In gcc-4.9 changes it says:
在gcc-4.9的变化中,它说:
UndefinedBehaviorSanitizer (ubsan), a fast undefined behavior detector, has been added and can be enabled via -fsanitize=undefined. Various computations will be instrumented to detect undefined behavior at runtime. UndefinedBehaviorSanitizer is currently available for the C and C++ languages.
undefinedorsanitizer (ubsan)是一个快速的未定义的行为检测器,它已经被添加,并且可以通过-fsanitize=未定义的来启用。将检测各种计算,以在运行时检测未定义的行为。目前,C语言和c++语言都可以使用UndefinedBehaviorSanitizer。
I looked at this question (A C++ implementation that detects undefined behavior?) but it seems fairly outdated.
我研究了这个问题(c++实现检测未定义行为?),但它似乎相当过时。
This link (http://gcc.gnu.org/ml/gcc-patches/2013-06/msg00264.html) has some information on it, but it's several months old.
这个链接(http://gcc.gnu.org/ml/gcc-patches/2013-06/msg00264.html)有一些信息,但是已经有几个月了。
This is an attempt to add the Undefined Behavior Sanitizer to GCC. Note that it's very alpha version; so far it doesn't do that much, at the moment it should handle division by zero cases, INT_MIN / -1, and various shift cases (shifting by a negative value, shifting when second operand is >= than TYPE_PRECISION (first_operand) and suchlike. (On integer types, so far.)
这是向GCC添加未定义行为清理器的尝试。注意,这是非常阿尔法的版本;到目前为止,它并没有做太多的事情,目前它应该处理零情况下的除法,INT_MIN / -1,以及各种移位情况(以负值进行移位,当第二个操作数为>= TYPE_PRECISION (first_operand)时进行移位,等等。(到目前为止,是关于整数类型的。)
From what I've read it's being ported to gcc from LLVM.
据我所知,它正在从LLVM移植到gcc。
I've tried it with (5 / 0) and the only difference seems to be this output:
我试过(5 / 0),唯一的区别似乎是输出:
main.cpp:5:19: runtime error: division by zero
Does anyone have any more information on it or what features it has?
有没有人知道更多的信息或者它有什么特点?
2 个解决方案
#1
40
This is more a framework for adding such checks than an attempt to detect all forms of undefined behavior (which is almost certainly impossible in the "halting problem" sense).
这更像是一个添加此类检查的框架,而不是检测所有形式的未定义行为(在“停止问题”的意义上几乎肯定不可能)。
The GCC documentation lists these as the currently supported checks:
GCC文档列出了当前支持的检查:
-fsanitize=undefinedEnable UndefinedBehaviorSanitizer, a fast undefined behavior detector. Various computations will be instrumented to detect undefined behavior at runtime. Current suboptions are:-fsanitize=undefined启用UndefinedBehaviorSanitizer,是一种快速的、无法定义的行为检测器。将检测各种计算,以在运行时检测未定义的行为。电流,则有:
-fsanitize=shiftThis option enables checking that the result of a shift operation is not undefined. Note that what exactly is considered undefined differs slightly between C and C++, as well as between ISO C90 and C99, etc.-fsanitize=shift此选项可以检查shift操作的结果是否未定义。注意,在C和c++之间,以及ISO C90和C99之间,被认为是未定义的东西略有不同。
-fsanitize=integer-divide-by-zeroDetect integer division by zero as well as INT_MIN / -1 division.-fsanitize=整除-by- 0检测整数除法和INT_MIN / -1除法。
-fsanitize=unreachableWith this option, the compiler will turn the __builtin_unreachable call into a diagnostics message call instead. When reaching the __builtin_unreachable call, the behavior is undefined.使用此选项,编译器将把__builtin_unreavailable调用转换为诊断消息调用。当到达__builtin_unreunavailable调用时,该行为是未定义的。
-fsanitize=vla-boundThis option instructs the compiler to check that the size of a variable length array is positive. This option does not have any effect in -std=c++1y mode, as the standard requires the exception be thrown instead.这个选项指示编译器检查变量长度数组的大小是否为正值。这个选项在-std=c++1y模式中没有任何效果,因为标准要求抛出异常。
-fsanitize=nullThis option enables pointer checking. Particularly, the application built with this option turned on will issue an error message when it tries to dereference a NULL pointer, or if a reference (possibly an rvalue reference) is bound to a NULL pointer.这个选项允许指针检查。特别是,使用该选项构建的应用程序在尝试取消引用空指针时,或者如果引用(可能是rvalue引用)绑定到空指针时,将发出错误消息。
-fsanitize=returnThis option enables return statement checking. Programs built with this option turned on will issue an error message when the end of a non-void function is reached without actually returning a value. This option works in C++ only.-fsanitize=返回此选项,允许返回语句检查。打开这个选项所构建的程序将在到达非void函数的末尾时发出错误消息,但实际上没有返回值。此选项仅在c++中有效。
-fsanitize=signed-integer-overflowThis option enables signed integer overflow checking. We check that the result of +, *, and both unary and binary - does not overflow in the signed arithmetics. Note, integer promotion rules must be taken into account. That is, the following is not an overflow:-fsanitize=signe -integer-overflow选项允许进行签名整数溢出检查。我们检查+ *和一元和二元-的结果在有符号算术中没有溢出。注意,必须考虑整数推广规则。也就是说,以下不是溢流:
signed char a = SCHAR_MAX; a++;While
-ftrapvcauses traps for signed overflows to be emitted,-fsanitize=undefinedgives a diagnostic message. This currently works only for the C family of languages.当-ftrapv导致发出带符号溢出的陷阱时,-fsanitize=undefined则给出一条诊断消息。这目前只适用于C族语言。
#2
1
Complete list of options listed in UndefinedBehaviorSanitizer
未定义行为消毒剂中列出的选项的完整列表
Latest GCC 5.0 additions extracted from GCC 5 Release Series : Changes, New Features, and Fixes listed below;
从GCC 5发布系列中提取的最新GCC 5.0添加:更改、新特性和下面列出的修复;
UndefinedBehaviorSanitizer gained a few new sanitization options:
无定义行为消毒剂获得了一些新的消毒剂选择:
-fsanitize=float-divide-by-zero: detect floating-point division by zero; -fsanitize=float-cast-overflow: check that the result of floating-point type to integer conversions do not overflow; -fsanitize=bounds: enable instrumentation of array bounds and detect out-of-bounds accesses; -fsanitize=alignment: enable alignment checking, detect various misaligned objects; -fsanitize=object-size: enable object size checking, detect various out-of-bounds accesses. -fsanitize=vptr: enable checking of C++ member function calls, member accesses and some conversions between pointers to base and derived classes, detect if the referenced object does not have the correct dynamic type.
#1
40
This is more a framework for adding such checks than an attempt to detect all forms of undefined behavior (which is almost certainly impossible in the "halting problem" sense).
这更像是一个添加此类检查的框架,而不是检测所有形式的未定义行为(在“停止问题”的意义上几乎肯定不可能)。
The GCC documentation lists these as the currently supported checks:
GCC文档列出了当前支持的检查:
-fsanitize=undefinedEnable UndefinedBehaviorSanitizer, a fast undefined behavior detector. Various computations will be instrumented to detect undefined behavior at runtime. Current suboptions are:-fsanitize=undefined启用UndefinedBehaviorSanitizer,是一种快速的、无法定义的行为检测器。将检测各种计算,以在运行时检测未定义的行为。电流,则有:
-fsanitize=shiftThis option enables checking that the result of a shift operation is not undefined. Note that what exactly is considered undefined differs slightly between C and C++, as well as between ISO C90 and C99, etc.-fsanitize=shift此选项可以检查shift操作的结果是否未定义。注意,在C和c++之间,以及ISO C90和C99之间,被认为是未定义的东西略有不同。
-fsanitize=integer-divide-by-zeroDetect integer division by zero as well as INT_MIN / -1 division.-fsanitize=整除-by- 0检测整数除法和INT_MIN / -1除法。
-fsanitize=unreachableWith this option, the compiler will turn the __builtin_unreachable call into a diagnostics message call instead. When reaching the __builtin_unreachable call, the behavior is undefined.使用此选项,编译器将把__builtin_unreavailable调用转换为诊断消息调用。当到达__builtin_unreunavailable调用时,该行为是未定义的。
-fsanitize=vla-boundThis option instructs the compiler to check that the size of a variable length array is positive. This option does not have any effect in -std=c++1y mode, as the standard requires the exception be thrown instead.这个选项指示编译器检查变量长度数组的大小是否为正值。这个选项在-std=c++1y模式中没有任何效果,因为标准要求抛出异常。
-fsanitize=nullThis option enables pointer checking. Particularly, the application built with this option turned on will issue an error message when it tries to dereference a NULL pointer, or if a reference (possibly an rvalue reference) is bound to a NULL pointer.这个选项允许指针检查。特别是,使用该选项构建的应用程序在尝试取消引用空指针时,或者如果引用(可能是rvalue引用)绑定到空指针时,将发出错误消息。
-fsanitize=returnThis option enables return statement checking. Programs built with this option turned on will issue an error message when the end of a non-void function is reached without actually returning a value. This option works in C++ only.-fsanitize=返回此选项,允许返回语句检查。打开这个选项所构建的程序将在到达非void函数的末尾时发出错误消息,但实际上没有返回值。此选项仅在c++中有效。
-fsanitize=signed-integer-overflowThis option enables signed integer overflow checking. We check that the result of +, *, and both unary and binary - does not overflow in the signed arithmetics. Note, integer promotion rules must be taken into account. That is, the following is not an overflow:-fsanitize=signe -integer-overflow选项允许进行签名整数溢出检查。我们检查+ *和一元和二元-的结果在有符号算术中没有溢出。注意,必须考虑整数推广规则。也就是说,以下不是溢流:
signed char a = SCHAR_MAX; a++;While
-ftrapvcauses traps for signed overflows to be emitted,-fsanitize=undefinedgives a diagnostic message. This currently works only for the C family of languages.当-ftrapv导致发出带符号溢出的陷阱时,-fsanitize=undefined则给出一条诊断消息。这目前只适用于C族语言。
#2
1
Complete list of options listed in UndefinedBehaviorSanitizer
未定义行为消毒剂中列出的选项的完整列表
Latest GCC 5.0 additions extracted from GCC 5 Release Series : Changes, New Features, and Fixes listed below;
从GCC 5发布系列中提取的最新GCC 5.0添加:更改、新特性和下面列出的修复;
UndefinedBehaviorSanitizer gained a few new sanitization options:
无定义行为消毒剂获得了一些新的消毒剂选择:
-fsanitize=float-divide-by-zero: detect floating-point division by zero; -fsanitize=float-cast-overflow: check that the result of floating-point type to integer conversions do not overflow; -fsanitize=bounds: enable instrumentation of array bounds and detect out-of-bounds accesses; -fsanitize=alignment: enable alignment checking, detect various misaligned objects; -fsanitize=object-size: enable object size checking, detect various out-of-bounds accesses. -fsanitize=vptr: enable checking of C++ member function calls, member accesses and some conversions between pointers to base and derived classes, detect if the referenced object does not have the correct dynamic type.