https://bugs.llvm.org/show_bug.cgi?id=43390
Bug ID: 43390
Summary: CFI: wrong type passed to llvm.type.test with multiple
inheritance devirtualization
Product: clang
Version: trunk
Hardware: PC
OS: All
Status: NEW
Severity: normal
Priority: P
Component: C++
Assignee: unassignedclangb...@nondot.org
Reporter: dmitry.miku...@sony.com
CC: blitzrak...@gmail.com, dgre...@apple.com,
erik.pilking...@gmail.com, llvm-bugs@lists.llvm.org,
richard-l...@metafoo.co.uk
In the following example, a call to a virtual function through the second base
class pointer fails the nvcall CFI check at run time. Similar call through the
first base class pointer works as expected.
========== x.cpp ==============
#include <iostream>
class A1 {
public:
virtual void f1() = 0;
};
class A2 {
public:
virtual void f2() = 0;
};
class B : public A1, public A2 {
public:
void f2() final { fprintf(stderr, "f2\n"); }
void f1() final { fprintf(stderr, "f1\n"); }
};
int main() {
B b;
// Doesn't raise a CFI error
static_cast<A1*>(&b)->f1();
// Raises a CFI error
static_cast<A2*>(&b)->f2();
}
=============================
# clang++ -flto -fvisibility=hidden -fsanitize=cfi -fno-sanitize-trap=cfi
-fsanitize-recover=cfi -fuse-ld=lld x.cpp
# ./a.out
f1
x.cpp:26:5: runtime error: control flow integrity check for type 'A2' failed
during non-virtual call (vtable address 0x00000020b780)
0x00000020b780: note: vtable is of type 'B'
00 00 00 00 40 34 24 00 00 00 00 00 70 34 24 00 00 00 00 00 00 00 00 00 00
00 00 00 48 b7 20 00
^
SUMMARY: UndefinedBehaviorSanitizer: undefined-behavior x.cpp:26:5 in
f2
--
You are receiving this mail because:
You are on the CC list for the bug._______________________________________________
llvm-bugs mailing list
llvm-bugs@lists.llvm.org
https://lists.llvm.org/cgi-bin/mailman/listinfo/llvm-bugs
