jmgao added a comment.
With #1, it seems unfortunate to not be able to distinguish between a sanitize
inserted __builtin_trap and code manually calling it. (Would there be an
-fsanitize-trap=trap? :-)
With #2, we're worried about the generated code being noticeably worse in the
unexceptional case than running without the sanitizers.
Compiling the following snippet with -O3 -fsanitize=unsigned-integer-overflow
-fomit-frame-pointer and additional arguments generates:
unsigned foo(unsigned a, unsigned b, unsigned c, unsigned d) { return a + b +
c + d; }
no additional arguments
foo:
push {r4, r5, r6, r7, r8, lr}
mov r5, r2
mov r2, r1
mov r1, r0
mov r0, #1
mov r8, r3
mov r4, #1
add r6, r1, r2
cmp r6, r1
movhs r0, #0
cmp r0, #0
bne .LBB0_4
.LBB0_1:
add r7, r6, r5
cmp r7, r6
movhs r4, #0
cmp r4, #0
bne .LBB0_5
.LBB0_2:
add r5, r7, r8
mov r0, #1
cmp r5, r7
movhs r0, #0
cmp r0, #0
bne .LBB0_6
.LBB0_3:
mov r0, r5
pop {r4, r5, r6, r7, r8, lr}
bx lr
.LBB0_4:
<overflow handling>
-fsanitize-trap=unsigned-integer-overflow
foo:
add r1, r0, r1
mov r12, #1
cmp r1, r0
mov r0, #1
movhs r0, #0
cmp r0, #0
bne .LBB0_3
@ BB#1:
add r2, r1, r2
cmp r2, r1
movhs r12, #0
cmp r12, #0
bne .LBB0_3
@ BB#2:
add r0, r2, r3
mov r1, #1
cmp r0, r2
movhs r1, #0
cmp r1, #0
bxeq lr
.LBB0_3:
.long 3892305662 @ trap
-fsanitize-trap=unsigned-integer-overflow -fsanitize-trap-function=sanitize_trap
foo:
push {r11, lr} ; Not quite perfect, but still better
add r1, r0, r1
mov r12, #1
cmp r1, r0
mov r0, #1
movhs r0, #0
cmp r0, #0
bne .LBB0_3
@ BB#1:
add r2, r1, r2
cmp r2, r1
movhs r12, #0
cmp r12, #0
bne .LBB0_3
@ BB#2:
add r0, r2, r3
mov r1, #1
cmp r0, r2
movhs r1, #0
cmp r1, #0
popeq {r11, lr}
bxeq lr
.LBB0_3:
bl sanitize_trap(PLT)
http://reviews.llvm.org/D12181
_______________________________________________
cfe-commits mailing list
cfe-commits@lists.llvm.org
http://lists.llvm.org/cgi-bin/mailman/listinfo/cfe-commits
