HelpText<"Emit complete constructors and destructors as aliases when possible">;
def mlink_bitcode_file : Separate<["-"], "mlink-bitcode-file">,
HelpText<"Link the given bitcode file before performing optimizations.">;
+def fsanitize_recover : Flag<["-"], "fsanitize-recover">,
+ HelpText<"Attempt to recover from failed sanitizer checks when possible">;
//===----------------------------------------------------------------------===//
// Dependency Output Options
/// The default TLS model to use.
ENUM_CODEGENOPT(DefaultTLSModel, TLSModel, 2, GeneralDynamicTLSModel)
+CODEGENOPT(SanitizeRecover, 1, 0) ///< Attempt to recover from sanitizer checks
+ ///< by continuing execution when possible
+
#undef CODEGENOPT
#undef ENUM_CODEGENOPT
#undef VALUE_CODEGENOPT
if (getLangOpts().SanitizeUnreachable)
EmitCheck(Builder.getFalse(), "builtin_unreachable",
EmitCheckSourceLocation(E->getExprLoc()),
- llvm::ArrayRef<llvm::Value *>());
+ llvm::ArrayRef<llvm::Value *>(), CRK_Unrecoverable);
else
Builder.CreateUnreachable();
llvm::ConstantInt::get(SizeTy, AlignVal),
llvm::ConstantInt::get(Int8Ty, TCK)
};
- EmitCheck(Cond, "type_mismatch", StaticData, Address);
+ EmitCheck(Cond, "type_mismatch", StaticData, Address, CRK_Recoverable);
}
// If possible, check that the vptr indicates that there is a subobject of
};
llvm::Value *DynamicData[] = { Address, Hash };
EmitCheck(Builder.CreateICmpEQ(CacheVal, Hash),
- "dynamic_type_cache_miss", StaticData, DynamicData, true);
+ "dynamic_type_cache_miss", StaticData, DynamicData,
+ CRK_AlwaysRecoverable);
}
}
void CodeGenFunction::EmitCheck(llvm::Value *Checked, StringRef CheckName,
llvm::ArrayRef<llvm::Constant *> StaticArgs,
llvm::ArrayRef<llvm::Value *> DynamicArgs,
- bool Recoverable) {
+ CheckRecoverableKind RecoverKind) {
llvm::BasicBlock *Cont = createBasicBlock("cont");
llvm::BasicBlock *Handler = createBasicBlock("handler." + CheckName);
ArgTypes.push_back(IntPtrTy);
}
+ bool Recover = (RecoverKind == CRK_AlwaysRecoverable) ||
+ ((RecoverKind == CRK_Recoverable) &&
+ CGM.getCodeGenOpts().SanitizeRecover);
+
llvm::FunctionType *FnType =
llvm::FunctionType::get(CGM.VoidTy, ArgTypes, false);
llvm::AttrBuilder B;
- if (!Recoverable) {
+ if (!Recover) {
B.addAttribute(llvm::Attributes::NoReturn)
.addAttribute(llvm::Attributes::NoUnwind);
}
B.addAttribute(llvm::Attributes::UWTable);
- llvm::Value *Fn = CGM.CreateRuntimeFunction(FnType,
- ("__ubsan_handle_" + CheckName).str(),
+
+ // Checks that have two variants use a suffix to differentiate them
+ bool NeedsAbortSuffix = (RecoverKind != CRK_Unrecoverable) &&
+ !CGM.getCodeGenOpts().SanitizeRecover;
+ Twine FunctionName = "__ubsan_handle_" + CheckName +
+ Twine(NeedsAbortSuffix? "_abort" : "");
+ llvm::Value *Fn = CGM.CreateRuntimeFunction(FnType, FunctionName.str(),
llvm::Attributes::get(getLLVMContext(),
B));
llvm::CallInst *HandlerCall = Builder.CreateCall(Fn, Args);
- if (Recoverable) {
+ if (Recover) {
Builder.CreateBr(Cont);
} else {
HandlerCall->setDoesNotReturn();
CGF.EmitCheckTypeDescriptor(OrigSrcType),
CGF.EmitCheckTypeDescriptor(DstType)
};
- CGF.EmitCheck(Check, "float_cast_overflow", StaticArgs, OrigSrc);
+ CGF.EmitCheck(Check, "float_cast_overflow", StaticArgs, OrigSrc,
+ CodeGenFunction::CRK_Recoverable);
}
/// EmitScalarConversion - Emit a conversion from the specified type to the
DynamicData.push_back(Info.RHS);
}
- CGF.EmitCheck(Check, CheckName, StaticData, DynamicData);
+ CGF.EmitCheck(Check, CheckName, StaticData, DynamicData,
+ CodeGenFunction::CRK_Recoverable);
}
//===----------------------------------------------------------------------===//
if (getLangOpts().SanitizeReturn)
EmitCheck(Builder.getFalse(), "missing_return",
EmitCheckSourceLocation(FD->getLocation()),
- llvm::ArrayRef<llvm::Value*>());
+ llvm::ArrayRef<llvm::Value*>(), CRK_Unrecoverable);
else if (CGM.getCodeGenOpts().OptimizationLevel == 0)
Builder.CreateCall(CGM.getIntrinsic(llvm::Intrinsic::trap));
Builder.CreateUnreachable();
EmitCheckTypeDescriptor(size->getType())
};
EmitCheck(Builder.CreateICmpSGT(Size, Zero),
- "vla_bound_not_positive", StaticArgs, Size);
+ "vla_bound_not_positive", StaticArgs, Size,
+ CRK_Recoverable);
}
// Always zexting here would be wrong if it weren't
/// passing to a runtime sanitizer handler.
llvm::Constant *EmitCheckSourceLocation(SourceLocation Loc);
+ /// \brief Specify under what conditions this check can be recovered
+ enum CheckRecoverableKind {
+ /// Always terminate program execution if this check fails
+ CRK_Unrecoverable,
+ /// Check supports recovering, allows user to specify which
+ CRK_Recoverable,
+ /// Runtime conditionally aborts, always need to support recovery.
+ CRK_AlwaysRecoverable
+ };
+
/// \brief Create a basic block that will call a handler function in a
/// sanitizer runtime with the provided arguments, and create a conditional
/// branch to it.
void EmitCheck(llvm::Value *Checked, StringRef CheckName,
llvm::ArrayRef<llvm::Constant *> StaticArgs,
llvm::ArrayRef<llvm::Value *> DynamicArgs,
- bool Recoverable = false);
+ CheckRecoverableKind Recoverable);
/// \brief Create a basic block that will call the trap intrinsic, and emit a
/// conditional branch to it, for the -ftrapv checks.
Opts.MainFileName = Args.getLastArgValue(OPT_main_file_name);
Opts.VerifyModule = !Args.hasArg(OPT_disable_llvm_verifier);
+ Opts.SanitizeRecover = Args.hasArg(OPT_fsanitize_recover);
Opts.InstrumentFunctions = Args.hasArg(OPT_finstrument_functions);
Opts.InstrumentForProfiling = Args.hasArg(OPT_pg);
// CHECK-NEXT: br i1 %[[OK]]
// CHECK: %[[ARG:.*]] = ptrtoint {{.*}} %[[PTR]] to i64
- // CHECK-NEXT: call void @__ubsan_handle_type_mismatch(i8* bitcast ({{.*}} @[[LINE_100]] to i8*), i64 %[[ARG]]) noreturn nounwind
+ // CHECK-NEXT: call void @__ubsan_handle_type_mismatch_abort(i8* bitcast ({{.*}} @[[LINE_100]] to i8*), i64 %[[ARG]]) noreturn nounwind
// With -fsanitize=null, only perform the null check.
// CHECK-NULL: %[[NULL:.*]] = icmp ne {{.*}}, null
// CHECK-NULL: br i1 %[[NULL]]
- // CHECK-NULL: call void @__ubsan_handle_type_mismatch(i8* bitcast ({{.*}} @[[LINE_100]] to i8*), i64 %{{.*}}) noreturn nounwind
+ // CHECK-NULL: call void @__ubsan_handle_type_mismatch_abort(i8* bitcast ({{.*}} @[[LINE_100]] to i8*), i64 %{{.*}}) noreturn nounwind
#line 100
u.i=1;
}
// CHECK-NEXT: icmp eq i64 %[[MISALIGN]], 0
// CHECK: %[[ARG:.*]] = ptrtoint
- // CHECK-NEXT: call void @__ubsan_handle_type_mismatch(i8* bitcast ({{.*}} @[[LINE_200]] to i8*), i64 %[[ARG]]) noreturn nounwind
+ // CHECK-NEXT: call void @__ubsan_handle_type_mismatch_abort(i8* bitcast ({{.*}} @[[LINE_200]] to i8*), i64 %[[ARG]]) noreturn nounwind
#line 200
return *a;
}
// FIXME: Only emit one trap block here.
// CHECK: %[[ARG1:.*]] = zext
// CHECK-NEXT: %[[ARG2:.*]] = zext
- // CHECK-NEXT: call void @__ubsan_handle_shift_out_of_bounds(i8* bitcast ({{.*}} @[[LINE_300_A]] to i8*), i64 %[[ARG1]], i64 %[[ARG2]]) noreturn nounwind
+ // CHECK-NEXT: call void @__ubsan_handle_shift_out_of_bounds_abort(i8* bitcast ({{.*}} @[[LINE_300_A]] to i8*), i64 %[[ARG1]], i64 %[[ARG2]]) noreturn nounwind
// CHECK: %[[SHIFTED_OUT_WIDTH:.*]] = sub nuw nsw i32 31, %[[RHS]]
// CHECK-NEXT: %[[SHIFTED_OUT:.*]] = lshr i32 %[[LHS:.*]], %[[SHIFTED_OUT_WIDTH]]
// CHECK: %[[ARG1:.*]] = zext
// CHECK-NEXT: %[[ARG2:.*]] = zext
- // CHECK-NEXT: call void @__ubsan_handle_shift_out_of_bounds(i8* bitcast ({{.*}} @[[LINE_300_B]] to i8*), i64 %[[ARG1]], i64 %[[ARG2]]) noreturn nounwind
+ // CHECK-NEXT: call void @__ubsan_handle_shift_out_of_bounds_abort(i8* bitcast ({{.*}} @[[LINE_300_B]] to i8*), i64 %[[ARG1]], i64 %[[ARG2]]) noreturn nounwind
// CHECK: %[[RET:.*]] = shl i32 %[[LHS]], %[[RHS]]
// CHECK-NEXT: ret i32 %[[RET]]
// CHECK: %[[ARG1:.*]] = zext
// CHECK-NEXT: %[[ARG2:.*]] = zext
- // CHECK-NEXT: call void @__ubsan_handle_shift_out_of_bounds(i8* bitcast ({{.*}} @[[LINE_400]] to i8*), i64 %[[ARG1]], i64 %[[ARG2]]) noreturn nounwind
+ // CHECK-NEXT: call void @__ubsan_handle_shift_out_of_bounds_abort(i8* bitcast ({{.*}} @[[LINE_400]] to i8*), i64 %[[ARG1]], i64 %[[ARG2]]) noreturn nounwind
// CHECK: %[[RET:.*]] = ashr i32 %[[LHS]], %[[RHS]]
// CHECK-NEXT: ret i32 %[[RET]]
// CHECK: @load
int load(int *p) {
- // CHECK: call void @__ubsan_handle_type_mismatch(i8* bitcast ({{.*}} @[[LINE_500]] to i8*), i64 %{{.*}}) noreturn nounwind
+ // CHECK: call void @__ubsan_handle_type_mismatch_abort(i8* bitcast ({{.*}} @[[LINE_500]] to i8*), i64 %{{.*}}) noreturn nounwind
#line 500
return *p;
}
// CHECK: @store
void store(int *p, int q) {
- // CHECK: call void @__ubsan_handle_type_mismatch(i8* bitcast ({{.*}} @[[LINE_600]] to i8*), i64 %{{.*}}) noreturn nounwind
+ // CHECK: call void @__ubsan_handle_type_mismatch_abort(i8* bitcast ({{.*}} @[[LINE_600]] to i8*), i64 %{{.*}}) noreturn nounwind
#line 600
*p = q;
}
// CHECK: @member_access
int *member_access(struct S *p) {
- // CHECK: call void @__ubsan_handle_type_mismatch(i8* bitcast ({{.*}} @[[LINE_700]] to i8*), i64 %{{.*}}) noreturn nounwind
+ // CHECK: call void @__ubsan_handle_type_mismatch_abort(i8* bitcast ({{.*}} @[[LINE_700]] to i8*), i64 %{{.*}}) noreturn nounwind
#line 700
return &p->k;
}
int signed_overflow(int a, int b) {
// CHECK: %[[ARG1:.*]] = zext
// CHECK-NEXT: %[[ARG2:.*]] = zext
- // CHECK-NEXT: call void @__ubsan_handle_add_overflow(i8* bitcast ({{.*}} @[[LINE_800]] to i8*), i64 %[[ARG1]], i64 %[[ARG2]]) noreturn nounwind
+ // CHECK-NEXT: call void @__ubsan_handle_add_overflow_abort(i8* bitcast ({{.*}} @[[LINE_800]] to i8*), i64 %[[ARG1]], i64 %[[ARG2]]) noreturn nounwind
#line 800
return a + b;
}
// CHECK: icmp sgt i32 %[[PARAM:.*]], 0
//
// CHECK: %[[ARG:.*]] = zext i32 %[[PARAM]] to i64
- // CHECK-NEXT: call void @__ubsan_handle_vla_bound_not_positive(i8* bitcast ({{.*}} @[[LINE_900]] to i8*), i64 %[[ARG]]) noreturn nounwind
+ // CHECK-NEXT: call void @__ubsan_handle_vla_bound_not_positive_abort(i8* bitcast ({{.*}} @[[LINE_900]] to i8*), i64 %[[ARG]]) noreturn nounwind
#line 900
int arr[n * 3];
}
float int_float_overflow(unsigned __int128 n) {
// This is 2**104. FLT_MAX is 2**128 - 2**104.
// CHECK: icmp ule i128 %{{.*}}, -20282409603651670423947251286016
- // CHECK: call void @__ubsan_handle_float_cast_overflow(
+ // CHECK: call void @__ubsan_handle_float_cast_overflow_abort(
return n;
}
// CHECK: %[[GE:.*]] = icmp sge i32 %{{.*}}, -65504
// CHECK: %[[LE:.*]] = icmp sle i32 %{{.*}}, 65504
// CHECK: and i1 %[[GE]], %[[LE]]
- // CHECK: call void @__ubsan_handle_float_cast_overflow(
+ // CHECK: call void @__ubsan_handle_float_cast_overflow_abort(
*p = n;
}
// CHECK: %[[GE:.*]] = fcmp oge float %[[F:.*]], 0xC1E0000000000000
// CHECK: %[[LE:.*]] = fcmp ole float %[[F]], 0x41DFFFFFE0000000
// CHECK: and i1 %[[GE]], %[[LE]]
- // CHECK: call void @__ubsan_handle_float_cast_overflow(
+ // CHECK: call void @__ubsan_handle_float_cast_overflow_abort(
return f;
}
// CHECK: %[[GE:.*]] = fcmp oge float %[[F:.*]], 0.{{0*}}e+00
// CHECK: %[[LE:.*]] = fcmp ole float %[[F]], 0x41EFFFFFE0000000
// CHECK: and i1 %[[GE]], %[[LE]]
- // CHECK: call void @__ubsan_handle_float_cast_overflow(
+ // CHECK: call void @__ubsan_handle_float_cast_overflow_abort(
return f;
}
// CHECK: %[[GE:.*]] = fcmp oge float %[[F:.*]], -1.28{{0*}}e+02
// CHECK: %[[LE:.*]] = fcmp ole float %[[F]], 1.27{{0*}}e+02
// CHECK: and i1 %[[GE]], %[[LE]]
- // CHECK: call void @__ubsan_handle_float_cast_overflow(
+ // CHECK: call void @__ubsan_handle_float_cast_overflow_abort(
return *p;
}
// CHECK: %[[GE:.*]] = fcmp oge double %[[F:.*]], 0xC7EFFFFFE0000000
// CHECK: %[[LE:.*]] = fcmp ole double %[[F]], 0x47EFFFFFE0000000
// CHECK: and i1 %[[GE]], %[[LE]]
- // CHECK: call void @__ubsan_handle_float_cast_overflow(
+ // CHECK: call void @__ubsan_handle_float_cast_overflow_abort(
return f;
}
--- /dev/null
+// RUN: %clang_cc1 -triple x86_64-apple-darwin10 -fsanitize=unsigned-integer-overflow -fsanitize-recover %s -emit-llvm -o - | FileCheck %s --check-prefix=RECOVER
+// RUN: %clang_cc1 -triple x86_64-apple-darwin10 -fsanitize=unsigned-integer-overflow %s -emit-llvm -o - | FileCheck %s --check-prefix=ABORT
+
+
+// RECOVER: @test
+// ABORT: @test
+void test() {
+ extern volatile unsigned x, y, z;
+
+ // RECOVER: uadd.with.overflow.i32
+ // RECOVER: ubsan_handle_add_overflow(
+ // RECOVER-NOT: unreachable
+ // ABORT: uadd.with.overflow.i32
+ // ABORT: ubsan_handle_add_overflow_abort(
+ // ABORT: unreachable
+ x = y + z;
+}
// CHECK-NEXT: icmp eq i64 %[[CACHEVAL]], %[[HASH]]
// CHECK-NEXT: br i1
- // CHECK: call void @__ubsan_handle_dynamic_type_cache_miss({{.*}}, i64 %{{.*}}, i64 %[[HASH]])
+ // CHECK: call void @__ubsan_handle_dynamic_type_cache_miss_abort({{.*}}, i64 %{{.*}}, i64 %[[HASH]])
+ // CHECK-NOT: unreachable
+ // CHECK: {{.*}}:
// (2) Check 'p->b' is appropriately sized and aligned for a load.
// [...]
// CHECK: getelementptr inbounds [128 x i64]* @__ubsan_vptr_type_cache, i32 0, i64 %
// CHECK: br i1
- // CHECK: call void @__ubsan_handle_dynamic_type_cache_miss({{.*}}, i64 %{{.*}}, i64 %{{.*}})
+ // CHECK: call void @__ubsan_handle_dynamic_type_cache_miss_abort({{.*}}, i64 %{{.*}}, i64 %{{.*}})
+ // CHECK-NOT: unreachable
+ // CHECK: {{.*}}:
k = p->f();
}
projects / clang / commitdiff