HomePhabricator

[ubsan] Null-check pointers in -fsanitize=vptr (PR33881)

Description

[ubsan] Null-check pointers in -fsanitize=vptr (PR33881)

The instrumentation generated by -fsanitize=vptr does not null check a
user pointer before loading from it. This causes crashes in the face of
UB member calls (this=nullptr), i.e it's causing user programs to crash
only after UBSan is turned on.

The fix is to make run-time null checking a prerequisite for enabling
-fsanitize=vptr, and to then teach UBSan to reuse these run-time null
checks to make -fsanitize=vptr safe.

Testing: check-clang, check-ubsan, a stage2 ubsan-enabled build

Differential Revision: https://reviews.llvm.org/D35735

https://bugs.llvm.org/show_bug.cgi?id=33881

Details

Committed
vedantkJul 25 2017, 12:34 PM
Differential Revision
D35735: [ubsan] Null-check pointers in -fsanitize=vptr (PR33881)
Parents
rL309006: [StaticAnalyzer] Completely unrolling specific loops with known bound option
Branches
Unknown
Tags
Unknown