From 073fec91b73f08ba86ad46573141be14c7a0d262 Mon Sep 17 00:00:00 2001 From: Richard Smith Date: Tue, 18 Dec 2012 00:22:45 +0000 Subject: [PATCH] Rein ubsan's vptr sanitizer back a bit. Per core issue 453, binding a reference to an object outside its lifetime does not have undefined behavior. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@170387 91177308-0d34-0410-b5e6-96231b3b80d8 --- lib/CodeGen/CGExpr.cpp | 9 ++++++++- test/CodeGenCXX/catch-undef-behavior.cpp | 18 +++++++++++------- 2 files changed, 19 insertions(+), 8 deletions(-) diff --git a/lib/CodeGen/CGExpr.cpp b/lib/CodeGen/CGExpr.cpp index 0be483a907..19109d7b01 100644 --- a/lib/CodeGen/CGExpr.cpp +++ b/lib/CodeGen/CGExpr.cpp @@ -538,8 +538,15 @@ void CodeGenFunction::EmitTypeCheck(TypeCheckKind TCK, SourceLocation Loc, // If possible, check that the vptr indicates that there is a subobject of // type Ty at offset zero within this object. + // + // C++11 [basic.life]p5,6: + // [For storage which does not refer to an object within its lifetime] + // The program has undefined behavior if: + // -- the [pointer or glvalue] is used to access a non-static data member + // or call a non-stastic member function CXXRecordDecl *RD = Ty->getAsCXXRecordDecl(); - if (getLangOpts().SanitizeVptr && TCK != TCK_ConstructorCall && + if (getLangOpts().SanitizeVptr && + (TCK == TCK_MemberAccess || TCK == TCK_MemberCall) && RD && RD->hasDefinition() && RD->isDynamicClass()) { // Compute a hash of the mangled name of the type. // diff --git a/test/CodeGenCXX/catch-undef-behavior.cpp b/test/CodeGenCXX/catch-undef-behavior.cpp index a4e13bfa26..9fba80f268 100644 --- a/test/CodeGenCXX/catch-undef-behavior.cpp +++ b/test/CodeGenCXX/catch-undef-behavior.cpp @@ -1,7 +1,13 @@ // RUN: %clang_cc1 -fsanitize=signed-integer-overflow,integer-divide-by-zero,float-divide-by-zero,shift,unreachable,return,vla-bound,alignment,null,vptr,object-size,float-cast-overflow,bool,enum -emit-llvm %s -o - -triple x86_64-linux-gnu | FileCheck %s +struct S { + double d; + int a, b; + virtual int f(); +}; + // CHECK: @_Z17reference_binding -void reference_binding(int *p) { +void reference_binding(int *p, S *q) { // C++ core issue 453: If an lvalue to which a reference is directly bound // designates neither an existing object or function of an appropriate type, // nor a region of storage of suitable size and alignment to contain an object @@ -16,13 +22,11 @@ void reference_binding(int *p) { // CHECK-NEXT: %[[MISALIGN:.*]] = and i64 %[[PTRINT]], 3 // CHECK-NEXT: icmp eq i64 %[[MISALIGN]], 0 int &r = *p; -} -struct S { - double d; - int a, b; - virtual int f(); -}; + // A reference is not required to refer to an object within its lifetime. + // CHECK-NOT: __ubsan_handle_dynamic_type_cache_miss + S &r2 = *q; +} // CHECK: @_Z13member_access void member_access(S *p) {