[prev in list] [next in list] [prev in thread] [next in thread] 

List:       cfe-commits
Subject:    Re: r241102 - CodeGen: Assign an appropriate comdat to thunks.
From:       Alexey Samsonov <vonosmas () gmail ! com>
Date:       2015-06-30 21:46:58
Message-ID: CAFBZoY-SKCU=0DiD9Da8v4ALjid6xbLBDHBwaBNTZMU0c2dnfw () mail ! gmail ! com
[Download RAW message or body]

[Attachment #2 (multipart/alternative)]


Could it cause this use-after-free reported by ASan?

http://lab.llvm.org:8011/builders/sanitizer-x86_64-linux-fast/builds/5169/steps/check-clang%20asan/logs/stdio


On Tue, Jun 30, 2015 at 1:19 PM, Peter Collingbourne <peter@pcc.me.uk>
wrote:

> This looks more like r241103. David is working on a fix.
> 
> On Tue, Jun 30, 2015 at 01:10:13PM -0700, Nico Weber wrote:
> > It looks like this breaks building base.dll in the Chromium project:
> > http://code.google.com/p/chromium/issues/detail?id=505916
> > 
> > On Tue, Jun 30, 2015 at 12:07 PM, Peter Collingbourne <peter@pcc.me.uk>
> > wrote:
> > 
> > > Author: pcc
> > > Date: Tue Jun 30 14:07:26 2015
> > > New Revision: 241102
> > > 
> > > URL: http://llvm.org/viewvc/llvm-project?rev=241102&view=rev
> > > Log:
> > > CodeGen: Assign an appropriate comdat to thunks.
> > > 
> > > Previously we were not assigning a comdat to thunks in the Microsoft
> ABI,
> > > which would have required us to emit these functions outside of a
> comdat.
> > > (Due to an inconsistency in how we were emitting objects, we were
> getting
> > > this
> > > right most of the time, but only when compiling with function
> sections.)
> > > This
> > > code generator change causes us to create a comdat for each thunk.
> > > 
> > > Differential Revision: http://reviews.llvm.org/D10829
> > > 
> > > Modified:
> > > cfe/trunk/lib/CodeGen/CGVTables.cpp
> > > cfe/trunk/test/CodeGenCXX/microsoft-abi-thunks.cpp
> > > 
> > > Modified: cfe/trunk/lib/CodeGen/CGVTables.cpp
> > > URL:
> > > 
> http://llvm.org/viewvc/llvm-project/cfe/trunk/lib/CodeGen/CGVTables.cpp?rev=241102&r1=241101&r2=241102&view=diff
> 
> > > 
> > > 
> ==============================================================================
> > > --- cfe/trunk/lib/CodeGen/CGVTables.cpp (original)
> > > +++ cfe/trunk/lib/CodeGen/CGVTables.cpp Tue Jun 30 14:07:26 2015
> > > @@ -378,9 +378,6 @@ void CodeGenFunction::GenerateThunk(llvm
> > > // Set the right linkage.
> > > CGM.setFunctionLinkage(GD, Fn);
> > > 
> > > -  if (CGM.supportsCOMDAT() && Fn->isWeakForLinker())
> > > -    Fn->setComdat(CGM.getModule().getOrInsertComdat(Fn->getName()));
> > > -
> > > // Set the right visibility.
> > > const CXXMethodDecl *MD = cast<CXXMethodDecl>(GD.getDecl());
> > > setThunkVisibility(CGM, MD, Thunk, Fn);
> > > @@ -450,17 +447,18 @@ void CodeGenVTables::emitThunk(GlobalDec
> > > // expensive/sucky at the moment, so don't generate the thunk
> unless
> > > // we have to.
> > > // FIXME: Do something better here; GenerateVarArgsThunk is
> extremely
> > > ugly.
> > > -    if (!UseAvailableExternallyLinkage) {
> > > -      CodeGenFunction(CGM).GenerateVarArgsThunk(ThunkFn, FnInfo, GD,
> > > Thunk);
> > > -      CGM.getCXXABI().setThunkLinkage(ThunkFn, ForVTable, GD,
> > > -                                      !Thunk.Return.isEmpty());
> > > -    }
> > > +    if (UseAvailableExternallyLinkage)
> > > +      return;
> > > +    CodeGenFunction(CGM).GenerateVarArgsThunk(ThunkFn, FnInfo, GD,
> Thunk);
> > > } else {
> > > // Normal thunk body generation.
> > > CodeGenFunction(CGM).GenerateThunk(ThunkFn, FnInfo, GD, Thunk);
> > > -    CGM.getCXXABI().setThunkLinkage(ThunkFn, ForVTable, GD,
> > > -                                    !Thunk.Return.isEmpty());
> > > }
> > > +
> > > +  CGM.getCXXABI().setThunkLinkage(ThunkFn, ForVTable, GD,
> > > +                                  !Thunk.Return.isEmpty());
> > > +  if (CGM.supportsCOMDAT() && ThunkFn->isWeakForLinker())
> > > +
> > > 
> ThunkFn->setComdat(CGM.getModule().getOrInsertComdat(ThunkFn->getName()));
> > > }
> > > 
> > > void CodeGenVTables::maybeEmitThunkForVTable(GlobalDecl GD,
> > > 
> > > Modified: cfe/trunk/test/CodeGenCXX/microsoft-abi-thunks.cpp
> > > URL:
> > > 
> http://llvm.org/viewvc/llvm-project/cfe/trunk/test/CodeGenCXX/microsoft-abi-thunks.cpp?rev=241102&r1=241101&r2=241102&view=diff
> 
> > > 
> > > 
> ==============================================================================
> > > --- cfe/trunk/test/CodeGenCXX/microsoft-abi-thunks.cpp (original)
> > > +++ cfe/trunk/test/CodeGenCXX/microsoft-abi-thunks.cpp Tue Jun 30
> 14:07:26
> > > 2015
> > > @@ -91,7 +91,7 @@ struct E : D {
> > > 
> > > E::E() {}  // Emits vftable and forces thunk generation.
> > > 
> > > -// CODEGEN-LABEL: define weak_odr x86_thiscallcc %struct.C*
> @"\01?goo@E
> > > @@QAEPAUB@@XZ"
> > > +// CODEGEN-LABEL: define weak_odr x86_thiscallcc %struct.C*
> @"\01?goo@E
> > > @@QAEPAUB@@XZ"{{.*}} comdat
> > > // CODEGEN:   call x86_thiscallcc %struct.C* @"\01?goo@E@@UAEPAUC@
> @XZ"
> > > // CODEGEN:   getelementptr inbounds i8, i8* {{.*}}, i32 4
> > > // CODEGEN: ret
> > > @@ -124,7 +124,7 @@ struct I : D {
> > > 
> > > I::I() {}  // Emits vftable and forces thunk generation.
> > > 
> > > -// CODEGEN-LABEL: define weak_odr x86_thiscallcc %struct.{{[BF]}}*
> > > @"\01?goo@I@@QAEPAUB@@XZ"
> > > +// CODEGEN-LABEL: define weak_odr x86_thiscallcc %struct.{{[BF]}}*
> > > @"\01?goo@I@@QAEPAUB@@XZ"{{.*}} comdat
> > > // CODEGEN: %[[ORIG_RET:.*]] = call x86_thiscallcc %struct.F*
> @"\01?goo@I
> > > @@UAEPAUF@@XZ"
> > > // CODEGEN: %[[ORIG_RET_i8:.*]] = bitcast %struct.F* %[[ORIG_RET]] to
> i8*
> > > // CODEGEN: %[[VBPTR_i8:.*]] = getelementptr inbounds i8, i8*
> > > %[[ORIG_RET_i8]], i32 4
> > > 
> > > 
> > > _______________________________________________
> > > cfe-commits mailing list
> > > cfe-commits@cs.uiuc.edu
> > > http://lists.cs.uiuc.edu/mailman/listinfo/cfe-commits
> > > 
> 
> --
> Peter
> _______________________________________________
> cfe-commits mailing list
> cfe-commits@cs.uiuc.edu
> http://lists.cs.uiuc.edu/mailman/listinfo/cfe-commits
> 



-- 
Alexey Samsonov
vonosmas@gmail.com


[Attachment #5 (text/html)]

<div dir="ltr">Could it cause this use-after-free reported by \
ASan?<div><br></div><div><a \
href="https://urldefense.proofpoint.com/v2/url?u=http-3A__lab.llvm.org-3A8011_builders \
_sanitizer-2Dx86-5F64-2Dlinux-2Dfast_builds_5169_steps_check-2Dclang-2520asan_logs_std \
io&d=AwMFaQ&c=8hUWFZcy2Z-Za5rBPlktOQ&r=BSqEv9KvKMW_Ob8SyngJ70KdZISM_ASROnREeq0cCxk&m=A \
p8PTRCUbugTmqBx32Fxl-UyIy_owqBI-xguN98n85c&s=NAoUaOPT0g7jAskk7ufUrU9UM6xSjMcx5A89hoWP- \
eo&e=">http://lab.llvm.org:8011/builders/sanitizer-x86_64-linux-fast/builds/5169/steps/check-clang%20asan/logs/stdio</a><br></div></div><div \
class="gmail_extra"><br><div class="gmail_quote">On Tue, Jun 30, 2015 at 1:19 PM, \
Peter Collingbourne <span dir="ltr">&lt;<a href="mailto:peter@pcc.me.uk" \
target="_blank">peter@pcc.me.uk</a>&gt;</span> wrote:<br><blockquote \
class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc \
solid;padding-left:1ex">This looks more like r241103. David is working on a fix.<br> \
<div class="HOEnZb"><div class="h5"><br> On Tue, Jun 30, 2015 at 01:10:13PM -0700, \
Nico Weber wrote:<br> &gt; It looks like this breaks building base.dll in the \
Chromium project:<br> &gt; <a \
href="https://urldefense.proofpoint.com/v2/url?u=http-3A__code.google.com_p_chromium_i \
ssues_detail-3Fid-3D505916&d=AwMFaQ&c=8hUWFZcy2Z-Za5rBPlktOQ&r=BSqEv9KvKMW_Ob8SyngJ70K \
dZISM_ASROnREeq0cCxk&m=Ap8PTRCUbugTmqBx32Fxl-UyIy_owqBI-xguN98n85c&s=QiLEgilSkIO184ljn7JTovepkdBaRTX2FwJ8frV2KEw&e=" \
rel="noreferrer" target="_blank">http://code.google.com/p/chromium/issues/detail?id=505916</a><br>
 &gt;<br>
&gt; On Tue, Jun 30, 2015 at 12:07 PM, Peter Collingbourne &lt;<a \
href="mailto:peter@pcc.me.uk">peter@pcc.me.uk</a>&gt;<br> &gt; wrote:<br>
&gt;<br>
&gt; &gt; Author: pcc<br>
&gt; &gt; Date: Tue Jun 30 14:07:26 2015<br>
&gt; &gt; New Revision: 241102<br>
&gt; &gt;<br>
&gt; &gt; URL: <a href="https://urldefense.proofpoint.com/v2/url?u=http-3A__llvm.org_v \
iewvc_llvm-2Dproject-3Frev-3D241102-26view-3Drev&d=AwMFaQ&c=8hUWFZcy2Z-Za5rBPlktOQ&r=B \
SqEv9KvKMW_Ob8SyngJ70KdZISM_ASROnREeq0cCxk&m=Ap8PTRCUbugTmqBx32Fxl-UyIy_owqBI-xguN98n85c&s=fKigu_DbLLVmsTy3Br5oIbV7Gn9bZYL4ohgL_nTSgPQ&e=" \
rel="noreferrer" target="_blank">http://llvm.org/viewvc/llvm-project?rev=241102&amp;view=rev</a><br>
 &gt; &gt; Log:<br>
&gt; &gt; CodeGen: Assign an appropriate comdat to thunks.<br>
&gt; &gt;<br>
&gt; &gt; Previously we were not assigning a comdat to thunks in the Microsoft \
ABI,<br> &gt; &gt; which would have required us to emit these functions outside of a \
comdat.<br> &gt; &gt; (Due to an inconsistency in how we were emitting objects, we \
were getting<br> &gt; &gt; this<br>
&gt; &gt; right most of the time, but only when compiling with function \
sections.)<br> &gt; &gt; This<br>
&gt; &gt; code generator change causes us to create a comdat for each thunk.<br>
&gt; &gt;<br>
&gt; &gt; Differential Revision: <a \
href="https://urldefense.proofpoint.com/v2/url?u=http-3A__reviews.llvm.org_D10829&d=Aw \
MFaQ&c=8hUWFZcy2Z-Za5rBPlktOQ&r=BSqEv9KvKMW_Ob8SyngJ70KdZISM_ASROnREeq0cCxk&m=Ap8PTRCU \
bugTmqBx32Fxl-UyIy_owqBI-xguN98n85c&s=w73hvBEI9temsiVZAFWN0XOASOX9VbV6aTvmKZSCJCY&e=" \
rel="noreferrer" target="_blank">http://reviews.llvm.org/D10829</a><br> &gt; &gt;<br>
&gt; &gt; Modified:<br>
&gt; &gt;        cfe/trunk/lib/CodeGen/CGVTables.cpp<br>
&gt; &gt;        cfe/trunk/test/CodeGenCXX/microsoft-abi-thunks.cpp<br>
&gt; &gt;<br>
&gt; &gt; Modified: cfe/trunk/lib/CodeGen/CGVTables.cpp<br>
&gt; &gt; URL:<br>
&gt; &gt; <a href="https://urldefense.proofpoint.com/v2/url?u=http-3A__llvm.org_viewvc \
_llvm-2Dproject_cfe_trunk_lib_CodeGen_CGVTables.cpp-3Frev-3D241102-26r1-3D241101-26r2- \
3D241102-26view-3Ddiff&d=AwMFaQ&c=8hUWFZcy2Z-Za5rBPlktOQ&r=BSqEv9KvKMW_Ob8SyngJ70KdZIS \
M_ASROnREeq0cCxk&m=Ap8PTRCUbugTmqBx32Fxl-UyIy_owqBI-xguN98n85c&s=uX17YLWpsYvwwvtIIq1cETkkLfS6BsD1bnVwyCuDm2w&e=" \
rel="noreferrer" target="_blank">http://llvm.org/viewvc/llvm-project/cfe/trunk/lib/CodeGen/CGVTables.cpp?rev=241102&amp;r1=241101&amp;r2=241102&amp;view=diff</a><br>
 &gt; &gt;<br>
&gt; &gt; ==============================================================================<br>
 &gt; &gt; --- cfe/trunk/lib/CodeGen/CGVTables.cpp (original)<br>
&gt; &gt; +++ cfe/trunk/lib/CodeGen/CGVTables.cpp Tue Jun 30 14:07:26 2015<br>
&gt; &gt; @@ -378,9 +378,6 @@ void CodeGenFunction::GenerateThunk(llvm<br>
&gt; &gt;      // Set the right linkage.<br>
&gt; &gt;      CGM.setFunctionLinkage(GD, Fn);<br>
&gt; &gt;<br>
&gt; &gt; -   if (CGM.supportsCOMDAT() &amp;&amp; Fn-&gt;isWeakForLinker())<br>
&gt; &gt; -      Fn-&gt;setComdat(CGM.getModule().getOrInsertComdat(Fn-&gt;getName()));<br>
 &gt; &gt; -<br>
&gt; &gt;      // Set the right visibility.<br>
&gt; &gt;      const CXXMethodDecl *MD = cast&lt;CXXMethodDecl&gt;(GD.getDecl());<br>
&gt; &gt;      setThunkVisibility(CGM, MD, Thunk, Fn);<br>
&gt; &gt; @@ -450,17 +447,18 @@ void CodeGenVTables::emitThunk(GlobalDec<br>
&gt; &gt;         // expensive/sucky at the moment, so don&#39;t generate the thunk \
unless<br> &gt; &gt;         // we have to.<br>
&gt; &gt;         // FIXME: Do something better here; GenerateVarArgsThunk is \
extremely<br> &gt; &gt; ugly.<br>
&gt; &gt; -      if (!UseAvailableExternallyLinkage) {<br>
&gt; &gt; -         CodeGenFunction(CGM).GenerateVarArgsThunk(ThunkFn, FnInfo, \
GD,<br> &gt; &gt; Thunk);<br>
&gt; &gt; -         CGM.getCXXABI().setThunkLinkage(ThunkFn, ForVTable, GD,<br>
&gt; &gt; -                                                         \
!Thunk.Return.isEmpty());<br> &gt; &gt; -      }<br>
&gt; &gt; +      if (UseAvailableExternallyLinkage)<br>
&gt; &gt; +         return;<br>
&gt; &gt; +      CodeGenFunction(CGM).GenerateVarArgsThunk(ThunkFn, FnInfo, GD, \
Thunk);<br> &gt; &gt;      } else {<br>
&gt; &gt;         // Normal thunk body generation.<br>
&gt; &gt;         CodeGenFunction(CGM).GenerateThunk(ThunkFn, FnInfo, GD, Thunk);<br>
&gt; &gt; -      CGM.getCXXABI().setThunkLinkage(ThunkFn, ForVTable, GD,<br>
&gt; &gt; -                                                      \
!Thunk.Return.isEmpty());<br> &gt; &gt;      }<br>
&gt; &gt; +<br>
&gt; &gt; +   CGM.getCXXABI().setThunkLinkage(ThunkFn, ForVTable, GD,<br>
&gt; &gt; +                                                   \
!Thunk.Return.isEmpty());<br> &gt; &gt; +   if (CGM.supportsCOMDAT() &amp;&amp; \
ThunkFn-&gt;isWeakForLinker())<br> &gt; &gt; +<br>
&gt; &gt; ThunkFn-&gt;setComdat(CGM.getModule().getOrInsertComdat(ThunkFn-&gt;getName()));<br>
 &gt; &gt;   }<br>
&gt; &gt;<br>
&gt; &gt;   void CodeGenVTables::maybeEmitThunkForVTable(GlobalDecl GD,<br>
&gt; &gt;<br>
&gt; &gt; Modified: cfe/trunk/test/CodeGenCXX/microsoft-abi-thunks.cpp<br>
&gt; &gt; URL:<br>
&gt; &gt; <a href="https://urldefense.proofpoint.com/v2/url?u=http-3A__llvm.org_viewvc \
_llvm-2Dproject_cfe_trunk_test_CodeGenCXX_microsoft-2Dabi-2Dthunks.cpp-3Frev-3D241102- \
26r1-3D241101-26r2-3D241102-26view-3Ddiff&d=AwMFaQ&c=8hUWFZcy2Z-Za5rBPlktOQ&r=BSqEv9Kv \
KMW_Ob8SyngJ70KdZISM_ASROnREeq0cCxk&m=Ap8PTRCUbugTmqBx32Fxl-UyIy_owqBI-xguN98n85c&s=2eBQkLz0nY3jrIvvj-lG1_KkvEmkhM3t38mKIyk9GUo&e=" \
rel="noreferrer" target="_blank">http://llvm.org/viewvc/llvm-project/cfe/trunk/test/Co \
deGenCXX/microsoft-abi-thunks.cpp?rev=241102&amp;r1=241101&amp;r2=241102&amp;view=diff</a><br>
 &gt; &gt;<br>
&gt; &gt; ==============================================================================<br>
 &gt; &gt; --- cfe/trunk/test/CodeGenCXX/microsoft-abi-thunks.cpp (original)<br>
&gt; &gt; +++ cfe/trunk/test/CodeGenCXX/microsoft-abi-thunks.cpp Tue Jun 30 \
14:07:26<br> &gt; &gt; 2015<br>
&gt; &gt; @@ -91,7 +91,7 @@ struct E : D {<br>
&gt; &gt;<br>
&gt; &gt;   E::E() {}   // Emits vftable and forces thunk generation.<br>
&gt; &gt;<br>
&gt; &gt; -// CODEGEN-LABEL: define weak_odr x86_thiscallcc %struct.C* \
@&quot;\01?goo@E<br> &gt; &gt; @@QAEPAUB@@XZ&quot;<br>
&gt; &gt; +// CODEGEN-LABEL: define weak_odr x86_thiscallcc %struct.C* \
@&quot;\01?goo@E<br> &gt; &gt; @@QAEPAUB@@XZ&quot;{{.*}} comdat<br>
&gt; &gt;   // CODEGEN:     call x86_thiscallcc %struct.C* \
@&quot;\01?goo@E@@UAEPAUC@@XZ&quot;<br> &gt; &gt;   // CODEGEN:     getelementptr \
inbounds i8, i8* {{.*}}, i32 4<br> &gt; &gt;   // CODEGEN: ret<br>
&gt; &gt; @@ -124,7 +124,7 @@ struct I : D {<br>
&gt; &gt;<br>
&gt; &gt;   I::I() {}   // Emits vftable and forces thunk generation.<br>
&gt; &gt;<br>
&gt; &gt; -// CODEGEN-LABEL: define weak_odr x86_thiscallcc %struct.{{[BF]}}*<br>
&gt; &gt; @&quot;\01?goo@I@@QAEPAUB@@XZ&quot;<br>
&gt; &gt; +// CODEGEN-LABEL: define weak_odr x86_thiscallcc %struct.{{[BF]}}*<br>
&gt; &gt; @&quot;\01?goo@I@@QAEPAUB@@XZ&quot;{{.*}} comdat<br>
&gt; &gt;   // CODEGEN: %[[ORIG_RET:.*]] = call x86_thiscallcc %struct.F* \
@&quot;\01?goo@I<br> &gt; &gt; @@UAEPAUF@@XZ&quot;<br>
&gt; &gt;   // CODEGEN: %[[ORIG_RET_i8:.*]] = bitcast %struct.F* %[[ORIG_RET]] to \
i8*<br> &gt; &gt;   // CODEGEN: %[[VBPTR_i8:.*]] = getelementptr inbounds i8, i8*<br>
&gt; &gt; %[[ORIG_RET_i8]], i32 4<br>
&gt; &gt;<br>
&gt; &gt;<br>
&gt; &gt; _______________________________________________<br>
&gt; &gt; cfe-commits mailing list<br>
&gt; &gt; <a href="mailto:cfe-commits@cs.uiuc.edu">cfe-commits@cs.uiuc.edu</a><br>
&gt; &gt; <a href="http://lists.cs.uiuc.edu/mailman/listinfo/cfe-commits" \
rel="noreferrer" target="_blank">http://lists.cs.uiuc.edu/mailman/listinfo/cfe-commits</a><br>
 &gt; &gt;<br>
<br>
</div></div><span class="HOEnZb"><font color="#888888">--<br>
Peter<br>
</font></span><div class="HOEnZb"><div \
class="h5">_______________________________________________<br> cfe-commits mailing \
list<br> <a href="mailto:cfe-commits@cs.uiuc.edu">cfe-commits@cs.uiuc.edu</a><br>
<a href="http://lists.cs.uiuc.edu/mailman/listinfo/cfe-commits" rel="noreferrer" \
target="_blank">http://lists.cs.uiuc.edu/mailman/listinfo/cfe-commits</a><br> \
</div></div></blockquote></div><br><br clear="all"><div><br></div>-- <br><div \
class="gmail_signature"><div dir="ltr">Alexey Samsonov<br><a \
href="mailto:vonosmas@gmail.com" target="_blank">vonosmas@gmail.com</a></div></div> \
</div>



_______________________________________________
cfe-commits mailing list
cfe-commits@cs.uiuc.edu
http://lists.cs.uiuc.edu/mailman/listinfo/cfe-commits


[prev in list] [next in list] [prev in thread] [next in thread]

Configure | About | News | Add a list | Sponsored by KoreLogic