Add 'nullability_arg' and 'nullability_return' diagnostic handlers, and
also add a TypeCheckKind for null assignments to _Nonnull. With this in
place, we can update clang to use the nicer handlers for nullability
diagnostics.
The alternative to this approach is to update the existing 'nonnull_arg'
and 'nonnull_return' handlers to accept a boolean parameter. However,
versioning the existing handlers would cause code size bloat, and the
complexity cost of introducing new handlers into the runtime is low.
I will add tests for this, and all of -fsanitize=nullability, into
check-ubsan once the clang side of the changes is in.
llvm-svn: 297748
Summary: This is the compiler-rt side of D28242.
Reviewers: kcc, vitalybuka, pgousseau, gbedwell
Subscribers: kubabrecka, llvm-commits
Differential Revision: https://reviews.llvm.org/D28244
llvm-svn: 291237
Avoid crashing when printing diagnostics for vtable-related CFI
errors. In diagnostic mode, the frontend does an additional check of
the vtable pointer against the set of all known vtable addresses and
lets the runtime handler know if it is safe to inspect the vtable.
http://reviews.llvm.org/D16824
llvm-svn: 259717
* add __cfi_slowpath_diag with a 3rd parameter which is a pointer to
the diagnostic info for the ubsan handlers.
*__cfi_check gets a 3rd parameter as well.
* unify vcall/cast/etc and icall diagnostic info format, and merge
the handlers to have a single entry point (actually two points due
to abort/noabort variants).
* tests
Note that this comes with a tiny overhead in the non-diag mode:
cfi_slowpath must pass 0 as the 3rd argument to cfi_check.
llvm-svn: 258744
Summary:
Compiler-rt part of http://reviews.llvm.org/D11757
I ended up making UBSan work with both the old version and the new
version of the float_cast_overflow data (instead of just erroring with
the previous version). The old version will try to symbolize its caller.
Now we compile the float_cast_overflow tests without -g, and make sure
we have the source file+line+column.
If you think I'm trying too hard to make sure we can still use both
versions, let me know.
Reviewers: samsonov, rsmith
Subscribers: llvm-commits
Differential Revision: http://reviews.llvm.org/D11793
llvm-svn: 244567
FIx a problem reported by Jakub Jelinek: don't do early-exit from fatal
UBSan handlers: even if source location is disabled (i.e. acquired by
some other thread), we should continue the execution to make sure that:
a) some thread will print the error report before calling Die().
b) handler marked as noreturn will indeed not return.
Explicitly add "Die()" calls at the end of all fatal handlers to be
sure UBSan handlers don't introduce UB themselves.
llvm-svn: 217542
Summary:
This patch implements a new UBSan check, which verifies
that function arguments declared to be nonnull with __attribute__((nonnull))
are actually nonnull in runtime.
To implement this check, we pass FunctionDecl to CodeGenFunction::EmitCallArgs
(where applicable) and if function declaration has nonnull attribute specified
for a certain formal parameter, we compare the corresponding RValue to null as
soon as it's calculated.
Test Plan: regression test suite
Reviewers: rsmith
Reviewed By: rsmith
Subscribers: cfe-commits, rnk
Differential Revision: http://reviews.llvm.org/D5082
llvm-svn: 217389
Summary:
This patch adds a runtime check verifying that functions
annotated with "returns_nonnull" attribute do in fact return nonnull pointers.
It is based on suggestion by Jakub Jelinek:
http://lists.cs.uiuc.edu/pipermail/llvm-commits/Week-of-Mon-20140623/223693.html.
Test Plan: regression test suite
Reviewers: rsmith
Reviewed By: rsmith
Subscribers: cfe-commits
Differential Revision: http://reviews.llvm.org/D4849
llvm-svn: 215485
If user specifies aborting after a recoverable failed check is
appropriate, frontend should emit call to the _abort variant.
Test this behavior with newly added -fsanitize-recover flag.
llvm-svn: 169113
Vedant Kumar