================
@@ -2201,6 +2215,22 @@ void CodeGenFunction::EmitCXXConstructorCall(
EmitTypeCheck(CodeGenFunction::TCK_ConstructorCall, Loc, This,
getContext().getRecordType(ClassDecl), CharUnits::Zero());
+ // When initializing an object that has pointer field protection and whose
+ // fields are not trivially relocatable we must initialize any pointer fields
+ // to a valid signed pointer (any pointer value will do, but we just use null
+ // pointers). This is because if the object is subsequently copied, its copy
+ // constructor will need to read and authenticate any pointer fields in order
+ // to copy the object to a new address, which will fail if the pointers are
+ // uninitialized.
+ if (!getContext().arePFPFieldsTriviallyRelocatable(D->getParent())) {
----------------
pcc wrote:
Looking more closely through the standard confirms that we don't need to do
this initialization in the compiler. Because the uninitialized fields may be
considered to be what the standard calls "invalid pointer values", the standard
gives us a lot of leeway for implementation-defined behavior when reading them.
The standard specifically calls out what we want to happen here:
> Some implementations might define that copying an invalid pointer value
> causes a system-generated runtime fault.
In practice there seem to be only a few places that need to be fixed, so we can
just fix them.
https://github.com/llvm/llvm-project/pull/133538
_______________________________________________
llvm-branch-commits mailing list
[email protected]
https://lists.llvm.org/cgi-bin/mailman/listinfo/llvm-branch-commits
