- 
                Notifications
    You must be signed in to change notification settings 
- Fork 13.9k
Closed
Labels
A-sanitizersArea: Sanitizers for correctness and code qualityArea: Sanitizers for correctness and code qualityC-bugCategory: This is a bug.Category: This is a bug.PG-exploit-mitigationsProject group: Exploit mitigationsProject group: Exploit mitigationsT-compilerRelevant to the compiler team, which will review and decide on the PR/issue.Relevant to the compiler team, which will review and decide on the PR/issue.requires-nightlyThis issue requires a nightly compiler in some way.This issue requires a nightly compiler in some way.
Description
mmaurer@anyblade:~/github/rust-lang$ rustc -Z sanitizer=cfi -C lto -C codegen-units=1 badsample.rs
mmaurer@anyblade:~/github/rust-lang$ ./badsample 
Illegal instruction
mmaurer@anyblade:~/github/rust-lang$ rustc -C lto -C codegen-units=1 badsample.rs
mmaurer@anyblade:~/github/rust-lang$ ./badsample
mmaurer@anyblade:~/github/rust-lang$ cat badsample.rs 
trait Foo {
    fn foo(&self);
}
struct S;
impl Foo for S {
    fn foo(&self) {}
}
struct S2 {
    f: fn(&S)
}
impl S2 {
    fn foo(&self, s: &S) {
        (self.f)(s)
    }
}
fn main() {
    S2 { f: <S as Foo>::foo }.foo(&S)
}This appears to happen because <S as Foo>::foo has CFI-type fn(&dyn Foo) rather than fn(&S).
cc @rcvalle
Metadata
Metadata
Assignees
Labels
A-sanitizersArea: Sanitizers for correctness and code qualityArea: Sanitizers for correctness and code qualityC-bugCategory: This is a bug.Category: This is a bug.PG-exploit-mitigationsProject group: Exploit mitigationsProject group: Exploit mitigationsT-compilerRelevant to the compiler team, which will review and decide on the PR/issue.Relevant to the compiler team, which will review and decide on the PR/issue.requires-nightlyThis issue requires a nightly compiler in some way.This issue requires a nightly compiler in some way.