From 2d382d149b442b928fd3fb8edcc8d82ea9325872 Mon Sep 17 00:00:00 2001
From: Will Dietz <wdietz2@illinois.edu>
Date: Sun, 30 Dec 2012 20:53:28 +0000
Subject: [PATCH] [ubsan] Recover by default, use -fno-sanitize-recover to
disable.
git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@171264 91177308-0d34-0410-b5e6-96231b3b80d8
---
include/clang/Driver/CC1Options.td | 2 --
include/clang/Driver/Options.td | 5 ++++
include/clang/Frontend/CodeGenOptions.def | 2 +-
lib/Driver/Tools.cpp | 5 ++++
lib/Frontend/CompilerInvocation.cpp | 2 +-
test/CodeGen/catch-undef-behavior.c | 36 +++++++++++------------
test/CodeGen/sanitize-recover.c | 4 +--
test/CodeGenCXX/catch-undef-behavior.cpp | 12 ++++----
test/Driver/fsanitize.c | 8 +++++
9 files changed, 46 insertions(+), 30 deletions(-)
diff --git a/include/clang/Driver/CC1Options.td b/include/clang/Driver/CC1Options.td
index b50e64f1416..af06f2ee915 100644
--- a/include/clang/Driver/CC1Options.td
+++ b/include/clang/Driver/CC1Options.td
@@ -201,8 +201,6 @@ def mconstructor_aliases : Flag<["-"], "mconstructor-aliases">,
HelpText<"Emit complete constructors and destructors as aliases when possible">;
def mlink_bitcode_file : Separate<["-"], "mlink-bitcode-file">,
HelpText<"Link the given bitcode file before performing optimizations.">;
-def fsanitize_recover : Flag<["-"], "fsanitize-recover">,
- HelpText<"Attempt to recover from failed sanitizer checks when possible">;
//===----------------------------------------------------------------------===//
// Dependency Output Options
diff --git a/include/clang/Driver/Options.td b/include/clang/Driver/Options.td
index 6176f97ab8b..685911fbcaf 100644
--- a/include/clang/Driver/Options.td
+++ b/include/clang/Driver/Options.td
@@ -404,6 +404,11 @@ def fsanitize_memory_track_origins : Flag<["-"], "fsanitize-memory-track-origins
def fno_sanitize_memory_track_origins : Flag<["-"], "fno-sanitize-memory-track-origins">,
Group<f_clang_Group>,
HelpText<"Disable origins tracking in MemorySanitizer">;
+def fsanitize_recover : Flag<["-"], "fsanitize-recover">,
+ Group<f_clang_Group>;
+def fno_sanitize_recover : Flag<["-"], "fno-sanitize-recover">,
+ Group<f_clang_Group>, Flags<[CC1Option]>,
+ HelpText<"Disable sanitizer check recovery">;
def funsafe_math_optimizations : Flag<["-"], "funsafe-math-optimizations">,
Group<f_Group>;
def fno_unsafe_math_optimizations : Flag<["-"], "fno-unsafe-math-optimizations">,
diff --git a/include/clang/Frontend/CodeGenOptions.def b/include/clang/Frontend/CodeGenOptions.def
index 7f1d7613cb2..97551279c48 100644
--- a/include/clang/Frontend/CodeGenOptions.def
+++ b/include/clang/Frontend/CodeGenOptions.def
@@ -127,7 +127,7 @@ ENUM_CODEGENOPT(Inlining, InliningMethod, 2, NoInlining)
/// The default TLS model to use.
ENUM_CODEGENOPT(DefaultTLSModel, TLSModel, 2, GeneralDynamicTLSModel)
-CODEGENOPT(SanitizeRecover, 1, 0) ///< Attempt to recover from sanitizer checks
+CODEGENOPT(SanitizeRecover, 1, 1) ///< Attempt to recover from sanitizer checks
///< by continuing execution when possible
#undef CODEGENOPT
diff --git a/lib/Driver/Tools.cpp b/lib/Driver/Tools.cpp
index 24bdb12cc90..ed012931bdb 100644
--- a/lib/Driver/Tools.cpp
+++ b/lib/Driver/Tools.cpp
@@ -2480,6 +2480,11 @@ void Clang::ConstructJob(Compilation &C, const JobAction &JA,
SanitizerArgs Sanitize(D, Args);
Sanitize.addArgs(Args, CmdArgs);
+ if (!Args.hasFlag(options::OPT_fsanitize_recover,
+ options::OPT_fno_sanitize_recover,
+ true))
+ CmdArgs.push_back("-fno-sanitize-recover");
+
// Report and error for -faltivec on anything other then PowerPC.
if (const Arg *A = Args.getLastArg(options::OPT_faltivec))
if (!(getToolChain().getTriple().getArch() == llvm::Triple::ppc ||
diff --git a/lib/Frontend/CompilerInvocation.cpp b/lib/Frontend/CompilerInvocation.cpp
index 96e2a75a5f3..ed5d2fb720f 100644
--- a/lib/Frontend/CompilerInvocation.cpp
+++ b/lib/Frontend/CompilerInvocation.cpp
@@ -392,7 +392,7 @@ static bool ParseCodeGenArgs(CodeGenOptions &Opts, ArgList &Args, InputKind IK,
Opts.MainFileName = Args.getLastArgValue(OPT_main_file_name);
Opts.VerifyModule = !Args.hasArg(OPT_disable_llvm_verifier);
- Opts.SanitizeRecover = Args.hasArg(OPT_fsanitize_recover);
+ Opts.SanitizeRecover = !Args.hasArg(OPT_fno_sanitize_recover);
Opts.InstrumentFunctions = Args.hasArg(OPT_finstrument_functions);
Opts.InstrumentForProfiling = Args.hasArg(OPT_pg);
diff --git a/test/CodeGen/catch-undef-behavior.c b/test/CodeGen/catch-undef-behavior.c
index 302ff2ee497..d0b6d1969bd 100644
--- a/test/CodeGen/catch-undef-behavior.c
+++ b/test/CodeGen/catch-undef-behavior.c
@@ -41,12 +41,12 @@ void foo() {
// CHECK-NEXT: br i1 %[[OK]], {{.*}} !prof ![[WEIGHT_MD:.*]]
// CHECK: %[[ARG:.*]] = ptrtoint {{.*}} %[[PTR]] to i64
- // CHECK-NEXT: call void @__ubsan_handle_type_mismatch_abort(i8* bitcast ({{.*}} @[[LINE_100]] to i8*), i64 %[[ARG]]) noreturn nounwind
+ // CHECK-NEXT: call void @__ubsan_handle_type_mismatch(i8* bitcast ({{.*}} @[[LINE_100]] to i8*), i64 %[[ARG]])
// With -fsanitize=null, only perform the null check.
// CHECK-NULL: %[[NULL:.*]] = icmp ne {{.*}}, null
// CHECK-NULL: br i1 %[[NULL]]
- // CHECK-NULL: call void @__ubsan_handle_type_mismatch_abort(i8* bitcast ({{.*}} @[[LINE_100]] to i8*), i64 %{{.*}}) noreturn nounwind
+ // CHECK-NULL: call void @__ubsan_handle_type_mismatch(i8* bitcast ({{.*}} @[[LINE_100]] to i8*), i64 %{{.*}})
#line 100
u.i=1;
}
@@ -61,7 +61,7 @@ int bar(int *a) {
// CHECK-NEXT: icmp eq i64 %[[MISALIGN]], 0
// CHECK: %[[ARG:.*]] = ptrtoint
- // CHECK-NEXT: call void @__ubsan_handle_type_mismatch_abort(i8* bitcast ({{.*}} @[[LINE_200]] to i8*), i64 %[[ARG]]) noreturn nounwind
+ // CHECK-NEXT: call void @__ubsan_handle_type_mismatch(i8* bitcast ({{.*}} @[[LINE_200]] to i8*), i64 %[[ARG]])
#line 200
return *a;
}
@@ -80,7 +80,7 @@ int lsh_overflow(int a, int b) {
// FIXME: Only emit one trap block here.
// CHECK: %[[ARG1:.*]] = zext
// CHECK-NEXT: %[[ARG2:.*]] = zext
- // CHECK-NEXT: call void @__ubsan_handle_shift_out_of_bounds_abort(i8* bitcast ({{.*}} @[[LINE_300_A]] to i8*), i64 %[[ARG1]], i64 %[[ARG2]]) noreturn nounwind
+ // CHECK-NEXT: call void @__ubsan_handle_shift_out_of_bounds(i8* bitcast ({{.*}} @[[LINE_300_A]] to i8*), i64 %[[ARG1]], i64 %[[ARG2]])
// CHECK: %[[SHIFTED_OUT_WIDTH:.*]] = sub nuw nsw i32 31, %[[RHS]]
// CHECK-NEXT: %[[SHIFTED_OUT:.*]] = lshr i32 %[[LHS:.*]], %[[SHIFTED_OUT_WIDTH]]
@@ -89,7 +89,7 @@ int lsh_overflow(int a, int b) {
// CHECK: %[[ARG1:.*]] = zext
// CHECK-NEXT: %[[ARG2:.*]] = zext
- // CHECK-NEXT: call void @__ubsan_handle_shift_out_of_bounds_abort(i8* bitcast ({{.*}} @[[LINE_300_B]] to i8*), i64 %[[ARG1]], i64 %[[ARG2]]) noreturn nounwind
+ // CHECK-NEXT: call void @__ubsan_handle_shift_out_of_bounds(i8* bitcast ({{.*}} @[[LINE_300_B]] to i8*), i64 %[[ARG1]], i64 %[[ARG2]])
// CHECK: %[[RET:.*]] = shl i32 %[[LHS]], %[[RHS]]
// CHECK-NEXT: ret i32 %[[RET]]
@@ -104,7 +104,7 @@ int rsh_inbounds(int a, int b) {
// CHECK: %[[ARG1:.*]] = zext
// CHECK-NEXT: %[[ARG2:.*]] = zext
- // CHECK-NEXT: call void @__ubsan_handle_shift_out_of_bounds_abort(i8* bitcast ({{.*}} @[[LINE_400]] to i8*), i64 %[[ARG1]], i64 %[[ARG2]]) noreturn nounwind
+ // CHECK-NEXT: call void @__ubsan_handle_shift_out_of_bounds(i8* bitcast ({{.*}} @[[LINE_400]] to i8*), i64 %[[ARG1]], i64 %[[ARG2]])
// CHECK: %[[RET:.*]] = ashr i32 %[[LHS]], %[[RHS]]
// CHECK-NEXT: ret i32 %[[RET]]
@@ -114,14 +114,14 @@ int rsh_inbounds(int a, int b) {
// CHECK: @load
int load(int *p) {
- // CHECK: call void @__ubsan_handle_type_mismatch_abort(i8* bitcast ({{.*}} @[[LINE_500]] to i8*), i64 %{{.*}}) noreturn nounwind
+ // CHECK: call void @__ubsan_handle_type_mismatch(i8* bitcast ({{.*}} @[[LINE_500]] to i8*), i64 %{{.*}})
#line 500
return *p;
}
// CHECK: @store
void store(int *p, int q) {
- // CHECK: call void @__ubsan_handle_type_mismatch_abort(i8* bitcast ({{.*}} @[[LINE_600]] to i8*), i64 %{{.*}}) noreturn nounwind
+ // CHECK: call void @__ubsan_handle_type_mismatch(i8* bitcast ({{.*}} @[[LINE_600]] to i8*), i64 %{{.*}})
#line 600
*p = q;
}
@@ -130,7 +130,7 @@ struct S { int k; };
// CHECK: @member_access
int *member_access(struct S *p) {
- // CHECK: call void @__ubsan_handle_type_mismatch_abort(i8* bitcast ({{.*}} @[[LINE_700]] to i8*), i64 %{{.*}}) noreturn nounwind
+ // CHECK: call void @__ubsan_handle_type_mismatch(i8* bitcast ({{.*}} @[[LINE_700]] to i8*), i64 %{{.*}})
#line 700
return &p->k;
}
@@ -139,7 +139,7 @@ int *member_access(struct S *p) {
int signed_overflow(int a, int b) {
// CHECK: %[[ARG1:.*]] = zext
// CHECK-NEXT: %[[ARG2:.*]] = zext
- // CHECK-NEXT: call void @__ubsan_handle_add_overflow_abort(i8* bitcast ({{.*}} @[[LINE_800]] to i8*), i64 %[[ARG1]], i64 %[[ARG2]]) noreturn nounwind
+ // CHECK-NEXT: call void @__ubsan_handle_add_overflow(i8* bitcast ({{.*}} @[[LINE_800]] to i8*), i64 %[[ARG1]], i64 %[[ARG2]])
#line 800
return a + b;
}
@@ -159,7 +159,7 @@ void vla_bound(int n) {
// CHECK: icmp sgt i32 %[[PARAM:.*]], 0
//
// CHECK: %[[ARG:.*]] = zext i32 %[[PARAM]] to i64
- // CHECK-NEXT: call void @__ubsan_handle_vla_bound_not_positive_abort(i8* bitcast ({{.*}} @[[LINE_900]] to i8*), i64 %[[ARG]]) noreturn nounwind
+ // CHECK-NEXT: call void @__ubsan_handle_vla_bound_not_positive(i8* bitcast ({{.*}} @[[LINE_900]] to i8*), i64 %[[ARG]])
#line 900
int arr[n * 3];
}
@@ -174,7 +174,7 @@ float int_float_no_overflow(__int128 n) {
float int_float_overflow(unsigned __int128 n) {
// This is 2**104. FLT_MAX is 2**128 - 2**104.
// CHECK: icmp ule i128 %{{.*}}, -20282409603651670423947251286016
- // CHECK: call void @__ubsan_handle_float_cast_overflow_abort(
+ // CHECK: call void @__ubsan_handle_float_cast_overflow(
return n;
}
@@ -183,7 +183,7 @@ void int_fp16_overflow(int n, __fp16 *p) {
// CHECK: %[[GE:.*]] = icmp sge i32 %{{.*}}, -65504
// CHECK: %[[LE:.*]] = icmp sle i32 %{{.*}}, 65504
// CHECK: and i1 %[[GE]], %[[LE]]
- // CHECK: call void @__ubsan_handle_float_cast_overflow_abort(
+ // CHECK: call void @__ubsan_handle_float_cast_overflow(
*p = n;
}
@@ -192,7 +192,7 @@ int float_int_overflow(float f) {
// CHECK: %[[GE:.*]] = fcmp oge float %[[F:.*]], 0xC1E0000000000000
// CHECK: %[[LE:.*]] = fcmp ole float %[[F]], 0x41DFFFFFE0000000
// CHECK: and i1 %[[GE]], %[[LE]]
- // CHECK: call void @__ubsan_handle_float_cast_overflow_abort(
+ // CHECK: call void @__ubsan_handle_float_cast_overflow(
return f;
}
@@ -201,7 +201,7 @@ unsigned float_uint_overflow(float f) {
// CHECK: %[[GE:.*]] = fcmp oge float %[[F:.*]], 0.{{0*}}e+00
// CHECK: %[[LE:.*]] = fcmp ole float %[[F]], 0x41EFFFFFE0000000
// CHECK: and i1 %[[GE]], %[[LE]]
- // CHECK: call void @__ubsan_handle_float_cast_overflow_abort(
+ // CHECK: call void @__ubsan_handle_float_cast_overflow(
return f;
}
@@ -210,7 +210,7 @@ signed char fp16_char_overflow(__fp16 *p) {
// CHECK: %[[GE:.*]] = fcmp oge float %[[F:.*]], -1.28{{0*}}e+02
// CHECK: %[[LE:.*]] = fcmp ole float %[[F]], 1.27{{0*}}e+02
// CHECK: and i1 %[[GE]], %[[LE]]
- // CHECK: call void @__ubsan_handle_float_cast_overflow_abort(
+ // CHECK: call void @__ubsan_handle_float_cast_overflow(
return *p;
}
@@ -219,7 +219,7 @@ float float_float_overflow(double f) {
// CHECK: %[[GE:.*]] = fcmp oge double %[[F:.*]], 0xC7EFFFFFE0000000
// CHECK: %[[LE:.*]] = fcmp ole double %[[F]], 0x47EFFFFFE0000000
// CHECK: and i1 %[[GE]], %[[LE]]
- // CHECK: call void @__ubsan_handle_float_cast_overflow_abort(
+ // CHECK: call void @__ubsan_handle_float_cast_overflow(
return f;
}
@@ -251,7 +251,7 @@ int int_divide_overflow(int a, int b) {
_Bool sour_bool(_Bool *p) {
// CHECK: %[[OK:.*]] = icmp ule i8 {{.*}}, 1
// CHECK: br i1 %[[OK]]
- // CHECK: call void @__ubsan_handle_load_invalid_value_abort(i8* bitcast ({{.*}}), i64 {{.*}})
+ // CHECK: call void @__ubsan_handle_load_invalid_value(i8* bitcast ({{.*}}), i64 {{.*}})
return *p;
}
diff --git a/test/CodeGen/sanitize-recover.c b/test/CodeGen/sanitize-recover.c
index 49809286e26..3c9c8955381 100644
--- a/test/CodeGen/sanitize-recover.c
+++ b/test/CodeGen/sanitize-recover.c
@@ -1,5 +1,5 @@
-// RUN: %clang_cc1 -triple x86_64-apple-darwin10 -fsanitize=unsigned-integer-overflow -fsanitize-recover %s -emit-llvm -o - | FileCheck %s --check-prefix=RECOVER
-// RUN: %clang_cc1 -triple x86_64-apple-darwin10 -fsanitize=unsigned-integer-overflow %s -emit-llvm -o - | FileCheck %s --check-prefix=ABORT
+// RUN: %clang_cc1 -triple x86_64-apple-darwin10 -fsanitize=unsigned-integer-overflow %s -emit-llvm -o - | FileCheck %s --check-prefix=RECOVER
+// RUN: %clang_cc1 -triple x86_64-apple-darwin10 -fsanitize=unsigned-integer-overflow -fno-sanitize-recover %s -emit-llvm -o - | FileCheck %s --check-prefix=ABORT
// RECOVER: @test
diff --git a/test/CodeGenCXX/catch-undef-behavior.cpp b/test/CodeGenCXX/catch-undef-behavior.cpp
index 9fba80f268d..3a3536beace 100644
--- a/test/CodeGenCXX/catch-undef-behavior.cpp
+++ b/test/CodeGenCXX/catch-undef-behavior.cpp
@@ -73,7 +73,7 @@ void member_access(S *p) {
// CHECK-NEXT: icmp eq i64 %[[CACHEVAL]], %[[HASH]]
// CHECK-NEXT: br i1
- // CHECK: call void @__ubsan_handle_dynamic_type_cache_miss_abort({{.*}}, i64 %{{.*}}, i64 %[[HASH]])
+ // CHECK: call void @__ubsan_handle_dynamic_type_cache_miss({{.*}}, i64 %{{.*}}, i64 %[[HASH]])
// CHECK-NOT: unreachable
// CHECK: {{.*}}:
@@ -108,7 +108,7 @@ void member_access(S *p) {
// [...]
// CHECK: getelementptr inbounds [128 x i64]* @__ubsan_vptr_type_cache, i32 0, i64 %
// CHECK: br i1
- // CHECK: call void @__ubsan_handle_dynamic_type_cache_miss_abort({{.*}}, i64 %{{.*}}, i64 %{{.*}})
+ // CHECK: call void @__ubsan_handle_dynamic_type_cache_miss({{.*}}, i64 %{{.*}}, i64 %{{.*}})
// CHECK-NOT: unreachable
// CHECK: {{.*}}:
@@ -145,7 +145,7 @@ int no_return() {
bool sour_bool(bool *p) {
// CHECK: %[[OK:.*]] = icmp ule i8 {{.*}}, 1
// CHECK: br i1 %[[OK]]
- // CHECK: call void @__ubsan_handle_load_invalid_value_abort(i8* bitcast ({{.*}}), i64 {{.*}})
+ // CHECK: call void @__ubsan_handle_load_invalid_value(i8* bitcast ({{.*}}), i64 {{.*}})
return *p;
}
@@ -157,19 +157,19 @@ enum E3 { e3a = (1u << 31) - 1 } e3;
int bad_enum_value() {
// CHECK: %[[E1:.*]] = icmp ule i32 {{.*}}, 127
// CHECK: br i1 %[[E1]]
- // CHECK: call void @__ubsan_handle_load_invalid_value_abort(
+ // CHECK: call void @__ubsan_handle_load_invalid_value(
int a = e1;
// CHECK: %[[E2HI:.*]] = icmp sle i32 {{.*}}, 127
// CHECK: %[[E2LO:.*]] = icmp sge i32 {{.*}}, -128
// CHECK: %[[E2:.*]] = and i1 %[[E2HI]], %[[E2LO]]
// CHECK: br i1 %[[E2]]
- // CHECK: call void @__ubsan_handle_load_invalid_value_abort(
+ // CHECK: call void @__ubsan_handle_load_invalid_value(
int b = e2;
// CHECK: %[[E3:.*]] = icmp ule i32 {{.*}}, 2147483647
// CHECK: br i1 %[[E3]]
- // CHECK: call void @__ubsan_handle_load_invalid_value_abort(
+ // CHECK: call void @__ubsan_handle_load_invalid_value(
int c = e3;
return a + b + c;
}
diff --git a/test/Driver/fsanitize.c b/test/Driver/fsanitize.c
index da60b248839..dc7c8902fa8 100644
--- a/test/Driver/fsanitize.c
+++ b/test/Driver/fsanitize.c
@@ -64,3 +64,11 @@
// RUN: %clang -target arm-linux-androideabi -fsanitize=address %s -### 2>&1 | FileCheck %s --check-prefix=CHECK-ANDROID-ASAN-NO-PIE
// CHECK-ANDROID-ASAN-NO-PIE: AddressSanitizer on Android requires '-pie'
+
+// RUN: %clang -target x86_64-linux-gnu %s -### 2>&1 | FileCheck %s --check-prefix=CHECK-RECOVER
+// RUN: %clang -target x86_64-linux-gnu %s -fsanitize-recover -### 2>&1 | FileCheck %s --check-prefix=CHECK-RECOVER
+// RUN: %clang -target x86_64-linux-gnu %s -fno-sanitize-recover -### 2>&1 | FileCheck %s --check-prefix=CHECK-NO-RECOVER
+// RUN: %clang -target x86_64-linux-gnu %s -fno-sanitize-recover -fsanitize-recover -### 2>&1 | FileCheck %s --check-prefix=CHECK-RECOVER
+// RUN: %clang -target x86_64-linux-gnu %s -fsanitize-recover -fno-sanitize-recover -### 2>&1 | FileCheck %s --check-prefix=CHECK-NO-RECOVER
+// CHECK-RECOVER-NOT: sanitize-recover
+// CHECK-NO-RECOVER: "-fno-sanitize-recover"
--
GitLab