Commit Graph

105 Commits

Author SHA1 Message Date
David L Kreitzer d397ea4d6f Define Contiki OS toolchain
Patch by Michael LeMay

Differential revision: http://reviews.llvm.org/D19854

llvm-svn: 284278
2016-10-14 20:44:33 +00:00
Vitaly Buka a77ac1b214 Add -fno-sanitize-address-use-after-scope flag
Reviewers: eugenis

Differential Revision: https://reviews.llvm.org/D25453

llvm-svn: 283801
2016-10-10 21:31:50 +00:00
Rafael Espindola c9d336e549 Restructure the propagation of -fPIC/-fPIE.
The PIC and PIE levels are not independent. In fact, if PIE is defined
it is always the same as PIC.

This is clear in the driver where ParsePICArgs returns a PIC level and
a IsPIE boolean. Unfortunately that is currently lost and we pass two
redundant levels down the pipeline.

This patch keeps a bool and a PIC level all the way down to codegen.

llvm-svn: 273566
2016-06-23 15:07:32 +00:00
Evgeniy Stepanov 5c063c108a Fix sanitizer coverage support in the win32 driver.
--dependent-lib arguments for the sanitizer libraries must be emitted when
coverage is enabled w/o any sanitizers.

llvm-svn: 272735
2016-06-14 23:21:19 +00:00
Vitaly Buka 9d4eb6f389 [asan] Added -fsanitize-address-use-after-scope flag
Summary:
Also emit lifetime markers for -fsanitize-address-use-after-scope.
Asan uses life-time markers for use-after-scope check.

PR27453

Reviewers: kcc, eugenis, aizatsky

Subscribers: llvm-commits

Differential Revision: http://reviews.llvm.org/D20759

llvm-svn: 271451
2016-06-02 00:24:20 +00:00
Derek Bruening 293772e72e [esan|wset] Add working set tool driver flags
Summary:
Adds a new -fsanitize=efficiency-working-set flag to enable esan's working
set tool.  Adds appropriate tests for the new flag.

Reviewers: aizatsky

Subscribers: vitalybuka, zhaoqin, kcc, eugenis, llvm-commits

Differential Revision: http://reviews.llvm.org/D20484

llvm-svn: 270641
2016-05-25 00:41:24 +00:00
Kostya Serebryany ceb1add630 document -f[no-]sanitize-recover=all and mention it in warning messages
llvm-svn: 268540
2016-05-04 20:21:47 +00:00
Peter Collingbourne 3afb266886 Re-apply r267784, r267824 and r267830.
I have updated the compiler-rt tests.

llvm-svn: 267903
2016-04-28 17:09:37 +00:00
Benjamin Kramer 5556a5cf3b Revert r267784, r267824 and r267830.
It makes compiler-rt tests fail if the gold plugin is enabled.

Revert "Rework interface for bitset-using features to use a notion of LTO visibility."
Revert "Driver: only produce CFI -fvisibility= error when compiling."
Revert "clang/test/CodeGenCXX/cfi-blacklist.cpp: Exclude ms targets. They would be non-cfi."

llvm-svn: 267871
2016-04-28 12:14:47 +00:00
Peter Collingbourne f10237b689 Driver: only produce CFI -fvisibility= error when compiling.
The -fvisibility= flag only affects compile jobs, so there's no need to
error out because of it if we aren't compiling (e.g. if we are only linking).

llvm-svn: 267824
2016-04-28 00:18:30 +00:00
Peter Collingbourne a8b2f7c0d7 Rework interface for bitset-using features to use a notion of LTO visibility.
Bitsets, and the compiler features they rely on (vtable opt, CFI),
only have visibility within the LTO'd part of the linkage unit. Therefore,
only enable these features for classes with hidden LTO visibility. This
notion is based on object file visibility or (on Windows)
dllimport/dllexport attributes.

We provide the [[clang::lto_visibility_public]] attribute to override the
compiler's LTO visibility inference in cases where the class is defined
in the non-LTO'd part of the linkage unit, or where the ABI supports
calling classes derived from abstract base classes with hidden visibility
in other linkage units (e.g. COM on Windows).

If the cross-DSO CFI mode is enabled, bitset checks are emitted even for
classes with public LTO visibility, as that mode uses a separate mechanism
to cause bitsets to be exported.

This mechanism replaces the whole-program-vtables blacklist, so remove the
-fwhole-program-vtables-blacklist flag.

Because __declspec(uuid()) now implies [[clang::lto_visibility_public]], the
support for the special attr:uuid blacklist entry is removed.

Differential Revision: http://reviews.llvm.org/D18635

llvm-svn: 267784
2016-04-27 20:39:53 +00:00
Derek Bruening 256c2e14c7 [esan] EfficiencySanitizer driver flags
Summary:
Adds a framework to enable the instrumentation pass for the new
EfficiencySanitizer ("esan") family of tools.  Adds a flag for esan's
cache fragmentation tool via -fsanitize=efficiency-cache-frag.
Adds appropriate tests for the new flag.

Reviewers: eugenis, vitalybuka, aizatsky, filcab

Subscribers: filcab, kubabrecka, llvm-commits, zhaoqin, kcc

Differential Revision: http://reviews.llvm.org/D19169

llvm-svn: 267059
2016-04-21 21:32:04 +00:00
Evgeniy Stepanov 368d3074ba Allow simultaneous safestack and stackprotector attributes.
This is the clang part of http://reviews.llvm.org/D18846.
SafeStack instrumentation pass adds stack protector canaries if both
attributes are present on a function. StackProtector pass will step
back if the function has a safestack attribute.

llvm-svn: 266005
2016-04-11 22:27:55 +00:00
Devin Coughlin fcfa38cf76 [tsan] Allow -fsanitize=thread for iOS-style simulator targets
Update the clang driver to allow -fsanitize=thread when targeting x86_64 iOS and tvOS
simulators. Also restrict TSan targeting OS X to only be supported on x86_64 and not i386.

Differential Revision: http://reviews.llvm.org/D18280

llvm-svn: 263913
2016-03-20 18:24:33 +00:00
Ed Schouten 51bfbe7f2c Enable SafeStack for CloudABI.
Summary:
I've got a patchset in my home directory to integrate support for
SafeStack into CloudABI's C library. All of the CloudABI unit tests
still seem to pass. Pretty sweet!

This change adds the necessary changes to Clang to make
-fsanitize=safe-stack work on CloudABI. Without it, passing this command
line flag throws an error.

Reviewers: eugenis, samsonov

Differential Revision: http://reviews.llvm.org/D17243

llvm-svn: 261135
2016-02-17 18:56:20 +00:00
Anna Zaks e67b402e45 [asan] Add iOS support for Address Sanitizer
Differential Revision: http://reviews.llvm.org/D15624

llvm-svn: 259453
2016-02-02 02:04:48 +00:00
Peter Collingbourne dc13453128 Introduce -fsanitize-stats flag.
This is part of a new statistics gathering feature for the sanitizers.
See clang/docs/SanitizerStats.rst for further info and docs.

Differential Revision: http://reviews.llvm.org/D16175

llvm-svn: 257971
2016-01-16 00:31:22 +00:00
Evgeniy Stepanov fd6f92d5cb Cross-DSO control flow integrity (Clang part).
Clang-side cross-DSO CFI.

* Adds a command line flag -f[no-]sanitize-cfi-cross-dso.
* Links a runtime library when enabled.
* Emits __cfi_slowpath calls is bitset test fails.
* Emits extra hash-based bitsets for external CFI checks.
* Sets a module flag to enable __cfi_check generation during LTO.

This mode does not yet support diagnostics.

llvm-svn: 255694
2015-12-15 23:00:20 +00:00
Filipe Cabecinhas 3e127d984f [PS4] Add an additional test for ASan+UBSan
llvm-svn: 254723
2015-12-04 16:18:03 +00:00
Yury Gribov 5bfeca1201 [ASan] Allow -fsanitize-recover=address.
Differential Revision: http://reviews.llvm.org/D14243

llvm-svn: 252721
2015-11-11 10:45:48 +00:00
Kuba Brecka cc47f200ba Followup test failure fix for r252310 ("[tsan] Add Clang frontend support for TSan on OS X").
llvm-svn: 252311
2015-11-06 15:20:30 +00:00
Evgeniy Stepanov 71554fe21b MemorySanitizer does not require PIE.
Since r249754 MemorySanitizer should work equally well for PIE and
non-PIE executables on Linux/x86_64.

Beware, with this change -fsanitize=memory no longer adds implicit
-fPIE -pie compiler/linker flags on Linux/x86_64.

This is a re-land of r250941, limited to Linux/x86_64 + a very minor
refactoring in SanitizerArgs.

llvm-svn: 250949
2015-10-21 21:28:49 +00:00
Evgeniy Stepanov 76f853397a Revert "MemorySanitizer does not require PIE."
It actually does require PIE on some targets.

llvm-svn: 250944
2015-10-21 20:47:00 +00:00
Evgeniy Stepanov dccad5b9c3 MemorySanitizer does not require PIE.
Since r249754 MemorySanitizer should work equally well for PIE and
non-PIE executables.

Beware, with this change -fsanitize=memory no longer adds implicit
-fPIE -pie compiler/linker flags, unless the target defaults to PIE.

llvm-svn: 250941
2015-10-21 20:20:03 +00:00
Filipe Cabecinhas 4585ed006a [PS4] Add missing tests for -fsanitize=...
llvm-svn: 250516
2015-10-16 15:08:01 +00:00
Evgeniy Stepanov 299238a67b Enable SafeStack on all Linux platforms.
llvm-svn: 248518
2015-09-24 17:22:46 +00:00
Peter Collingbourne 24ec4924c0 Driver: Support cfi-icall on all OSs when targeting x86/x86_64.
llvm-svn: 247324
2015-09-10 19:18:05 +00:00
Peter Collingbourne 2c7f7e31c4 CFI: Introduce -fsanitize=cfi-icall flag.
This flag causes the compiler to emit bit set entries for functions as well
as runtime bitset checks at indirect call sites. Depends on the new function
bitset mechanism.

Differential Revision: http://reviews.llvm.org/D11857

llvm-svn: 247238
2015-09-10 02:17:40 +00:00
Evgeniy Stepanov 45be9e0d24 Add an experimental flag -fsanitize-memory-use-after-dtor.
This flag will enable detection of use-after-destructor (but before
memory deallocation) bugs. No actual functionality yet.

https://code.google.com/p/address-sanitizer/issues/detail?id=73

Patch by Naomi Musgrave.

llvm-svn: 241935
2015-07-10 20:07:16 +00:00
Peter Collingbourne 4bdceaa4de Driver: enable support for -fsanitize=cfi on Windows.
There are known issues, but the current implementation is good enough for
the check-cfi test suite.

Differential Revision: http://reviews.llvm.org/D11030

llvm-svn: 241728
2015-07-08 21:08:05 +00:00
Peter Collingbourne 581f438f4c Driver: add support for linking the UBSan runtime library on Windows.
On Windows the user may invoke the linker directly, so we might not have an
opportunity to add runtime library flags to the linker command line. Instead,
instruct the code generator to embed linker directive in the object file
that cause the required runtime libraries to be linked.

We might also want to do something similar for ASan, but it seems to have
its own special complexities which may make this infeasible.

Differential Revision: http://reviews.llvm.org/D10862

llvm-svn: 241225
2015-07-02 01:48:12 +00:00
Alexey Samsonov 9b87309a91 [CFI] Diagnose when we CFI in diagnostic mode is unavailable on a toolchain.
Summary:
Namely, we must have proper C++ABI support in UBSan runtime. We don't
have a good way to check for that, so just assume that C++ABI support is
there whenever -fsanitize=vptr is supported (i.e. only on handful of
platforms).

Exact diagnostic is also tricky. It's not "cfi" that is unsupported,
just the diagnostic mode. So, I suggest to report that
"-fno-sanitize-trap=cfi-foobar" is incompatible with a given target
toolchain.

Test Plan: regression test suite

Reviewers: pcc

Subscribers: cfe-commits

Differential Revision: http://reviews.llvm.org/D10751

llvm-svn: 240716
2015-06-25 23:14:32 +00:00
Jay Foad e967dd0420 Teach Clang about the PPC64 memory sanitizer implementation.
Summary:
This is the Clang part of the PPC64 memory sanitizer implementation in
D10648.

Reviewers: kcc, eugenis, willschm, wschmidt, samsonov

Reviewed By: samsonov

Subscribers: cfe-commits

Differential Revision: http://reviews.llvm.org/D10650

llvm-svn: 240628
2015-06-25 10:35:19 +00:00
Alexey Samsonov 1d4cff2cdc [UBSan] Allow to use -fsanitize=vptr only on Mac OS 10.9+
See https://llvm.org/bugs/show_bug.cgi?id=23539 for why this
is necessary.

llvm-svn: 240618
2015-06-25 00:58:02 +00:00
Alexey Samsonov 7f2a0d2c04 [Sanitizers] Provide better diagnostic for sanitizers unsupported for target triple.
Introduce ToolChain::getSupportedSanitizers() that would return the set
of sanitizers available on given toolchain. By default, these are
sanitizers which don't necessarily require runtime support and are
not toolchain- or architecture-dependent.

Sanitizers (ASan, DFSan, TSan, MSan etc.) which cannot function
without runtime library are marked as supported only on platforms
for which we actually build these runtimes.

This would allow more fine-grained checks in the future: for instance,
we have to restrict availability of -fsanitize=vptr to Mac OS 10.9+
(PR23539).

Update test cases accrodingly: add tests for certain unsupported
configurations, remove test cases for -fsanitize=vptr + PS4
integration, as we don't build the runtime for PS4 at the moment.

This change was first submitted as r239953 and reverted in r239958.
The problem was and still is in Darwin toolchains, which get the
knowledge about target platform too late after initializaition, while
now we require this information when ToolChain::getSanitizerArgs() is
called. r240170 works around this issue.

llvm-svn: 240179
2015-06-19 21:36:47 +00:00
Alexey Samsonov 907880edd9 [CFI] Require -flto instead of implying it.
Summary:
This is unfortunate, but would let us land http://reviews.llvm.org/D10467,
that makes ToolChains responsible for computing the set of sanitizers
they support.

Unfortunately, Darwin ToolChains doesn't know about actual OS they
target until ToolChain::TranslateArgs() is called. In particular, it
means we won't be able to construct SanitizerArgs for these ToolChains
before that.

This change removes SanitizerArgs::needsLTO() method, so that now
ToolChain::IsUsingLTO(), which is called very early, doesn't need
SanitizerArgs to implement this method.

Docs and test cases are updated accordingly. See
https://llvm.org/bugs/show_bug.cgi?id=23539, which describes why we
start all these.

Test Plan: regression test suite

Reviewers: pcc

Subscribers: cfe-commits

Differential Revision: http://reviews.llvm.org/D10560

llvm-svn: 240170
2015-06-19 19:57:46 +00:00
Alexander Potapenko b9b73ef906 [ASan] Initial support for Kernel AddressSanitizer
This patch adds initial support for the -fsanitize=kernel-address flag to Clang.
Right now it's quite restricted: only out-of-line instrumentation is supported, globals are not instrumented, some GCC kasan flags are not supported.
Using this patch I am able to build and boot the KASan tree with LLVMLinux patches from github.com/ramosian-glider/kasan/tree/kasan_llvmlinux.
To disable KASan instrumentation for a certain function attribute((no_sanitize("kernel-address"))) can be used.

llvm-svn: 240131
2015-06-19 12:19:07 +00:00
Peter Collingbourne 9881b78b53 Introduce -fsanitize-trap= flag.
This flag controls whether a given sanitizer traps upon detecting
an error. It currently only supports UBSan. The existing flag
-fsanitize-undefined-trap-on-error has been made an alias of
-fsanitize-trap=undefined.

This change also cleans up some awkward behavior around the combination
of -fsanitize-trap=undefined and -fsanitize=undefined. Previously we
would reject command lines containing the combination of these two flags,
as -fsanitize=vptr is not compatible with trapping. This required the
creation of -fsanitize=undefined-trap, which excluded -fsanitize=vptr
(and -fsanitize=function, but this seems like an oversight).

Now, -fsanitize=undefined is an alias for -fsanitize=undefined-trap,
and if -fsanitize-trap=undefined is specified, we treat -fsanitize=vptr
as an "unsupported" flag, which means that we error out if the flag is
specified explicitly, but implicitly disable it if the flag was implied
by -fsanitize=undefined.

Differential Revision: http://reviews.llvm.org/D10464

llvm-svn: 240105
2015-06-18 23:59:22 +00:00
Alexey Samsonov 9bc2ad5e6c Revert "[Sanitizers] Provide better diagnostic for sanitizers unsupported for target triple."
This reverts commit r239953, while I'm investigating assertion
failure from http://lab.llvm.org:8080/green/job/clang-stage1-cmake-RA-incremental_check/9994/

llvm-svn: 239958
2015-06-17 22:27:32 +00:00
Alexey Samsonov 9170efdc0d [Sanitizers] Provide better diagnostic for sanitizers unsupported for target triple.
Summary:
Introduce ToolChain::getSupportedSanitizers() that would return the set
of sanitizers available on given toolchain. By default, these are
sanitizers which don't necessarily require runtime support (i.e.
set from -fsanitize=undefined-trap).

Sanitizers (ASan, DFSan, TSan, MSan etc.) which cannot function
without runtime library are marked as supported only on platforms
for which we actually build these runtimes.

This would allow more fine-grained checks in the future: for instance,
we have to restrict availability of -fsanitize=vptr to Mac OS 10.9+
(PR23539)

Update test cases accrodingly: add tests for certain unsupported
configurations, remove test cases for -fsanitize=vptr + PS4
integration, as we don't build the runtime for PS4 at the moment.

Test Plan: regression test suite

Reviewers: pcc

Subscribers: cfe-commits, filcab, eugenis, thakis, kubabrecka, emaste, rsmith

Differential Revision: http://reviews.llvm.org/D10467

llvm-svn: 239953
2015-06-17 22:07:28 +00:00
Peter Collingbourne c4122c17b4 Protection against stack-based memory corruption errors using SafeStack: Clang command line option and function attribute
This patch adds the -fsanitize=safe-stack command line argument for clang,
which enables the Safe Stack protection (see http://reviews.llvm.org/D6094
for the detailed description of the Safe Stack).

This patch is our implementation of the safe stack on top of Clang. The
patches make the following changes:

- Add -fsanitize=safe-stack and -fno-sanitize=safe-stack options to clang
  to control safe stack usage (the safe stack is disabled by default).

- Add __attribute__((no_sanitize("safe-stack"))) attribute to clang that can be
  used to disable the safe stack for individual functions even when enabled
  globally.

Original patch by Volodymyr Kuznetsov and others at the Dependable Systems
Lab at EPFL; updates and upstreaming by myself.

Differential Revision: http://reviews.llvm.org/D6095

llvm-svn: 239762
2015-06-15 21:08:13 +00:00
Alexey Samsonov de0aff3e91 [Driver] Improve unused-argument diagnostic for extra sanitizer features.
Don't print unused-argument warning for sanitizer-specific feature flag
if this sanitizer was eanbled, and later disabled in the command line.
For example, now:
  clang -fsanitize=address -fsanitize-coverage=bb -fno-sanitize=address a.cc
doesn't print warning, but
  clang -fsanitize-coverage=bb
does. Same holds for -fsanitize-address-field-padding= and
-fsanitize-memory-track-origins= flags.

Fixes PR23604.

llvm-svn: 237870
2015-05-21 01:07:52 +00:00
Alexey Samsonov 3f3b3abe2b [SanitizerCoverage] Give clang-cc1 the power to precisly specify needed sanitizier coverage mode.
Summary:
The next step is to add user-friendly control over these options
to driver via -fsanitize-coverage= option.

Test Plan: regression test suite

Reviewers: kcc

Subscribers: cfe-commits

Differential Revision: http://reviews.llvm.org/D9545

llvm-svn: 236756
2015-05-07 18:31:29 +00:00
Alexey Samsonov d60832eade Allow UBSan+MSan and UBSan+TSan combinations (Clang part).
Embed UBSan runtime into TSan and MSan runtimes in the same as we do
in ASan. Extend UBSan test suite to also run tests for these
combinations.

llvm-svn: 235953
2015-04-28 00:56:36 +00:00
Peter Collingbourne 1a7488afaa Implement CFI type checks for non-virtual calls.
This uses the same class metadata currently used for virtual call and
cast checks.

The new flag is -fsanitize=cfi-nvcall. For consistency, the -fsanitize=cfi-vptr
flag has been renamed -fsanitize=cfi-vcall.

Differential Revision: http://reviews.llvm.org/D8756

llvm-svn: 233874
2015-04-02 00:23:30 +00:00
Timur Iskhodzhanov 3082d0e984 Make -fsanitize-coverage flag a core option so it's available via the clang-cl driver too
Reviewed at http://reviews.llvm.org/D8663

llvm-svn: 233384
2015-03-27 16:32:10 +00:00
Alexey Samsonov ecf380ef3b [UBSan] Don't allow to use UBSan with anything except for ASan.
We are not able to make a reliable solution for using UBSan together
with other sanitizers with runtime support (and sanitizer_common).
Instead, we want to follow the path used for LSan: have a "standalone"
UBSan tool, and plug-in UBSan that would be explicitly embedded into
specific sanitizers (in short term, it will be only ASan).

llvm-svn: 232829
2015-03-20 18:45:06 +00:00
Kostya Serebryany 6fe5fcbcbc Allow -fsanitize-coverage with -fsanitize=dataflow
Summary: Allow -fsanitize-coverage with -fsanitize=dataflow

Test Plan: check-clang

Reviewers: pcc

Reviewed By: pcc

Subscribers: cfe-commits

Differential Revision: http://reviews.llvm.org/D8476

llvm-svn: 232787
2015-03-20 00:06:52 +00:00
Peter Collingbourne d2926c91d5 Implement bad cast checks using control flow integrity information.
This scheme checks that pointer and lvalue casts are made to an object of
the correct dynamic type; that is, the dynamic type of the object must be
a derived class of the pointee type of the cast. The checks are currently
only introduced where the class being casted to is a polymorphic class.

Differential Revision: http://reviews.llvm.org/D8312

llvm-svn: 232241
2015-03-14 02:42:25 +00:00
Alexey Samsonov ce2e77c771 Add deprecation notice for -f(no-)sanitize-recover flags.
These flags should be replaced with corresponding
-f(no-)sanitize-recover=<list> flags.

llvm-svn: 231983
2015-03-11 23:34:25 +00:00