-
Notifications
You must be signed in to change notification settings - Fork 13.7k
[Clang] Implement labelled type filtering for overflow/truncation sanitizers w/ SSCLs #107332
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Merged
Merged
Changes from all commits
Commits
Show all changes
13 commits
Select commit
Hold shift + click to select a range
548efc6
hook up sscl categories with overflow/truncation sanitizers
JustinStitt 6efbd7b
add docs
JustinStitt 21be60a
fix formatting on docs
JustinStitt ce2a808
use split-file for tests
JustinStitt 7f92e75
use no_sanitize and sanitize over allow and skip/forbid
JustinStitt f119326
rephrase some documentation for readability's sake
JustinStitt d670482
fix improper link formatting
JustinStitt 8e47307
readd removed test
JustinStitt 33aa461
add new test for category precedence, rename pre-existing test
JustinStitt 4eba983
add clarification about category reordering to docs
JustinStitt 651bc7d
use better comparison logic
JustinStitt 7156afb
use printing policy for type name
JustinStitt b4a9448
remove no_sanitize category
JustinStitt File filter
Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,58 @@ | ||
// RUN: rm -rf %t | ||
// RUN: split-file %s %t | ||
|
||
// RUN: %clang_cc1 -triple x86_64-linux-gnu -fsanitize=signed-integer-overflow,unsigned-integer-overflow -fsanitize-ignorelist=%t/order-0.ignorelist -emit-llvm %t/test.c -o - | FileCheck %s | ||
// RUN: %clang_cc1 -triple x86_64-linux-gnu -fsanitize=signed-integer-overflow,unsigned-integer-overflow -fsanitize-ignorelist=%t/order-1.ignorelist -emit-llvm %t/test.c -o - | FileCheck %s | ||
// RUN: %clang_cc1 -triple x86_64-linux-gnu -fsanitize=signed-integer-overflow,unsigned-integer-overflow -fsanitize-ignorelist=%t/order-2.ignorelist -emit-llvm %t/test.c -o - | FileCheck %s | ||
// RUN: %clang_cc1 -triple x86_64-linux-gnu -fsanitize=signed-integer-overflow,unsigned-integer-overflow -fsanitize-ignorelist=%t/order-3.ignorelist -emit-llvm %t/test.c -o - | FileCheck %s | ||
// RUN: %clang_cc1 -triple x86_64-linux-gnu -fsanitize=signed-integer-overflow,unsigned-integer-overflow -fsanitize-ignorelist=%t/order-4.ignorelist -emit-llvm %t/test.c -o - | FileCheck %s | ||
// RUN: %clang_cc1 -triple x86_64-linux-gnu -fsanitize=signed-integer-overflow,unsigned-integer-overflow -fsanitize-ignorelist=%t/order-5.ignorelist -emit-llvm %t/test.c -o - | FileCheck %s | ||
// RUN: %clang_cc1 -triple x86_64-linux-gnu -fsanitize=signed-integer-overflow,unsigned-integer-overflow -fsanitize-ignorelist=%t/order-6.ignorelist -emit-llvm %t/test.c -o - | FileCheck %s | ||
// RUN: %clang_cc1 -triple x86_64-linux-gnu -fsanitize=signed-integer-overflow,unsigned-integer-overflow -fsanitize-ignorelist=%t/order-7.ignorelist -emit-llvm %t/test.c -o - | FileCheck %s | ||
|
||
// The same type can appear multiple times within an ignorelist. This is a test | ||
// to make sure "=sanitize" has priority regardless of the order in which | ||
// duplicate type entries appear. This is a precautionary measure; we would | ||
// much rather eagerly sanitize than silently forgo sanitization. | ||
|
||
//--- order-0.ignorelist | ||
type:int | ||
type:int=sanitize | ||
|
||
//--- order-1.ignorelist | ||
type:int=sanitize | ||
type:int | ||
|
||
//--- order-2.ignorelist | ||
type:in* | ||
type:int=sanitize | ||
|
||
//--- order-3.ignorelist | ||
type:in*=sanitize | ||
type:int | ||
|
||
//--- order-4.ignorelist | ||
type:int | ||
type:in*=sanitize | ||
|
||
//--- order-5.ignorelist | ||
type:int=sanitize | ||
type:in* | ||
|
||
//--- order-6.ignorelist | ||
type:int=sanitize | ||
type:in* | ||
|
||
//--- order-7.ignorelist | ||
type:int | ||
type:int=sanitize | ||
|
||
|
||
|
||
|
||
//--- test.c | ||
// CHECK-LABEL: @test | ||
void test(int A) { | ||
// CHECK: @llvm.sadd.with.overflow.i32 | ||
++A; | ||
} |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,98 @@ | ||
// RUN: rm -rf %t | ||
// RUN: split-file %s %t | ||
|
||
// Verify ubsan doesn't emit checks for ignorelisted types | ||
// RUN: %clang_cc1 -triple x86_64-linux-gnu -fsanitize=signed-integer-overflow,unsigned-integer-overflow -fsanitize-ignorelist=%t/int.ignorelist -emit-llvm %t/test.cpp -o - | FileCheck %s --check-prefix=INT | ||
// RUN: %clang_cc1 -triple x86_64-linux-gnu -fsanitize=signed-integer-overflow,unsigned-integer-overflow -fsanitize-ignorelist=%t/nosection.ignorelist -emit-llvm %t/test.cpp -o - | FileCheck %s --check-prefix=INT | ||
// RUN: %clang_cc1 -triple x86_64-linux-gnu -fsanitize=signed-integer-overflow,unsigned-integer-overflow -fsanitize-ignorelist=%t/nosan-same-as-no-category.ignorelist -emit-llvm %t/test.cpp -o - | FileCheck %s --check-prefix=INT | ||
// RUN: %clang_cc1 -triple x86_64-linux-gnu -fsanitize=signed-integer-overflow,unsigned-integer-overflow -fsanitize-ignorelist=%t/myty.ignorelist -emit-llvm %t/test.cpp -o - | FileCheck %s --check-prefix=MYTY | ||
// RUN: %clang_cc1 -triple x86_64-linux-gnu -fsanitize=implicit-signed-integer-truncation,implicit-unsigned-integer-truncation -fsanitize-ignorelist=%t/trunc.ignorelist -emit-llvm %t/test.cpp -o - | FileCheck %s --check-prefix=TRUNC | ||
// RUN: %clang_cc1 -triple x86_64-linux-gnu -fsanitize=implicit-signed-integer-truncation,implicit-unsigned-integer-truncation -fsanitize-ignorelist=%t/docs.ignorelist -emit-llvm %t/test.cpp -o - | FileCheck %s --check-prefix=TRUNC2 | ||
|
||
//--- int.ignorelist | ||
[{unsigned-integer-overflow,signed-integer-overflow}] | ||
type:int | ||
|
||
//--- nosection.ignorelist | ||
type:int | ||
|
||
//--- nosan-same-as-no-category.ignorelist | ||
type:int | ||
|
||
//--- myty.ignorelist | ||
[{unsigned-integer-overflow,signed-integer-overflow}] | ||
type:* | ||
type:myty=sanitize | ||
|
||
//--- trunc.ignorelist | ||
[{implicit-signed-integer-truncation,implicit-unsigned-integer-truncation}] | ||
type:char | ||
type:unsigned char | ||
|
||
//--- docs.ignorelist | ||
[implicit-signed-integer-truncation] | ||
type:* | ||
type:T=sanitize | ||
|
||
//--- test.cpp | ||
// INT-LABEL: ignore_int | ||
void ignore_int(int A, int B, unsigned C, unsigned D, long E) { | ||
// INT: llvm.uadd.with.overflow.i32 | ||
(void)(C+D); | ||
// INT-NOT: llvm.sadd.with.overflow.i32 | ||
(void)(A+B); | ||
// INT: llvm.sadd.with.overflow.i64 | ||
(void)(++E); | ||
} | ||
|
||
|
||
typedef unsigned long myty; | ||
typedef myty derivative; | ||
// INT-LABEL: ignore_all_except_myty | ||
// MYTY-LABEL: ignore_all_except_myty | ||
void ignore_all_except_myty(myty A, myty B, int C, unsigned D, derivative E) { | ||
// MYTY-NOT: llvm.sadd.with.overflow.i32 | ||
(void)(++C); | ||
|
||
// MYTY-NOT: llvm.uadd.with.overflow.i32 | ||
(void)(D+D); | ||
|
||
// MYTY-NOT: llvm.umul.with.overflow.i64 | ||
(void)(E*2); | ||
|
||
// MYTY: llvm.uadd.with.overflow.i64 | ||
(void)(A+B); | ||
} | ||
|
||
// INT-LABEL: truncation | ||
// MYTY-LABEL: truncation | ||
// TRUNC-LABEL: truncation | ||
void truncation(char A, int B, unsigned char C, short D) { | ||
// TRUNC-NOT: %handler.implicit_conversion | ||
A = B; | ||
// TRUNC-NOT: %handler.implicit_conversion | ||
A = C; | ||
// TRUNC-NOT: %handler.implicit_conversion | ||
C = B; | ||
|
||
// TRUNC: %handler.implicit_conversion | ||
D = B; | ||
|
||
(void)A; | ||
(void)D; | ||
} | ||
|
||
|
||
// Matches the example from clang/docs/SanitizerSpecialCaseList.rst | ||
typedef char T; | ||
typedef char U; | ||
// TRUNC2-LABEL: docs_example | ||
void docs_example(int toobig) { | ||
// TRUNC2: %handler.implicit_conversion | ||
T a = toobig; | ||
// TRUNC2-NOT: %handler.implicit_conversion | ||
U b = toobig; | ||
// TRUNC2-NOT: %handler.implicit_conversion | ||
char c = toobig; | ||
} | ||
|
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Uh oh!
There was an error while loading. Please reload this page.