[PATCH] D25199: [ubsan] Sanitize deleted pointers
Vedant Kumar via cfe-commits
cfe-commits at lists.llvm.org
Mon Oct 3 14:52:20 PDT 2016
vsk added a comment.
In https://reviews.llvm.org/D25199#559797, @kcc wrote:
> >> will just crash without further reporting
>
> I agree, and we can address that by having special logic in ubsan's segv handler.
> This does not have to be in this patch.
@kcc Is it safe to add a handler for segv and continue program execution as normal? I'm asking because I haven't tried that before, and am guessing you have experience with this from working on asan.
If there is a safe and portable way to call a ubsan diagnostic handler after hitting this error, then I agree that it would be very valuable.
One more thing to consider: how will we support `-fsanitize-trap=value-after-delete`?
> CGExprScalar.cpp:413
> + // value of the deleted pointer to an invalid debug constant.
> + if (CGF.SanOpts.has(SanitizerKind::ValueAfterDelete)) {
> + const Expr *arg = E->getArgument();
This is typically done by placing a call to e.g `CGF.EmitValueAfterDeleteCheck`, and then having an early return in EmitValueAfterDeleteCheck if the sanitizer isn't enabled.
> CGExprScalar.cpp:414
> + if (CGF.SanOpts.has(SanitizerKind::ValueAfterDelete)) {
> + const Expr *arg = E->getArgument();
> + if (arg->IgnoreImplicit()->isLValue() &&
Variables are usually capitalized.
> CGExprScalar.cpp:418
> + LValue LHS = EmitLValue(arg);
> + if (!LHS.isVolatile()) {
> + const unsigned width = CGF.getTarget().getMaxPointerWidth();
This is missing a negative test.
> sanitize-value-after-delete.cpp:2
> +// Test -fsanitize-value-after-delete
> +// RUN: %clang_cc1 -O3 -fsanitize=value-after-delete -disable-llvm-optzns -std=c++11 -triple=x86_64-pc-linux -emit-llvm -o - %s | FileCheck %s
> +
Why are the '-O3' and '-disable-llvm-optzns' flags needed here?
https://reviews.llvm.org/D25199
More information about the cfe-commits
mailing list