[cfe-dev] request for comments on patch: detecting integer undefined behaviors

John Regehr regehr at cs.utah.edu
Tue Aug 24 07:22:21 PDT 2010


Hi Clang folks,

Attached is my student Peng Li's patch to Clang for detecting integer
undefined behaviors.  It will complain, for example, about C or C++ code
that evaluates any of:

  -INT_MIN
  INT_MAX+1
  2*INT_MAX
  x>>-1
  x/0

These behaviors are undefined in all modern C/C++ variants.
Additionally, C99 and C++0x make lots of harmless-looking signed
left-shifts into undefined behavior. For example, 1<<31 is undefined
when sizeof(int)==4 because the result cannot be represented as a signed
32-bit quantity. Peng's patch has separate flags for the basic checks
and for the more aggressive C99/C++0x checks.

It also takes a flag for whether to use explicit checks or LLVM's
x.with.overflow intrinsics.  The intrinsics (off by default) are faster
but not as well tested.

We'd like to get this integrated into Clang; please let us know if that
might happen and if so, what kind of changes we'll need to make.

Clang's generated code should not change at all if checking is not
requested.

Currently, we require a trap handler object file (source code also
attached) to be placed in /usr/local/lib or similar. We should move this
into LLVM somewhere, obviously, and would appreciate advice about
where/how to do that.

This checker has found problems in many applications including OpenSSL,
Perl, Python, PHP, BIND, and LLVM itself.  My guess is that once a Clang
with this checker is released, it will generate a significant number of
new Clang users.  We've already had a number of people ask for the tool.

John Regehr
-------------- next part --------------
A non-text attachment was scrubbed...
Name: trap_handler_onefile.c
Type: text/x-csrc
Size: 18043 bytes
Desc: not available
URL: <http://lists.llvm.org/pipermail/cfe-dev/attachments/20100824/0c665858/attachment.c>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: clang-standalone-111903.patch
Type: text/x-patch
Size: 59998 bytes
Desc: not available
URL: <http://lists.llvm.org/pipermail/cfe-dev/attachments/20100824/0c665858/attachment.bin>
-------------- next part --------------
An embedded and charset-unspecified text was scrubbed...
Name: README
URL: <http://lists.llvm.org/pipermail/cfe-dev/attachments/20100824/0c665858/attachment.ksh>


More information about the cfe-dev mailing list