[ubsan] Null-check pointers in -fsanitize=vptr (PR33881)
The instrumentation generated by -fsanitize=vptr does not null check a
user pointer before loading from it. This causes crashes in the face of
UB member calls (this=nullptr), i.e it's causing user programs to crash
only after UBSan is turned on.
The fix is to make run-time null checking a prerequisite for enabling
-fsanitize=vptr, and to then teach UBSan to reuse these run-time null
checks to make -fsanitize=vptr safe.
Testing: check-clang, check-ubsan, a stage2 ubsan-enabled build
Differential Revision: https://reviews.llvm.org/D35735
https://bugs.llvm.org/show_bug.cgi?id=33881
llvm-svn: 309007
diff --git a/clang/docs/ReleaseNotes.rst b/clang/docs/ReleaseNotes.rst
index 649d409..692d9e8 100644
--- a/clang/docs/ReleaseNotes.rst
+++ b/clang/docs/ReleaseNotes.rst
@@ -155,7 +155,9 @@
Undefined Behavior Sanitizer (UBSan)
------------------------------------
-...
+The C++ dynamic type check now requires run-time null checking (i.e,
+`-fsanitize=vptr` cannot be used without `-fsanitize=null`). This change does
+not impact users who rely on UBSan check groups (e.g `-fsanitize=undefined`).
Core Analysis Improvements
==========================