Hi I am new here. I am using clang to check errors in our code. Specifically
integer overflows. But sometimes it is ok, some dirty code are ok, for
example in hash function calculation. How can I disable sanitize checks
locally for one inlined function for example?
Are your hash function calculations using unsigned integers or signed integers? Overflowing the former is well-defined, the latter is not. That's why -fsanitize=undefined does not include -fsanitize=unsigned-integer-overflow, see here:
<http://clang.llvm.org/docs/UsersManual.html#controlling-code-generation>
Cheers,
Hi I am new here. I am using clang to check errors in our code. Specifically
integer overflows. But sometimes it is ok, some dirty code are ok, for
example in hash function calculation. How can I disable sanitize checks
locally for one inlined function for example?
Glad to hear it!
Adding attributes to annotate safe locations is on my TODO list, as
this is an important feature for usability. It shouldn't take too
long, but even so unfortunately I don't think I'll be able to get to
it for at least a few days.
Apologies for any inconvenience!
~Will
A temporary kludge might be to push the hash function into a separate
TU, build it without overflow checking (or just disable the overflow
checks that are intentional).
If LTO is an option for your project, you could use that to then
inline the function and restore your original functionality.
Hope this helps,
~Will
We already have the -fsanitize-blacklist= option to specify a
blacklist file. Currently, it's only used by ASan, but we should try
to extend the same mechanism to the other sanitizers before inventing
something else.
Are your hash function calculations using unsigned integers or signed
integers? Overflowing the former is well-defined, the latter is not.
That's why -fsanitize=undefined does not include
-fsanitize=unsigned-integer-overflow, see here:
Good code shouldn't overflow unsigned ints although it is well defined.
Unsigned overflow is a sign of error and should be found in debug process.
A temporary kludge might be to push the hash function into a separate
TU, build it without overflow checking (or just disable the overflow
checks that are intentional).
For now it is an only option to accumulate all bad code in separate TU.
Wonder what will I do if I find a dirty code in templates which can't be
sorted off the headers.
We already have the -fsanitize-blacklist= option to specify a
blacklist file.
Oh? No doubt it's quite new, but might I suggest describing it here:
<Clang Compiler User’s Manual — Clang 18.0.0git documentation;
Currently, it's only used by ASan, but we should try
to extend the same mechanism to the other sanitizers before inventing
something else.
That would be great. I've already hit two OS X bugs with ubsan, being able to suppress them would allow me to turn -fsanitize=alignment back on in various buildbots I maintain.
Cheers,