This is an archive of the discontinued LLVM Phabricator instance.

Differential D15363

[UBSan] Implement runtime suppressions (PR25066).
ClosedPublic

Authored by samsonov on Dec 8 2015, 4:54 PM.

Details

Reviewers
kcc
rsmith
Commits
rG081a24e3a7cf: [UBSan] Implement runtime suppressions (PR25066).
rCRT256018: [UBSan] Implement runtime suppressions (PR25066).
rL256018: [UBSan] Implement runtime suppressions (PR25066).
Summary

Add the ability to suppress UBSan reports for files/functions/modules
at runtime. The user can now pass UBSAN_OPTIONS=suppressions=supp.txt
with the contents of the form:

signed-integer-overflow:file-with-known-overflow.cpp
alignment:function_doing_unaligned_access
vptr:shared_object_with_vptr_failures.so

Suppression categories match the arguments passed to -fsanitize=
flag (although, see below). There is no overhead if suppressions are
not provided. Otherwise there is extra overhead for symbolization.

Limitations:

  1. sometimes suppressions need debug info / symbol table to function properly (although sometimes frontend generates enough info to do the match).
  2. it's only possible to suppress recoverable UB kinds - if you've built the code with -fno-sanitize-recover=undefined, suppressions will not work.
  3. categories are fine-grained check kinds, not groups like "undefined" or "integer", so you can't write "undefined:file_with_ub.cc".

Diff Detail

Event Timeline

samsonov updated this revision to Diff 42250.Dec 8 2015, 4:54 PM
samsonov retitled this revision from to [UBSan] Implement runtime suppressions (PR25066)..
samsonov updated this object.
samsonov added reviewers: rsmith, kcc.
samsonov added a subscriber: cfe-commits.
samsonov added a comment.Dec 14 2015, 4:42 PM

Richard, could you take a look at this?

samsonov added a comment.Dec 16 2015, 5:18 PM

Kostya, PTAL. IIRC it was your feature request :)

kcc accepted this revision.Dec 16 2015, 5:55 PM
kcc edited edge metadata.

LGTM, thanks!

This revision is now accepted and ready to land.Dec 16 2015, 5:55 PM
Closed by commit rL256018: [UBSan] Implement runtime suppressions (PR25066). (authored by samsonov). · Explain WhyDec 18 2015, 11:59 AM
This revision was automatically updated to reflect the committed changes.
thakis added a subscriber: thakis.Dec 22 2015, 3:12 PM
thakis added inline comments.
compiler-rt/trunk/test/ubsan/TestCases/Integer/suppressions.cpp
1 ↗(On Diff #43254)

This test fails on Windows. I tried to debug, but the usual way to run tests seems to not work with compiler-rt:

C:\src\chrome\src\third_party\llvm-bootstrap>python bin\llvm-lit.py ..\llvm\projects\compiler-rt\test\ubsan\TestCases\In
teger\suppressions.cpp -v
llvm-lit.py: discovery.py:113: warning: unable to find test suite for '..\\llvm\\projects\\compiler-rt\\test\\ubsan\\Tes
tCases\\Integer\\suppressions.cpp'
llvm-lit.py: discovery.py:224: warning: input '..\\llvm\\projects\\compiler-rt\\test\\ubsan\\TestCases\\Integer\\suppres
sions.cpp' contained no tests

How do I run individual compiler-rt tests? (They run fine as part of ninja check-all, but that takes very long)

thakis added a comment.Dec 22 2015, 3:46 PM

Here's the error (I still don't know how to run single tests through lit, though):

C:\src\chrome\src\third_party\llvm-bootstrap>env UBSAN_OPTIONS=halt_on_error=1:suppressions="C:\src\chrome\src\third_party\llvm-bootstrap\projects\compiler-rt\test\ubsan\Standalone-x86_64\TestCases\Integer\Output\suppressions.cpp.tmp.wrong-supp" C:\src\chrome\src\third_party\llvm-bootstrap\projects\compiler-rt\test\ubsan\Standalone-x86_64\TestCases\Integer\Output\suppressions.cpp.tmp

C:\src\chrome\src\third_party\llvm-bootstrap>ERROR: expected '='

thakis added a comment.Dec 22 2015, 3:56 PM

It's because FlagParser::is_space() considers ':' as a space, so it thinks c:\ ends after the c and then starts parsing another flag at the \.

Fix ideas: Don't treat : as space while in quotes, or use ; as separator on Windows.

thakis added a comment.Dec 22 2015, 4:01 PM

And this in turn is because env strips the quotes:

C:\src\chrome\src\third_party\llvm-bootstrap>env UBSAN_OPTIONS=halt_on_error=1:suppressions="C:\src\chrome\src\third_party\llvm-bootstrap\projects\compiler-rt\test\ubsan\Standalone-x86_64\TestCases\Integer\Output\suppressions.cpp.tmp.wrong-supp" env

...

UBSAN_OPTIONS=halt_on_error=1:suppressions=C:\src\chrome\src\third_party\llvm-bootstrap\projects\compiler-rt\test\ubsan\Standalone-x86_64\TestCases\Integer\Output\suppressions.cpp.tmp.wrong-supp

thakis added a comment.Dec 22 2015, 4:35 PM

I've looked at it some, and couldn't find a way of escaping quotes that lit doesn't strip but that ubsan accepts.

'"c:\foo"' gets its quotes stripped by lit, so does """c:\foo""". \"c:\foo\" confuses lit enough that it tries to call lit.util.warning() which doesn't exist.

I've XFAIL'd the test on win32 in 256307 for now. Please take a look when you're back. Maybe teaching lit about \" escaping is the best fix.

jevinskie added a subscriber: jevinskie.Dec 28 2015, 11:00 AM
samsonov added a subscriber: samsonov.Jan 7 2016, 4:26 PM

Interesting. Do we run test/asan/TestCases/suppressions-interceptor.cc on
Windows? Seems so: I don't see an XFAIL there, and it also uses
suppressions, but with single quote, followed by double quote:

%env_asan_opts=suppressions='"%t.supp"'

Why does it work there?

rnk added a subscriber: rnk.Jan 11 2016, 11:01 AM
In D15363#321941, @samsonov wrote:

Interesting. Do we run test/asan/TestCases/suppressions-interceptor.cc on
Windows? Seems so: I don't see an XFAIL there, and it also uses
suppressions, but with single quote, followed by double quote:

%env_asan_opts=suppressions='"%t.supp"'

Why does it work there?

We need two levels of quoting: one for the shell and one that makes it all the way through to ASan. The single quotes get taken out by ShLexer or bash depending on which is in use, and the inner double quotes escape the colons inside the Windows paths.

This seemed like the most logically consistent thing to me, even if it's ugly. Any better ideas for smuggling colons through ASan options?

thakis added a comment.Jan 15 2016, 1:29 PM

This test is failing again when it runs as part of llvm's tests when I
build a clang package for chromium. It passes when I run it in my regular
llvm build directory (where I ran it to test my "fix") -- this explains why
the fix didn't work when I tried it in the chrome case on 12/22. I'm not
sure what's different in the two cases. The path length to the test is
longer, I suppose :-/

thakis added a comment.Jan 15 2016, 1:35 PM
In D15363#321941, @samsonov wrote:

Interesting. Do we run test/asan/TestCases/suppressions-interceptor.cc on
Windows? Seems so: I don't see an XFAIL there, and it also uses
suppressions, but with single quote, followed by double quote:

%env_asan_opts=suppressions='"%t.supp"'

Why does it work there?

I figured this part out: We build a 64-bit clang, and since there's no 64-bit asan runtime check-asan isn't part of check-all in that case. Later, we build a 32-bit asan runtime in a separate build dir, but we apparently don't run tests for that build (this looks like an oversight). That's why the asan test doesn't fail -- it doesn't run.

thakis added a comment.Jan 15 2016, 3:02 PM

I figured out the difference. If I set up my environment by running setenv.cmd in the windows sdk, the test fails. If I set it up by running vcvarsall.bat, the test succeeds. Not clear yet why. But with the setenv.cmd setup, the asan suppression test fails too.

thakis added a comment.Jan 15 2016, 3:23 PM

I re-disabled the test in 257952.

hans added a subscriber: hans.Jan 15 2016, 3:32 PM

I tried to printf debug with this patch:

Index: lib/sanitizer_common/sanitizer_suppressions.cc
===================================================================
--- lib/sanitizer_common/sanitizer_suppressions.cc      (revision 257931)
+++ lib/sanitizer_common/sanitizer_suppressions.cc      (working copy)
@@ -82,6 +82,7 @@
     return false;
   for (uptr i = 0; i < suppressions_.size(); i++) {
     Suppression &cur = suppressions_[i];
+    Printf("matching cur.templ='%s' against str='%s'\n", cur.templ, str);
     if (0 == internal_strcmp(cur.type, type) && TemplateMatch(cur.templ, str))
{
       *s = &cur;
       return true;
@@ -134,6 +135,8 @@
       s.templ[end2 - line] = 0;
       suppressions_.push_back(s);
       has_suppression_type_[type] = true;
+      Printf("suppression type: %s\n", suppression_types_[type]);
+      Printf("template: %s\n", s.templ);
     }
     if (end[0] == 0)
       break;
Index: lib/sanitizer_common/sanitizer_flag_parser.cc
===================================================================
--- lib/sanitizer_common/sanitizer_flag_parser.cc       (revision 257931)
+++ lib/sanitizer_common/sanitizer_flag_parser.cc       (working copy)
@@ -97,6 +97,8 @@
     value = ll_strndup(buf_ + value_start, pos_ - value_start);
   }

+  Printf("parsed flag: '%s' = '%s'\n", name, value);
+
   bool res = run_handler(name, value);
   if (!res) fatal_error("Flag parsing failed.");
 }

Maybe it's failing to symbolize the do_overflow function name? It looks like it's never trying to match it against the suppressions, instead it's trying to match the null string twice for some reason:

Command 7 Stderr:
parsed flag: 'halt_on_error' = '1'
parsed flag: 'suppressions' = 'D:\src\chromium\src\third_party\llvm-bootstrap\pr
ojects\compiler-rt\test\ubsan\Standalone-x86_64\TestCases\Integer\Output\suppres
sions.cpp.tmp.func-supp'
suppression type: unsigned-integer-overflow
template: do_overflow
matching cur.templ='do_overflow' against str='D:\src\chromium\src\third_party\ll
vm\projects\compiler-rt\test\ubsan\TestCases\Integer\suppressions.cpp'
matching cur.templ='do_overflow' against str='D:\src\chromium\src\third_party\ll
vm-bootstrap\projects\compiler-rt\test\ubsan\Standalone-x86_64\TestCases\Integer
\Output\suppressions.cpp.tmp'
matching cur.templ='do_overflow' against str='<null>'
matching cur.templ='do_overflow' against str='<null>'
D:\src\chromium\src\third_party\llvm\projects\compiler-rt\test\ubsan\TestCases\I
nteger\suppressions.cpp:25:44: runtime error: unsigned integer overflow: 1000000
0000000000000 + 9000000000000000000 cannot be represented in type 'unsigned long
 long'
thakis added a comment.Jan 20 2016, 12:42 PM

After some more debugging, the only thing in this test that's still faiilng on Windows is the "unsigned-integer-overflow:do_overflow" suppression -- when llvm-symbolizer gets symbols from PDBs it currently requires the DIA SDK. If that's not found at cmake time, then llvm-symbolizer silently can't symbolize executables with pdb debug info.

The test should probably have some "REQUIRES: symbols" thingie. (I'll also fix llvm not finding the DIA SDK in our build setup, but the test will still fail for others who don't have that.)

Diffusion mentioned this in rL258545: When building without DIA SDK, don't set suppressions.cpp fail.Jan 22 2016, 12:30 PM

Revision Contents

PathSize
lib/
sanitizer_common/
2 lines
ubsan/
5 lines
42 lines
109 lines
11 lines
test/
ubsan/
TestCases/
Integer/
33 lines

Diff 42250

lib/sanitizer_common/sanitizer_suppressions.h

Show All 36 Lines public:
bool Match(const char *str, const char *type, Suppression **s); bool Match(const char *str, const char *type, Suppression **s);
uptr SuppressionCount() const; uptr SuppressionCount() const;
bool HasSuppressionType(const char *type) const; bool HasSuppressionType(const char *type) const;
const Suppression *SuppressionAt(uptr i) const; const Suppression *SuppressionAt(uptr i) const;
void GetMatched(InternalMmapVector<Suppression *> *matched); void GetMatched(InternalMmapVector<Suppression *> *matched);
private: private:
static const int kMaxSuppressionTypes = 16; static const int kMaxSuppressionTypes = 32;
const char **const suppression_types_; const char **const suppression_types_;
const int suppression_types_num_; const int suppression_types_num_;
InternalMmapVector<Suppression> suppressions_; InternalMmapVector<Suppression> suppressions_;
bool has_suppression_type_[kMaxSuppressionTypes]; bool has_suppression_type_[kMaxSuppressionTypes];
bool can_parse_; bool can_parse_;
}; };
} // namespace __sanitizer } // namespace __sanitizer
#endif // SANITIZER_SUPPRESSIONS_H #endif // SANITIZER_SUPPRESSIONS_H

lib/ubsan/ubsan_diag.h

Show First 20 LinesShow All 219 Lines▼ Show 20 Lines
}; };
enum class ErrorType { enum class ErrorType {
#define UBSAN_CHECK(Name, SummaryKind, FSanitizeFlagName) Name, #define UBSAN_CHECK(Name, SummaryKind, FSanitizeFlagName) Name,
#include "ubsan_checks.inc" #include "ubsan_checks.inc"
#undef UBSAN_CHECK #undef UBSAN_CHECK
}; };
bool ignoreReport(SourceLocation SLoc, ReportOptions Opts); bool ignoreReport(SourceLocation SLoc, ReportOptions Opts, ErrorType ET);
#define GET_REPORT_OPTIONS(unrecoverable_handler) \ #define GET_REPORT_OPTIONS(unrecoverable_handler) \
GET_CALLER_PC_BP; \ GET_CALLER_PC_BP; \
ReportOptions Opts = {unrecoverable_handler, pc, bp} ReportOptions Opts = {unrecoverable_handler, pc, bp}
/// \brief Instantiate this class before printing diagnostics in the error /// \brief Instantiate this class before printing diagnostics in the error
/// report. This class ensures that reports from different threads and from /// report. This class ensures that reports from different threads and from
/// different sanitizers won't be mixed. /// different sanitizers won't be mixed.
class ScopedReport { class ScopedReport {
ReportOptions Opts; ReportOptions Opts;
Location SummaryLoc; Location SummaryLoc;
ErrorType Type; ErrorType Type;
public: public:
ScopedReport(ReportOptions Opts, Location SummaryLoc, ErrorType Type); ScopedReport(ReportOptions Opts, Location SummaryLoc, ErrorType Type);
~ScopedReport(); ~ScopedReport();
}; };
void InitializeSuppressions(); void InitializeSuppressions();
bool IsVptrCheckSuppressed(const char *TypeName); bool IsVptrCheckSuppressed(const char *TypeName);
// Sometimes UBSan runtime can know filename from handlers arguments, even if
// debug info is missing.
bool IsPCSuppressed(ErrorType ET, uptr PC, const char *Filename);
} // namespace __ubsan } // namespace __ubsan
#endif // UBSAN_DIAG_H #endif // UBSAN_DIAG_H

lib/ubsan/ubsan_diag.cc

Show First 20 LinesShow All 48 Lines▼ Show 20 Lines#define UBSAN_CHECK(Name, SummaryKind, FSanitizeFlagName) \
case ErrorType::Name: \ case ErrorType::Name: \
return SummaryKind; return SummaryKind;
#include "ubsan_checks.inc" #include "ubsan_checks.inc"
#undef UBSAN_CHECK #undef UBSAN_CHECK
} }
UNREACHABLE("unknown ErrorType!"); UNREACHABLE("unknown ErrorType!");
} }
static const char *ConvertTypeToFlagName(ErrorType Type) {
switch (Type) {
#define UBSAN_CHECK(Name, SummaryKind, FSanitizeFlagName) \
case ErrorType::Name: \
return FSanitizeFlagName;
#include "ubsan_checks.inc"
#undef UBSAN_CHECK
}
UNREACHABLE("unknown ErrorType!");
}
static void MaybeReportErrorSummary(Location Loc, ErrorType Type) { static void MaybeReportErrorSummary(Location Loc, ErrorType Type) {
if (!common_flags()->print_summary) if (!common_flags()->print_summary)
return; return;
if (!flags()->report_error_type) if (!flags()->report_error_type)
Type = ErrorType::GenericUB; Type = ErrorType::GenericUB;
const char *ErrorKind = ConvertTypeToString(Type); const char *ErrorKind = ConvertTypeToString(Type);
if (Loc.isSourceLocation()) { if (Loc.isSourceLocation()) {
SourceLocation SLoc = Loc.getSourceLocation(); SourceLocation SLoc = Loc.getSourceLocation();
▲ Show 20 LinesShow All 302 Lines▼ Show 20 LinesScopedReport::~ScopedReport() {
CommonSanitizerReportMutex.Unlock(); CommonSanitizerReportMutex.Unlock();
if (flags()->halt_on_error) if (flags()->halt_on_error)
Die(); Die();
} }
ALIGNED(64) static char suppression_placeholder[sizeof(SuppressionContext)]; ALIGNED(64) static char suppression_placeholder[sizeof(SuppressionContext)];
static SuppressionContext *suppression_ctx = nullptr; static SuppressionContext *suppression_ctx = nullptr;
static const char kVptrCheck[] = "vptr_check"; static const char kVptrCheck[] = "vptr_check";
static const char *kSuppressionTypes[] = { kVptrCheck }; static const char *kSuppressionTypes[] = {
#define UBSAN_CHECK(Name, SummaryKind, FSanitizeFlagName) FSanitizeFlagName,
#include "ubsan_checks.inc"
#undef UBSAN_CHECK
kVptrCheck,
};
void __ubsan::InitializeSuppressions() { void __ubsan::InitializeSuppressions() {
CHECK_EQ(nullptr, suppression_ctx); CHECK_EQ(nullptr, suppression_ctx);
suppression_ctx = new (suppression_placeholder) // NOLINT suppression_ctx = new (suppression_placeholder) // NOLINT
SuppressionContext(kSuppressionTypes, ARRAY_SIZE(kSuppressionTypes)); SuppressionContext(kSuppressionTypes, ARRAY_SIZE(kSuppressionTypes));
suppression_ctx->ParseFromFile(flags()->suppressions); suppression_ctx->ParseFromFile(flags()->suppressions);
} }
bool __ubsan::IsVptrCheckSuppressed(const char *TypeName) { bool __ubsan::IsVptrCheckSuppressed(const char *TypeName) {
InitAsStandaloneIfNecessary(); InitAsStandaloneIfNecessary();
CHECK(suppression_ctx); CHECK(suppression_ctx);
Suppression *s; Suppression *s;
return suppression_ctx->Match(TypeName, kVptrCheck, &s); return suppression_ctx->Match(TypeName, kVptrCheck, &s);
} }
bool __ubsan::IsPCSuppressed(ErrorType ET, uptr PC, const char *Filename) {
InitAsStandaloneIfNecessary();
CHECK(suppression_ctx);
const char *SuppType = ConvertTypeToFlagName(ET);
// Fast path: don't symbolize PC if there is no suppressions for given UB
// type.
if (!suppression_ctx->HasSuppressionType(SuppType))
return false;
Suppression *s = nullptr;
// Suppress by file name known to runtime.
if (Filename != nullptr && suppression_ctx->Match(Filename, SuppType, &s))
return true;
// Suppress by module name.
if (const char *Module = Symbolizer::GetOrInit()->GetModuleNameForPc(PC)) {
if (suppression_ctx->Match(Module, SuppType, &s))
return true;
}
// Suppress by function or source file name from debug info.
SymbolizedStackHolder Stack(Symbolizer::GetOrInit()->SymbolizePC(PC));
const AddressInfo &AI = Stack.get()->info;
return suppression_ctx->Match(AI.function, SuppType, &s) ||
suppression_ctx->Match(AI.file, SuppType, &s);
}
#endif // CAN_SANITIZE_UB #endif // CAN_SANITIZE_UB

lib/ubsan/ubsan_handlers.cc

Show All 16 Lines
#include "ubsan_diag.h" #include "ubsan_diag.h"
#include "sanitizer_common/sanitizer_common.h" #include "sanitizer_common/sanitizer_common.h"
using namespace __sanitizer; using namespace __sanitizer;
using namespace __ubsan; using namespace __ubsan;
namespace __ubsan { namespace __ubsan {
bool ignoreReport(SourceLocation SLoc, ReportOptions Opts) { bool ignoreReport(SourceLocation SLoc, ReportOptions Opts, ErrorType ET) {
// We are not allowed to skip error report: if we are in unrecoverable // We are not allowed to skip error report: if we are in unrecoverable
// handler, we have to terminate the program right now, and therefore // handler, we have to terminate the program right now, and therefore
// have to print some diagnostic. // have to print some diagnostic.
// //
// Even if source location is disabled, it doesn't mean that we have // Even if source location is disabled, it doesn't mean that we have
// already report an error to the user: some concurrently running // already report an error to the user: some concurrently running
// thread could have acquired it, but not yet printed the report. // thread could have acquired it, but not yet printed the report.
if (Opts.FromUnrecoverableHandler) if (Opts.FromUnrecoverableHandler)
return false; return false;
return SLoc.isDisabled(); return SLoc.isDisabled() || IsPCSuppressed(ET, Opts.pc, SLoc.getFilename());
} }
const char *TypeCheckKinds[] = { const char *TypeCheckKinds[] = {
"load of", "store to", "reference binding to", "member access within", "load of", "store to", "reference binding to", "member access within",
"member call on", "constructor call on", "downcast of", "downcast of", "member call on", "constructor call on", "downcast of", "downcast of",
"upcast of", "cast to virtual base of"}; "upcast of", "cast to virtual base of"};
} }
static void handleTypeMismatchImpl(TypeMismatchData *Data, ValueHandle Pointer, static void handleTypeMismatchImpl(TypeMismatchData *Data, ValueHandle Pointer,
ReportOptions Opts) { ReportOptions Opts) {
Location Loc = Data->Loc.acquire(); Location Loc = Data->Loc.acquire();
// Use the SourceLocation from Data to track deduplication, even if 'invalid'
if (ignoreReport(Loc.getSourceLocation(), Opts))
return;
SymbolizedStackHolder FallbackLoc;
if (Data->Loc.isInvalid()) {
FallbackLoc.reset(getCallerLocation(Opts.pc));
Loc = FallbackLoc;
}
ErrorType ET; ErrorType ET;
if (!Pointer) if (!Pointer)
ET = ErrorType::NullPointerUse; ET = ErrorType::NullPointerUse;
else if (Data->Alignment && (Pointer & (Data->Alignment - 1))) else if (Data->Alignment && (Pointer & (Data->Alignment - 1)))
ET = ErrorType::MisalignedPointerUse; ET = ErrorType::MisalignedPointerUse;
else else
ET = ErrorType::InsufficientObjectSize; ET = ErrorType::InsufficientObjectSize;
// Use the SourceLocation from Data to track deduplication, even if it's
// invalid.
if (ignoreReport(Loc.getSourceLocation(), Opts, ET))
return;
SymbolizedStackHolder FallbackLoc;
if (Data->Loc.isInvalid()) {
FallbackLoc.reset(getCallerLocation(Opts.pc));
Loc = FallbackLoc;
}
ScopedReport R(Opts, Loc, ET); ScopedReport R(Opts, Loc, ET);
switch (ET) { switch (ET) {
case ErrorType::NullPointerUse: case ErrorType::NullPointerUse:
Diag(Loc, DL_Error, "%0 null pointer of type %1") Diag(Loc, DL_Error, "%0 null pointer of type %1")
<< TypeCheckKinds[Data->TypeCheckKind] << Data->Type; << TypeCheckKinds[Data->TypeCheckKind] << Data->Type;
break; break;
case ErrorType::MisalignedPointerUse: case ErrorType::MisalignedPointerUse:
Show All 28 Lines
} }
/// \brief Common diagnostic emission for various forms of integer overflow. /// \brief Common diagnostic emission for various forms of integer overflow.
template <typename T> template <typename T>
static void handleIntegerOverflowImpl(OverflowData *Data, ValueHandle LHS, static void handleIntegerOverflowImpl(OverflowData *Data, ValueHandle LHS,
const char *Operator, T RHS, const char *Operator, T RHS,
ReportOptions Opts) { ReportOptions Opts) {
SourceLocation Loc = Data->Loc.acquire(); SourceLocation Loc = Data->Loc.acquire();
if (ignoreReport(Loc, Opts)) bool IsSigned = Data->Type.isSignedIntegerTy();
ErrorType ET = IsSigned ? ErrorType::SignedIntegerOverflow
: ErrorType::UnsignedIntegerOverflow;
if (ignoreReport(Loc, Opts, ET))
return; return;
bool IsSigned = Data->Type.isSignedIntegerTy(); ScopedReport R(Opts, Loc, ET);
ScopedReport R(Opts, Loc, IsSigned ? ErrorType::SignedIntegerOverflow
: ErrorType::UnsignedIntegerOverflow);
Diag(Loc, DL_Error, "%0 integer overflow: " Diag(Loc, DL_Error, "%0 integer overflow: "
"%1 %2 %3 cannot be represented in type %4") "%1 %2 %3 cannot be represented in type %4")
<< (IsSigned ? "signed" : "unsigned") << (IsSigned ? "signed" : "unsigned")
<< Value(Data->Type, LHS) << Operator << RHS << Data->Type; << Value(Data->Type, LHS) << Operator << RHS << Data->Type;
} }
#define UBSAN_OVERFLOW_HANDLER(handler_name, op, unrecoverable) \ #define UBSAN_OVERFLOW_HANDLER(handler_name, op, unrecoverable) \
Show All 10 Lines
UBSAN_OVERFLOW_HANDLER(__ubsan_handle_sub_overflow, "-", false) UBSAN_OVERFLOW_HANDLER(__ubsan_handle_sub_overflow, "-", false)
UBSAN_OVERFLOW_HANDLER(__ubsan_handle_sub_overflow_abort, "-", true) UBSAN_OVERFLOW_HANDLER(__ubsan_handle_sub_overflow_abort, "-", true)
UBSAN_OVERFLOW_HANDLER(__ubsan_handle_mul_overflow, "*", false) UBSAN_OVERFLOW_HANDLER(__ubsan_handle_mul_overflow, "*", false)
UBSAN_OVERFLOW_HANDLER(__ubsan_handle_mul_overflow_abort, "*", true) UBSAN_OVERFLOW_HANDLER(__ubsan_handle_mul_overflow_abort, "*", true)
static void handleNegateOverflowImpl(OverflowData *Data, ValueHandle OldVal, static void handleNegateOverflowImpl(OverflowData *Data, ValueHandle OldVal,
ReportOptions Opts) { ReportOptions Opts) {
SourceLocation Loc = Data->Loc.acquire(); SourceLocation Loc = Data->Loc.acquire();
if (ignoreReport(Loc, Opts)) bool IsSigned = Data->Type.isSignedIntegerTy();
ErrorType ET = IsSigned ? ErrorType::SignedIntegerOverflow
: ErrorType::UnsignedIntegerOverflow;
if (ignoreReport(Loc, Opts, ET))
return; return;
bool IsSigned = Data->Type.isSignedIntegerTy(); ScopedReport R(Opts, Loc, ET);
ScopedReport R(Opts, Loc, IsSigned ? ErrorType::SignedIntegerOverflow
: ErrorType::UnsignedIntegerOverflow);
if (IsSigned) if (IsSigned)
Diag(Loc, DL_Error, Diag(Loc, DL_Error,
"negation of %0 cannot be represented in type %1; " "negation of %0 cannot be represented in type %1; "
"cast to an unsigned type to negate this value to itself") "cast to an unsigned type to negate this value to itself")
<< Value(Data->Type, OldVal) << Data->Type; << Value(Data->Type, OldVal) << Data->Type;
else else
Diag(Loc, DL_Error, "negation of %0 cannot be represented in type %1") Diag(Loc, DL_Error, "negation of %0 cannot be represented in type %1")
Show All 10 Linesvoid __ubsan::__ubsan_handle_negate_overflow_abort(OverflowData *Data,
GET_REPORT_OPTIONS(true); GET_REPORT_OPTIONS(true);
handleNegateOverflowImpl(Data, OldVal, Opts); handleNegateOverflowImpl(Data, OldVal, Opts);
Die(); Die();
} }
static void handleDivremOverflowImpl(OverflowData *Data, ValueHandle LHS, static void handleDivremOverflowImpl(OverflowData *Data, ValueHandle LHS,
ValueHandle RHS, ReportOptions Opts) { ValueHandle RHS, ReportOptions Opts) {
SourceLocation Loc = Data->Loc.acquire(); SourceLocation Loc = Data->Loc.acquire();
if (ignoreReport(Loc, Opts))
return;
Value LHSVal(Data->Type, LHS); Value LHSVal(Data->Type, LHS);
Value RHSVal(Data->Type, RHS); Value RHSVal(Data->Type, RHS);
ErrorType ET; ErrorType ET;
if (RHSVal.isMinusOne()) if (RHSVal.isMinusOne())
ET = ErrorType::SignedIntegerOverflow; ET = ErrorType::SignedIntegerOverflow;
else if (Data->Type.isIntegerTy()) else if (Data->Type.isIntegerTy())
ET = ErrorType::IntegerDivideByZero; ET = ErrorType::IntegerDivideByZero;
else else
ET = ErrorType::FloatDivideByZero; ET = ErrorType::FloatDivideByZero;
if (ignoreReport(Loc, Opts, ET))
return;
ScopedReport R(Opts, Loc, ET); ScopedReport R(Opts, Loc, ET);
switch (ET) { switch (ET) {
case ErrorType::SignedIntegerOverflow: case ErrorType::SignedIntegerOverflow:
Diag(Loc, DL_Error, "division of %0 by -1 cannot be represented in type %1") Diag(Loc, DL_Error, "division of %0 by -1 cannot be represented in type %1")
<< LHSVal << Data->Type; << LHSVal << Data->Type;
break; break;
default: default:
Show All 14 Linesvoid __ubsan::__ubsan_handle_divrem_overflow_abort(OverflowData *Data,
handleDivremOverflowImpl(Data, LHS, RHS, Opts); handleDivremOverflowImpl(Data, LHS, RHS, Opts);
Die(); Die();
} }
static void handleShiftOutOfBoundsImpl(ShiftOutOfBoundsData *Data, static void handleShiftOutOfBoundsImpl(ShiftOutOfBoundsData *Data,
ValueHandle LHS, ValueHandle RHS, ValueHandle LHS, ValueHandle RHS,
ReportOptions Opts) { ReportOptions Opts) {
SourceLocation Loc = Data->Loc.acquire(); SourceLocation Loc = Data->Loc.acquire();
if (ignoreReport(Loc, Opts))
return;
Value LHSVal(Data->LHSType, LHS); Value LHSVal(Data->LHSType, LHS);
Value RHSVal(Data->RHSType, RHS); Value RHSVal(Data->RHSType, RHS);
ErrorType ET; ErrorType ET;
if (RHSVal.isNegative() || if (RHSVal.isNegative() ||
RHSVal.getPositiveIntValue() >= Data->LHSType.getIntegerBitWidth()) RHSVal.getPositiveIntValue() >= Data->LHSType.getIntegerBitWidth())
ET = ErrorType::InvalidShiftExponent; ET = ErrorType::InvalidShiftExponent;
else else
ET = ErrorType::InvalidShiftBase; ET = ErrorType::InvalidShiftBase;
if (ignoreReport(Loc, Opts, ET))
return;
ScopedReport R(Opts, Loc, ET); ScopedReport R(Opts, Loc, ET);
if (ET == ErrorType::InvalidShiftExponent) { if (ET == ErrorType::InvalidShiftExponent) {
if (RHSVal.isNegative()) if (RHSVal.isNegative())
Diag(Loc, DL_Error, "shift exponent %0 is negative") << RHSVal; Diag(Loc, DL_Error, "shift exponent %0 is negative") << RHSVal;
else else
Diag(Loc, DL_Error, "shift exponent %0 is too large for %1-bit type %2") Diag(Loc, DL_Error, "shift exponent %0 is too large for %1-bit type %2")
<< RHSVal << Data->LHSType.getIntegerBitWidth() << Data->LHSType; << RHSVal << Data->LHSType.getIntegerBitWidth() << Data->LHSType;
Show All 20 Linesvoid __ubsan::__ubsan_handle_shift_out_of_bounds_abort(
GET_REPORT_OPTIONS(true); GET_REPORT_OPTIONS(true);
handleShiftOutOfBoundsImpl(Data, LHS, RHS, Opts); handleShiftOutOfBoundsImpl(Data, LHS, RHS, Opts);
Die(); Die();
} }
static void handleOutOfBoundsImpl(OutOfBoundsData *Data, ValueHandle Index, static void handleOutOfBoundsImpl(OutOfBoundsData *Data, ValueHandle Index,
ReportOptions Opts) { ReportOptions Opts) {
SourceLocation Loc = Data->Loc.acquire(); SourceLocation Loc = Data->Loc.acquire();
if (ignoreReport(Loc, Opts)) ErrorType ET = ErrorType::OutOfBoundsIndex;
if (ignoreReport(Loc, Opts, ET))
return; return;
ScopedReport R(Opts, Loc, ErrorType::OutOfBoundsIndex); ScopedReport R(Opts, Loc, ET);
Value IndexVal(Data->IndexType, Index); Value IndexVal(Data->IndexType, Index);
Diag(Loc, DL_Error, "index %0 out of bounds for type %1") Diag(Loc, DL_Error, "index %0 out of bounds for type %1")
<< IndexVal << Data->ArrayType; << IndexVal << Data->ArrayType;
} }
void __ubsan::__ubsan_handle_out_of_bounds(OutOfBoundsData *Data, void __ubsan::__ubsan_handle_out_of_bounds(OutOfBoundsData *Data,
ValueHandle Index) { ValueHandle Index) {
Show All 30 Linesvoid __ubsan::__ubsan_handle_missing_return(UnreachableData *Data) {
GET_REPORT_OPTIONS(true); GET_REPORT_OPTIONS(true);
handleMissingReturnImpl(Data, Opts); handleMissingReturnImpl(Data, Opts);
Die(); Die();
} }
static void handleVLABoundNotPositive(VLABoundData *Data, ValueHandle Bound, static void handleVLABoundNotPositive(VLABoundData *Data, ValueHandle Bound,
ReportOptions Opts) { ReportOptions Opts) {
SourceLocation Loc = Data->Loc.acquire(); SourceLocation Loc = Data->Loc.acquire();
if (ignoreReport(Loc, Opts)) ErrorType ET = ErrorType::NonPositiveVLAIndex;
if (ignoreReport(Loc, Opts, ET))
return; return;
ScopedReport R(Opts, Loc, ErrorType::NonPositiveVLAIndex); ScopedReport R(Opts, Loc, ET);
Diag(Loc, DL_Error, "variable length array bound evaluates to " Diag(Loc, DL_Error, "variable length array bound evaluates to "
"non-positive value %0") "non-positive value %0")
<< Value(Data->Type, Bound); << Value(Data->Type, Bound);
} }
void __ubsan::__ubsan_handle_vla_bound_not_positive(VLABoundData *Data, void __ubsan::__ubsan_handle_vla_bound_not_positive(VLABoundData *Data,
ValueHandle Bound) { ValueHandle Bound) {
Show All 25 Lines return MaybeFromTypeKind < 2 || FilenameOrTypeDescriptor[0] == 0xff ||
FilenameOrTypeDescriptor[1] == 0xff; FilenameOrTypeDescriptor[1] == 0xff;
} }
static void handleFloatCastOverflow(void *DataPtr, ValueHandle From, static void handleFloatCastOverflow(void *DataPtr, ValueHandle From,
ReportOptions Opts) { ReportOptions Opts) {
SymbolizedStackHolder CallerLoc; SymbolizedStackHolder CallerLoc;
Location Loc; Location Loc;
const TypeDescriptor *FromType, *ToType; const TypeDescriptor *FromType, *ToType;
ErrorType ET = ErrorType::FloatCastOverflow;
if (looksLikeFloatCastOverflowDataV1(DataPtr)) { if (looksLikeFloatCastOverflowDataV1(DataPtr)) {
auto Data = reinterpret_cast<FloatCastOverflowData *>(DataPtr); auto Data = reinterpret_cast<FloatCastOverflowData *>(DataPtr);
CallerLoc.reset(getCallerLocation(Opts.pc)); CallerLoc.reset(getCallerLocation(Opts.pc));
Loc = CallerLoc; Loc = CallerLoc;
FromType = &Data->FromType; FromType = &Data->FromType;
ToType = &Data->ToType; ToType = &Data->ToType;
} else { } else {
auto Data = reinterpret_cast<FloatCastOverflowDataV2 *>(DataPtr); auto Data = reinterpret_cast<FloatCastOverflowDataV2 *>(DataPtr);
SourceLocation SLoc = Data->Loc.acquire(); SourceLocation SLoc = Data->Loc.acquire();
if (ignoreReport(SLoc, Opts)) if (ignoreReport(SLoc, Opts, ET))
return; return;
Loc = SLoc; Loc = SLoc;
FromType = &Data->FromType; FromType = &Data->FromType;
ToType = &Data->ToType; ToType = &Data->ToType;
} }
ScopedReport R(Opts, Loc, ErrorType::FloatCastOverflow); ScopedReport R(Opts, Loc, ET);
Diag(Loc, DL_Error, Diag(Loc, DL_Error,
"value %0 is outside the range of representable values of type %2") "value %0 is outside the range of representable values of type %2")
<< Value(*FromType, From) << *FromType << *ToType; << Value(*FromType, From) << *FromType << *ToType;
} }
void __ubsan::__ubsan_handle_float_cast_overflow(void *Data, ValueHandle From) { void __ubsan::__ubsan_handle_float_cast_overflow(void *Data, ValueHandle From) {
GET_REPORT_OPTIONS(false); GET_REPORT_OPTIONS(false);
handleFloatCastOverflow(Data, From, Opts); handleFloatCastOverflow(Data, From, Opts);
} }
void __ubsan::__ubsan_handle_float_cast_overflow_abort(void *Data, void __ubsan::__ubsan_handle_float_cast_overflow_abort(void *Data,
ValueHandle From) { ValueHandle From) {
GET_REPORT_OPTIONS(true); GET_REPORT_OPTIONS(true);
handleFloatCastOverflow(Data, From, Opts); handleFloatCastOverflow(Data, From, Opts);
Die(); Die();
} }
static void handleLoadInvalidValue(InvalidValueData *Data, ValueHandle Val, static void handleLoadInvalidValue(InvalidValueData *Data, ValueHandle Val,
ReportOptions Opts) { ReportOptions Opts) {
SourceLocation Loc = Data->Loc.acquire(); SourceLocation Loc = Data->Loc.acquire();
if (ignoreReport(Loc, Opts))
return;
// This check could be more precise if we used different handlers for // This check could be more precise if we used different handlers for
// -fsanitize=bool and -fsanitize=enum. // -fsanitize=bool and -fsanitize=enum.
bool IsBool = (0 == internal_strcmp(Data->Type.getTypeName(), "'bool'")); bool IsBool = (0 == internal_strcmp(Data->Type.getTypeName(), "'bool'"));
ScopedReport R(Opts, Loc, IsBool ? ErrorType::InvalidBoolLoad ErrorType ET =
: ErrorType::InvalidEnumLoad); IsBool ? ErrorType::InvalidBoolLoad : ErrorType::InvalidEnumLoad;
if (ignoreReport(Loc, Opts, ET))
return;
ScopedReport R(Opts, Loc, ET);
Diag(Loc, DL_Error, Diag(Loc, DL_Error,
"load of value %0, which is not a valid value for type %1") "load of value %0, which is not a valid value for type %1")
<< Value(Data->Type, Val) << Data->Type; << Value(Data->Type, Val) << Data->Type;
} }
void __ubsan::__ubsan_handle_load_invalid_value(InvalidValueData *Data, void __ubsan::__ubsan_handle_load_invalid_value(InvalidValueData *Data,
ValueHandle Val) { ValueHandle Val) {
GET_REPORT_OPTIONS(false); GET_REPORT_OPTIONS(false);
handleLoadInvalidValue(Data, Val, Opts); handleLoadInvalidValue(Data, Val, Opts);
} }
void __ubsan::__ubsan_handle_load_invalid_value_abort(InvalidValueData *Data, void __ubsan::__ubsan_handle_load_invalid_value_abort(InvalidValueData *Data,
ValueHandle Val) { ValueHandle Val) {
GET_REPORT_OPTIONS(true); GET_REPORT_OPTIONS(true);
handleLoadInvalidValue(Data, Val, Opts); handleLoadInvalidValue(Data, Val, Opts);
Die(); Die();
} }
static void handleFunctionTypeMismatch(FunctionTypeMismatchData *Data, static void handleFunctionTypeMismatch(FunctionTypeMismatchData *Data,
ValueHandle Function, ValueHandle Function,
ReportOptions Opts) { ReportOptions Opts) {
SourceLocation CallLoc = Data->Loc.acquire(); SourceLocation CallLoc = Data->Loc.acquire();
if (ignoreReport(CallLoc, Opts)) ErrorType ET = ErrorType::FunctionTypeMismatch;
if (ignoreReport(CallLoc, Opts, ET))
return; return;
ScopedReport R(Opts, CallLoc, ErrorType::FunctionTypeMismatch); ScopedReport R(Opts, CallLoc, ET);
SymbolizedStackHolder FLoc(getSymbolizedLocation(Function)); SymbolizedStackHolder FLoc(getSymbolizedLocation(Function));
const char *FName = FLoc.get()->info.function; const char *FName = FLoc.get()->info.function;
if (!FName) if (!FName)
FName = "(unknown)"; FName = "(unknown)";
Diag(CallLoc, DL_Error, Diag(CallLoc, DL_Error,
"call to function %0 through pointer to incorrect function type %1") "call to function %0 through pointer to incorrect function type %1")
Show All 12 Linesvoid __ubsan::__ubsan_handle_function_type_mismatch_abort(
FunctionTypeMismatchData *Data, ValueHandle Function) { FunctionTypeMismatchData *Data, ValueHandle Function) {
GET_REPORT_OPTIONS(true); GET_REPORT_OPTIONS(true);
handleFunctionTypeMismatch(Data, Function, Opts); handleFunctionTypeMismatch(Data, Function, Opts);
Die(); Die();
} }
static void handleNonNullReturn(NonNullReturnData *Data, ReportOptions Opts) { static void handleNonNullReturn(NonNullReturnData *Data, ReportOptions Opts) {
SourceLocation Loc = Data->Loc.acquire(); SourceLocation Loc = Data->Loc.acquire();
if (ignoreReport(Loc, Opts)) ErrorType ET = ErrorType::InvalidNullReturn;
if (ignoreReport(Loc, Opts, ET))
return; return;
ScopedReport R(Opts, Loc, ErrorType::InvalidNullReturn); ScopedReport R(Opts, Loc, ET);
Diag(Loc, DL_Error, "null pointer returned from function declared to never " Diag(Loc, DL_Error, "null pointer returned from function declared to never "
"return null"); "return null");
if (!Data->AttrLoc.isInvalid()) if (!Data->AttrLoc.isInvalid())
Diag(Data->AttrLoc, DL_Note, "returns_nonnull attribute specified here"); Diag(Data->AttrLoc, DL_Note, "returns_nonnull attribute specified here");
} }
void __ubsan::__ubsan_handle_nonnull_return(NonNullReturnData *Data) { void __ubsan::__ubsan_handle_nonnull_return(NonNullReturnData *Data) {
GET_REPORT_OPTIONS(false); GET_REPORT_OPTIONS(false);
handleNonNullReturn(Data, Opts); handleNonNullReturn(Data, Opts);
} }
void __ubsan::__ubsan_handle_nonnull_return_abort(NonNullReturnData *Data) { void __ubsan::__ubsan_handle_nonnull_return_abort(NonNullReturnData *Data) {
GET_REPORT_OPTIONS(true); GET_REPORT_OPTIONS(true);
handleNonNullReturn(Data, Opts); handleNonNullReturn(Data, Opts);
Die(); Die();
} }
static void handleNonNullArg(NonNullArgData *Data, ReportOptions Opts) { static void handleNonNullArg(NonNullArgData *Data, ReportOptions Opts) {
SourceLocation Loc = Data->Loc.acquire(); SourceLocation Loc = Data->Loc.acquire();
if (ignoreReport(Loc, Opts)) ErrorType ET = ErrorType::InvalidNullArgument;
if (ignoreReport(Loc, Opts, ET))
return; return;
ScopedReport R(Opts, Loc, ErrorType::InvalidNullArgument); ScopedReport R(Opts, Loc, ET);
Diag(Loc, DL_Error, "null pointer passed as argument %0, which is declared to " Diag(Loc, DL_Error, "null pointer passed as argument %0, which is declared to "
"never be null") << Data->ArgIndex; "never be null") << Data->ArgIndex;
if (!Data->AttrLoc.isInvalid()) if (!Data->AttrLoc.isInvalid())
Diag(Data->AttrLoc, DL_Note, "nonnull attribute specified here"); Diag(Data->AttrLoc, DL_Note, "nonnull attribute specified here");
} }
void __ubsan::__ubsan_handle_nonnull_arg(NonNullArgData *Data) { void __ubsan::__ubsan_handle_nonnull_arg(NonNullArgData *Data) {
GET_REPORT_OPTIONS(false); GET_REPORT_OPTIONS(false);
handleNonNullArg(Data, Opts); handleNonNullArg(Data, Opts);
} }
void __ubsan::__ubsan_handle_nonnull_arg_abort(NonNullArgData *Data) { void __ubsan::__ubsan_handle_nonnull_arg_abort(NonNullArgData *Data) {
GET_REPORT_OPTIONS(true); GET_REPORT_OPTIONS(true);
handleNonNullArg(Data, Opts); handleNonNullArg(Data, Opts);
Die(); Die();
} }
static void handleCFIBadIcall(CFIBadIcallData *Data, ValueHandle Function, static void handleCFIBadIcall(CFIBadIcallData *Data, ValueHandle Function,
ReportOptions Opts) { ReportOptions Opts) {
SourceLocation Loc = Data->Loc.acquire(); SourceLocation Loc = Data->Loc.acquire();
if (ignoreReport(Loc, Opts)) ErrorType ET = ErrorType::CFIBadType;
if (ignoreReport(Loc, Opts, ET))
return; return;
ScopedReport R(Opts, Loc, ErrorType::CFIBadType); ScopedReport R(Opts, Loc, ET);
Diag(Loc, DL_Error, "control flow integrity check for type %0 failed during " Diag(Loc, DL_Error, "control flow integrity check for type %0 failed during "
"indirect function call") "indirect function call")
<< Data->Type; << Data->Type;
SymbolizedStackHolder FLoc(getSymbolizedLocation(Function)); SymbolizedStackHolder FLoc(getSymbolizedLocation(Function));
const char *FName = FLoc.get()->info.function; const char *FName = FLoc.get()->info.function;
if (!FName) if (!FName)
Show All 18 Lines

lib/ubsan/ubsan_handlers_cxx.cc

Show All 37 Lines if (checkDynamicType((void*)Pointer, Data->TypeInfo, Hash))
return false; return false;
// Check if error report should be suppressed. // Check if error report should be suppressed.
DynamicTypeInfo DTI = getDynamicTypeInfoFromObject((void*)Pointer); DynamicTypeInfo DTI = getDynamicTypeInfoFromObject((void*)Pointer);
if (DTI.isValid() && IsVptrCheckSuppressed(DTI.getMostDerivedTypeName())) if (DTI.isValid() && IsVptrCheckSuppressed(DTI.getMostDerivedTypeName()))
return false; return false;
SourceLocation Loc = Data->Loc.acquire(); SourceLocation Loc = Data->Loc.acquire();
if (Loc.isDisabled()) ErrorType ET = ErrorType::DynamicTypeMismatch;
if (ignoreReport(Loc, Opts, ET))
return false; return false;
ScopedReport R(Opts, Loc, ErrorType::DynamicTypeMismatch); ScopedReport R(Opts, Loc, ET);
Diag(Loc, DL_Error, Diag(Loc, DL_Error,
"%0 address %1 which does not point to an object of type %2") "%0 address %1 which does not point to an object of type %2")
<< TypeCheckKinds[Data->TypeCheckKind] << (void*)Pointer << Data->Type; << TypeCheckKinds[Data->TypeCheckKind] << (void*)Pointer << Data->Type;
// If possible, say what type it actually points to. // If possible, say what type it actually points to.
if (!DTI.isValid()) if (!DTI.isValid())
Diag(Pointer, DL_Note, "object has invalid vptr") Diag(Pointer, DL_Note, "object has invalid vptr")
Show All 26 Linesvoid __ubsan::__ubsan_handle_dynamic_type_cache_miss_abort(
GET_REPORT_OPTIONS(false); GET_REPORT_OPTIONS(false);
if (HandleDynamicTypeCacheMiss(Data, Pointer, Hash, Opts)) if (HandleDynamicTypeCacheMiss(Data, Pointer, Hash, Opts))
Die(); Die();
} }
static void HandleCFIBadType(CFIBadTypeData *Data, ValueHandle Vtable, static void HandleCFIBadType(CFIBadTypeData *Data, ValueHandle Vtable,
ReportOptions Opts) { ReportOptions Opts) {
SourceLocation Loc = Data->Loc.acquire(); SourceLocation Loc = Data->Loc.acquire();
ErrorType ET = ErrorType::CFIBadType;
if (ignoreReport(Loc, Opts)) if (ignoreReport(Loc, Opts, ET))
return; return;
ScopedReport R(Opts, Loc, ErrorType::CFIBadType);
ScopedReport R(Opts, Loc, ET);
DynamicTypeInfo DTI = getDynamicTypeInfoFromVtable((void*)Vtable); DynamicTypeInfo DTI = getDynamicTypeInfoFromVtable((void*)Vtable);
static const char *TypeCheckKinds[] = { static const char *TypeCheckKinds[] = {
"virtual call", "virtual call",
"non-virtual call", "non-virtual call",
"base-to-derived cast", "base-to-derived cast",
"cast to unrelated type", "cast to unrelated type",
}; };
Show All 27 Lines

test/ubsan/TestCases/Integer/suppressions.cpp

  • This file was added.
// RUN: %clangxx -fsanitize=integer -g0 %s -o %t
// Fails without any suppression.
// RUN: %env_ubsan_opts=halt_on_error=1 not %run %t 2>&1 | FileCheck %s
// RUN: echo "signed-integer-overflow:%t" > %t.wrong-supp
// RUN: %env_ubsan_opts=halt_on_error=1:suppressions="%t.wrong-supp" not %run %t 2>&1 | FileCheck %s
// RUN: echo "unsigned-integer-overflow:do_overflow" > %t.func-supp
// RUN: %env_ubsan_opts=halt_on_error=1:suppressions="%t.func-supp" %run %t
// RUN: echo "unsigned-integer-overflow:%t" > %t.module-supp
// RUN: %env_ubsan_opts=halt_on_error=1:suppressions="%t.module-supp" %run %t
// Note: file-level suppressions should work even without debug info.
// RUN: echo "unsigned-integer-overflow:%s" > %t.file-supp
// RUN: %env_ubsan_opts=halt_on_error=1:suppressions="%t.file-supp" %run %t
// Suppressions don't work for unrecoverable kinds.
// RUN: %clangxx -fsanitize=integer -fno-sanitize-recover=integer %s -o %t-norecover
// RUN: %env_ubsan_opts=halt_on_error=1:suppressions="%t.module-supp" not %run %t-norecover 2>&1 | FileCheck %s
#include <stdint.h>
extern "C" void do_overflow() {
(void)(uint64_t(10000000000000000000ull) + uint64_t(9000000000000000000ull));
// CHECK: runtime error: unsigned integer overflow
}
int main() {
do_overflow();
return 0;
}