Skip to content

Commit f9073e7

Browse files
qinkunbaoqinkunbao
authored
[UBSan] Move type:*=sanitize handling. (llvm#142006)
As discussed in llvm#139128, this PR moves =sanitize handling from `ASTContext::isTypeIgnoredBySanitizer` to `NoSanitizeList::containsType`. Before this PR: "=sanitize" has priority regardless of the order After this PR: If multiple entries match the source, than the latest entry takes the precedence.
1 parent fe40f97 commit f9073e7

File tree

3 files changed

+47
-21
lines changed

3 files changed

+47
-21
lines changed

clang/lib/AST/ASTContext.cpp

Lines changed: 1 addition & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -875,8 +875,7 @@ ASTContext::insertCanonicalTemplateTemplateParmDeclInternal(
875875
bool ASTContext::isTypeIgnoredBySanitizer(const SanitizerMask &Mask,
876876
const QualType &Ty) const {
877877
std::string TyName = Ty.getUnqualifiedType().getAsString(getPrintingPolicy());
878-
return NoSanitizeL->containsType(Mask, TyName) &&
879-
!NoSanitizeL->containsType(Mask, TyName, "sanitize");
878+
return NoSanitizeL->containsType(Mask, TyName);
880879
}
881880

882881
TargetCXXABI::Kind ASTContext::getCXXABIKind() const {

clang/lib/Basic/NoSanitizeList.cpp

Lines changed: 5 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -34,7 +34,11 @@ bool NoSanitizeList::containsGlobal(SanitizerMask Mask, StringRef GlobalName,
3434

3535
bool NoSanitizeList::containsType(SanitizerMask Mask, StringRef MangledTypeName,
3636
StringRef Category) const {
37-
return SSCL->inSection(Mask, "type", MangledTypeName, Category);
37+
auto NoSan = SSCL->inSectionBlame(Mask, "type", MangledTypeName, Category);
38+
if (NoSan == llvm::SpecialCaseList::NotFound)
39+
return false;
40+
auto San = SSCL->inSectionBlame(Mask, "type", MangledTypeName, "sanitize");
41+
return San == llvm::SpecialCaseList::NotFound || NoSan > San;
3842
}
3943

4044
bool NoSanitizeList::containsFunction(SanitizerMask Mask,

clang/test/CodeGen/ubsan-type-ignorelist-category-2.test

Lines changed: 41 additions & 18 deletions
Original file line numberDiff line numberDiff line change
@@ -1,19 +1,22 @@
11
// RUN: rm -rf %t
22
// RUN: split-file %s %t
33

4-
// RUN: %clang_cc1 -triple x86_64-linux-gnu -fsanitize=signed-integer-overflow,unsigned-integer-overflow -fsanitize-ignorelist=%t/order-0.ignorelist -emit-llvm %t/test.c -o - | FileCheck %s
5-
// RUN: %clang_cc1 -triple x86_64-linux-gnu -fsanitize=signed-integer-overflow,unsigned-integer-overflow -fsanitize-ignorelist=%t/order-1.ignorelist -emit-llvm %t/test.c -o - | FileCheck %s
6-
// RUN: %clang_cc1 -triple x86_64-linux-gnu -fsanitize=signed-integer-overflow,unsigned-integer-overflow -fsanitize-ignorelist=%t/order-2.ignorelist -emit-llvm %t/test.c -o - | FileCheck %s
7-
// RUN: %clang_cc1 -triple x86_64-linux-gnu -fsanitize=signed-integer-overflow,unsigned-integer-overflow -fsanitize-ignorelist=%t/order-3.ignorelist -emit-llvm %t/test.c -o - | FileCheck %s
8-
// RUN: %clang_cc1 -triple x86_64-linux-gnu -fsanitize=signed-integer-overflow,unsigned-integer-overflow -fsanitize-ignorelist=%t/order-4.ignorelist -emit-llvm %t/test.c -o - | FileCheck %s
9-
// RUN: %clang_cc1 -triple x86_64-linux-gnu -fsanitize=signed-integer-overflow,unsigned-integer-overflow -fsanitize-ignorelist=%t/order-5.ignorelist -emit-llvm %t/test.c -o - | FileCheck %s
10-
// RUN: %clang_cc1 -triple x86_64-linux-gnu -fsanitize=signed-integer-overflow,unsigned-integer-overflow -fsanitize-ignorelist=%t/order-6.ignorelist -emit-llvm %t/test.c -o - | FileCheck %s
11-
// RUN: %clang_cc1 -triple x86_64-linux-gnu -fsanitize=signed-integer-overflow,unsigned-integer-overflow -fsanitize-ignorelist=%t/order-7.ignorelist -emit-llvm %t/test.c -o - | FileCheck %s
12-
13-
// The same type can appear multiple times within an ignorelist. This is a test
14-
// to make sure "=sanitize" has priority regardless of the order in which
15-
// duplicate type entries appear. This is a precautionary measure; we would
16-
// much rather eagerly sanitize than silently forgo sanitization.
4+
// RUN: %clang_cc1 -triple x86_64-linux-gnu -fsanitize=signed-integer-overflow,unsigned-integer-overflow -fsanitize-ignorelist=%t/order-0.ignorelist -emit-llvm %t/test.c -o - | FileCheck %s --check-prefixes=CHECK,SANITIZE
5+
// RUN: %clang_cc1 -triple x86_64-linux-gnu -fsanitize=signed-integer-overflow,unsigned-integer-overflow -fsanitize-ignorelist=%t/order-1.ignorelist -emit-llvm %t/test.c -o - | FileCheck %s --check-prefixes=CHECK,IGNORE
6+
// RUN: %clang_cc1 -triple x86_64-linux-gnu -fsanitize=signed-integer-overflow,unsigned-integer-overflow -fsanitize-ignorelist=%t/order-2.ignorelist -emit-llvm %t/test.c -o - | FileCheck %s --check-prefixes=CHECK,SANITIZE
7+
// RUN: %clang_cc1 -triple x86_64-linux-gnu -fsanitize=signed-integer-overflow,unsigned-integer-overflow -fsanitize-ignorelist=%t/order-3.ignorelist -emit-llvm %t/test.c -o - | FileCheck %s --check-prefixes=CHECK,IGNORE
8+
// RUN: %clang_cc1 -triple x86_64-linux-gnu -fsanitize=signed-integer-overflow,unsigned-integer-overflow -fsanitize-ignorelist=%t/order-4.ignorelist -emit-llvm %t/test.c -o - | FileCheck %s --check-prefixes=CHECK,SANITIZE
9+
// RUN: %clang_cc1 -triple x86_64-linux-gnu -fsanitize=signed-integer-overflow,unsigned-integer-overflow -fsanitize-ignorelist=%t/order-5.ignorelist -emit-llvm %t/test.c -o - | FileCheck %s --check-prefixes=CHECK,IGNORE
10+
// RUN: %clang_cc1 -triple x86_64-linux-gnu -fsanitize=signed-integer-overflow,unsigned-integer-overflow -fsanitize-ignorelist=%t/order-6.ignorelist -emit-llvm %t/test.c -o - | FileCheck %s --check-prefixes=CHECK,SANITIZE
11+
// RUN: %clang_cc1 -triple x86_64-linux-gnu -fsanitize=signed-integer-overflow,unsigned-integer-overflow -fsanitize-ignorelist=%t/order-7.ignorelist -emit-llvm %t/test.c -o - | FileCheck %s --check-prefixes=CHECK,IGNORE
12+
// RUN: %clang_cc1 -triple x86_64-linux-gnu -fsanitize=signed-integer-overflow,unsigned-integer-overflow -fsanitize-ignorelist=%t/order-8.ignorelist -emit-llvm %t/test.c -o - | FileCheck %s --check-prefixes=CHECK,SANITIZE
13+
14+
15+
// The same type can appear multiple times within an ignorelist. Any ``=sanitize`` type
16+
// entries enable sanitizer instrumentation, even if it was ignored by entries before.
17+
// If multiple entries match the source, than the latest entry takes the
18+
// precedence.
19+
1720

1821
//--- order-0.ignorelist
1922
type:int
@@ -40,19 +43,39 @@ type:int=sanitize
4043
type:in*
4144

4245
//--- order-6.ignorelist
46+
type:int
4347
type:int=sanitize
44-
type:in*
4548

4649
//--- order-7.ignorelist
47-
type:int
50+
[{unsigned-integer-overflow,signed-integer-overflow}]
51+
type:*
4852
type:int=sanitize
53+
type:i*t
54+
type:*nt=sanitize
55+
[{unsigned-integer-overflow,signed-integer-overflow}]
56+
type:*
57+
type:int
58+
type:i*t=sanitize
59+
type:*nt
4960

50-
61+
//--- order-8.ignorelist
62+
[{unsigned-integer-overflow,signed-integer-overflow}]
63+
type:*
64+
type:int
65+
type:i*t=sanitize
66+
type:*nt
67+
[{unsigned-integer-overflow,signed-integer-overflow}]
68+
type:*
69+
type:int=sanitize
70+
type:i*t
71+
type:*nt=sanitize
5172

5273

5374
//--- test.c
54-
// CHECK-LABEL: @test
75+
// CHECK-LABEL: define dso_local void @test
5576
void test(int A) {
56-
// CHECK: @llvm.sadd.with.overflow.i32
77+
// IGNORE: %inc = add nsw
78+
// SANITIZE: @llvm.sadd.with.overflow.i32
5779
++A;
5880
}
81+

0 commit comments

Comments
 (0)