[PATCH] D25199: [ubsan] Sanitize deleted pointers
Filipe Cabecinhas via cfe-commits
cfe-commits at lists.llvm.org
Tue Oct 4 08:25:24 PDT 2016
filcab added a comment.
In https://reviews.llvm.org/D25199#560061, @vsk wrote:
> My question was about whether it's possible to resume normal program execution after printing the stack trace from the segv handler. I had assumed this is not possible, and (mistakenly) thought that you were suggesting this approach.
I guess we can eventually add a warning if you have this check + trap-function. If there's really a need for it.
> UndefinedBehaviorSanitizer.rst:122
> + - ``-fsanitize=value-after-delete``: Set the value of the pointer
> + passed in a delete expression to 0xDEADBEEF.
> - ``-fsanitize=vla-bound``: A variable-length array whose bound
Why just `delete` and not `free()`?
> CGExprScalar.cpp:416
> + if (arg->IgnoreImplicit()->isLValue() &&
> + !arg->HasSideEffects(CGF.getContext())) {
> + LValue LHS = EmitLValue(arg);
Missing a test for this condition.
> sanitize-value-after-delete.cpp:2
> +// Test -fsanitize-value-after-delete
> +// RUN: %clang_cc1 -O3 -fsanitize=value-after-delete -disable-llvm-optzns -std=c++11 -triple=x86_64-pc-linux -emit-llvm -o - %s | FileCheck %s
> +
Please keep the test simple. You don't even need C++11 (in addition to the flags vsk mentioned).
> sanitize-value-after-delete.cpp:22
> +// CHECK: store {{.*}} inttoptr (i64 -2401053088876216593 {{.*}} %p2
> +// CHECK-NOT: store {{.*}} inttoptr (i64 -2401053088876216593 {{.*}} %p2
> +// CHECK-LABEL: DO_NOT_MODIFY
Why?
https://reviews.llvm.org/D25199
More information about the cfe-commits
mailing list