search

llvm / llvm-project

The LLVM Project is a collection of modular and reusable compiler and toolchain technologies.
http://llvm.org
Other
29.01k stars 11.96k forks source link

clang aggresively optimized away UBs even if sanitizers are used #55676

Open shao-hua-li opened 2 years ago

shao-hua-li commented 2 years ago

For the following code, ASan with clang -O2 and above did not produce any warning of the buffer overflow in function a. I understand that optimizers could assume UBs never happen and do whatever they want to optimize the code. But I do concern that such aggressiveness would hinder the effectiveness of sanitizers. A similar issue is discussed in https://github.com/llvm/llvm-project/issues/53972 and current belief is that this should not be an issue.

On this specific case, gcc however tends to be less aggressive than Clang. https://godbolt.org/z/9MTWeGjzM

int a() {
    int b[7];
    for (int e = 0; e < 8; e++)
        b[e] = 6;
    return b[1];
}
int main() { 
    return a(); 
}
Teemperor commented 2 years ago

This might be relevant: https://discourse.llvm.org/t/rfc-safe-optimizations-for-sanitizers/62729

davidbolvansky commented 2 years ago

For example 'llvm::mustTriggerUB' should always return false with sanitizers.

https://llvm.org/doxygen/namespacellvm.html#a9b587899173512a007250b3f5307441d

davidbolvansky commented 2 years ago

Same for 'mustExecuteUBIfPoisonOnPathTo'