[cfe-commits] [PATCH] Add three new sanitizers depending on ASan.

Alexey Samsonov samsonov at google.com
Tue Nov 27 14:16:54 PST 2012 

Hi kcc, rsmith,

This patch expose to users three more sanitizers:
1) init-order sanitizer: initialization-order checker.
  Status: usable, but may produce false positives w/o proper blacklisting.
2) use-after-return sanitizer
  Status: implemented, but heavily understed. Should be optional, as
  it significanlty slows program down.
3) use-after-scope sanitizer
  Status: in progress, also see phabricator patches D140 and D141.
What do you think on general approach for exposing non-default ASan
features, and of branding?

http://llvm-reviews.chandlerc.com/D142

Files:
  lib/Driver/SanitizerArgs.h
  lib/Driver/Tools.cpp
  test/Driver/fsanitize.c
  include/clang/Basic/Sanitizers.def

Index: lib/Driver/SanitizerArgs.h
===================================================================
--- lib/Driver/SanitizerArgs.h
+++ lib/Driver/SanitizerArgs.h
@@ -28,7 +28,7 @@
 #define SANITIZER(NAME, ID) ID = 1 << SO_##ID,
 #define SANITIZER_GROUP(NAME, ID, ALIAS) ID = ALIAS,
 #include "clang/Basic/Sanitizers.def"
-    NeedsAsanRt = Address,
+    NeedsAsanRt = AddressFull,
     NeedsTsanRt = Thread,
     NeedsUbsanRt = (Undefined & ~Bounds) | Integer
   };
@@ -55,6 +55,20 @@
 #include "clang/Basic/Sanitizers.def"
     SanitizeOpt.pop_back();
     CmdArgs.push_back(Args.MakeArgString(SanitizeOpt));
+  
+    // Add args for LLVM backend.
+    if (Kind & InitOrder) {
+      CmdArgs.push_back("-mllvm");
+      CmdArgs.push_back("-asan-initialization-order");
+    }
+    if (Kind & UseAfterReturn) {
+      CmdArgs.push_back("-mllvm");
+      CmdArgs.push_back("-asan-use-after-return");
+    }
+    if (Kind & UseAfterScope) {
+      CmdArgs.push_back("-mllvm");
+      CmdArgs.push_back("-asan-use-lifetime");
+    }
   }
 
  private:
Index: lib/Driver/Tools.cpp
===================================================================
--- lib/Driver/Tools.cpp
+++ lib/Driver/Tools.cpp
@@ -1475,14 +1475,14 @@
     } else if ((*I)->getOption().matches(options::OPT_fcatch_undefined_behavior)) {
       Add = Undefined;
       DeprecatedReplacement = "-fsanitize=undefined";
-    } else if ((*I)->getOption().matches(options::OPT_fsanitize_EQ)) {
-      Add = parse(D, *I);
-    } else if ((*I)->getOption().matches(options::OPT_fno_sanitize_EQ)) {
-      Remove = parse(D, *I);
     } else if ((*I)->getOption().matches(options::OPT_fbounds_checking) ||
                (*I)->getOption().matches(options::OPT_fbounds_checking_EQ)) {
       Add = Bounds;
       DeprecatedReplacement = "-fsanitize=bounds";
+    } else if ((*I)->getOption().matches(options::OPT_fsanitize_EQ)) {
+      Add = parse(D, *I);
+    } else if ((*I)->getOption().matches(options::OPT_fno_sanitize_EQ)) {
+      Remove = parse(D, *I);
     } else {
       continue;
     }
@@ -1514,6 +1514,13 @@
                              NeedsAsan ? NeedsAsanRt : NeedsTsanRt)
       << describeSanitizeArg(Args, NeedsUbsan ? UbsanArg : TsanArg,
                              NeedsUbsan ? NeedsUbsanRt : NeedsTsanRt);
+
+  // If -fsanitize contains extra features of ASan, it should also
+  // explicitly contain -fsanitize=address. 
+  if (NeedsAsan && ((Kind & Address) == 0))
+    D.Diag(diag::err_drv_argument_only_allowed_with)
+      << describeSanitizeArg(Args, AsanArg, NeedsAsanRt)
+      << "-fsanitize=address";
 }
 
 /// If AddressSanitizer is enabled, add appropriate linker flags (Linux).
Index: test/Driver/fsanitize.c
===================================================================
--- test/Driver/fsanitize.c
+++ test/Driver/fsanitize.c
@@ -10,6 +10,18 @@
 // RUN: %clang -target x86_64-linux-gnu -fsanitize=thread,undefined -fno-thread-sanitizer -fno-sanitize=float-cast-overflow,vptr %s -### 2>&1 | FileCheck %s --check-prefix=CHECK-PARTIAL-UNDEFINED
 // CHECK-PARTIAL-UNDEFINED: "-fsanitize={{((signed-integer-overflow|integer-divide-by-zero|float-divide-by-zero|shift|unreachable|return|vla-bound|alignment|null|object-size|bounds),?){11}"}}
 
+// RUN: %clang -target x86_64-linux-gnu -fsanitize=address,init-order %s -### 2>&1 | FileCheck %s --check-prefix=CHECK-ASAN-INIT-ORDER
+// CHECK-ASAN-INIT-ORDER: "-mllvm" "-asan-initialization-order"
+
+// RUN: %clang -target x86_64-linux-gnu -fsanitize=use-after-return,address %s -### 2>&1 | FileCheck %s --check-prefix=CHECK-ASAN-UAR
+// CHECK-ASAN-UAR: "-mllvm" "-asan-use-after-return"
+
+// RUN: %clang -target x86_64-linux-gnu -fsanitize=address,use-after-scope %s -### 2>&1 | FileCheck %s --check-prefix=CHECK-ASAN-UAS
+// CHECK-ASAN-UAS: "-mllvm" "-asan-use-lifetime"
+
+// RUN: %clang -target x86_64-linux-gnu -fsanitize=address-full %s -### 2>&1 | FileCheck %s --check-prefix=CHECK-ASAN-FULL
+// CHECK-ASAN-FULL: "-fsanitize={{((address|init-order|use-after-return|use-after-scope),?){4}"}}
+
 // RUN: %clang -target x86_64-linux-gnu -fsanitize=vptr -fno-rtti %s -c -o /dev/null 2>&1 | FileCheck %s --check-prefix=CHECK-VPTR-NO-RTTI
 // RUN: %clang -target x86_64-linux-gnu -fsanitize=undefined -fno-rtti %s -c -o /dev/null 2>&1 | FileCheck %s --check-prefix=CHECK-VPTR-NO-RTTI
 // CHECK-VPTR-NO-RTTI: '-fsanitize=vptr' not allowed with '-fno-rtti'
@@ -20,6 +32,9 @@
 // RUN: %clang -target x86_64-linux-gnu -faddress-sanitizer -fthread-sanitizer -fno-rtti %s -c -o /dev/null 2>&1 | FileCheck %s --check-prefix=CHECK-ASAN-TSAN
 // CHECK-ASAN-TSAN: '-faddress-sanitizer' not allowed with '-fthread-sanitizer'
 
+// RUN: %clang -target x86_64-linux-gnu -fsanitize=init-order %s -c -o /dev/null 2>&1 | FileCheck %s --check-prefix=CHECK-ONLY-EXTRA-ASAN
+// CHECK-ONLY-EXTRA-ASAN: argument '-fsanitize=init-order' only allowed with '-fsanitize=address'
+
 // RUN: %clang -target x86_64-linux-gnu -fcatch-undefined-behavior -fthread-sanitizer -fno-thread-sanitizer -faddress-sanitizer -fno-address-sanitizer -fbounds-checking -c -o /dev/null %s 2>&1 | FileCheck %s --check-prefix=CHECK-DEPRECATED
 // CHECK-DEPRECATED: argument '-fcatch-undefined-behavior' is deprecated, use '-fsanitize=undefined' instead
 // CHECK-DEPRECATED: argument '-fthread-sanitizer' is deprecated, use '-fsanitize=thread' instead
Index: include/clang/Basic/Sanitizers.def
===================================================================
--- include/clang/Basic/Sanitizers.def
+++ include/clang/Basic/Sanitizers.def
@@ -40,6 +40,13 @@
 
 // AddressSanitizer
 SANITIZER("address", Address)
+// More features of AddressSanitizer that should be turned on explicitly.
+SANITIZER("init-order", InitOrder)
+SANITIZER("use-after-return", UseAfterReturn)
+SANITIZER("use-after-scope", UseAfterScope)
+
+SANITIZER_GROUP("address-full", AddressFull,
+                Address | InitOrder | UseAfterReturn | UseAfterScope)
 
 // ThreadSanitizer
 SANITIZER("thread", Thread)
-------------- next part --------------
A non-text attachment was scrubbed...
Name: D142.1.patch
Type: text/x-patch
Size: 5988 bytes
Desc: not available
URL: <http://lists.llvm.org/pipermail/cfe-commits/attachments/20121127/a8ace58b/attachment.bin>

More information about the cfe-commits mailing list