[compiler-rt] r304461 - [ubsan] Runtime support for pointer overflow checking
Vedant Kumar via llvm-commits
llvm-commits at lists.llvm.org
Thu Jun 1 12:41:00 PDT 2017
Author: vedantk
Date: Thu Jun 1 14:40:59 2017
New Revision: 304461
URL: http://llvm.org/viewvc/llvm-project?rev=304461&view=rev
Log:
[ubsan] Runtime support for pointer overflow checking
Patch by John Regehr and Will Dietz!
Differential Revision: https://reviews.llvm.org/D20323
Added:
compiler-rt/trunk/test/ubsan/TestCases/Pointer/
compiler-rt/trunk/test/ubsan/TestCases/Pointer/index-overflow.cpp
Modified:
compiler-rt/trunk/lib/ubsan/ubsan_checks.inc
compiler-rt/trunk/lib/ubsan/ubsan_handlers.cc
compiler-rt/trunk/lib/ubsan/ubsan_handlers.h
compiler-rt/trunk/lib/ubsan/ubsan_interface.inc
Modified: compiler-rt/trunk/lib/ubsan/ubsan_checks.inc
URL: http://llvm.org/viewvc/llvm-project/compiler-rt/trunk/lib/ubsan/ubsan_checks.inc?rev=304461&r1=304460&r2=304461&view=diff
==============================================================================
--- compiler-rt/trunk/lib/ubsan/ubsan_checks.inc (original)
+++ compiler-rt/trunk/lib/ubsan/ubsan_checks.inc Thu Jun 1 14:40:59 2017
@@ -19,6 +19,7 @@
UBSAN_CHECK(GenericUB, "undefined-behavior", "undefined")
UBSAN_CHECK(NullPointerUse, "null-pointer-use", "null")
+UBSAN_CHECK(PointerOverflow, "pointer-overflow", "pointer-overflow")
UBSAN_CHECK(MisalignedPointerUse, "misaligned-pointer-use", "alignment")
UBSAN_CHECK(InsufficientObjectSize, "insufficient-object-size", "object-size")
UBSAN_CHECK(SignedIntegerOverflow, "signed-integer-overflow",
Modified: compiler-rt/trunk/lib/ubsan/ubsan_handlers.cc
URL: http://llvm.org/viewvc/llvm-project/compiler-rt/trunk/lib/ubsan/ubsan_handlers.cc?rev=304461&r1=304460&r2=304461&view=diff
==============================================================================
--- compiler-rt/trunk/lib/ubsan/ubsan_handlers.cc (original)
+++ compiler-rt/trunk/lib/ubsan/ubsan_handlers.cc Thu Jun 1 14:40:59 2017
@@ -554,6 +554,37 @@ void __ubsan::__ubsan_handle_nullability
Die();
}
+static void handlePointerOverflowImpl(PointerOverflowData *Data,
+ ValueHandle Base,
+ ValueHandle Result,
+ ReportOptions Opts) {
+ SourceLocation Loc = Data->Loc.acquire();
+ ErrorType ET = ErrorType::PointerOverflow;
+
+ if (ignoreReport(Loc, Opts, ET))
+ return;
+
+ ScopedReport R(Opts, Loc, ET);
+
+ Diag(Loc, DL_Error, "pointer index expression with base %0 overflowed to %1")
+ << (void *)Base << (void*)Result;
+}
+
+void __ubsan::__ubsan_handle_pointer_overflow(PointerOverflowData *Data,
+ ValueHandle Base,
+ ValueHandle Result) {
+ GET_REPORT_OPTIONS(false);
+ handlePointerOverflowImpl(Data, Base, Result, Opts);
+}
+
+void __ubsan::__ubsan_handle_pointer_overflow_abort(PointerOverflowData *Data,
+ ValueHandle Base,
+ ValueHandle Result) {
+ GET_REPORT_OPTIONS(true);
+ handlePointerOverflowImpl(Data, Base, Result, Opts);
+ Die();
+}
+
static void handleCFIBadIcall(CFICheckFailData *Data, ValueHandle Function,
ReportOptions Opts) {
if (Data->CheckKind != CFITCK_ICall)
Modified: compiler-rt/trunk/lib/ubsan/ubsan_handlers.h
URL: http://llvm.org/viewvc/llvm-project/compiler-rt/trunk/lib/ubsan/ubsan_handlers.h?rev=304461&r1=304460&r2=304461&view=diff
==============================================================================
--- compiler-rt/trunk/lib/ubsan/ubsan_handlers.h (original)
+++ compiler-rt/trunk/lib/ubsan/ubsan_handlers.h Thu Jun 1 14:40:59 2017
@@ -152,6 +152,13 @@ struct NonNullArgData {
RECOVERABLE(nonnull_arg, NonNullArgData *Data)
RECOVERABLE(nullability_arg, NonNullArgData *Data)
+struct PointerOverflowData {
+ SourceLocation Loc;
+};
+
+RECOVERABLE(pointer_overflow, PointerOverflowData *Data, ValueHandle Base,
+ ValueHandle Result)
+
/// \brief Known CFI check kinds.
/// Keep in sync with the enum of the same name in CodeGenFunction.h
enum CFITypeCheckKind : unsigned char {
Modified: compiler-rt/trunk/lib/ubsan/ubsan_interface.inc
URL: http://llvm.org/viewvc/llvm-project/compiler-rt/trunk/lib/ubsan/ubsan_interface.inc?rev=304461&r1=304460&r2=304461&view=diff
==============================================================================
--- compiler-rt/trunk/lib/ubsan/ubsan_interface.inc (original)
+++ compiler-rt/trunk/lib/ubsan/ubsan_interface.inc Thu Jun 1 14:40:59 2017
@@ -36,6 +36,8 @@ INTERFACE_FUNCTION(__ubsan_handle_nullab
INTERFACE_FUNCTION(__ubsan_handle_nullability_return_abort)
INTERFACE_FUNCTION(__ubsan_handle_out_of_bounds)
INTERFACE_FUNCTION(__ubsan_handle_out_of_bounds_abort)
+INTERFACE_FUNCTION(__ubsan_handle_pointer_overflow)
+INTERFACE_FUNCTION(__ubsan_handle_pointer_overflow_abort)
INTERFACE_FUNCTION(__ubsan_handle_shift_out_of_bounds)
INTERFACE_FUNCTION(__ubsan_handle_shift_out_of_bounds_abort)
INTERFACE_FUNCTION(__ubsan_handle_sub_overflow)
Added: compiler-rt/trunk/test/ubsan/TestCases/Pointer/index-overflow.cpp
URL: http://llvm.org/viewvc/llvm-project/compiler-rt/trunk/test/ubsan/TestCases/Pointer/index-overflow.cpp?rev=304461&view=auto
==============================================================================
--- compiler-rt/trunk/test/ubsan/TestCases/Pointer/index-overflow.cpp (added)
+++ compiler-rt/trunk/test/ubsan/TestCases/Pointer/index-overflow.cpp Thu Jun 1 14:40:59 2017
@@ -0,0 +1,19 @@
+// RUN: %clangxx -fsanitize=pointer-overflow %s -o %t
+// RUN: %t 1 2>&1 | FileCheck %s --check-prefix=ERR
+// RUN: %t 0 2>&1 | FileCheck %s --check-prefix=SAFE
+// RUN: %t -1 2>&1 | FileCheck %s --check-prefix=SAFE
+
+#include <stdio.h>
+#include <stdint.h>
+#include <stdlib.h>
+
+int main(int argc, char *argv[]) {
+ // SAFE-NOT: runtime error
+ // ERR: runtime error: pointer index expression with base {{.*}} overflowed to
+
+ char *p = (char *)(UINTPTR_MAX);
+
+ printf("%p\n", p + atoi(argv[1]));
+
+ return 0;
+}
More information about the llvm-commits
mailing list