[PATCH] D36810: Minimal runtime for UBSan.
Evgenii Stepanov via Phabricator via llvm-commits
llvm-commits at lists.llvm.org
Wed Aug 16 17:29:06 PDT 2017
eugenis created this revision.
Herald added subscribers: krytarowski, aprantl, mgorny, srhines.
An implementation of ubsan runtime library suitable for use in production.
Minimal attack surface.
- No stack traces.
- Definitely no C++ demangling.
- No UBSAN_OPTIONS=log_file=/path (very suid-unfriendly). And no UBSAN_OPTIONS in general.
- as simple as possible
Minimal CPU and RAM overhead.
- Source locations unnecessary in the presence of (split) debug info.
- Values and types (as in A+B overflows T) can be reconstructed from register/stack dumps, once you know what type of error you are looking at.
- above two items save 3% binary size.
When UBSan is used with -ftrap-function=abort, sometimes it is hard to reason about failures. This library replaces abort with a slightly more informative message without much extra overhead. Since ubsan interface in not stable, this code must reside in compiler-rt.
- Tests pending ***
https://reviews.llvm.org/D36810
Files:
clang/include/clang/Driver/Options.td
clang/include/clang/Driver/SanitizerArgs.h
clang/include/clang/Frontend/CodeGenOptions.def
clang/lib/CodeGen/CGExpr.cpp
clang/lib/Driver/SanitizerArgs.cpp
clang/lib/Driver/ToolChains/CommonArgs.cpp
clang/lib/Frontend/CompilerInvocation.cpp
compiler-rt/lib/CMakeLists.txt
compiler-rt/lib/ubsan_minimal/CMakeLists.txt
compiler-rt/lib/ubsan_minimal/ubsan.syms.extra
compiler-rt/lib/ubsan_minimal/ubsan_minimal_handlers.cc
-------------- next part --------------
A non-text attachment was scrubbed...
Name: D36810.111439.patch
Type: text/x-patch
Size: 11990 bytes
Desc: not available
URL: <http://lists.llvm.org/pipermail/llvm-commits/attachments/20170817/c6fe545d/attachment.bin>
More information about the llvm-commits
mailing list