I checked in r304486 to try and address the issue. thanks, vedant
> On Jun 1, 2017, at 3:21 PM, Vedant Kumar via cfe-commits > <cfe-commits@lists.llvm.org> wrote: > > Taking a look. > > vedant > >> On Jun 1, 2017, at 2:45 PM, Galina Kistanova <gkistan...@gmail.com >> <mailto:gkistan...@gmail.com>> wrote: >> >> Hello Vedant, >> >> This commit broke tests on some of our builders: >> >> Failing Tests (1): >> Clang :: CodeGen/ubsan-pointer-overflow.m >> >> http://lab.llvm.org:8011/builders/llvm-clang-x86_64-expensive-checks-win/builds/2865/steps/test-check-all/logs/stdio >> >> <http://lab.llvm.org:8011/builders/llvm-clang-x86_64-expensive-checks-win/builds/2865/steps/test-check-all/logs/stdio> >> http://lab.llvm.org:8011/builders/llvm-clang-lld-x86_64-scei-ps4-windows10pro-fast/builds/10259 >> >> <http://lab.llvm.org:8011/builders/llvm-clang-lld-x86_64-scei-ps4-windows10pro-fast/builds/10259> >> http://lab.llvm.org:8011/builders/clang-with-lto-ubuntu/builds/3097 >> <http://lab.llvm.org:8011/builders/clang-with-lto-ubuntu/builds/3097> >> etc >> >> Thanks >> >> Galina >> >> On Thu, Jun 1, 2017 at 12:22 PM, Vedant Kumar via cfe-commits >> <cfe-commits@lists.llvm.org <mailto:cfe-commits@lists.llvm.org>> wrote: >> Author: vedantk >> Date: Thu Jun 1 14:22:18 2017 >> New Revision: 304459 >> >> URL: http://llvm.org/viewvc/llvm-project?rev=304459&view=rev >> <http://llvm.org/viewvc/llvm-project?rev=304459&view=rev> >> Log: >> [ubsan] Add a check for pointer overflow UB >> >> Check pointer arithmetic for overflow. >> >> For some more background on this check, see: >> >> https://wdtz.org/catching-pointer-overflow-bugs.html >> <https://wdtz.org/catching-pointer-overflow-bugs.html> >> https://reviews.llvm.org/D20322 <https://reviews.llvm.org/D20322> >> >> Patch by Will Dietz and John Regehr! >> >> This version of the patch is different from the original in a few ways: >> >> - It introduces the EmitCheckedInBoundsGEP utility which inserts >> checks when the pointer overflow check is enabled. >> >> - It does some constant-folding to reduce instrumentation overhead. >> >> - It does not check some GEPs in CGExprCXX. I'm not sure that >> inserting checks here, or in CGClass, would catch many bugs. >> >> Possible future directions for this check: >> >> - Introduce CGF.EmitCheckedStructGEP, to detect overflows when >> accessing structures. >> >> Testing: Apart from the added lit test, I ran check-llvm and check-clang >> with a stage2, ubsan-instrumented clang. Will and John have also done >> extensive testing on numerous open source projects. >> >> Differential Revision: https://reviews.llvm.org/D33305 >> <https://reviews.llvm.org/D33305> >> >> Added: >> cfe/trunk/test/CodeGen/ubsan-pointer-overflow.m >> Modified: >> cfe/trunk/docs/UndefinedBehaviorSanitizer.rst >> cfe/trunk/include/clang/Basic/Sanitizers.def >> cfe/trunk/lib/CodeGen/CGExpr.cpp >> cfe/trunk/lib/CodeGen/CGExprScalar.cpp >> cfe/trunk/lib/CodeGen/CodeGenFunction.h >> cfe/trunk/test/Driver/fsanitize.c >> >> Modified: cfe/trunk/docs/UndefinedBehaviorSanitizer.rst >> URL: >> http://llvm.org/viewvc/llvm-project/cfe/trunk/docs/UndefinedBehaviorSanitizer.rst?rev=304459&r1=304458&r2=304459&view=diff >> >> <http://llvm.org/viewvc/llvm-project/cfe/trunk/docs/UndefinedBehaviorSanitizer.rst?rev=304459&r1=304458&r2=304459&view=diff> >> ============================================================================== >> --- cfe/trunk/docs/UndefinedBehaviorSanitizer.rst (original) >> +++ cfe/trunk/docs/UndefinedBehaviorSanitizer.rst Thu Jun 1 14:22:18 2017 >> @@ -106,6 +106,8 @@ Available checks are: >> invalid pointers. These checks are made in terms of >> ``__builtin_object_size``, and consequently may be able to detect more >> problems at higher optimization levels. >> + - ``-fsanitize=pointer-overflow``: Performing pointer arithmetic which >> + overflows. >> - ``-fsanitize=return``: In C++, reaching the end of a >> value-returning function without returning a value. >> - ``-fsanitize=returns-nonnull-attribute``: Returning null pointer >> >> Modified: cfe/trunk/include/clang/Basic/Sanitizers.def >> URL: >> http://llvm.org/viewvc/llvm-project/cfe/trunk/include/clang/Basic/Sanitizers.def?rev=304459&r1=304458&r2=304459&view=diff >> >> <http://llvm.org/viewvc/llvm-project/cfe/trunk/include/clang/Basic/Sanitizers.def?rev=304459&r1=304458&r2=304459&view=diff> >> ============================================================================== >> --- cfe/trunk/include/clang/Basic/Sanitizers.def (original) >> +++ cfe/trunk/include/clang/Basic/Sanitizers.def Thu Jun 1 14:22:18 2017 >> @@ -73,6 +73,7 @@ SANITIZER("nullability-return", Nullabil >> SANITIZER_GROUP("nullability", Nullability, >> NullabilityArg | NullabilityAssign | NullabilityReturn) >> SANITIZER("object-size", ObjectSize) >> +SANITIZER("pointer-overflow", PointerOverflow) >> SANITIZER("return", Return) >> SANITIZER("returns-nonnull-attribute", ReturnsNonnullAttribute) >> SANITIZER("shift-base", ShiftBase) >> @@ -108,9 +109,9 @@ SANITIZER("safe-stack", SafeStack) >> SANITIZER_GROUP("undefined", Undefined, >> Alignment | Bool | ArrayBounds | Enum | FloatCastOverflow | >> FloatDivideByZero | IntegerDivideByZero | >> NonnullAttribute | >> - Null | ObjectSize | Return | ReturnsNonnullAttribute | >> - Shift | SignedIntegerOverflow | Unreachable | VLABound | >> - Function | Vptr) >> + Null | ObjectSize | PointerOverflow | Return | >> + ReturnsNonnullAttribute | Shift | SignedIntegerOverflow >> | >> + Unreachable | VLABound | Function | Vptr) >> >> // -fsanitize=undefined-trap is an alias for -fsanitize=undefined. >> SANITIZER_GROUP("undefined-trap", UndefinedTrap, Undefined) >> >> Modified: cfe/trunk/lib/CodeGen/CGExpr.cpp >> URL: >> http://llvm.org/viewvc/llvm-project/cfe/trunk/lib/CodeGen/CGExpr.cpp?rev=304459&r1=304458&r2=304459&view=diff >> >> <http://llvm.org/viewvc/llvm-project/cfe/trunk/lib/CodeGen/CGExpr.cpp?rev=304459&r1=304458&r2=304459&view=diff> >> ============================================================================== >> --- cfe/trunk/lib/CodeGen/CGExpr.cpp (original) >> +++ cfe/trunk/lib/CodeGen/CGExpr.cpp Thu Jun 1 14:22:18 2017 >> @@ -3002,9 +3002,10 @@ static llvm::Value *emitArraySubscriptGE >> llvm::Value *ptr, >> ArrayRef<llvm::Value*> indices, >> bool inbounds, >> + SourceLocation loc, >> const llvm::Twine &name = "arrayidx") { >> if (inbounds) { >> - return CGF.Builder.CreateInBoundsGEP(ptr, indices, name); >> + return CGF.EmitCheckedInBoundsGEP(ptr, indices, loc, name); >> } else { >> return CGF.Builder.CreateGEP(ptr, indices, name); >> } >> @@ -3035,8 +3036,9 @@ static QualType getFixedSizeElementType( >> } >> >> static Address emitArraySubscriptGEP(CodeGenFunction &CGF, Address addr, >> - ArrayRef<llvm::Value*> indices, >> + ArrayRef<llvm::Value *> indices, >> QualType eltType, bool inbounds, >> + SourceLocation loc, >> const llvm::Twine &name = "arrayidx") { >> // All the indices except that last must be zero. >> #ifndef NDEBUG >> @@ -3057,7 +3059,7 @@ static Address emitArraySubscriptGEP(Cod >> getArrayElementAlign(addr.getAlignment(), indices.back(), eltSize); >> >> llvm::Value *eltPtr = >> - emitArraySubscriptGEP(CGF, addr.getPointer(), indices, inbounds, name); >> + emitArraySubscriptGEP(CGF, addr.getPointer(), indices, inbounds, loc, >> name); >> return Address(eltPtr, eltAlign); >> } >> >> @@ -3110,7 +3112,8 @@ LValue CodeGenFunction::EmitArraySubscri >> Address Addr = EmitExtVectorElementLValue(LV); >> >> QualType EltType = LV.getType()->castAs<VectorType>()->getElementType(); >> - Addr = emitArraySubscriptGEP(*this, Addr, Idx, EltType, /*inbounds*/ >> true); >> + Addr = emitArraySubscriptGEP(*this, Addr, Idx, EltType, /*inbounds*/ >> true, >> + E->getExprLoc()); >> return MakeAddrLValue(Addr, EltType, LV.getBaseInfo()); >> } >> >> @@ -3138,7 +3141,8 @@ LValue CodeGenFunction::EmitArraySubscri >> } >> >> Addr = emitArraySubscriptGEP(*this, Addr, Idx, vla->getElementType(), >> - !getLangOpts().isSignedOverflowDefined()); >> + !getLangOpts().isSignedOverflowDefined(), >> + E->getExprLoc()); >> >> } else if (const ObjCObjectType *OIT = >> E->getType()->getAs<ObjCObjectType>()){ >> // Indexing over an interface, as in "NSString *P; P[4];" >> @@ -3163,8 +3167,8 @@ LValue CodeGenFunction::EmitArraySubscri >> // Do the GEP. >> CharUnits EltAlign = >> getArrayElementAlign(Addr.getAlignment(), Idx, InterfaceSize); >> - llvm::Value *EltPtr = >> - emitArraySubscriptGEP(*this, Addr.getPointer(), ScaledIdx, false); >> + llvm::Value *EltPtr = emitArraySubscriptGEP( >> + *this, Addr.getPointer(), ScaledIdx, false, E->getExprLoc()); >> Addr = Address(EltPtr, EltAlign); >> >> // Cast back. >> @@ -3189,14 +3193,16 @@ LValue CodeGenFunction::EmitArraySubscri >> Addr = emitArraySubscriptGEP(*this, ArrayLV.getAddress(), >> {CGM.getSize(CharUnits::Zero()), Idx}, >> E->getType(), >> - !getLangOpts().isSignedOverflowDefined()); >> + !getLangOpts().isSignedOverflowDefined(), >> + E->getExprLoc()); >> BaseInfo = ArrayLV.getBaseInfo(); >> } else { >> // The base must be a pointer; emit it with an estimate of its >> alignment. >> Addr = EmitPointerWithAlignment(E->getBase(), &BaseInfo); >> auto *Idx = EmitIdxAfterBase(/*Promote*/true); >> Addr = emitArraySubscriptGEP(*this, Addr, Idx, E->getType(), >> - !getLangOpts().isSignedOverflowDefined()); >> + !getLangOpts().isSignedOverflowDefined(), >> + E->getExprLoc()); >> } >> >> LValue LV = MakeAddrLValue(Addr, E->getType(), BaseInfo); >> @@ -3368,7 +3374,8 @@ LValue CodeGenFunction::EmitOMPArraySect >> else >> Idx = Builder.CreateNSWMul(Idx, NumElements); >> EltPtr = emitArraySubscriptGEP(*this, Base, Idx, VLA->getElementType(), >> - >> !getLangOpts().isSignedOverflowDefined()); >> + !getLangOpts().isSignedOverflowDefined(), >> + E->getExprLoc()); >> } else if (const Expr *Array = isSimpleArrayDecayOperand(E->getBase())) { >> // If this is A[i] where A is an array, the frontend will have decayed >> the >> // base to be a ArrayToPointerDecay implicit cast. While correct, it is >> @@ -3387,13 +3394,15 @@ LValue CodeGenFunction::EmitOMPArraySect >> // Propagate the alignment from the array itself to the result. >> EltPtr = emitArraySubscriptGEP( >> *this, ArrayLV.getAddress(), {CGM.getSize(CharUnits::Zero()), Idx}, >> - ResultExprTy, !getLangOpts().isSignedOverflowDefined()); >> + ResultExprTy, !getLangOpts().isSignedOverflowDefined(), >> + E->getExprLoc()); >> BaseInfo = ArrayLV.getBaseInfo(); >> } else { >> Address Base = emitOMPArraySectionBase(*this, E->getBase(), BaseInfo, >> BaseTy, ResultExprTy, >> IsLowerBound); >> EltPtr = emitArraySubscriptGEP(*this, Base, Idx, ResultExprTy, >> - >> !getLangOpts().isSignedOverflowDefined()); >> + !getLangOpts().isSignedOverflowDefined(), >> + E->getExprLoc()); >> } >> >> return MakeAddrLValue(EltPtr, ResultExprTy, BaseInfo); >> >> Modified: cfe/trunk/lib/CodeGen/CGExprScalar.cpp >> URL: >> http://llvm.org/viewvc/llvm-project/cfe/trunk/lib/CodeGen/CGExprScalar.cpp?rev=304459&r1=304458&r2=304459&view=diff >> >> <http://llvm.org/viewvc/llvm-project/cfe/trunk/lib/CodeGen/CGExprScalar.cpp?rev=304459&r1=304458&r2=304459&view=diff> >> ============================================================================== >> --- cfe/trunk/lib/CodeGen/CGExprScalar.cpp (original) >> +++ cfe/trunk/lib/CodeGen/CGExprScalar.cpp Thu Jun 1 14:22:18 2017 >> @@ -30,6 +30,7 @@ >> #include "llvm/IR/Constants.h" >> #include "llvm/IR/DataLayout.h" >> #include "llvm/IR/Function.h" >> +#include "llvm/IR/GetElementPtrTypeIterator.h" >> #include "llvm/IR/GlobalVariable.h" >> #include "llvm/IR/Intrinsics.h" >> #include "llvm/IR/Module.h" >> @@ -44,6 +45,43 @@ using llvm::Value; >> >> //===----------------------------------------------------------------------===// >> >> namespace { >> + >> +/// Determine whether the given binary operation may overflow. >> +/// Sets \p Result to the value of the operation for BO_Add, BO_Sub, BO_Mul, >> +/// and signed BO_{Div,Rem}. For these opcodes, and for unsigned >> BO_{Div,Rem}, >> +/// the returned overflow check is precise. The returned value is 'true' for >> +/// all other opcodes, to be conservative. >> +bool mayHaveIntegerOverflow(llvm::ConstantInt *LHS, llvm::ConstantInt *RHS, >> + BinaryOperator::Opcode Opcode, bool Signed, >> + llvm::APInt &Result) { >> + // Assume overflow is possible, unless we can prove otherwise. >> + bool Overflow = true; >> + const auto &LHSAP = LHS->getValue(); >> + const auto &RHSAP = RHS->getValue(); >> + if (Opcode == BO_Add) { >> + if (Signed) >> + Result = LHSAP.sadd_ov(RHSAP, Overflow); >> + else >> + Result = LHSAP.uadd_ov(RHSAP, Overflow); >> + } else if (Opcode == BO_Sub) { >> + if (Signed) >> + Result = LHSAP.ssub_ov(RHSAP, Overflow); >> + else >> + Result = LHSAP.usub_ov(RHSAP, Overflow); >> + } else if (Opcode == BO_Mul) { >> + if (Signed) >> + Result = LHSAP.smul_ov(RHSAP, Overflow); >> + else >> + Result = LHSAP.umul_ov(RHSAP, Overflow); >> + } else if (Opcode == BO_Div || Opcode == BO_Rem) { >> + if (Signed && !RHS->isZero()) >> + Result = LHSAP.sdiv_ov(RHSAP, Overflow); >> + else >> + return false; >> + } >> + return Overflow; >> +} >> + >> struct BinOpInfo { >> Value *LHS; >> Value *RHS; >> @@ -55,37 +93,14 @@ struct BinOpInfo { >> /// Check if the binop can result in integer overflow. >> bool mayHaveIntegerOverflow() const { >> // Without constant input, we can't rule out overflow. >> - const auto *LHSCI = dyn_cast<llvm::ConstantInt>(LHS); >> - const auto *RHSCI = dyn_cast<llvm::ConstantInt>(RHS); >> + auto *LHSCI = dyn_cast<llvm::ConstantInt>(LHS); >> + auto *RHSCI = dyn_cast<llvm::ConstantInt>(RHS); >> if (!LHSCI || !RHSCI) >> return true; >> >> - // Assume overflow is possible, unless we can prove otherwise. >> - bool Overflow = true; >> - const auto &LHSAP = LHSCI->getValue(); >> - const auto &RHSAP = RHSCI->getValue(); >> - if (Opcode == BO_Add) { >> - if (Ty->hasSignedIntegerRepresentation()) >> - (void)LHSAP.sadd_ov(RHSAP, Overflow); >> - else >> - (void)LHSAP.uadd_ov(RHSAP, Overflow); >> - } else if (Opcode == BO_Sub) { >> - if (Ty->hasSignedIntegerRepresentation()) >> - (void)LHSAP.ssub_ov(RHSAP, Overflow); >> - else >> - (void)LHSAP.usub_ov(RHSAP, Overflow); >> - } else if (Opcode == BO_Mul) { >> - if (Ty->hasSignedIntegerRepresentation()) >> - (void)LHSAP.smul_ov(RHSAP, Overflow); >> - else >> - (void)LHSAP.umul_ov(RHSAP, Overflow); >> - } else if (Opcode == BO_Div || Opcode == BO_Rem) { >> - if (Ty->hasSignedIntegerRepresentation() && !RHSCI->isZero()) >> - (void)LHSAP.sdiv_ov(RHSAP, Overflow); >> - else >> - return false; >> - } >> - return Overflow; >> + llvm::APInt Result; >> + return ::mayHaveIntegerOverflow( >> + LHSCI, RHSCI, Opcode, Ty->hasSignedIntegerRepresentation(), Result); >> } >> >> /// Check if the binop computes a division or a remainder. >> @@ -1925,7 +1940,8 @@ ScalarExprEmitter::EmitScalarPrePostIncD >> if (CGF.getLangOpts().isSignedOverflowDefined()) >> value = Builder.CreateGEP(value, numElts, "vla.inc"); >> else >> - value = Builder.CreateInBoundsGEP(value, numElts, "vla.inc"); >> + value = CGF.EmitCheckedInBoundsGEP(value, numElts, E->getExprLoc(), >> + "vla.inc"); >> >> // Arithmetic on function pointers (!) is just +-1. >> } else if (type->isFunctionType()) { >> @@ -1935,7 +1951,8 @@ ScalarExprEmitter::EmitScalarPrePostIncD >> if (CGF.getLangOpts().isSignedOverflowDefined()) >> value = Builder.CreateGEP(value, amt, "incdec.funcptr"); >> else >> - value = Builder.CreateInBoundsGEP(value, amt, "incdec.funcptr"); >> + value = CGF.EmitCheckedInBoundsGEP(value, amt, E->getExprLoc(), >> + "incdec.funcptr"); >> value = Builder.CreateBitCast(value, input->getType()); >> >> // For everything else, we can just do a simple increment. >> @@ -1944,7 +1961,8 @@ ScalarExprEmitter::EmitScalarPrePostIncD >> if (CGF.getLangOpts().isSignedOverflowDefined()) >> value = Builder.CreateGEP(value, amt, "incdec.ptr"); >> else >> - value = Builder.CreateInBoundsGEP(value, amt, "incdec.ptr"); >> + value = CGF.EmitCheckedInBoundsGEP(value, amt, E->getExprLoc(), >> + "incdec.ptr"); >> } >> >> // Vector increment/decrement. >> @@ -2025,7 +2043,8 @@ ScalarExprEmitter::EmitScalarPrePostIncD >> if (CGF.getLangOpts().isSignedOverflowDefined()) >> value = Builder.CreateGEP(value, sizeValue, "incdec.objptr"); >> else >> - value = Builder.CreateInBoundsGEP(value, sizeValue, "incdec.objptr"); >> + value = CGF.EmitCheckedInBoundsGEP(value, sizeValue, E->getExprLoc(), >> + "incdec.objptr"); >> value = Builder.CreateBitCast(value, input->getType()); >> } >> >> @@ -2692,7 +2711,8 @@ static Value *emitPointerArithmetic(Code >> pointer = CGF.Builder.CreateGEP(pointer, index, "add.ptr"); >> } else { >> index = CGF.Builder.CreateNSWMul(index, numElements, "vla.index"); >> - pointer = CGF.Builder.CreateInBoundsGEP(pointer, index, "add.ptr"); >> + pointer = CGF.EmitCheckedInBoundsGEP(pointer, index, >> op.E->getExprLoc(), >> + "add.ptr"); >> } >> return pointer; >> } >> @@ -2709,7 +2729,8 @@ static Value *emitPointerArithmetic(Code >> if (CGF.getLangOpts().isSignedOverflowDefined()) >> return CGF.Builder.CreateGEP(pointer, index, "add.ptr"); >> >> - return CGF.Builder.CreateInBoundsGEP(pointer, index, "add.ptr"); >> + return CGF.EmitCheckedInBoundsGEP(pointer, index, op.E->getExprLoc(), >> + "add.ptr"); >> } >> >> // Construct an fmuladd intrinsic to represent a fused mul-add of MulOp and >> @@ -3824,3 +3845,124 @@ LValue CodeGenFunction::EmitCompoundAssi >> >> llvm_unreachable("Unhandled compound assignment operator"); >> } >> + >> +Value *CodeGenFunction::EmitCheckedInBoundsGEP(Value *Ptr, >> + ArrayRef<Value *> IdxList, >> + SourceLocation Loc, >> + const Twine &Name) { >> + Value *GEPVal = Builder.CreateInBoundsGEP(Ptr, IdxList, Name); >> + >> + // If the pointer overflow sanitizer isn't enabled, do nothing. >> + if (!SanOpts.has(SanitizerKind::PointerOverflow)) >> + return GEPVal; >> + >> + // If the GEP has already been reduced to a constant, leave it be. >> + if (isa<llvm::Constant>(GEPVal)) >> + return GEPVal; >> + >> + // Only check for overflows in the default address space. >> + if (GEPVal->getType()->getPointerAddressSpace()) >> + return GEPVal; >> + >> + auto *GEP = cast<llvm::GEPOperator>(GEPVal); >> + assert(GEP->isInBounds() && "Expected inbounds GEP"); >> + >> + SanitizerScope SanScope(this); >> + auto &VMContext = getLLVMContext(); >> + const auto &DL = CGM.getDataLayout(); >> + auto *IntPtrTy = DL.getIntPtrType(GEP->getPointerOperandType()); >> + >> + // Grab references to the signed add/mul overflow intrinsics for intptr_t. >> + auto *Zero = llvm::ConstantInt::getNullValue(IntPtrTy); >> + auto *SAddIntrinsic = >> + CGM.getIntrinsic(llvm::Intrinsic::sadd_with_overflow, IntPtrTy); >> + auto *SMulIntrinsic = >> + CGM.getIntrinsic(llvm::Intrinsic::smul_with_overflow, IntPtrTy); >> + >> + // The total (signed) byte offset for the GEP. >> + llvm::Value *TotalOffset = nullptr; >> + // The offset overflow flag - true if the total offset overflows. >> + llvm::Value *OffsetOverflows = Builder.getFalse(); >> + >> + /// Return the result of the given binary operation. >> + auto eval = [&](BinaryOperator::Opcode Opcode, llvm::Value *LHS, >> + llvm::Value *RHS) -> llvm::Value * { >> + assert(Opcode == BO_Add || Opcode == BO_Mul && "Can't eval binop"); >> + >> + // If the operands are constants, return a constant result. >> + if (auto *LHSCI = dyn_cast<llvm::ConstantInt>(LHS)) { >> + if (auto *RHSCI = dyn_cast<llvm::ConstantInt>(RHS)) { >> + llvm::APInt N; >> + bool HasOverflow = mayHaveIntegerOverflow(LHSCI, RHSCI, Opcode, >> + /*Signed=*/true, N); >> + if (HasOverflow) >> + OffsetOverflows = Builder.getTrue(); >> + return llvm::ConstantInt::get(VMContext, N); >> + } >> + } >> + >> + // Otherwise, compute the result with checked arithmetic. >> + auto *ResultAndOverflow = Builder.CreateCall( >> + (Opcode == BO_Add) ? SAddIntrinsic : SMulIntrinsic, {LHS, RHS}); >> + OffsetOverflows = Builder.CreateOr( >> + OffsetOverflows, Builder.CreateExtractValue(ResultAndOverflow, 1)); >> + return Builder.CreateExtractValue(ResultAndOverflow, 0); >> + }; >> + >> + // Determine the total byte offset by looking at each GEP operand. >> + for (auto GTI = llvm::gep_type_begin(GEP), GTE = llvm::gep_type_end(GEP); >> + GTI != GTE; ++GTI) { >> + llvm::Value *LocalOffset; >> + auto *Index = GTI.getOperand(); >> + // Compute the local offset contributed by this indexing step: >> + if (auto *STy = GTI.getStructTypeOrNull()) { >> + // For struct indexing, the local offset is the byte position of the >> + // specified field. >> + unsigned FieldNo = cast<llvm::ConstantInt>(Index)->getZExtValue(); >> + LocalOffset = llvm::ConstantInt::get( >> + IntPtrTy, DL.getStructLayout(STy)->getElementOffset(FieldNo)); >> + } else { >> + // Otherwise this is array-like indexing. The local offset is the >> index >> + // multiplied by the element size. >> + auto *ElementSize = llvm::ConstantInt::get( >> + IntPtrTy, DL.getTypeAllocSize(GTI.getIndexedType())); >> + auto *IndexS = Builder.CreateIntCast(Index, IntPtrTy, >> /*isSigned=*/true); >> + LocalOffset = eval(BO_Mul, ElementSize, IndexS); >> + } >> + >> + // If this is the first offset, set it as the total offset. Otherwise, >> add >> + // the local offset into the running total. >> + if (!TotalOffset || TotalOffset == Zero) >> + TotalOffset = LocalOffset; >> + else >> + TotalOffset = eval(BO_Add, TotalOffset, LocalOffset); >> + } >> + >> + // Common case: if the total offset is zero, don't emit a check. >> + if (TotalOffset == Zero) >> + return GEPVal; >> + >> + // Now that we've computed the total offset, add it to the base pointer >> (with >> + // wrapping semantics). >> + auto *IntPtr = Builder.CreatePtrToInt(GEP->getPointerOperand(), IntPtrTy); >> + auto *ComputedGEP = Builder.CreateAdd(IntPtr, TotalOffset); >> + >> + // The GEP is valid if: >> + // 1) The total offset doesn't overflow, and >> + // 2) The sign of the difference between the computed address and the base >> + // pointer matches the sign of the total offset. >> + llvm::Value *PosOrZeroValid = Builder.CreateICmpUGE(ComputedGEP, IntPtr); >> + llvm::Value *NegValid = Builder.CreateICmpULT(ComputedGEP, IntPtr); >> + auto *PosOrZeroOffset = Builder.CreateICmpSGE(TotalOffset, Zero); >> + llvm::Value *ValidGEP = Builder.CreateAnd( >> + Builder.CreateNot(OffsetOverflows), >> + Builder.CreateSelect(PosOrZeroOffset, PosOrZeroValid, NegValid)); >> + >> + llvm::Constant *StaticArgs[] = {EmitCheckSourceLocation(Loc)}; >> + // Pass the computed GEP to the runtime to avoid emitting poisoned >> arguments. >> + llvm::Value *DynamicArgs[] = {IntPtr, ComputedGEP}; >> + EmitCheck(std::make_pair(ValidGEP, SanitizerKind::PointerOverflow), >> + SanitizerHandler::PointerOverflow, StaticArgs, DynamicArgs); >> + >> + return GEPVal; >> +} >> >> Modified: cfe/trunk/lib/CodeGen/CodeGenFunction.h >> URL: >> http://llvm.org/viewvc/llvm-project/cfe/trunk/lib/CodeGen/CodeGenFunction.h?rev=304459&r1=304458&r2=304459&view=diff >> >> <http://llvm.org/viewvc/llvm-project/cfe/trunk/lib/CodeGen/CodeGenFunction.h?rev=304459&r1=304458&r2=304459&view=diff> >> ============================================================================== >> --- cfe/trunk/lib/CodeGen/CodeGenFunction.h (original) >> +++ cfe/trunk/lib/CodeGen/CodeGenFunction.h Thu Jun 1 14:22:18 2017 >> @@ -120,6 +120,7 @@ enum TypeEvaluationKind { >> SANITIZER_CHECK(NonnullArg, nonnull_arg, 0) >> \ >> SANITIZER_CHECK(NonnullReturn, nonnull_return, 0) >> \ >> SANITIZER_CHECK(OutOfBounds, out_of_bounds, 0) >> \ >> + SANITIZER_CHECK(PointerOverflow, pointer_overflow, 0) >> \ >> SANITIZER_CHECK(ShiftOutOfBounds, shift_out_of_bounds, 0) >> \ >> SANITIZER_CHECK(SubOverflow, sub_overflow, 0) >> \ >> SANITIZER_CHECK(TypeMismatch, type_mismatch, 1) >> \ >> @@ -3551,6 +3552,13 @@ public: >> /// nonnull, if \p LHS is marked _Nonnull. >> void EmitNullabilityCheck(LValue LHS, llvm::Value *RHS, SourceLocation >> Loc); >> >> + /// Same as IRBuilder::CreateInBoundsGEP, but additionally emits a check >> to >> + /// detect undefined behavior when the pointer overflow sanitizer is >> enabled. >> + llvm::Value *EmitCheckedInBoundsGEP(llvm::Value *Ptr, >> + ArrayRef<llvm::Value *> IdxList, >> + SourceLocation Loc, >> + const Twine &Name = ""); >> + >> /// \brief Emit a description of a type in a format suitable for passing >> to >> /// a runtime sanitizer handler. >> llvm::Constant *EmitCheckTypeDescriptor(QualType T); >> >> Added: cfe/trunk/test/CodeGen/ubsan-pointer-overflow.m >> URL: >> http://llvm.org/viewvc/llvm-project/cfe/trunk/test/CodeGen/ubsan-pointer-overflow.m?rev=304459&view=auto >> >> <http://llvm.org/viewvc/llvm-project/cfe/trunk/test/CodeGen/ubsan-pointer-overflow.m?rev=304459&view=auto> >> ============================================================================== >> --- cfe/trunk/test/CodeGen/ubsan-pointer-overflow.m (added) >> +++ cfe/trunk/test/CodeGen/ubsan-pointer-overflow.m Thu Jun 1 14:22:18 2017 >> @@ -0,0 +1,171 @@ >> +// RUN: %clang_cc1 -triple x86_64-apple-darwin10 -w -emit-llvm -o - %s >> -fsanitize=pointer-overflow | FileCheck %s >> + >> +// CHECK-LABEL: define void @unary_arith >> +void unary_arith(char *p) { >> + // CHECK: [[BASE:%.*]] = ptrtoint i8* {{.*}} to i64, !nosanitize >> + // CHECK-NEXT: [[COMPGEP:%.*]] = add i64 [[BASE]], 1, !nosanitize >> + // CHECK-NEXT: [[POSVALID:%.*]] = icmp uge i64 [[COMPGEP]], [[BASE]], >> !nosanitize >> + // CHECK-NEXT: [[NEGVALID:%.*]] = icmp ult i64 [[COMPGEP]], [[BASE]], >> !nosanitize >> + // CHECK-NEXT: [[DIFFVALID:%.*]] = select i1 true, i1 [[POSVALID]], i1 >> [[NEGVALID]], !nosanitize >> + // CHECK-NEXT: [[VALID:%.*]] = and i1 true, [[DIFFVALID]], !nosanitize >> + // CHECK-NEXT: br i1 [[VALID]]{{.*}}, !nosanitize >> + // CHECK: call void @__ubsan_handle_pointer_overflow{{.*}}, i64 [[BASE]], >> i64 [[COMPGEP]]){{.*}}, !nosanitize >> + ++p; >> + >> + // CHECK: ptrtoint i8* {{.*}} to i64, !nosanitize >> + // CHECK-NEXT: add i64 {{.*}}, -1, !nosanitize >> + // CHECK: select i1 false{{.*}}, !nosanitize >> + // CHECK-NEXT: and i1 true{{.*}}, !nosanitize >> + // CHECK: call void @__ubsan_handle_pointer_overflow{{.*}} >> + --p; >> + >> + // CHECK: call void @__ubsan_handle_pointer_overflow{{.*}} >> + p++; >> + >> + // CHECK: call void @__ubsan_handle_pointer_overflow{{.*}} >> + p--; >> +} >> + >> +// CHECK-LABEL: define void @binary_arith >> +void binary_arith(char *p, int i) { >> + // CHECK: [[SMUL:%.*]] = call { i64, i1 } >> @llvm.smul.with.overflow.i64(i64 1, i64 %{{.*}}), !nosanitize >> + // CHECK-NEXT: [[SMULOFLOW:%.*]] = extractvalue { i64, i1 } [[SMUL]], 1, >> !nosanitize >> + // CHECK-NEXT: [[OFFSETOFLOW:%.*]] = or i1 false, [[SMULOFLOW]], >> !nosanitize >> + // CHECK-NEXT: [[SMULVAL:%.*]] = extractvalue { i64, i1 } [[SMUL]], 0, >> !nosanitize >> + // CHECK-NEXT: [[BASE:%.*]] = ptrtoint i8* {{.*}} to i64, !nosanitize >> + // CHECK-NEXT: [[COMPGEP:%.*]] = add i64 [[BASE]], [[SMULVAL]], >> !nosanitize >> + // CHECK-NEXT: [[POSVALID:%.*]] = icmp uge i64 [[COMPGEP]], [[BASE]], >> !nosanitize >> + // CHECK-NEXT: [[NEGVALID:%.*]] = icmp ult i64 [[COMPGEP]], [[BASE]], >> !nosanitize >> + // CHECK-NEXT: [[POSOFFSET:%.*]] = icmp sge i64 [[SMULVAL]], 0, >> !nosanitize >> + // CHECK-NEXT: [[OFFSETVALID:%.*]] = xor i1 [[OFFSETOFLOW]], true, >> !nosanitize >> + // CHECK-NEXT: [[DIFFVALID:%.*]] = select i1 [[POSOFFSET]], i1 >> [[POSVALID]], i1 [[NEGVALID]], !nosanitize >> + // CHECK-NEXT: [[VALID:%.*]] = and i1 [[OFFSETVALID]], [[DIFFVALID]], >> !nosanitize >> + // CHECK-NEXT: br i1 [[VALID]]{{.*}}, !nosanitize >> + // CHECK: call void @__ubsan_handle_pointer_overflow{{.*}}, i64 [[BASE]], >> i64 [[COMPGEP]]){{.*}}, !nosanitize >> + p + i; >> + >> + // CHECK: [[OFFSET:%.*]] = sub i64 0, {{.*}} >> + // CHECK-NEXT: getelementptr inbounds {{.*}} [[OFFSET]] >> + // CHECK: call void @__ubsan_handle_pointer_overflow{{.*}} >> + p - i; >> +} >> + >> +// CHECK-LABEL: define void @fixed_len_array >> +void fixed_len_array(int k) { >> + // CHECK: getelementptr inbounds [10 x [10 x i32]], [10 x [10 x i32]]* >> [[ARR:%.*]], i64 0, i64 [[IDXPROM:%.*]] >> + // CHECK-NEXT: [[SMUL:%.*]] = call { i64, i1 } >> @llvm.smul.with.overflow.i64(i64 40, i64 [[IDXPROM]]), !nosanitize >> + // CHECK-NEXT: [[SMULOFLOW:%.*]] = extractvalue { i64, i1 } [[SMUL]], 1, >> !nosanitize >> + // CHECK-NEXT: [[OFFSETOFLOW:%.*]] = or i1 false, [[SMULOFLOW]], >> !nosanitize >> + // CHECK-NEXT: [[SMULVAL:%.*]] = extractvalue { i64, i1 } [[SMUL]], 0, >> !nosanitize >> + // CHECK-NEXT: [[BASE:%.*]] = ptrtoint [10 x [10 x i32]]* [[ARR]] to i64, >> !nosanitize >> + // CHECK-NEXT: [[COMPGEP:%.*]] = add i64 [[BASE]], [[SMULVAL]], >> !nosanitize >> + // CHECK-NEXT: [[POSVALID:%.*]] = icmp uge i64 [[COMPGEP]], [[BASE]], >> !nosanitize >> + // CHECK-NEXT: [[NEGVALID:%.*]] = icmp ult i64 [[COMPGEP]], [[BASE]], >> !nosanitize >> + // CHECK-NEXT: [[POSOFFSET:%.*]] = icmp sge i64 [[SMULVAL]], 0, >> !nosanitize >> + // CHECK-NEXT: [[OFFSETVALID:%.*]] = xor i1 [[OFFSETOFLOW]], true, >> !nosanitize >> + // CHECK-NEXT: [[DIFFVALID:%.*]] = select i1 [[POSOFFSET]], i1 >> [[POSVALID]], i1 [[NEGVALID]], !nosanitize >> + // CHECK-NEXT: [[VALID:%.*]] = and i1 [[OFFSETVALID]], [[DIFFVALID]], >> !nosanitize >> + // CHECK-NEXT: br i1 [[VALID]]{{.*}}, !nosanitize >> + // CHECK: call void @__ubsan_handle_pointer_overflow{{.*}}, i64 [[BASE]], >> i64 [[COMPGEP]]){{.*}}, !nosanitize >> + >> + // CHECK: getelementptr inbounds [10 x i32], [10 x i32]* {{.*}}, i64 0, >> i64 [[IDXPROM1:%.*]] >> + // CHECK-NEXT: @llvm.smul.with.overflow.i64(i64 4, i64 [[IDXPROM1]]), >> !nosanitize >> + // CHECK: call void @__ubsan_handle_pointer_overflow{{.*}} >> + >> + int arr[10][10]; >> + arr[k][k]; >> +} >> + >> +// CHECK-LABEL: define void @variable_len_array >> +void variable_len_array(int n, int k) { >> + // CHECK: getelementptr inbounds i32, i32* {{.*}}, i64 [[IDXPROM:%.*]] >> + // CHECK-NEXT: @llvm.smul.with.overflow.i64(i64 4, i64 [[IDXPROM]]), >> !nosanitize >> + // CHECK: call void @__ubsan_handle_pointer_overflow{{.*}} >> + >> + // CHECK: getelementptr inbounds i32, i32* {{.*}}, i64 [[IDXPROM1:%.*]] >> + // CHECK-NEXT: @llvm.smul.with.overflow.i64(i64 4, i64 [[IDXPROM1]]), >> !nosanitize >> + // CHECK: call void @__ubsan_handle_pointer_overflow{{.*}} >> + >> + int arr[n][n]; >> + arr[k][k]; >> +} >> + >> +// CHECK-LABEL: define void @pointer_array >> +void pointer_array(int **arr, int k) { >> + // CHECK: @llvm.smul.with.overflow.i64(i64 8, i64 {{.*}}), !nosanitize >> + // CHECK: call void @__ubsan_handle_pointer_overflow{{.*}} >> + >> + // CHECK: @llvm.smul.with.overflow.i64(i64 4, i64 {{.*}}), !nosanitize >> + // CHECK: call void @__ubsan_handle_pointer_overflow{{.*}} >> + >> + arr[k][k]; >> +} >> + >> +struct S1 { >> + int pad1; >> + union { >> + char leaf; >> + struct S1 *link; >> + } u; >> + struct S1 *arr; >> +}; >> + >> +// TODO: Currently, structure GEPs are not checked, so there are several >> +// potentially unsafe GEPs here which we don't instrument. >> +// >> +// CHECK-LABEL: define void @struct_index >> +void struct_index(struct S1 *p) { >> + // CHECK: getelementptr inbounds %struct.S1, %struct.S1* [[P:%.*]], i64 10 >> + // CHECK-NEXT: [[BASE:%.*]] = ptrtoint %struct.S1* [[P]] to i64, >> !nosanitize >> + // CHECK-NEXT: [[COMPGEP:%.*]] = add i64 [[BASE]], 240, !nosanitize >> + // CHECK: @__ubsan_handle_pointer_overflow{{.*}} i64 [[BASE]], i64 >> [[COMPGEP]]) {{.*}}, !nosanitize >> + >> + // CHECK-NOT: @__ubsan_handle_pointer_overflow >> + >> + p->arr[10].u.link->u.leaf; >> +} >> + >> +typedef void (*funcptr_t)(void); >> + >> +// CHECK-LABEL: define void @function_pointer_arith >> +void function_pointer_arith(funcptr_t *p, int k) { >> + // CHECK: add i64 {{.*}}, 8, !nosanitize >> + // CHECK: @__ubsan_handle_pointer_overflow{{.*}} >> + ++p; >> + >> + // CHECK: @llvm.smul.with.overflow.i64(i64 8, i64 {{.*}}), !nosanitize >> + // CHECK: call void @__ubsan_handle_pointer_overflow{{.*}} >> + p + k; >> +} >> + >> +// CHECK-LABEL: define void @variable_len_array_arith >> +void variable_len_array_arith(int n, int k) { >> + int vla[n]; >> + int (*p)[n] = &vla; >> + >> + // CHECK: getelementptr inbounds i32, i32* {{.*}}, i64 [[INC:%.*]] >> + // CHECK: @llvm.smul.with.overflow.i64(i64 4, i64 [[INC]]), !nosanitize >> + // CHECK: call void @__ubsan_handle_pointer_overflow{{.*}} >> + ++p; >> + >> + // CHECK: getelementptr inbounds i32, i32* {{.*}}, i64 [[IDXPROM:%.*]] >> + // CHECK: @llvm.smul.with.overflow.i64(i64 4, i64 [[IDXPROM]]), >> !nosanitize >> + // CHECK: call void @__ubsan_handle_pointer_overflow{{.*}} >> + p + k; >> +} >> + >> +// CHECK-LABEL: define void @objc_id >> +void objc_id(id *p) { >> + // CHECK: add i64 {{.*}}, 8, !nosanitize >> + // CHECK: @__ubsan_handle_pointer_overflow{{.*}} >> + p++; >> +} >> + >> +// CHECK-LABEL: define void @dont_emit_checks_for_no_op_GEPs >> +// CHECK-NOT: __ubsan_handle_pointer_overflow >> +void dont_emit_checks_for_no_op_GEPs(char *p) { >> + &p[0]; >> + >> + int arr[10][10]; >> + &arr[0][0]; >> +} >> >> Modified: cfe/trunk/test/Driver/fsanitize.c >> URL: >> http://llvm.org/viewvc/llvm-project/cfe/trunk/test/Driver/fsanitize.c?rev=304459&r1=304458&r2=304459&view=diff >> >> <http://llvm.org/viewvc/llvm-project/cfe/trunk/test/Driver/fsanitize.c?rev=304459&r1=304458&r2=304459&view=diff> >> ============================================================================== >> --- cfe/trunk/test/Driver/fsanitize.c (original) >> +++ cfe/trunk/test/Driver/fsanitize.c Thu Jun 1 14:22:18 2017 >> @@ -3,18 +3,18 @@ >> // RUN: %clang -target x86_64-linux-gnu -fsanitize=undefined >> -fsanitize-undefined-trap-on-error %s -### 2>&1 | FileCheck %s >> --check-prefix=CHECK-UNDEFINED-TRAP >> // RUN: %clang -target x86_64-linux-gnu -fsanitize=undefined-trap >> -fsanitize-undefined-trap-on-error %s -### 2>&1 | FileCheck %s >> --check-prefix=CHECK-UNDEFINED-TRAP >> // RUN: %clang -target x86_64-linux-gnu -fsanitize-undefined-trap-on-error >> -fsanitize=undefined-trap %s -### 2>&1 | FileCheck %s >> --check-prefix=CHECK-UNDEFINED-TRAP >> -// CHECK-UNDEFINED-TRAP: >> "-fsanitize={{((signed-integer-overflow|integer-divide-by-zero|float-divide-by-zero|shift-base|shift-exponent|unreachable|return|vla-bound|alignment|null|object-size|float-cast-overflow|array-bounds|enum|bool|returns-nonnull-attribute|nonnull-attribute|function),?){18}"}} >> -// CHECK-UNDEFINED-TRAP: >> "-fsanitize-trap=alignment,array-bounds,bool,enum,float-cast-overflow,float-divide-by-zero,function,integer-divide-by-zero,nonnull-attribute,null,object-size,return,returns-nonnull-attribute,shift-base,shift-exponent,signed-integer-overflow,unreachable,vla-bound" >> -// CHECK-UNDEFINED-TRAP2: >> "-fsanitize-trap=alignment,array-bounds,bool,enum,float-cast-overflow,float-divide-by-zero,function,integer-divide-by-zero,nonnull-attribute,null,object-size,return,returns-nonnull-attribute,shift-base,shift-exponent,unreachable,vla-bound" >> +// CHECK-UNDEFINED-TRAP: >> "-fsanitize={{((signed-integer-overflow|integer-divide-by-zero|float-divide-by-zero|shift-base|shift-exponent|unreachable|return|vla-bound|alignment|null|object-size|pointer-overflow|float-cast-overflow|array-bounds|enum|bool|returns-nonnull-attribute|nonnull-attribute|function),?){19}"}} >> +// CHECK-UNDEFINED-TRAP: >> "-fsanitize-trap=alignment,array-bounds,bool,enum,float-cast-overflow,float-divide-by-zero,function,integer-divide-by-zero,nonnull-attribute,null,object-size,pointer-overflow,return,returns-nonnull-attribute,shift-base,shift-exponent,signed-integer-overflow,unreachable,vla-bound" >> +// CHECK-UNDEFINED-TRAP2: >> "-fsanitize-trap=alignment,array-bounds,bool,enum,float-cast-overflow,float-divide-by-zero,function,integer-divide-by-zero,nonnull-attribute,null,object-size,pointer-overflow,return,returns-nonnull-attribute,shift-base,shift-exponent,unreachable,vla-bound" >> >> // RUN: %clang -target x86_64-linux-gnu -fsanitize=undefined %s -### 2>&1 | >> FileCheck %s --check-prefix=CHECK-UNDEFINED >> -// CHECK-UNDEFINED: >> "-fsanitize={{((signed-integer-overflow|integer-divide-by-zero|float-divide-by-zero|function|shift-base|shift-exponent|unreachable|return|vla-bound|alignment|null|vptr|object-size|float-cast-overflow|array-bounds|enum|bool|returns-nonnull-attribute|nonnull-attribute),?){19}"}} >> +// CHECK-UNDEFINED: >> "-fsanitize={{((signed-integer-overflow|integer-divide-by-zero|float-divide-by-zero|function|shift-base|shift-exponent|unreachable|return|vla-bound|alignment|null|vptr|object-size|pointer-overflow|float-cast-overflow|array-bounds|enum|bool|returns-nonnull-attribute|nonnull-attribute),?){20}"}} >> >> // RUN: %clang -target x86_64-apple-darwin10 -fsanitize=undefined %s -### >> 2>&1 | FileCheck %s --check-prefix=CHECK-UNDEFINED-DARWIN >> -// CHECK-UNDEFINED-DARWIN: >> "-fsanitize={{((signed-integer-overflow|integer-divide-by-zero|float-divide-by-zero|shift-base|shift-exponent|unreachable|return|vla-bound|alignment|null|object-size|float-cast-overflow|array-bounds|enum|bool|returns-nonnull-attribute|nonnull-attribute),?){17}"}} >> +// CHECK-UNDEFINED-DARWIN: >> "-fsanitize={{((signed-integer-overflow|integer-divide-by-zero|float-divide-by-zero|shift-base|shift-exponent|unreachable|return|vla-bound|alignment|null|object-size|pointer-overflow|float-cast-overflow|array-bounds|enum|bool|returns-nonnull-attribute|nonnull-attribute),?){18}"}} >> >> // RUN: %clang -target i386-unknown-openbsd -fsanitize=undefined %s -### >> 2>&1 | FileCheck %s --check-prefix=CHECK-UNDEFINED-OPENBSD >> -// CHECK-UNDEFINED-OPENBSD: >> "-fsanitize={{((signed-integer-overflow|integer-divide-by-zero|float-divide-by-zero|shift-base|shift-exponent|unreachable|return|vla-bound|alignment|null|object-size|float-cast-overflow|array-bounds|enum|bool|returns-nonnull-attribute|nonnull-attribute),?){17}"}} >> +// CHECK-UNDEFINED-OPENBSD: >> "-fsanitize={{((signed-integer-overflow|integer-divide-by-zero|float-divide-by-zero|shift-base|shift-exponent|unreachable|return|vla-bound|alignment|null|object-size|pointer-overflow|float-cast-overflow|array-bounds|enum|bool|returns-nonnull-attribute|nonnull-attribute),?){18}"}} >> >> // RUN: %clang -target i386-pc-win32 -fsanitize=undefined %s -### 2>&1 | >> FileCheck %s --check-prefix=CHECK-UNDEFINED-WIN >> --check-prefix=CHECK-UNDEFINED-WIN32 >> // RUN: %clang -target i386-pc-win32 -fsanitize=undefined -x c++ %s -### >> 2>&1 | FileCheck %s --check-prefix=CHECK-UNDEFINED-WIN >> --check-prefix=CHECK-UNDEFINED-WIN32 --check-prefix=CHECK-UNDEFINED-WIN-CXX >> @@ -23,7 +23,7 @@ >> // CHECK-UNDEFINED-WIN32: >> "--dependent-lib={{[^"]*}}ubsan_standalone-i386.lib" >> // CHECK-UNDEFINED-WIN64: >> "--dependent-lib={{[^"]*}}ubsan_standalone-x86_64.lib" >> // CHECK-UNDEFINED-WIN-CXX: >> "--dependent-lib={{[^"]*}}ubsan_standalone_cxx{{[^"]*}}.lib" >> -// CHECK-UNDEFINED-WIN-SAME: >> "-fsanitize={{((signed-integer-overflow|integer-divide-by-zero|float-divide-by-zero|shift-base|shift-exponent|unreachable|return|vla-bound|alignment|null|object-size|float-cast-overflow|array-bounds|enum|bool|returns-nonnull-attribute|nonnull-attribute),?){17}"}} >> +// CHECK-UNDEFINED-WIN-SAME: >> "-fsanitize={{((signed-integer-overflow|integer-divide-by-zero|float-divide-by-zero|shift-base|shift-exponent|unreachable|return|vla-bound|alignment|null|object-size|pointer-overflow|float-cast-overflow|array-bounds|enum|bool|returns-nonnull-attribute|nonnull-attribute),?){18}"}} >> >> // RUN: %clang -target i386-pc-win32 -fsanitize-coverage=bb %s -### 2>&1 | >> FileCheck %s --check-prefix=CHECK-COVERAGE-WIN32 >> // CHECK-COVERAGE-WIN32: >> "--dependent-lib={{[^"]*}}ubsan_standalone-i386.lib" >> @@ -43,7 +43,7 @@ >> // CHECK-FNO-SANITIZE-ALL: "-fsanitize=thread" >> >> // RUN: %clang -target x86_64-linux-gnu -fsanitize=thread,undefined >> -fno-sanitize=thread -fno-sanitize=float-cast-overflow,vptr,bool,enum %s >> -### 2>&1 | FileCheck %s --check-prefix=CHECK-PARTIAL-UNDEFINED >> -// CHECK-PARTIAL-UNDEFINED: >> "-fsanitize={{((signed-integer-overflow|integer-divide-by-zero|float-divide-by-zero|function|shift-base|shift-exponent|unreachable|return|vla-bound|alignment|null|object-size|array-bounds|returns-nonnull-attribute|nonnull-attribute),?){15}"}} >> +// CHECK-PARTIAL-UNDEFINED: >> "-fsanitize={{((signed-integer-overflow|integer-divide-by-zero|float-divide-by-zero|function|shift-base|shift-exponent|unreachable|return|vla-bound|alignment|null|object-size|pointer-overflow|array-bounds|returns-nonnull-attribute|nonnull-attribute),?){16}"}} >> >> // RUN: %clang -target x86_64-linux-gnu -fsanitize=shift >> -fno-sanitize=shift-base %s -### 2>&1 | FileCheck %s >> --check-prefix=CHECK-FSANITIZE-SHIFT-PARTIAL >> // CHECK-FSANITIZE-SHIFT-PARTIAL: "-fsanitize=shift-exponent" >> @@ -217,7 +217,7 @@ >> // RUN: %clang -target x86_64-linux-gnu %s -fsanitize=undefined >> -fno-sanitize-recover=undefined -### 2>&1 | FileCheck %s >> --check-prefix=CHECK-NO-RECOVER-UBSAN >> // RUN: %clang -target x86_64-linux-gnu %s -fsanitize=undefined >> -fno-sanitize-recover=all -fsanitize-recover=thread -### 2>&1 | FileCheck %s >> --check-prefix=CHECK-NO-RECOVER-UBSAN >> // RUN: %clang -target x86_64-linux-gnu %s -fsanitize=undefined >> -fsanitize-recover=all -fno-sanitize-recover=undefined -### 2>&1 | FileCheck >> %s --check-prefix=CHECK-NO-RECOVER-UBSAN >> -// CHECK-RECOVER-UBSAN: >> "-fsanitize-recover={{((signed-integer-overflow|integer-divide-by-zero|float-divide-by-zero|function|shift-base|shift-exponent|vla-bound|alignment|null|vptr|object-size|float-cast-overflow|array-bounds|enum|bool|returns-nonnull-attribute|nonnull-attribute),?){17}"}} >> +// CHECK-RECOVER-UBSAN: >> "-fsanitize-recover={{((signed-integer-overflow|integer-divide-by-zero|float-divide-by-zero|function|shift-base|shift-exponent|vla-bound|alignment|null|vptr|object-size|pointer-overflow|float-cast-overflow|array-bounds|enum|bool|returns-nonnull-attribute|nonnull-attribute),?){18}"}} >> // CHECK-NO-RECOVER-UBSAN-NOT: sanitize-recover >> >> // RUN: %clang -target x86_64-linux-gnu %s -fsanitize=undefined >> -fno-sanitize-recover=all -fsanitize-recover=object-size,shift-base -### >> 2>&1 | FileCheck %s --check-prefix=CHECK-PARTIAL-RECOVER >> >> >> _______________________________________________ >> cfe-commits mailing list >> cfe-commits@lists.llvm.org <mailto:cfe-commits@lists.llvm.org> >> http://lists.llvm.org/cgi-bin/mailman/listinfo/cfe-commits >> <http://lists.llvm.org/cgi-bin/mailman/listinfo/cfe-commits> >> > > _______________________________________________ > cfe-commits mailing list > cfe-commits@lists.llvm.org > http://lists.llvm.org/cgi-bin/mailman/listinfo/cfe-commits
_______________________________________________ cfe-commits mailing list cfe-commits@lists.llvm.org http://lists.llvm.org/cgi-bin/mailman/listinfo/cfe-commits
