[PATCH] D54771: [compiler-rt][UBSan] silence_unsigned_overflow: do *NOT* ignore *fatal* unsigned overflows
Roman Lebedev via Phabricator via llvm-commits
llvm-commits at lists.llvm.org
Tue Nov 20 13:05:59 PST 2018
lebedev.ri created this revision.
lebedev.ri added reviewers: kcc, Dor1s, Sanitizers, filcab, vsk, kubamracek.
lebedev.ri added a project: Sanitizers.
Herald added a subscriber: dberris.
https://reviews.llvm.org/D48660 / https://reviews.llvm.org/rL335762 added a `silence_unsigned_overflow` env flag for oss-fuzz needs <https://github.com/google/oss-fuzz/pull/1717>,
that allows to silence the reports from unsigned overflows.
It makes sense, it is there because `-fsanitize=integer` sanitizer is not enabled on oss-fuzz,
so this allows to still use it as an interestingness signal, without getting the actual reports.
However there is a slight problem here.
All types of unsigned overflows are ignored.
Even if `-fno-sanitize-recover=unsigned` was used (which means the program will die after the report)
there will still be no report, the program will just silently die.
At the moment there are just two projects on oss-fuzz that care:
- libc++ <https://github.com/google/oss-fuzz/blob/8eeffa627f937040aaf8ba1b7d93f43f77d74fb9/projects/llvm_libcxx/build.sh#L18-L20>
- RawSpeed <https://github.com/google/oss-fuzz/blob/8eeffa627f937040aaf8ba1b7d93f43f77d74fb9/projects/librawspeed/build.sh> (me)
I suppose this could be overridden there ^, but i really don't think this is intended behavior in any case..
Repository:
rCRT Compiler Runtime
https://reviews.llvm.org/D54771
Files:
lib/ubsan/ubsan_handlers.cc
test/ubsan/TestCases/Integer/no-recover.cpp
Index: test/ubsan/TestCases/Integer/no-recover.cpp
===================================================================
--- test/ubsan/TestCases/Integer/no-recover.cpp
+++ test/ubsan/TestCases/Integer/no-recover.cpp
@@ -1,7 +1,9 @@
// RUN: %clangxx -fsanitize=unsigned-integer-overflow %s -o %t && %run %t 2>&1 | FileCheck %s --check-prefix=RECOVER
// RUN: %clangxx -fsanitize=unsigned-integer-overflow -fno-sanitize-recover=all -fsanitize-recover=unsigned-integer-overflow %s -o %t && %run %t 2>&1 | FileCheck %s --check-prefix=RECOVER
// RUN: %env_ubsan_opts=silence_unsigned_overflow=1 %run %t 2>&1 | FileCheck %s --check-prefix=SILENT-RECOVER --allow-empty
-// RUN: %clangxx -fsanitize=unsigned-integer-overflow -fno-sanitize-recover=unsigned-integer-overflow %s -o %t && not %run %t 2>&1 | FileCheck %s --check-prefix=ABORT
+// RUN: %clangxx -fsanitize=unsigned-integer-overflow -fno-sanitize-recover=unsigned-integer-overflow %s -o %t
+// RUN: not %run %t 2>&1 | FileCheck %s --check-prefix=ABORT
+// RUN: %env_ubsan_opts=silence_unsigned_overflow=1 not %run %t 2>&1 | FileCheck %s --check-prefix=ABORT
#include <stdint.h>
Index: lib/ubsan/ubsan_handlers.cc
===================================================================
--- lib/ubsan/ubsan_handlers.cc
+++ lib/ubsan/ubsan_handlers.cc
@@ -119,7 +119,9 @@
if (ignoreReport(Loc, Opts, ET))
return;
- if (!IsSigned && flags()->silence_unsigned_overflow)
+ // If this is an unsigned overflow in non-fatal mode, potentially ignore it.
+ if (!IsSigned && !Opts.FromUnrecoverableHandler &&
+ flags()->silence_unsigned_overflow)
return;
ScopedReport R(Opts, Loc, ET);
-------------- next part --------------
A non-text attachment was scrubbed...
Name: D54771.174825.patch
Type: text/x-patch
Size: 1656 bytes
Desc: not available
URL: <http://lists.llvm.org/pipermail/llvm-commits/attachments/20181120/13d2c73f/attachment.bin>
More information about the llvm-commits
mailing list