Undefined Behavior Sanitizer:如何抑制一些无符号整数溢出错误? [英] Undefined Behavior Sanitizer: How to suppress some unsigned-integer-overflow errors?
问题描述
我的 -fsanitize = unsigned-integer-overflow
错误大多是错误,但有时我明确地使用它的预期,这导致UBSan产生假阳性。 p>
有没有办法可以为特定表达式关闭UBSan无符号整数溢出检查?
到Shafik的注释,这里是一个例子:
unsigned a = 0;
unsigned b = a - 1; //错误:无符号整数溢出
大多数时间是一个错误,有时不是。对于UBSan,可以找到每一次发生的问题,修复错误,但是我没有找到一种方法来消除假阳性。
编辑2:启用检查需要传递 -fsanitize = integer
(以启用所有整数检查)或 fsanitize = unsigned-integer-overflow
。
如果你想包装在一个函数中的操作你可以使用 __ attribute __((no_sanitize(integer)))
这样( 查看活动
__attribute __((no_sanitize(integer)))
unsigned calc(unsigned a)
{
return a - 1;
}
我通过错误报告/功能请求找到了对UbSAN的抑制支持。
a href =http://clang.llvm.org/docs/AttributeReference.html =nofollow>关于属性的文档不表示任何方式应用此功能,除非功能:
在函数声明中使用no_sanitize属性来指定特定的检测或检测集合不应该应用于该函数。该属性采用字符串字面值列表,其与-fno-sanitize =标志接受的值具有相同的含义。例如, attribute ((no_sanitize(address,thread)))指定AddressSanitizer和ThreadSanitizer不应用于该函数。
Most of my -fsanitize=unsigned-integer-overflow
errors are bugs, but sometimes I explicitly use it as intended, which results in UBSan producing false positives.
Is there a way to turn UBSan unsigned-integer-overflow check off for a particular expression?
EDIT in response to Shafik comment, here is an example:
unsigned a = 0;
unsigned b = a - 1; // error: unsigned integer overflow
Most of the time that is a bug, sometimes it isn't. With UBSan one can find every time that happens, fix the bugs, but I haven't found a way to silence the false positives.
EDIT 2: to enable the check one needs to pass either -fsanitize=integer
(to enable all integer checks) or fsanitize=unsigned-integer-overflow
. From the comments below it seems that the check is only available in clang and not in GCC yet.
If you want to wrap the operation in a function you can use __attribute__((no_sanitize("integer")))
like so (see it live):
__attribute__((no_sanitize("integer")))
unsigned calc( unsigned a )
{
return a - 1 ;
}
I found this via a bug report/feature request Suppression support for UbSAN.
The clang documentation on attributes does not indicate any way to apply this except to a function:
Use the no_sanitize attribute on a function declaration to specify that a particular instrumentation or set of instrumentations should not be applied to that function. The attribute takes a list of string literals, which have the same meaning as values accepted by the -fno-sanitize= flag. For example, attribute((no_sanitize("address", "thread"))) specifies that AddressSanitizer and ThreadSanitizer should not be applied to the function.
这篇关于Undefined Behavior Sanitizer:如何抑制一些无符号整数溢出错误?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!