[PATCH] [comiler-rt/ubsan] getVtablePrefix must not sanity-check on Prefix->Offset > 0

Stephan Bergmann sbergman at redhat.com
Tue Jun 2 03:32:06 PDT 2015 

ping^3

On 12/16/2014 10:52 AM, Stephan Bergmann wrote:
> ping
> On 12/05/2014 09:33 AM, Stephan Bergmann wrote:
>> ping
>> On 08/12/2014 09:10 PM, Alexey Samsonov wrote:
>>> +Richard
>>>
>>>
>>> On Tue, Aug 12, 2014 at 3:51 AM, Stephan Bergmann <sbergman at redhat.com
>>> <mailto:sbergman at redhat.com>> wrote:
>>>
>>>     On 08/11/2014 10:19 PM, Alexey Samsonov wrote:
>>>
>>>         +Richard
>>>
>>>         Note, that you'd also have to update comment for
>>>         VtablePrefix::Offset field.
>>>
>>>
>>>     ah, right; updated patch
>>>
>>>     Stephan
>>>
>>>         On Mon, Aug 11, 2014 at 6:30 AM, Stephan Bergmann
>>>         <sbergman at redhat.com <mailto:sbergman at redhat.com>
>>>         <mailto:sbergman at redhat.com <mailto:sbergman at redhat.com>>>
>>> wrote:
>>>
>>>              At least with recent Clang trunk on Linux x86_64:
>>>
>>>                  $ cat test.cc
>>>                  #include <iostream>
>>>                  struct A { virtual ~A() {} };
>>>                  struct B: virtual A {};
>>>                  struct C: virtual A { ~C() { std::cout << '\n'; } };
>>>                  struct D: virtual B, virtual C {};
>>>                  int main() { delete new D; }
>>>
>>>                  $ clang++ -fsanitize=undefined test.cc
>>>
>>>                  $ ./a.out
>>>                  <unknown>: runtime error: member call on address
>>>         0x000002a35010
>>>                  which does not point to an object of type 'A'
>>>                  0x000002a35010: note: object has invalid vptr
>>>                    00 00 00 00  58 0e 43 00 00 00 00 00  30 0e 43 00 00
>>>         00 00 00
>>>                    00 00 00 00 00 00 00 00  e1 0f 02 00
>>>                                 ^~~~~~~~~~~~~~~~~~~~~~~
>>>                                 invalid vptr
>>>
>>>
>>>              The problem is that getVtablePrefix
>>>         (lib/ubsan/ubsan_type_hash.cc)
>>>              rejects any VtablePrefix with Offset > 0 as "This can't
>>>         possibly be
>>>              a valid vtable" but, according to the Itanium ABI, "in some
>>>              construction virtual tables will some virtual base virtual
>>>         tables
>>>              have positive offsets."
>>>
>>>              The apparent fix is to remove the check, see the attached
>>>              getVtablePrefix.patch.

-------------- next part --------------
A non-text attachment was scrubbed...
Name: getVtablesPrefix.patch
Type: text/x-patch
Size: 925 bytes
Desc: not available
URL: <http://lists.llvm.org/pipermail/llvm-commits/attachments/20150602/2011cbeb/attachment.bin>

More information about the llvm-commits mailing list