Commit Graph

2317 Commits

Author SHA1 Message Date
serge_sans_paille 4a1a0690ad Support -fstack-clash-protection for x86
Implement protection against the stack clash attack [0] through inline stack
probing.

Probe stack allocation every PAGE_SIZE during frame lowering or dynamic
allocation to make sure the page guard, if any, is touched when touching the
stack, in a similar manner to GCC[1].

This extends the existing `probe-stack' mechanism with a special value `inline-asm'.
Technically the former uses function call before stack allocation while this
patch provides inlined stack probes and chunk allocation.

Only implemented for x86.

[0] https://www.qualys.com/2017/06/19/stack-clash/stack-clash.txt
[1] https://gcc.gnu.org/ml/gcc-patches/2017-07/msg00556.html

This a recommit of 39f50da2a3 with correct option
flags set.

Differential Revision: https://reviews.llvm.org/D68720
2020-02-07 19:54:39 +01:00
serge-sans-paille f6d98429fc Revert "Support -fstack-clash-protection for x86"
This reverts commit 39f50da2a3.

The -fstack-clash-protection is being passed to the linker too, which
is not intended.

Reverting and fixing that in a later commit.
2020-02-07 11:36:53 +01:00
serge_sans_paille 39f50da2a3 Support -fstack-clash-protection for x86
Implement protection against the stack clash attack [0] through inline stack
probing.

Probe stack allocation every PAGE_SIZE during frame lowering or dynamic
allocation to make sure the page guard, if any, is touched when touching the
stack, in a similar manner to GCC[1].

This extends the existing `probe-stack' mechanism with a special value `inline-asm'.
Technically the former uses function call before stack allocation while this
patch provides inlined stack probes and chunk allocation.

Only implemented for x86.

[0] https://www.qualys.com/2017/06/19/stack-clash/stack-clash.txt
[1] https://gcc.gnu.org/ml/gcc-patches/2017-07/msg00556.html

Differential Revision: https://reviews.llvm.org/D68720
2020-02-07 10:56:15 +01:00
Peter Collingbourne 7931e8eee3 Update hwasan docs to cover outlined checks and globals.
Differential Revision: https://reviews.llvm.org/D74150
2020-02-06 17:44:43 -08:00
Alexey Bataev 569dc65c63 [OPNEMP50][DOCS]Mark array shaping expression as claimed, NFC. 2020-02-05 10:02:39 -05:00
Kelvin Li ac43033631 [OpenMP] [DOCS] Update OMP5.0 feature status table [NFC]
Differential Revision: https://reviews.llvm.org/D72901
2020-02-03 18:30:36 -05:00
Alexey Bataev 6c3252e521 [OPENMP][DOCS]Update status of conditional lastprivate, NFC. 2020-02-03 12:43:40 -05:00
Haojian Wu bdbdf74822 [clang][AST] Add an AST matcher for deducedTemplateSpeializationType.
Summary:
misc-unused-using clang-tidy check needs this matcher to fix a false
positive of C++17 deduced class template types.

Reviewers: gribozavr2

Reviewed By: gribozavr2

Subscribers: cfe-commits

Tags: #clang

Differential Revision: https://reviews.llvm.org/D73869
2020-02-03 12:11:44 +01:00
Martin Probst dc04c54fc1 clang-format: [JS] document InsertTrailingCommas.
Summary: In release notes and the regular docs.

Reviewers: MyDeveloperDay

Subscribers: cfe-commits

Tags: #clang

Differential Revision: https://reviews.llvm.org/D73768
2020-02-03 08:51:52 +01:00
mydeveloperday 70c98671fa [clang-format] Add option for not breaking line before ObjC params
Summary:
From `clang-format` version 3.7.0 and up, , there is no way to keep following format of ObjectiveC block:
```
- (void)_aMethod
{
    [self.test1 t:self w:self callback:^(typeof(self) self, NSNumber *u, NSNumber *v) {
        u = c;
    }]
}
```
Regardless of the change in `.clang-format` configuration file, all parameters will be lined up so that colons will be on the same column, like following:
```
- (void)_aMethod
{
    [self.test1 t:self
                w:self
         callback:^(typeof(self) self, NSNumber *u, NSNumber *v) {
             u = c;
         }]
}
```

Considering with ObjectiveC, the first code style is cleaner & more readable for some people, I've added a config option: `ObjCDontBreakBeforeNestedBlockParam` (boolean) so that if it is enable, the first code style will be favored.

Reviewed By: MyDeveloperDay

Patch By: ghvg1313

Tags: #clang, #clang-format

Differential Revision: https://reviews.llvm.org/D70926
2020-02-01 17:39:34 +00:00
serge-sans-paille fd09f12f32 Implement -fsemantic-interposition
First attempt at implementing -fsemantic-interposition.

Rely on GlobalValue::isInterposable that already captures most of the expected
behavior.

Rely on a ModuleFlag to state whether we should respect SemanticInterposition or
not. The default remains no.

So this should be a no-op if -fsemantic-interposition isn't used, and if it is,
isInterposable being already used in most optimisation, they should honor it
properly.

Note that it only impacts architecture compiled with -fPIC and no pie.

Differential Revision: https://reviews.llvm.org/D72829
2020-01-31 14:02:33 +01:00
Nathan James a156a0e28d [ASTMatchers] Add hasPlacementArg and hasAnyPlacementArg traversal matcher for CXXNewExpr
Summary: Adds new traversal matchers called `hasPlacementArg` and `hasAnyPlacementArg` that matches on arguments to `placement new` operators.

Reviewers: aaron.ballman

Reviewed By: aaron.ballman

Subscribers: merge_guards_bot, mehdi_amini, hiraditya, steven_wu, dexonsmith, cfe-commits

Tags: #clang

Differential Revision: https://reviews.llvm.org/D73562
2020-01-30 10:16:04 +00:00
Karasev Nikita d5dfd1350e Add TagDecl AST matcher 2020-01-29 07:58:31 -05:00
Momchil Velikov ac21535460 [ARM] Add documentation for -march= and -mfpu= command line options
Differential Revision: https://reviews.llvm.org/D73459
2020-01-29 10:39:01 +00:00
Nate Voorhies 84118fac3a [NFC] Removing experimental designation for ninja in docs.
Summary:
Ninja is no longer an experimental tool, documentation changed to
reflect this.

Reviewers: nikola

Reviewed By: nikola

Subscribers: cfe-commits

Tags: #clang

Differential Revision: https://reviews.llvm.org/D73567
2020-01-28 15:28:40 -08:00
Nathan aec6210367 [ASTMatchers] Add cxxNoexceptExpr AST matcher
Summary: Adds a cxxNoexceptExpr matcher that matches the [[ https://en.cppreference.com/w/cpp/language/noexcept |  noexcept operator ]].

Reviewers: aaron.ballman

Reviewed By: aaron.ballman

Subscribers: merge_guards_bot, cfe-commits

Tags: #clang

Differential Revision: https://reviews.llvm.org/D73439
2020-01-28 13:12:28 +00:00
Qiu Chaofan 59d690850e [NFC] Fix typo in Clang docs 2020-01-27 11:37:43 +08:00
Richard Smith fa2fc81d34 Re-add documentation for -flax-vector-conversions= removed in
edd4398f4c.

The documentation remains correct despite the revert of the patch.
2020-01-23 12:28:03 -08:00
Aaron Ballman 8edf037aeb Add a bit of documentation on attribute spellings that were missing. 2020-01-22 15:22:40 -05:00
Mitch Phillips edd4398f4c Revert "PR17164: Change clang's default behavior from -flax-vector-conversions=all to -flax-vector-conversions=integer."
This patch broke the Sanitizer buildbots. Please see the commit's
differential revision for more information
(https://reviews.llvm.org/D67678).

This reverts commit b72a8c65e4.
2020-01-20 16:34:09 -08:00
Richard Smith 7a9fa76be7 Undo changes to release notes intended for the Clang 10 branch, not master. 2020-01-19 18:33:42 -08:00
Nico Weber a7818e6f29 fix doc typos to cycle bots 2020-01-19 18:13:08 -05:00
mydeveloperday 14c044756e [clang-format] Add IndentCaseBlocks option
Summary:
The documentation for IndentCaseLabels claimed that the "Switch
statement body is always indented one level more than case labels". This
is technically false for the code block immediately following the label.
Its closing bracket aligns with the start of the label.

If the case label are not indented, it leads to a style where the
closing bracket of the block aligns with the closing bracket of the
switch statement, which can be hard to parse.

This change introduces a new option, IndentCaseBlocks, which when true
treats the block as a scope block (which it technically is).

(Note: regenerated ClangFormatStyleOptions.rst using tools/dump_style.py)

Reviewed By: MyDeveloperDay

Patch By: capn

Tags: #clang-format, #clang

Differential Revision: https://reviews.llvm.org/D72276
2020-01-19 15:52:26 +00:00
Nico Weber 46be168977 fix doc typos to cycle bots 2020-01-19 09:51:25 -05:00
Petr Hosek d3db13af7e [profile] Support counter relocation at runtime
This is an alternative to the continous mode that was implemented in
D68351. This mode relies on padding and the ability to mmap a file over
the existing mapping which is generally only available on POSIX systems
and isn't suitable for other platforms.

This change instead introduces the ability to relocate counters at
runtime using a level of indirection. On every counter access, we add a
bias to the counter address. This bias is stored in a symbol that's
provided by the profile runtime and is initially set to zero, meaning no
relocation. The runtime can mmap the profile into memory at abitrary
location, and set bias to the offset between the original and the new
counter location, at which point every subsequent counter access will be
to the new location, which allows updating profile directly akin to the
continous mode.

The advantage of this implementation is that doesn't require any special
OS support. The disadvantage is the extra overhead due to additional
instructions required for each counter access (overhead both in terms of
binary size and performance) plus duplication of counters (i.e. one copy
in the binary itself and another copy that's mmapped).

Differential Revision: https://reviews.llvm.org/D69740
2020-01-17 15:02:23 -08:00
Hans Wennborg 00c74d0b64 Remove release note about in-process-cc1
This feature landed before the 10.x branch, so it will be covered in the
clang 10 release notes instead.
2020-01-16 13:24:22 +01:00
Richard Smith b72a8c65e4 PR17164: Change clang's default behavior from -flax-vector-conversions=all to -flax-vector-conversions=integer.
Summary:
See proposal on cfe-dev:
http://lists.llvm.org/pipermail/cfe-dev/2019-April/062030.html

Reviewers: SjoerdMeijer, eli.friedman

Subscribers: kristof.beyls, cfe-commits

Tags: #clang

Differential Revision: https://reviews.llvm.org/D67678
2020-01-15 13:14:57 -08:00
Nico Weber 8e5018e990 Replace CLANG_SPAWN_CC1 env var with a driver mode flag
Flags are clang's default UI is flags.

We can have an env var in addition to that, but in D69825 nobody has yet
mentioned why this needs an env var, so omit it for now.  If someone
needs to set the flag via env var, the existing CCC_OVERRIDE_OPTIONS
mechanism works for it (set CCC_OVERRIDE_OPTIONS=+-fno-integrated-cc1
for example).

Also mention the cc1-in-process change in the release notes.

Also spruce up the test a bit so it actually tests something :)

Differential Revision: https://reviews.llvm.org/D72769
2020-01-15 12:22:40 -05:00
Hans Wennborg 5852475e2c Bump the trunk major version to 11
and clear the release notes.
2020-01-15 13:38:01 +01:00
Erich Keane 349636d2bf Implement VectorType conditional operator GNU extension.
GCC supports the conditional operator on VectorTypes that acts as a
'select' in C++ mode. This patch implements the support. Types are
converted as closely to GCC's behavior as possible, though in a few
places consistency with our existing vector type support was preferred.

Note that this implementation is different from the OpenCL version in a
number of ways, so it unfortunately required a different implementation.

First, the SEMA rules and promotion rules are significantly different.

Secondly, GCC implements COND[i] != 0 ? LHS[i] : RHS[i] (where i is in
the range 0- VectorSize, for each element).  In OpenCL, the condition is
COND[i] < 0 ? LHS[i]: RHS[i].

In the process of implementing this, it was also required to make the
expression COND ? LHS : RHS type dependent if COND is type dependent,
since the type is now dependent on the condition.  For example:

    T ? 1 : 2;

Is not typically type dependent, since the result can be deduced from
the operands.  HOWEVER, if T is a VectorType now, it could change this
to a 'select' (basically a swizzle with a non-constant mask) with the 1
and 2 being promoted to vectors themselves.

While this is a change, it is NOT a standards incompatible change. Based
on my (and D. Gregor's, at the time of writing the code) reading of the
standard, the expression is supposed to be type dependent if ANY
sub-expression is type dependent.

Differential Revision: https://reviews.llvm.org/D71463
2020-01-13 13:27:20 -08:00
Mark de Wever dc422e968e Add -Wrange-loop-analysis changes to ReleaseNotes
This reflects the recent changes done.
2020-01-11 19:56:34 +01:00
Jonas Toth 23a799adf0 Revert "[ASTMatchers] extract public matchers from const-analysis into own patch"
This reverts commit 4c48ea68e4.
The powerpc buildbots had an internal compiler error after this patch.
This requires some inspection.
2020-01-11 19:41:27 +01:00
Jonas Toth 4c48ea68e4 [ASTMatchers] extract public matchers from const-analysis into own patch
Summary:
The analysis for const-ness of local variables required a view generally useful
matchers that are extracted into its own patch.

They are `decompositionDecl` and `forEachArgumentWithParamType`, that works
for calls through function pointers as well.

Reviewers: aaron.ballman

Reviewed By: aaron.ballman

Subscribers: cfe-commits

Tags: #clang

Differential Revision: https://reviews.llvm.org/D72505
2020-01-11 19:21:03 +01:00
Reid 4ffcec40ac Implement new AST matcher hasAnyCapture to match on LambdaExpr captures.
Accepts child matchers cxxThisExpr to match on capture of this and also on varDecl.
2020-01-10 15:49:43 -05:00
Gabor Marton 5e7beb0a41 [analyzer] Add PlacementNewChecker
Summary:
This checker verifies if default placement new is provided with pointers
to sufficient storage capacity.

Noncompliant Code Example:
  #include <new>
  void f() {
    short s;
    long *lp = ::new (&s) long;
  }

Based on SEI CERT rule MEM54-CPP
https://wiki.sei.cmu.edu/confluence/display/cplusplus/MEM54-CPP.+Provide+placement+new+with+properly+aligned+pointe
This patch does not implement checking of the alignment.

Reviewers: NoQ, xazax.hun

Subscribers: mgorny, whisperity, xazax.hun, baloghadamsoftware, szepet,
rnkovacs, a.sidorin, mikhail.ramalho, donat

Tags: #clang

Differential Revision: https://reviews.llvm.org/D71612
2020-01-10 17:59:06 +01:00
Alex Richardson 8c387cbea7 Add builtins for aligning and checking alignment of pointers and integers
This change introduces three new builtins (which work on both pointers
and integers) that can be used instead of common bitwise arithmetic:
__builtin_align_up(x, alignment), __builtin_align_down(x, alignment) and
__builtin_is_aligned(x, alignment).

I originally added these builtins to the CHERI fork of LLVM a few years ago
to handle the slightly different C semantics that we use for CHERI [1].
Until recently these builtins (or sequences of other builtins) were
required to generate correct code. I have since made changes to the default
C semantics so that they are no longer strictly necessary (but using them
does generate slightly more efficient code). However, based on our experience
using them in various projects over the past few years, I believe that adding
these builtins to clang would be useful.

These builtins have the following benefit over bit-manipulation and casts
via uintptr_t:

- The named builtins clearly convey the semantics of the operation. While
  checking alignment using __builtin_is_aligned(x, 16) versus
  ((x & 15) == 0) is probably not a huge win in readably, I personally find
  __builtin_align_up(x, N) a lot easier to read than (x+(N-1))&~(N-1).
- They preserve the type of the argument (including const qualifiers). When
  using casts via uintptr_t, it is easy to cast to the wrong type or strip
  qualifiers such as const.
- If the alignment argument is a constant value, clang can check that it is
  a power-of-two and within the range of the type. Since the semantics of
  these builtins is well defined compared to arbitrary bit-manipulation,
  it is possible to add a UBSAN checker that the run-time value is a valid
  power-of-two. I intend to add this as a follow-up to this change.
- The builtins avoids int-to-pointer casts both in C and LLVM IR.
  In the future (i.e. once most optimizations handle it), we could use the new
  llvm.ptrmask intrinsic to avoid the ptrtoint instruction that would normally
  be generated.
- They can be used to round up/down to the next aligned value for both
  integers and pointers without requiring two separate macros.
- In many projects the alignment operations are already wrapped in macros (e.g.
  roundup2 and rounddown2 in FreeBSD), so by replacing the macro implementation
  with a builtin call, we get improved diagnostics for many call-sites while
  only having to change a few lines.
- Finally, the builtins also emit assume_aligned metadata when used on pointers.
  This can improve code generation compared to the uintptr_t casts.

[1] In our CHERI compiler we have compilation mode where all pointers are
implemented as capabilities (essentially unforgeable 128-bit fat pointers).
In our original model, casts from uintptr_t (which is a 128-bit capability)
to an integer value returned the "offset" of the capability (i.e. the
difference between the virtual address and the base of the allocation).
This causes problems for cases such as checking the alignment: for example, the
expression `if ((uintptr_t)ptr & 63) == 0` is generally used to check if the
pointer is aligned to a multiple of 64 bytes. The problem with offsets is that
any pointer to the beginning of an allocation will have an offset of zero, so
this check always succeeds in that case (even if the address is not correctly
aligned). The same issues also exist when aligning up or down. Using the
alignment builtins ensures that the address is used instead of the offset. While
I have since changed the default C semantics to return the address instead of
the offset when casting, this offset compilation mode can still be used by
passing a command-line flag.

Reviewers: rsmith, aaron.ballman, theraven, fhahn, lebedev.ri, nlopes, aqjune
Reviewed By: aaron.ballman, lebedev.ri
Differential Revision: https://reviews.llvm.org/D71499
2020-01-09 21:48:29 +00:00
Sven van Haastregt 241f335b26 [OpenCL][Docs] Rename C++ for OpenCL label
To avoid potential confusion with OpenCL C++.
2020-01-09 16:31:45 +00:00
Teresa Johnson 43f938eddc LTOVisibility.rst: fix up syntax in example
Summary: Pretty self-evident. This example was missing an lparen. Added it, and fixed up the ASCII art.

Patch by Nick Black <dankamongmen@gmail.com>

Reviewers: pcc

Reviewed By: pcc

Subscribers: tejohnson, mehdi_amini, inglorion, hiraditya, steven_wu, dexonsmith, cfe-commits

Tags: #llvm, #clang

Differential Revision: https://reviews.llvm.org/D70765
2020-01-08 11:43:11 -08:00
Rihan Yang 2823e91d55 Add a new AST matcher 'optionally'.
This matcher matches any node and at the same time executes all its
inner matchers to produce any possbile result bindings.

This is useful when a user wants certain supplementary information
that's not always present along with the main match result.
2020-01-08 14:10:11 -05:00
Anastasia Stulova e456165f9f [OpenCL] Add link to C++ for OpenCL documentation
Remove description of language mode from the language
extensions and add a link to pdf document.

Tags: #clang

Differential Revision: https://reviews.llvm.org/D72076
2020-01-03 12:01:03 +00:00
Nathan James ec3d8e61b5 Handle init statements in readability-else-after-return
Adds a new ASTMatcher condition called 'hasInitStatement()' that matches if,
switch and range-for statements with an initializer. Reworked clang-tidy
readability-else-after-return to handle variables in the if condition or init
statements in c++17 ifs. Also checks if removing the else would affect object
lifetimes in the else branch.

Fixes PR44364.
2020-01-02 13:39:27 -05:00
Alexey Bataev 3cb934c94e [OPENMP][DOCS]Update status of OpenMP 5.0 features, NFC. 2019-12-24 12:39:59 -05:00
Nico Weber bab67ba6a3 fix a doc typo to cycle bots 2019-12-20 21:39:01 -05:00
Gabor Horvath 82923c71ef [analyzer] Add Fuchsia Handle checker
The checker can diagnose handle use after releases, double releases, and
handle leaks.

Differential Revision: https://reviews.llvm.org/D70470
2019-12-20 12:33:16 -08:00
Francis Visoiu Mistrih 07b8f8e5f5 [Remarks][Driver] Place temporary remark files next to temporary object files
On Darwin, when used for generating a linked binary from a source file
(through an intermediate object file), the driver will invoke `cc1` to
generate a temporary object file. The temporary remark file will now be
emitted next to the object file, which will then be picked up by
`dsymutil` and emitted in the .dSYM bundle.

This is available for all formats except YAML since by default, YAML
doesn't need a section and the remark file will be lost.
2019-12-18 16:42:02 -08:00
Francis Visoiu Mistrih f550961c6e [Docs] Fix indentation in remarks section 2019-12-18 16:41:52 -08:00
Alexey Bataev 06a6b0ad65 [OPENMP][DOCS]Claim simd nontemporal clause, NFC. 2019-12-16 13:38:58 -05:00
Alexey Bataev ec3854e58a [OPENMP][DOCS]Mark if clause on simd done, NFC. 2019-12-16 13:25:58 -05:00
Michael Kruse 2a789dd0ad [OpenMP][Docs] Claim loop tiling. 2019-12-13 18:42:52 -06:00
Fangrui Song e4fce659a7 [Driver] Use .init_array for all gcc installations and simplify Generic_ELF -fno-use-init-array rules
D39317 made clang use .init_array when no gcc installations is found.
This change changes all gcc installations to use .init_array .

GCC 4.7 by default stopped providing .ctors/.dtors compatible crt files,
and stopped emitting .ctors for __attribute__((constructor)).
.init_array should always work.

FreeBSD rules are moved to FreeBSD.cpp to make Generic_ELF rules clean.

Reviewed By: rnk

Differential Revision: https://reviews.llvm.org/D71434
2019-12-13 14:06:51 -08:00