summaryrefslogtreecommitdiffstats
path: root/clang/lib/Driver/SanitizerArgs.cpp
Commit message (Collapse)AuthorAgeFilesLines
...
* Enable -pie and --enable-new-dtags by default on Android.Evgeniy Stepanov2017-10-251-1/+1
| | | | | | | | | | | | | | | Summary: Also enable -no-pie on Gnu toolchain (previously available on Darwin only). Non-PIE executables won't even start on recent Android, and DT_RPATH is ignored by the loader. Reviewers: srhines, danalbert Subscribers: cfe-commits Differential Revision: https://reviews.llvm.org/D38430 llvm-svn: 316606
* Do not link clang_rt.cfi on Android.Evgeniy Stepanov2017-10-161-7/+13
| | | | | | | | | | | | | | | Summary: The OS provides cross-dso CFI support starting with Android O. Trapping mode does not require any runtime at all, and diagnostic mode requires just ubsan-standalone. Reviewers: pcc Subscribers: srhines, cfe-commits Differential Revision: https://reviews.llvm.org/D38908 llvm-svn: 315921
* [Driver] Fix -static-libsan / -shared-libsan on DarwinVedant Kumar2017-10-071-1/+2
| | | | | | | Don't ignore these flags on Darwin. The old behavior of using the dynamic runtime when neither flag is passed is preserved. llvm-svn: 315142
* Cleanup and generalize -shared-libasan.Evgeniy Stepanov2017-10-051-3/+4
| | | | | | | | | | | | | | | | | | | | Summary: * Rename -shared-libasan to -shared-libsan, keeping the old name as alias. * Add -static-libsan for targets that default to shared. * Remove an Android special case. It is now possible (but untested) to use static compiler-rt libraries there. * Support libclang_rt.ubsan_standalone as a shared library. Unlike GCC, this change applies -shared-libsan / -static-libsan to all sanitizers. I don't see a point in multiple flags like -shared-libubsan, considering that most sanitizers are not compatible with each other, and each link has basically a single shared/static choice. Reviewers: vitalybuka, kcc, rsmith Subscribers: srhines, cfe-commits Differential Revision: https://reviews.llvm.org/D38525 llvm-svn: 315015
* [MSan] Specify use-after-dtor default value in header.Matt Morehouse2017-09-141-1/+3
| | | | llvm-svn: 313319
* [MSan] Add flag to disable use-after-dtor.Matt Morehouse2017-09-141-1/+3
| | | | | | | | | | | | | | Summary: Flag is -fno-sanitize-use-after-dtor. Reviewers: vitalybuka, eugenis, kcc Reviewed By: vitalybuka, eugenis Subscribers: cfe-commits Differential Revision: https://reviews.llvm.org/D37867 llvm-svn: 313314
* [ubsan] Extend default blacklist support to integer/nullability groupsVedant Kumar2017-09-121-1/+1
| | | | | | | The default blacklist should also apply when the integer or nullability checks are enabled. llvm-svn: 313062
* [libFuzzer] switch -fsanitize=fuzzer from trace-pc-guard to inline-8bit-countersKostya Serebryany2017-09-011-1/+1
| | | | llvm-svn: 312346
* [SanitizeCoverage] Enable stack-depth coverage for -fsanitize=fuzzerMatt Morehouse2017-08-301-1/+5
| | | | | | | | | | | | | | | | | | Summary: - Don't sanitize __sancov_lowest_stack. - Don't instrument leaf functions. - Add CoverageStackDepth to Fuzzer and FuzzerNoLink. - Only enable on Linux. Reviewers: vitalybuka, kcc, george.karpenkov Reviewed By: kcc Subscribers: kubamracek, cfe-commits, llvm-commits, hiraditya Differential Revision: https://reviews.llvm.org/D37156 llvm-svn: 312185
* Revert "[SanitizeCoverage] Enable stack-depth coverage for -fsanitize=fuzzer"Matt Morehouse2017-08-291-5/+1
| | | | | | This reverts r312026 due to bot breakage. llvm-svn: 312047
* Re-enable stack depth instrumentation on Windows.Matt Morehouse2017-08-291-2/+2
| | | | | | | Specified tls_model attribute properly. Should compile on Windows now. llvm-svn: 312037
* Disable stack depth tracking on Windows.Matt Morehouse2017-08-291-2/+2
| | | | | | Windows doesn't support the tls_model attribute. llvm-svn: 312032
* Minimal runtime for UBSan.Evgeniy Stepanov2017-08-291-0/+39
| | | | | | | | | | | | | | | | | | | | | | | | | | Summary: An implementation of ubsan runtime library suitable for use in production. Minimal attack surface. * No stack traces. * Definitely no C++ demangling. * No UBSAN_OPTIONS=log_file=/path (very suid-unfriendly). And no UBSAN_OPTIONS in general. * as simple as possible Minimal CPU and RAM overhead. * Source locations unnecessary in the presence of (split) debug info. * Values and types (as in A+B overflows T) can be reconstructed from register/stack dumps, once you know what type of error you are looking at. * above two items save 3% binary size. When UBSan is used with -ftrap-function=abort, sometimes it is hard to reason about failures. This library replaces abort with a slightly more informative message without much extra overhead. Since ubsan interface in not stable, this code must reside in compiler-rt. Reviewers: pcc, kcc Subscribers: srhines, mgorny, aprantl, krytarowski, llvm-commits Differential Revision: https://reviews.llvm.org/D36810 llvm-svn: 312029
* [SanitizeCoverage] Enable stack-depth coverage for -fsanitize=fuzzerMatt Morehouse2017-08-291-1/+5
| | | | | | | | | | | | | | | | | | Summary: - Don't sanitize __sancov_lowest_stack. - Don't instrument leaf functions. - Add CoverageStackDepth to Fuzzer and FuzzerNoLink. - Disable stack depth tracking on Mac. Reviewers: vitalybuka, kcc, george.karpenkov Reviewed By: kcc Subscribers: kubamracek, cfe-commits, llvm-commits, hiraditya Differential Revision: https://reviews.llvm.org/D37156 llvm-svn: 312026
* Revert "[SanitizeCoverage] Enable stack-depth coverage for -fsanitize=fuzzer"Matt Morehouse2017-08-251-3/+2
| | | | | | This reverts r311801 due to a bot failure. llvm-svn: 311803
* [SanitizeCoverage] Enable stack-depth coverage for -fsanitize=fuzzerMatt Morehouse2017-08-251-2/+3
| | | | | | | | | | | | | | | | | Summary: - Don't sanitize __sancov_lowest_stack. - Don't instrument leaf functions. - Add CoverageStackDepth to Fuzzer and FuzzerNoLink. Reviewers: vitalybuka, kcc Reviewed By: kcc Subscribers: cfe-commits, llvm-commits, hiraditya Differential Revision: https://reviews.llvm.org/D37156 llvm-svn: 311801
* [SanitizerCoverage] Add stack depth tracing instrumentation.Matt Morehouse2017-08-181-5/+12
| | | | | | | | | | | | | | | | | | | | | | Summary: Augment SanitizerCoverage to insert maximum stack depth tracing for use by libFuzzer. The new instrumentation is enabled by the flag -fsanitize-coverage=stack-depth and is compatible with the existing trace-pc-guard coverage. The user must also declare the following global variable in their code: thread_local uintptr_t __sancov_lowest_stack https://bugs.llvm.org/show_bug.cgi?id=33857 Reviewers: vitalybuka, kcc Reviewed By: vitalybuka Subscribers: kubamracek, hiraditya, cfe-commits, llvm-commits Differential Revision: https://reviews.llvm.org/D36839 llvm-svn: 311186
* [Driver] SafeStack does not need a runtime library on FuchsiaPetr Hosek2017-08-161-0/+5
| | | | | | | | Patch by Roland McGrath Differential Revision: https://reviews.llvm.org/D36779 llvm-svn: 311034
* Add -fsanitize=fuzzer-no-link flag to the driver.George Karpenkov2017-08-111-2/+5
| | | | | | | | | | | The flag will perform instrumentation necessary to the fuzzing, but will NOT link libLLVMFuzzer.a library. Necessary when modifying CFLAGS for projects which may produce executables as well as a fuzzable target. Differential Revision: https://reviews.llvm.org/D36600 llvm-svn: 310733
* [sanitizer-coverage] -fsanitize-coverage=bb,inline-8bit-countersKostya Serebryany2017-08-081-1/+3
| | | | llvm-svn: 310409
* [libFuzzer] add -fsanitize-coverage-pc-table to -fsanitize=fuzzerKostya Serebryany2017-08-041-1/+2
| | | | llvm-svn: 310136
* Enable AddressSanitizer for Fuchsia targetsPetr Hosek2017-08-031-4/+5
| | | | | | | | Patch by Roland McGrath Differential Revision: https://reviews.llvm.org/D35922 llvm-svn: 309999
* [UBSan] Provide default blacklist filename for UBSanHan Shen2017-08-021-0/+2
| | | | | | | | | | | | | | | | | Summary: This is to provide a default blacklist filename for UBSan. While UBSan is turned on, it's better that clang pick up a blacklist file (when exists), just as what ASan / MSan does, so we do not end up adding the "-fsanitize-blacklist" option to every command line. Reviewers: chandlerc, echristo, vsk, eugenis Reviewed By: vsk, eugenis Subscribers: vsk, eugenis, echristo, cfe-commits Differential Revision: https://reviews.llvm.org/D35849 llvm-svn: 309873
* [ubsan] Have -fsanitize=vptr emit a null check if -fsanitize=null isn't ↵Vedant Kumar2017-08-021-7/+0
| | | | | | | | | | | | | | | | | | available In r309007, I made -fsanitize=null a hard prerequisite for -fsanitize=vptr. I did not see the need for the two checks to have separate null checking logic for the same pointer. I expected the two checks to either always be enabled together, or to be mutually compatible. In the mailing list discussion re: r309007 it became clear that that isn't the case. If a codebase is -fsanitize=vptr clean but not -fsanitize=null clean, it's useful to have -fsanitize=vptr emit its own null check. That's what this patch does: with it, -fsanitize=vptr can be used without -fsanitize=null. Differential Revision: https://reviews.llvm.org/D36112 llvm-svn: 309846
* [sanitizer-coverage] clang flags pumbing for -fsanitize-coverage=pc-tableKostya Serebryany2017-07-281-1/+4
| | | | llvm-svn: 309338
* [ubsan] Null-check pointers in -fsanitize=vptr (PR33881)Vedant Kumar2017-07-251-0/+7
| | | | | | | | | | | | | | | | | | | The instrumentation generated by -fsanitize=vptr does not null check a user pointer before loading from it. This causes crashes in the face of UB member calls (this=nullptr), i.e it's causing user programs to crash only after UBSan is turned on. The fix is to make run-time null checking a prerequisite for enabling -fsanitize=vptr, and to then teach UBSan to reuse these run-time null checks to make -fsanitize=vptr safe. Testing: check-clang, check-ubsan, a stage2 ubsan-enabled build Differential Revision: https://reviews.llvm.org/D35735 https://bugs.llvm.org/show_bug.cgi?id=33881 llvm-svn: 309007
* [Driver] Consider -fno-sanitize=... state when filtering out ↵Petr Hosek2017-07-211-1/+1
| | | | | | | | | | | | | | | | -fsanitize-coverage=... The driver ignores -fsanitize-coverage=... flags when also given -fsanitize=... flags for sanitizer flavors that don't support the coverage runtime. This logic failed to account for subsequent -fno-sanitize=... flags that disable the sanitizer flavors that conflict with -fsanitize-coverage=... flags. Patch by Roland McGrath Differential Revision: https://reviews.llvm.org/D35603 llvm-svn: 308707
* [libFuzzer] Add Fuzzer to the list of sanitizers which support coverage.George Karpenkov2017-06-291-1/+1
| | | | | | | | | Without this change, additional coverage flags specified after -fsanitize=fuzzer would get discarded. https://reviews.llvm.org/D34794 llvm-svn: 306734
* [ubsan] Disable the object size check at -O0Vedant Kumar2017-06-231-1/+17
| | | | | | | | | | | | This check currently isn't able to diagnose any issues at -O0, not is it likely to [1]. Disabling the check at -O0 leads to substantial compile time and binary size savings. [1] [cfe-dev] Disabling ubsan's object size check at -O0 Differential Revision: https://reviews.llvm.org/D34563 llvm-svn: 306181
* [sanitizer-coverage] one more flavor of coverage: ↵Kostya Serebryany2017-06-081-3/+7
| | | | | | -fsanitize-coverage=inline-8bit-counters. Experimental so far, not documenting yet. Reapplying revisions 304630, 304631, 304632, 304673, see PR33308 llvm-svn: 305026
* [sanitizer-coverage] Allow using KASAN instrumentation with sancovAlexander Potapenko2017-06-081-2/+2
| | | | llvm-svn: 304984
* Revert "[sanitizer-coverage] one more flavor of coverage: ↵Renato Golin2017-06-051-7/+3
| | | | | | | | -fsanitize-coverage=inline-8bit-counters. Experimental so far, not documenting yet. (clang part)" This reverts commit r304631, as it broke ARM/AArch64 bots for 2 days. llvm-svn: 304697
* [sanitizer-coverage] one more flavor of coverage: ↵Kostya Serebryany2017-06-031-3/+7
| | | | | | -fsanitize-coverage=inline-8bit-counters. Experimental so far, not documenting yet. (clang part) llvm-svn: 304631
* [asan] A clang flag to enable ELF globals-gc.Evgeniy Stepanov2017-05-091-0/+10
| | | | | | | | | | | | This feature is subtly broken when the linker is gold 2.26 or earlier. See the following bug for details: https://sourceware.org/bugzilla/show_bug.cgi?id=19002 Since the decision needs to be made at compilation time, we can not test the linker version. The flag is off by default on ELF targets, and on otherwise. llvm-svn: 302591
* Remove unnecessary calls to MakeArgString.Evgeniy Stepanov2017-05-091-6/+6
| | | | llvm-svn: 302590
* [Driver] Don't enable -fsanitize-use-after-scope when ASan is disabledVedant Kumar2017-05-081-6/+5
| | | | | | | | | | | | When enabling any sanitizer, -fsanitize-use-after-scope is enabled by default. This doesn't actually turn ASan on, because we've been getting lucky and there are extra checks in BackendUtil that stop this from happening. However, this has been causing a behavior change: extra lifetime markers are emitted in some cases where they aren't needed or expected. llvm-svn: 302468
* [sanitizer-coverage] implement -fsanitize-coverage=no-prune,... instead of a ↵Kostya Serebryany2017-05-051-1/+4
| | | | | | hidden -mllvm flag. clang part. llvm-svn: 302320
* [sanitizer-coverage] add a deprecation warning to the old sanitizer-coverage ↵Kostya Serebryany2017-05-031-2/+10
| | | | | | flag combinations llvm-svn: 301994
* Flag -fsanitize=fuzzer to enable libfuzzerGeorge Karpenkov2017-04-241-0/+4
| | | | | | | | | | Previously, adding libfuzzer to a project was a multi-step procedure, involving libfuzzer compilation, linking the library, and specifying coverage flags. With this change,libfuzzer can be enabled by adding a single -fsanitize=fuzzer flag instead. llvm-svn: 301212
* [sanitizer-coverage] deprecate -fsanitize-coverage=trace-bbKostya Serebryany2017-04-191-5/+4
| | | | llvm-svn: 300767
* [sanitizer-coverage] deprecate -fsanitize-coverage=8bit-countersKostya Serebryany2017-04-191-4/+3
| | | | llvm-svn: 300744
* [sanitizer-coverage] deprecate some of the stale coverage variantsKostya Serebryany2017-04-191-27/+5
| | | | llvm-svn: 300738
* [ubsan] Add a nullability sanitizerVedant Kumar2017-03-141-5/+6
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Teach UBSan to detect when a value with the _Nonnull type annotation assumes a null value. Call expressions, initializers, assignments, and return statements are all checked. Because _Nonnull does not affect IRGen, the new checks are disabled by default. The new driver flags are: -fsanitize=nullability-arg (_Nonnull violation in call) -fsanitize=nullability-assign (_Nonnull violation in assignment) -fsanitize=nullability-return (_Nonnull violation in return stmt) -fsanitize=nullability (all of the above) This patch builds on top of UBSan's existing support for detecting violations of the nonnull attributes ('nonnull' and 'returns_nonnull'), and relies on the compiler-rt support for those checks. Eventually we will need to update the diagnostic messages in compiler-rt (there are FIXME's for this, which will be addressed in a follow-up). One point of note is that the nullability-return check is only allowed to kick in if all arguments to the function satisfy their nullability preconditions. This makes it necessary to emit some null checks in the function body itself. Testing: check-clang and check-ubsan. I also built some Apple ObjC frameworks with an asserts-enabled compiler, and verified that we get valid reports. Differential Revision: https://reviews.llvm.org/D30762 llvm-svn: 297700
* [Driver] Consolidate tools and toolchains by target platform. (NFC)David L. Jones2017-03-081-1/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Summary: (This is a move-only refactoring patch. There are no functionality changes.) This patch splits apart the Clang driver's tool and toolchain implementation files. Each target platform toolchain is moved to its own file, along with the closest-related tools. Each target platform toolchain has separate headers and implementation files, so the hierarchy of classes is unchanged. There are some remaining shared free functions, mostly from Tools.cpp. Several of these move to their own architecture-specific files, similar to r296056. Some of them are only used by a single target platform; since the tools and toolchains are now together, some helpers now live in a platform-specific file. The balance are helpers related to manipulating argument lists, so they are now in a new file pair, CommonArgs.h and .cpp. I've tried to cluster the code logically, which is fairly straightforward for most of the target platforms and shared architectures. I think I've made reasonable choices for these, as well as the various shared helpers; but of course, I'm happy to hear feedback in the review. There are some particular things I don't like about this patch, but haven't been able to find a better overall solution. The first is the proliferation of files: there are several files that are tiny because the toolchain is not very different from its base (usually the Gnu tools/toolchain). I think this is mostly a reflection of the true complexity, though, so it may not be "fixable" in any reasonable sense. The second thing I don't like are the includes like "../Something.h". I've avoided this largely by clustering into the current file structure. However, a few of these includes remain, and in those cases it doesn't make sense to me to sink an existing file any deeper. Reviewers: rsmith, mehdi_amini, compnerd, rnk, javed.absar Subscribers: emaste, jfb, danalbert, srhines, dschuff, jyknight, nemanjai, nhaehnle, mgorny, cfe-commits Differential Revision: https://reviews.llvm.org/D30372 llvm-svn: 297250
* [sanitizers] lsan+sancov doesn't need ubsanrt (multi def error)Mike Aizatsky2016-12-081-1/+2
| | | | | | | | Reviewers: eugenis Differential Revision: https://reviews.llvm.org/D27594 llvm-svn: 289144
* Tread TSan LLVM flags to driver: add TSan controlling flags to clang.Evgeniy Stepanov2016-11-111-0/+28
| | | | | | | | | | | | | | | | | | Summary: New clang flags, all default to true: -f[no-]sanitize-thread-data-races -f[no-]sanitize-thread-stack-traces -f[no-]sanitize-thread-atomics Reviewers: dvyukov, pcc, eugenis Subscribers: pcc, cfe-commits Patch by Alex Shlyapnikov. Differential Revision: https://reviews.llvm.org/D26461 llvm-svn: 286669
* Add -fno-sanitize-address-use-after-scope flagVitaly Buka2016-10-101-7/+6
| | | | | | | | Reviewers: eugenis Differential Revision: https://reviews.llvm.org/D25453 llvm-svn: 283801
* [CUDA] Don't try to run sanitizers on NVPTX.Justin Lebar2016-09-151-0/+6
| | | | | | | | | | | | | | | | Summary: Sanitizers aren't supported on NVPTX -- don't try to run them. This lets you e.g. pass -fsanitize=address and get asan on your host code. Reviewers: kcc Subscribers: cfe-commits, tra, jhen Differential Revision: https://reviews.llvm.org/D24640 llvm-svn: 281680
* [sanitizer-coverage] add yet another flavour of coverage instrumentation: ↵Kostya Serebryany2016-09-141-2/+5
| | | | | | trace-pc-guard. The intent is to eventually replace all of {bool coverage, 8bit-counters, trace-pc} with just this one. Clang part llvm-svn: 281432
* [sanitizer-coverage] add two more modes of instrumentation: trace-div and ↵Kostya Serebryany2016-08-301-2/+8
| | | | | | trace-gep, mostly usaful for value-profile-based fuzzing; clang part llvm-svn: 280044
OpenPOWER on IntegriCloud