[gcc/devel/c++-modules] c++: vptr ubsan and derived class [PR95311].

public inbox for gcc-cvs@sourceware.org
help / color / mirror / Atom feed

* [gcc/devel/c++-modules] c++: vptr ubsan and derived class [PR95311].
@ 2020-06-11 12:57 Nathan Sidwell
  0 siblings, 0 replies; only message in thread
From: Nathan Sidwell @ 2020-06-11 12:57 UTC (permalink / raw)
  To: gcc-cvs

https://gcc.gnu.org/g:8e915901deb3518d4bef73ea52eab2ece7a2bbf6

commit 8e915901deb3518d4bef73ea52eab2ece7a2bbf6
Author: Jason Merrill <jason@redhat.com>
Date:   Fri May 29 11:59:33 2020 -0400

    c++: vptr ubsan and derived class [PR95311].
    
    We weren't able to find OBJ_TYPE_REF_OBJECT walking through
    OBJ_TYPE_REF_EXPR because we had folded away the ADDR_EXPR.
    
    gcc/cp/ChangeLog:
    
            PR c++/95311
            PR c++/95221
            * class.c (build_vfn_ref): Don't fold the INDIRECT_REF.
    
    gcc/testsuite/ChangeLog:
    
            PR c++/95311
            * g++.dg/ubsan/vptr-16.C: New test.

Diff:
---
 gcc/cp/class.c                       |  8 ++++++--
 gcc/testsuite/g++.dg/ubsan/vptr-16.C | 14 ++++++++++++++
 2 files changed, 20 insertions(+), 2 deletions(-)

diff --git a/gcc/cp/class.c b/gcc/cp/class.c
index bab15524a60..ca492cdbd40 100644
--- a/gcc/cp/class.c
+++ b/gcc/cp/class.c
@@ -729,9 +729,13 @@ build_vtbl_ref (tree instance, tree idx)
 tree
 build_vfn_ref (tree instance_ptr, tree idx)
 {
-  tree aref;
+  tree obtype = TREE_TYPE (TREE_TYPE (instance_ptr));
+
+  /* Leave the INDIRECT_REF unfolded so cp_ubsan_maybe_instrument_member_call
+     can find instance_ptr.  */
+  tree ind = build1 (INDIRECT_REF, obtype, instance_ptr);
 
-  aref = build_vtbl_ref (cp_build_fold_indirect_ref (instance_ptr), idx);
+  tree aref = build_vtbl_ref (ind, idx);
 
   /* When using function descriptors, the address of the
      vtable entry is treated as a function pointer.  */
diff --git a/gcc/testsuite/g++.dg/ubsan/vptr-16.C b/gcc/testsuite/g++.dg/ubsan/vptr-16.C
new file mode 100644
index 00000000000..a3db66e9140
--- /dev/null
+++ b/gcc/testsuite/g++.dg/ubsan/vptr-16.C
@@ -0,0 +1,14 @@
+// PR c++/95311
+// { dg-additional-options -fsanitize=undefined }
+
+class a {
+  virtual long b() const;
+};
+class c : a {
+public:
+  long b() const;
+};
+class d : c {
+  long e();
+};
+long d::e() { b(); return 0; }


^ permalink raw reply	[flat|nested] only message in thread

only message in thread, other threads:[~2020-06-11 12:57 UTC | newest]

Thread overview: (only message) (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2020-06-11 12:57 [gcc/devel/c++-modules] c++: vptr ubsan and derived class [PR95311] Nathan Sidwell

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).