r255393 - docs: Document -fno-sanitize-trap= and -fsanitize-recover= flags for CFI.
Peter Collingbourne via cfe-commits
cfe-commits at lists.llvm.org
Fri Dec 11 15:54:19 PST 2015
Author: pcc
Date: Fri Dec 11 17:54:18 2015
New Revision: 255393
URL: http://llvm.org/viewvc/llvm-project?rev=255393&view=rev
Log:
docs: Document -fno-sanitize-trap= and -fsanitize-recover= flags for CFI.
Modified:
cfe/trunk/docs/ControlFlowIntegrity.rst
Modified: cfe/trunk/docs/ControlFlowIntegrity.rst
URL: http://llvm.org/viewvc/llvm-project/cfe/trunk/docs/ControlFlowIntegrity.rst?rev=255393&r1=255392&r2=255393&view=diff
==============================================================================
--- cfe/trunk/docs/ControlFlowIntegrity.rst (original)
+++ cfe/trunk/docs/ControlFlowIntegrity.rst Fri Dec 11 17:54:18 2015
@@ -61,6 +61,24 @@ checking.
Remember that you have to provide ``-flto`` if at least one CFI scheme is
enabled.
+Trapping and Diagnostics
+========================
+
+By default, CFI will abort the program immediately upon detecting a control
+flow integrity violation. You can use the :ref:`-fno-sanitize-trap=
+<controlling-code-generation>` flag to cause CFI to print a diagnostic
+similar to the one below before the program aborts.
+
+.. code-block:: console
+
+ bad-cast.cpp:109:7: runtime error: control flow integrity check for type 'B' failed during base-to-derived cast (vtable address 0x000000425a50)
+ 0x000000425a50: note: vtable is of type 'A'
+ 00 00 00 00 f0 f1 41 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 20 5a 42 00
+ ^
+
+If diagnostics are enabled, you can also configure CFI to continue program
+execution instead of aborting by using the :ref:`-fsanitize-recover=
+<controlling-code-generation>` flag.
Forward-Edge CFI for Virtual Calls
==================================
More information about the cfe-commits
mailing list