[PATCH] D131979: [clang][UBSan] Fix __builtin_assume_aligned crash

Wang Yihan via Phabricator via cfe-commits cfe-commits at lists.llvm.org
Wed Aug 24 06:29:59 PDT 2022 

yihanaa added a comment.

In D131979#3743127 <https://reviews.llvm.org/D131979#3743127>, @rjmccall wrote:

> In D131979#3742399 <https://reviews.llvm.org/D131979#3742399>, @yihanaa wrote:
>
>> As far as I know, turning on the -fsanitizer=alignment options when calling __builtin_assume_aligned in C code, if
>> the 1st arg has volatile qualifier, Clang will emit "call void @__ubsan_handle_alignment_assumption(...)" in CodeGen,
>> else Clang will emit an warning and ignore "call void @__ubsan_handle_alignment_assumption(...)". But the same situation in C++, 
>> Clang will generate an error in Sema.
>
> Honestly, that sounds like bad behavior, exactly what you'd get if Sema naively tried to force a conversion to some specific pointer type like `void*` instead of converting it to an r-value and then requiring it to have pointer type.  This is a fairly common bug for builtins that behave as if they were overloaded; the fix is to give the builtin custom type-checking so that it will work correctly with unusual qualifiers like address spaces and `restrict`.  I can walk you through that, but you can start by looking at what `SemaBuiltinAtomicOverloaded` does for its pointer argument.
>
> If we want IRGen to not emit a check for pointers to `volatile`, that's an easy check to do in IRGen if we set the AST up properly in the first place.
>
> John.
>
>> So I think, in order to keep this patch consistent with recent version of Clang and GCC behavior, when compile C code, Clang
>> should not directly emit an error and exit in Sema, but should check the 1st arg's volatile qualifier in CodeGen and decide 
>> whether to emit "call void @__ubsan_handle_alignment_assumption(...)".
>>
>> But, I agree to use other ways to replace use getSubExprAsWritten() in CodeGen to check the 1st arg 'isVolatile', what do you all think about?
>>
>> For more information about UBSan, see https://clang.llvm.org/docs/UndefinedBehaviorSanitizer.html and search 'volatile' on this website.
>>
>> "The null, alignment, object-size, local-bounds, and vptr checks do not apply to pointers to types with the volatile qualifier."
>> C https://godbolt.org/z/xv35fG14r
>> C++ https://godbolt.org/z/qfje6sErE
>
> Honestly,

I'm sorry I couldn't respond sooner.
Thanks for your reply john, I agree with you, and I'd like to try it if we check args in Sema.


Repository:
  rG LLVM Github Monorepo

CHANGES SINCE LAST ACTION
  https://reviews.llvm.org/D131979/new/

https://reviews.llvm.org/D131979

More information about the cfe-commits mailing list