[compiler-rt] r244101 - [UBSan] Fix UBSan-vptr false positive.

Alexey Samsonov vonosmas at gmail.com
Wed Aug 5 12:35:47 PDT 2015 

Author: samsonov
Date: Wed Aug  5 14:35:46 2015
New Revision: 244101

URL: http://llvm.org/viewvc/llvm-project?rev=244101&view=rev
Log:
[UBSan] Fix UBSan-vptr false positive.

Offset from vptr to the start of most-derived object can actually
be positive in some virtual base class vtables.

Patch by Stephan Bergmann!

Added:
    compiler-rt/trunk/test/ubsan/TestCases/TypeCheck/vptr-virtual-base-construction.cpp
Modified:
    compiler-rt/trunk/lib/ubsan/ubsan_type_hash_itanium.cc

Modified: compiler-rt/trunk/lib/ubsan/ubsan_type_hash_itanium.cc
URL: http://llvm.org/viewvc/llvm-project/compiler-rt/trunk/lib/ubsan/ubsan_type_hash_itanium.cc?rev=244101&r1=244100&r2=244101&view=diff
==============================================================================
--- compiler-rt/trunk/lib/ubsan/ubsan_type_hash_itanium.cc (original)
+++ compiler-rt/trunk/lib/ubsan/ubsan_type_hash_itanium.cc Wed Aug  5 14:35:46 2015
@@ -185,8 +185,8 @@ namespace {
 
 struct VtablePrefix {
   /// The offset from the vptr to the start of the most-derived object.
-  /// This should never be greater than zero, and will usually be exactly
-  /// zero.
+  /// This will only be greater than zero in some virtual base class vtables
+  /// used during object con-/destruction, and will usually be exactly zero.
   sptr Offset;
   /// The type_info object describing the most-derived class type.
   std::type_info *TypeInfo;
@@ -196,7 +196,7 @@ VtablePrefix *getVtablePrefix(void *Vtab
   if (!Vptr)
     return 0;
   VtablePrefix *Prefix = Vptr - 1;
-  if (Prefix->Offset > 0 || !Prefix->TypeInfo)
+  if (!Prefix->TypeInfo)
     // This can't possibly be a valid vtable.
     return 0;
   return Prefix;

Added: compiler-rt/trunk/test/ubsan/TestCases/TypeCheck/vptr-virtual-base-construction.cpp
URL: http://llvm.org/viewvc/llvm-project/compiler-rt/trunk/test/ubsan/TestCases/TypeCheck/vptr-virtual-base-construction.cpp?rev=244101&view=auto
==============================================================================
--- compiler-rt/trunk/test/ubsan/TestCases/TypeCheck/vptr-virtual-base-construction.cpp (added)
+++ compiler-rt/trunk/test/ubsan/TestCases/TypeCheck/vptr-virtual-base-construction.cpp Wed Aug  5 14:35:46 2015
@@ -0,0 +1,13 @@
+// RUN: %clangxx -frtti -fsanitize=vptr -fno-sanitize-recover=vptr %s -o %t
+// RUN: %run %t
+
+// REQUIRES: cxxabi
+
+int volatile n;
+
+struct A { virtual ~A() {} };
+struct B: virtual A {};
+struct C: virtual A { ~C() { n = 0; } };
+struct D: virtual B, virtual C {};
+
+int main() { delete new D; }

More information about the llvm-commits mailing list