Re: [llvm-dev] RFC: Implementing -fno-delete-null-pointer-checks in clang
On 5/14/2018 12:11 PM, Manoj Gupta
On Mon, May 14, 2018 at 12:07 PM Friedman, Eli
5/12/2018 9:23 PM, Philip Reames via llvm-dev wrote:
> Fair warning, the following is a devil's advocate
position, but it's
> also a serious question.
> Given the entire point of this flag appears to be bug
> not frame this as a sanitizer? If we had a
> -fsanitize=dereference which tried to catch
> derived from null, wouldn't that handle the case at
It's called "-fsanitize=null": it catches stuff like "x"
where x is
null. It's not quite complete; we don't check for arithmetic
on a null
Yes, that would handle the situation in question, but
null checks all over the place is pretty expensive; I don't
people would turn that on in production.
had a similar discussion on an internal thread a while
back if we can use "-fsanitize=null" where clang
generate ud2 instruction for null pointer dereferences.
Unfortunately, this doesn't work in kernel context.
the reply from our kernel team:
will not cause a kernel panic: it's an exception trigger,
up to the exception handler to decide if it will
return (WARN) or not
(BUG). In the referenced function, this is calling
will resume execution. (And note that the BUG()
specifically marked with __attribute__((noreturn)). "
If the kernel can't use -fsanitize-trap, it could use some
alternative like "-fsanitize=null -fno-sanitize-recover=null
-fsanitize-minimal-runtime". That doesn't seem like a fundamental
flaw in the approach.
Employee of Qualcomm Innovation Center, Inc.
Qualcomm Innovation Center, Inc. is a member of Code Aurora Forum, a Linux Foundation Collaborative Project