Retry: [ubsan] Detect UB loads from bitfields
It's possible to load out-of-range values from bitfields backed by a
boolean or an enum. Check for UB loads from bitfields.
This is the motivating example:
struct S {
BOOL b : 1; // Signed ObjC BOOL.
};
S s;
s.b = 1; // This is actually stored as -1.
if (s.b == 1) // Evaluates to false, -1 != 1.
...
Changes since the original commit:
- Single-bit bools are a special case (see CGF::EmitFromMemory), and we
can't avoid dealing with them when loading from a bitfield. Don't try to
insert a check in this case.
Differential Revision: https://reviews.llvm.org/D30423
git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@297389 91177308-0d34-0410-b5e6-96231b3b80d8
Showing
- lib/CodeGen/CGAtomic.cpp 1 addition, 1 deletionlib/CodeGen/CGAtomic.cpp
- lib/CodeGen/CGExpr.cpp 11 additions, 3 deletionslib/CodeGen/CGExpr.cpp
- lib/CodeGen/CodeGenFunction.h 1 addition, 1 deletionlib/CodeGen/CodeGenFunction.h
- test/CodeGenCXX/ubsan-bitfields.cpp 34 additions, 0 deletionstest/CodeGenCXX/ubsan-bitfields.cpp
- test/CodeGenObjC/ubsan-bool.m 55 additions, 2 deletionstest/CodeGenObjC/ubsan-bool.m
Loading
Please register or sign in to comment