[PATCH] [comiler-rt/ubsan] getVtablePrefix must not sanity-check on Prefix->Offset > 0
Stephan Bergmann
sbergman at redhat.com
Thu Jun 25 23:57:44 PDT 2015
ping1^5
On 06/19/2015 02:02 PM, Stephan Bergmann wrote:
> ping^4
>
> On 06/05/2015 07:06 PM, David Blaikie wrote:
>> On Fri, Jun 5, 2015 at 10:02 AM, Alexey Samsonov <vonosmas at gmail.com
>> <mailto:vonosmas at gmail.com>> wrote:
>>
>> I referred to David Majnemer, who touched this code a while ago. But
>> thanks for suggesting help :)
>>
>>
>> Ah, +Majnemer.
>>
>> - Dave
>>
>>
>> On Fri, Jun 5, 2015 at 8:26 AM, David Blaikie <dblaikie at gmail.com
>> <mailto:dblaikie at gmail.com>> wrote:
>>
>>
>>
>> On Thu, Jun 4, 2015 at 5:52 PM, Alexey Samsonov
>> <vonosmas at gmail.com <mailto:vonosmas at gmail.com>> wrote:
>>
>> Richard or David, do you want to look into this, or you'd
>> prefer to leave this for me?
>>
>>
>> I can't say I have much more context in vtable layout & C++ ABI
>> than you do, most likely. Happy to bounce some the ideas around
>> in person if that's helpful.
>>
>> - David
>>
>>
>> On Tue, Jun 2, 2015 at 3:32 AM, Stephan Bergmann
>> <sbergman at redhat.com <mailto:sbergman at redhat.com>> wrote:
>>
>> ping^3
>>
>>
>> On 12/16/2014 10:52 AM, Stephan Bergmann wrote:
>>
>> ping
>> On 12/05/2014 09:33 AM, Stephan Bergmann wrote:
>>
>> ping
>> On 08/12/2014 09:10 PM, Alexey Samsonov wrote:
>>
>> +Richard
>>
>>
>> On Tue, Aug 12, 2014 at 3:51 AM, Stephan
>> Bergmann <sbergman at redhat.com
>> <mailto:sbergman at redhat.com>
>> <mailto:sbergman at redhat.com
>> <mailto:sbergman at redhat.com>>> wrote:
>>
>> On 08/11/2014 10:19 PM, Alexey Samsonov
>> wrote:
>>
>> +Richard
>>
>> Note, that you'd also have to
>> update comment for
>> VtablePrefix::Offset field.
>>
>>
>> ah, right; updated patch
>>
>> Stephan
>>
>> On Mon, Aug 11, 2014 at 6:30 AM,
>> Stephan Bergmann
>> <sbergman at redhat.com
>> <mailto:sbergman at redhat.com>
>> <mailto:sbergman at redhat.com
>> <mailto:sbergman at redhat.com>>
>> <mailto:sbergman at redhat.com
>> <mailto:sbergman at redhat.com>
>> <mailto:sbergman at redhat.com
>> <mailto:sbergman at redhat.com>>>>
>> wrote:
>>
>> At least with recent Clang
>> trunk on Linux x86_64:
>>
>> $ cat test.cc
>> #include <iostream>
>> struct A { virtual ~A()
>> {} };
>> struct B: virtual A {};
>> struct C: virtual A { ~C()
>> { std::cout << '\n'; } };
>> struct D: virtual B,
>> virtual C {};
>> int main() { delete new
>> D; }
>>
>> $ clang++
>> -fsanitize=undefined test.cc
>>
>> $ ./a.out
>> <unknown>: runtime error:
>> member call on address
>> 0x000002a35010
>> which does not point to an
>> object of type 'A'
>> 0x000002a35010: note:
>> object has invalid vptr
>> 00 00 00 00 58 0e 43 00
>> 00 00 00 00 30 0e 43 00 00
>> 00 00 00
>> 00 00 00 00 00 00 00 00
>> e1 0f 02 00
>>
>> ^~~~~~~~~~~~~~~~~~~~~~~
>> invalid vptr
>>
>>
>> The problem is that
>> getVtablePrefix
>> (lib/ubsan/ubsan_type_hash.cc)
>> rejects any VtablePrefix with
>> Offset > 0 as "This can't
>> possibly be
>> a valid vtable" but, according
>> to the Itanium ABI, "in some
>> construction virtual tables
>> will some virtual base virtual
>> tables
>> have positive offsets."
>>
>> The apparent fix is to remove
>> the check, see the attached
>> getVtablePrefix.patch.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: getVtablesPrefix.patch
Type: text/x-patch
Size: 925 bytes
Desc: not available
URL: <http://lists.llvm.org/pipermail/llvm-commits/attachments/20150626/9d2eb392/attachment.bin>
More information about the llvm-commits
mailing list