Sanitizer: Support -fwrapv with -fsanitize=signed-integer-overflow

clang/docs/ReleaseNotes.rst

@@ -399,6 +399,9 @@ Moved checkers
 Sanitizers
 ----------
 
+- ``-fsanitize=signed-integer-overflow`` now instruments signed arithmetic even
+ when ``-fwrapv`` is enabled. Previously, only division checks were enabled.
+
 Python Binding Changes
 ----------------------
 

clang/docs/UndefinedBehaviorSanitizer.rst

@@ -190,10 +190,11 @@ Available checks are:
  - ``-fsanitize=signed-integer-overflow``: Signed integer overflow, where the
  result of a signed integer computation cannot be represented in its type.
  This includes all the checks covered by ``-ftrapv``, as well as checks for
- signed division overflow (``INT_MIN/-1``), but not checks for
- lossy implicit conversions performed before the computation
- (see ``-fsanitize=implicit-conversion``). Both of these two issues are
- handled by ``-fsanitize=implicit-conversion`` group of checks.
+ signed division overflow (``INT_MIN/-1``). Note that checks are still
+ added even when ``-fwrapv`` is enabled. This sanitizer does not check for
+ lossy implicit conversions performed before the computation (see
+ ``-fsanitize=implicit-conversion``). Both of these two issues are handled
+ by ``-fsanitize=implicit-conversion`` group of checks.
  - ``-fsanitize=unreachable``: If control flow reaches an unreachable
  program point.
  - ``-fsanitize=unsigned-integer-overflow``: Unsigned integer overflow, where

clang/lib/CodeGen/CGExprScalar.cpp

@@ -723,7 +723,9 @@ class ScalarExprEmitter
  if (Ops.Ty->isSignedIntegerOrEnumerationType()) {
  switch (CGF.getLangOpts().getSignedOverflowBehavior()) {
  case LangOptions::SOB_Defined:
- return Builder.CreateMul(Ops.LHS, Ops.RHS, "mul");
+ if (!CGF.SanOpts.has(SanitizerKind::SignedIntegerOverflow))
+ return Builder.CreateMul(Ops.LHS, Ops.RHS, "mul");
+ [[fallthrough]];
  case LangOptions::SOB_Undefined:
  if (!CGF.SanOpts.has(SanitizerKind::SignedIntegerOverflow))
  return Builder.CreateNSWMul(Ops.LHS, Ops.RHS, "mul");
@@ -2568,7 +2570,9 @@ llvm::Value *ScalarExprEmitter::EmitIncDecConsiderOverflowBehavior(
  StringRef Name = IsInc ? "inc" : "dec";
  switch (CGF.getLangOpts().getSignedOverflowBehavior()) {
  case LangOptions::SOB_Defined:
- return Builder.CreateAdd(InVal, Amount, Name);
+ if (!CGF.SanOpts.has(SanitizerKind::SignedIntegerOverflow))
+ return Builder.CreateAdd(InVal, Amount, Name);
+ [[fallthrough]];
  case LangOptions::SOB_Undefined:
  if (!CGF.SanOpts.has(SanitizerKind::SignedIntegerOverflow))
  return Builder.CreateNSWAdd(InVal, Amount, Name);
@@ -3913,7 +3917,9 @@ Value *ScalarExprEmitter::EmitAdd(const BinOpInfo &op) {
  if (op.Ty->isSignedIntegerOrEnumerationType()) {
  switch (CGF.getLangOpts().getSignedOverflowBehavior()) {
  case LangOptions::SOB_Defined:
- return Builder.CreateAdd(op.LHS, op.RHS, "add");
+ if (!CGF.SanOpts.has(SanitizerKind::SignedIntegerOverflow))
+ return Builder.CreateAdd(op.LHS, op.RHS, "add");
+ [[fallthrough]];
  case LangOptions::SOB_Undefined:
  if (!CGF.SanOpts.has(SanitizerKind::SignedIntegerOverflow))
  return Builder.CreateNSWAdd(op.LHS, op.RHS, "add");
@@ -4067,7 +4073,9 @@ Value *ScalarExprEmitter::EmitSub(const BinOpInfo &op) {
  if (op.Ty->isSignedIntegerOrEnumerationType()) {
  switch (CGF.getLangOpts().getSignedOverflowBehavior()) {
  case LangOptions::SOB_Defined:
- return Builder.CreateSub(op.LHS, op.RHS, "sub");
+ if (!CGF.SanOpts.has(SanitizerKind::SignedIntegerOverflow))
+ return Builder.CreateSub(op.LHS, op.RHS, "sub");
+ [[fallthrough]];
  case LangOptions::SOB_Undefined:
  if (!CGF.SanOpts.has(SanitizerKind::SignedIntegerOverflow))
  return Builder.CreateNSWSub(op.LHS, op.RHS, "sub");

clang/test/CodeGen/integer-overflow.c

@@ -2,6 +2,7 @@
 // RUN: %clang_cc1 -triple x86_64-apple-darwin %s -emit-llvm -o - -fwrapv | FileCheck %s --check-prefix=WRAPV
 // RUN: %clang_cc1 -triple x86_64-apple-darwin %s -emit-llvm -o - -ftrapv | FileCheck %s --check-prefix=TRAPV
 // RUN: %clang_cc1 -triple x86_64-apple-darwin %s -emit-llvm -o - -fsanitize=signed-integer-overflow | FileCheck %s --check-prefix=CATCH_UB
+// RUN: %clang_cc1 -triple x86_64-apple-darwin %s -emit-llvm -o - -fsanitize=signed-integer-overflow -fwrapv | FileCheck %s --check-prefix=CATCH_WRAP
 // RUN: %clang_cc1 -triple x86_64-apple-darwin %s -emit-llvm -o - -ftrapv -ftrapv-handler foo | FileCheck %s --check-prefix=TRAPV_HANDLER
 
 
@@ -16,27 +17,31 @@ void test1(void) {
  // WRAPV: add i32
  // TRAPV: llvm.sadd.with.overflow.i32
  // CATCH_UB: llvm.sadd.with.overflow.i32
+ // CATCH_WRAP: llvm.sadd.with.overflow.i32
  // TRAPV_HANDLER: foo(
  f11G = a + b;
 
  // DEFAULT: sub nsw i32
  // WRAPV: sub i32
  // TRAPV: llvm.ssub.with.overflow.i32
  // CATCH_UB: llvm.ssub.with.overflow.i32
+ // CATCH_WRAP: llvm.ssub.with.overflow.i32
  // TRAPV_HANDLER: foo(
  f11G = a - b;
 
  // DEFAULT: mul nsw i32
  // WRAPV: mul i32
  // TRAPV: llvm.smul.with.overflow.i32
  // CATCH_UB: llvm.smul.with.overflow.i32
+ // CATCH_WRAP: llvm.smul.with.overflow.i32
  // TRAPV_HANDLER: foo(
  f11G = a * b;
 
  // DEFAULT: sub nsw i32 0, 
  // WRAPV: sub i32 0, 
  // TRAPV: llvm.ssub.with.overflow.i32(i32 0
  // CATCH_UB: llvm.ssub.with.overflow.i32(i32 0
+ // CATCH_WRAP: llvm.ssub.with.overflow.i32(i32 0
  // TRAPV_HANDLER: foo(
  f11G = -a;
 
@@ -46,13 +51,15 @@ void test1(void) {
  // WRAPV: add i32 {{.*}}, 1
  // TRAPV: llvm.sadd.with.overflow.i32({{.*}}, i32 1)
  // CATCH_UB: llvm.sadd.with.overflow.i32({{.*}}, i32 1)
+ // CATCH_WRAP: llvm.sadd.with.overflow.i32({{.*}}, i32 1)
  // TRAPV_HANDLER: foo(
  ++a;
 
  // DEFAULT: add nsw i32 {{.*}}, -1
  // WRAPV: add i32 {{.*}}, -1
  // TRAPV: llvm.ssub.with.overflow.i32({{.*}}, i32 1)
  // CATCH_UB: llvm.ssub.with.overflow.i32({{.*}}, i32 1)
+ // CATCH_WRAP: llvm.ssub.with.overflow.i32({{.*}}, i32 1)
  // TRAPV_HANDLER: foo(
  --a;
 
@@ -70,6 +77,7 @@ void test1(void) {
  // WRAPV: add i8 {{.*}}, 1
  // TRAPV: add i8 {{.*}}, 1
  // CATCH_UB: add i8 {{.*}}, 1
+ // CATCH_WRAP: add i8 {{.*}}, 1
  ++PR9350_char_inc;
 
  // PR9350: char pre-decrement never overflows.
@@ -78,6 +86,7 @@ void test1(void) {
  // WRAPV: add i8 {{.*}}, -1
  // TRAPV: add i8 {{.*}}, -1
  // CATCH_UB: add i8 {{.*}}, -1
+ // CATCH_WRAP: add i8 {{.*}}, -1
  --PR9350_char_dec;
 
  // PR9350: short pre-increment never overflows.
@@ -86,6 +95,7 @@ void test1(void) {
  // WRAPV: add i16 {{.*}}, 1
  // TRAPV: add i16 {{.*}}, 1
  // CATCH_UB: add i16 {{.*}}, 1
+ // CATCH_WRAP: add i16 {{.*}}, 1
  ++PR9350_short_inc;
 
  // PR9350: short pre-decrement never overflows.
@@ -94,6 +104,7 @@ void test1(void) {
  // WRAPV: add i16 {{.*}}, -1
  // TRAPV: add i16 {{.*}}, -1
  // CATCH_UB: add i16 {{.*}}, -1
+ // CATCH_WRAP: add i16 {{.*}}, -1
  --PR9350_short_dec;
 
  // PR24256: don't instrument __builtin_frame_address.
@@ -102,4 +113,5 @@ void test1(void) {
  // WRAPV: call ptr @llvm.frameaddress.p0(i32 0)
  // TRAPV: call ptr @llvm.frameaddress.p0(i32 0)
  // CATCH_UB: call ptr @llvm.frameaddress.p0(i32 0)
+ // CATCH_WRAP: call ptr @llvm.frameaddress.p0(i32 0)
 }