After destruction, invocation of virtual functions prevented
by poisoning vtable pointer.
Details
Diff Detail
Event Timeline
lib/CodeGen/CGClass.cpp | ||
---|---|---|
1687 | You are poisoning the vtable pointer in the base destructor. |
- Fixed testing callback emission order to account for vptr. Vptr poisoned after all virtual and member destructors are invoked, in order to prevent a data race an on the virtual function invoked by a class instance. (https://github.com/google/sanitizers/wiki/ThreadSanitizerPopularDataRaces#data-race-on-vptr)
lib/CodeGen/CGClass.cpp | ||
---|---|---|
1697 | Did you mean to move this chunk to the other cleanup class? |
lib/CodeGen/CGClass.cpp | ||
---|---|---|
1697 | compiler-rt/test/msan/dtor-multiple-inheritance.cc checks that vtable is still accessible within dtors. |
So, this can not be moved to the complete destructor because that would fail to poisons vptrs of the base classes. On the other hand, the current implementation is a bit wasteful, as it can poison the same pointer multiple times when it is shared by the derived class and the first base.
Maybe skip poisoning if the first base (or whatever is at offset 0 in the record layout) is a dynamic class with non-trivial destructor?
lib/CodeGen/CGClass.cpp | ||
---|---|---|
1652 | If it's a global function, it should have a more descriptive name, like EmitSanitizerDtorCallback. | |
test/CodeGenCXX/sanitize-dtor-derived-class.cpp | ||
70 | Check that this poisons exactly 8 bytes. |
lib/CodeGen/CGClass.cpp | ||
---|---|---|
1652 | It's inside of a namespace- is it still global? |
lib/CodeGen/CGClass.cpp | ||
---|---|---|
1652 | In a sense. This namespace is not only about sanitizers, so Poison is ambiguous. |
lib/CodeGen/CGClass.cpp | ||
---|---|---|
1756 | It causes a warning in -Asserts. [-Wunused-private-field] |
If it's a global function, it should have a more descriptive name, like EmitSanitizerDtorCallback.
OffsetPtr => just Ptr
And move the body of the function to this line to avoid unnecessary redeclaration.