[compiler-rt] r244101 - [UBSan] Fix UBSan-vptr false positive.
Hans Wennborg
hans at chromium.org
Wed Aug 5 13:07:00 PDT 2015
I'm fine with merging this if Richard agrees.
Richard, what say you?
- Hans
On Wed, Aug 5, 2015 at 12:52 PM, Alexey Samsonov <vonosmas at gmail.com> wrote:
> +Hans, Richard
>
> Is it too late to merge this into 3.7rc2? This patch should be relatively
> safe, and fixes a bug that was reported looong time ago.
>
> On Wed, Aug 5, 2015 at 12:35 PM, Alexey Samsonov <vonosmas at gmail.com> wrote:
>>
>> Author: samsonov
>> Date: Wed Aug 5 14:35:46 2015
>> New Revision: 244101
>>
>> URL: http://llvm.org/viewvc/llvm-project?rev=244101&view=rev
>> Log:
>> [UBSan] Fix UBSan-vptr false positive.
>>
>> Offset from vptr to the start of most-derived object can actually
>> be positive in some virtual base class vtables.
>>
>> Patch by Stephan Bergmann!
>>
>> Added:
>>
>> compiler-rt/trunk/test/ubsan/TestCases/TypeCheck/vptr-virtual-base-construction.cpp
>> Modified:
>> compiler-rt/trunk/lib/ubsan/ubsan_type_hash_itanium.cc
>>
>> Modified: compiler-rt/trunk/lib/ubsan/ubsan_type_hash_itanium.cc
>> URL:
>> http://llvm.org/viewvc/llvm-project/compiler-rt/trunk/lib/ubsan/ubsan_type_hash_itanium.cc?rev=244101&r1=244100&r2=244101&view=diff
>>
>> ==============================================================================
>> --- compiler-rt/trunk/lib/ubsan/ubsan_type_hash_itanium.cc (original)
>> +++ compiler-rt/trunk/lib/ubsan/ubsan_type_hash_itanium.cc Wed Aug 5
>> 14:35:46 2015
>> @@ -185,8 +185,8 @@ namespace {
>>
>> struct VtablePrefix {
>> /// The offset from the vptr to the start of the most-derived object.
>> - /// This should never be greater than zero, and will usually be exactly
>> - /// zero.
>> + /// This will only be greater than zero in some virtual base class
>> vtables
>> + /// used during object con-/destruction, and will usually be exactly
>> zero.
>> sptr Offset;
>> /// The type_info object describing the most-derived class type.
>> std::type_info *TypeInfo;
>> @@ -196,7 +196,7 @@ VtablePrefix *getVtablePrefix(void *Vtab
>> if (!Vptr)
>> return 0;
>> VtablePrefix *Prefix = Vptr - 1;
>> - if (Prefix->Offset > 0 || !Prefix->TypeInfo)
>> + if (!Prefix->TypeInfo)
>> // This can't possibly be a valid vtable.
>> return 0;
>> return Prefix;
>>
>> Added:
>> compiler-rt/trunk/test/ubsan/TestCases/TypeCheck/vptr-virtual-base-construction.cpp
>> URL:
>> http://llvm.org/viewvc/llvm-project/compiler-rt/trunk/test/ubsan/TestCases/TypeCheck/vptr-virtual-base-construction.cpp?rev=244101&view=auto
>>
>> ==============================================================================
>> ---
>> compiler-rt/trunk/test/ubsan/TestCases/TypeCheck/vptr-virtual-base-construction.cpp
>> (added)
>> +++
>> compiler-rt/trunk/test/ubsan/TestCases/TypeCheck/vptr-virtual-base-construction.cpp
>> Wed Aug 5 14:35:46 2015
>> @@ -0,0 +1,13 @@
>> +// RUN: %clangxx -frtti -fsanitize=vptr -fno-sanitize-recover=vptr %s -o
>> %t
>> +// RUN: %run %t
>> +
>> +// REQUIRES: cxxabi
>> +
>> +int volatile n;
>> +
>> +struct A { virtual ~A() {} };
>> +struct B: virtual A {};
>> +struct C: virtual A { ~C() { n = 0; } };
>> +struct D: virtual B, virtual C {};
>> +
>> +int main() { delete new D; }
>>
>>
>> _______________________________________________
>> llvm-commits mailing list
>> llvm-commits at lists.llvm.org
>> http://lists.llvm.org/cgi-bin/mailman/listinfo/llvm-commits
>
>
>
>
> --
> Alexey Samsonov
> vonosmas at gmail.com
More information about the llvm-commits
mailing list