[PATCH] D33910: [ubsan] Detect invalid unsigned pointer index expression (clang)

Vedant Kumar via cfe-commits cfe-commits at lists.llvm.org
Mon Jun 12 13:17:52 PDT 2017


> On Jun 12, 2017, at 12:34 PM, Eli Friedman via Phabricator <reviews at reviews.llvm.org> wrote:
> 
> efriedma added inline comments.
> 
> 
> ================
> Comment at: cfe/trunk/lib/CodeGen/CGExprScalar.cpp:2666
> +  bool isSigned = indexOperand->getType()->isSignedIntegerOrEnumerationType();
> +  bool mayHaveNegativeGEPIndex = isSigned || isSubtraction;
> +
> ----------------
> This logic doesn't look quite right; what happens here if you write "p - SIZE_MAX"?

This check is here in order to prevent false positives on expressions such as: "p - 1ULL".

We fail to diagnose the overflow in "p - SIZE_MAX" both before and after r305216 because we turn it into a GEP which does "p + 1" too early. EmitCheckedGEP doesn't "know" that it's invalid for the result of the GEP to be greater than "p". I'll file a bug about this.

vedant

> 
> 
> Repository:
>  rL LLVM
> 
> https://reviews.llvm.org/D33910
> 
> 
> 



More information about the cfe-commits mailing list