From 26cba1cb3925a46e2be60656d2e407e10ce243a1 Mon Sep 17 00:00:00 2001
From: Ben Clayton <bclayton@google.com>
Date: Thu, 5 May 2022 14:19:20 +0000
Subject: [PATCH] tint: Fix CFI error in BlockAllocator

Use a memcpy to avoid a bad-cast seat belt which is firing in ChomeOS.

Bug: dawn:1406
Change-Id: I3acf0e2552ef8c5267e8c5701cc2f95f6e283c7a
Reviewed-on: https://dawn-review.googlesource.com/c/dawn/+/89020
Kokoro: Kokoro <noreply+kokoro@google.com>
Reviewed-by: Antonio Maiorano <amaiorano@google.com>
Commit-Queue: Ben Clayton <bclayton@google.com>
---
 src/tint/utils/block_allocator.h | 10 +++++++++-
 1 file changed, 9 insertions(+), 1 deletion(-)

diff --git a/src/tint/utils/block_allocator.h b/src/tint/utils/block_allocator.h
index 0fdf66ac6b..84d3bc3a3d 100644
--- a/src/tint/utils/block_allocator.h
+++ b/src/tint/utils/block_allocator.h
@@ -16,6 +16,7 @@
 #define SRC_TINT_UTILS_BLOCK_ALLOCATOR_H_
 
 #include <array>
+#include <cstring>
 #include <utility>
 
 #include "src/tint/utils/math.h"
@@ -230,7 +231,14 @@ class BlockAllocator {
         }
 
         auto* base = &block_.current->data[0];
-        auto* ptr = reinterpret_cast<TYPE*>(base + block_.current_offset);
+        auto* addr = static_cast<void*>(base + block_.current_offset);
+        // Use a memcpy to reinterpret 'void* addr' as 'TYPE* ptr'.
+        // This is done without using a static_cast, as Clang's Control Flow Integrity checks can
+        // trigger for this cast, as we're casting from uint8_t* to TYPE*.
+        // See: crbug.com/dawn/1406
+        // See: https://clang.llvm.org/docs/ControlFlowIntegrity.html#bad-cast-checking
+        TYPE* ptr;
+        memcpy(&ptr, &addr, sizeof(addr));
         block_.current_offset += sizeof(TYPE);
         return ptr;
     }