diff options
| -rw-r--r-- | build/plugins/suppressions.py | 9 | ||||
| -rw-r--r-- | contrib/libs/clang18-rt/lib/ubsan/ubsan_diag.cpp | 6 | ||||
| -rw-r--r-- | contrib/libs/openssl/.yandex_meta/__init__.py | 5 | ||||
| -rw-r--r-- | contrib/libs/openssl/crypto/ubsan.supp | 3 | ||||
| -rw-r--r-- | contrib/libs/openssl/crypto/ya.make | 2 |
5 files changed, 21 insertions, 4 deletions
diff --git a/build/plugins/suppressions.py b/build/plugins/suppressions.py index db5037646df..a661e8a621f 100644 --- a/build/plugins/suppressions.py +++ b/build/plugins/suppressions.py @@ -2,16 +2,17 @@ def onsuppressions(unit, *args): """ SUPPRESSIONS() - allows to specify files with suppression notation which will be used by address, leak or thread sanitizer runtime by default. - Use asan.supp filename for address sanitizer, lsan.supp for leak sanitizer - and tsan.supp for thread sanitizer suppressions respectively. + Use asan.supp filename for address sanitizer, lsan.supp for leak sanitizer, + ubsan.supp for undefined behavior sanitizer and tsan.supp for thread sanitizer + suppressions respectively. See https://clang.llvm.org/docs/AddressSanitizer.html#suppressing-memory-leaks for details. """ import os - valid = ("asan.supp", "tsan.supp", "lsan.supp") + valid = ("asan.supp", "tsan.supp", "lsan.supp", "ubsan.supp") - if unit.get("SANITIZER_TYPE") in ("leak", "address", "thread"): + if unit.get("SANITIZER_TYPE") in ("leak", "address", "thread", "undefined"): for x in args: if os.path.basename(x) not in valid: unit.message( diff --git a/contrib/libs/clang18-rt/lib/ubsan/ubsan_diag.cpp b/contrib/libs/clang18-rt/lib/ubsan/ubsan_diag.cpp index 67e884e4916..27661fa95ed 100644 --- a/contrib/libs/clang18-rt/lib/ubsan/ubsan_diag.cpp +++ b/contrib/libs/clang18-rt/lib/ubsan/ubsan_diag.cpp @@ -412,11 +412,17 @@ static const char *kSuppressionTypes[] = { kVptrCheck, }; +SANITIZER_INTERFACE_WEAK_DEF(const char *, __ubsan_default_suppressions, void) { + return ""; +} + void __ubsan::InitializeSuppressions() { CHECK_EQ(nullptr, suppression_ctx); suppression_ctx = new (suppression_placeholder) SuppressionContext(kSuppressionTypes, ARRAY_SIZE(kSuppressionTypes)); suppression_ctx->ParseFromFile(flags()->suppressions); + if (&__ubsan_default_suppressions) + suppression_ctx->Parse(__ubsan_default_suppressions()); } bool __ubsan::IsVptrCheckSuppressed(const char *TypeName) { diff --git a/contrib/libs/openssl/.yandex_meta/__init__.py b/contrib/libs/openssl/.yandex_meta/__init__.py index b1e69b9c4c0..08770e451dc 100644 --- a/contrib/libs/openssl/.yandex_meta/__init__.py +++ b/contrib/libs/openssl/.yandex_meta/__init__.py @@ -31,6 +31,10 @@ def post_install(self): m.SRCS = {P.relpath(s, "crypto") for s in m.SRCS} m.SRCS -= {"dso/dso_dlfcn.c", "rand/rand_vms.c"} + # Add suppression for ubsan, see also https://github.com/openssl/openssl/issues/22896 + with self.yamakes["crypto"] as m: + m.after("NO_RUNTIME", "SUPPRESSIONS(ubsan.supp)") + self.yamakes["crypto"].PEERDIR.add("library/cpp/sanitizer/include") self.yamakes["apps"].PEERDIR.add("library/cpp/sanitizer/include") @@ -142,6 +146,7 @@ openssl = NixProject( "asm/windows/", "openssl.package.json", "sanitizers.h", + "crypto/ubsan.supp", ], post_install=post_install, ) diff --git a/contrib/libs/openssl/crypto/ubsan.supp b/contrib/libs/openssl/crypto/ubsan.supp new file mode 100644 index 00000000000..bc657603199 --- /dev/null +++ b/contrib/libs/openssl/crypto/ubsan.supp @@ -0,0 +1,3 @@ +# clang17-rt and later emits diagnostig related to invalid function pointers +# See also https://github.com/openssl/openssl/issues/22896 +function:*contrib/libs/openssl/*.c diff --git a/contrib/libs/openssl/crypto/ya.make b/contrib/libs/openssl/crypto/ya.make index f588d9ff988..3bf6f03bdb2 100644 --- a/contrib/libs/openssl/crypto/ya.make +++ b/contrib/libs/openssl/crypto/ya.make @@ -92,6 +92,8 @@ NO_COMPILER_WARNINGS() NO_RUNTIME() +SUPPRESSIONS(ubsan.supp) + CFLAGS( -DOPENSSL_BN_ASM_MONT -DOPENSSL_CPUID_OBJ |