[ubsan] Skip overflow checks on safe arithmetic (fixes PR32874)
Currently, ubsan emits overflow checks for arithmetic that is known to
be safe at compile-time, e.g:
1 + 1 => CheckedAdd(1, 1)
This leads to breakage when using the __builtin_prefetch intrinsic. LLVM
expects the arguments to @llvm.prefetch to be constant integers, and
when ubsan inserts unnecessary checks on the operands to the intrinsic,
this contract is broken, leading to verifier failures (see PR32874).
Instead of special-casing __builtin_prefetch for ubsan, this patch fixes
the underlying problem, i.e that clang currently emits unnecessary
overflow checks.
Testing: I ran the check-clang and check-ubsan targets with a stage2,
ubsan-enabled build of clang. I added a regression test for PR32874, and
some extra checking to make sure we don't regress runtime checking for
unsafe arithmetic. The existing ubsan-promoted-arithmetic.cpp test also
provides coverage for this change.
llvm-svn: 301988
2017-05-03 07:46:56 +08:00
|
|
|
// RUN: %clang_cc1 -x c -S -emit-llvm -o - -triple x86_64-apple-darwin10 %s \
|
|
|
|
// RUN: -w -fsanitize=signed-integer-overflow,unsigned-integer-overflow,integer-divide-by-zero,float-divide-by-zero \
|
|
|
|
// RUN: | FileCheck %s
|
|
|
|
|
2020-12-31 12:45:56 +08:00
|
|
|
// CHECK-LABEL: define{{.*}} void @foo
|
[ubsan] Skip overflow checks on safe arithmetic (fixes PR32874)
Currently, ubsan emits overflow checks for arithmetic that is known to
be safe at compile-time, e.g:
1 + 1 => CheckedAdd(1, 1)
This leads to breakage when using the __builtin_prefetch intrinsic. LLVM
expects the arguments to @llvm.prefetch to be constant integers, and
when ubsan inserts unnecessary checks on the operands to the intrinsic,
this contract is broken, leading to verifier failures (see PR32874).
Instead of special-casing __builtin_prefetch for ubsan, this patch fixes
the underlying problem, i.e that clang currently emits unnecessary
overflow checks.
Testing: I ran the check-clang and check-ubsan targets with a stage2,
ubsan-enabled build of clang. I added a regression test for PR32874, and
some extra checking to make sure we don't regress runtime checking for
unsafe arithmetic. The existing ubsan-promoted-arithmetic.cpp test also
provides coverage for this change.
llvm-svn: 301988
2017-05-03 07:46:56 +08:00
|
|
|
// CHECK-NOT: !nosanitize
|
|
|
|
void foo(const int *p) {
|
|
|
|
// __builtin_prefetch expects its optional arguments to be constant integers.
|
|
|
|
// Check that ubsan does not instrument any safe arithmetic performed in
|
|
|
|
// operands to __builtin_prefetch. (A clang frontend check should reject
|
|
|
|
// unsafe arithmetic in these operands.)
|
|
|
|
|
|
|
|
__builtin_prefetch(p, 0 + 1, 0 + 3);
|
|
|
|
__builtin_prefetch(p, 1 - 0, 3 - 0);
|
|
|
|
__builtin_prefetch(p, 1 * 1, 1 * 3);
|
|
|
|
__builtin_prefetch(p, 1 / 1, 3 / 1);
|
|
|
|
__builtin_prefetch(p, 3 % 2, 3 % 1);
|
|
|
|
|
|
|
|
__builtin_prefetch(p, 0U + 1U, 0U + 3U);
|
|
|
|
__builtin_prefetch(p, 1U - 0U, 3U - 0U);
|
|
|
|
__builtin_prefetch(p, 1U * 1U, 1U * 3U);
|
|
|
|
__builtin_prefetch(p, 1U / 1U, 3U / 1U);
|
|
|
|
__builtin_prefetch(p, 3U % 2U, 3U % 1U);
|
|
|
|
}
|
|
|
|
|
2020-12-31 12:45:56 +08:00
|
|
|
// CHECK-LABEL: define{{.*}} void @ub_constant_arithmetic
|
[ubsan] Skip overflow checks on safe arithmetic (fixes PR32874)
Currently, ubsan emits overflow checks for arithmetic that is known to
be safe at compile-time, e.g:
1 + 1 => CheckedAdd(1, 1)
This leads to breakage when using the __builtin_prefetch intrinsic. LLVM
expects the arguments to @llvm.prefetch to be constant integers, and
when ubsan inserts unnecessary checks on the operands to the intrinsic,
this contract is broken, leading to verifier failures (see PR32874).
Instead of special-casing __builtin_prefetch for ubsan, this patch fixes
the underlying problem, i.e that clang currently emits unnecessary
overflow checks.
Testing: I ran the check-clang and check-ubsan targets with a stage2,
ubsan-enabled build of clang. I added a regression test for PR32874, and
some extra checking to make sure we don't regress runtime checking for
unsafe arithmetic. The existing ubsan-promoted-arithmetic.cpp test also
provides coverage for this change.
llvm-svn: 301988
2017-05-03 07:46:56 +08:00
|
|
|
void ub_constant_arithmetic() {
|
|
|
|
// Check that we still instrument unsafe arithmetic, even if it is known to
|
|
|
|
// be unsafe at compile time.
|
|
|
|
|
|
|
|
int INT_MIN = 0xffffffff;
|
|
|
|
int INT_MAX = 0x7fffffff;
|
|
|
|
|
|
|
|
// CHECK: call void @__ubsan_handle_add_overflow
|
|
|
|
// CHECK: call void @__ubsan_handle_add_overflow
|
|
|
|
INT_MAX + 1;
|
|
|
|
INT_MAX + -1;
|
|
|
|
|
|
|
|
// CHECK: call void @__ubsan_handle_negate_overflow
|
|
|
|
// CHECK: call void @__ubsan_handle_sub_overflow
|
|
|
|
-INT_MIN;
|
|
|
|
-INT_MAX - 2;
|
|
|
|
|
|
|
|
// CHECK: call void @__ubsan_handle_mul_overflow
|
|
|
|
// CHECK: call void @__ubsan_handle_mul_overflow
|
|
|
|
INT_MAX * INT_MAX;
|
|
|
|
INT_MIN * INT_MIN;
|
|
|
|
|
|
|
|
// CHECK: call void @__ubsan_handle_divrem_overflow
|
|
|
|
// CHECK: call void @__ubsan_handle_divrem_overflow
|
|
|
|
1 / 0;
|
|
|
|
INT_MIN / -1;
|
|
|
|
|
|
|
|
// CHECK: call void @__ubsan_handle_divrem_overflow
|
|
|
|
// CHECK: call void @__ubsan_handle_divrem_overflow
|
|
|
|
1 % 0;
|
|
|
|
INT_MIN % -1;
|
|
|
|
|
|
|
|
// CHECK: call void @__ubsan_handle_divrem_overflow
|
|
|
|
1.0 / 0.0;
|
|
|
|
}
|