[PATCH] D33712: Bug 33221 [UBSAN] segfault with -fsanitize=undefined
Phabricator via Phabricator via llvm-commits
llvm-commits at lists.llvm.org
Thu Jun 1 10:11:46 PDT 2017
This revision was automatically updated to reflect the committed changes.
Closed by commit rL304437: Bug 33221 [UBSAN] segfault with -fsanitize=undefined (authored by vedantk).
Changed prior to commit:
https://reviews.llvm.org/D33712?vs=100881&id=101044#toc
Repository:
rL LLVM
https://reviews.llvm.org/D33712
Files:
compiler-rt/trunk/lib/ubsan/ubsan_type_hash_itanium.cc
compiler-rt/trunk/test/ubsan/TestCases/TypeCheck/PR33221.cpp
Index: compiler-rt/trunk/lib/ubsan/ubsan_type_hash_itanium.cc
===================================================================
--- compiler-rt/trunk/lib/ubsan/ubsan_type_hash_itanium.cc
+++ compiler-rt/trunk/lib/ubsan/ubsan_type_hash_itanium.cc
@@ -197,7 +197,7 @@
};
VtablePrefix *getVtablePrefix(void *Vtable) {
VtablePrefix *Vptr = reinterpret_cast<VtablePrefix*>(Vtable);
- if (!Vptr)
+ if (!IsAccessibleMemoryRange((uptr)Vptr, sizeof(VtablePrefix)))
return nullptr;
VtablePrefix *Prefix = Vptr - 1;
if (!Prefix->TypeInfo)
Index: compiler-rt/trunk/test/ubsan/TestCases/TypeCheck/PR33221.cpp
===================================================================
--- compiler-rt/trunk/test/ubsan/TestCases/TypeCheck/PR33221.cpp
+++ compiler-rt/trunk/test/ubsan/TestCases/TypeCheck/PR33221.cpp
@@ -0,0 +1,24 @@
+// RUN: %clangxx -frtti -fsanitize=undefined -g %s -O3 -o %t
+// RUN: %run %t 2>&1 | FileCheck %s
+
+// REQUIRES: cxxabi
+
+class Base {
+public:
+ int i;
+ virtual void print() {}
+};
+
+class Derived : public Base {
+public:
+ void print() {}
+};
+
+int main() {
+ Derived *list = (Derived *)new char[sizeof(Derived)];
+
+// CHECK: PR33221.cpp:[[@LINE+2]]:19: runtime error: member access within address {{.*}} which does not point to an object of type 'Base'
+// CHECK-NEXT: object has invalid vptr
+ int foo = list->i;
+ return 0;
+}
-------------- next part --------------
A non-text attachment was scrubbed...
Name: D33712.101044.patch
Type: text/x-patch
Size: 1376 bytes
Desc: not available
URL: <http://lists.llvm.org/pipermail/llvm-commits/attachments/20170601/e5f36399/attachment.bin>
More information about the llvm-commits
mailing list