<table border="1" cellspacing="0" cellpadding="8">
    <tr>
        <th>Issue</th>
        <td>
            <a href=https://github.com/llvm/llvm-project/issues/139128>139128</a>
        </td>
    </tr>

    <tr>
        <th>Summary</th>
        <td>
            [sanitizer] "src:*=sanitize" does not work for UBSan
        </td>
    </tr>

    <tr>
      <th>Labels</th>
      <td>
            new issue
      </td>
    </tr>

    <tr>
      <th>Assignees</th>
      <td>
            qinkunbao
      </td>
    </tr>

    <tr>
      <th>Reporter</th>
      <td>
          qinkunbao
      </td>
    </tr>
</table>

<pre>
    According to the [UBSan doc](https://clang.llvm.org/docs/SanitizerSpecialCaseList.html#id4), UBSan's `=sanitize` category enables an allowlist approach to instrumentation files/types. Instead of the default behavior of instrumenting all files, users can selectively enable instrumentation for specific files while disabling it for all others. This provides a fine-grained control over which parts of the code are ubstrumented by UBSan.

However, it looks like the current implementation only support the `type:*=sanitize`. Consider the following example. 

```
$ tree .
.
├── allowlist.txt
├── lib1
│   └── foo.c
├── lib2
│   └── bar.c
└── main.c

3 directories, 4 files

$ cat main.c
extern void foo();
extern void bar();
int main() {
  foo();
  bar();
  return 0;
}

$ cat ./lib1/foo.c
#include <stdio.h>

void foo() {
  int k = 0x7fffffff;
  int r = k + 10;
  printf("call from foo: %d\n", r);
}

$ cat ./lib2/bar.c
#include <stdio.h>

void bar() {
  int k = 0x7fffffff;
  int r = k + 1;
  printf("call from bar: %d\n", r);
}

```

Build the example with `-fsanitize=undefined`.

```
$ clang -fsanitize=undefined  main.c ./lib1/foo.c ./lib2/bar.c -o san
$ ./san
lib1/foo.c:5:13: runtime error: signed integer overflow: 2147483647 + 10 cannot be represented in type 'int'
SUMMARY: UndefinedBehaviorSanitizer: undefined-behavior lib1/foo.c:5:13
call from foo: -2147483639
lib2/bar.c:5:13: runtime error: signed integer overflow: 2147483647 + 1 cannot be represented in type 'int'
SUMMARY: UndefinedBehaviorSanitizer: undefined-behavior lib2/bar.c:5:13
call from bar: -2147483648
Hello world
```

Build the example with `-fsanitize=undefined -fsanitize-ignorelist=allowlist.txt`.

```
$ cat allowlist.txt
src:*
src:lib2/*=sanitize

$ clang -fsanitize=undefined -fsanitize-ignorelist=allowlist.txt main.c ./lib1/foo.c ./lib2/bar.c -o san_allowlist
$ ./san_allowlist
call from foo: -2147483639
call from bar: -2147483648 
Hello world
```
Given `lib2/bar.c` is in the allowlist, I expect the integer overflow bug inside `bar` should be caught by `UBSan`.

After searching the existing LLVM repo, I don't find any tests that cover the case `src:*=sanitize`. Maybe it is a feature that has not been implemented.
</pre>
<img width="1" height="1" alt="" src="http://email.email.llvm.org/o/eJy8V91u4zYTfRr6ZmBBpuQfXfhCsdfft8DmpukW6FVBkSOLDU2qJGUnffqClCzHiTfZbosGQSLz5_gczpnhiDkn9xpxTeZ3hNI_pH7sdMUMoZTMtxPW-cbY9Tg8qYx4XpecGyuk3oM34BsEMr_7evfANAjDyXxL6KrxvnUkKwndEbrjiul9otTxkBi7J3QnDHeE7h6Yll7-ifahRS6Z2jCHX6TzSeMPitBMipzQgtANRHhClw7IIiXZ1g07ySIFzjzujX0G1KxS6IBpYEqZk5LOA2tbaxhvAlepnbfdAbVnXhoNtVQYePjnFl0Cn7XzyASYOqoSWLNOeaiwYUdpbBi_IAT5TKkzxgY6h9YBZxocKuReHlGdOb39ZmPBBdG15D0EnBqpEIR0rFIBXPq4KnyH8Q1al8DPjXTQWnOUIsiEWmqc7i2TGgVwo701CswRbQDjDbTMeneWw41AYBahq85cUED13J9tQtKSpOX_zQmPaIMe6UEZ8-hAyUfsETprUXuQh1bhRYvR6hlc17bG-t4OizScaAx_eR2sBDZGOynQxpW1CXEKavGJBdQEeh4hyv1vWhKag7eIEDhGnp8oKXJSbIaHVTo-XAKf-Cf_wVolq9llyYqSDSVl2v-F88b8xsbamIR_DE5_CLxi9gr81poDk7pflJYZCGmRe2Nlb8R88GR_kDQPCXLZgU8erYajkSLoIHQVUiy7ezVVMftySuoeoh8DsgyD8BoAXm8DsOg7qyHtP5Pl9ppWQuguhoHuxkOlmdRcdQKBZBvnhTRJQ7JP_cZr3iORwO8RSLaF9GlZ9z9nCmHOxrlHIPQOZul5prVS-zpCUR6T2ZpDRM9KIHQuyHyjQymkG7CjqG-JoITuxuB9LGI8qh8T8b6GAP59Gl4mWlredVKJmJpDQsJJ-iZk9LQe0zjbdlpgKD4ipPTtjI01H27vgsGOb8L_5ihhasAxPWCG2f7TlWeyck6ycpYFxbbTXh4Q0FoTjyDebyKcH-7RxupYK3MKU3SWL_NVtsiXgy9C9dYmVHyw2Fp0fY2UGkI9A0KXUntClyQtH77e35c__Rpgvp5l3Q0XxXithdlR9HS8R26TT8s3FpyeGWZFr_lisX9L838n-Qb3l5IHx46S81W4jlApAydjlfjnXn1hxqnca2Mx3BMk217fGd92NPNvrhdn-XDNnZ8Hpa9uvku9eC8tvovg382d38bd11l0Nf6B9d4LE7wbp__JI-oQkysHLFKQLpqswcuZhhL1GfCpRd43Eq8NDFW3D62UFLHJCFwWKbjGdEoEB3PW7RsfehqySPuWcYxmWXu04JBZ3sTWNfpGutjIffnyy33wv-kpCBN6TR_6KwFMP4NH5x34hnngsb-K7RBzkcbFA69anXv2XGHoo2Rs1pD5zmKP0jAHfdqhvvRTKJKJWGeiyAo2wfVsmS-WWZpl-aRZI2W1EEVVzDjWS5oWFFOeF1XG6iyvisVErmlK5-k8Xc1WczrLk1oslkVRV0WFXNQzTvIUD0yqsRGfSOc6XM-yYkZXE8UqVG54EdB4gjg7vAjYddg0rbq9I3kaguUuMF56Fd8g3FgF5lsglN48GUpBGOzln4x9jF1uDNaks2p9_eawl77pqoSbQzC3Op7_TVtrfkfuCd1FmqGLH3Qc1_SvAAAA__9Fwu-6">