Index: lib/ubsan/ubsan_checks.inc =================================================================== --- lib/ubsan/ubsan_checks.inc +++ lib/ubsan/ubsan_checks.inc @@ -32,6 +32,11 @@ UBSAN_CHECK(InvalidBuiltin, "invalid-builtin-use", "invalid-builtin-use") UBSAN_CHECK(ImplicitIntegerTruncation, "implicit-integer-truncation", "implicit-integer-truncation") +UBSAN_CHECK(ImplicitIntegerSignChange, "implicit-integer-sign-change", + "implicit-integer-sign-change") +UBSAN_CHECK(ImplicitIntegerTruncationOrSignChange, + "implicit-integer-truncation-or-sign-change", + "implicit-integer-truncation,implicit-integer-sign-change") UBSAN_CHECK(InvalidShiftBase, "invalid-shift-base", "shift-base") UBSAN_CHECK(InvalidShiftExponent, "invalid-shift-exponent", "shift-exponent") UBSAN_CHECK(OutOfBoundsIndex, "out-of-bounds-index", "bounds") Index: lib/ubsan/ubsan_handlers.h =================================================================== --- lib/ubsan/ubsan_handlers.h +++ lib/ubsan/ubsan_handlers.h @@ -126,6 +126,8 @@ /// Keep in sync with the enum of the same name in CGExprScalar.cpp enum ImplicitConversionCheckKind : unsigned char { ICCK_IntegerTruncation = 0, + ICCK_IntegerSignChange = 1, + ICCK_IntegerTruncationOrSignChange = 2, }; struct ImplicitConversionData { Index: lib/ubsan/ubsan_handlers.cc =================================================================== --- lib/ubsan/ubsan_handlers.cc +++ lib/ubsan/ubsan_handlers.cc @@ -461,6 +461,12 @@ case ICCK_IntegerTruncation: ET = ErrorType::ImplicitIntegerTruncation; break; + case ICCK_IntegerSignChange: + ET = ErrorType::ImplicitIntegerSignChange; + break; + case ICCK_IntegerTruncationOrSignChange: + ET = ErrorType::ImplicitIntegerTruncationOrSignChange; + break; } if (ignoreReport(Loc, Opts, ET)) Index: test/fuzzer/ImplicitIntegerConversionTest.cpp =================================================================== --- /dev/null +++ test/fuzzer/ImplicitIntegerConversionTest.cpp @@ -0,0 +1,27 @@ +// This file is distributed under the University of Illinois Open Source +// License. See LICENSE.TXT for details. + +// Test for implicit-integer-conversion. +#include +#include +#include +#include +#include +#include + +static volatile signed char Sink; +static volatile unsigned int Storage = ~0U; + +extern "C" int LLVMFuzzerTestOneInput(const uint8_t *Data, size_t Size) { + assert(Data); + if (Size > 0 && Data[0] == 'H') { + Sink = 1; + if (Size > 1 && Data[1] == 'i') { + Sink = 2; + if (Size > 2 && Data[2] == '!') { + Sink = Storage; // 'conversion'. + } + } + } + return 0; +} Index: test/fuzzer/ImplicitIntegerSignChangeTest.cpp =================================================================== --- /dev/null +++ test/fuzzer/ImplicitIntegerSignChangeTest.cpp @@ -0,0 +1,27 @@ +// This file is distributed under the University of Illinois Open Source +// License. See LICENSE.TXT for details. + +// Test for implicit-integer-sign-change. +#include +#include +#include +#include +#include +#include + +static volatile unsigned int Sink; +static volatile signed int Storage = -1; + +extern "C" int LLVMFuzzerTestOneInput(const uint8_t *Data, size_t Size) { + assert(Data); + if (Size > 0 && Data[0] == 'H') { + Sink = 1; + if (Size > 1 && Data[1] == 'i') { + Sink = 2; + if (Size > 2 && Data[2] == '!') { + Sink = Storage; // 'sign change'. + } + } + } + return 0; +} Index: test/fuzzer/fuzzer-implicit-integer-conversion.test =================================================================== --- /dev/null +++ test/fuzzer/fuzzer-implicit-integer-conversion.test @@ -0,0 +1,5 @@ +RUN: rm -f %t-ImplicitIntegerConversionTest-Ubsan +RUN: %cpp_compiler -fsanitize=implicit-integer-truncation,implicit-integer-sign-change -fno-sanitize-recover=all %S/ImplicitIntegerConversionTest.cpp -o %t-ImplicitIntegerConversionTest-Ubsan +RUN: not %run %t-ImplicitIntegerConversionTest-Ubsan 2>&1 | FileCheck %s +CHECK: ImplicitIntegerConversionTest.cpp:22:16: runtime error: implicit conversion from type 'unsigned int' of value 4294967295 (32-bit, unsigned) to type 'signed char' changed the value to -1 (8-bit, signed) +CHECK: Test unit written to ./crash- Index: test/fuzzer/fuzzer-implicit-integer-sign-change.test =================================================================== --- /dev/null +++ test/fuzzer/fuzzer-implicit-integer-sign-change.test @@ -0,0 +1,5 @@ +RUN: rm -f %t-ImplicitIntegerSignChangeTest-Ubsan +RUN: %cpp_compiler -fsanitize=implicit-integer-sign-change -fno-sanitize-recover=all %S/ImplicitIntegerSignChangeTest.cpp -o %t-ImplicitIntegerSignChangeTest-Ubsan +RUN: not %run %t-ImplicitIntegerSignChangeTest-Ubsan 2>&1 | FileCheck %s +CHECK: ImplicitIntegerSignChangeTest.cpp:22:16: runtime error: implicit conversion from type 'int' of value -1 (32-bit, signed) to type 'unsigned int' changed the value to 4294967295 (32-bit, unsigned) +CHECK: Test unit written to ./crash- Index: test/fuzzer/fuzzer-implicit-integer-truncation.test =================================================================== --- test/fuzzer/fuzzer-implicit-integer-truncation.test +++ test/fuzzer/fuzzer-implicit-integer-truncation.test @@ -1,5 +1,5 @@ RUN: rm -f %t-ImplicitIntegerTruncationTest-Ubsan RUN: %cpp_compiler -fsanitize=implicit-integer-truncation -fno-sanitize-recover=all %S/ImplicitIntegerTruncationTest.cpp -o %t-ImplicitIntegerTruncationTest-Ubsan RUN: not %run %t-ImplicitIntegerTruncationTest-Ubsan 2>&1 | FileCheck %s -CHECK: runtime error: implicit conversion from type 'int' of value 256 (32-bit, signed) to type 'unsigned char' changed the value to 0 (8-bit, unsigned) +CHECK: ImplicitIntegerTruncationTest.cpp:22:17: runtime error: implicit conversion from type 'int' of value 256 (32-bit, signed) to type 'unsigned char' changed the value to 0 (8-bit, unsigned) CHECK: Test unit written to ./crash- Index: test/ubsan/TestCases/ImplicitConversion/integer-conversion-blacklist.c =================================================================== --- /dev/null +++ test/ubsan/TestCases/ImplicitConversion/integer-conversion-blacklist.c @@ -0,0 +1,56 @@ +// FIXME: https://code.google.com/p/address-sanitizer/issues/detail?id=316 +// I'm not sure this is actually *that* issue, but this seems oddly similar to the other XFAIL'ed cases. +// XFAIL: android +// UNSUPPORTED: ios + +// All of these don't actually silence it: + +// RUN: %clang -fsanitize=implicit-integer-truncation,implicit-integer-sign-change -fno-sanitize-recover=implicit-integer-truncation,implicit-integer-sign-change -O0 %s -o %t && not %run %t 2>&1 | FileCheck %s --implicit-check-not="implicit conversion" +// RUN: %clang -fsanitize=implicit-integer-truncation,implicit-integer-sign-change -fno-sanitize-recover=implicit-integer-truncation,implicit-integer-sign-change -O1 %s -o %t && not %run %t 2>&1 | FileCheck %s --implicit-check-not="implicit conversion" +// RUN: %clang -fsanitize=implicit-integer-truncation,implicit-integer-sign-change -fno-sanitize-recover=implicit-integer-truncation,implicit-integer-sign-change -O2 %s -o %t && not %run %t 2>&1 | FileCheck %s --implicit-check-not="implicit conversion" +// RUN: %clang -fsanitize=implicit-integer-truncation,implicit-integer-sign-change -fno-sanitize-recover=implicit-integer-truncation,implicit-integer-sign-change -O3 %s -o %t && not %run %t 2>&1 | FileCheck %s --implicit-check-not="implicit conversion" + +// RUN: rm -f %tmp +// RUN: echo "[implicit-integer-truncation]" >> %tmp +// RUN: echo "fun:implicitConversion" >> %tmp +// RUN: %clang -fsanitize=implicit-integer-truncation,implicit-integer-sign-change -fno-sanitize-recover=implicit-integer-truncation,implicit-integer-sign-change -fsanitize-blacklist=%tmp -O0 %s -o %t && not %run %t 2>&1 | FileCheck %s --implicit-check-not="implicit conversion" +// RUN: %clang -fsanitize=implicit-integer-truncation,implicit-integer-sign-change -fno-sanitize-recover=implicit-integer-truncation,implicit-integer-sign-change -fsanitize-blacklist=%tmp -O1 %s -o %t && not %run %t 2>&1 | FileCheck %s --implicit-check-not="implicit conversion" +// RUN: %clang -fsanitize=implicit-integer-truncation,implicit-integer-sign-change -fno-sanitize-recover=implicit-integer-truncation,implicit-integer-sign-change -fsanitize-blacklist=%tmp -O2 %s -o %t && not %run %t 2>&1 | FileCheck %s --implicit-check-not="implicit conversion" +// RUN: %clang -fsanitize=implicit-integer-truncation,implicit-integer-sign-change -fno-sanitize-recover=implicit-integer-truncation,implicit-integer-sign-change -fsanitize-blacklist=%tmp -O3 %s -o %t && not %run %t 2>&1 | FileCheck %s --implicit-check-not="implicit conversion" + +// RUN: rm -f %tmp +// RUN: echo "[implicit-integer-truncation,implicit-integer-sign-change]" >> %tmp +// RUN: echo "fun:implicitConversion" >> %tmp +// RUN: %clang -fsanitize=implicit-integer-truncation,implicit-integer-sign-change -fno-sanitize-recover=implicit-integer-truncation,implicit-integer-sign-change -fsanitize-blacklist=%tmp -O0 %s -o %t && not %run %t 2>&1 | FileCheck %s --implicit-check-not="implicit conversion" +// RUN: %clang -fsanitize=implicit-integer-truncation,implicit-integer-sign-change -fno-sanitize-recover=implicit-integer-truncation,implicit-integer-sign-change -fsanitize-blacklist=%tmp -O1 %s -o %t && not %run %t 2>&1 | FileCheck %s --implicit-check-not="implicit conversion" +// RUN: %clang -fsanitize=implicit-integer-truncation,implicit-integer-sign-change -fno-sanitize-recover=implicit-integer-truncation,implicit-integer-sign-change -fsanitize-blacklist=%tmp -O2 %s -o %t && not %run %t 2>&1 | FileCheck %s --implicit-check-not="implicit conversion" +// RUN: %clang -fsanitize=implicit-integer-truncation,implicit-integer-sign-change -fno-sanitize-recover=implicit-integer-truncation,implicit-integer-sign-change -fsanitize-blacklist=%tmp -O3 %s -o %t && not %run %t 2>&1 | FileCheck %s --implicit-check-not="implicit conversion" + + +// The only two way it works: + +// RUN: rm -f %tmp +// RUN: echo "[implicit-integer-sign-change]" >> %tmp +// RUN: echo "fun:implicitConversion" >> %tmp +// RUN: %clang -fsanitize=implicit-integer-truncation,implicit-integer-sign-change -fno-sanitize-recover=implicit-integer-truncation,implicit-integer-sign-change -fsanitize-blacklist=%tmp -O0 %s -o %t && not %run %t 2>&1 | not FileCheck %s +// RUN: %clang -fsanitize=implicit-integer-truncation,implicit-integer-sign-change -fno-sanitize-recover=implicit-integer-truncation,implicit-integer-sign-change -fsanitize-blacklist=%tmp -O1 %s -o %t && not %run %t 2>&1 | not FileCheck %s +// RUN: %clang -fsanitize=implicit-integer-truncation,implicit-integer-sign-change -fno-sanitize-recover=implicit-integer-truncation,implicit-integer-sign-change -fsanitize-blacklist=%tmp -O2 %s -o %t && not %run %t 2>&1 | not FileCheck %s +// RUN: %clang -fsanitize=implicit-integer-truncation,implicit-integer-sign-change -fno-sanitize-recover=implicit-integer-truncation,implicit-integer-sign-change -fsanitize-blacklist=%tmp -O3 %s -o %t && not %run %t 2>&1 | not FileCheck %s + +// RUN: rm -f %tmp +// RUN: echo "[implicit-integer-truncation]" >> %tmp +// RUN: echo "[implicit-integer-sign-change]" >> %tmp +// RUN: echo "fun:implicitConversion" >> %tmp +// RUN: %clang -fsanitize=implicit-integer-truncation,implicit-integer-sign-change -fno-sanitize-recover=implicit-integer-truncation,implicit-integer-sign-change -fsanitize-blacklist=%tmp -O0 %s -o %t && not %run %t 2>&1 | not FileCheck %s +// RUN: %clang -fsanitize=implicit-integer-truncation,implicit-integer-sign-change -fno-sanitize-recover=implicit-integer-truncation,implicit-integer-sign-change -fsanitize-blacklist=%tmp -O1 %s -o %t && not %run %t 2>&1 | not FileCheck %s +// RUN: %clang -fsanitize=implicit-integer-truncation,implicit-integer-sign-change -fno-sanitize-recover=implicit-integer-truncation,implicit-integer-sign-change -fsanitize-blacklist=%tmp -O2 %s -o %t && not %run %t 2>&1 | not FileCheck %s +// RUN: %clang -fsanitize=implicit-integer-truncation,implicit-integer-sign-change -fno-sanitize-recover=implicit-integer-truncation,implicit-integer-sign-change -fsanitize-blacklist=%tmp -O3 %s -o %t && not %run %t 2>&1 | not FileCheck %s + +signed char implicitConversion(unsigned int argc) { + return argc; // BOOM +// CHECK: {{.*}}integer-conversion-blacklist.c:[[@LINE-1]]:10: runtime error: implicit conversion from type 'unsigned int' of value 4294967295 (32-bit, unsigned) to type 'signed char' changed the value to -1 (8-bit, signed) +} + +int main(int argc, char **argv) { + return implicitConversion(~0U); +} Index: test/ubsan/TestCases/ImplicitConversion/integer-conversion-summary.cpp =================================================================== --- /dev/null +++ test/ubsan/TestCases/ImplicitConversion/integer-conversion-summary.cpp @@ -0,0 +1,13 @@ +// RUN: %clangxx -fsanitize=implicit-integer-truncation,implicit-integer-sign-change %s -o %t +// RUN: %run %t 2>&1 | FileCheck %s --check-prefix=CHECK-NOTYPE +// RUN: %env_ubsan_opts=report_error_type=1 %run %t 2>&1 | FileCheck %s --check-prefix=CHECK-TYPE +// REQUIRES: !ubsan-standalone && !ubsan-standalone-static + +#include + +int main() { + int8_t t0 = (~(uint32_t(0))); + // CHECK-NOTYPE: SUMMARY: UndefinedBehaviorSanitizer: undefined-behavior {{.*}}summary.cpp:[[@LINE-1]]:15 + // CHECK-TYPE: SUMMARY: UndefinedBehaviorSanitizer: implicit-integer-truncation-or-sign-change {{.*}}summary.cpp:[[@LINE-2]]:15 + return 0; +} Index: test/ubsan/TestCases/ImplicitConversion/integer-conversion.c =================================================================== --- /dev/null +++ test/ubsan/TestCases/ImplicitConversion/integer-conversion.c @@ -0,0 +1,74 @@ +// RUN: %clang -x c -fsanitize=implicit-integer-truncation,implicit-integer-sign-change %s -DV0 -o %t && %run %t 2>&1 | FileCheck %s --implicit-check-not="implicit conversion" --check-prefixes=CHECK-V0 +// RUN: %clang -x c -fsanitize=implicit-integer-truncation,implicit-integer-sign-change %s -DV1 -o %t && %run %t 2>&1 | FileCheck %s --implicit-check-not="implicit conversion" --check-prefixes=CHECK-V1 +// RUN: %clang -x c -fsanitize=implicit-integer-truncation,implicit-integer-sign-change %s -DV2 -o %t && %run %t 2>&1 | FileCheck %s --implicit-check-not="implicit conversion" --check-prefixes=CHECK-V2 +// RUN: %clang -x c -fsanitize=implicit-integer-truncation,implicit-integer-sign-change %s -DV3 -o %t && %run %t 2>&1 | FileCheck %s --implicit-check-not="implicit conversion" --check-prefixes=CHECK-V3 +// RUN: %clang -x c -fsanitize=implicit-integer-truncation,implicit-integer-sign-change %s -DV4 -o %t && %run %t 2>&1 | FileCheck %s --implicit-check-not="implicit conversion" --check-prefixes=CHECK-V4 +// RUN: %clang -x c -fsanitize=implicit-integer-truncation,implicit-integer-sign-change %s -DV5 -o %t && %run %t 2>&1 | FileCheck %s --implicit-check-not="implicit conversion" --check-prefixes=CHECK-V5 +// RUN: %clang -x c -fsanitize=implicit-integer-truncation,implicit-integer-sign-change %s -DV6 -o %t && %run %t 2>&1 | FileCheck %s --implicit-check-not="implicit conversion" --check-prefixes=CHECK-V6 + +// RUN: %clang -x c++ -fsanitize=implicit-integer-truncation,implicit-integer-sign-change %s -DV0 -o %t && %run %t 2>&1 | FileCheck %s --implicit-check-not="implicit conversion" --check-prefixes=CHECK-V0 +// RUN: %clang -x c++ -fsanitize=implicit-integer-truncation,implicit-integer-sign-change %s -DV1 -o %t && %run %t 2>&1 | FileCheck %s --implicit-check-not="implicit conversion" --check-prefixes=CHECK-V1 +// RUN: %clang -x c++ -fsanitize=implicit-integer-truncation,implicit-integer-sign-change %s -DV2 -o %t && %run %t 2>&1 | FileCheck %s --implicit-check-not="implicit conversion" --check-prefixes=CHECK-V2 +// RUN: %clang -x c++ -fsanitize=implicit-integer-truncation,implicit-integer-sign-change %s -DV3 -o %t && %run %t 2>&1 | FileCheck %s --implicit-check-not="implicit conversion" --check-prefixes=CHECK-V3 +// RUN: %clang -x c++ -fsanitize=implicit-integer-truncation,implicit-integer-sign-change %s -DV4 -o %t && %run %t 2>&1 | FileCheck %s --implicit-check-not="implicit conversion" --check-prefixes=CHECK-V4 +// RUN: %clang -x c++ -fsanitize=implicit-integer-truncation,implicit-integer-sign-change %s -DV5 -o %t && %run %t 2>&1 | FileCheck %s --implicit-check-not="implicit conversion" --check-prefixes=CHECK-V5 +// RUN: %clang -x c++ -fsanitize=implicit-integer-truncation,implicit-integer-sign-change %s -DV6 -o %t && %run %t 2>&1 | FileCheck %s --implicit-check-not="implicit conversion" --check-prefixes=CHECK-V6 + +// FIXME: add tests with these two sanitizers being in not the same recoverability status (trap vs recover, recover vs norecover, etc) + +#include + +int8_t positive6_convert_unsigned_int_to_signed_char(uint32_t x) { +#line 100 + return x; +} + +#line 1120 // !!! + +void test_positives() { + // No bits set. + positive6_convert_unsigned_int_to_signed_char(0); + + // One lowest bit set. + positive6_convert_unsigned_int_to_signed_char(1); + +#if defined(V0) + // All source bits set. + positive6_convert_unsigned_int_to_signed_char((uint32_t)UINT32_MAX); +// CHECK-V0: {{.*}}integer-conversion.c:100:10: runtime error: implicit conversion from type 'uint32_t' (aka 'unsigned int') of value 4294967295 (32-bit, unsigned) to type 'int8_t' (aka 'signed char') changed the value to -1 (8-bit, signed) +#elif defined(V1) + // Source 'Sign' bit set. + positive6_convert_unsigned_int_to_signed_char((uint32_t)INT32_MIN); +// CHECK-V1: {{.*}}integer-conversion.c:100:10: runtime error: implicit conversion from type 'uint32_t' (aka 'unsigned int') of value 2147483648 (32-bit, unsigned) to type 'int8_t' (aka 'signed char') changed the value to 0 (8-bit, signed) +#elif defined(V2) + // All bits except the source 'Sign' bit are set. + positive6_convert_unsigned_int_to_signed_char((uint32_t)INT32_MAX); +// CHECK-V2: {{.*}}integer-conversion.c:100:10: runtime error: implicit conversion from type 'uint32_t' (aka 'unsigned int') of value 2147483647 (32-bit, unsigned) to type 'int8_t' (aka 'signed char') changed the value to -1 (8-bit, signed) +#elif defined(V3) + // All destination bits set. + positive6_convert_unsigned_int_to_signed_char((uint32_t)UINT8_MAX); +// CHECK-V3: {{.*}}integer-conversion.c:100:10: runtime error: implicit conversion from type 'uint32_t' (aka 'unsigned int') of value 255 (32-bit, unsigned) to type 'int8_t' (aka 'signed char') changed the value to -1 (8-bit, signed) +#elif defined(V4) + // Destination 'sign' bit set. + positive6_convert_unsigned_int_to_signed_char((uint32_t)INT8_MIN); +// CHECK-V4: {{.*}}integer-conversion.c:100:10: runtime error: implicit conversion from type 'uint32_t' (aka 'unsigned int') of value 4294967168 (32-bit, unsigned) to type 'int8_t' (aka 'signed char') changed the value to -128 (8-bit, signed) +#elif defined(V5) + // All bits except the destination 'sign' bit are set. + positive6_convert_unsigned_int_to_signed_char(~((uint32_t)(uint8_t)INT8_MIN)); +// CHECK-V5: {{.*}}integer-conversion.c:100:10: runtime error: implicit conversion from type 'uint32_t' (aka 'unsigned int') of value 4294967167 (32-bit, unsigned) to type 'int8_t' (aka 'signed char') changed the value to 127 (8-bit, signed) +#elif defined(V6) + // Only the source and destination sign bits are set. + positive6_convert_unsigned_int_to_signed_char((uint32_t)((uint32_t)INT32_MIN | (uint32_t)((uint8_t)INT8_MIN))); +// CHECK-V6: {{.*}}integer-conversion.c:100:10: runtime error: implicit conversion from type 'uint32_t' (aka 'unsigned int') of value 2147483776 (32-bit, unsigned) to type 'int8_t' (aka 'signed char') changed the value to -128 (8-bit, signed) +#else +#error Some V* needs to be defined! +#endif +} + +// CHECK-NOT: implicit conversion + +int main() { + test_positives(); + + return 0; +} Index: test/ubsan/TestCases/ImplicitConversion/integer-sign-change-blacklist.c =================================================================== --- /dev/null +++ test/ubsan/TestCases/ImplicitConversion/integer-sign-change-blacklist.c @@ -0,0 +1,26 @@ +// FIXME: https://code.google.com/p/address-sanitizer/issues/detail?id=316 +// I'm not sure this is actually *that* issue, but this seems oddly similar to the other XFAIL'ed cases. +// XFAIL: android +// UNSUPPORTED: ios + +// RUN: %clang -fsanitize=implicit-integer-sign-change -fno-sanitize-recover=implicit-integer-sign-change -O0 %s -o %t && not %run %t 2>&1 | FileCheck %s --implicit-check-not="implicit conversion" +// RUN: %clang -fsanitize=implicit-integer-sign-change -fno-sanitize-recover=implicit-integer-sign-change -O1 %s -o %t && not %run %t 2>&1 | FileCheck %s --implicit-check-not="implicit conversion" +// RUN: %clang -fsanitize=implicit-integer-sign-change -fno-sanitize-recover=implicit-integer-sign-change -O2 %s -o %t && not %run %t 2>&1 | FileCheck %s --implicit-check-not="implicit conversion" +// RUN: %clang -fsanitize=implicit-integer-sign-change -fno-sanitize-recover=implicit-integer-sign-change -O3 %s -o %t && not %run %t 2>&1 | FileCheck %s --implicit-check-not="implicit conversion" + +// RUN: rm -f %tmp +// RUN: echo "[implicit-integer-sign-change]" >> %tmp +// RUN: echo "fun:implicitSignChange" >> %tmp +// RUN: %clang -fsanitize=implicit-integer-sign-change -fno-sanitize-recover=implicit-integer-sign-change -fsanitize-blacklist=%tmp -O0 %s -o %t && not %run %t 2>&1 | not FileCheck %s +// RUN: %clang -fsanitize=implicit-integer-sign-change -fno-sanitize-recover=implicit-integer-sign-change -fsanitize-blacklist=%tmp -O1 %s -o %t && not %run %t 2>&1 | not FileCheck %s +// RUN: %clang -fsanitize=implicit-integer-sign-change -fno-sanitize-recover=implicit-integer-sign-change -fsanitize-blacklist=%tmp -O2 %s -o %t && not %run %t 2>&1 | not FileCheck %s +// RUN: %clang -fsanitize=implicit-integer-sign-change -fno-sanitize-recover=implicit-integer-sign-change -fsanitize-blacklist=%tmp -O3 %s -o %t && not %run %t 2>&1 | not FileCheck %s + +signed int implicitSignChange(unsigned int argc) { + return argc; // BOOM +// CHECK: {{.*}}integer-sign-change-blacklist.c:[[@LINE-1]]:10: runtime error: implicit conversion from type 'unsigned int' of value 4294967295 (32-bit, unsigned) to type 'int' changed the value to -1 (32-bit, signed) +} + +int main(int argc, char **argv) { + return implicitSignChange(~0U); +} Index: test/ubsan/TestCases/ImplicitConversion/integer-sign-change-summary.cpp =================================================================== --- /dev/null +++ test/ubsan/TestCases/ImplicitConversion/integer-sign-change-summary.cpp @@ -0,0 +1,13 @@ +// RUN: %clangxx -fsanitize=implicit-integer-sign-change %s -o %t +// RUN: %run %t 2>&1 | FileCheck %s --check-prefix=CHECK-NOTYPE +// RUN: %env_ubsan_opts=report_error_type=1 %run %t 2>&1 | FileCheck %s --check-prefix=CHECK-TYPE +// REQUIRES: !ubsan-standalone && !ubsan-standalone-static + +#include + +int main() { + int32_t t0 = (~(uint32_t(0))); + // CHECK-NOTYPE: SUMMARY: UndefinedBehaviorSanitizer: undefined-behavior {{.*}}summary.cpp:[[@LINE-1]]:16 + // CHECK-TYPE: SUMMARY: UndefinedBehaviorSanitizer: implicit-integer-sign-change {{.*}}summary.cpp:[[@LINE-2]]:16 + return 0; +} Index: test/ubsan/TestCases/ImplicitConversion/integer-sign-change.c =================================================================== --- /dev/null +++ test/ubsan/TestCases/ImplicitConversion/integer-sign-change.c @@ -0,0 +1,297 @@ +// RUN: %clang -x c -fsanitize=implicit-integer-sign-change %s -DV0 -o %t && %run %t 2>&1 | FileCheck %s --implicit-check-not="implicit conversion" --check-prefixes=CHECK-V0 +// RUN: %clang -x c -fsanitize=implicit-integer-sign-change %s -DV1 -o %t && %run %t 2>&1 | FileCheck %s --implicit-check-not="implicit conversion" --check-prefixes=CHECK-V1 +// RUN: %clang -x c -fsanitize=implicit-integer-sign-change %s -DV2 -o %t && %run %t 2>&1 | FileCheck %s --implicit-check-not="implicit conversion" --check-prefixes=CHECK-V2 +// RUN: %clang -x c -fsanitize=implicit-integer-sign-change %s -DV3 -o %t && %run %t 2>&1 | FileCheck %s --implicit-check-not="implicit conversion" --check-prefixes=CHECK-V3 +// RUN: %clang -x c -fsanitize=implicit-integer-sign-change %s -DV4 -o %t && %run %t 2>&1 | FileCheck %s --implicit-check-not="implicit conversion" --check-prefixes=CHECK-V4 +// RUN: %clang -x c -fsanitize=implicit-integer-sign-change %s -DV5 -o %t && %run %t 2>&1 | FileCheck %s --implicit-check-not="implicit conversion" --check-prefixes=CHECK-V5 +// RUN: %clang -x c -fsanitize=implicit-integer-sign-change %s -DV6 -o %t && %run %t 2>&1 | FileCheck %s --implicit-check-not="implicit conversion" --check-prefixes=CHECK-V6 + +// RUN: %clang -x c++ -fsanitize=implicit-integer-sign-change %s -DV0 -o %t && %run %t 2>&1 | FileCheck %s --implicit-check-not="implicit conversion" --check-prefixes=CHECK-V0 +// RUN: %clang -x c++ -fsanitize=implicit-integer-sign-change %s -DV1 -o %t && %run %t 2>&1 | FileCheck %s --implicit-check-not="implicit conversion" --check-prefixes=CHECK-V1 +// RUN: %clang -x c++ -fsanitize=implicit-integer-sign-change %s -DV2 -o %t && %run %t 2>&1 | FileCheck %s --implicit-check-not="implicit conversion" --check-prefixes=CHECK-V2 +// RUN: %clang -x c++ -fsanitize=implicit-integer-sign-change %s -DV3 -o %t && %run %t 2>&1 | FileCheck %s --implicit-check-not="implicit conversion" --check-prefixes=CHECK-V3 +// RUN: %clang -x c++ -fsanitize=implicit-integer-sign-change %s -DV4 -o %t && %run %t 2>&1 | FileCheck %s --implicit-check-not="implicit conversion" --check-prefixes=CHECK-V4 +// RUN: %clang -x c++ -fsanitize=implicit-integer-sign-change %s -DV5 -o %t && %run %t 2>&1 | FileCheck %s --implicit-check-not="implicit conversion" --check-prefixes=CHECK-V5 +// RUN: %clang -x c++ -fsanitize=implicit-integer-sign-change %s -DV6 -o %t && %run %t 2>&1 | FileCheck %s --implicit-check-not="implicit conversion" --check-prefixes=CHECK-V6 + +#include + +// Test plan: +// * Two types - int and char +// * Two signs - signed and unsigned +// * Square that - we have input and output types. +// Thus, there are total of (2*2)^2 == 16 tests. +// These are all the possible variations/combinations of casts. +// However, not all of them should result in the check. +// So here, we *only* check which should and which should not result in checks. + +//============================================================================// +// Half of the cases do not need the check. // +//============================================================================// + +uint32_t negative0_convert_unsigned_int_to_unsigned_int(uint32_t x) { + return x; +} + +uint8_t negative1_convert_unsigned_char_to_unsigned_char(uint8_t x) { + return x; +} + +int32_t negative2_convert_signed_int_to_signed_int(int32_t x) { + return x; +} + +int8_t negative3_convert_signed_char_to_signed_char(int8_t x) { + return x; +} + +uint8_t negative4_convert_unsigned_int_to_unsigned_char(uint32_t x) { + return x; +} + +uint32_t negative5_convert_unsigned_char_to_unsigned_int(uint8_t x) { + return x; +} + +int32_t negative6_convert_unsigned_char_to_signed_int(uint8_t x) { + return x; +} + +int32_t negative7_convert_signed_char_to_signed_int(int8_t x) { + return x; +} + +void test_negatives() { + // No bits set. + negative0_convert_unsigned_int_to_unsigned_int(0); + negative1_convert_unsigned_char_to_unsigned_char(0); + negative2_convert_signed_int_to_signed_int(0); + negative3_convert_signed_char_to_signed_char(0); + negative4_convert_unsigned_int_to_unsigned_char(0); + negative5_convert_unsigned_char_to_unsigned_int(0); + negative6_convert_unsigned_char_to_signed_int(0); + negative7_convert_signed_char_to_signed_int(0); + + // One lowest bit set. + negative0_convert_unsigned_int_to_unsigned_int(1); + negative1_convert_unsigned_char_to_unsigned_char(1); + negative2_convert_signed_int_to_signed_int(1); + negative3_convert_signed_char_to_signed_char(1); + negative4_convert_unsigned_int_to_unsigned_char(1); + negative5_convert_unsigned_char_to_unsigned_int(1); + negative6_convert_unsigned_char_to_signed_int(1); + negative7_convert_signed_char_to_signed_int(1); + + // All source bits set. + negative0_convert_unsigned_int_to_unsigned_int((uint32_t)UINT32_MAX); + negative1_convert_unsigned_char_to_unsigned_char((uint8_t)UINT8_MAX); + negative2_convert_signed_int_to_signed_int((int32_t)INT32_MAX); + negative3_convert_signed_char_to_signed_char((int8_t)INT8_MAX); + negative4_convert_unsigned_int_to_unsigned_char((uint32_t)UINT32_MAX); + negative5_convert_unsigned_char_to_unsigned_int((uint8_t)UINT8_MAX); + negative6_convert_unsigned_char_to_signed_int((uint8_t)UINT8_MAX); + negative7_convert_signed_char_to_signed_int((int8_t)INT8_MAX); + + // Source 'sign' bit set. + negative0_convert_unsigned_int_to_unsigned_int((uint32_t)INT32_MIN); + negative1_convert_unsigned_char_to_unsigned_char((uint8_t)INT8_MIN); + negative2_convert_signed_int_to_signed_int((int32_t)INT32_MIN); + negative3_convert_signed_char_to_signed_char((int8_t)INT8_MIN); + negative4_convert_unsigned_int_to_unsigned_char((uint32_t)INT32_MIN); + negative5_convert_unsigned_char_to_unsigned_int((uint8_t)INT8_MIN); + negative6_convert_unsigned_char_to_signed_int((uint8_t)INT8_MIN); + negative7_convert_signed_char_to_signed_int((int8_t)INT8_MIN); +} + +//============================================================================// +// The remaining 8 cases *do* need the check. // +//============================================================================// + +int32_t positive0_convert_unsigned_int_to_signed_int(uint32_t x) { +#line 100 + return x; +} + +uint32_t positive1_convert_signed_int_to_unsigned_int(int32_t x) { +#line 200 + return x; +} + +uint8_t positive2_convert_signed_int_to_unsigned_char(int32_t x) { +#line 300 + return x; +} + +uint8_t positive3_convert_signed_char_to_unsigned_char(int8_t x) { +#line 400 + return x; +} + +int8_t positive4_convert_unsigned_char_to_signed_char(uint8_t x) { +#line 500 + return x; +} + +uint32_t positive5_convert_signed_char_to_unsigned_int(int8_t x) { +#line 600 + return x; +} + +int8_t positive6_convert_unsigned_int_to_signed_char(uint32_t x) { +#line 700 + return x; +} + +int8_t positive7_convert_signed_int_to_signed_char(int32_t x) { +#line 800 + return x; +} + +#line 1120 // !!! + +void test_positives() { + // No bits set. + positive0_convert_unsigned_int_to_signed_int(0); + positive1_convert_signed_int_to_unsigned_int(0); + positive2_convert_signed_int_to_unsigned_char(0); + positive3_convert_signed_char_to_unsigned_char(0); + positive4_convert_unsigned_char_to_signed_char(0); + positive5_convert_signed_char_to_unsigned_int(0); + positive6_convert_unsigned_int_to_signed_char(0); + positive7_convert_signed_int_to_signed_char(0); + + // One lowest bit set. + positive0_convert_unsigned_int_to_signed_int(1); + positive1_convert_signed_int_to_unsigned_int(1); + positive2_convert_signed_int_to_unsigned_char(1); + positive3_convert_signed_char_to_unsigned_char(1); + positive4_convert_unsigned_char_to_signed_char(1); + positive5_convert_signed_char_to_unsigned_int(1); + positive6_convert_unsigned_int_to_signed_char(1); + positive7_convert_signed_int_to_signed_char(1); + +#if defined(V0) + // All source bits set. + positive0_convert_unsigned_int_to_signed_int((uint32_t)UINT32_MAX); +// CHECK-V0: {{.*}}integer-sign-change.c:100:10: runtime error: implicit conversion from type 'uint32_t' (aka 'unsigned int') of value 4294967295 (32-bit, unsigned) to type 'int32_t' (aka 'int') changed the value to -1 (32-bit, signed) + positive1_convert_signed_int_to_unsigned_int((int32_t)UINT32_MAX); +// CHECK-V0: {{.*}}integer-sign-change.c:200:10: runtime error: implicit conversion from type 'int32_t' (aka 'int') of value -1 (32-bit, signed) to type 'uint32_t' (aka 'unsigned int') changed the value to 4294967295 (32-bit, unsigned) + positive2_convert_signed_int_to_unsigned_char((int32_t)UINT32_MAX); +// CHECK-V0: {{.*}}integer-sign-change.c:300:10: runtime error: implicit conversion from type 'int32_t' (aka 'int') of value -1 (32-bit, signed) to type 'uint8_t' (aka 'unsigned char') changed the value to 255 (8-bit, unsigned) + positive3_convert_signed_char_to_unsigned_char((int8_t)UINT8_MAX); +// CHECK-V0: {{.*}}integer-sign-change.c:400:10: runtime error: implicit conversion from type 'int8_t' (aka 'signed char') of value -1 (8-bit, signed) to type 'uint8_t' (aka 'unsigned char') changed the value to 255 (8-bit, unsigned) + positive4_convert_unsigned_char_to_signed_char((uint8_t)UINT8_MAX); +// CHECK-V0: {{.*}}integer-sign-change.c:500:10: runtime error: implicit conversion from type 'uint8_t' (aka 'unsigned char') of value 255 (8-bit, unsigned) to type 'int8_t' (aka 'signed char') changed the value to -1 (8-bit, signed) + positive5_convert_signed_char_to_unsigned_int((int8_t)UINT8_MAX); +// CHECK-V0: {{.*}}integer-sign-change.c:600:10: runtime error: implicit conversion from type 'int8_t' (aka 'signed char') of value -1 (8-bit, signed) to type 'uint32_t' (aka 'unsigned int') changed the value to 4294967295 (32-bit, unsigned) + positive6_convert_unsigned_int_to_signed_char((uint32_t)UINT32_MAX); +// CHECK-V0: {{.*}}integer-sign-change.c:700:10: runtime error: implicit conversion from type 'uint32_t' (aka 'unsigned int') of value 4294967295 (32-bit, unsigned) to type 'int8_t' (aka 'signed char') changed the value to -1 (8-bit, signed) + positive7_convert_signed_int_to_signed_char((int32_t)UINT32_MAX); +#elif defined(V1) + // Source 'Sign' bit set. + positive0_convert_unsigned_int_to_signed_int((uint32_t)INT32_MIN); +// CHECK-V1: {{.*}}integer-sign-change.c:100:10: runtime error: implicit conversion from type 'uint32_t' (aka 'unsigned int') of value 2147483648 (32-bit, unsigned) to type 'int32_t' (aka 'int') changed the value to -2147483648 (32-bit, signed) + positive1_convert_signed_int_to_unsigned_int((int32_t)INT32_MIN); +// CHECK-V1: {{.*}}integer-sign-change.c:200:10: runtime error: implicit conversion from type 'int32_t' (aka 'int') of value -2147483648 (32-bit, signed) to type 'uint32_t' (aka 'unsigned int') changed the value to 2147483648 (32-bit, unsigned) + positive2_convert_signed_int_to_unsigned_char((int32_t)INT32_MIN); +// CHECK-V1: {{.*}}integer-sign-change.c:300:10: runtime error: implicit conversion from type 'int32_t' (aka 'int') of value -2147483648 (32-bit, signed) to type 'uint8_t' (aka 'unsigned char') changed the value to 0 (8-bit, unsigned) + positive3_convert_signed_char_to_unsigned_char((int8_t)INT8_MIN); +// CHECK-V1: {{.*}}integer-sign-change.c:400:10: runtime error: implicit conversion from type 'int8_t' (aka 'signed char') of value -128 (8-bit, signed) to type 'uint8_t' (aka 'unsigned char') changed the value to 128 (8-bit, unsigned) + positive4_convert_unsigned_char_to_signed_char((uint8_t)INT8_MIN); +// CHECK-V1: {{.*}}integer-sign-change.c:500:10: runtime error: implicit conversion from type 'uint8_t' (aka 'unsigned char') of value 128 (8-bit, unsigned) to type 'int8_t' (aka 'signed char') changed the value to -128 (8-bit, signed) + positive5_convert_signed_char_to_unsigned_int((int8_t)INT8_MIN); +// CHECK-V1: {{.*}}integer-sign-change.c:600:10: runtime error: implicit conversion from type 'int8_t' (aka 'signed char') of value -128 (8-bit, signed) to type 'uint32_t' (aka 'unsigned int') changed the value to 4294967168 (32-bit, unsigned) + positive6_convert_unsigned_int_to_signed_char((uint32_t)INT32_MIN); + positive7_convert_signed_int_to_signed_char((int32_t)INT32_MIN); +// CHECK-V1: {{.*}}integer-sign-change.c:800:10: runtime error: implicit conversion from type 'int32_t' (aka 'int') of value -2147483648 (32-bit, signed) to type 'int8_t' (aka 'signed char') changed the value to 0 (8-bit, signed) +#elif defined(V2) + // All bits except the source 'Sign' bit are set. + positive0_convert_unsigned_int_to_signed_int((uint32_t)INT32_MAX); + positive1_convert_signed_int_to_unsigned_int((int32_t)INT32_MAX); + positive2_convert_signed_int_to_unsigned_char((int32_t)INT32_MAX); + positive3_convert_signed_char_to_unsigned_char((int8_t)INT8_MAX); + positive4_convert_unsigned_char_to_signed_char((uint8_t)INT8_MAX); + positive5_convert_signed_char_to_unsigned_int((int8_t)INT8_MAX); + positive6_convert_unsigned_int_to_signed_char((uint32_t)INT32_MAX); +// CHECK-V2: {{.*}}integer-sign-change.c:700:10: runtime error: implicit conversion from type 'uint32_t' (aka 'unsigned int') of value 2147483647 (32-bit, unsigned) to type 'int8_t' (aka 'signed char') changed the value to -1 (8-bit, signed) + positive7_convert_signed_int_to_signed_char((int32_t)INT32_MAX); +// CHECK-V2: {{.*}}integer-sign-change.c:800:10: runtime error: implicit conversion from type 'int32_t' (aka 'int') of value 2147483647 (32-bit, signed) to type 'int8_t' (aka 'signed char') changed the value to -1 (8-bit, signed) +#elif defined(V3) + // All destination bits set. + positive0_convert_unsigned_int_to_signed_int((uint32_t)UINT32_MAX); +// CHECK-V3: {{.*}}integer-sign-change.c:100:10: runtime error: implicit conversion from type 'uint32_t' (aka 'unsigned int') of value 4294967295 (32-bit, unsigned) to type 'int32_t' (aka 'int') changed the value to -1 (32-bit, signed) + positive1_convert_signed_int_to_unsigned_int((int32_t)UINT32_MAX); +// CHECK-V3: {{.*}}integer-sign-change.c:200:10: runtime error: implicit conversion from type 'int32_t' (aka 'int') of value -1 (32-bit, signed) to type 'uint32_t' (aka 'unsigned int') changed the value to 4294967295 (32-bit, unsigned) + positive2_convert_signed_int_to_unsigned_char((int32_t)UINT8_MAX); + positive3_convert_signed_char_to_unsigned_char((int8_t)UINT8_MAX); +// CHECK-V3: {{.*}}integer-sign-change.c:400:10: runtime error: implicit conversion from type 'int8_t' (aka 'signed char') of value -1 (8-bit, signed) to type 'uint8_t' (aka 'unsigned char') changed the value to 255 (8-bit, unsigned) + positive4_convert_unsigned_char_to_signed_char((uint8_t)UINT8_MAX); +// CHECK-V3: {{.*}}integer-sign-change.c:500:10: runtime error: implicit conversion from type 'uint8_t' (aka 'unsigned char') of value 255 (8-bit, unsigned) to type 'int8_t' (aka 'signed char') changed the value to -1 (8-bit, signed) + positive5_convert_signed_char_to_unsigned_int((int8_t)UINT32_MAX); +// CHECK-V3: {{.*}}integer-sign-change.c:600:10: runtime error: implicit conversion from type 'int8_t' (aka 'signed char') of value -1 (8-bit, signed) to type 'uint32_t' (aka 'unsigned int') changed the value to 4294967295 (32-bit, unsigned) + positive6_convert_unsigned_int_to_signed_char((uint32_t)UINT8_MAX); +// CHECK-V3: {{.*}}integer-sign-change.c:700:10: runtime error: implicit conversion from type 'uint32_t' (aka 'unsigned int') of value 255 (32-bit, unsigned) to type 'int8_t' (aka 'signed char') changed the value to -1 (8-bit, signed) + positive7_convert_signed_int_to_signed_char((int32_t)UINT8_MAX); +// CHECK-V3: {{.*}}integer-sign-change.c:800:10: runtime error: implicit conversion from type 'int32_t' (aka 'int') of value 255 (32-bit, signed) to type 'int8_t' (aka 'signed char') changed the value to -1 (8-bit, signed) +#elif defined(V4) + // Destination 'sign' bit set. + positive0_convert_unsigned_int_to_signed_int((uint32_t)INT32_MIN); +// CHECK-V4: {{.*}}integer-sign-change.c:100:10: runtime error: implicit conversion from type 'uint32_t' (aka 'unsigned int') of value 2147483648 (32-bit, unsigned) to type 'int32_t' (aka 'int') changed the value to -2147483648 (32-bit, signed) + positive1_convert_signed_int_to_unsigned_int((int32_t)INT32_MIN); +// CHECK-V4: {{.*}}integer-sign-change.c:200:10: runtime error: implicit conversion from type 'int32_t' (aka 'int') of value -2147483648 (32-bit, signed) to type 'uint32_t' (aka 'unsigned int') changed the value to 2147483648 (32-bit, unsigned) + positive2_convert_signed_int_to_unsigned_char((int32_t)INT8_MIN); +// CHECK-V4: {{.*}}integer-sign-change.c:300:10: runtime error: implicit conversion from type 'int32_t' (aka 'int') of value -128 (32-bit, signed) to type 'uint8_t' (aka 'unsigned char') changed the value to 128 (8-bit, unsigned) + positive3_convert_signed_char_to_unsigned_char((int8_t)INT8_MIN); +// CHECK-V4: {{.*}}integer-sign-change.c:400:10: runtime error: implicit conversion from type 'int8_t' (aka 'signed char') of value -128 (8-bit, signed) to type 'uint8_t' (aka 'unsigned char') changed the value to 128 (8-bit, unsigned) + positive4_convert_unsigned_char_to_signed_char((uint8_t)INT8_MIN); +// CHECK-V4: {{.*}}integer-sign-change.c:500:10: runtime error: implicit conversion from type 'uint8_t' (aka 'unsigned char') of value 128 (8-bit, unsigned) to type 'int8_t' (aka 'signed char') changed the value to -128 (8-bit, signed) + positive5_convert_signed_char_to_unsigned_int((int8_t)INT32_MIN); + positive6_convert_unsigned_int_to_signed_char((uint32_t)INT8_MIN); +// CHECK-V4: {{.*}}integer-sign-change.c:700:10: runtime error: implicit conversion from type 'uint32_t' (aka 'unsigned int') of value 4294967168 (32-bit, unsigned) to type 'int8_t' (aka 'signed char') changed the value to -128 (8-bit, signed) + positive7_convert_signed_int_to_signed_char((int32_t)INT8_MIN); +#elif defined(V5) + // All bits except the destination 'sign' bit are set. + positive0_convert_unsigned_int_to_signed_int((uint32_t)INT32_MIN); +// CHECK-V5: {{.*}}integer-sign-change.c:100:10: runtime error: implicit conversion from type 'uint32_t' (aka 'unsigned int') of value 2147483648 (32-bit, unsigned) to type 'int32_t' (aka 'int') changed the value to -2147483648 (32-bit, signed) + positive1_convert_signed_int_to_unsigned_int((int32_t)INT32_MIN); +// CHECK-V5: {{.*}}integer-sign-change.c:200:10: runtime error: implicit conversion from type 'int32_t' (aka 'int') of value -2147483648 (32-bit, signed) to type 'uint32_t' (aka 'unsigned int') changed the value to 2147483648 (32-bit, unsigned) + positive2_convert_signed_int_to_unsigned_char((int32_t)(~((uint32_t)(uint8_t)INT8_MIN))); +// CHECK-V5: {{.*}}integer-sign-change.c:300:10: runtime error: implicit conversion from type 'int32_t' (aka 'int') of value -129 (32-bit, signed) to type 'uint8_t' (aka 'unsigned char') changed the value to 127 (8-bit, unsigned) + positive3_convert_signed_char_to_unsigned_char((int8_t)(INT8_MIN)); +// CHECK-V5: {{.*}}integer-sign-change.c:400:10: runtime error: implicit conversion from type 'int8_t' (aka 'signed char') of value -128 (8-bit, signed) to type 'uint8_t' (aka 'unsigned char') changed the value to 128 (8-bit, unsigned) + positive4_convert_unsigned_char_to_signed_char((uint8_t)(INT8_MIN)); +// CHECK-V5: {{.*}}integer-sign-change.c:500:10: runtime error: implicit conversion from type 'uint8_t' (aka 'unsigned char') of value 128 (8-bit, unsigned) to type 'int8_t' (aka 'signed char') changed the value to -128 (8-bit, signed) + positive5_convert_signed_char_to_unsigned_int((int8_t)(INT32_MIN)); + positive6_convert_unsigned_int_to_signed_char(~((uint32_t)(uint8_t)INT8_MIN)); + positive7_convert_signed_int_to_signed_char((int32_t)(~((uint32_t)((uint8_t)INT8_MIN)))); +// CHECK-V5: {{.*}}integer-sign-change.c:800:10: runtime error: implicit conversion from type 'int32_t' (aka 'int') of value -129 (32-bit, signed) to type 'int8_t' (aka 'signed char') changed the value to 127 (8-bit, signed) +#elif defined(V6) + // Only the source and destination sign bits are set. + positive0_convert_unsigned_int_to_signed_int((uint32_t)INT32_MIN); +// CHECK-V6: {{.*}}integer-sign-change.c:100:10: runtime error: implicit conversion from type 'uint32_t' (aka 'unsigned int') of value 2147483648 (32-bit, unsigned) to type 'int32_t' (aka 'int') changed the value to -2147483648 (32-bit, signed) + positive1_convert_signed_int_to_unsigned_int((int32_t)INT32_MIN); +// CHECK-V6: {{.*}}integer-sign-change.c:200:10: runtime error: implicit conversion from type 'int32_t' (aka 'int') of value -2147483648 (32-bit, signed) to type 'uint32_t' (aka 'unsigned int') changed the value to 2147483648 (32-bit, unsigned) + positive2_convert_signed_int_to_unsigned_char((int32_t)((uint32_t)INT32_MIN | (uint32_t)((uint8_t)INT8_MIN))); +// CHECK-V6: {{.*}}integer-sign-change.c:300:10: runtime error: implicit conversion from type 'int32_t' (aka 'int') of value -2147483520 (32-bit, signed) to type 'uint8_t' (aka 'unsigned char') changed the value to 128 (8-bit, unsigned) + positive3_convert_signed_char_to_unsigned_char((int8_t)INT8_MIN); +// CHECK-V6: {{.*}}integer-sign-change.c:400:10: runtime error: implicit conversion from type 'int8_t' (aka 'signed char') of value -128 (8-bit, signed) to type 'uint8_t' (aka 'unsigned char') changed the value to 128 (8-bit, unsigned) + positive4_convert_unsigned_char_to_signed_char((uint8_t)INT8_MIN); +// CHECK-V6: {{.*}}integer-sign-change.c:500:10: runtime error: implicit conversion from type 'uint8_t' (aka 'unsigned char') of value 128 (8-bit, unsigned) to type 'int8_t' (aka 'signed char') changed the value to -128 (8-bit, signed) + positive5_convert_signed_char_to_unsigned_int((int8_t)INT8_MIN); +// CHECK-V6: {{.*}}integer-sign-change.c:600:10: runtime error: implicit conversion from type 'int8_t' (aka 'signed char') of value -128 (8-bit, signed) to type 'uint32_t' (aka 'unsigned int') changed the value to 4294967168 (32-bit, unsigned) + positive6_convert_unsigned_int_to_signed_char((uint32_t)((uint32_t)INT32_MIN | (uint32_t)((uint8_t)INT8_MIN))); +// CHECK-V6: {{.*}}integer-sign-change.c:700:10: runtime error: implicit conversion from type 'uint32_t' (aka 'unsigned int') of value 2147483776 (32-bit, unsigned) to type 'int8_t' (aka 'signed char') changed the value to -128 (8-bit, signed) + positive7_convert_signed_int_to_signed_char((int32_t)((uint32_t)INT32_MIN | (uint32_t)((uint8_t)INT8_MIN))); +#else +#error Some V* needs to be defined! +#endif +} + +// CHECK-NOT: implicit conversion + +int main() { + test_negatives(); + test_positives(); + + return 0; +} Index: test/ubsan/TestCases/ImplicitConversion/integer-truncation-blacklist.c =================================================================== --- test/ubsan/TestCases/ImplicitConversion/integer-truncation-blacklist.c +++ test/ubsan/TestCases/ImplicitConversion/integer-truncation-blacklist.c @@ -3,16 +3,22 @@ // XFAIL: android // UNSUPPORTED: ios +// RUN: %clang -fsanitize=implicit-integer-truncation -fno-sanitize-recover=implicit-integer-truncation -O0 %s -o %t && not %run %t 2>&1 | FileCheck %s --implicit-check-not="implicit conversion" +// RUN: %clang -fsanitize=implicit-integer-truncation -fno-sanitize-recover=implicit-integer-truncation -O1 %s -o %t && not %run %t 2>&1 | FileCheck %s --implicit-check-not="implicit conversion" +// RUN: %clang -fsanitize=implicit-integer-truncation -fno-sanitize-recover=implicit-integer-truncation -O2 %s -o %t && not %run %t 2>&1 | FileCheck %s --implicit-check-not="implicit conversion" +// RUN: %clang -fsanitize=implicit-integer-truncation -fno-sanitize-recover=implicit-integer-truncation -O3 %s -o %t && not %run %t 2>&1 | FileCheck %s --implicit-check-not="implicit conversion" + // RUN: rm -f %tmp // RUN: echo "[implicit-integer-truncation]" >> %tmp -// RUN: echo "fun:*implicitTruncation*" >> %tmp -// RUN: %clang -fsanitize=implicit-integer-truncation -fno-sanitize-recover=implicit-integer-truncation -fsanitize-blacklist=%tmp -O0 %s -o %t && not %run %t 2>&1 -// RUN: %clang -fsanitize=implicit-integer-truncation -fno-sanitize-recover=implicit-integer-truncation -fsanitize-blacklist=%tmp -O1 %s -o %t && not %run %t 2>&1 -// RUN: %clang -fsanitize=implicit-integer-truncation -fno-sanitize-recover=implicit-integer-truncation -fsanitize-blacklist=%tmp -O2 %s -o %t && not %run %t 2>&1 -// RUN: %clang -fsanitize=implicit-integer-truncation -fno-sanitize-recover=implicit-integer-truncation -fsanitize-blacklist=%tmp -O3 %s -o %t && not %run %t 2>&1 +// RUN: echo "fun:implicitTruncation" >> %tmp +// RUN: %clang -fsanitize=implicit-integer-truncation -fno-sanitize-recover=implicit-integer-truncation -fsanitize-blacklist=%tmp -O0 %s -o %t && not %run %t 2>&1 | not FileCheck %s +// RUN: %clang -fsanitize=implicit-integer-truncation -fno-sanitize-recover=implicit-integer-truncation -fsanitize-blacklist=%tmp -O1 %s -o %t && not %run %t 2>&1 | not FileCheck %s +// RUN: %clang -fsanitize=implicit-integer-truncation -fno-sanitize-recover=implicit-integer-truncation -fsanitize-blacklist=%tmp -O2 %s -o %t && not %run %t 2>&1 | not FileCheck %s +// RUN: %clang -fsanitize=implicit-integer-truncation -fno-sanitize-recover=implicit-integer-truncation -fsanitize-blacklist=%tmp -O3 %s -o %t && not %run %t 2>&1 | not FileCheck %s unsigned char implicitTruncation(unsigned int argc) { return argc; // BOOM +// CHECK: {{.*}}integer-truncation-blacklist.c:[[@LINE-1]]:10: runtime error: implicit conversion from type 'unsigned int' of value 4294967295 (32-bit, unsigned) to type 'unsigned char' changed the value to 255 (8-bit, unsigned) } int main(int argc, char **argv) { Index: test/ubsan_minimal/TestCases/implicit-integer-conversion.c =================================================================== --- /dev/null +++ test/ubsan_minimal/TestCases/implicit-integer-conversion.c @@ -0,0 +1,17 @@ +// RUN: %clang -fsanitize=implicit-integer-truncation,implicit-integer-sign-change %s -o %t && %run %t 2>&1 | FileCheck %s --check-prefixes=CHECK + +#include + +int main() { +// CHECK-NOT: implicit-conversion + + // Explicitly casting hides it, + int8_t n0 = (int8_t)(~((uint32_t)0)); + + // Positive tests. + int8_t t0 = ~((uint32_t)0); +// CHECK: implicit-conversion +// CHECK-NOT: implicit-conversion + + return 0; +} Index: test/ubsan_minimal/TestCases/implicit-integer-sign-change.c =================================================================== --- /dev/null +++ test/ubsan_minimal/TestCases/implicit-integer-sign-change.c @@ -0,0 +1,17 @@ +// RUN: %clang -fsanitize=implicit-integer-sign-change %s -o %t && %run %t 2>&1 | FileCheck %s --check-prefixes=CHECK + +#include + +int main() { +// CHECK-NOT: implicit-conversion + + // Explicitly casting hides it, + int32_t n0 = (int32_t)(~((uint32_t)0)); + + // Positive tests. + int32_t t0 = (~((uint32_t)0)); +// CHECK: implicit-conversion +// CHECK-NOT: implicit-conversion + + return 0; +} Index: test/ubsan_minimal/TestCases/implicit-integer-truncation.c =================================================================== --- test/ubsan_minimal/TestCases/implicit-integer-truncation.c +++ test/ubsan_minimal/TestCases/implicit-integer-truncation.c @@ -3,7 +3,7 @@ #include int main() { -// CHECK-NOT: integer-truncation.c +// CHECK-NOT: implicit-conversion // Negative tests. Even if they produce unexpected results, this sanitizer does not care. int8_t n0 = (~((uint32_t)(0))); // ~0 -> -1, but do not warn. @@ -19,6 +19,7 @@ // Positive tests. uint8_t t0 = (~((uint32_t)(0))); // CHECK: implicit-conversion +// CHECK-NOT: implicit-conversion return 0; }