KCFI and Function Sanitizer cookies are unaligned

[statham-arm]

The following IR defines two functions, each of which compiles to a single 2-byte Thumb instruction, but prefixed with a 4-byte KCFI cookie (containing, in this case, a made-up example value).

target triple = "thumbv8a-arm-none-eabi"

define void @foo() !kcfi_type !1 {
entry:
  ret void
}
define void @bar() !kcfi_type !1 {
entry:
  ret void
}

!1 = !{i32 1234567890}

Compiled to an object file using either of

llc -filetype=obj kcfi.ll
clang --target=arm-none-eabi -mcpu=cortex-a53 -mthumb -c kcfi.ll

the resulting object file contains a 12-byte .text section, with no alignment padding, consisting of a 4-byte cookie, a 2-byte function, and the same again. This means that the two 32-bit cookies can't be aligned the same: one is aligned to a multiple of 4 bytes, and the other is misaligned. So a function call that loads and checks the cookie can only work if the CPU is configured to permit unaligned loads.

Adding -mattr=+strict-align to the llc command, or -mno-unaligned-access to the clang command, doesn't change the behavior. So it seems that there's no way to generate KCFI cookies that can be checked safely in no-unaligned-access mode.

As far as I can see, all of this works exactly the same for Function Sanitizer cookies.

[MaskRay]

Patch: https://reviews.llvm.org/D154043

[llvmbot]

@llvm/issue-subscribers-clang-codegen