[PATCH] Annotate our UB to sneak it past the sanitizers
Justin Bogner via llvm-commits
llvm-commits at lists.llvm.org
Fri Feb 26 14:56:20 PST 2016
Alexey Samsonov <vonosmas at gmail.com> writes:
> What are the failures you observe? We're running an UBSan bootstrap on our
> buildbot, and it's usually green:
> http://lab.llvm.org:8011/builders/sanitizer-x86_64-linux-bootstrap/builds/11059
Is that running without any blacklists? These are both the undefined
behaviour in ilist_node and how we use it, ie:
runtime error: downcast of address XXX with insufficient space for an object of type 'llvm::MachineBasicBlock'
This is because "Sentinel" in both of these functions is an
ilist_half_node, which is certainly not large enough.
It's certainly been necessary to blacklist MachineFunction on darwin
since at least October, though the bug existed and wasn't caught by
ubsan before that:
http://lists.llvm.org/pipermail/llvm-dev/2015-October/091115.html
The one in MemorySSA just started hitting a month or so ago.
> On Thu, Feb 25, 2016 at 2:42 PM, Kostya Serebryany <kcc at google.com> wrote:
>
>> Sounds very scary.
>> At the very least we should specify which flavor of UB we allow here (not
>> just all of it)
The macro expands to no_sanitize("undefined") right now - does
no_sanitize take a more specific argument?
> +1 I would prefer LLVM_NO_SANITIZE("kind") macro.
Sure. I'll update the patch.
>> And then comment why exactly we allow it.
>>
>
> Or leave a link to PR for eventually fixing this UB.
Apparently a PR for this never got filed, though I know Duncan's done
some work towards fixing it. I filed llvm.org/PR26753 just now.
>
>> On Thu, Feb 25, 2016 at 1:19 PM, Justin Bogner <mail at justinbogner.com>
>> wrote:
>>
>>> Attached patch silences -fsanitize=undefined wrt the UB we have for
>>> ilist node sentinels. Okay to commit?
>>>
>>>
>>
More information about the llvm-commits
mailing list