Commit Graph

156 Commits

Author SHA1 Message Date
Matt Morehouse 175625c8b8 [MSan] Specify use-after-dtor default value in header.
llvm-svn: 313319
2017-09-14 23:53:56 +00:00
Matt Morehouse bb26f86e6f [MSan] Add flag to disable use-after-dtor.
Summary: Flag is -fno-sanitize-use-after-dtor.

Reviewers: vitalybuka, eugenis, kcc

Reviewed By: vitalybuka, eugenis

Subscribers: cfe-commits

Differential Revision: https://reviews.llvm.org/D37867

llvm-svn: 313314
2017-09-14 23:14:37 +00:00
Vedant Kumar 44ee6e4179 [ubsan] Extend default blacklist support to integer/nullability groups
The default blacklist should also apply when the integer or nullability
checks are enabled.

llvm-svn: 313062
2017-09-12 18:58:00 +00:00
Kostya Serebryany a523135f97 [libFuzzer] switch -fsanitize=fuzzer from trace-pc-guard to inline-8bit-counters
llvm-svn: 312346
2017-09-01 18:34:36 +00:00
Matt Morehouse 034126e507 [SanitizeCoverage] Enable stack-depth coverage for -fsanitize=fuzzer
Summary:
- Don't sanitize __sancov_lowest_stack.
- Don't instrument leaf functions.
- Add CoverageStackDepth to Fuzzer and FuzzerNoLink.
- Only enable on Linux.

Reviewers: vitalybuka, kcc, george.karpenkov

Reviewed By: kcc

Subscribers: kubamracek, cfe-commits, llvm-commits, hiraditya

Differential Revision: https://reviews.llvm.org/D37156

llvm-svn: 312185
2017-08-30 22:49:31 +00:00
Matt Morehouse ba2e61b357 Revert "[SanitizeCoverage] Enable stack-depth coverage for -fsanitize=fuzzer"
This reverts r312026 due to bot breakage.

llvm-svn: 312047
2017-08-29 21:56:56 +00:00
Matt Morehouse 2edac86cdb Re-enable stack depth instrumentation on Windows.
Specified tls_model attribute properly. Should compile on Windows
now.

llvm-svn: 312037
2017-08-29 21:15:33 +00:00
Matt Morehouse c29c2c9b0c Disable stack depth tracking on Windows.
Windows doesn't support the tls_model attribute.

llvm-svn: 312032
2017-08-29 20:44:41 +00:00
Evgeniy Stepanov 6d2b6f0a5f Minimal runtime for UBSan.
Summary:
An implementation of ubsan runtime library suitable for use in production.

Minimal attack surface.
* No stack traces.
* Definitely no C++ demangling.
* No UBSAN_OPTIONS=log_file=/path (very suid-unfriendly). And no UBSAN_OPTIONS in general.
* as simple as possible

Minimal CPU and RAM overhead.
* Source locations unnecessary in the presence of (split) debug info.
* Values and types (as in A+B overflows T) can be reconstructed from register/stack dumps, once you know what type of error you are looking at.
* above two items save 3% binary size.

When UBSan is used with -ftrap-function=abort, sometimes it is hard to reason about failures. This library replaces abort with a slightly more informative message without much extra overhead. Since ubsan interface in not stable, this code must reside in compiler-rt.

Reviewers: pcc, kcc

Subscribers: srhines, mgorny, aprantl, krytarowski, llvm-commits

Differential Revision: https://reviews.llvm.org/D36810

llvm-svn: 312029
2017-08-29 20:03:51 +00:00
Matt Morehouse 2ad8d948b2 [SanitizeCoverage] Enable stack-depth coverage for -fsanitize=fuzzer
Summary:
- Don't sanitize __sancov_lowest_stack.
- Don't instrument leaf functions.
- Add CoverageStackDepth to Fuzzer and FuzzerNoLink.
- Disable stack depth tracking on Mac.

Reviewers: vitalybuka, kcc, george.karpenkov

Reviewed By: kcc

Subscribers: kubamracek, cfe-commits, llvm-commits, hiraditya

Differential Revision: https://reviews.llvm.org/D37156

llvm-svn: 312026
2017-08-29 19:48:12 +00:00
Matt Morehouse 6ec7595b1e Revert "[SanitizeCoverage] Enable stack-depth coverage for -fsanitize=fuzzer"
This reverts r311801 due to a bot failure.

llvm-svn: 311803
2017-08-25 22:01:21 +00:00
Matt Morehouse f42bd31323 [SanitizeCoverage] Enable stack-depth coverage for -fsanitize=fuzzer
Summary:
- Don't sanitize __sancov_lowest_stack.
- Don't instrument leaf functions.
- Add CoverageStackDepth to Fuzzer and FuzzerNoLink.

Reviewers: vitalybuka, kcc

Reviewed By: kcc

Subscribers: cfe-commits, llvm-commits, hiraditya

Differential Revision: https://reviews.llvm.org/D37156

llvm-svn: 311801
2017-08-25 21:18:29 +00:00
Matt Morehouse 5c7fc76983 [SanitizerCoverage] Add stack depth tracing instrumentation.
Summary:
Augment SanitizerCoverage to insert maximum stack depth tracing for
use by libFuzzer.  The new instrumentation is enabled by the flag
-fsanitize-coverage=stack-depth and is compatible with the existing
trace-pc-guard coverage.  The user must also declare the following
global variable in their code:
  thread_local uintptr_t __sancov_lowest_stack

https://bugs.llvm.org/show_bug.cgi?id=33857

Reviewers: vitalybuka, kcc

Reviewed By: vitalybuka

Subscribers: kubamracek, hiraditya, cfe-commits, llvm-commits

Differential Revision: https://reviews.llvm.org/D36839

llvm-svn: 311186
2017-08-18 18:43:30 +00:00
Petr Hosek 766288b191 [Driver] SafeStack does not need a runtime library on Fuchsia
Patch by Roland McGrath

Differential Revision: https://reviews.llvm.org/D36779

llvm-svn: 311034
2017-08-16 19:06:05 +00:00
George Karpenkov 33613f63f6 Add -fsanitize=fuzzer-no-link flag to the driver.
The flag will perform instrumentation necessary to the fuzzing,
but will NOT link libLLVMFuzzer.a library.
Necessary when modifying CFLAGS for projects which may produce
executables as well as a fuzzable target.

Differential Revision: https://reviews.llvm.org/D36600

llvm-svn: 310733
2017-08-11 17:22:58 +00:00
Kostya Serebryany 9f338dcd4f [sanitizer-coverage] -fsanitize-coverage=bb,inline-8bit-counters
llvm-svn: 310409
2017-08-08 20:20:40 +00:00
Kostya Serebryany 7dbb1e179e [libFuzzer] add -fsanitize-coverage-pc-table to -fsanitize=fuzzer
llvm-svn: 310136
2017-08-04 21:35:11 +00:00
Petr Hosek b31582b196 Enable AddressSanitizer for Fuchsia targets
Patch by Roland McGrath

Differential Revision: https://reviews.llvm.org/D35922

llvm-svn: 309999
2017-08-03 23:02:22 +00:00
Han Shen 0d7ac5f037 [UBSan] Provide default blacklist filename for UBSan
Summary:
This is to provide a default blacklist filename for UBSan.

While UBSan is turned on, it's better that clang pick up a blacklist file (when exists), just as what ASan / MSan does, so we do not end up adding the "-fsanitize-blacklist" option to every command line.

Reviewers: chandlerc, echristo, vsk, eugenis

Reviewed By: vsk, eugenis

Subscribers: vsk, eugenis, echristo, cfe-commits

Differential Revision: https://reviews.llvm.org/D35849

llvm-svn: 309873
2017-08-02 19:53:38 +00:00
Vedant Kumar a0c3671b20 [ubsan] Have -fsanitize=vptr emit a null check if -fsanitize=null isn't available
In r309007, I made -fsanitize=null a hard prerequisite for -fsanitize=vptr. I
did not see the need for the two checks to have separate null checking logic
for the same pointer. I expected the two checks to either always be enabled
together, or to be mutually compatible.

In the mailing list discussion re: r309007 it became clear that that isn't the
case. If a codebase is -fsanitize=vptr clean but not -fsanitize=null clean,
it's useful to have -fsanitize=vptr emit its own null check. That's what this
patch does: with it, -fsanitize=vptr can be used without -fsanitize=null.

Differential Revision: https://reviews.llvm.org/D36112

llvm-svn: 309846
2017-08-02 18:10:31 +00:00
Kostya Serebryany 6145776720 [sanitizer-coverage] clang flags pumbing for -fsanitize-coverage=pc-table
llvm-svn: 309338
2017-07-28 00:10:10 +00:00
Vedant Kumar bbc953fed4 [ubsan] Null-check pointers in -fsanitize=vptr (PR33881)
The instrumentation generated by -fsanitize=vptr does not null check a
user pointer before loading from it. This causes crashes in the face of
UB member calls (this=nullptr), i.e it's causing user programs to crash
only after UBSan is turned on.

The fix is to make run-time null checking a prerequisite for enabling
-fsanitize=vptr, and to then teach UBSan to reuse these run-time null
checks to make -fsanitize=vptr safe.

Testing: check-clang, check-ubsan, a stage2 ubsan-enabled build

Differential Revision: https://reviews.llvm.org/D35735

https://bugs.llvm.org/show_bug.cgi?id=33881

llvm-svn: 309007
2017-07-25 19:34:23 +00:00
Petr Hosek eb4127ffb5 [Driver] Consider -fno-sanitize=... state when filtering out -fsanitize-coverage=...
The driver ignores -fsanitize-coverage=... flags when also given
-fsanitize=... flags for sanitizer flavors that don't support the
coverage runtime. This logic failed to account for subsequent
-fno-sanitize=... flags that disable the sanitizer flavors that
conflict with -fsanitize-coverage=... flags.

Patch by Roland McGrath

Differential Revision: https://reviews.llvm.org/D35603

llvm-svn: 308707
2017-07-21 01:17:49 +00:00
George Karpenkov 3f984ecb45 [libFuzzer] Add Fuzzer to the list of sanitizers which support coverage.
Without this change, additional coverage flags specified after
-fsanitize=fuzzer would get discarded.

https://reviews.llvm.org/D34794

llvm-svn: 306734
2017-06-29 19:58:20 +00:00
Vedant Kumar 7aacb659da [ubsan] Disable the object size check at -O0
This check currently isn't able to diagnose any issues at -O0, not is it
likely to [1]. Disabling the check at -O0 leads to substantial compile
time and binary size savings.

[1] [cfe-dev] Disabling ubsan's object size check at -O0

Differential Revision: https://reviews.llvm.org/D34563

llvm-svn: 306181
2017-06-23 23:15:24 +00:00
Kostya Serebryany 2c2fb8896b [sanitizer-coverage] one more flavor of coverage: -fsanitize-coverage=inline-8bit-counters. Experimental so far, not documenting yet. Reapplying revisions 304630, 304631, 304632, 304673, see PR33308
llvm-svn: 305026
2017-06-08 22:58:19 +00:00
Alexander Potapenko dc5b95b553 [sanitizer-coverage] Allow using KASAN instrumentation with sancov
llvm-svn: 304984
2017-06-08 16:24:21 +00:00
Renato Golin de72b918f3 Revert "[sanitizer-coverage] one more flavor of coverage: -fsanitize-coverage=inline-8bit-counters. Experimental so far, not documenting yet. (clang part)"
This reverts commit r304631, as it broke ARM/AArch64 bots for 2 days.

llvm-svn: 304697
2017-06-05 07:35:45 +00:00
Kostya Serebryany e425aada63 [sanitizer-coverage] one more flavor of coverage: -fsanitize-coverage=inline-8bit-counters. Experimental so far, not documenting yet. (clang part)
llvm-svn: 304631
2017-06-03 01:36:23 +00:00
Evgeniy Stepanov d991cdd50b [asan] A clang flag to enable ELF globals-gc.
This feature is subtly broken when the linker is gold 2.26 or
earlier. See the following bug for details:
  https://sourceware.org/bugzilla/show_bug.cgi?id=19002

Since the decision needs to be made at compilation time, we can not
test the linker version. The flag is off by default on ELF targets,
and on otherwise.

llvm-svn: 302591
2017-05-09 21:57:43 +00:00
Evgeniy Stepanov b86ca11b57 Remove unnecessary calls to MakeArgString.
llvm-svn: 302590
2017-05-09 21:57:39 +00:00
Vedant Kumar a9d8be68c1 [Driver] Don't enable -fsanitize-use-after-scope when ASan is disabled
When enabling any sanitizer, -fsanitize-use-after-scope is enabled by
default. This doesn't actually turn ASan on, because we've been getting
lucky and there are extra checks in BackendUtil that stop this from
happening.

However, this has been causing a behavior change: extra lifetime markers
are emitted in some cases where they aren't needed or expected.

llvm-svn: 302468
2017-05-08 21:11:55 +00:00
Kostya Serebryany 50fb618b93 [sanitizer-coverage] implement -fsanitize-coverage=no-prune,... instead of a hidden -mllvm flag. clang part.
llvm-svn: 302320
2017-05-05 23:28:18 +00:00
Kostya Serebryany 8955efc36f [sanitizer-coverage] add a deprecation warning to the old sanitizer-coverage flag combinations
llvm-svn: 301994
2017-05-03 01:27:28 +00:00
George Karpenkov f2fc5b068e Flag -fsanitize=fuzzer to enable libfuzzer
Previously, adding libfuzzer to a project was a multi-step procedure,
involving libfuzzer compilation, linking the library, and specifying
coverage flags.
With this change,libfuzzer can be enabled by adding a single
-fsanitize=fuzzer flag instead.

llvm-svn: 301212
2017-04-24 18:23:24 +00:00
Kostya Serebryany 1c0e9e98c0 [sanitizer-coverage] deprecate -fsanitize-coverage=trace-bb
llvm-svn: 300767
2017-04-19 21:31:11 +00:00
Kostya Serebryany 1a02d8bc8d [sanitizer-coverage] deprecate -fsanitize-coverage=8bit-counters
llvm-svn: 300744
2017-04-19 20:15:58 +00:00
Kostya Serebryany 9d1ed13b53 [sanitizer-coverage] deprecate some of the stale coverage variants
llvm-svn: 300738
2017-04-19 19:57:16 +00:00
Vedant Kumar 42c17ec5ac [ubsan] Add a nullability sanitizer
Teach UBSan to detect when a value with the _Nonnull type annotation
assumes a null value. Call expressions, initializers, assignments, and
return statements are all checked.

Because _Nonnull does not affect IRGen, the new checks are disabled by
default. The new driver flags are:

  -fsanitize=nullability-arg      (_Nonnull violation in call)
  -fsanitize=nullability-assign   (_Nonnull violation in assignment)
  -fsanitize=nullability-return   (_Nonnull violation in return stmt)
  -fsanitize=nullability          (all of the above)

This patch builds on top of UBSan's existing support for detecting
violations of the nonnull attributes ('nonnull' and 'returns_nonnull'),
and relies on the compiler-rt support for those checks. Eventually we
will need to update the diagnostic messages in compiler-rt (there are
FIXME's for this, which will be addressed in a follow-up).

One point of note is that the nullability-return check is only allowed
to kick in if all arguments to the function satisfy their nullability
preconditions. This makes it necessary to emit some null checks in the
function body itself.

Testing: check-clang and check-ubsan. I also built some Apple ObjC
frameworks with an asserts-enabled compiler, and verified that we get
valid reports.

Differential Revision: https://reviews.llvm.org/D30762

llvm-svn: 297700
2017-03-14 01:56:34 +00:00
David L. Jones f561abab56 [Driver] Consolidate tools and toolchains by target platform. (NFC)
Summary:
(This is a move-only refactoring patch. There are no functionality changes.)

This patch splits apart the Clang driver's tool and toolchain implementation
files. Each target platform toolchain is moved to its own file, along with the
closest-related tools. Each target platform toolchain has separate headers and
implementation files, so the hierarchy of classes is unchanged.

There are some remaining shared free functions, mostly from Tools.cpp. Several
of these move to their own architecture-specific files, similar to r296056. Some
of them are only used by a single target platform; since the tools and
toolchains are now together, some helpers now live in a platform-specific file.
The balance are helpers related to manipulating argument lists, so they are now
in a new file pair, CommonArgs.h and .cpp.

I've tried to cluster the code logically, which is fairly straightforward for
most of the target platforms and shared architectures. I think I've made
reasonable choices for these, as well as the various shared helpers; but of
course, I'm happy to hear feedback in the review.

There are some particular things I don't like about this patch, but haven't been
able to find a better overall solution. The first is the proliferation of files:
there are several files that are tiny because the toolchain is not very
different from its base (usually the Gnu tools/toolchain). I think this is
mostly a reflection of the true complexity, though, so it may not be "fixable"
in any reasonable sense. The second thing I don't like are the includes like
"../Something.h". I've avoided this largely by clustering into the current file
structure. However, a few of these includes remain, and in those cases it
doesn't make sense to me to sink an existing file any deeper.

Reviewers: rsmith, mehdi_amini, compnerd, rnk, javed.absar

Subscribers: emaste, jfb, danalbert, srhines, dschuff, jyknight, nemanjai, nhaehnle, mgorny, cfe-commits

Differential Revision: https://reviews.llvm.org/D30372

llvm-svn: 297250
2017-03-08 01:02:16 +00:00
Mike Aizatsky d1033f5756 [sanitizers] lsan+sancov doesn't need ubsanrt (multi def error)
Reviewers: eugenis

Differential Revision: https://reviews.llvm.org/D27594

llvm-svn: 289144
2016-12-08 22:25:01 +00:00
Evgeniy Stepanov 8a2bedbf27 Tread TSan LLVM flags to driver: add TSan controlling flags to clang.
Summary:
New clang flags, all default to true:
-f[no-]sanitize-thread-data-races
-f[no-]sanitize-thread-stack-traces
-f[no-]sanitize-thread-atomics

Reviewers: dvyukov, pcc, eugenis

Subscribers: pcc, cfe-commits

Patch by Alex Shlyapnikov.

Differential Revision: https://reviews.llvm.org/D26461

llvm-svn: 286669
2016-11-11 23:17:36 +00:00
Vitaly Buka a77ac1b214 Add -fno-sanitize-address-use-after-scope flag
Reviewers: eugenis

Differential Revision: https://reviews.llvm.org/D25453

llvm-svn: 283801
2016-10-10 21:31:50 +00:00
Justin Lebar 6efbc73c25 [CUDA] Don't try to run sanitizers on NVPTX.
Summary:
Sanitizers aren't supported on NVPTX -- don't try to run them.

This lets you e.g. pass -fsanitize=address and get asan on your host
code.

Reviewers: kcc

Subscribers: cfe-commits, tra, jhen

Differential Revision: https://reviews.llvm.org/D24640

llvm-svn: 281680
2016-09-15 23:44:13 +00:00
Kostya Serebryany 60cdd6113f [sanitizer-coverage] add yet another flavour of coverage instrumentation: trace-pc-guard. The intent is to eventually replace all of {bool coverage, 8bit-counters, trace-pc} with just this one. Clang part
llvm-svn: 281432
2016-09-14 01:39:49 +00:00
Kostya Serebryany 3b41971763 [sanitizer-coverage] add two more modes of instrumentation: trace-div and trace-gep, mostly usaful for value-profile-based fuzzing; clang part
llvm-svn: 280044
2016-08-30 01:27:03 +00:00
Vedant Kumar 5fb00e4bd7 Revert "[Driver] Compute effective target triples once per job (NFCI)"
This reverts commit r275895 in order to address some post-commit review
feedback from Eric Christopher (see: the list thread for r275895).

llvm-svn: 276936
2016-07-27 23:01:55 +00:00
Vedant Kumar bf51e703cf [Driver] Compute effective target triples once per job (NFCI)
Compute an effective target triple exactly once in ConstructJob(), and
then simply pass around references to it. This eliminates wasteful
re-computation of effective triples (e.g in getARMFloatABI()).

Differential Revision: https://reviews.llvm.org/D22290

llvm-svn: 275895
2016-07-18 19:56:38 +00:00
Evgeniy Stepanov aac94b1e2e Fix linking of DFSan + coverage.
Broken in r272717 because of no test coverage.

llvm-svn: 272853
2016-06-15 23:05:21 +00:00
Evgeniy Stepanov 5c063c108a Fix sanitizer coverage support in the win32 driver.
--dependent-lib arguments for the sanitizer libraries must be emitted when
coverage is enabled w/o any sanitizers.

llvm-svn: 272735
2016-06-14 23:21:19 +00:00