Page MenuHomePhabricator

[ubsan] runtime support for pointer overflow checking

Authored by regehr on May 17 2016, 4:59 AM.



This is the runtime support for this cfe patch to support pointer overflow checking:

Diff Detail


Event Timeline

regehr updated this revision to Diff 57461.May 17 2016, 4:59 AM
regehr retitled this revision from to [ubsan] runtime support for pointer overflow checking.
regehr updated this object.
regehr added reviewers: filcab, rsmith.
regehr added a subscriber: dtzWill.
filcab accepted this revision.May 17 2016, 8:31 AM
filcab edited edge metadata.

LGTM with the test fix.

19 ↗(On Diff #57461)

Something happened here... :-)

This revision is now accepted and ready to land.May 17 2016, 8:31 AM

Hmm, this test actually is wonky if argv[0] happens to be negative when represented as intptr_t... which happens on -m32 for my machine. I'll see about constructing a better test case!

Doing this in a 'portable' manner is amusingly challenging...

Fixed test:

// RUN: %clangxx -fsanitize=pointer-overflow %s -o %t
// RUN: %t 1 2>&1 | FileCheck %s --check-prefix=ERR
// RUN: %t 0 2>&1 | FileCheck %s --check-prefix=SAFE
// RUN: %t -1 2>&1 | FileCheck %s --check-prefix=SAFE

#include <stdio.h>
#include <stdint.h>
#include <stdlib.h>

int main(int argc, char *argv[]) {
  // SAFE-NOT: runtime error
  // ERR: runtime error: pointer index expression with base {{.*}} overflowed to

  char *p = (char *)(UINTPTR_MAX);

  printf("%p\n", p + atoi(argv[1]));

  return 0;

I'm not sure how to update the revision, but this test should do the trick :).

regehr updated this revision to Diff 57565.May 18 2016, 12:44 AM
regehr edited edge metadata.

Fix borked test. Thanks folks!

Looks like patch was not committed.

This revision was automatically updated to reflect the committed changes.