From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: (qmail 30222 invoked by alias); 19 Feb 2014 14:04:05 -0000 Mailing-List: contact gcc-bugs-help@gcc.gnu.org; run by ezmlm Precedence: bulk List-Id: List-Archive: List-Post: List-Help: Sender: gcc-bugs-owner@gcc.gnu.org Received: (qmail 30165 invoked by uid 48); 19 Feb 2014 14:04:02 -0000 From: "burnus at gcc dot gnu.org" To: gcc-bugs@gcc.gnu.org Subject: [Bug sanitizer/60275] New: [UBSAN] Add -f[no-]sanitize-recover/-fsanitize-undefined-trap-on-error to make UBSAN's runtime errors fatal Date: Wed, 19 Feb 2014 14:04:00 -0000 X-Bugzilla-Reason: CC X-Bugzilla-Type: new X-Bugzilla-Watch-Reason: None X-Bugzilla-Product: gcc X-Bugzilla-Component: sanitizer X-Bugzilla-Version: 4.9.0 X-Bugzilla-Keywords: X-Bugzilla-Severity: normal X-Bugzilla-Who: burnus at gcc dot gnu.org X-Bugzilla-Status: UNCONFIRMED X-Bugzilla-Priority: P3 X-Bugzilla-Assigned-To: unassigned at gcc dot gnu.org X-Bugzilla-Target-Milestone: --- X-Bugzilla-Flags: X-Bugzilla-Changed-Fields: bug_id short_desc product version bug_status bug_severity priority component assigned_to reporter cc Message-ID: Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: 7bit X-Bugzilla-URL: http://gcc.gnu.org/bugzilla/ Auto-Submitted: auto-generated MIME-Version: 1.0 X-SW-Source: 2014-02/txt/msg01967.txt.bz2 http://gcc.gnu.org/bugzilla/show_bug.cgi?id=60275 Bug ID: 60275 Summary: [UBSAN] Add -f[no-]sanitize-recover/-fsanitize-undefined-trap-on-e rror to make UBSAN's runtime errors fatal Product: gcc Version: 4.9.0 Status: UNCONFIRMED Severity: normal Priority: P3 Component: sanitizer Assignee: unassigned at gcc dot gnu.org Reporter: burnus at gcc dot gnu.org CC: dodji at gcc dot gnu.org, dvyukov at gcc dot gnu.org, jakub at gcc dot gnu.org, kcc at gcc dot gnu.org, mpolacek at gcc dot gnu.org While I personally would like to see more fine tuning via UBSAN_FLAGS - similar to ASAN, LSAN and TSAN, adding CLANG's -fsanitize-recover/-fno-sanitize-recover and -fsanitize-undefined-trap-on-error would be useful as additional feature. >>From CLANG: Extra features of UndefinedBehaviorSanitizer: - ``-fno-sanitize-recover``: By default, after a sanitizer diagnoses an issue, it will attempt to continue executing the program if there is a reasonable behavior it can give to the faulting operation. This option causes the program to abort instead. - ``-fsanitize-undefined-trap-on-error``: Causes traps to be emitted rather than calls to runtime libraries when a problem is detected. This option is intended for use in cases where the sanitizer runtime cannot be used (for instance, when building libc or a kernel module). This is only compatible with the sanitizers in the ``undefined-trap`` group. That would be BUILT_IN_UNREACHABLE and BUILT_IN_TRAP. (But unreachable shouldn't be dressed by SANITIZE_UNREACHABLE ;-) See also LLVM's * tools/clang/docs/UsersManual.rst * tools/clang/lib/CodeGen/CGExpr.cpp (search for SanitizeUndefinedTrapOnError and SanitizeRecover)