[PATCH] D35735: [ubsan] Null-check pointers in -fsanitize=vptr (PR33881)
Vedant Kumar via Phabricator via cfe-commits
cfe-commits at lists.llvm.org
Fri Jul 21 13:34:01 PDT 2017
vsk created this revision.
The instrumentation generated by -fsanitize=vptr does not null check a
user pointer before loading from it. This causes crashes in the face of
UB member calls (this=nullptr), i.e it causes user programs to crash only
after UBSan is turned on.
The fix is to make run-time null checking a prerequisite for enabling
-fsanitize=vptr, and to then teach UBSan to reuse these run-time null
checks to make -fsanitize=vptr safe.
Testing: check-clang, check-ubsan, a stage2 ubsan-enabled build
(Test updates in compiler-rt to follow in a separate patch)
https://bugs.llvm.org/show_bug.cgi?id=33881
rdar://problem/32659008
https://reviews.llvm.org/D35735
Files:
docs/UndefinedBehaviorSanitizer.rst
include/clang/Basic/DiagnosticDriverKinds.td
include/clang/Basic/DiagnosticGroups.td
lib/CodeGen/CGExpr.cpp
lib/Driver/SanitizerArgs.cpp
test/CodeGenCXX/catch-undef-behavior.cpp
test/CodeGenCXX/ubsan-devirtualized-calls.cpp
test/CodeGenCXX/ubsan-type-checks.cpp
test/CodeGenCXX/ubsan-vtable-checks.cpp
test/Driver/fsanitize.c
test/Driver/rtti-options.cpp
-------------- next part --------------
A non-text attachment was scrubbed...
Name: D35735.107711.patch
Type: text/x-patch
Size: 16906 bytes
Desc: not available
URL: <http://lists.llvm.org/pipermail/cfe-commits/attachments/20170721/3985dd4b/attachment-0001.bin>
More information about the cfe-commits
mailing list