clang  10.0.0svn
SanitizerArgs.cpp
Go to the documentation of this file.
1 //===--- SanitizerArgs.cpp - Arguments for sanitizer tools ---------------===//
2 //
3 // Part of the LLVM Project, under the Apache License v2.0 with LLVM Exceptions.
4 // See https://llvm.org/LICENSE.txt for license information.
5 // SPDX-License-Identifier: Apache-2.0 WITH LLVM-exception
6 //
7 //===----------------------------------------------------------------------===//
10 #include "clang/Basic/Sanitizers.h"
11 #include "clang/Driver/Driver.h"
13 #include "clang/Driver/Options.h"
14 #include "clang/Driver/ToolChain.h"
15 #include "llvm/ADT/StringExtras.h"
16 #include "llvm/ADT/StringSwitch.h"
17 #include "llvm/Support/FileSystem.h"
18 #include "llvm/Support/Path.h"
19 #include "llvm/Support/SpecialCaseList.h"
20 #include "llvm/Support/TargetParser.h"
21 #include <memory>
22 
23 using namespace clang;
24 using namespace clang::driver;
25 using namespace llvm::opt;
26 
28  SanitizerKind::Undefined | SanitizerKind::Integer |
29  SanitizerKind::ImplicitConversion | SanitizerKind::Nullability |
30  SanitizerKind::CFI | SanitizerKind::FloatDivideByZero;
32  SanitizerKind::Vptr | SanitizerKind::CFI;
33 static const SanitizerMask NotAllowedWithTrap = SanitizerKind::Vptr;
35  SanitizerKind::Function | SanitizerKind::Vptr;
36 static const SanitizerMask RequiresPIE =
37  SanitizerKind::DataFlow | SanitizerKind::HWAddress | SanitizerKind::Scudo;
39  SanitizerKind::Address | SanitizerKind::HWAddress | SanitizerKind::Thread |
40  SanitizerKind::Memory | SanitizerKind::DataFlow;
42  SanitizerKind::Address | SanitizerKind::HWAddress |
43  SanitizerKind::KernelAddress | SanitizerKind::KernelHWAddress |
44  SanitizerKind::MemTag | SanitizerKind::Memory |
45  SanitizerKind::KernelMemory | SanitizerKind::Leak |
46  SanitizerKind::Undefined | SanitizerKind::Integer |
47  SanitizerKind::ImplicitConversion | SanitizerKind::Nullability |
48  SanitizerKind::DataFlow | SanitizerKind::Fuzzer |
49  SanitizerKind::FuzzerNoLink | SanitizerKind::FloatDivideByZero |
50  SanitizerKind::SafeStack | SanitizerKind::ShadowCallStack;
52  SanitizerKind::Undefined | SanitizerKind::Integer |
53  SanitizerKind::ImplicitConversion | SanitizerKind::Nullability |
54  SanitizerKind::FloatDivideByZero;
56  SanitizerKind::Unreachable | SanitizerKind::Return;
58  SanitizerKind::KernelAddress | SanitizerKind::KernelHWAddress;
60  SanitizerKind::Undefined | SanitizerKind::Integer;
61 static const SanitizerMask NeedsLTO = SanitizerKind::CFI;
63  (SanitizerKind::Undefined & ~SanitizerKind::Vptr) |
64  SanitizerKind::UnsignedIntegerOverflow | SanitizerKind::ImplicitConversion |
65  SanitizerKind::Nullability | SanitizerKind::LocalBounds |
66  SanitizerKind::CFI | SanitizerKind::FloatDivideByZero;
67 static const SanitizerMask TrappingDefault = SanitizerKind::CFI;
68 static const SanitizerMask CFIClasses =
69  SanitizerKind::CFIVCall | SanitizerKind::CFINVCall |
70  SanitizerKind::CFIMFCall | SanitizerKind::CFIDerivedCast |
71  SanitizerKind::CFIUnrelatedCast;
73  TrappingSupported | SanitizerKind::Scudo | SanitizerKind::ShadowCallStack;
74 
76  CoverageFunc = 1 << 0,
77  CoverageBB = 1 << 1,
78  CoverageEdge = 1 << 2,
80  CoverageTraceBB = 1 << 4, // Deprecated.
81  CoverageTraceCmp = 1 << 5,
82  CoverageTraceDiv = 1 << 6,
83  CoverageTraceGep = 1 << 7,
84  Coverage8bitCounters = 1 << 8, // Deprecated.
85  CoverageTracePC = 1 << 9,
87  CoverageNoPrune = 1 << 11,
89  CoveragePCTable = 1 << 13,
90  CoverageStackDepth = 1 << 14,
91 };
92 
93 /// Parse a -fsanitize= or -fno-sanitize= argument's values, diagnosing any
94 /// invalid components. Returns a SanitizerMask.
95 static SanitizerMask parseArgValues(const Driver &D, const llvm::opt::Arg *A,
96  bool DiagnoseErrors);
97 
98 /// Parse -f(no-)?sanitize-coverage= flag values, diagnosing any invalid
99 /// components. Returns OR of members of \c CoverageFeature enumeration.
100 static int parseCoverageFeatures(const Driver &D, const llvm::opt::Arg *A);
101 
102 /// Produce an argument string from ArgList \p Args, which shows how it
103 /// provides some sanitizer kind from \p Mask. For example, the argument list
104 /// "-fsanitize=thread,vptr -fsanitize=address" with mask \c NeedsUbsanRt
105 /// would produce "-fsanitize=vptr".
106 static std::string lastArgumentForMask(const Driver &D,
107  const llvm::opt::ArgList &Args,
108  SanitizerMask Mask);
109 
110 /// Produce an argument string from argument \p A, which shows how it provides
111 /// a value in \p Mask. For instance, the argument
112 /// "-fsanitize=address,alignment" with mask \c NeedsUbsanRt would produce
113 /// "-fsanitize=alignment".
114 static std::string describeSanitizeArg(const llvm::opt::Arg *A,
115  SanitizerMask Mask);
116 
117 /// Produce a string containing comma-separated names of sanitizers in \p
118 /// Sanitizers set.
119 static std::string toString(const clang::SanitizerSet &Sanitizers);
120 
121 static void addDefaultBlacklists(const Driver &D, SanitizerMask Kinds,
122  std::vector<std::string> &BlacklistFiles) {
123  struct Blacklist {
124  const char *File;
125  SanitizerMask Mask;
126  } Blacklists[] = {{"asan_blacklist.txt", SanitizerKind::Address},
127  {"hwasan_blacklist.txt", SanitizerKind::HWAddress},
128  {"memtag_blacklist.txt", SanitizerKind::MemTag},
129  {"msan_blacklist.txt", SanitizerKind::Memory},
130  {"tsan_blacklist.txt", SanitizerKind::Thread},
131  {"dfsan_abilist.txt", SanitizerKind::DataFlow},
132  {"cfi_blacklist.txt", SanitizerKind::CFI},
133  {"ubsan_blacklist.txt",
134  SanitizerKind::Undefined | SanitizerKind::Integer |
136  SanitizerKind::FloatDivideByZero}};
137 
138  for (auto BL : Blacklists) {
139  if (!(Kinds & BL.Mask))
140  continue;
141 
143  llvm::sys::path::append(Path, "share", BL.File);
144  if (llvm::sys::fs::exists(Path))
145  BlacklistFiles.push_back(Path.str());
146  else if (BL.Mask == SanitizerKind::CFI)
147  // If cfi_blacklist.txt cannot be found in the resource dir, driver
148  // should fail.
149  D.Diag(clang::diag::err_drv_no_such_file) << Path;
150  }
151 }
152 
153 /// Sets group bits for every group that has at least one representative already
154 /// enabled in \p Kinds.
156 #define SANITIZER(NAME, ID)
157 #define SANITIZER_GROUP(NAME, ID, ALIAS) \
158  if (Kinds & SanitizerKind::ID) \
159  Kinds |= SanitizerKind::ID##Group;
160 #include "clang/Basic/Sanitizers.def"
161  return Kinds;
162 }
163 
165  const llvm::opt::ArgList &Args) {
166  SanitizerMask TrapRemove; // During the loop below, the accumulated set of
167  // sanitizers disabled by the current sanitizer
168  // argument or any argument after it.
169  SanitizerMask TrappingKinds;
170  SanitizerMask TrappingSupportedWithGroups = setGroupBits(TrappingSupported);
171 
172  for (ArgList::const_reverse_iterator I = Args.rbegin(), E = Args.rend();
173  I != E; ++I) {
174  const auto *Arg = *I;
175  if (Arg->getOption().matches(options::OPT_fsanitize_trap_EQ)) {
176  Arg->claim();
177  SanitizerMask Add = parseArgValues(D, Arg, true);
178  Add &= ~TrapRemove;
179  if (SanitizerMask InvalidValues = Add & ~TrappingSupportedWithGroups) {
180  SanitizerSet S;
181  S.Mask = InvalidValues;
182  D.Diag(diag::err_drv_unsupported_option_argument) << "-fsanitize-trap"
183  << toString(S);
184  }
185  TrappingKinds |= expandSanitizerGroups(Add) & ~TrapRemove;
186  } else if (Arg->getOption().matches(options::OPT_fno_sanitize_trap_EQ)) {
187  Arg->claim();
188  TrapRemove |= expandSanitizerGroups(parseArgValues(D, Arg, true));
189  } else if (Arg->getOption().matches(
190  options::OPT_fsanitize_undefined_trap_on_error)) {
191  Arg->claim();
192  TrappingKinds |=
193  expandSanitizerGroups(SanitizerKind::UndefinedGroup & ~TrapRemove) &
194  ~TrapRemove;
195  } else if (Arg->getOption().matches(
196  options::OPT_fno_sanitize_undefined_trap_on_error)) {
197  Arg->claim();
198  TrapRemove |= expandSanitizerGroups(SanitizerKind::UndefinedGroup);
199  }
200  }
201 
202  // Apply default trapping behavior.
203  TrappingKinds |= TrappingDefault & ~TrapRemove;
204 
205  return TrappingKinds;
206 }
207 
209  // All of these include ubsan.
210  if (needsAsanRt() || needsMsanRt() || needsHwasanRt() || needsTsanRt() ||
211  needsDfsanRt() || needsLsanRt() || needsCfiDiagRt() ||
212  (needsScudoRt() && !requiresMinimalRuntime()))
213  return false;
214 
215  return (Sanitizers.Mask & NeedsUbsanRt & ~TrapSanitizers.Mask) ||
216  CoverageFeatures;
217 }
218 
220  return !(Sanitizers.Mask & SanitizerKind::CFI & ~TrapSanitizers.Mask) &&
221  CfiCrossDso && !ImplicitCfiRuntime;
222 }
223 
225  return (Sanitizers.Mask & SanitizerKind::CFI & ~TrapSanitizers.Mask) &&
226  CfiCrossDso && !ImplicitCfiRuntime;
227 }
228 
230  return NeedPIE || (Sanitizers.Mask & RequiresPIE);
231 }
232 
234  return static_cast<bool>(Sanitizers.Mask & NeedsUnwindTables);
235 }
236 
238  return static_cast<bool>(Sanitizers.Mask & NeedsLTO);
239 }
240 
242  const llvm::opt::ArgList &Args) {
243  SanitizerMask AllRemove; // During the loop below, the accumulated set of
244  // sanitizers disabled by the current sanitizer
245  // argument or any argument after it.
246  SanitizerMask AllAddedKinds; // Mask of all sanitizers ever enabled by
247  // -fsanitize= flags (directly or via group
248  // expansion), some of which may be disabled
249  // later. Used to carefully prune
250  // unused-argument diagnostics.
251  SanitizerMask DiagnosedKinds; // All Kinds we have diagnosed up to now.
252  // Used to deduplicate diagnostics.
253  SanitizerMask Kinds;
254  const SanitizerMask Supported = setGroupBits(TC.getSupportedSanitizers());
255 
256  CfiCrossDso = Args.hasFlag(options::OPT_fsanitize_cfi_cross_dso,
257  options::OPT_fno_sanitize_cfi_cross_dso, false);
258 
259  ToolChain::RTTIMode RTTIMode = TC.getRTTIMode();
260 
261  const Driver &D = TC.getDriver();
262  SanitizerMask TrappingKinds = parseSanitizeTrapArgs(D, Args);
263  SanitizerMask InvalidTrappingKinds = TrappingKinds & NotAllowedWithTrap;
264 
265  MinimalRuntime =
266  Args.hasFlag(options::OPT_fsanitize_minimal_runtime,
267  options::OPT_fno_sanitize_minimal_runtime, MinimalRuntime);
268 
269  // The object size sanitizer should not be enabled at -O0.
270  Arg *OptLevel = Args.getLastArg(options::OPT_O_Group);
271  bool RemoveObjectSizeAtO0 =
272  !OptLevel || OptLevel->getOption().matches(options::OPT_O0);
273 
274  for (ArgList::const_reverse_iterator I = Args.rbegin(), E = Args.rend();
275  I != E; ++I) {
276  const auto *Arg = *I;
277  if (Arg->getOption().matches(options::OPT_fsanitize_EQ)) {
278  Arg->claim();
279  SanitizerMask Add = parseArgValues(D, Arg, /*AllowGroups=*/true);
280 
281  if (RemoveObjectSizeAtO0) {
282  AllRemove |= SanitizerKind::ObjectSize;
283 
284  // The user explicitly enabled the object size sanitizer. Warn
285  // that this does nothing at -O0.
286  if (Add & SanitizerKind::ObjectSize)
287  D.Diag(diag::warn_drv_object_size_disabled_O0)
288  << Arg->getAsString(Args);
289  }
290 
291  AllAddedKinds |= expandSanitizerGroups(Add);
292 
293  // Avoid diagnosing any sanitizer which is disabled later.
294  Add &= ~AllRemove;
295  // At this point we have not expanded groups, so any unsupported
296  // sanitizers in Add are those which have been explicitly enabled.
297  // Diagnose them.
298  if (SanitizerMask KindsToDiagnose =
299  Add & InvalidTrappingKinds & ~DiagnosedKinds) {
300  std::string Desc = describeSanitizeArg(*I, KindsToDiagnose);
301  D.Diag(diag::err_drv_argument_not_allowed_with)
302  << Desc << "-fsanitize-trap=undefined";
303  DiagnosedKinds |= KindsToDiagnose;
304  }
305  Add &= ~InvalidTrappingKinds;
306 
307  if (MinimalRuntime) {
308  if (SanitizerMask KindsToDiagnose =
309  Add & NotAllowedWithMinimalRuntime & ~DiagnosedKinds) {
310  std::string Desc = describeSanitizeArg(*I, KindsToDiagnose);
311  D.Diag(diag::err_drv_argument_not_allowed_with)
312  << Desc << "-fsanitize-minimal-runtime";
313  DiagnosedKinds |= KindsToDiagnose;
314  }
315  Add &= ~NotAllowedWithMinimalRuntime;
316  }
317 
318  // FIXME: Make CFI on member function calls compatible with cross-DSO CFI.
319  // There are currently two problems:
320  // - Virtual function call checks need to pass a pointer to the function
321  // address to llvm.type.test and a pointer to the address point to the
322  // diagnostic function. Currently we pass the same pointer to both
323  // places.
324  // - Non-virtual function call checks may need to check multiple type
325  // identifiers.
326  // Fixing both of those may require changes to the cross-DSO CFI
327  // interface.
328  if (CfiCrossDso && (Add & SanitizerKind::CFIMFCall & ~DiagnosedKinds)) {
329  D.Diag(diag::err_drv_argument_not_allowed_with)
330  << "-fsanitize=cfi-mfcall"
331  << "-fsanitize-cfi-cross-dso";
332  Add &= ~SanitizerKind::CFIMFCall;
333  DiagnosedKinds |= SanitizerKind::CFIMFCall;
334  }
335 
336  if (SanitizerMask KindsToDiagnose = Add & ~Supported & ~DiagnosedKinds) {
337  std::string Desc = describeSanitizeArg(*I, KindsToDiagnose);
338  D.Diag(diag::err_drv_unsupported_opt_for_target)
339  << Desc << TC.getTriple().str();
340  DiagnosedKinds |= KindsToDiagnose;
341  }
342  Add &= Supported;
343 
344  // Test for -fno-rtti + explicit -fsanitizer=vptr before expanding groups
345  // so we don't error out if -fno-rtti and -fsanitize=undefined were
346  // passed.
347  if ((Add & SanitizerKind::Vptr) && (RTTIMode == ToolChain::RM_Disabled)) {
348  if (const llvm::opt::Arg *NoRTTIArg = TC.getRTTIArg()) {
349  assert(NoRTTIArg->getOption().matches(options::OPT_fno_rtti) &&
350  "RTTI disabled without -fno-rtti option?");
351  // The user explicitly passed -fno-rtti with -fsanitize=vptr, but
352  // the vptr sanitizer requires RTTI, so this is a user error.
353  D.Diag(diag::err_drv_argument_not_allowed_with)
354  << "-fsanitize=vptr" << NoRTTIArg->getAsString(Args);
355  } else {
356  // The vptr sanitizer requires RTTI, but RTTI is disabled (by
357  // default). Warn that the vptr sanitizer is being disabled.
358  D.Diag(diag::warn_drv_disabling_vptr_no_rtti_default);
359  }
360 
361  // Take out the Vptr sanitizer from the enabled sanitizers
362  AllRemove |= SanitizerKind::Vptr;
363  }
364 
365  Add = expandSanitizerGroups(Add);
366  // Group expansion may have enabled a sanitizer which is disabled later.
367  Add &= ~AllRemove;
368  // Silently discard any unsupported sanitizers implicitly enabled through
369  // group expansion.
370  Add &= ~InvalidTrappingKinds;
371  if (MinimalRuntime) {
372  Add &= ~NotAllowedWithMinimalRuntime;
373  }
374  if (CfiCrossDso)
375  Add &= ~SanitizerKind::CFIMFCall;
376  Add &= Supported;
377 
378  if (Add & SanitizerKind::Fuzzer)
379  Add |= SanitizerKind::FuzzerNoLink;
380 
381  // Enable coverage if the fuzzing flag is set.
382  if (Add & SanitizerKind::FuzzerNoLink) {
383  CoverageFeatures |= CoverageInline8bitCounters | CoverageIndirCall |
385  // Due to TLS differences, stack depth tracking is only enabled on Linux
386  if (TC.getTriple().isOSLinux())
387  CoverageFeatures |= CoverageStackDepth;
388  }
389 
390  Kinds |= Add;
391  } else if (Arg->getOption().matches(options::OPT_fno_sanitize_EQ)) {
392  Arg->claim();
393  SanitizerMask Remove = parseArgValues(D, Arg, true);
394  AllRemove |= expandSanitizerGroups(Remove);
395  }
396  }
397 
398  std::pair<SanitizerMask, SanitizerMask> IncompatibleGroups[] = {
399  std::make_pair(SanitizerKind::Address,
400  SanitizerKind::Thread | SanitizerKind::Memory),
401  std::make_pair(SanitizerKind::Thread, SanitizerKind::Memory),
402  std::make_pair(SanitizerKind::Leak,
403  SanitizerKind::Thread | SanitizerKind::Memory),
404  std::make_pair(SanitizerKind::KernelAddress,
405  SanitizerKind::Address | SanitizerKind::Leak |
406  SanitizerKind::Thread | SanitizerKind::Memory),
407  std::make_pair(SanitizerKind::HWAddress,
408  SanitizerKind::Address | SanitizerKind::Thread |
409  SanitizerKind::Memory | SanitizerKind::KernelAddress),
410  std::make_pair(SanitizerKind::Scudo,
411  SanitizerKind::Address | SanitizerKind::HWAddress |
412  SanitizerKind::Leak | SanitizerKind::Thread |
413  SanitizerKind::Memory | SanitizerKind::KernelAddress),
414  std::make_pair(SanitizerKind::SafeStack,
415  SanitizerKind::Address | SanitizerKind::HWAddress |
416  SanitizerKind::Leak | SanitizerKind::Thread |
417  SanitizerKind::Memory | SanitizerKind::KernelAddress),
418  std::make_pair(SanitizerKind::KernelHWAddress,
419  SanitizerKind::Address | SanitizerKind::HWAddress |
420  SanitizerKind::Leak | SanitizerKind::Thread |
421  SanitizerKind::Memory | SanitizerKind::KernelAddress |
422  SanitizerKind::SafeStack),
423  std::make_pair(SanitizerKind::KernelMemory,
424  SanitizerKind::Address | SanitizerKind::HWAddress |
425  SanitizerKind::Leak | SanitizerKind::Thread |
426  SanitizerKind::Memory | SanitizerKind::KernelAddress |
427  SanitizerKind::Scudo | SanitizerKind::SafeStack),
428  std::make_pair(SanitizerKind::MemTag,
429  SanitizerKind::Address | SanitizerKind::KernelAddress |
430  SanitizerKind::HWAddress |
431  SanitizerKind::KernelHWAddress)};
432  // Enable toolchain specific default sanitizers if not explicitly disabled.
433  SanitizerMask Default = TC.getDefaultSanitizers() & ~AllRemove;
434 
435  // Disable default sanitizers that are incompatible with explicitly requested
436  // ones.
437  for (auto G : IncompatibleGroups) {
438  SanitizerMask Group = G.first;
439  if ((Default & Group) && (Kinds & G.second))
440  Default &= ~Group;
441  }
442 
443  Kinds |= Default;
444 
445  // We disable the vptr sanitizer if it was enabled by group expansion but RTTI
446  // is disabled.
447  if ((Kinds & SanitizerKind::Vptr) && (RTTIMode == ToolChain::RM_Disabled)) {
448  Kinds &= ~SanitizerKind::Vptr;
449  }
450 
451  // Check that LTO is enabled if we need it.
452  if ((Kinds & NeedsLTO) && !D.isUsingLTO()) {
453  D.Diag(diag::err_drv_argument_only_allowed_with)
454  << lastArgumentForMask(D, Args, Kinds & NeedsLTO) << "-flto";
455  }
456 
457  if ((Kinds & SanitizerKind::ShadowCallStack) &&
458  TC.getTriple().getArch() == llvm::Triple::aarch64 &&
459  !llvm::AArch64::isX18ReservedByDefault(TC.getTriple()) &&
460  !Args.hasArg(options::OPT_ffixed_x18)) {
461  D.Diag(diag::err_drv_argument_only_allowed_with)
462  << lastArgumentForMask(D, Args, Kinds & SanitizerKind::ShadowCallStack)
463  << "-ffixed-x18";
464  }
465 
466  // Report error if there are non-trapping sanitizers that require
467  // c++abi-specific parts of UBSan runtime, and they are not provided by the
468  // toolchain. We don't have a good way to check the latter, so we just
469  // check if the toolchan supports vptr.
470  if (~Supported & SanitizerKind::Vptr) {
471  SanitizerMask KindsToDiagnose = Kinds & ~TrappingKinds & NeedsUbsanCxxRt;
472  // The runtime library supports the Microsoft C++ ABI, but only well enough
473  // for CFI. FIXME: Remove this once we support vptr on Windows.
474  if (TC.getTriple().isOSWindows())
475  KindsToDiagnose &= ~SanitizerKind::CFI;
476  if (KindsToDiagnose) {
477  SanitizerSet S;
478  S.Mask = KindsToDiagnose;
479  D.Diag(diag::err_drv_unsupported_opt_for_target)
480  << ("-fno-sanitize-trap=" + toString(S)) << TC.getTriple().str();
481  Kinds &= ~KindsToDiagnose;
482  }
483  }
484 
485  // Warn about incompatible groups of sanitizers.
486  for (auto G : IncompatibleGroups) {
487  SanitizerMask Group = G.first;
488  if (Kinds & Group) {
489  if (SanitizerMask Incompatible = Kinds & G.second) {
490  D.Diag(clang::diag::err_drv_argument_not_allowed_with)
491  << lastArgumentForMask(D, Args, Group)
492  << lastArgumentForMask(D, Args, Incompatible);
493  Kinds &= ~Incompatible;
494  }
495  }
496  }
497  // FIXME: Currently -fsanitize=leak is silently ignored in the presence of
498  // -fsanitize=address. Perhaps it should print an error, or perhaps
499  // -f(-no)sanitize=leak should change whether leak detection is enabled by
500  // default in ASan?
501 
502  // Parse -f(no-)?sanitize-recover flags.
503  SanitizerMask RecoverableKinds = RecoverableByDefault | AlwaysRecoverable;
504  SanitizerMask DiagnosedUnrecoverableKinds;
505  SanitizerMask DiagnosedAlwaysRecoverableKinds;
506  for (const auto *Arg : Args) {
507  const char *DeprecatedReplacement = nullptr;
508  if (Arg->getOption().matches(options::OPT_fsanitize_recover)) {
509  DeprecatedReplacement =
510  "-fsanitize-recover=undefined,integer' or '-fsanitize-recover=all";
511  RecoverableKinds |= expandSanitizerGroups(LegacyFsanitizeRecoverMask);
512  Arg->claim();
513  } else if (Arg->getOption().matches(options::OPT_fno_sanitize_recover)) {
514  DeprecatedReplacement = "-fno-sanitize-recover=undefined,integer' or "
515  "'-fno-sanitize-recover=all";
516  RecoverableKinds &= ~expandSanitizerGroups(LegacyFsanitizeRecoverMask);
517  Arg->claim();
518  } else if (Arg->getOption().matches(options::OPT_fsanitize_recover_EQ)) {
519  SanitizerMask Add = parseArgValues(D, Arg, true);
520  // Report error if user explicitly tries to recover from unrecoverable
521  // sanitizer.
522  if (SanitizerMask KindsToDiagnose =
523  Add & Unrecoverable & ~DiagnosedUnrecoverableKinds) {
524  SanitizerSet SetToDiagnose;
525  SetToDiagnose.Mask |= KindsToDiagnose;
526  D.Diag(diag::err_drv_unsupported_option_argument)
527  << Arg->getOption().getName() << toString(SetToDiagnose);
528  DiagnosedUnrecoverableKinds |= KindsToDiagnose;
529  }
530  RecoverableKinds |= expandSanitizerGroups(Add);
531  Arg->claim();
532  } else if (Arg->getOption().matches(options::OPT_fno_sanitize_recover_EQ)) {
533  SanitizerMask Remove = parseArgValues(D, Arg, true);
534  // Report error if user explicitly tries to disable recovery from
535  // always recoverable sanitizer.
536  if (SanitizerMask KindsToDiagnose =
537  Remove & AlwaysRecoverable & ~DiagnosedAlwaysRecoverableKinds) {
538  SanitizerSet SetToDiagnose;
539  SetToDiagnose.Mask |= KindsToDiagnose;
540  D.Diag(diag::err_drv_unsupported_option_argument)
541  << Arg->getOption().getName() << toString(SetToDiagnose);
542  DiagnosedAlwaysRecoverableKinds |= KindsToDiagnose;
543  }
544  RecoverableKinds &= ~expandSanitizerGroups(Remove);
545  Arg->claim();
546  }
547  if (DeprecatedReplacement) {
548  D.Diag(diag::warn_drv_deprecated_arg) << Arg->getAsString(Args)
549  << DeprecatedReplacement;
550  }
551  }
552  RecoverableKinds &= Kinds;
553  RecoverableKinds &= ~Unrecoverable;
554 
555  TrappingKinds &= Kinds;
556  RecoverableKinds &= ~TrappingKinds;
557 
558  // Setup blacklist files.
559  // Add default blacklist from resource directory.
560  addDefaultBlacklists(D, Kinds, BlacklistFiles);
561  // Parse -f(no-)sanitize-blacklist options.
562  for (const auto *Arg : Args) {
563  if (Arg->getOption().matches(options::OPT_fsanitize_blacklist)) {
564  Arg->claim();
565  std::string BLPath = Arg->getValue();
566  if (llvm::sys::fs::exists(BLPath)) {
567  BlacklistFiles.push_back(BLPath);
568  ExtraDeps.push_back(BLPath);
569  } else {
570  D.Diag(clang::diag::err_drv_no_such_file) << BLPath;
571  }
572  } else if (Arg->getOption().matches(options::OPT_fno_sanitize_blacklist)) {
573  Arg->claim();
574  BlacklistFiles.clear();
575  ExtraDeps.clear();
576  }
577  }
578  // Validate blacklists format.
579  {
580  std::string BLError;
581  std::unique_ptr<llvm::SpecialCaseList> SCL(
582  llvm::SpecialCaseList::create(BlacklistFiles, BLError));
583  if (!SCL.get())
584  D.Diag(clang::diag::err_drv_malformed_sanitizer_blacklist) << BLError;
585  }
586 
587  // Parse -f[no-]sanitize-memory-track-origins[=level] options.
588  if (AllAddedKinds & SanitizerKind::Memory) {
589  if (Arg *A =
590  Args.getLastArg(options::OPT_fsanitize_memory_track_origins_EQ,
591  options::OPT_fsanitize_memory_track_origins,
592  options::OPT_fno_sanitize_memory_track_origins)) {
593  if (A->getOption().matches(options::OPT_fsanitize_memory_track_origins)) {
594  MsanTrackOrigins = 2;
595  } else if (A->getOption().matches(
596  options::OPT_fno_sanitize_memory_track_origins)) {
597  MsanTrackOrigins = 0;
598  } else {
599  StringRef S = A->getValue();
600  if (S.getAsInteger(0, MsanTrackOrigins) || MsanTrackOrigins < 0 ||
601  MsanTrackOrigins > 2) {
602  D.Diag(clang::diag::err_drv_invalid_value) << A->getAsString(Args) << S;
603  }
604  }
605  }
606  MsanUseAfterDtor =
607  Args.hasFlag(options::OPT_fsanitize_memory_use_after_dtor,
608  options::OPT_fno_sanitize_memory_use_after_dtor,
609  MsanUseAfterDtor);
610  NeedPIE |= !(TC.getTriple().isOSLinux() &&
611  TC.getTriple().getArch() == llvm::Triple::x86_64);
612  } else {
613  MsanUseAfterDtor = false;
614  }
615 
616  if (AllAddedKinds & SanitizerKind::Thread) {
617  TsanMemoryAccess = Args.hasFlag(
618  options::OPT_fsanitize_thread_memory_access,
619  options::OPT_fno_sanitize_thread_memory_access, TsanMemoryAccess);
620  TsanFuncEntryExit = Args.hasFlag(
621  options::OPT_fsanitize_thread_func_entry_exit,
622  options::OPT_fno_sanitize_thread_func_entry_exit, TsanFuncEntryExit);
623  TsanAtomics =
624  Args.hasFlag(options::OPT_fsanitize_thread_atomics,
625  options::OPT_fno_sanitize_thread_atomics, TsanAtomics);
626  }
627 
628  if (AllAddedKinds & SanitizerKind::CFI) {
629  // Without PIE, external function address may resolve to a PLT record, which
630  // can not be verified by the target module.
631  NeedPIE |= CfiCrossDso;
632  CfiICallGeneralizePointers =
633  Args.hasArg(options::OPT_fsanitize_cfi_icall_generalize_pointers);
634 
635  if (CfiCrossDso && CfiICallGeneralizePointers)
636  D.Diag(diag::err_drv_argument_not_allowed_with)
637  << "-fsanitize-cfi-cross-dso"
638  << "-fsanitize-cfi-icall-generalize-pointers";
639 
640  CfiCanonicalJumpTables =
641  Args.hasFlag(options::OPT_fsanitize_cfi_canonical_jump_tables,
642  options::OPT_fno_sanitize_cfi_canonical_jump_tables, true);
643  }
644 
645  Stats = Args.hasFlag(options::OPT_fsanitize_stats,
646  options::OPT_fno_sanitize_stats, false);
647 
648  if (MinimalRuntime) {
649  SanitizerMask IncompatibleMask =
650  Kinds & ~setGroupBits(CompatibleWithMinimalRuntime);
651  if (IncompatibleMask)
652  D.Diag(clang::diag::err_drv_argument_not_allowed_with)
653  << "-fsanitize-minimal-runtime"
654  << lastArgumentForMask(D, Args, IncompatibleMask);
655 
656  SanitizerMask NonTrappingCfi = Kinds & SanitizerKind::CFI & ~TrappingKinds;
657  if (NonTrappingCfi)
658  D.Diag(clang::diag::err_drv_argument_only_allowed_with)
659  << "fsanitize-minimal-runtime"
660  << "fsanitize-trap=cfi";
661  }
662 
663  // Parse -f(no-)?sanitize-coverage flags if coverage is supported by the
664  // enabled sanitizers.
665  for (const auto *Arg : Args) {
666  if (Arg->getOption().matches(options::OPT_fsanitize_coverage)) {
667  int LegacySanitizeCoverage;
668  if (Arg->getNumValues() == 1 &&
669  !StringRef(Arg->getValue(0))
670  .getAsInteger(0, LegacySanitizeCoverage)) {
671  CoverageFeatures = 0;
672  Arg->claim();
673  if (LegacySanitizeCoverage != 0) {
674  D.Diag(diag::warn_drv_deprecated_arg)
675  << Arg->getAsString(Args) << "-fsanitize-coverage=trace-pc-guard";
676  }
677  continue;
678  }
679  CoverageFeatures |= parseCoverageFeatures(D, Arg);
680 
681  // Disable coverage and not claim the flags if there is at least one
682  // non-supporting sanitizer.
683  if (!(AllAddedKinds & ~AllRemove & ~setGroupBits(SupportsCoverage))) {
684  Arg->claim();
685  } else {
686  CoverageFeatures = 0;
687  }
688  } else if (Arg->getOption().matches(options::OPT_fno_sanitize_coverage)) {
689  Arg->claim();
690  CoverageFeatures &= ~parseCoverageFeatures(D, Arg);
691  }
692  }
693  // Choose at most one coverage type: function, bb, or edge.
694  if ((CoverageFeatures & CoverageFunc) && (CoverageFeatures & CoverageBB))
695  D.Diag(clang::diag::err_drv_argument_not_allowed_with)
696  << "-fsanitize-coverage=func"
697  << "-fsanitize-coverage=bb";
698  if ((CoverageFeatures & CoverageFunc) && (CoverageFeatures & CoverageEdge))
699  D.Diag(clang::diag::err_drv_argument_not_allowed_with)
700  << "-fsanitize-coverage=func"
701  << "-fsanitize-coverage=edge";
702  if ((CoverageFeatures & CoverageBB) && (CoverageFeatures & CoverageEdge))
703  D.Diag(clang::diag::err_drv_argument_not_allowed_with)
704  << "-fsanitize-coverage=bb"
705  << "-fsanitize-coverage=edge";
706  // Basic block tracing and 8-bit counters require some type of coverage
707  // enabled.
708  if (CoverageFeatures & CoverageTraceBB)
709  D.Diag(clang::diag::warn_drv_deprecated_arg)
710  << "-fsanitize-coverage=trace-bb"
711  << "-fsanitize-coverage=trace-pc-guard";
712  if (CoverageFeatures & Coverage8bitCounters)
713  D.Diag(clang::diag::warn_drv_deprecated_arg)
714  << "-fsanitize-coverage=8bit-counters"
715  << "-fsanitize-coverage=trace-pc-guard";
716 
717  int InsertionPointTypes = CoverageFunc | CoverageBB | CoverageEdge;
718  int InstrumentationTypes =
720  if ((CoverageFeatures & InsertionPointTypes) &&
721  !(CoverageFeatures & InstrumentationTypes)) {
722  D.Diag(clang::diag::warn_drv_deprecated_arg)
723  << "-fsanitize-coverage=[func|bb|edge]"
724  << "-fsanitize-coverage=[func|bb|edge],[trace-pc-guard|trace-pc]";
725  }
726 
727  // trace-pc w/o func/bb/edge implies edge.
728  if (!(CoverageFeatures & InsertionPointTypes)) {
729  if (CoverageFeatures &
731  CoverageFeatures |= CoverageEdge;
732 
733  if (CoverageFeatures & CoverageStackDepth)
734  CoverageFeatures |= CoverageFunc;
735  }
736 
737  SharedRuntime =
738  Args.hasFlag(options::OPT_shared_libsan, options::OPT_static_libsan,
739  TC.getTriple().isAndroid() || TC.getTriple().isOSFuchsia() ||
740  TC.getTriple().isOSDarwin());
741 
742  ImplicitCfiRuntime = TC.getTriple().isAndroid();
743 
744  if (AllAddedKinds & SanitizerKind::Address) {
745  NeedPIE |= TC.getTriple().isOSFuchsia();
746  if (Arg *A =
747  Args.getLastArg(options::OPT_fsanitize_address_field_padding)) {
748  StringRef S = A->getValue();
749  // Legal values are 0 and 1, 2, but in future we may add more levels.
750  if (S.getAsInteger(0, AsanFieldPadding) || AsanFieldPadding < 0 ||
751  AsanFieldPadding > 2) {
752  D.Diag(clang::diag::err_drv_invalid_value) << A->getAsString(Args) << S;
753  }
754  }
755 
756  if (Arg *WindowsDebugRTArg =
757  Args.getLastArg(options::OPT__SLASH_MTd, options::OPT__SLASH_MT,
758  options::OPT__SLASH_MDd, options::OPT__SLASH_MD,
759  options::OPT__SLASH_LDd, options::OPT__SLASH_LD)) {
760  switch (WindowsDebugRTArg->getOption().getID()) {
761  case options::OPT__SLASH_MTd:
762  case options::OPT__SLASH_MDd:
763  case options::OPT__SLASH_LDd:
764  D.Diag(clang::diag::err_drv_argument_not_allowed_with)
765  << WindowsDebugRTArg->getAsString(Args)
766  << lastArgumentForMask(D, Args, SanitizerKind::Address);
767  D.Diag(clang::diag::note_drv_address_sanitizer_debug_runtime);
768  }
769  }
770 
771  AsanUseAfterScope = Args.hasFlag(
772  options::OPT_fsanitize_address_use_after_scope,
773  options::OPT_fno_sanitize_address_use_after_scope, AsanUseAfterScope);
774 
775  AsanPoisonCustomArrayCookie = Args.hasFlag(
776  options::OPT_fsanitize_address_poison_custom_array_cookie,
777  options::OPT_fno_sanitize_address_poison_custom_array_cookie,
778  AsanPoisonCustomArrayCookie);
779 
780  // As a workaround for a bug in gold 2.26 and earlier, dead stripping of
781  // globals in ASan is disabled by default on ELF targets.
782  // See https://sourceware.org/bugzilla/show_bug.cgi?id=19002
783  AsanGlobalsDeadStripping =
784  !TC.getTriple().isOSBinFormatELF() || TC.getTriple().isOSFuchsia() ||
785  TC.getTriple().isPS4() ||
786  Args.hasArg(options::OPT_fsanitize_address_globals_dead_stripping);
787 
788  AsanUseOdrIndicator =
789  Args.hasFlag(options::OPT_fsanitize_address_use_odr_indicator,
790  options::OPT_fno_sanitize_address_use_odr_indicator,
791  AsanUseOdrIndicator);
792 
793  if (AllAddedKinds & SanitizerKind::PointerCompare & ~AllRemove) {
794  AsanInvalidPointerCmp = true;
795  }
796 
797  if (AllAddedKinds & SanitizerKind::PointerSubtract & ~AllRemove) {
798  AsanInvalidPointerSub = true;
799  }
800 
801  } else {
802  AsanUseAfterScope = false;
803  // -fsanitize=pointer-compare/pointer-subtract requires -fsanitize=address.
804  SanitizerMask DetectInvalidPointerPairs =
805  SanitizerKind::PointerCompare | SanitizerKind::PointerSubtract;
806  if (AllAddedKinds & DetectInvalidPointerPairs & ~AllRemove) {
807  TC.getDriver().Diag(clang::diag::err_drv_argument_only_allowed_with)
808  << lastArgumentForMask(D, Args,
809  SanitizerKind::PointerCompare |
810  SanitizerKind::PointerSubtract)
811  << "-fsanitize=address";
812  }
813  }
814 
815  if (AllAddedKinds & SanitizerKind::HWAddress) {
816  if (Arg *HwasanAbiArg =
817  Args.getLastArg(options::OPT_fsanitize_hwaddress_abi_EQ)) {
818  HwasanAbi = HwasanAbiArg->getValue();
819  if (HwasanAbi != "platform" && HwasanAbi != "interceptor")
820  D.Diag(clang::diag::err_drv_invalid_value)
821  << HwasanAbiArg->getAsString(Args) << HwasanAbi;
822  } else {
823  HwasanAbi = "interceptor";
824  }
825  }
826 
827  if (AllAddedKinds & SanitizerKind::SafeStack) {
828  // SafeStack runtime is built into the system on Fuchsia.
829  SafeStackRuntime = !TC.getTriple().isOSFuchsia();
830  }
831 
832  LinkRuntimes =
833  Args.hasFlag(options::OPT_fsanitize_link_runtime,
834  options::OPT_fno_sanitize_link_runtime, LinkRuntimes);
835 
836  // Parse -link-cxx-sanitizer flag.
837  LinkCXXRuntimes = Args.hasArg(options::OPT_fsanitize_link_cxx_runtime,
838  options::OPT_fno_sanitize_link_cxx_runtime,
839  LinkCXXRuntimes) ||
840  D.CCCIsCXX();
841 
842  // Finally, initialize the set of available and recoverable sanitizers.
843  Sanitizers.Mask |= Kinds;
844  RecoverableSanitizers.Mask |= RecoverableKinds;
845  TrapSanitizers.Mask |= TrappingKinds;
846  assert(!(RecoverableKinds & TrappingKinds) &&
847  "Overlap between recoverable and trapping sanitizers");
848 }
849 
850 static std::string toString(const clang::SanitizerSet &Sanitizers) {
851  std::string Res;
852 #define SANITIZER(NAME, ID) \
853  if (Sanitizers.has(SanitizerKind::ID)) { \
854  if (!Res.empty()) \
855  Res += ","; \
856  Res += NAME; \
857  }
858 #include "clang/Basic/Sanitizers.def"
859  return Res;
860 }
861 
862 static void addIncludeLinkerOption(const ToolChain &TC,
863  const llvm::opt::ArgList &Args,
864  llvm::opt::ArgStringList &CmdArgs,
865  StringRef SymbolName) {
866  SmallString<64> LinkerOptionFlag;
867  LinkerOptionFlag = "--linker-option=/include:";
868  if (TC.getTriple().getArch() == llvm::Triple::x86) {
869  // Win32 mangles C function names with a '_' prefix.
870  LinkerOptionFlag += '_';
871  }
872  LinkerOptionFlag += SymbolName;
873  CmdArgs.push_back(Args.MakeArgString(LinkerOptionFlag));
874 }
875 
876 static bool hasTargetFeatureMTE(const llvm::opt::ArgStringList &CmdArgs) {
877  for (auto Start = CmdArgs.begin(), End = CmdArgs.end(); Start != End; ++Start) {
878  auto It = std::find(Start, End, StringRef("+mte"));
879  if (It == End)
880  break;
881  if (It > Start && *std::prev(It) == StringRef("-target-feature"))
882  return true;
883  Start = It;
884  }
885  return false;
886 }
887 
888 void SanitizerArgs::addArgs(const ToolChain &TC, const llvm::opt::ArgList &Args,
889  llvm::opt::ArgStringList &CmdArgs,
890  types::ID InputType) const {
891  // NVPTX doesn't currently support sanitizers. Bailing out here means that
892  // e.g. -fsanitize=address applies only to host code, which is what we want
893  // for now.
894  if (TC.getTriple().isNVPTX())
895  return;
896 
897  // Translate available CoverageFeatures to corresponding clang-cc1 flags.
898  // Do it even if Sanitizers.empty() since some forms of coverage don't require
899  // sanitizers.
900  std::pair<int, const char *> CoverageFlags[] = {
901  std::make_pair(CoverageFunc, "-fsanitize-coverage-type=1"),
902  std::make_pair(CoverageBB, "-fsanitize-coverage-type=2"),
903  std::make_pair(CoverageEdge, "-fsanitize-coverage-type=3"),
904  std::make_pair(CoverageIndirCall, "-fsanitize-coverage-indirect-calls"),
905  std::make_pair(CoverageTraceBB, "-fsanitize-coverage-trace-bb"),
906  std::make_pair(CoverageTraceCmp, "-fsanitize-coverage-trace-cmp"),
907  std::make_pair(CoverageTraceDiv, "-fsanitize-coverage-trace-div"),
908  std::make_pair(CoverageTraceGep, "-fsanitize-coverage-trace-gep"),
909  std::make_pair(Coverage8bitCounters, "-fsanitize-coverage-8bit-counters"),
910  std::make_pair(CoverageTracePC, "-fsanitize-coverage-trace-pc"),
911  std::make_pair(CoverageTracePCGuard, "-fsanitize-coverage-trace-pc-guard"),
912  std::make_pair(CoverageInline8bitCounters, "-fsanitize-coverage-inline-8bit-counters"),
913  std::make_pair(CoveragePCTable, "-fsanitize-coverage-pc-table"),
914  std::make_pair(CoverageNoPrune, "-fsanitize-coverage-no-prune"),
915  std::make_pair(CoverageStackDepth, "-fsanitize-coverage-stack-depth")};
916  for (auto F : CoverageFlags) {
917  if (CoverageFeatures & F.first)
918  CmdArgs.push_back(F.second);
919  }
920 
921  if (TC.getTriple().isOSWindows() && needsUbsanRt()) {
922  // Instruct the code generator to embed linker directives in the object file
923  // that cause the required runtime libraries to be linked.
924  CmdArgs.push_back(Args.MakeArgString(
925  "--dependent-lib=" + TC.getCompilerRT(Args, "ubsan_standalone")));
926  if (types::isCXX(InputType))
927  CmdArgs.push_back(Args.MakeArgString(
928  "--dependent-lib=" + TC.getCompilerRT(Args, "ubsan_standalone_cxx")));
929  }
930  if (TC.getTriple().isOSWindows() && needsStatsRt()) {
931  CmdArgs.push_back(Args.MakeArgString("--dependent-lib=" +
932  TC.getCompilerRT(Args, "stats_client")));
933 
934  // The main executable must export the stats runtime.
935  // FIXME: Only exporting from the main executable (e.g. based on whether the
936  // translation unit defines main()) would save a little space, but having
937  // multiple copies of the runtime shouldn't hurt.
938  CmdArgs.push_back(Args.MakeArgString("--dependent-lib=" +
939  TC.getCompilerRT(Args, "stats")));
940  addIncludeLinkerOption(TC, Args, CmdArgs, "__sanitizer_stats_register");
941  }
942 
943  if (Sanitizers.empty())
944  return;
945  CmdArgs.push_back(Args.MakeArgString("-fsanitize=" + toString(Sanitizers)));
946 
947  if (!RecoverableSanitizers.empty())
948  CmdArgs.push_back(Args.MakeArgString("-fsanitize-recover=" +
949  toString(RecoverableSanitizers)));
950 
951  if (!TrapSanitizers.empty())
952  CmdArgs.push_back(
953  Args.MakeArgString("-fsanitize-trap=" + toString(TrapSanitizers)));
954 
955  for (const auto &BLPath : BlacklistFiles) {
956  SmallString<64> BlacklistOpt("-fsanitize-blacklist=");
957  BlacklistOpt += BLPath;
958  CmdArgs.push_back(Args.MakeArgString(BlacklistOpt));
959  }
960  for (const auto &Dep : ExtraDeps) {
961  SmallString<64> ExtraDepOpt("-fdepfile-entry=");
962  ExtraDepOpt += Dep;
963  CmdArgs.push_back(Args.MakeArgString(ExtraDepOpt));
964  }
965 
966  if (MsanTrackOrigins)
967  CmdArgs.push_back(Args.MakeArgString("-fsanitize-memory-track-origins=" +
968  Twine(MsanTrackOrigins)));
969 
970  if (MsanUseAfterDtor)
971  CmdArgs.push_back("-fsanitize-memory-use-after-dtor");
972 
973  // FIXME: Pass these parameters as function attributes, not as -llvm flags.
974  if (!TsanMemoryAccess) {
975  CmdArgs.push_back("-mllvm");
976  CmdArgs.push_back("-tsan-instrument-memory-accesses=0");
977  CmdArgs.push_back("-mllvm");
978  CmdArgs.push_back("-tsan-instrument-memintrinsics=0");
979  }
980  if (!TsanFuncEntryExit) {
981  CmdArgs.push_back("-mllvm");
982  CmdArgs.push_back("-tsan-instrument-func-entry-exit=0");
983  }
984  if (!TsanAtomics) {
985  CmdArgs.push_back("-mllvm");
986  CmdArgs.push_back("-tsan-instrument-atomics=0");
987  }
988 
989  if (CfiCrossDso)
990  CmdArgs.push_back("-fsanitize-cfi-cross-dso");
991 
992  if (CfiICallGeneralizePointers)
993  CmdArgs.push_back("-fsanitize-cfi-icall-generalize-pointers");
994 
995  if (CfiCanonicalJumpTables)
996  CmdArgs.push_back("-fsanitize-cfi-canonical-jump-tables");
997 
998  if (Stats)
999  CmdArgs.push_back("-fsanitize-stats");
1000 
1001  if (MinimalRuntime)
1002  CmdArgs.push_back("-fsanitize-minimal-runtime");
1003 
1004  if (AsanFieldPadding)
1005  CmdArgs.push_back(Args.MakeArgString("-fsanitize-address-field-padding=" +
1006  Twine(AsanFieldPadding)));
1007 
1008  if (AsanUseAfterScope)
1009  CmdArgs.push_back("-fsanitize-address-use-after-scope");
1010 
1011  if (AsanPoisonCustomArrayCookie)
1012  CmdArgs.push_back("-fsanitize-address-poison-custom-array-cookie");
1013 
1014  if (AsanGlobalsDeadStripping)
1015  CmdArgs.push_back("-fsanitize-address-globals-dead-stripping");
1016 
1017  if (AsanUseOdrIndicator)
1018  CmdArgs.push_back("-fsanitize-address-use-odr-indicator");
1019 
1020  if (AsanInvalidPointerCmp) {
1021  CmdArgs.push_back("-mllvm");
1022  CmdArgs.push_back("-asan-detect-invalid-pointer-cmp");
1023  }
1024 
1025  if (AsanInvalidPointerSub) {
1026  CmdArgs.push_back("-mllvm");
1027  CmdArgs.push_back("-asan-detect-invalid-pointer-sub");
1028  }
1029 
1030  if (!HwasanAbi.empty()) {
1031  CmdArgs.push_back("-default-function-attr");
1032  CmdArgs.push_back(Args.MakeArgString("hwasan-abi=" + HwasanAbi));
1033  }
1034 
1035  if (Sanitizers.has(SanitizerKind::HWAddress)) {
1036  CmdArgs.push_back("-target-feature");
1037  CmdArgs.push_back("+tagged-globals");
1038  }
1039 
1040  // MSan: Workaround for PR16386.
1041  // ASan: This is mainly to help LSan with cases such as
1042  // https://github.com/google/sanitizers/issues/373
1043  // We can't make this conditional on -fsanitize=leak, as that flag shouldn't
1044  // affect compilation.
1045  if (Sanitizers.has(SanitizerKind::Memory) ||
1046  Sanitizers.has(SanitizerKind::Address))
1047  CmdArgs.push_back("-fno-assume-sane-operator-new");
1048 
1049  // Require -fvisibility= flag on non-Windows when compiling if vptr CFI is
1050  // enabled.
1051  if (Sanitizers.hasOneOf(CFIClasses) && !TC.getTriple().isOSWindows() &&
1052  !Args.hasArg(options::OPT_fvisibility_EQ)) {
1053  TC.getDriver().Diag(clang::diag::err_drv_argument_only_allowed_with)
1054  << lastArgumentForMask(TC.getDriver(), Args,
1055  Sanitizers.Mask & CFIClasses)
1056  << "-fvisibility=";
1057  }
1058 
1059  if (Sanitizers.has(SanitizerKind::MemTag) && !hasTargetFeatureMTE(CmdArgs))
1060  TC.getDriver().Diag(diag::err_stack_tagging_requires_hardware_feature);
1061 }
1062 
1063 SanitizerMask parseArgValues(const Driver &D, const llvm::opt::Arg *A,
1064  bool DiagnoseErrors) {
1065  assert((A->getOption().matches(options::OPT_fsanitize_EQ) ||
1066  A->getOption().matches(options::OPT_fno_sanitize_EQ) ||
1067  A->getOption().matches(options::OPT_fsanitize_recover_EQ) ||
1068  A->getOption().matches(options::OPT_fno_sanitize_recover_EQ) ||
1069  A->getOption().matches(options::OPT_fsanitize_trap_EQ) ||
1070  A->getOption().matches(options::OPT_fno_sanitize_trap_EQ)) &&
1071  "Invalid argument in parseArgValues!");
1072  SanitizerMask Kinds;
1073  for (int i = 0, n = A->getNumValues(); i != n; ++i) {
1074  const char *Value = A->getValue(i);
1076  // Special case: don't accept -fsanitize=all.
1077  if (A->getOption().matches(options::OPT_fsanitize_EQ) &&
1078  0 == strcmp("all", Value))
1079  Kind = SanitizerMask();
1080  else
1081  Kind = parseSanitizerValue(Value, /*AllowGroups=*/true);
1082 
1083  if (Kind)
1084  Kinds |= Kind;
1085  else if (DiagnoseErrors)
1086  D.Diag(clang::diag::err_drv_unsupported_option_argument)
1087  << A->getOption().getName() << Value;
1088  }
1089  return Kinds;
1090 }
1091 
1092 int parseCoverageFeatures(const Driver &D, const llvm::opt::Arg *A) {
1093  assert(A->getOption().matches(options::OPT_fsanitize_coverage) ||
1094  A->getOption().matches(options::OPT_fno_sanitize_coverage));
1095  int Features = 0;
1096  for (int i = 0, n = A->getNumValues(); i != n; ++i) {
1097  const char *Value = A->getValue(i);
1098  int F = llvm::StringSwitch<int>(Value)
1099  .Case("func", CoverageFunc)
1100  .Case("bb", CoverageBB)
1101  .Case("edge", CoverageEdge)
1102  .Case("indirect-calls", CoverageIndirCall)
1103  .Case("trace-bb", CoverageTraceBB)
1104  .Case("trace-cmp", CoverageTraceCmp)
1105  .Case("trace-div", CoverageTraceDiv)
1106  .Case("trace-gep", CoverageTraceGep)
1107  .Case("8bit-counters", Coverage8bitCounters)
1108  .Case("trace-pc", CoverageTracePC)
1109  .Case("trace-pc-guard", CoverageTracePCGuard)
1110  .Case("no-prune", CoverageNoPrune)
1111  .Case("inline-8bit-counters", CoverageInline8bitCounters)
1112  .Case("pc-table", CoveragePCTable)
1113  .Case("stack-depth", CoverageStackDepth)
1114  .Default(0);
1115  if (F == 0)
1116  D.Diag(clang::diag::err_drv_unsupported_option_argument)
1117  << A->getOption().getName() << Value;
1118  Features |= F;
1119  }
1120  return Features;
1121 }
1122 
1123 std::string lastArgumentForMask(const Driver &D, const llvm::opt::ArgList &Args,
1124  SanitizerMask Mask) {
1125  for (llvm::opt::ArgList::const_reverse_iterator I = Args.rbegin(),
1126  E = Args.rend();
1127  I != E; ++I) {
1128  const auto *Arg = *I;
1129  if (Arg->getOption().matches(options::OPT_fsanitize_EQ)) {
1130  SanitizerMask AddKinds =
1131  expandSanitizerGroups(parseArgValues(D, Arg, false));
1132  if (AddKinds & Mask)
1133  return describeSanitizeArg(Arg, Mask);
1134  } else if (Arg->getOption().matches(options::OPT_fno_sanitize_EQ)) {
1135  SanitizerMask RemoveKinds =
1136  expandSanitizerGroups(parseArgValues(D, Arg, false));
1137  Mask &= ~RemoveKinds;
1138  }
1139  }
1140  llvm_unreachable("arg list didn't provide expected value");
1141 }
1142 
1143 std::string describeSanitizeArg(const llvm::opt::Arg *A, SanitizerMask Mask) {
1144  assert(A->getOption().matches(options::OPT_fsanitize_EQ)
1145  && "Invalid argument in describeSanitizerArg!");
1146 
1147  std::string Sanitizers;
1148  for (int i = 0, n = A->getNumValues(); i != n; ++i) {
1150  parseSanitizerValue(A->getValue(i), /*AllowGroups=*/true)) &
1151  Mask) {
1152  if (!Sanitizers.empty())
1153  Sanitizers += ",";
1154  Sanitizers += A->getValue(i);
1155  }
1156  }
1157 
1158  assert(!Sanitizers.empty() && "arg didn't provide expected value");
1159  return "-fsanitize=" + Sanitizers;
1160 }
static const SanitizerMask NeedsUbsanRt
static const SanitizerMask RecoverableByDefault
static const SanitizerMask AlwaysRecoverable
bool isUsingLTO() const
Returns true if we are performing any kind of LTO.
Definition: Driver.h:539
static const SanitizerMask SupportsCoverage
constexpr XRayInstrMask Function
Definition: XRayInstr.h:38
void addArgs(const ToolChain &TC, const llvm::opt::ArgList &Args, llvm::opt::ArgStringList &CmdArgs, types::ID InputType) const
DiagnosticBuilder Diag(unsigned DiagID) const
Definition: Driver.h:109
static const SanitizerMask NeedsUnwindTables
Defines the clang::SanitizerKind enum.
static std::string toString(const clang::SanitizerSet &Sanitizers)
Produce a string containing comma-separated names of sanitizers in Sanitizers set.
static const SanitizerMask CFIClasses
SanitizerMask Mask
Bitmask of enabled sanitizers.
Definition: Sanitizers.h:173
CoverageFeature
static const SanitizerMask NotAllowedWithMinimalRuntime
Driver - Encapsulate logic for constructing compilation processes from a set of gcc-driver-like comma...
Definition: Driver.h:58
const llvm::opt::Arg * getRTTIArg() const
Definition: ToolChain.h:246
static const SanitizerMask NeedsUbsanCxxRt
static const SanitizerMask NeedsLTO
SourceLocation End
static SanitizerMask parseArgValues(const Driver &D, const llvm::opt::Arg *A, bool DiagnoseErrors)
Parse a -fsanitize= or -fno-sanitize= argument&#39;s values, diagnosing any invalid components.
static const SanitizerMask NotAllowedWithTrap
static const SanitizerMask TrappingSupported
static int parseCoverageFeatures(const Driver &D, const llvm::opt::Arg *A)
Parse -f(no-)?sanitize-coverage= flag values, diagnosing any invalid components.
static void addIncludeLinkerOption(const ToolChain &TC, const llvm::opt::ArgList &Args, llvm::opt::ArgStringList &CmdArgs, StringRef SymbolName)
Kind
virtual std::string getCompilerRT(const llvm::opt::ArgList &Args, StringRef Component, FileType Type=ToolChain::FT_Static) const
Definition: ToolChain.cpp:364
const Driver & getDriver() const
Definition: ToolChain.h:193
bool CCCIsCXX() const
Whether the driver should follow g++ like behavior.
Definition: Driver.h:173
static const SanitizerMask TrappingDefault
virtual SanitizerMask getDefaultSanitizers() const
Return sanitizers which are enabled by default.
Definition: ToolChain.h:596
Dataflow Directional Tag Classes.
static void addDefaultBlacklists(const Driver &D, SanitizerMask Kinds, std::vector< std::string > &BlacklistFiles)
static const SanitizerMask RequiresPIE
std::unique_ptr< DiagnosticConsumer > create(StringRef OutputFile, DiagnosticOptions *Diags, bool MergeChildRecords=false)
Returns a DiagnosticConsumer that serializes diagnostics to a bitcode file.
static const SanitizerMask CompatibleWithMinimalRuntime
SanitizerMask parseSanitizerValue(StringRef Value, bool AllowGroups)
Parse a single value from a -fsanitize= or -fno-sanitize= value list.
Definition: Sanitizers.cpp:27
static SanitizerMask setGroupBits(SanitizerMask Kinds)
Sets group bits for every group that has at least one representative already enabled in Kinds...
bool isCXX(ID Id)
isCXX - Is this a "C++" input (C++ and Obj-C++ sources and headers).
Definition: Types.cpp:160
RTTIMode getRTTIMode() const
Definition: ToolChain.h:249
const llvm::Triple & getTriple() const
Definition: ToolChain.h:195
virtual SanitizerMask getSupportedSanitizers() const
Return sanitizers which are available in this toolchain.
Definition: ToolChain.cpp:904
SanitizerMask expandSanitizerGroups(SanitizerMask Kinds)
For each sanitizer group bit set in Kinds, set the bits for sanitizers this group enables...
Definition: Sanitizers.cpp:37
static const SanitizerMask Unrecoverable
static const SanitizerMask LegacyFsanitizeRecoverMask
static SanitizerMask parseSanitizeTrapArgs(const Driver &D, const llvm::opt::ArgList &Args)
SanitizerArgs(const ToolChain &TC, const llvm::opt::ArgList &Args)
Parses the sanitizer arguments from an argument list.
static std::string describeSanitizeArg(const llvm::opt::Arg *A, SanitizerMask Mask)
Produce an argument string from argument A, which shows how it provides a value in Mask...
static bool hasTargetFeatureMTE(const llvm::opt::ArgStringList &CmdArgs)
static std::string lastArgumentForMask(const Driver &D, const llvm::opt::ArgList &Args, SanitizerMask Mask)
Produce an argument string from ArgList Args, which shows how it provides some sanitizer kind from Ma...
ToolChain - Access to tools for a single platform.
Definition: ToolChain.h:88
std::string ResourceDir
The path to the compiler resource directory.
Definition: Driver.h:132