[ubsan] Fix for vptr check

Summary:
There can be a situation when vptr not initializing
by constructor of the object, and has a junk data
which should be properly checked, because c++ standard
says:

"If the new-initializer is omitted, the object is default-initialized (8.5).
[ Note: If no initialization is performed,
 the object has an indeterminate value. — end note ]

Change-Id: I6fd297dc10b2ddb54eaed9e6eb3a46310dafead4
Signed-off-by: Denis Khalikov <d.khalikov@partner.samsung.com>

diff --git a/gcc/testsuite/g++.dg/ubsan/pr332211-llvm.C b/gcc/testsuite/g++.dg/ubsan/pr332211-llvm.C
new file mode 100644 (file)
index 0000000..c747754
--- /dev/null
+++ b/gcc/testsuite/g++.dg/ubsan/pr332211-llvm.C
@@ -0,0 +1,21 @@
+/* PR 332211 port from llvm */
+/* { dg-do run } */
+/* { dg-options "-fsanitize=vptr -frtti -fno-sanitize-recover=undefined"} */
+
+class Base {
+public:
+  int i;
+  virtual void print() {}
+};
+
+class Derived : public Base {
+public:
+  void print() {}
+};
+
+int main() {
+  char *c = new char[sizeof(Derived)];
+  Derived *list = (Derived *)c;
+  int foo = list->i;
+  return 0;
+}

diff --git a/libsanitizer/ubsan/ubsan_type_hash_itanium.cc b/libsanitizer/ubsan/ubsan_type_hash_itanium.cc
index e4f1334..4716935 100644 (file)
--- a/libsanitizer/ubsan/ubsan_type_hash_itanium.cc
+++ b/libsanitizer/ubsan/ubsan_type_hash_itanium.cc
@@ -191,7 +191,7 @@ struct VtablePrefix {
 };
 VtablePrefix *getVtablePrefix(void *Vtable) {
   VtablePrefix *Vptr = reinterpret_cast<VtablePrefix*>(Vtable);
-  if (!Vptr)
+  if (!IsAccessibleMemoryRange((uptr)Vptr, sizeof(VtablePrefix)))
     return 0;
   VtablePrefix *Prefix = Vptr - 1;
   if (!Prefix->TypeInfo)