[PATCH] D131979: [clang][UBSan] Fix __builtin_assume_aligned crash
John McCall via Phabricator via cfe-commits
cfe-commits at lists.llvm.org
Tue Aug 23 10:17:29 PDT 2022
rjmccall added a comment.
In D131979#3742399 <https://reviews.llvm.org/D131979#3742399>, @yihanaa wrote:
> As far as I know, turning on the -fsanitizer=alignment options when calling __builtin_assume_aligned in C code, if
> the 1st arg has volatile qualifier, Clang will emit "call void @__ubsan_handle_alignment_assumption(...)" in CodeGen,
> else Clang will emit an warning and ignore "call void @__ubsan_handle_alignment_assumption(...)". But the same situation in C++,
> Clang will generate an error in Sema.
Honestly, that sounds like bad behavior, exactly what you'd get if Sema naively tried to force a conversion to some specific pointer type like `void*` instead of converting it to an r-value and then requiring it to have pointer type. This is a fairly common bug for builtins that behave as if they were overloaded; the fix is to give the builtin custom type-checking so that it will work correctly with unusual qualifiers like address spaces and `restrict`. I can walk you through that, but you can start by looking at what `SemaBuiltinAtomicOverloaded` does for its pointer argument.
If we want IRGen to not emit a check for pointers to `volatile`, that's an easy check to do in IRGen if we set the AST up properly in the first place.
John.
> So I think, in order to keep this patch consistent with recent version of Clang and GCC behavior, when compile C code, Clang
> should not directly emit an error and exit in Sema, but should check the 1st arg's volatile qualifier in CodeGen and decide
> whether to emit "call void @__ubsan_handle_alignment_assumption(...)".
>
> But, I agree to use other ways to replace use getSubExprAsWritten() in CodeGen to check the 1st arg 'isVolatile', what do you all think about?
>
> For more information about UBSan, see https://clang.llvm.org/docs/UndefinedBehaviorSanitizer.html and search 'volatile' on this website.
>
> "The null, alignment, object-size, local-bounds, and vptr checks do not apply to pointers to types with the volatile qualifier."
> C https://godbolt.org/z/xv35fG14r
> C++ https://godbolt.org/z/qfje6sErE
Honestly,
Repository:
rG LLVM Github Monorepo
CHANGES SINCE LAST ACTION
https://reviews.llvm.org/D131979/new/
https://reviews.llvm.org/D131979
More information about the cfe-commits
mailing list