HomePhabricator

[ubsan] Add a check for pointer overflow UB

Description

[ubsan] Add a check for pointer overflow UB

Check pointer arithmetic for overflow.

For some more background on this check, see:

https://wdtz.org/catching-pointer-overflow-bugs.html
https://reviews.llvm.org/D20322

Patch by Will Dietz and John Regehr!

This version of the patch is different from the original in a few ways:

  • It introduces the EmitCheckedInBoundsGEP utility which inserts checks when the pointer overflow check is enabled.
  • It does some constant-folding to reduce instrumentation overhead.
  • It does not check some GEPs in CGExprCXX. I'm not sure that inserting checks here, or in CGClass, would catch many bugs.

Possible future directions for this check:

  • Introduce CGF.EmitCheckedStructGEP, to detect overflows when accessing structures.

Testing: Apart from the added lit test, I ran check-llvm and check-clang
with a stage2, ubsan-instrumented clang. Will and John have also done
extensive testing on numerous open source projects.

Differential Revision: https://reviews.llvm.org/D33305

Details

Committed
vedantkJun 1 2017, 12:22 PM
Differential Revision
D33305: [ubsan] Add a check for pointer overflow UB
Parents
rL304458: [llvm-config] Report --bindir based on LLVM_TOOLS_INSTALL_DIR
Branches
Unknown
Tags
Unknown