[ubsan] Skip null checks on pointers to the start of an alloca

author Vedant Kumar <vsk@apple.com>

Mon, 17 Apr 2017 22:26:07 +0000 (22:26 +0000)

committer Vedant Kumar <vsk@apple.com>

Mon, 17 Apr 2017 22:26:07 +0000 (22:26 +0000)
author Vedant Kumar <vsk@apple.com>
Mon, 17 Apr 2017 22:26:07 +0000 (22:26 +0000)
committer Vedant Kumar <vsk@apple.com>
Mon, 17 Apr 2017 22:26:07 +0000 (22:26 +0000)
diff --git a/lib/CodeGen/CGExpr.cpp b/lib/CodeGen/CGExpr.cpp

index 265ef27a46b0f4457ee3813688b75f0a5d710253..b5d6c659e9e15041aa6874c9f2d2f92ac190c58f 100644 (file)
--- a/lib/CodeGen/CGExpr.cpp
+++ b/lib/CodeGen/CGExpr.cpp
@@ -533,6 +533,15 @@ bool CodeGenFunction::sanitizePerformTypeCheck() const {
           SanOpts.has(SanitizerKind::Vptr);
  }
  
+/// Check if a runtime null check for \p Ptr can be omitted.
+static bool canOmitPointerNullCheck(llvm::Value *Ptr) {
+  // Note: do not perform any constant-folding in this function. That is best
+  // left to the IR builder.
+
+  // Pointers to alloca'd memory are non-null.
+  return isa<llvm::AllocaInst>(Ptr->stripPointerCastsNoFollowAliases());
+}
+
  void CodeGenFunction::EmitTypeCheck(TypeCheckKind TCK, SourceLocation Loc,
                                      llvm::Value *Ptr, QualType Ty,
                                      CharUnits Alignment,
@@ -554,7 +563,8 @@ void CodeGenFunction::EmitTypeCheck(TypeCheckKind TCK, SourceLocation Loc,
    bool AllowNullPointers = TCK == TCK_DowncastPointer || TCK == TCK_Upcast ||
                             TCK == TCK_UpcastToVirtualBase;
    if ((SanOpts.has(SanitizerKind::Null) || AllowNullPointers) &&
-      !SkippedChecks.has(SanitizerKind::Null)) {
+      !SkippedChecks.has(SanitizerKind::Null) &&
+      !canOmitPointerNullCheck(Ptr)) {
      // The glvalue must not be an empty glvalue.
      llvm::Value *IsNonNull = Builder.CreateIsNotNull(Ptr);
  
diff --git a/test/CodeGenCXX/ubsan-suppress-checks.cpp b/test/CodeGenCXX/ubsan-suppress-checks.cpp

index 8ec94556c1365b87d916943687ad00c5fa60aaa3..a8ca24ba63a03bf9295a64ad88460810a03209dc 100644 (file)
--- a/test/CodeGenCXX/ubsan-suppress-checks.cpp
+++ b/test/CodeGenCXX/ubsan-suppress-checks.cpp
@@ -2,6 +2,18 @@
  // RUN: %clang_cc1 -std=c++11 -triple x86_64-apple-darwin10 -emit-llvm -o - %s -fsanitize=null | FileCheck %s --check-prefixes=CHECK,NULL
  // RUN: %clang_cc1 -std=c++11 -triple x86_64-apple-darwin10 -emit-llvm -o - %s -fsanitize=alignment,null -DCHECK_LAMBDA | FileCheck %s --check-prefixes=LAMBDA
  
+// CHECK-LABEL: define void @_Z22load_non_null_pointersv
+void load_non_null_pointers() {
+  int var;
+  var = *&var;
+
+  int arr[1];
+  arr[0] = arr[0];
+
+  // CHECK-NOT: icmp ne {{.*}}, null, !nosanitize
+  // CHECK: ret void
+}
+
  struct A {
    int foo;
  
@@ -29,8 +41,7 @@ struct A {
      };
      f();
  
-    // LAMBDA: icmp ne %class.anon* %[[FUNCVAR:.*]], null, !nosanitize
-    // LAMBDA: %[[LAMBDAINT:[0-9]+]] = ptrtoint %class.anon* %[[FUNCVAR]] to i64, !nosanitize
+    // LAMBDA: %[[LAMBDAINT:[0-9]+]] = ptrtoint %class.anon* %[[FUNCVAR:.*]] to i64, !nosanitize
      // LAMBDA: and i64 %[[LAMBDAINT]], 7, !nosanitize
      // LAMBDA: call void @__ubsan_handle_type_mismatch
  
@@ -127,8 +138,8 @@ struct A {
  struct B {
    operator A*() const { return nullptr; }
  
-  // CHECK-LABEL: define linkonce_odr i32 @_ZN1B11load_memberEv
-  static int load_member() {
+  // CHECK-LABEL: define linkonce_odr i32 @_ZN1B11load_memberEPS_
+  static int load_member(B *bp) {
      // Check &b before converting it to an A*.
      // CHECK: call void @__ubsan_handle_type_mismatch
      //
@@ -136,8 +147,7 @@ struct B {
      // NULL: call void @__ubsan_handle_type_mismatch
      //
      // CHECK-NOT: call void @__ubsan_handle_type_mismatch
-    B b;
-    return static_cast<A *>(b)->load_member();
+    return static_cast<A *>(*bp)->load_member();
      // CHECK: ret i32
    }
  };
@@ -210,7 +220,7 @@ void force_irgen() {
    A::call_through_reference(*a);
    A::call_through_pointer(a);
  
-  B::load_member();
+  B::load_member(nullptr);
  
    Base *b = new Derived;
    b->load_member_1();
@@ -218,4 +228,6 @@ void force_irgen() {
    Derived *d;
    d->load_member_2();
    d->load_member_3();
+
+  load_non_null_pointers();
  }
author	Vedant Kumar <vsk@apple.com>
	Mon, 17 Apr 2017 22:26:07 +0000 (22:26 +0000)
committer	Vedant Kumar <vsk@apple.com>
	Mon, 17 Apr 2017 22:26:07 +0000 (22:26 +0000)
lib/CodeGen/CGExpr.cpp		patch \| blob \| history
test/CodeGenCXX/ubsan-suppress-checks.cpp		patch \| blob \| history