[PATCH] -fsanitize=nonnull-attribute and -fsanitize=returns-nonnull-attribute support

Jeff Law law@redhat.com
Fri Sep 19 18:00:00 GMT 2014

On 09/09/14 11:52, Jakub Jelinek wrote:
> Hi!
> On Fri, Jun 27, 2014 at 09:13:07AM +0200, Jakub Jelinek wrote:
>> The patch adds two new (trivial handlers) to libubsan, as it is maintained
>> in llvm's compiler-rt, will talk to them if they are interested in those
>> and what exact wording and form (AFAIK clang also added the gcc
>> {,returns_}nonnull attributes).  If they wouldn't be interested, guess
>> we could add them in a separate, gcc owned, source file in ubsan (like we
>> own Makefile*).
> Now that the compiler-rt bits landed up upstream, here is an updated
> version of the patch.
> First here is mostly ubsan infrastructure change so that ubsan_create_data
> can handle more cases, together with an improvement not to emit UBSAN_BOUNDS
> when it already during gimplification provably can't overflow.
> What the ubsan_create_data changes allow is more than one locus at the
> beginning and arbitrary data, not just mismatch pair, after all the
> typedescriptors.
> Bootstrapped/regtested on x86_64-linux and i686-linux, ok for trunk?
> 2014-09-09  Jakub Jelinek  <jakub@redhat.com>
> 	* ubsan.h (struct ubsan_mismatch_data): Removed.
> 	(ubsan_create_data): Remove MISMATCH argument, add LOCCNT argument.
> 	* ubsan.c (ubsan_source_location): For unknown locations,
> 	pass { NULL, 0, 0 } instead of { "<unknown>", x, y }.
> 	(ubsan_create_data): Remove MISMATCH argument, add LOCCNT argument.
> 	Allow more than one location and arbitrary extra arguments passed
> 	in ... instead of through MISMATCH pointer.
> 	(ubsan_instrument_unreachable, ubsan_expand_bounds_ifn,
> 	ubsan_expand_null_ifn, ubsan_build_overflow_builtin,
> 	instrument_bool_enum_load, ubsan_instrument_float_cast): Adjust
> 	callers.
> c-family/
> 	* c-ubsan.c (ubsan_instrument_division, ubsan_instrument_shift,
> 	ubsan_instrument_vla, ubsan_instrument_return): Adjust
> 	ubsan_create_data callers.
> 	(ubsan_instrument_bounds): Don't emit UBSAN_BOUNDS at all if
> 	index is constant or BIT_AND_EXPR with constant mask and is
> 	small enough for the bound.
> 	* c-gimplify.c (ubsan_walk_array_refs_r): For ADDR_EXPR of
> 	ARRAY_REF, make sure the inner ARRAY_REF is not walked again.
OK.  I really wonder if you and Marek should have a free hand in the 
ubsan bits.


More information about the Gcc-patches mailing list