Coverage Report

Created: 2020-11-24 06:42

/Users/buildslave/jenkins/workspace/coverage/llvm-project/clang/lib/Driver/SanitizerArgs.cpp
Line
Count
Source (jump to first uncovered line)
1
//===--- SanitizerArgs.cpp - Arguments for sanitizer tools  ---------------===//
2
//
3
// Part of the LLVM Project, under the Apache License v2.0 with LLVM Exceptions.
4
// See https://llvm.org/LICENSE.txt for license information.
5
// SPDX-License-Identifier: Apache-2.0 WITH LLVM-exception
6
//
7
//===----------------------------------------------------------------------===//
8
#include "clang/Driver/SanitizerArgs.h"
9
#include "ToolChains/CommonArgs.h"
10
#include "clang/Basic/Sanitizers.h"
11
#include "clang/Driver/Driver.h"
12
#include "clang/Driver/DriverDiagnostic.h"
13
#include "clang/Driver/Options.h"
14
#include "clang/Driver/ToolChain.h"
15
#include "llvm/ADT/StringExtras.h"
16
#include "llvm/ADT/StringSwitch.h"
17
#include "llvm/Support/Path.h"
18
#include "llvm/Support/SpecialCaseList.h"
19
#include "llvm/Support/TargetParser.h"
20
#include "llvm/Support/VirtualFileSystem.h"
21
#include <memory>
22
23
using namespace clang;
24
using namespace clang::driver;
25
using namespace llvm::opt;
26
27
static const SanitizerMask NeedsUbsanRt =
28
    SanitizerKind::Undefined | SanitizerKind::Integer |
29
    SanitizerKind::ImplicitConversion | SanitizerKind::Nullability |
30
    SanitizerKind::CFI | SanitizerKind::FloatDivideByZero |
31
    SanitizerKind::ObjCCast;
32
static const SanitizerMask NeedsUbsanCxxRt =
33
    SanitizerKind::Vptr | SanitizerKind::CFI;
34
static const SanitizerMask NotAllowedWithTrap = SanitizerKind::Vptr;
35
static const SanitizerMask NotAllowedWithMinimalRuntime =
36
    SanitizerKind::Function | SanitizerKind::Vptr;
37
static const SanitizerMask RequiresPIE =
38
    SanitizerKind::DataFlow | SanitizerKind::HWAddress | SanitizerKind::Scudo;
39
static const SanitizerMask NeedsUnwindTables =
40
    SanitizerKind::Address | SanitizerKind::HWAddress | SanitizerKind::Thread |
41
    SanitizerKind::Memory | SanitizerKind::DataFlow;
42
static const SanitizerMask SupportsCoverage =
43
    SanitizerKind::Address | SanitizerKind::HWAddress |
44
    SanitizerKind::KernelAddress | SanitizerKind::KernelHWAddress |
45
    SanitizerKind::MemTag | SanitizerKind::Memory |
46
    SanitizerKind::KernelMemory | SanitizerKind::Leak |
47
    SanitizerKind::Undefined | SanitizerKind::Integer | SanitizerKind::Bounds |
48
    SanitizerKind::ImplicitConversion | SanitizerKind::Nullability |
49
    SanitizerKind::DataFlow | SanitizerKind::Fuzzer |
50
    SanitizerKind::FuzzerNoLink | SanitizerKind::FloatDivideByZero |
51
    SanitizerKind::SafeStack | SanitizerKind::ShadowCallStack |
52
    SanitizerKind::Thread | SanitizerKind::ObjCCast;
53
static const SanitizerMask RecoverableByDefault =
54
    SanitizerKind::Undefined | SanitizerKind::Integer |
55
    SanitizerKind::ImplicitConversion | SanitizerKind::Nullability |
56
    SanitizerKind::FloatDivideByZero | SanitizerKind::ObjCCast;
57
static const SanitizerMask Unrecoverable =
58
    SanitizerKind::Unreachable | SanitizerKind::Return;
59
static const SanitizerMask AlwaysRecoverable =
60
    SanitizerKind::KernelAddress | SanitizerKind::KernelHWAddress;
61
static const SanitizerMask NeedsLTO = SanitizerKind::CFI;
62
static const SanitizerMask TrappingSupported =
63
    (SanitizerKind::Undefined & ~SanitizerKind::Vptr) | SanitizerKind::Integer |
64
    SanitizerKind::Nullability | SanitizerKind::LocalBounds |
65
    SanitizerKind::CFI | SanitizerKind::FloatDivideByZero |
66
    SanitizerKind::ObjCCast;
67
static const SanitizerMask TrappingDefault = SanitizerKind::CFI;
68
static const SanitizerMask CFIClasses =
69
    SanitizerKind::CFIVCall | SanitizerKind::CFINVCall |
70
    SanitizerKind::CFIMFCall | SanitizerKind::CFIDerivedCast |
71
    SanitizerKind::CFIUnrelatedCast;
72
static const SanitizerMask CompatibleWithMinimalRuntime =
73
    TrappingSupported | SanitizerKind::Scudo | SanitizerKind::ShadowCallStack |
74
    SanitizerKind::MemTag;
75
76
enum CoverageFeature {
77
  CoverageFunc = 1 << 0,
78
  CoverageBB = 1 << 1,
79
  CoverageEdge = 1 << 2,
80
  CoverageIndirCall = 1 << 3,
81
  CoverageTraceBB = 1 << 4, // Deprecated.
82
  CoverageTraceCmp = 1 << 5,
83
  CoverageTraceDiv = 1 << 6,
84
  CoverageTraceGep = 1 << 7,
85
  Coverage8bitCounters = 1 << 8, // Deprecated.
86
  CoverageTracePC = 1 << 9,
87
  CoverageTracePCGuard = 1 << 10,
88
  CoverageNoPrune = 1 << 11,
89
  CoverageInline8bitCounters = 1 << 12,
90
  CoveragePCTable = 1 << 13,
91
  CoverageStackDepth = 1 << 14,
92
  CoverageInlineBoolFlag = 1 << 15,
93
};
94
95
/// Parse a -fsanitize= or -fno-sanitize= argument's values, diagnosing any
96
/// invalid components. Returns a SanitizerMask.
97
static SanitizerMask parseArgValues(const Driver &D, const llvm::opt::Arg *A,
98
                                    bool DiagnoseErrors);
99
100
/// Parse -f(no-)?sanitize-coverage= flag values, diagnosing any invalid
101
/// components. Returns OR of members of \c CoverageFeature enumeration.
102
static int parseCoverageFeatures(const Driver &D, const llvm::opt::Arg *A);
103
104
/// Produce an argument string from ArgList \p Args, which shows how it
105
/// provides some sanitizer kind from \p Mask. For example, the argument list
106
/// "-fsanitize=thread,vptr -fsanitize=address" with mask \c NeedsUbsanRt
107
/// would produce "-fsanitize=vptr".
108
static std::string lastArgumentForMask(const Driver &D,
109
                                       const llvm::opt::ArgList &Args,
110
                                       SanitizerMask Mask);
111
112
/// Produce an argument string from argument \p A, which shows how it provides
113
/// a value in \p Mask. For instance, the argument
114
/// "-fsanitize=address,alignment" with mask \c NeedsUbsanRt would produce
115
/// "-fsanitize=alignment".
116
static std::string describeSanitizeArg(const llvm::opt::Arg *A,
117
                                       SanitizerMask Mask);
118
119
/// Produce a string containing comma-separated names of sanitizers in \p
120
/// Sanitizers set.
121
static std::string toString(const clang::SanitizerSet &Sanitizers);
122
123
static void validateSpecialCaseListFormat(const Driver &D,
124
                                          std::vector<std::string> &SCLFiles,
125
92.6k
                                          unsigned MalformedSCLErrorDiagID) {
126
92.6k
  if (SCLFiles.empty())
127
92.6k
    return;
128
129
40
  std::string BLError;
130
40
  std::unique_ptr<llvm::SpecialCaseList> SCL(
131
40
      llvm::SpecialCaseList::create(SCLFiles, D.getVFS(), BLError));
132
40
  if (!SCL.get())
133
1
    D.Diag(MalformedSCLErrorDiagID) << BLError;
134
40
}
135
136
static void addDefaultBlacklists(const Driver &D, SanitizerMask Kinds,
137
46.2k
                                 std::vector<std::string> &BlacklistFiles) {
138
46.2k
  struct Blacklist {
139
46.2k
    const char *File;
140
46.2k
    SanitizerMask Mask;
141
46.2k
  } Blacklists[] = {{"asan_blacklist.txt", SanitizerKind::Address},
142
46.2k
                    {"hwasan_blacklist.txt", SanitizerKind::HWAddress},
143
46.2k
                    {"memtag_blacklist.txt", SanitizerKind::MemTag},
144
46.2k
                    {"msan_blacklist.txt", SanitizerKind::Memory},
145
46.2k
                    {"tsan_blacklist.txt", SanitizerKind::Thread},
146
46.2k
                    {"dfsan_abilist.txt", SanitizerKind::DataFlow},
147
46.2k
                    {"cfi_blacklist.txt", SanitizerKind::CFI},
148
46.2k
                    {"ubsan_blacklist.txt",
149
46.2k
                     SanitizerKind::Undefined | SanitizerKind::Integer |
150
46.2k
                         SanitizerKind::Nullability |
151
46.2k
                         SanitizerKind::FloatDivideByZero}};
152
153
369k
  for (auto BL : Blacklists) {
154
369k
    if (!(Kinds & BL.Mask))
155
369k
      continue;
156
157
530
    clang::SmallString<64> Path(D.ResourceDir);
158
530
    llvm::sys::path::append(Path, "share", BL.File);
159
530
    if (D.getVFS().exists(Path))
160
31
      BlacklistFiles.push_back(std::string(Path.str()));
161
499
    else if (BL.Mask == SanitizerKind::CFI)
162
      // If cfi_blacklist.txt cannot be found in the resource dir, driver
163
      // should fail.
164
46
      D.Diag(clang::diag::err_drv_no_such_file) << Path;
165
530
  }
166
46.2k
  validateSpecialCaseListFormat(
167
46.2k
      D, BlacklistFiles, clang::diag::err_drv_malformed_sanitizer_blacklist);
168
46.2k
}
169
170
/// Parse -f(no-)?sanitize-(coverage-)?(white|black)list argument's values,
171
/// diagnosing any invalid file paths and validating special case list format.
172
static void parseSpecialCaseListArg(const Driver &D,
173
                                    const llvm::opt::ArgList &Args,
174
                                    std::vector<std::string> &SCLFiles,
175
                                    llvm::opt::OptSpecifier SCLOptionID,
176
                                    llvm::opt::OptSpecifier NoSCLOptionID,
177
46.4k
                                    unsigned MalformedSCLErrorDiagID) {
178
733k
  for (const auto *Arg : Args) {
179
    // Match -fsanitize-(coverage-)?(white|black)list.
180
733k
    if (Arg->getOption().matches(SCLOptionID)) {
181
17
      Arg->claim();
182
17
      std::string SCLPath = Arg->getValue();
183
17
      if (D.getVFS().exists(SCLPath)) {
184
16
        SCLFiles.push_back(SCLPath);
185
1
      } else {
186
1
        D.Diag(clang::diag::err_drv_no_such_file) << SCLPath;
187
1
      }
188
      // Match -fno-sanitize-blacklist.
189
733k
    } else if (Arg->getOption().matches(NoSCLOptionID)) {
190
5
      Arg->claim();
191
5
      SCLFiles.clear();
192
5
    }
193
733k
  }
194
46.4k
  validateSpecialCaseListFormat(D, SCLFiles, MalformedSCLErrorDiagID);
195
46.4k
}
196
197
/// Sets group bits for every group that has at least one representative already
198
/// enabled in \p Kinds.
199
92.5k
static SanitizerMask setGroupBits(SanitizerMask Kinds) {
200
92.5k
#define SANITIZER(NAME, ID)
201
92.5k
#define SANITIZER_GROUP(NAME, ID, ALIAS)                                       \
202
1.01M
  if (Kinds & SanitizerKind::ID)                                               \
203
1.01M
    Kinds |= SanitizerKind::ID##Group;
204
92.5k
#include "clang/Basic/Sanitizers.def"
205
92.5k
  return Kinds;
206
92.5k
}
207
208
static SanitizerMask parseSanitizeTrapArgs(const Driver &D,
209
46.2k
                                           const llvm::opt::ArgList &Args) {
210
46.2k
  SanitizerMask TrapRemove;     // During the loop below, the accumulated set of
211
                                // sanitizers disabled by the current sanitizer
212
                                // argument or any argument after it.
213
46.2k
  SanitizerMask TrappingKinds;
214
46.2k
  SanitizerMask TrappingSupportedWithGroups = setGroupBits(TrappingSupported);
215
216
46.2k
  for (ArgList::const_reverse_iterator I = Args.rbegin(), E = Args.rend();
217
779k
       I != E; 
++I732k
) {
218
732k
    const auto *Arg = *I;
219
732k
    if (Arg->getOption().matches(options::OPT_fsanitize_trap_EQ)) {
220
19
      Arg->claim();
221
19
      SanitizerMask Add = parseArgValues(D, Arg, true);
222
19
      Add &= ~TrapRemove;
223
19
      if (SanitizerMask InvalidValues = Add & ~TrappingSupportedWithGroups) {
224
2
        SanitizerSet S;
225
2
        S.Mask = InvalidValues;
226
2
        D.Diag(diag::err_drv_unsupported_option_argument) << "-fsanitize-trap"
227
2
                                                          << toString(S);
228
2
      }
229
19
      TrappingKinds |= expandSanitizerGroups(Add) & ~TrapRemove;
230
732k
    } else if (Arg->getOption().matches(options::OPT_fno_sanitize_trap_EQ)) {
231
8
      Arg->claim();
232
8
      TrapRemove |= expandSanitizerGroups(parseArgValues(D, Arg, true));
233
8
    }
234
732k
  }
235
236
  // Apply default trapping behavior.
237
46.2k
  TrappingKinds |= TrappingDefault & ~TrapRemove;
238
239
46.2k
  return TrappingKinds;
240
46.2k
}
241
242
7
bool SanitizerArgs::needsFuzzerInterceptors() const {
243
7
  return needsFuzzer() && !needsAsanRt() && !needsTsanRt() && !needsMsanRt();
244
7
}
245
246
13.5k
bool SanitizerArgs::needsUbsanRt() const {
247
  // All of these include ubsan.
248
13.5k
  if (needsAsanRt() || 
needsMsanRt()13.3k
||
needsHwasanRt()13.3k
||
needsTsanRt()13.3k
||
249
13.2k
      needsDfsanRt() || 
needsLsanRt()13.2k
||
needsCfiDiagRt()13.2k
||
250
13.2k
      (needsScudoRt() && 
!requiresMinimalRuntime()35
))
251
358
    return false;
252
253
13.1k
  return (Sanitizers.Mask & NeedsUbsanRt & ~TrapSanitizers.Mask) ||
254
13.0k
         CoverageFeatures;
255
13.1k
}
256
257
1.79k
bool SanitizerArgs::needsCfiRt() const {
258
1.79k
  return !(Sanitizers.Mask & SanitizerKind::CFI & ~TrapSanitizers.Mask) &&
259
1.78k
         CfiCrossDso && 
!ImplicitCfiRuntime2
;
260
1.79k
}
261
262
15.0k
bool SanitizerArgs::needsCfiDiagRt() const {
263
15.0k
  return (Sanitizers.Mask & SanitizerKind::CFI & ~TrapSanitizers.Mask) &&
264
9
         CfiCrossDso && 
!ImplicitCfiRuntime4
;
265
15.0k
}
266
267
6.86k
bool SanitizerArgs::requiresPIE() const {
268
6.86k
  return NeedPIE || 
(Sanitizers.Mask & RequiresPIE)6.83k
;
269
6.86k
}
270
271
15.0k
bool SanitizerArgs::needsUnwindTables() const {
272
15.0k
  return static_cast<bool>(Sanitizers.Mask & NeedsUnwindTables);
273
15.0k
}
274
275
87.7k
bool SanitizerArgs::needsLTO() const {
276
87.7k
  return static_cast<bool>(Sanitizers.Mask & NeedsLTO);
277
87.7k
}
278
279
SanitizerArgs::SanitizerArgs(const ToolChain &TC,
280
46.2k
                             const llvm::opt::ArgList &Args) {
281
46.2k
  SanitizerMask AllRemove;      // During the loop below, the accumulated set of
282
                                // sanitizers disabled by the current sanitizer
283
                                // argument or any argument after it.
284
46.2k
  SanitizerMask AllAddedKinds;      // Mask of all sanitizers ever enabled by
285
                                    // -fsanitize= flags (directly or via group
286
                                    // expansion), some of which may be disabled
287
                                    // later. Used to carefully prune
288
                                    // unused-argument diagnostics.
289
46.2k
  SanitizerMask DiagnosedKinds;      // All Kinds we have diagnosed up to now.
290
                                     // Used to deduplicate diagnostics.
291
46.2k
  SanitizerMask Kinds;
292
46.2k
  const SanitizerMask Supported = setGroupBits(TC.getSupportedSanitizers());
293
294
46.2k
  CfiCrossDso = Args.hasFlag(options::OPT_fsanitize_cfi_cross_dso,
295
46.2k
                             options::OPT_fno_sanitize_cfi_cross_dso, false);
296
297
46.2k
  ToolChain::RTTIMode RTTIMode = TC.getRTTIMode();
298
299
46.2k
  const Driver &D = TC.getDriver();
300
46.2k
  SanitizerMask TrappingKinds = parseSanitizeTrapArgs(D, Args);
301
46.2k
  SanitizerMask InvalidTrappingKinds = TrappingKinds & NotAllowedWithTrap;
302
303
46.2k
  MinimalRuntime =
304
46.2k
      Args.hasFlag(options::OPT_fsanitize_minimal_runtime,
305
46.2k
                   options::OPT_fno_sanitize_minimal_runtime, MinimalRuntime);
306
307
  // The object size sanitizer should not be enabled at -O0.
308
46.2k
  Arg *OptLevel = Args.getLastArg(options::OPT_O_Group);
309
46.2k
  bool RemoveObjectSizeAtO0 =
310
46.2k
      !OptLevel || 
OptLevel->getOption().matches(options::OPT_O0)9.16k
;
311
312
46.2k
  for (ArgList::const_reverse_iterator I = Args.rbegin(), E = Args.rend();
313
779k
       I != E; 
++I732k
) {
314
732k
    const auto *Arg = *I;
315
732k
    if (Arg->getOption().matches(options::OPT_fsanitize_EQ)) {
316
722
      Arg->claim();
317
722
      SanitizerMask Add = parseArgValues(D, Arg, /*AllowGroups=*/true);
318
319
722
      if (RemoveObjectSizeAtO0) {
320
665
        AllRemove |= SanitizerKind::ObjectSize;
321
322
        // The user explicitly enabled the object size sanitizer. Warn
323
        // that this does nothing at -O0.
324
665
        if (Add & SanitizerKind::ObjectSize)
325
4
          D.Diag(diag::warn_drv_object_size_disabled_O0)
326
4
              << Arg->getAsString(Args);
327
665
      }
328
329
722
      AllAddedKinds |= expandSanitizerGroups(Add);
330
331
      // Avoid diagnosing any sanitizer which is disabled later.
332
722
      Add &= ~AllRemove;
333
      // At this point we have not expanded groups, so any unsupported
334
      // sanitizers in Add are those which have been explicitly enabled.
335
      // Diagnose them.
336
722
      if (SanitizerMask KindsToDiagnose =
337
2
              Add & InvalidTrappingKinds & ~DiagnosedKinds) {
338
2
        std::string Desc = describeSanitizeArg(*I, KindsToDiagnose);
339
2
        D.Diag(diag::err_drv_argument_not_allowed_with)
340
2
            << Desc << "-fsanitize-trap=undefined";
341
2
        DiagnosedKinds |= KindsToDiagnose;
342
2
      }
343
722
      Add &= ~InvalidTrappingKinds;
344
345
722
      if (MinimalRuntime) {
346
22
        if (SanitizerMask KindsToDiagnose =
347
2
                Add & NotAllowedWithMinimalRuntime & ~DiagnosedKinds) {
348
2
          std::string Desc = describeSanitizeArg(*I, KindsToDiagnose);
349
2
          D.Diag(diag::err_drv_argument_not_allowed_with)
350
2
              << Desc << "-fsanitize-minimal-runtime";
351
2
          DiagnosedKinds |= KindsToDiagnose;
352
2
        }
353
22
        Add &= ~NotAllowedWithMinimalRuntime;
354
22
      }
355
356
      // FIXME: Make CFI on member function calls compatible with cross-DSO CFI.
357
      // There are currently two problems:
358
      // - Virtual function call checks need to pass a pointer to the function
359
      //   address to llvm.type.test and a pointer to the address point to the
360
      //   diagnostic function. Currently we pass the same pointer to both
361
      //   places.
362
      // - Non-virtual function call checks may need to check multiple type
363
      //   identifiers.
364
      // Fixing both of those may require changes to the cross-DSO CFI
365
      // interface.
366
722
      if (CfiCrossDso && 
(Add & SanitizerKind::CFIMFCall & ~DiagnosedKinds)9
) {
367
1
        D.Diag(diag::err_drv_argument_not_allowed_with)
368
1
            << "-fsanitize=cfi-mfcall"
369
1
            << "-fsanitize-cfi-cross-dso";
370
1
        Add &= ~SanitizerKind::CFIMFCall;
371
1
        DiagnosedKinds |= SanitizerKind::CFIMFCall;
372
1
      }
373
374
722
      if (SanitizerMask KindsToDiagnose = Add & ~Supported & ~DiagnosedKinds) {
375
27
        std::string Desc = describeSanitizeArg(*I, KindsToDiagnose);
376
27
        D.Diag(diag::err_drv_unsupported_opt_for_target)
377
27
            << Desc << TC.getTriple().str();
378
27
        DiagnosedKinds |= KindsToDiagnose;
379
27
      }
380
722
      Add &= Supported;
381
382
      // Test for -fno-rtti + explicit -fsanitizer=vptr before expanding groups
383
      // so we don't error out if -fno-rtti and -fsanitize=undefined were
384
      // passed.
385
722
      if ((Add & SanitizerKind::Vptr) && 
(RTTIMode == ToolChain::RM_Disabled)12
) {
386
4
        if (const llvm::opt::Arg *NoRTTIArg = TC.getRTTIArg()) {
387
3
          assert(NoRTTIArg->getOption().matches(options::OPT_fno_rtti) &&
388
3
                  "RTTI disabled without -fno-rtti option?");
389
          // The user explicitly passed -fno-rtti with -fsanitize=vptr, but
390
          // the vptr sanitizer requires RTTI, so this is a user error.
391
3
          D.Diag(diag::err_drv_argument_not_allowed_with)
392
3
              << "-fsanitize=vptr" << NoRTTIArg->getAsString(Args);
393
1
        } else {
394
          // The vptr sanitizer requires RTTI, but RTTI is disabled (by
395
          // default). Warn that the vptr sanitizer is being disabled.
396
1
          D.Diag(diag::warn_drv_disabling_vptr_no_rtti_default);
397
1
        }
398
399
        // Take out the Vptr sanitizer from the enabled sanitizers
400
4
        AllRemove |= SanitizerKind::Vptr;
401
4
      }
402
403
722
      Add = expandSanitizerGroups(Add);
404
      // Group expansion may have enabled a sanitizer which is disabled later.
405
722
      Add &= ~AllRemove;
406
      // Silently discard any unsupported sanitizers implicitly enabled through
407
      // group expansion.
408
722
      Add &= ~InvalidTrappingKinds;
409
722
      if (MinimalRuntime) {
410
22
        Add &= ~NotAllowedWithMinimalRuntime;
411
22
      }
412
722
      if (CfiCrossDso)
413
9
        Add &= ~SanitizerKind::CFIMFCall;
414
722
      Add &= Supported;
415
416
722
      if (Add & SanitizerKind::Fuzzer)
417
13
        Add |= SanitizerKind::FuzzerNoLink;
418
419
      // Enable coverage if the fuzzing flag is set.
420
722
      if (Add & SanitizerKind::FuzzerNoLink) {
421
14
        CoverageFeatures |= CoverageInline8bitCounters | CoverageIndirCall |
422
14
                            CoverageTraceCmp | CoveragePCTable;
423
        // Due to TLS differences, stack depth tracking is only enabled on Linux
424
14
        if (TC.getTriple().isOSLinux())
425
7
          CoverageFeatures |= CoverageStackDepth;
426
14
      }
427
428
722
      Kinds |= Add;
429
732k
    } else if (Arg->getOption().matches(options::OPT_fno_sanitize_EQ)) {
430
23
      Arg->claim();
431
23
      SanitizerMask Remove = parseArgValues(D, Arg, true);
432
23
      AllRemove |= expandSanitizerGroups(Remove);
433
23
    }
434
732k
  }
435
436
46.2k
  std::pair<SanitizerMask, SanitizerMask> IncompatibleGroups[] = {
437
46.2k
      std::make_pair(SanitizerKind::Address,
438
46.2k
                     SanitizerKind::Thread | SanitizerKind::Memory),
439
46.2k
      std::make_pair(SanitizerKind::Thread, SanitizerKind::Memory),
440
46.2k
      std::make_pair(SanitizerKind::Leak,
441
46.2k
                     SanitizerKind::Thread | SanitizerKind::Memory),
442
46.2k
      std::make_pair(SanitizerKind::KernelAddress,
443
46.2k
                     SanitizerKind::Address | SanitizerKind::Leak |
444
46.2k
                         SanitizerKind::Thread | SanitizerKind::Memory),
445
46.2k
      std::make_pair(SanitizerKind::HWAddress,
446
46.2k
                     SanitizerKind::Address | SanitizerKind::Thread |
447
46.2k
                         SanitizerKind::Memory | SanitizerKind::KernelAddress),
448
46.2k
      std::make_pair(SanitizerKind::Scudo,
449
46.2k
                     SanitizerKind::Address | SanitizerKind::HWAddress |
450
46.2k
                         SanitizerKind::Leak | SanitizerKind::Thread |
451
46.2k
                         SanitizerKind::Memory | SanitizerKind::KernelAddress),
452
46.2k
      std::make_pair(SanitizerKind::SafeStack,
453
40
                     (TC.getTriple().isOSFuchsia() ? SanitizerMask()
454
46.2k
                                                   : SanitizerKind::Leak) |
455
46.2k
                         SanitizerKind::Address | SanitizerKind::HWAddress |
456
46.2k
                         SanitizerKind::Thread | SanitizerKind::Memory |
457
46.2k
                         SanitizerKind::KernelAddress),
458
46.2k
      std::make_pair(SanitizerKind::KernelHWAddress,
459
46.2k
                     SanitizerKind::Address | SanitizerKind::HWAddress |
460
46.2k
                         SanitizerKind::Leak | SanitizerKind::Thread |
461
46.2k
                         SanitizerKind::Memory | SanitizerKind::KernelAddress |
462
46.2k
                         SanitizerKind::SafeStack),
463
46.2k
      std::make_pair(SanitizerKind::KernelMemory,
464
46.2k
                     SanitizerKind::Address | SanitizerKind::HWAddress |
465
46.2k
                         SanitizerKind::Leak | SanitizerKind::Thread |
466
46.2k
                         SanitizerKind::Memory | SanitizerKind::KernelAddress |
467
46.2k
                         SanitizerKind::Scudo | SanitizerKind::SafeStack),
468
46.2k
      std::make_pair(SanitizerKind::MemTag,
469
46.2k
                     SanitizerKind::Address | SanitizerKind::KernelAddress |
470
46.2k
                         SanitizerKind::HWAddress |
471
46.2k
                         SanitizerKind::KernelHWAddress)};
472
  // Enable toolchain specific default sanitizers if not explicitly disabled.
473
46.2k
  SanitizerMask Default = TC.getDefaultSanitizers() & ~AllRemove;
474
475
  // Disable default sanitizers that are incompatible with explicitly requested
476
  // ones.
477
462k
  for (auto G : IncompatibleGroups) {
478
462k
    SanitizerMask Group = G.first;
479
462k
    if ((Default & Group) && 
(Kinds & G.second)40
)
480
4
      Default &= ~Group;
481
462k
  }
482
483
46.2k
  Kinds |= Default;
484
485
  // We disable the vptr sanitizer if it was enabled by group expansion but RTTI
486
  // is disabled.
487
46.2k
  if ((Kinds & SanitizerKind::Vptr) && 
(RTTIMode == ToolChain::RM_Disabled)72
) {
488
5
    Kinds &= ~SanitizerKind::Vptr;
489
5
  }
490
491
  // Check that LTO is enabled if we need it.
492
46.2k
  if ((Kinds & NeedsLTO) && 
!D.isUsingLTO()48
) {
493
13
    D.Diag(diag::err_drv_argument_only_allowed_with)
494
13
        << lastArgumentForMask(D, Args, Kinds & NeedsLTO) << "-flto";
495
13
  }
496
497
46.2k
  if ((Kinds & SanitizerKind::ShadowCallStack) &&
498
23
      ((TC.getTriple().isAArch64() &&
499
16
        !llvm::AArch64::isX18ReservedByDefault(TC.getTriple())) ||
500
19
       TC.getTriple().isRISCV()) &&
501
6
      !Args.hasArg(options::OPT_ffixed_x18)) {
502
3
    D.Diag(diag::err_drv_argument_only_allowed_with)
503
3
        << lastArgumentForMask(D, Args, Kinds & SanitizerKind::ShadowCallStack)
504
3
        << "-ffixed-x18";
505
3
  }
506
507
  // Report error if there are non-trapping sanitizers that require
508
  // c++abi-specific  parts of UBSan runtime, and they are not provided by the
509
  // toolchain. We don't have a good way to check the latter, so we just
510
  // check if the toolchan supports vptr.
511
46.2k
  if (~Supported & SanitizerKind::Vptr) {
512
20.1k
    SanitizerMask KindsToDiagnose = Kinds & ~TrappingKinds & NeedsUbsanCxxRt;
513
    // The runtime library supports the Microsoft C++ ABI, but only well enough
514
    // for CFI. FIXME: Remove this once we support vptr on Windows.
515
20.1k
    if (TC.getTriple().isOSWindows())
516
7.77k
      KindsToDiagnose &= ~SanitizerKind::CFI;
517
20.1k
    if (KindsToDiagnose) {
518
1
      SanitizerSet S;
519
1
      S.Mask = KindsToDiagnose;
520
1
      D.Diag(diag::err_drv_unsupported_opt_for_target)
521
1
          << ("-fno-sanitize-trap=" + toString(S)) << TC.getTriple().str();
522
1
      Kinds &= ~KindsToDiagnose;
523
1
    }
524
20.1k
  }
525
526
  // Warn about incompatible groups of sanitizers.
527
462k
  for (auto G : IncompatibleGroups) {
528
462k
    SanitizerMask Group = G.first;
529
462k
    if (Kinds & Group) {
530
467
      if (SanitizerMask Incompatible = Kinds & G.second) {
531
35
        D.Diag(clang::diag::err_drv_argument_not_allowed_with)
532
35
            << lastArgumentForMask(D, Args, Group)
533
35
            << lastArgumentForMask(D, Args, Incompatible);
534
35
        Kinds &= ~Incompatible;
535
35
      }
536
467
    }
537
462k
  }
538
  // FIXME: Currently -fsanitize=leak is silently ignored in the presence of
539
  // -fsanitize=address. Perhaps it should print an error, or perhaps
540
  // -f(-no)sanitize=leak should change whether leak detection is enabled by
541
  // default in ASan?
542
543
  // Parse -f(no-)?sanitize-recover flags.
544
46.2k
  SanitizerMask RecoverableKinds = RecoverableByDefault | AlwaysRecoverable;
545
46.2k
  SanitizerMask DiagnosedUnrecoverableKinds;
546
46.2k
  SanitizerMask DiagnosedAlwaysRecoverableKinds;
547
732k
  for (const auto *Arg : Args) {
548
732k
    if (Arg->getOption().matches(options::OPT_fsanitize_recover_EQ)) {
549
16
      SanitizerMask Add = parseArgValues(D, Arg, true);
550
      // Report error if user explicitly tries to recover from unrecoverable
551
      // sanitizer.
552
16
      if (SanitizerMask KindsToDiagnose =
553
1
              Add & Unrecoverable & ~DiagnosedUnrecoverableKinds) {
554
1
        SanitizerSet SetToDiagnose;
555
1
        SetToDiagnose.Mask |= KindsToDiagnose;
556
1
        D.Diag(diag::err_drv_unsupported_option_argument)
557
1
            << Arg->getOption().getName() << toString(SetToDiagnose);
558
1
        DiagnosedUnrecoverableKinds |= KindsToDiagnose;
559
1
      }
560
16
      RecoverableKinds |= expandSanitizerGroups(Add);
561
16
      Arg->claim();
562
732k
    } else if (Arg->getOption().matches(options::OPT_fno_sanitize_recover_EQ)) {
563
12
      SanitizerMask Remove = parseArgValues(D, Arg, true);
564
      // Report error if user explicitly tries to disable recovery from
565
      // always recoverable sanitizer.
566
12
      if (SanitizerMask KindsToDiagnose =
567
2
              Remove & AlwaysRecoverable & ~DiagnosedAlwaysRecoverableKinds) {
568
2
        SanitizerSet SetToDiagnose;
569
2
        SetToDiagnose.Mask |= KindsToDiagnose;
570
2
        D.Diag(diag::err_drv_unsupported_option_argument)
571
2
            << Arg->getOption().getName() << toString(SetToDiagnose);
572
2
        DiagnosedAlwaysRecoverableKinds |= KindsToDiagnose;
573
2
      }
574
12
      RecoverableKinds &= ~expandSanitizerGroups(Remove);
575
12
      Arg->claim();
576
12
    }
577
732k
  }
578
46.2k
  RecoverableKinds &= Kinds;
579
46.2k
  RecoverableKinds &= ~Unrecoverable;
580
581
46.2k
  TrappingKinds &= Kinds;
582
46.2k
  RecoverableKinds &= ~TrappingKinds;
583
584
  // Setup blacklist files.
585
  // Add default blacklist from resource directory for activated sanitizers, and
586
  // validate special case lists format.
587
46.2k
  if (!Args.hasArgNoClaim(options::OPT_fno_sanitize_blacklist))
588
46.2k
    addDefaultBlacklists(D, Kinds, SystemBlacklistFiles);
589
590
  // Parse -f(no-)?sanitize-blacklist options.
591
  // This also validates special case lists format.
592
46.2k
  parseSpecialCaseListArg(D, Args, UserBlacklistFiles,
593
46.2k
                          options::OPT_fsanitize_blacklist,
594
46.2k
                          options::OPT_fno_sanitize_blacklist,
595
46.2k
                          clang::diag::err_drv_malformed_sanitizer_blacklist);
596
597
  // Parse -f[no-]sanitize-memory-track-origins[=level] options.
598
46.2k
  if (AllAddedKinds & SanitizerKind::Memory) {
599
65
    if (Arg *A =
600
16
            Args.getLastArg(options::OPT_fsanitize_memory_track_origins_EQ,
601
16
                            options::OPT_fsanitize_memory_track_origins,
602
16
                            options::OPT_fno_sanitize_memory_track_origins)) {
603
16
      if (A->getOption().matches(options::OPT_fsanitize_memory_track_origins)) {
604
6
        MsanTrackOrigins = 2;
605
10
      } else if (A->getOption().matches(
606
3
                     options::OPT_fno_sanitize_memory_track_origins)) {
607
3
        MsanTrackOrigins = 0;
608
7
      } else {
609
7
        StringRef S = A->getValue();
610
7
        if (S.getAsInteger(0, MsanTrackOrigins) || MsanTrackOrigins < 0 ||
611
7
            MsanTrackOrigins > 2) {
612
1
          D.Diag(clang::diag::err_drv_invalid_value) << A->getAsString(Args) << S;
613
1
        }
614
7
      }
615
16
    }
616
65
    MsanUseAfterDtor =
617
65
        Args.hasFlag(options::OPT_fsanitize_memory_use_after_dtor,
618
65
                     options::OPT_fno_sanitize_memory_use_after_dtor,
619
65
                     MsanUseAfterDtor);
620
65
    NeedPIE |= !(TC.getTriple().isOSLinux() &&
621
57
                 TC.getTriple().getArch() == llvm::Triple::x86_64);
622
46.1k
  } else {
623
46.1k
    MsanUseAfterDtor = false;
624
46.1k
  }
625
626
46.2k
  if (AllAddedKinds & SanitizerKind::Thread) {
627
74
    TsanMemoryAccess = Args.hasFlag(
628
74
        options::OPT_fsanitize_thread_memory_access,
629
74
        options::OPT_fno_sanitize_thread_memory_access, TsanMemoryAccess);
630
74
    TsanFuncEntryExit = Args.hasFlag(
631
74
        options::OPT_fsanitize_thread_func_entry_exit,
632
74
        options::OPT_fno_sanitize_thread_func_entry_exit, TsanFuncEntryExit);
633
74
    TsanAtomics =
634
74
        Args.hasFlag(options::OPT_fsanitize_thread_atomics,
635
74
                     options::OPT_fno_sanitize_thread_atomics, TsanAtomics);
636
74
  }
637
638
46.2k
  if (AllAddedKinds & SanitizerKind::CFI) {
639
    // Without PIE, external function address may resolve to a PLT record, which
640
    // can not be verified by the target module.
641
50
    NeedPIE |= CfiCrossDso;
642
50
    CfiICallGeneralizePointers =
643
50
        Args.hasArg(options::OPT_fsanitize_cfi_icall_generalize_pointers);
644
645
50
    if (CfiCrossDso && 
CfiICallGeneralizePointers9
)
646
1
      D.Diag(diag::err_drv_argument_not_allowed_with)
647
1
          << "-fsanitize-cfi-cross-dso"
648
1
          << "-fsanitize-cfi-icall-generalize-pointers";
649
650
50
    CfiCanonicalJumpTables =
651
50
        Args.hasFlag(options::OPT_fsanitize_cfi_canonical_jump_tables,
652
50
                     options::OPT_fno_sanitize_cfi_canonical_jump_tables, true);
653
50
  }
654
655
46.2k
  Stats = Args.hasFlag(options::OPT_fsanitize_stats,
656
46.2k
                       options::OPT_fno_sanitize_stats, false);
657
658
46.2k
  if (MinimalRuntime) {
659
19
    SanitizerMask IncompatibleMask =
660
19
        Kinds & ~setGroupBits(CompatibleWithMinimalRuntime);
661
19
    if (IncompatibleMask)
662
4
      D.Diag(clang::diag::err_drv_argument_not_allowed_with)
663
4
          << "-fsanitize-minimal-runtime"
664
4
          << lastArgumentForMask(D, Args, IncompatibleMask);
665
666
19
    SanitizerMask NonTrappingCfi = Kinds & SanitizerKind::CFI & ~TrappingKinds;
667
19
    if (NonTrappingCfi)
668
1
      D.Diag(clang::diag::err_drv_argument_only_allowed_with)
669
1
          << "fsanitize-minimal-runtime"
670
1
          << "fsanitize-trap=cfi";
671
19
  }
672
673
  // Parse -f(no-)?sanitize-coverage flags if coverage is supported by the
674
  // enabled sanitizers.
675
732k
  for (const auto *Arg : Args) {
676
732k
    if (Arg->getOption().matches(options::OPT_fsanitize_coverage)) {
677
72
      int LegacySanitizeCoverage;
678
72
      if (Arg->getNumValues() == 1 &&
679
34
          !StringRef(Arg->getValue(0))
680
3
               .getAsInteger(0, LegacySanitizeCoverage)) {
681
3
        CoverageFeatures = 0;
682
3
        Arg->claim();
683
3
        if (LegacySanitizeCoverage != 0) {
684
1
          D.Diag(diag::warn_drv_deprecated_arg)
685
1
              << Arg->getAsString(Args) << "-fsanitize-coverage=trace-pc-guard";
686
1
        }
687
3
        continue;
688
3
      }
689
69
      CoverageFeatures |= parseCoverageFeatures(D, Arg);
690
691
      // Disable coverage and not claim the flags if there is at least one
692
      // non-supporting sanitizer.
693
69
      if (!(AllAddedKinds & ~AllRemove & ~setGroupBits(SupportsCoverage))) {
694
69
        Arg->claim();
695
0
      } else {
696
0
        CoverageFeatures = 0;
697
0
      }
698
732k
    } else if (Arg->getOption().matches(options::OPT_fno_sanitize_coverage)) {
699
1
      Arg->claim();
700
1
      CoverageFeatures &= ~parseCoverageFeatures(D, Arg);
701
1
    }
702
732k
  }
703
  // Choose at most one coverage type: function, bb, or edge.
704
46.2k
  if ((CoverageFeatures & CoverageFunc) && 
(CoverageFeatures & CoverageBB)28
)
705
0
    D.Diag(clang::diag::err_drv_argument_not_allowed_with)
706
0
        << "-fsanitize-coverage=func"
707
0
        << "-fsanitize-coverage=bb";
708
46.2k
  if ((CoverageFeatures & CoverageFunc) && 
(CoverageFeatures & CoverageEdge)28
)
709
1
    D.Diag(clang::diag::err_drv_argument_not_allowed_with)
710
1
        << "-fsanitize-coverage=func"
711
1
        << "-fsanitize-coverage=edge";
712
46.2k
  if ((CoverageFeatures & CoverageBB) && 
(CoverageFeatures & CoverageEdge)6
)
713
0
    D.Diag(clang::diag::err_drv_argument_not_allowed_with)
714
0
        << "-fsanitize-coverage=bb"
715
0
        << "-fsanitize-coverage=edge";
716
  // Basic block tracing and 8-bit counters require some type of coverage
717
  // enabled.
718
46.2k
  if (CoverageFeatures & CoverageTraceBB)
719
1
    D.Diag(clang::diag::warn_drv_deprecated_arg)
720
1
        << "-fsanitize-coverage=trace-bb"
721
1
        << "-fsanitize-coverage=trace-pc-guard";
722
46.2k
  if (CoverageFeatures & Coverage8bitCounters)
723
1
    D.Diag(clang::diag::warn_drv_deprecated_arg)
724
1
        << "-fsanitize-coverage=8bit-counters"
725
1
        << "-fsanitize-coverage=trace-pc-guard";
726
727
46.2k
  int InsertionPointTypes = CoverageFunc | CoverageBB | CoverageEdge;
728
46.2k
  int InstrumentationTypes = CoverageTracePC | CoverageTracePCGuard |
729
46.2k
                             CoverageInline8bitCounters |
730
46.2k
                             CoverageInlineBoolFlag;
731
46.2k
  if ((CoverageFeatures & InsertionPointTypes) &&
732
40
      !(CoverageFeatures & InstrumentationTypes)) {
733
17
    D.Diag(clang::diag::warn_drv_deprecated_arg)
734
17
        << "-fsanitize-coverage=[func|bb|edge]"
735
17
        << "-fsanitize-coverage=[func|bb|edge],[trace-pc-guard|trace-pc]";
736
17
  }
737
738
  // trace-pc w/o func/bb/edge implies edge.
739
46.2k
  if (!(CoverageFeatures & InsertionPointTypes)) {
740
46.2k
    if (CoverageFeatures &
741
46.2k
        (CoverageTracePC | CoverageTracePCGuard | CoverageInline8bitCounters |
742
46.2k
         CoverageInlineBoolFlag))
743
34
      CoverageFeatures |= CoverageEdge;
744
745
46.2k
    if (CoverageFeatures & CoverageStackDepth)
746
9
      CoverageFeatures |= CoverageFunc;
747
46.2k
  }
748
749
  // Parse -fsanitize-coverage-(black|white)list options if coverage enabled.
750
  // This also validates special case lists format.
751
  // Here, OptSpecifier() acts as a never-matching command-line argument.
752
  // So, there is no way to clear coverage lists but you can append to them.
753
46.2k
  if (CoverageFeatures) {
754
78
    parseSpecialCaseListArg(
755
78
        D, Args, CoverageAllowlistFiles,
756
78
        options::OPT_fsanitize_coverage_allowlist, OptSpecifier(),
757
78
        clang::diag::err_drv_malformed_sanitizer_coverage_whitelist);
758
78
    parseSpecialCaseListArg(
759
78
        D, Args, CoverageBlocklistFiles,
760
78
        options::OPT_fsanitize_coverage_blocklist, OptSpecifier(),
761
78
        clang::diag::err_drv_malformed_sanitizer_coverage_blacklist);
762
78
  }
763
764
46.2k
  SharedRuntime =
765
46.2k
      Args.hasFlag(options::OPT_shared_libsan, options::OPT_static_libsan,
766
46.2k
                   TC.getTriple().isAndroid() || 
TC.getTriple().isOSFuchsia()46.0k
||
767
45.9k
                       TC.getTriple().isOSDarwin());
768
769
46.2k
  ImplicitCfiRuntime = TC.getTriple().isAndroid();
770
771
46.2k
  if (AllAddedKinds & SanitizerKind::Address) {
772
192
    NeedPIE |= TC.getTriple().isOSFuchsia();
773
192
    if (Arg *A =
774
5
            Args.getLastArg(options::OPT_fsanitize_address_field_padding)) {
775
5
        StringRef S = A->getValue();
776
        // Legal values are 0 and 1, 2, but in future we may add more levels.
777
5
        if (S.getAsInteger(0, AsanFieldPadding) || AsanFieldPadding < 0 ||
778
5
            AsanFieldPadding > 2) {
779
1
          D.Diag(clang::diag::err_drv_invalid_value) << A->getAsString(Args) << S;
780
1
        }
781
5
    }
782
783
192
    if (Arg *WindowsDebugRTArg =
784
15
            Args.getLastArg(options::OPT__SLASH_MTd, options::OPT__SLASH_MT,
785
15
                            options::OPT__SLASH_MDd, options::OPT__SLASH_MD,
786
15
                            options::OPT__SLASH_LDd, options::OPT__SLASH_LD)) {
787
15
      switch (WindowsDebugRTArg->getOption().getID()) {
788
7
      case options::OPT__SLASH_MTd:
789
7
      case options::OPT__SLASH_MDd:
790
7
      case options::OPT__SLASH_LDd:
791
7
        D.Diag(clang::diag::err_drv_argument_not_allowed_with)
792
7
            << WindowsDebugRTArg->getAsString(Args)
793
7
            << lastArgumentForMask(D, Args, SanitizerKind::Address);
794
7
        D.Diag(clang::diag::note_drv_address_sanitizer_debug_runtime);
795
15
      }
796
15
    }
797
798
192
    AsanUseAfterScope = Args.hasFlag(
799
192
        options::OPT_fsanitize_address_use_after_scope,
800
192
        options::OPT_fno_sanitize_address_use_after_scope, AsanUseAfterScope);
801
802
192
    AsanPoisonCustomArrayCookie = Args.hasFlag(
803
192
        options::OPT_fsanitize_address_poison_custom_array_cookie,
804
192
        options::OPT_fno_sanitize_address_poison_custom_array_cookie,
805
192
        AsanPoisonCustomArrayCookie);
806
807
    // As a workaround for a bug in gold 2.26 and earlier, dead stripping of
808
    // globals in ASan is disabled by default on ELF targets.
809
    // See https://sourceware.org/bugzilla/show_bug.cgi?id=19002
810
192
    AsanGlobalsDeadStripping =
811
192
        !TC.getTriple().isOSBinFormatELF() || 
TC.getTriple().isOSFuchsia()134
||
812
129
        TC.getTriple().isPS4() ||
813
121
        Args.hasArg(options::OPT_fsanitize_address_globals_dead_stripping);
814
815
192
    AsanUseOdrIndicator =
816
192
        Args.hasFlag(options::OPT_fsanitize_address_use_odr_indicator,
817
192
                     options::OPT_fno_sanitize_address_use_odr_indicator,
818
192
                     AsanUseOdrIndicator);
819
820
192
    if (AllAddedKinds & SanitizerKind::PointerCompare & ~AllRemove) {
821
1
      AsanInvalidPointerCmp = true;
822
1
    }
823
824
192
    if (AllAddedKinds & SanitizerKind::PointerSubtract & ~AllRemove) {
825
1
      AsanInvalidPointerSub = true;
826
1
    }
827
828
46.0k
  } else {
829
46.0k
    AsanUseAfterScope = false;
830
    // -fsanitize=pointer-compare/pointer-subtract requires -fsanitize=address.
831
46.0k
    SanitizerMask DetectInvalidPointerPairs =
832
46.0k
        SanitizerKind::PointerCompare | SanitizerKind::PointerSubtract;
833
46.0k
    if (AllAddedKinds & DetectInvalidPointerPairs & ~AllRemove) {
834
2
      TC.getDriver().Diag(clang::diag::err_drv_argument_only_allowed_with)
835
2
          << lastArgumentForMask(D, Args,
836
2
                                 SanitizerKind::PointerCompare |
837
2
                                     SanitizerKind::PointerSubtract)
838
2
          << "-fsanitize=address";
839
2
    }
840
46.0k
  }
841
842
46.2k
  if (AllAddedKinds & SanitizerKind::HWAddress) {
843
30
    if (Arg *HwasanAbiArg =
844
3
            Args.getLastArg(options::OPT_fsanitize_hwaddress_abi_EQ)) {
845
3
      HwasanAbi = HwasanAbiArg->getValue();
846
3
      if (HwasanAbi != "platform" && 
HwasanAbi != "interceptor"2
)
847
1
        D.Diag(clang::diag::err_drv_invalid_value)
848
1
            << HwasanAbiArg->getAsString(Args) << HwasanAbi;
849
27
    } else {
850
27
      HwasanAbi = "interceptor";
851
27
    }
852
30
  }
853
854
46.2k
  if (AllAddedKinds & SanitizerKind::SafeStack) {
855
    // SafeStack runtime is built into the system on Android and Fuchsia.
856
20
    SafeStackRuntime =
857
20
        !TC.getTriple().isAndroid() && 
!TC.getTriple().isOSFuchsia()15
;
858
20
  }
859
860
46.2k
  LinkRuntimes =
861
46.2k
      Args.hasFlag(options::OPT_fsanitize_link_runtime,
862
46.2k
                   options::OPT_fno_sanitize_link_runtime, LinkRuntimes);
863
864
  // Parse -link-cxx-sanitizer flag.
865
46.2k
  LinkCXXRuntimes = Args.hasArg(options::OPT_fsanitize_link_cxx_runtime,
866
46.2k
                                options::OPT_fno_sanitize_link_cxx_runtime,
867
46.2k
                                LinkCXXRuntimes) ||
868
46.2k
                    D.CCCIsCXX();
869
870
46.2k
  NeedsMemProfRt = Args.hasFlag(options::OPT_fmemory_profile,
871
46.2k
                                options::OPT_fmemory_profile_EQ,
872
46.2k
                                options::OPT_fno_memory_profile, false);
873
874
  // Finally, initialize the set of available and recoverable sanitizers.
875
46.2k
  Sanitizers.Mask |= Kinds;
876
46.2k
  RecoverableSanitizers.Mask |= RecoverableKinds;
877
46.2k
  TrapSanitizers.Mask |= TrappingKinds;
878
46.2k
  assert(!(RecoverableKinds & TrappingKinds) &&
879
46.2k
         "Overlap between recoverable and trapping sanitizers");
880
46.2k
}
881
882
909
static std::string toString(const clang::SanitizerSet &Sanitizers) {
883
909
  std::string Res;
884
909
#define SANITIZER(NAME, ID)                                                    \
885
49.9k
  if (Sanitizers.has(SanitizerKind::ID)) {                                     \
886
4.11k
    if (!Res.empty())                                                          \
887
3.20k
      Res += ",";                                                              \
888
4.11k
    Res += NAME;                                                               \
889
4.11k
  }
890
909
#include "clang/Basic/Sanitizers.def"
891
909
  return Res;
892
909
}
893
894
static void addSpecialCaseListOpt(const llvm::opt::ArgList &Args,
895
                                  llvm::opt::ArgStringList &CmdArgs,
896
                                  const char *SCLOptFlag,
897
87.5k
                                  const std::vector<std::string> &SCLFiles) {
898
43
  for (const auto &SCLPath : SCLFiles) {
899
43
    SmallString<64> SCLOpt(SCLOptFlag);
900
43
    SCLOpt += SCLPath;
901
43
    CmdArgs.push_back(Args.MakeArgString(SCLOpt));
902
43
  }
903
87.5k
}
904
905
static void addIncludeLinkerOption(const ToolChain &TC,
906
                                   const llvm::opt::ArgList &Args,
907
                                   llvm::opt::ArgStringList &CmdArgs,
908
2
                                   StringRef SymbolName) {
909
2
  SmallString<64> LinkerOptionFlag;
910
2
  LinkerOptionFlag = "--linker-option=/include:";
911
2
  if (TC.getTriple().getArch() == llvm::Triple::x86) {
912
    // Win32 mangles C function names with a '_' prefix.
913
1
    LinkerOptionFlag += '_';
914
1
  }
915
2
  LinkerOptionFlag += SymbolName;
916
2
  CmdArgs.push_back(Args.MakeArgString(LinkerOptionFlag));
917
2
}
918
919
26
static bool hasTargetFeatureMTE(const llvm::opt::ArgStringList &CmdArgs) {
920
27
  for (auto Start = CmdArgs.begin(), End = CmdArgs.end(); Start != End; 
++Start1
) {
921
27
    auto It = std::find(Start, End, StringRef("+mte"));
922
27
    if (It == End)
923
4
      break;
924
23
    if (It > Start && *std::prev(It) == StringRef("-target-feature"))
925
22
      return true;
926
1
    Start = It;
927
1
  }
928
4
  return false;
929
26
}
930
931
void SanitizerArgs::addArgs(const ToolChain &TC, const llvm::opt::ArgList &Args,
932
                            llvm::opt::ArgStringList &CmdArgs,
933
43.8k
                            types::ID InputType) const {
934
  // NVPTX/AMDGPU doesn't currently support sanitizers.  Bailing out here means
935
  // that e.g. -fsanitize=address applies only to host code, which is what we
936
  // want for now.
937
43.8k
  if (TC.getTriple().isNVPTX() || 
TC.getTriple().isAMDGPU()43.5k
)
938
808
    return;
939
940
  // Translate available CoverageFeatures to corresponding clang-cc1 flags.
941
  // Do it even if Sanitizers.empty() since some forms of coverage don't require
942
  // sanitizers.
943
43.0k
  std::pair<int, const char *> CoverageFlags[] = {
944
43.0k
      std::make_pair(CoverageFunc, "-fsanitize-coverage-type=1"),
945
43.0k
      std::make_pair(CoverageBB, "-fsanitize-coverage-type=2"),
946
43.0k
      std::make_pair(CoverageEdge, "-fsanitize-coverage-type=3"),
947
43.0k
      std::make_pair(CoverageIndirCall, "-fsanitize-coverage-indirect-calls"),
948
43.0k
      std::make_pair(CoverageTraceBB, "-fsanitize-coverage-trace-bb"),
949
43.0k
      std::make_pair(CoverageTraceCmp, "-fsanitize-coverage-trace-cmp"),
950
43.0k
      std::make_pair(CoverageTraceDiv, "-fsanitize-coverage-trace-div"),
951
43.0k
      std::make_pair(CoverageTraceGep, "-fsanitize-coverage-trace-gep"),
952
43.0k
      std::make_pair(Coverage8bitCounters, "-fsanitize-coverage-8bit-counters"),
953
43.0k
      std::make_pair(CoverageTracePC, "-fsanitize-coverage-trace-pc"),
954
43.0k
      std::make_pair(CoverageTracePCGuard,
955
43.0k
                     "-fsanitize-coverage-trace-pc-guard"),
956
43.0k
      std::make_pair(CoverageInline8bitCounters,
957
43.0k
                     "-fsanitize-coverage-inline-8bit-counters"),
958
43.0k
      std::make_pair(CoverageInlineBoolFlag,
959
43.0k
                     "-fsanitize-coverage-inline-bool-flag"),
960
43.0k
      std::make_pair(CoveragePCTable, "-fsanitize-coverage-pc-table"),
961
43.0k
      std::make_pair(CoverageNoPrune, "-fsanitize-coverage-no-prune"),
962
43.0k
      std::make_pair(CoverageStackDepth, "-fsanitize-coverage-stack-depth")};
963
688k
  for (auto F : CoverageFlags) {
964
688k
    if (CoverageFeatures & F.first)
965
216
      CmdArgs.push_back(F.second);
966
688k
  }
967
43.0k
  addSpecialCaseListOpt(
968
43.0k
      Args, CmdArgs, "-fsanitize-coverage-allowlist=", CoverageAllowlistFiles);
969
43.0k
  addSpecialCaseListOpt(
970
43.0k
      Args, CmdArgs, "-fsanitize-coverage-blocklist=", CoverageBlocklistFiles);
971
972
43.0k
  if (TC.getTriple().isOSWindows() && 
needsUbsanRt()7.90k
) {
973
    // Instruct the code generator to embed linker directives in the object file
974
    // that cause the required runtime libraries to be linked.
975
9
    CmdArgs.push_back(
976
9
        Args.MakeArgString("--dependent-lib=" +
977
9
                           TC.getCompilerRTBasename(Args, "ubsan_standalone")));
978
9
    if (types::isCXX(InputType))
979
2
      CmdArgs.push_back(Args.MakeArgString(
980
2
          "--dependent-lib=" +
981
2
          TC.getCompilerRTBasename(Args, "ubsan_standalone_cxx")));
982
9
  }
983
43.0k
  if (TC.getTriple().isOSWindows() && 
needsStatsRt()7.90k
) {
984
2
    CmdArgs.push_back(Args.MakeArgString(
985
2
        "--dependent-lib=" + TC.getCompilerRTBasename(Args, "stats_client")));
986
987
    // The main executable must export the stats runtime.
988
    // FIXME: Only exporting from the main executable (e.g. based on whether the
989
    // translation unit defines main()) would save a little space, but having
990
    // multiple copies of the runtime shouldn't hurt.
991
2
    CmdArgs.push_back(Args.MakeArgString(
992
2
        "--dependent-lib=" + TC.getCompilerRTBasename(Args, "stats")));
993
2
    addIncludeLinkerOption(TC, Args, CmdArgs, "__sanitizer_stats_register");
994
2
  }
995
996
43.0k
  if (Sanitizers.empty())
997
42.3k
    return;
998
703
  CmdArgs.push_back(Args.MakeArgString("-fsanitize=" + toString(Sanitizers)));
999
1000
703
  if (!RecoverableSanitizers.empty())
1001
148
    CmdArgs.push_back(Args.MakeArgString("-fsanitize-recover=" +
1002
148
                                         toString(RecoverableSanitizers)));
1003
1004
703
  if (!TrapSanitizers.empty())
1005
57
    CmdArgs.push_back(
1006
57
        Args.MakeArgString("-fsanitize-trap=" + toString(TrapSanitizers)));
1007
1008
703
  addSpecialCaseListOpt(Args, CmdArgs,
1009
703
                        "-fsanitize-blacklist=", UserBlacklistFiles);
1010
703
  addSpecialCaseListOpt(Args, CmdArgs,
1011
703
                        "-fsanitize-system-blacklist=", SystemBlacklistFiles);
1012
1013
703
  if (MsanTrackOrigins)
1014
9
    CmdArgs.push_back(Args.MakeArgString("-fsanitize-memory-track-origins=" +
1015
9
                                         Twine(MsanTrackOrigins)));
1016
1017
703
  if (MsanUseAfterDtor)
1018
58
    CmdArgs.push_back("-fsanitize-memory-use-after-dtor");
1019
1020
  // FIXME: Pass these parameters as function attributes, not as -llvm flags.
1021
703
  if (!TsanMemoryAccess) {
1022
2
    CmdArgs.push_back("-mllvm");
1023
2
    CmdArgs.push_back("-tsan-instrument-memory-accesses=0");
1024
2
    CmdArgs.push_back("-mllvm");
1025
2
    CmdArgs.push_back("-tsan-instrument-memintrinsics=0");
1026
2
  }
1027
703
  if (!TsanFuncEntryExit) {
1028
2
    CmdArgs.push_back("-mllvm");
1029
2
    CmdArgs.push_back("-tsan-instrument-func-entry-exit=0");
1030
2
  }
1031
703
  if (!TsanAtomics) {
1032
2
    CmdArgs.push_back("-mllvm");
1033
2
    CmdArgs.push_back("-tsan-instrument-atomics=0");
1034
2
  }
1035
1036
703
  if (CfiCrossDso)
1037
8
    CmdArgs.push_back("-fsanitize-cfi-cross-dso");
1038
1039
703
  if (CfiICallGeneralizePointers)
1040
2
    CmdArgs.push_back("-fsanitize-cfi-icall-generalize-pointers");
1041
1042
703
  if (CfiCanonicalJumpTables)
1043
45
    CmdArgs.push_back("-fsanitize-cfi-canonical-jump-tables");
1044
1045
703
  if (Stats)
1046
5
    CmdArgs.push_back("-fsanitize-stats");
1047
1048
703
  if (MinimalRuntime)
1049
19
    CmdArgs.push_back("-fsanitize-minimal-runtime");
1050
1051
703
  if (AsanFieldPadding)
1052
3
    CmdArgs.push_back(Args.MakeArgString("-fsanitize-address-field-padding=" +
1053
3
                                         Twine(AsanFieldPadding)));
1054
1055
703
  if (AsanUseAfterScope)
1056
183
    CmdArgs.push_back("-fsanitize-address-use-after-scope");
1057
1058
703
  if (AsanPoisonCustomArrayCookie)
1059
4
    CmdArgs.push_back("-fsanitize-address-poison-custom-array-cookie");
1060
1061
703
  if (AsanGlobalsDeadStripping)
1062
70
    CmdArgs.push_back("-fsanitize-address-globals-dead-stripping");
1063
1064
703
  if (AsanUseOdrIndicator)
1065
4
    CmdArgs.push_back("-fsanitize-address-use-odr-indicator");
1066
1067
703
  if (AsanInvalidPointerCmp) {
1068
1
    CmdArgs.push_back("-mllvm");
1069
1
    CmdArgs.push_back("-asan-detect-invalid-pointer-cmp");
1070
1
  }
1071
1072
703
  if (AsanInvalidPointerSub) {
1073
1
    CmdArgs.push_back("-mllvm");
1074
1
    CmdArgs.push_back("-asan-detect-invalid-pointer-sub");
1075
1
  }
1076
1077
703
  if (!HwasanAbi.empty()) {
1078
30
    CmdArgs.push_back("-default-function-attr");
1079
30
    CmdArgs.push_back(Args.MakeArgString("hwasan-abi=" + HwasanAbi));
1080
30
  }
1081
1082
703
  if (Sanitizers.has(SanitizerKind::HWAddress) && 
TC.getTriple().isAArch64()26
) {
1083
12
    CmdArgs.push_back("-target-feature");
1084
12
    CmdArgs.push_back("+tagged-globals");
1085
12
  }
1086
1087
  // MSan: Workaround for PR16386.
1088
  // ASan: This is mainly to help LSan with cases such as
1089
  // https://github.com/google/sanitizers/issues/373
1090
  // We can't make this conditional on -fsanitize=leak, as that flag shouldn't
1091
  // affect compilation.
1092
703
  if (Sanitizers.has(SanitizerKind::Memory) ||
1093
649
      Sanitizers.has(SanitizerKind::Address))
1094
221
    CmdArgs.push_back("-fno-assume-sane-operator-new");
1095
1096
  // libFuzzer wants to intercept calls to certain library functions, so the
1097
  // following -fno-builtin-* flags force the compiler to emit interposable
1098
  // libcalls to these functions. Other sanitizers effectively do the same thing
1099
  // by marking all library call sites with NoBuiltin attribute in their LLVM
1100
  // pass. (see llvm::maybeMarkSanitizerLibraryCallNoBuiltin)
1101
703
  if (Sanitizers.has(SanitizerKind::FuzzerNoLink)) {
1102
14
    CmdArgs.push_back("-fno-builtin-bcmp");
1103
14
    CmdArgs.push_back("-fno-builtin-memcmp");
1104
14
    CmdArgs.push_back("-fno-builtin-strncmp");
1105
14
    CmdArgs.push_back("-fno-builtin-strcmp");
1106
14
    CmdArgs.push_back("-fno-builtin-strncasecmp");
1107
14
    CmdArgs.push_back("-fno-builtin-strcasecmp");
1108
14
    CmdArgs.push_back("-fno-builtin-strstr");
1109
14
    CmdArgs.push_back("-fno-builtin-strcasestr");
1110
14
    CmdArgs.push_back("-fno-builtin-memmem");
1111
14
  }
1112
1113
  // Require -fvisibility= flag on non-Windows when compiling if vptr CFI is
1114
  // enabled.
1115
703
  if (Sanitizers.hasOneOf(CFIClasses) && 
!TC.getTriple().isOSWindows()40
&&
1116
35
      !Args.hasArg(options::OPT_fvisibility_EQ)) {
1117
17
    TC.getDriver().Diag(clang::diag::err_drv_argument_only_allowed_with)
1118
17
        << lastArgumentForMask(TC.getDriver(), Args,
1119
17
                               Sanitizers.Mask & CFIClasses)
1120
17
        << "-fvisibility=";
1121
17
  }
1122
1123
703
  if (Sanitizers.has(SanitizerKind::MemTag) && 
!hasTargetFeatureMTE(CmdArgs)26
)
1124
4
    TC.getDriver().Diag(diag::err_stack_tagging_requires_hardware_feature);
1125
703
}
1126
1127
SanitizerMask parseArgValues(const Driver &D, const llvm::opt::Arg *A,
1128
917
                             bool DiagnoseErrors) {
1129
917
  assert((A->getOption().matches(options::OPT_fsanitize_EQ) ||
1130
917
          A->getOption().matches(options::OPT_fno_sanitize_EQ) ||
1131
917
          A->getOption().matches(options::OPT_fsanitize_recover_EQ) ||
1132
917
          A->getOption().matches(options::OPT_fno_sanitize_recover_EQ) ||
1133
917
          A->getOption().matches(options::OPT_fsanitize_trap_EQ) ||
1134
917
          A->getOption().matches(options::OPT_fno_sanitize_trap_EQ)) &&
1135
917
         "Invalid argument in parseArgValues!");
1136
917
  SanitizerMask Kinds;
1137
1.97k
  for (int i = 0, n = A->getNumValues(); i != n; 
++i1.05k
) {
1138
1.05k
    const char *Value = A->getValue(i);
1139
1.05k
    SanitizerMask Kind;
1140
    // Special case: don't accept -fsanitize=all.
1141
1.05k
    if (A->getOption().matches(options::OPT_fsanitize_EQ) &&
1142
971
        0 == strcmp("all", Value))
1143
1
      Kind = SanitizerMask();
1144
1.05k
    else
1145
1.05k
      Kind = parseSanitizerValue(Value, /*AllowGroups=*/true);
1146
1147
1.05k
    if (Kind)
1148
1.05k
      Kinds |= Kind;
1149
4
    else if (DiagnoseErrors)
1150
4
      D.Diag(clang::diag::err_drv_unsupported_option_argument)
1151
4
          << A->getOption().getName() << Value;
1152
1.05k
  }
1153
917
  return Kinds;
1154
917
}
1155
1156
70
int parseCoverageFeatures(const Driver &D, const llvm::opt::Arg *A) {
1157
70
  assert(A->getOption().matches(options::OPT_fsanitize_coverage) ||
1158
70
         A->getOption().matches(options::OPT_fno_sanitize_coverage));
1159
70
  int Features = 0;
1160
186
  for (int i = 0, n = A->getNumValues(); i != n; 
++i116
) {
1161
116
    const char *Value = A->getValue(i);
1162
116
    int F = llvm::StringSwitch<int>(Value)
1163
116
                .Case("func", CoverageFunc)
1164
116
                .Case("bb", CoverageBB)
1165
116
                .Case("edge", CoverageEdge)
1166
116
                .Case("indirect-calls", CoverageIndirCall)
1167
116
                .Case("trace-bb", CoverageTraceBB)
1168
116
                .Case("trace-cmp", CoverageTraceCmp)
1169
116
                .Case("trace-div", CoverageTraceDiv)
1170
116
                .Case("trace-gep", CoverageTraceGep)
1171
116
                .Case("8bit-counters", Coverage8bitCounters)
1172
116
                .Case("trace-pc", CoverageTracePC)
1173
116
                .Case("trace-pc-guard", CoverageTracePCGuard)
1174
116
                .Case("no-prune", CoverageNoPrune)
1175
116
                .Case("inline-8bit-counters", CoverageInline8bitCounters)
1176
116
                .Case("inline-bool-flag", CoverageInlineBoolFlag)
1177
116
                .Case("pc-table", CoveragePCTable)
1178
116
                .Case("stack-depth", CoverageStackDepth)
1179
116
                .Default(0);
1180
116
    if (F == 0)
1181
1
      D.Diag(clang::diag::err_drv_unsupported_option_argument)
1182
1
          << A->getOption().getName() << Value;
1183
116
    Features |= F;
1184
116
  }
1185
70
  return Features;
1186
70
}
1187
1188
std::string lastArgumentForMask(const Driver &D, const llvm::opt::ArgList &Args,
1189
116
                                SanitizerMask Mask) {
1190
116
  for (llvm::opt::ArgList::const_reverse_iterator I = Args.rbegin(),
1191
116
                                                  E = Args.rend();
1192
602
       I != E; 
++I486
) {
1193
602
    const auto *Arg = *I;
1194
602
    if (Arg->getOption().matches(options::OPT_fsanitize_EQ)) {
1195
117
      SanitizerMask AddKinds =
1196
117
          expandSanitizerGroups(parseArgValues(D, Arg, false));
1197
117
      if (AddKinds & Mask)
1198
116
        return describeSanitizeArg(Arg, Mask);
1199
485
    } else if (Arg->getOption().matches(options::OPT_fno_sanitize_EQ)) {
1200
0
      SanitizerMask RemoveKinds =
1201
0
          expandSanitizerGroups(parseArgValues(D, Arg, false));
1202
0
      Mask &= ~RemoveKinds;
1203
0
    }
1204
602
  }
1205
116
  
llvm_unreachable0
("arg list didn't provide expected value");
1206
116
}
1207
1208
147
std::string describeSanitizeArg(const llvm::opt::Arg *A, SanitizerMask Mask) {
1209
147
  assert(A->getOption().matches(options::OPT_fsanitize_EQ)
1210
147
         && "Invalid argument in describeSanitizerArg!");
1211
1212
147
  std::string Sanitizers;
1213
365
  for (int i = 0, n = A->getNumValues(); i != n; 
++i218
) {
1214
218
    if (expandSanitizerGroups(
1215
218
            parseSanitizerValue(A->getValue(i), /*AllowGroups=*/true)) &
1216
147
        Mask) {
1217
147
      if (!Sanitizers.empty())
1218
0
        Sanitizers += ",";
1219
147
      Sanitizers += A->getValue(i);
1220
147
    }
1221
218
  }
1222
1223
147
  assert(!Sanitizers.empty() && "arg didn't provide expected value");
1224
147
  return "-fsanitize=" + Sanitizers;
1225
147
}