ ]*}} = call { i8*, i1 } @llvm.type.checked.load(i8* {{%[^ ]*}}, i32 0, metadata ![[DTYPE:[0-9]+]]) 171 // TC-MS: {{%[^ ]*}} = call { i8*, i1 } @llvm.type.checked.load(i8* {{%[^ ]*}}, i32 0, metadata !"?AUA@@") 172 d->f(); 173 } 174 175 // ITANIUM: define internal void @_Z3dg1PN12_GLOBAL__N_11DE 176 // MS: define internal void @"?dg1@@YAXPEAUD@?A0x{{[^@]*}}@@@Z" 177 void dg1(D *d) { 178 // TT-ITANIUM: {{%[^ ]*}} = call i1 @llvm.type.test(i8* {{%[^ ]*}}, metadata !"_ZTS1B") 179 // TT-MS: {{%[^ ]*}} = call i1 @llvm.type.test(i8* {{%[^ ]*}}, metadata !"?AUB@@") 180 // TC-ITANIUM: {{%[^ ]*}} = call { i8*, i1 } @llvm.type.checked.load(i8* {{%[^ ]*}}, i32 8, metadata !"_ZTS1B") 181 // TC-MS: {{%[^ ]*}} = call { i8*, i1 } @llvm.type.checked.load(i8* {{%[^ ]*}}, i32 0, metadata !"?AUB@@") 182 d->g(); 183 } 184 185 // ITANIUM: define internal void @_Z3dh1PN12_GLOBAL__N_11DE 186 // MS: define internal void @"?dh1@@YAXPEAUD@?A0x{{[^@]*}}@@@Z" 187 void dh1(D *d) { 188 // TT-ITANIUM: {{%[^ ]*}} = call i1 @llvm.type.test(i8* {{%[^ ]*}}, metadata ![[DTYPE]]) 189 // TT-MS: {{%[^ ]*}} = call i1 @llvm.type.test(i8* {{%[^ ]*}}, metadata ![[DTYPE:[0-9]+]]) 190 // TC-ITANIUM: {{%[^ ]*}} = call { i8*, i1 } @llvm.type.checked.load(i8* {{%[^ ]*}}, i32 16, metadata ![[DTYPE]]) 191 // TC-MS: {{%[^ ]*}} = call { i8*, i1 } @llvm.type.checked.load(i8* {{%[^ ]*}}, i32 8, metadata ![[DTYPE:[0-9]+]]) 192 d->h(); 193 } 194 195 // ITANIUM: define internal void @_Z3df2PN12_GLOBAL__N_11DE 196 // MS: define internal void @"?df2@@YAXPEAUD@?A0x{{[^@]*}}@@@Z" 197 __attribute__((no_sanitize("cfi"))) 198 void df2(D *d) { 199 // CFI-NVT-NOT: call i1 @llvm.type.test 200 // CFI-VT: [[P:%[^ ]*]] = call i1 @llvm.type.test 201 // CFI-VT: call void @llvm.assume(i1 [[P]]) 202 d->f(); 203 } 204 205 // ITANIUM: define internal void @_Z3df3PN12_GLOBAL__N_11DE 206 // MS: define internal void @"?df3@@YAXPEAUD@?A0x{{[^@]*}}@@@Z" 207 __attribute__((no_sanitize("address"))) __attribute__((no_sanitize("cfi-vcall"))) 208 void df3(D *d) { 209 // CFI-NVT-NOT: call i1 @llvm.type.test 210 // CFI-VT: [[P:%[^ ]*]] = call i1 @llvm.type.test 211 // CFI-VT: call void @llvm.assume(i1 [[P]]) 212 d->f(); 213 } 214 215 D d; 216 217 void foo() { 218 df1(&d); 219 dg1(&d); 220 dh1(&d); 221 df2(&d); 222 df3(&d); 223 224 struct FA : A { 225 void f() {} 226 } fa; 227 af(&fa); 228 } 229 230 namespace test2 { 231 232 struct A { 233 virtual void m_fn1(); 234 }; 235 struct B { 236 virtual void m_fn2(); 237 }; 238 struct C : B, A {}; 239 struct D : C { 240 void m_fn1(); 241 }; 242 243 // ITANIUM: define hidden void @_ZN5test21fEPNS_1DE 244 // ITANIUM-DEFAULTVIS: define void @_ZN5test21fEPNS_1DE 245 // MS: define dso_local void @"?f@test2@@YAXPEAUD@1@@Z" 246 void f(D *d) { 247 // TT-ITANIUM: {{%[^ ]*}} = call i1 @llvm.type.test(i8* {{%[^ ]*}}, metadata !"_ZTSN5test21DE") 248 // TT-MS: {{%[^ ]*}} = call i1 @llvm.type.test(i8* {{%[^ ]*}}, metadata !"?AUA@test2@@") 249 // TC-ITANIUM: {{%[^ ]*}} = call { i8*, i1 } @llvm.type.checked.load(i8* {{%[^ ]*}}, i32 8, metadata !"_ZTSN5test21DE") 250 // TC-MS: {{%[^ ]*}} = call { i8*, i1 } @llvm.type.checked.load(i8* {{%[^ ]*}}, i32 0, metadata !"?AUA@test2@@") 251 d->m_fn1(); 252 } 253 254 } 255 256 // ITANIUM: [[A16]] = !{i64 16, !"_ZTS1A"} 257 // ITANIUM-DIAG: [[ALL16]] = !{i64 16, !"all-vtables"} 258 // ITANIUM: [[AF16]] = !{i64 16, !"_ZTSM1AFvvE.virtual"} 259 // ITANIUM: [[A32]] = !{i64 32, !"_ZTS1A"} 260 // ITANIUM-DIAG: [[ALL32]] = !{i64 32, !"all-vtables"} 261 // ITANIUM: [[AF32]] = !{i64 32, !"_ZTSM1AFvvE.virtual"} 262 // ITANIUM: [[AF40]] = !{i64 40, !"_ZTSM1AFvvE.virtual"} 263 // ITANIUM: [[AF48]] = !{i64 48, !"_ZTSM1AFvvE.virtual"} 264 // ITANIUM: [[B32]] = !{i64 32, !"_ZTS1B"} 265 // ITANIUM: [[BF32]] = !{i64 32, !"_ZTSM1BFvvE.virtual"} 266 // ITANIUM: [[BF40]] = !{i64 40, !"_ZTSM1BFvvE.virtual"} 267 // ITANIUM: [[BF48]] = !{i64 48, !"_ZTSM1BFvvE.virtual"} 268 // ITANIUM: [[C32]] = !{i64 32, !"_ZTS1C"} 269 // ITANIUM: [[CF32]] = !{i64 32, !"_ZTSM1CFvvE.virtual"} 270 // ITANIUM: [[C88]] = !{i64 88, !"_ZTS1C"} 271 // ITANIUM-DIAG: [[ALL88]] = !{i64 88, !"all-vtables"} 272 // ITANIUM: [[CF40]] = !{i64 40, !"_ZTSM1CFvvE.virtual"} 273 // ITANIUM: [[CF48]] = !{i64 48, !"_ZTSM1CFvvE.virtual"} 274 // ITANIUM: [[D32]] = !{i64 32, [[D_ID:![0-9]+]]} 275 // ITANIUM: [[D_ID]] = distinct !{} 276 // ITANIUM: [[DF32]] = !{i64 32, [[DF_ID:![0-9]+]]} 277 // ITANIUM: [[DF_ID]] = distinct !{} 278 // ITANIUM: [[DF40]] = !{i64 40, [[DF_ID]]} 279 // ITANIUM: [[DF48]] = !{i64 48, [[DF_ID]]} 280 // ITANIUM: [[A64]] = !{i64 64, !"_ZTS1A"} 281 // ITANIUM-DIAG: [[ALL64]] = !{i64 64, !"all-vtables"} 282 // ITANIUM: [[AF64]] = !{i64 64, !"_ZTSM1AFvvE.virtual"} 283 // ITANIUM: [[CF64]] = !{i64 64, !"_ZTSM1CFvvE.virtual"} 284 // ITANIUM: [[FA16]] = !{i64 16, [[FA_ID:![0-9]+]]} 285 // ITANIUM: [[FA_ID]] = distinct !{} 286 // ITANIUM: [[FAF16]] = !{i64 16, [[FAF_ID:![0-9]+]]} 287 // ITANIUM: [[FAF_ID]] = distinct !{} 288 289 // MS: [[A8]] = !{i64 8, !"?AUA@@"} 290 // MS: [[B8]] = !{i64 8, !"?AUB@@"} 291 // MS: [[D8]] = !{i64 8, [[D_ID:![0-9]+]]} 292 // MS: [[D_ID]] = distinct !{} 293 // MS: [[FA8]] = !{i64 8, [[FA_ID:![0-9]+]]} 294 // MS: [[FA_ID]] = distinct !{} 295