[PATCH] [comiler-rt/ubsan] getVtablePrefix must not sanity-check on Prefix->Offset > 0
Stephan Bergmann
sbergman at redhat.com
Thu Jul 16 02:02:52 PDT 2015
ping^8
On 07/14/2015 08:45 AM, Stephan Bergmann wrote:
> ping^7
>
> It would be great if somebody could get this patch pushed. (It unbreaks
> UBSan builds of LibreOffice, and it is somewhat painful to maintain as a
> local patch on all the machines I use for such builds.)
>
> I updated the attached getVtablesPrefix.patch to current trunk, and also
> added the test case from my original mail to it now.
>
> Thanks,
> Stephan
>
> On 07/03/2015 09:22 AM, Stephan Bergmann wrote:
>> ping^6
>>
>> On 06/26/2015 08:57 AM, Stephan Bergmann wrote:
>>> ping1^5
>>>
>>> On 06/19/2015 02:02 PM, Stephan Bergmann wrote:
>>>> ping^4
>>>>
>>>> On 06/05/2015 07:06 PM, David Blaikie wrote:
>>>>> On Fri, Jun 5, 2015 at 10:02 AM, Alexey Samsonov <vonosmas at gmail.com
>>>>> <mailto:vonosmas at gmail.com>> wrote:
>>>>>
>>>>> I referred to David Majnemer, who touched this code a while ago.
>>>>> But
>>>>> thanks for suggesting help :)
>>>>>
>>>>>
>>>>> Ah, +Majnemer.
>>>>>
>>>>> - Dave
>>>>>
>>>>>
>>>>> On Fri, Jun 5, 2015 at 8:26 AM, David Blaikie <dblaikie at gmail.com
>>>>> <mailto:dblaikie at gmail.com>> wrote:
>>>>>
>>>>>
>>>>>
>>>>> On Thu, Jun 4, 2015 at 5:52 PM, Alexey Samsonov
>>>>> <vonosmas at gmail.com <mailto:vonosmas at gmail.com>> wrote:
>>>>>
>>>>> Richard or David, do you want to look into this, or you'd
>>>>> prefer to leave this for me?
>>>>>
>>>>>
>>>>> I can't say I have much more context in vtable layout & C++
>>>>> ABI
>>>>> than you do, most likely. Happy to bounce some the ideas
>>>>> around
>>>>> in person if that's helpful.
>>>>>
>>>>> - David
>>>>>
>>>>>
>>>>> On Tue, Jun 2, 2015 at 3:32 AM, Stephan Bergmann
>>>>> <sbergman at redhat.com <mailto:sbergman at redhat.com>> wrote:
>>>>>
>>>>> ping^3
>>>>>
>>>>>
>>>>> On 12/16/2014 10:52 AM, Stephan Bergmann wrote:
>>>>>
>>>>> ping
>>>>> On 12/05/2014 09:33 AM, Stephan Bergmann wrote:
>>>>>
>>>>> ping
>>>>> On 08/12/2014 09:10 PM, Alexey Samsonov wrote:
>>>>>
>>>>> +Richard
>>>>>
>>>>>
>>>>> On Tue, Aug 12, 2014 at 3:51 AM, Stephan
>>>>> Bergmann <sbergman at redhat.com
>>>>> <mailto:sbergman at redhat.com>
>>>>> <mailto:sbergman at redhat.com
>>>>> <mailto:sbergman at redhat.com>>> wrote:
>>>>>
>>>>> On 08/11/2014 10:19 PM, Alexey
>>>>> Samsonov
>>>>> wrote:
>>>>>
>>>>> +Richard
>>>>>
>>>>> Note, that you'd also have to
>>>>> update comment for
>>>>> VtablePrefix::Offset field.
>>>>>
>>>>>
>>>>> ah, right; updated patch
>>>>>
>>>>> Stephan
>>>>>
>>>>> On Mon, Aug 11, 2014 at 6:30 AM,
>>>>> Stephan Bergmann
>>>>> <sbergman at redhat.com
>>>>> <mailto:sbergman at redhat.com>
>>>>> <mailto:sbergman at redhat.com
>>>>> <mailto:sbergman at redhat.com>>
>>>>> <mailto:sbergman at redhat.com
>>>>> <mailto:sbergman at redhat.com>
>>>>> <mailto:sbergman at redhat.com
>>>>> <mailto:sbergman at redhat.com>>>>
>>>>> wrote:
>>>>>
>>>>> At least with recent Clang
>>>>> trunk on Linux x86_64:
>>>>>
>>>>> $ cat test.cc
>>>>> #include <iostream>
>>>>> struct A { virtual ~A()
>>>>> {} };
>>>>> struct B: virtual A {};
>>>>> struct C: virtual A {
>>>>> ~C()
>>>>> { std::cout << '\n'; } };
>>>>> struct D: virtual B,
>>>>> virtual C {};
>>>>> int main() { delete new
>>>>> D; }
>>>>>
>>>>> $ clang++
>>>>> -fsanitize=undefined test.cc
>>>>>
>>>>> $ ./a.out
>>>>> <unknown>: runtime
>>>>> error:
>>>>> member call on address
>>>>> 0x000002a35010
>>>>> which does not point
>>>>> to an
>>>>> object of type 'A'
>>>>> 0x000002a35010: note:
>>>>> object has invalid vptr
>>>>> 00 00 00 00 58 0e
>>>>> 43 00
>>>>> 00 00 00 00 30 0e 43 00 00
>>>>> 00 00 00
>>>>> 00 00 00 00 00 00
>>>>> 00 00
>>>>> e1 0f 02 00
>>>>>
>>>>> ^~~~~~~~~~~~~~~~~~~~~~~
>>>>> invalid
>>>>> vptr
>>>>>
>>>>>
>>>>> The problem is that
>>>>> getVtablePrefix
>>>>> (lib/ubsan/ubsan_type_hash.cc)
>>>>> rejects any VtablePrefix
>>>>> with
>>>>> Offset > 0 as "This can't
>>>>> possibly be
>>>>> a valid vtable" but,
>>>>> according
>>>>> to the Itanium ABI, "in some
>>>>> construction virtual tables
>>>>> will some virtual base virtual
>>>>> tables
>>>>> have positive offsets."
>>>>>
>>>>> The apparent fix is to
>>>>> remove
>>>>> the check, see the attached
>>>>> getVtablePrefix.patch.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: getVtablesPrefix.patch
Type: text/x-patch
Size: 1571 bytes
Desc: not available
URL: <http://lists.llvm.org/pipermail/llvm-commits/attachments/20150716/a63bdcd1/attachment.bin>
More information about the llvm-commits
mailing list