1 // Tests for the cfi-vcall feature: 2 // RUN: %clang_cc1 -no-opaque-pointers -flto -flto-unit -triple x86_64-unknown-linux -fvisibility hidden -fsanitize=cfi-vcall -fsanitize-trap=cfi-vcall -emit-llvm -o - %s | FileCheck --check-prefix=CFI --check-prefix=CFI-NVT --check-prefix=ITANIUM --check-prefix=TT-ITANIUM --check-prefix=NDIAG %s 3 // RUN: %clang_cc1 -no-opaque-pointers -flto -flto-unit -triple x86_64-unknown-linux -fvisibility hidden -fsanitize=cfi-vcall -emit-llvm -o - %s | FileCheck --check-prefix=CFI --check-prefix=CFI-NVT --check-prefix=ITANIUM --check-prefix=TT-ITANIUM --check-prefix=ITANIUM-DIAG --check-prefix=DIAG --check-prefix=DIAG-ABORT %s 4 // RUN: %clang_cc1 -no-opaque-pointers -flto -flto-unit -triple x86_64-unknown-linux -fvisibility hidden -fsanitize=cfi-vcall -fsanitize-recover=cfi-vcall -emit-llvm -o - %s | FileCheck --check-prefix=CFI --check-prefix=CFI-NVT --check-prefix=ITANIUM --check-prefix=TT-ITANIUM --check-prefix=ITANIUM-DIAG --check-prefix=DIAG --check-prefix=DIAG-RECOVER %s 5 // RUN: %clang_cc1 -no-opaque-pointers -flto -flto-unit -triple x86_64-pc-windows-msvc -fsanitize=cfi-vcall -fsanitize-trap=cfi-vcall -emit-llvm -o - %s | FileCheck --check-prefix=CFI --check-prefix=CFI-NVT --check-prefix=MS --check-prefix=TT-MS --check-prefix=NDIAG %s 6 7 // Tests for the whole-program-vtables feature: 8 // RUN: %clang_cc1 -no-opaque-pointers -flto -flto-unit -triple x86_64-unknown-linux -fvisibility hidden -fwhole-program-vtables -emit-llvm -o - %s | FileCheck --check-prefix=VTABLE-OPT --check-prefix=ITANIUM --check-prefix=TT-ITANIUM %s 9 // RUN: %clang_cc1 -no-opaque-pointers -flto -flto-unit -triple x86_64-unknown-linux -fwhole-program-vtables -emit-llvm -o - %s | FileCheck --check-prefix=VTABLE-OPT --check-prefix=ITANIUM-DEFAULTVIS --check-prefix=TT-ITANIUM %s 10 // RUN: %clang_cc1 -no-opaque-pointers -O2 -flto -flto-unit -triple x86_64-unknown-linux -fwhole-program-vtables -emit-llvm -o - %s | FileCheck --check-prefix=ITANIUM-OPT %s 11 // RUN: %clang_cc1 -no-opaque-pointers -flto -flto-unit -triple x86_64-pc-windows-msvc -fwhole-program-vtables -emit-llvm -o - %s | FileCheck --check-prefix=VTABLE-OPT --check-prefix=MS --check-prefix=TT-MS %s 12 13 // Tests for cfi + whole-program-vtables: 14 // RUN: %clang_cc1 -no-opaque-pointers -flto -flto-unit -triple x86_64-unknown-linux -fvisibility hidden -fsanitize=cfi-vcall -fsanitize-trap=cfi-vcall -fwhole-program-vtables -emit-llvm -o - %s | FileCheck --check-prefix=CFI --check-prefix=CFI-VT --check-prefix=ITANIUM --check-prefix=TC-ITANIUM %s 15 // RUN: %clang_cc1 -no-opaque-pointers -flto -flto-unit -triple x86_64-pc-windows-msvc -fsanitize=cfi-vcall -fsanitize-trap=cfi-vcall -fwhole-program-vtables -emit-llvm -o - %s | FileCheck --check-prefix=CFI --check-prefix=CFI-VT --check-prefix=MS --check-prefix=TC-MS %s 16 17 // ITANIUM: @_ZTV1A = {{[^!]*}}, !type [[A16:![0-9]+]] 18 // ITANIUM-DIAG-SAME: !type [[ALL16:![0-9]+]] 19 // ITANIUM-SAME: !type [[AF16:![0-9]+]] 20 21 // ITANIUM: @_ZTV1B = {{[^!]*}}, !type [[A32:![0-9]+]] 22 // ITANIUM-DIAG-SAME: !type [[ALL32:![0-9]+]] 23 // ITANIUM-SAME: !type [[AF32:![0-9]+]] 24 // ITANIUM-SAME: !type [[AF40:![0-9]+]] 25 // ITANIUM-SAME: !type [[AF48:![0-9]+]] 26 // ITANIUM-SAME: !type [[B32:![0-9]+]] 27 // ITANIUM-DIAG-SAME: !type [[ALL32]] 28 // ITANIUM-SAME: !type [[BF32:![0-9]+]] 29 // ITANIUM-SAME: !type [[BF40:![0-9]+]] 30 // ITANIUM-SAME: !type [[BF48:![0-9]+]] 31 32 // ITANIUM: @_ZTV1C = {{[^!]*}}, !type [[A32]] 33 // ITANIUM-DIAG-SAME: !type [[ALL32]] 34 // ITANIUM-SAME: !type [[AF32]] 35 // ITANIUM-SAME: !type [[C32:![0-9]+]] 36 // ITANIUM-DIAG-SAME: !type [[ALL32]] 37 // ITANIUM-SAME: !type [[CF32:![0-9]+]] 38 39 // DIAG: @[[SRC:.*]] = private unnamed_addr constant [{{.*}} x i8] c"{{.*}}type-metadata.cpp\00", align 1 40 // DIAG: @[[TYPE:.*]] = private unnamed_addr constant { i16, i16, [4 x i8] } { i16 -1, i16 0, [4 x i8] c"'A'\00" } 41 // DIAG: @[[BADTYPESTATIC:.*]] = private unnamed_addr global { i8, { [{{.*}} x i8]*, i32, i32 }, { i16, i16, [4 x i8] }* } { i8 0, { [{{.*}} x i8]*, i32, i32 } { [{{.*}} x i8]* @[[SRC]], i32 123, i32 3 }, { i16, i16, [4 x i8] }* @[[TYPE]] } 42 43 // ITANIUM: @_ZTVN12_GLOBAL__N_11DE = {{[^!]*}}, !type [[A32]] 44 // ITANIUM-DIAG-SAME: !type [[ALL32]] 45 // ITANIUM-SAME: !type [[AF32]] 46 // ITANIUM-SAME: !type [[AF40]] 47 // ITANIUM-SAME: !type [[AF48]] 48 // ITANIUM-SAME: !type [[B32]] 49 // ITANIUM-DIAG-SAME: !type [[ALL32]] 50 // ITANIUM-SAME: !type [[BF32]] 51 // ITANIUM-SAME: !type [[BF40]] 52 // ITANIUM-SAME: !type [[BF48]] 53 // ITANIUM-SAME: !type [[C88:![0-9]+]] 54 // ITANIUM-DIAG-SAME: !type [[ALL88:![0-9]+]] 55 // ITANIUM-SAME: !type [[CF32]] 56 // ITANIUM-SAME: !type [[CF40:![0-9]+]] 57 // ITANIUM-SAME: !type [[CF48:![0-9]+]] 58 // ITANIUM-SAME: !type [[D32:![0-9]+]] 59 // ITANIUM-DIAG-SAME: !type [[ALL32]] 60 // ITANIUM-SAME: !type [[DF32:![0-9]+]] 61 // ITANIUM-SAME: !type [[DF40:![0-9]+]] 62 // ITANIUM-SAME: !type [[DF48:![0-9]+]] 63 64 // ITANIUM: @_ZTCN12_GLOBAL__N_11DE0_1B = {{[^!]*}}, !type [[A32]] 65 // ITANIUM-DIAG-SAME: !type [[ALL32]] 66 // ITANIUM-SAME: !type [[B32]] 67 // ITANIUM-DIAG-SAME: !type [[ALL32]] 68 69 // ITANIUM: @_ZTCN12_GLOBAL__N_11DE8_1C = {{[^!]*}}, !type [[A64:![0-9]+]] 70 // ITANIUM-DIAG-SAME: !type [[ALL64:![0-9]+]] 71 // ITANIUM-SAME: !type [[AF64:![0-9]+]] 72 // ITANIUM-SAME: !type [[C32]] 73 // ITANIUM-DIAG-SAME: !type [[ALL32]] 74 // ITANIUM-SAME: !type [[CF64:![0-9]+]] 75 76 // ITANIUM: @_ZTVZ3foovE2FA = {{[^!]*}}, !type [[A16]] 77 // ITANIUM-DIAG-SAME: !type [[ALL16]] 78 // ITANIUM-SAME: !type [[AF16]] 79 // ITANIUM-SAME: !type [[FA16:![0-9]+]] 80 // ITANIUM-DIAG-SAME: !type [[ALL16]] 81 // ITANIUM-SAME: !type [[FAF16:![0-9]+]] 82 83 // ITANIUM: @_ZTVN5test31EE = external unnamed_addr constant 84 // ITANIUM-DEFAULTVIS: @_ZTVN5test31EE = external unnamed_addr constant 85 // ITANIUM-OPT: @_ZTVN5test31EE = available_externally unnamed_addr constant {{[^!]*}}, 86 // ITANIUM-OPT-SAME: !type [[E16:![0-9]+]], 87 // ITANIUM-OPT-SAME: !type [[EF16:![0-9]+]] 88 // ITANIUM-OPT: @llvm.compiler.used = appending global [1 x i8*] [i8* bitcast ({ [3 x i8*] }* @_ZTVN5test31EE to i8*)] 89 90 // MS: comdat($"??_7A@@6B@"), !type [[A8:![0-9]+]] 91 // MS: comdat($"??_7B@@6B0@@"), !type [[B8:![0-9]+]] 92 // MS: comdat($"??_7B@@6BA@@@"), !type [[A8]] 93 // MS: comdat($"??_7C@@6B@"), !type [[A8]] 94 // MS: comdat($"??_7D@?A0x{{[^@]*}}@@6BB@@@"), !type [[B8]], !type [[D8:![0-9]+]] 95 // MS: comdat($"??_7D@?A0x{{[^@]*}}@@6BA@@@"), !type [[A8]] 96 // MS: comdat($"??_7FA@?1??foo@@YAXXZ@6B@"), !type [[A8]], !type [[FA8:![0-9]+]] 97 98 struct A { 99 A(); 100 virtual void f(); 101 }; 102 103 struct B : virtual A { 104 B(); 105 virtual void g(); 106 virtual void h(); 107 }; 108 109 struct C : virtual A { 110 C(); 111 }; 112 113 namespace { 114 115 struct D : B, C { 116 D(); 117 virtual void f(); 118 virtual void h(); 119 }; 120 121 } 122 123 A::A() {} 124 B::B() {} 125 C::C() {} 126 D::D() {} 127 128 void A::f() { 129 } 130 131 void B::g() { 132 } 133 134 void D::f() { 135 } 136 137 void D::h() { 138 } 139 140 // ITANIUM: define hidden void @_Z2afP1A 141 // ITANIUM-DEFAULTVIS: define{{.*}} void @_Z2afP1A 142 // MS: define dso_local void @"?af@@YAXPEAUA@@@Z" 143 void af(A *a) { 144 // TT-ITANIUM: [[P:%[^ ]*]] = call i1 @llvm.type.test(i8* [[VT:%[^ ]*]], metadata !"_ZTS1A") 145 // TT-MS: [[P:%[^ ]*]] = call i1 @llvm.type.test(i8* [[VT:%[^ ]*]], metadata !"?AUA@@") 146 // TC-ITANIUM: [[PAIR:%[^ ]*]] = call { i8*, i1 } @llvm.type.checked.load(i8* {{%[^ ]*}}, i32 0, metadata !"_ZTS1A") 147 // TC-MS: [[PAIR:%[^ ]*]] = call { i8*, i1 } @llvm.type.checked.load(i8* {{%[^ ]*}}, i32 0, metadata !"?AUA@@") 148 // CFI-VT: [[P:%[^ ]*]] = extractvalue { i8*, i1 } [[PAIR]], 1 149 // DIAG-NEXT: [[VTVALID0:%[^ ]*]] = call i1 @llvm.type.test(i8* [[VT]], metadata !"all-vtables") 150 // VTABLE-OPT: call void @llvm.assume(i1 [[P]]) 151 // CFI-NEXT: br i1 [[P]], label %[[CONTBB:[^ ,]*]], label %[[TRAPBB:[^ ,]*]] 152 // CFI-NEXT: {{^$}} 153 154 // CFI: [[TRAPBB]] 155 // NDIAG-NEXT: call void @llvm.ubsantrap(i8 2) 156 // NDIAG-NEXT: unreachable 157 // DIAG-NEXT: [[VTINT:%[^ ]*]] = ptrtoint i8* [[VT]] to i64 158 // DIAG-NEXT: [[VTVALID:%[^ ]*]] = zext i1 [[VTVALID0]] to i64 159 // DIAG-ABORT-NEXT: call void @__ubsan_handle_cfi_check_fail_abort(i8* getelementptr inbounds ({{.*}} @[[BADTYPESTATIC]], i32 0, i32 0), i64 [[VTINT]], i64 [[VTVALID]]) 160 // DIAG-ABORT-NEXT: unreachable 161 // DIAG-RECOVER-NEXT: call void @__ubsan_handle_cfi_check_fail(i8* getelementptr inbounds ({{.*}} @[[BADTYPESTATIC]], i32 0, i32 0), i64 [[VTINT]], i64 [[VTVALID]]) 162 // DIAG-RECOVER-NEXT: br label %[[CONTBB]] 163 164 // CFI: [[CONTBB]] 165 // CFI-NVT: [[PTR:%[^ ]*]] = load 166 // CFI-VT: [[PTRI8:%[^ ]*]] = extractvalue { i8*, i1 } [[PAIR]], 0 167 // CFI-VT: [[PTR:%[^ ]*]] = bitcast i8* [[PTRI8]] to 168 // CFI: call void [[PTR]] 169 #line 123 170 a->f(); 171 } 172 173 // ITANIUM: define internal void @_Z3df1PN12_GLOBAL__N_11DE 174 // MS: define internal void @"?df1@@YAXPEAUD@?A0x{{[^@]*}}@@@Z" 175 void df1(D *d) { 176 // TT-ITANIUM: {{%[^ ]*}} = call i1 @llvm.type.test(i8* {{%[^ ]*}}, metadata ![[DTYPE:[0-9]+]]) 177 // TT-MS: {{%[^ ]*}} = call i1 @llvm.type.test(i8* {{%[^ ]*}}, metadata !"?AUA@@") 178 // TC-ITANIUM: {{%[^ ]*}} = call { i8*, i1 } @llvm.type.checked.load(i8* {{%[^ ]*}}, i32 0, metadata ![[DTYPE:[0-9]+]]) 179 // TC-MS: {{%[^ ]*}} = call { i8*, i1 } @llvm.type.checked.load(i8* {{%[^ ]*}}, i32 0, metadata !"?AUA@@") 180 d->f(); 181 } 182 183 // ITANIUM: define internal void @_Z3dg1PN12_GLOBAL__N_11DE 184 // MS: define internal void @"?dg1@@YAXPEAUD@?A0x{{[^@]*}}@@@Z" 185 void dg1(D *d) { 186 // TT-ITANIUM: {{%[^ ]*}} = call i1 @llvm.type.test(i8* {{%[^ ]*}}, metadata !"_ZTS1B") 187 // TT-MS: {{%[^ ]*}} = call i1 @llvm.type.test(i8* {{%[^ ]*}}, metadata !"?AUB@@") 188 // TC-ITANIUM: {{%[^ ]*}} = call { i8*, i1 } @llvm.type.checked.load(i8* {{%[^ ]*}}, i32 8, metadata !"_ZTS1B") 189 // TC-MS: {{%[^ ]*}} = call { i8*, i1 } @llvm.type.checked.load(i8* {{%[^ ]*}}, i32 0, metadata !"?AUB@@") 190 d->g(); 191 } 192 193 // ITANIUM: define internal void @_Z3dh1PN12_GLOBAL__N_11DE 194 // MS: define internal void @"?dh1@@YAXPEAUD@?A0x{{[^@]*}}@@@Z" 195 void dh1(D *d) { 196 // TT-ITANIUM: {{%[^ ]*}} = call i1 @llvm.type.test(i8* {{%[^ ]*}}, metadata ![[DTYPE]]) 197 // TT-MS: {{%[^ ]*}} = call i1 @llvm.type.test(i8* {{%[^ ]*}}, metadata ![[DTYPE:[0-9]+]]) 198 // TC-ITANIUM: {{%[^ ]*}} = call { i8*, i1 } @llvm.type.checked.load(i8* {{%[^ ]*}}, i32 16, metadata ![[DTYPE]]) 199 // TC-MS: {{%[^ ]*}} = call { i8*, i1 } @llvm.type.checked.load(i8* {{%[^ ]*}}, i32 8, metadata ![[DTYPE:[0-9]+]]) 200 d->h(); 201 } 202 203 // ITANIUM: define internal void @_Z3df2PN12_GLOBAL__N_11DE 204 // MS: define internal void @"?df2@@YAXPEAUD@?A0x{{[^@]*}}@@@Z" 205 __attribute__((no_sanitize("cfi"))) 206 void df2(D *d) { 207 // CFI-NVT-NOT: call i1 @llvm.type.test 208 // CFI-VT: [[P:%[^ ]*]] = call i1 @llvm.type.test 209 // CFI-VT: call void @llvm.assume(i1 [[P]]) 210 d->f(); 211 } 212 213 // ITANIUM: define internal void @_Z3df3PN12_GLOBAL__N_11DE 214 // MS: define internal void @"?df3@@YAXPEAUD@?A0x{{[^@]*}}@@@Z" 215 __attribute__((no_sanitize("address"))) __attribute__((no_sanitize("cfi-vcall"))) 216 void df3(D *d) { 217 // CFI-NVT-NOT: call i1 @llvm.type.test 218 // CFI-VT: [[P:%[^ ]*]] = call i1 @llvm.type.test 219 // CFI-VT: call void @llvm.assume(i1 [[P]]) 220 d->f(); 221 } 222 223 D d; 224 225 void foo() { 226 df1(&d); 227 dg1(&d); 228 dh1(&d); 229 df2(&d); 230 df3(&d); 231 232 struct FA : A { 233 void f() {} 234 } fa; 235 af(&fa); 236 } 237 238 namespace test2 { 239 240 struct A { 241 virtual void m_fn1(); 242 }; 243 struct B { 244 virtual void m_fn2(); 245 }; 246 struct C : B, A {}; 247 struct D : C { 248 void m_fn1(); 249 }; 250 251 // ITANIUM: define hidden void @_ZN5test21fEPNS_1DE 252 // ITANIUM-DEFAULTVIS: define{{.*}} void @_ZN5test21fEPNS_1DE 253 // MS: define dso_local void @"?f@test2@@YAXPEAUD@1@@Z" 254 void f(D *d) { 255 // TT-ITANIUM: {{%[^ ]*}} = call i1 @llvm.type.test(i8* {{%[^ ]*}}, metadata !"_ZTSN5test21DE") 256 // TT-MS: {{%[^ ]*}} = call i1 @llvm.type.test(i8* {{%[^ ]*}}, metadata !"?AUA@test2@@") 257 // TC-ITANIUM: {{%[^ ]*}} = call { i8*, i1 } @llvm.type.checked.load(i8* {{%[^ ]*}}, i32 8, metadata !"_ZTSN5test21DE") 258 // TC-MS: {{%[^ ]*}} = call { i8*, i1 } @llvm.type.checked.load(i8* {{%[^ ]*}}, i32 0, metadata !"?AUA@test2@@") 259 d->m_fn1(); 260 } 261 262 } 263 264 namespace test3 { 265 // All virtual functions are outline, so we can assume that it will 266 // be generated in translation unit where foo is defined. 267 struct E { 268 virtual void foo(); 269 }; 270 271 void g() { 272 E e; 273 e.foo(); 274 } 275 276 } // Test9 277 278 // ITANIUM: [[A16]] = !{i64 16, !"_ZTS1A"} 279 // ITANIUM-DIAG: [[ALL16]] = !{i64 16, !"all-vtables"} 280 // ITANIUM: [[AF16]] = !{i64 16, !"_ZTSM1AFvvE.virtual"} 281 // ITANIUM: [[A32]] = !{i64 32, !"_ZTS1A"} 282 // ITANIUM-DIAG: [[ALL32]] = !{i64 32, !"all-vtables"} 283 // ITANIUM: [[AF32]] = !{i64 32, !"_ZTSM1AFvvE.virtual"} 284 // ITANIUM: [[AF40]] = !{i64 40, !"_ZTSM1AFvvE.virtual"} 285 // ITANIUM: [[AF48]] = !{i64 48, !"_ZTSM1AFvvE.virtual"} 286 // ITANIUM: [[B32]] = !{i64 32, !"_ZTS1B"} 287 // ITANIUM: [[BF32]] = !{i64 32, !"_ZTSM1BFvvE.virtual"} 288 // ITANIUM: [[BF40]] = !{i64 40, !"_ZTSM1BFvvE.virtual"} 289 // ITANIUM: [[BF48]] = !{i64 48, !"_ZTSM1BFvvE.virtual"} 290 // ITANIUM: [[C32]] = !{i64 32, !"_ZTS1C"} 291 // ITANIUM: [[CF32]] = !{i64 32, !"_ZTSM1CFvvE.virtual"} 292 // ITANIUM: [[C88]] = !{i64 88, !"_ZTS1C"} 293 // ITANIUM-DIAG: [[ALL88]] = !{i64 88, !"all-vtables"} 294 // ITANIUM: [[CF40]] = !{i64 40, !"_ZTSM1CFvvE.virtual"} 295 // ITANIUM: [[CF48]] = !{i64 48, !"_ZTSM1CFvvE.virtual"} 296 // ITANIUM: [[D32]] = !{i64 32, [[D_ID:![0-9]+]]} 297 // ITANIUM: [[D_ID]] = distinct !{} 298 // ITANIUM: [[DF32]] = !{i64 32, [[DF_ID:![0-9]+]]} 299 // ITANIUM: [[DF_ID]] = distinct !{} 300 // ITANIUM: [[DF40]] = !{i64 40, [[DF_ID]]} 301 // ITANIUM: [[DF48]] = !{i64 48, [[DF_ID]]} 302 // ITANIUM: [[A64]] = !{i64 64, !"_ZTS1A"} 303 // ITANIUM-DIAG: [[ALL64]] = !{i64 64, !"all-vtables"} 304 // ITANIUM: [[AF64]] = !{i64 64, !"_ZTSM1AFvvE.virtual"} 305 // ITANIUM: [[CF64]] = !{i64 64, !"_ZTSM1CFvvE.virtual"} 306 // ITANIUM: [[FA16]] = !{i64 16, [[FA_ID:![0-9]+]]} 307 // ITANIUM: [[FA_ID]] = distinct !{} 308 // ITANIUM: [[FAF16]] = !{i64 16, [[FAF_ID:![0-9]+]]} 309 // ITANIUM: [[FAF_ID]] = distinct !{} 310 311 // ITANIUM-OPT: [[E16]] = !{i64 16, !"_ZTSN5test31EE"} 312 // ITANIUM-OPT: [[EF16]] = !{i64 16, !"_ZTSMN5test31EEFvvE.virtual"} 313 314 // MS: [[A8]] = !{i64 8, !"?AUA@@"} 315 // MS: [[B8]] = !{i64 8, !"?AUB@@"} 316 // MS: [[D8]] = !{i64 8, [[D_ID:![0-9]+]]} 317 // MS: [[D_ID]] = distinct !{} 318 // MS: [[FA8]] = !{i64 8, [[FA_ID:![0-9]+]]} 319 // MS: [[FA_ID]] = distinct !{} 320