Author: Mitch Phillips Date: 2021-08-02T15:10:21-07:00 New Revision: 65e9d7efb090756e16bbb5ff929efbc795a8b0d4
URL: https://github.com/llvm/llvm-project/commit/65e9d7efb090756e16bbb5ff929efbc795a8b0d4 DIFF: https://github.com/llvm/llvm-project/commit/65e9d7efb090756e16bbb5ff929efbc795a8b0d4.diff LOG: Improve UBSan documentation Add more checks, info on -fno-sanitize=..., and reference to 5/2021 UBSan Oracle blog. Authored By: DianeMeirowitz Reviewed By: hctim Differential Revision: https://reviews.llvm.org/D106908 Added: Modified: clang/docs/UndefinedBehaviorSanitizer.rst Removed: ################################################################################ diff --git a/clang/docs/UndefinedBehaviorSanitizer.rst b/clang/docs/UndefinedBehaviorSanitizer.rst index 3d48c38bf2211..da6779927e669 100644 --- a/clang/docs/UndefinedBehaviorSanitizer.rst +++ b/clang/docs/UndefinedBehaviorSanitizer.rst @@ -12,7 +12,9 @@ UndefinedBehaviorSanitizer (UBSan) is a fast undefined behavior detector. UBSan modifies the program at compile-time to catch various kinds of undefined behavior during program execution, for example: -* Using misaligned or null pointer +* Array subscript out of bounds, where the bounds can be statically determined +* Bitwise shifts that are out of bounds for their data type +* Dereferencing misaligned or null pointers * Signed integer overflow * Conversion to, from, or between floating-point types which would overflow the destination @@ -53,6 +55,7 @@ and define the desired behavior for each kind of check: * ``-fsanitize=...``: print a verbose error report and continue execution (default); * ``-fno-sanitize-recover=...``: print a verbose error report and exit the program; * ``-fsanitize-trap=...``: execute a trap instruction (doesn't require UBSan run-time support). +* ``-fno-sanitize=...``: disable any check, e.g., -fno-sanitize=alignment. Note that the ``trap`` / ``recover`` options do not enable the corresponding sanitizer, and in general need to be accompanied by a suitable ``-fsanitize=`` @@ -357,6 +360,9 @@ For a file called ``/code/library/file.cpp``, here is what would be emitted: More Information ================ +* From Oracle blog, including a discussion of error messages: + `Improving Application Security with UndefinedBehaviorSanitizer (UBSan) and GCC + <https://blogs.oracle.com/linux/improving-application-security-with-undefinedbehaviorsanitizer-ubsan-and-gcc>`_ * From LLVM project blog: `What Every C Programmer Should Know About Undefined Behavior <http://blog.llvm.org/2011/05/what-every-c-programmer-should-know.html>`_ _______________________________________________ cfe-commits mailing list cfe-commits@lists.llvm.org https://lists.llvm.org/cgi-bin/mailman/listinfo/cfe-commits
