From 775568b0853417512d55d82965226fe1c704adf9 Mon Sep 17 00:00:00 2001 From: Peter Collingbourne Date: Fri, 11 Dec 2015 23:54:18 +0000 Subject: [PATCH] docs: Document -fno-sanitize-trap= and -fsanitize-recover= flags for CFI. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@255393 91177308-0d34-0410-b5e6-96231b3b80d8 --- docs/ControlFlowIntegrity.rst | 18 ++++++++++++++++++ 1 file changed, 18 insertions(+) diff --git a/docs/ControlFlowIntegrity.rst b/docs/ControlFlowIntegrity.rst index d630d1fbb3..3c76f0065e 100644 --- a/docs/ControlFlowIntegrity.rst +++ b/docs/ControlFlowIntegrity.rst @@ -61,6 +61,24 @@ checking. Remember that you have to provide ``-flto`` if at least one CFI scheme is enabled. +Trapping and Diagnostics +======================== + +By default, CFI will abort the program immediately upon detecting a control +flow integrity violation. You can use the :ref:`-fno-sanitize-trap= +` flag to cause CFI to print a diagnostic +similar to the one below before the program aborts. + +.. code-block:: console + + bad-cast.cpp:109:7: runtime error: control flow integrity check for type 'B' failed during base-to-derived cast (vtable address 0x000000425a50) + 0x000000425a50: note: vtable is of type 'A' + 00 00 00 00 f0 f1 41 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 20 5a 42 00 + ^ + +If diagnostics are enabled, you can also configure CFI to continue program +execution instead of aborting by using the :ref:`-fsanitize-recover= +` flag. Forward-Edge CFI for Virtual Calls ================================== -- 2.40.0