https://gcc.gnu.org/bugzilla/show_bug.cgi?id=86560
--- Comment #5 from hjl at gcc dot gnu.org <hjl at gcc dot gnu.org> --- Author: hjl Date: Thu Jul 26 14:48:55 2018 New Revision: 263009 URL: https://gcc.gnu.org/viewcvs?rev=263009&root=gcc&view=rev Log: libsanitizer: Mark REAL(swapcontext) with indirect_return attribute on x86 Cherry-pick compiler-rt revision 337603: When shadow stack from Intel CET is enabled, the first instruction of all indirect branch targets must be a special instruction, ENDBR. lib/asan/asan_interceptors.cc has ... int res = REAL(swapcontext)(oucp, ucp); ... REAL(swapcontext) is a function pointer to swapcontext in libc. Since swapcontext may return via indirect branch on x86 when shadow stack is enabled, as in this case, int res = REAL(swapcontext)(oucp, ucp); ^^^^^^^^^^^^^^^^^^^^^^^^^^^^ This function may be returned via an indirect branch. Here compiler must insert ENDBR after call, like call *bar(%rip) endbr64 I opened an LLVM bug: https://bugs.llvm.org/show_bug.cgi?id=38207 to add the indirect_return attribute so that it can be used to inform compiler to insert ENDBR after REAL(swapcontext) call. We mark REAL(swapcontext) with the indirect_return attribute if it is available. This fixed: https://bugs.llvm.org/show_bug.cgi?id=38249 Reviewed By: eugenis Differential Revision: https://reviews.llvm.org/D49608 PR target/86560 * asan/asan_interceptors.cc (swapcontext) Cherry-pick compiler-rt revision 337603. * sanitizer_common/sanitizer_internal_defs.h (__has_attribute): Likewise. Modified: trunk/libsanitizer/ChangeLog trunk/libsanitizer/asan/asan_interceptors.cc trunk/libsanitizer/sanitizer_common/sanitizer_internal_defs.h
