On Mon, Jan 05, 2015 at 10:39:03PM +0100, Jakub Jelinek wrote:
> > >http://gcc.gnu.org/ml/gcc-patches/2014-12/msg00297.html
> > > - -fsanitize=vptr support
> > How is this different from vtable pointer verification that we already
> > support? Is there some reason we can't just use that instead?
>
> I don't now the current vtable pointer verification too much, but my
> understanding of it is that it is hardly usable, because e.g. it requires
> libstdc++ to be rebuilt with the verification enabled, otherwise you can't
> verify stuff, and that means a performance penalty even for code you don't
> want to verify. Unlike that, -fsanitize=vptr is lightweight, and you only
> rebuild with it what you want and can have other code kept as is, not
> recompiled.
Also, it seems to verify significantly less than -fsanitize=vptr does,
only method calls, while -fsanitize=vptr also verifies member accesses
and downcasts/upcasts.
Jakub
