[PATCH] [comiler-rt/ubsan] getVtablePrefix must not sanity-check on Prefix->Offset > 0

Alexey Samsonov vonosmas at gmail.com
Thu Jun 4 17:52:45 PDT 2015 

Richard or David, do you want to look into this, or you'd prefer to leave
this for me?

On Tue, Jun 2, 2015 at 3:32 AM, Stephan Bergmann <sbergman at redhat.com>
wrote:

> ping^3
>
>
> On 12/16/2014 10:52 AM, Stephan Bergmann wrote:
>
>> ping
>> On 12/05/2014 09:33 AM, Stephan Bergmann wrote:
>>
>>> ping
>>> On 08/12/2014 09:10 PM, Alexey Samsonov wrote:
>>>
>>>> +Richard
>>>>
>>>>
>>>> On Tue, Aug 12, 2014 at 3:51 AM, Stephan Bergmann <sbergman at redhat.com
>>>> <mailto:sbergman at redhat.com>> wrote:
>>>>
>>>>     On 08/11/2014 10:19 PM, Alexey Samsonov wrote:
>>>>
>>>>         +Richard
>>>>
>>>>         Note, that you'd also have to update comment for
>>>>         VtablePrefix::Offset field.
>>>>
>>>>
>>>>     ah, right; updated patch
>>>>
>>>>     Stephan
>>>>
>>>>         On Mon, Aug 11, 2014 at 6:30 AM, Stephan Bergmann
>>>>         <sbergman at redhat.com <mailto:sbergman at redhat.com>
>>>>         <mailto:sbergman at redhat.com <mailto:sbergman at redhat.com>>>
>>>> wrote:
>>>>
>>>>              At least with recent Clang trunk on Linux x86_64:
>>>>
>>>>                  $ cat test.cc
>>>>                  #include <iostream>
>>>>                  struct A { virtual ~A() {} };
>>>>                  struct B: virtual A {};
>>>>                  struct C: virtual A { ~C() { std::cout << '\n'; } };
>>>>                  struct D: virtual B, virtual C {};
>>>>                  int main() { delete new D; }
>>>>
>>>>                  $ clang++ -fsanitize=undefined test.cc
>>>>
>>>>                  $ ./a.out
>>>>                  <unknown>: runtime error: member call on address
>>>>         0x000002a35010
>>>>                  which does not point to an object of type 'A'
>>>>                  0x000002a35010: note: object has invalid vptr
>>>>                    00 00 00 00  58 0e 43 00 00 00 00 00  30 0e 43 00 00
>>>>         00 00 00
>>>>                    00 00 00 00 00 00 00 00  e1 0f 02 00
>>>>                                 ^~~~~~~~~~~~~~~~~~~~~~~
>>>>                                 invalid vptr
>>>>
>>>>
>>>>              The problem is that getVtablePrefix
>>>>         (lib/ubsan/ubsan_type_hash.cc)
>>>>              rejects any VtablePrefix with Offset > 0 as "This can't
>>>>         possibly be
>>>>              a valid vtable" but, according to the Itanium ABI, "in some
>>>>              construction virtual tables will some virtual base virtual
>>>>         tables
>>>>              have positive offsets."
>>>>
>>>>              The apparent fix is to remove the check, see the attached
>>>>              getVtablePrefix.patch.
>>>>
>>>
>


-- 
Alexey Samsonov
vonosmas at gmail.com
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.llvm.org/pipermail/llvm-commits/attachments/20150604/ac50eec7/attachment.html>

More information about the llvm-commits mailing list