Skip to content

Commit cb8a90b

Browse files
authored
[ubsan] Remove -ubsan-unique-traps (replace with -fno-sanitize-merge) (#120613)
-fno-sanitize-merge (introduced in #120511) duplicates the functionality of -ubsan-unique-traps but also allows individual checks to be specified e.g., * "-fno-sanitize-merge" without arguments is equivalent to -ubsan-unique-traps * "-fno-sanitize-merge=bool,enum" will apply it only to those two checks Additionally, the naming is more consistent with the rest of the -fsanitize- family. This patch therefore removes -ubsan-unique-traps. This breaks backwards compatibility; we hope that this is acceptable since '-mllvm -ubsan-unique-traps' was an experimental flag. This patch also adds negative test examples to bounds-checking.c, and strengthens the NOOPTARRAY assertion to prevent spurious matches. "-bounds-checking-unique-traps" is unaffected by this patch.
1 parent 7009b06 commit cb8a90b

File tree

4 files changed

+28
-20
lines changed

4 files changed

+28
-20
lines changed

clang/docs/ReleaseNotes.rst

Lines changed: 6 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -445,6 +445,10 @@ New Compiler Flags
445445
- The ``-Warray-compare-cxx26`` warning has been added to warn about array comparison
446446
starting from C++26, this warning is enabled as an error by default.
447447

448+
- '-fsanitize-merge' (default) and '-fno-sanitize-merge' have been added for
449+
fine-grained control of which UBSan checks are allowed to be merged by the
450+
backend (for example, -fno-sanitize-merge=bool,enum).
451+
448452
Deprecated Compiler Flags
449453
-------------------------
450454

@@ -484,6 +488,8 @@ Removed Compiler Flags
484488
derivatives) is now removed, since it's no longer possible to suppress the
485489
diagnostic (see above). Users can expect an `unknown warning` diagnostic if
486490
it's still in use.
491+
- The experimental flag '-ubsan-unique-traps' has been removed. It is
492+
superseded by '-fno-sanitize-merge'.
487493

488494
Attribute Changes in Clang
489495
--------------------------

clang/lib/CodeGen/CGExpr.cpp

Lines changed: 2 additions & 9 deletions
Original file line numberDiff line numberDiff line change
@@ -52,11 +52,6 @@
5252
using namespace clang;
5353
using namespace CodeGen;
5454

55-
// Experiment to make sanitizers easier to debug
56-
static llvm::cl::opt<bool> ClSanitizeDebugDeoptimization(
57-
"ubsan-unique-traps", llvm::cl::Optional,
58-
llvm::cl::desc("Deoptimize traps for UBSAN so there is 1 trap per check."));
59-
6055
// TODO: Introduce frontend options to enabled per sanitizers, similar to
6156
// `fsanitize-trap`.
6257
static llvm::cl::opt<bool> ClSanitizeGuardChecks(
@@ -3581,8 +3576,7 @@ static void emitCheckHandlerCall(CodeGenFunction &CGF,
35813576
llvm::AttributeList::FunctionIndex, B),
35823577
/*Local=*/true);
35833578
llvm::CallInst *HandlerCall = CGF.EmitNounwindRuntimeCall(Fn, FnArgs);
3584-
NoMerge = NoMerge || ClSanitizeDebugDeoptimization ||
3585-
!CGF.CGM.getCodeGenOpts().OptimizationLevel ||
3579+
NoMerge = NoMerge || !CGF.CGM.getCodeGenOpts().OptimizationLevel ||
35863580
(CGF.CurCodeDecl && CGF.CurCodeDecl->hasAttr<OptimizeNoneAttr>());
35873581
if (NoMerge)
35883582
HandlerCall->addFnAttr(llvm::Attribute::NoMerge);
@@ -3915,8 +3909,7 @@ void CodeGenFunction::EmitTrapCheck(llvm::Value *Checked,
39153909

39163910
llvm::BasicBlock *&TrapBB = TrapBBs[CheckHandlerID];
39173911

3918-
NoMerge = NoMerge || ClSanitizeDebugDeoptimization ||
3919-
!CGM.getCodeGenOpts().OptimizationLevel ||
3912+
NoMerge = NoMerge || !CGM.getCodeGenOpts().OptimizationLevel ||
39203913
(CurCodeDecl && CurCodeDecl->hasAttr<OptimizeNoneAttr>());
39213914

39223915
if (TrapBB && !NoMerge) {

clang/test/CodeGen/bounds-checking.c

Lines changed: 20 additions & 7 deletions
Original file line numberDiff line numberDiff line change
@@ -1,7 +1,15 @@
1-
// RUN: %clang_cc1 -fsanitize=local-bounds -emit-llvm -triple x86_64-apple-darwin10 %s -o - | FileCheck %s
2-
// RUN: %clang_cc1 -fsanitize=array-bounds -O -fsanitize-trap=array-bounds -emit-llvm -triple x86_64-apple-darwin10 -DNO_DYNAMIC %s -o - | FileCheck %s
3-
// RUN: %clang_cc1 -fsanitize=local-bounds -fsanitize-trap=local-bounds -O3 -mllvm -bounds-checking-unique-traps -emit-llvm -triple x86_64-apple-darwin10 %s -o - | FileCheck %s --check-prefixes=NOOPTLOCAL
4-
// RUN: %clang_cc1 -fsanitize=array-bounds -fsanitize-trap=array-bounds -O3 -mllvm -ubsan-unique-traps -emit-llvm -triple x86_64-apple-darwin10 %s -o - | FileCheck %s --check-prefixes=NOOPTARRAY
1+
// RUN: %clang_cc1 -fsanitize=local-bounds -emit-llvm -triple x86_64-apple-darwin10 %s -o - | FileCheck %s
2+
// RUN: %clang_cc1 -fsanitize=array-bounds -O -emit-llvm -triple x86_64-apple-darwin10 %s -o - | not FileCheck %s
3+
// RUN: %clang_cc1 -fsanitize=array-bounds -O -fsanitize-trap=array-bounds -emit-llvm -triple x86_64-apple-darwin10 -DNO_DYNAMIC %s -o - | FileCheck %s
4+
//
5+
// RUN: %clang_cc1 -fsanitize=local-bounds -fsanitize-trap=local-bounds -O3 -mllvm -bounds-checking-unique-traps -emit-llvm -triple x86_64-apple-darwin10 %s -o - | FileCheck %s --check-prefixes=NOOPTLOCAL
6+
// RUN: %clang_cc1 -fsanitize=local-bounds -fsanitize-trap=local-bounds -O3 -emit-llvm -triple x86_64-apple-darwin10 %s -o - | not FileCheck %s --check-prefixes=NOOPTLOCAL
7+
//
8+
// N.B. The clang driver defaults to -fsanitize-merge but clang_cc1 effectively
9+
// defaults to -fno-sanitize-merge.
10+
// RUN: %clang_cc1 -fsanitize=array-bounds -fsanitize-trap=array-bounds -O3 -emit-llvm -triple x86_64-apple-darwin10 %s -o - | FileCheck %s --check-prefixes=NOOPTARRAY
11+
// RUN: %clang_cc1 -fsanitize=array-bounds -fsanitize-trap=array-bounds -fno-sanitize-merge -O3 -emit-llvm -triple x86_64-apple-darwin10 %s -o - | FileCheck %s --check-prefixes=NOOPTARRAY
12+
// RUN: %clang_cc1 -fsanitize=array-bounds -fsanitize-trap=array-bounds -fsanitize-merge=array-bounds -O3 -emit-llvm -triple x86_64-apple-darwin10 %s -o - | not FileCheck %s --check-prefixes=NOOPTARRAY
513
//
614
// REQUIRES: x86-registered-target
715

@@ -43,7 +51,7 @@ int f4(int i) {
4351
return b[i];
4452
}
4553

46-
// Union flexible-array memebers are a C99 extension. All array members with a
54+
// Union flexible-array members are a C99 extension. All array members with a
4755
// constant size should be considered FAMs.
4856

4957
union U { int a[0]; int b[1]; int c[2]; };
@@ -72,13 +80,17 @@ int f7(union U *u, int i) {
7280
char B[10];
7381
char B2[10];
7482
// CHECK-LABEL: @f8
83+
// Check the label to prevent spuriously matching ubsantraps from other
84+
// functions.
85+
// NOOPTLOCAL-LABEL: @f8
86+
// NOOPTARRAY-LABEL: @f8
7587
void f8(int i, int k) {
7688
// NOOPTLOCAL: call void @llvm.ubsantrap(i8 3)
77-
// NOOPTARRAY: call void @llvm.ubsantrap(i8 18)
89+
// NOOPTARRAY: call void @llvm.ubsantrap(i8 18) #[[ATTR2:[0-9]+]]
7890
B[i] = '\0';
7991

8092
// NOOPTLOCAL: call void @llvm.ubsantrap(i8 5)
81-
// NOOPTARRAY: call void @llvm.ubsantrap(i8 18)
93+
// NOOPTARRAY: call void @llvm.ubsantrap(i8 18) #[[ATTR2:[0-9]+]]
8294
B2[k] = '\0';
8395
}
8496

@@ -90,3 +102,4 @@ struct S {
90102
struct S *f9(int i) {
91103
return &s[i];
92104
}
105+
// NOOPTARRAY: attributes #[[ATTR2]] = { nomerge noreturn nounwind }

clang/test/CodeGen/ubsan-trap-merge.c

Lines changed: 0 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -10,10 +10,6 @@
1010
// RUN: %clang_cc1 -triple x86_64-linux-gnu -emit-llvm -fsanitize=signed-integer-overflow -O3 %s -o - | FileCheck %s --check-prefixes=HANDLER-NOMERGE
1111
// RUN: %clang_cc1 -triple x86_64-linux-gnu -emit-llvm -fsanitize=signed-integer-overflow -O3 %s -o - -fsanitize-minimal-runtime | FileCheck %s --check-prefixes=MINRT-NOMERGE
1212
//
13-
// RUN: %clang_cc1 -triple x86_64-linux-gnu -emit-llvm -fsanitize=signed-integer-overflow -O3 -mllvm -ubsan-unique-traps %s -o - -fsanitize-trap=signed-integer-overflow | FileCheck %s --check-prefixes=TRAP-NOMERGE
14-
// RUN: %clang_cc1 -triple x86_64-linux-gnu -emit-llvm -fsanitize=signed-integer-overflow -O3 -mllvm -ubsan-unique-traps %s -o - | FileCheck %s --check-prefixes=HANDLER-NOMERGE
15-
// RUN: %clang_cc1 -triple x86_64-linux-gnu -emit-llvm -fsanitize=signed-integer-overflow -O3 -mllvm -ubsan-unique-traps %s -o - -fsanitize-minimal-runtime | FileCheck %s --check-prefixes=MINRT-NOMERGE
16-
//
1713
// RUN: %clang_cc1 -triple x86_64-linux-gnu -emit-llvm -fsanitize=signed-integer-overflow -O3 -fno-sanitize-merge=signed-integer-overflow %s -o - -fsanitize-trap=signed-integer-overflow | FileCheck %s --check-prefixes=TRAP-NOMERGE
1814
// RUN: %clang_cc1 -triple x86_64-linux-gnu -emit-llvm -fsanitize=signed-integer-overflow -O3 -fno-sanitize-merge=signed-integer-overflow %s -o - | FileCheck %s --check-prefixes=HANDLER-NOMERGE
1915
// RUN: %clang_cc1 -triple x86_64-linux-gnu -emit-llvm -fsanitize=signed-integer-overflow -O3 -fno-sanitize-merge=signed-integer-overflow %s -o - -fsanitize-minimal-runtime | FileCheck %s --check-prefixes=MINRT-NOMERGE

0 commit comments

Comments
 (0)