[PATCH] D32842: Specify which sanitizers are covered by a sanitizer blacklist

Vedant Kumar via Phabricator via cfe-commits cfe-commits at lists.llvm.org
Wed May 3 17:25:30 PDT 2017 

vsk created this revision.

Sanitizer blacklists currently apply to all enabled sanitizers. E.g if
multiple sanitizers are enabled, it isn't possible to specify a
blacklist for one sanitizer and not another.

This makes it impossible to load default blacklists for more than one
sanitizer, because doing so would result in false negatives (i.e, some
code may not be instrumented by the right sanitizer, because the final
sanitizer blacklist is the union of all available blacklists).

This patch fixes the situation by changing the internal representation
of blacklists. It becomes mandatory to specify which sanitizers are
covered by each blacklist, and to specify the sanitization kind up-front
when querying the blacklist.

This resolves the "multiple default sanitizer blacklists" situation.
Instead of arbitrarily picking a default blacklist and ignoring the
rest, we would correctly load all of them s.t entries in one blacklist
which apply to one sanitizer could not mistakenly be applied to another
sanitizer.

For now, the user-facing -fsanitize-blacklist driver option is left
unchanged. Specifying a blacklist in this way creates a blacklist which
covers all enabled sanitizers.

The internal -fsanitize-blacklist frontend option is modified so that
the names of the covered sanitizers are passed along with the path to
the blacklist file. E.g this:

  clang -cc1 -fsanitize=address -fsanitize-blacklist=BL.txt

Becomes this:

  clang -cc1 -fsanitize=address -fsanitize-blacklist=address:BL.txt

This patch obsoletes https://reviews.llvm.org/D32047.


https://reviews.llvm.org/D32842

Files:
  include/clang/AST/ASTContext.h
  include/clang/Basic/LangOptions.h
  include/clang/Basic/SanitizerBlacklist.h
  include/clang/Driver/SanitizerArgs.h
  lib/AST/ASTContext.cpp
  lib/AST/Decl.cpp
  lib/Basic/LangOptions.cpp
  lib/Basic/SanitizerBlacklist.cpp
  lib/CodeGen/CGClass.cpp
  lib/CodeGen/CGDeclCXX.cpp
  lib/CodeGen/CGExpr.cpp
  lib/CodeGen/CodeGenFunction.cpp
  lib/CodeGen/CodeGenModule.cpp
  lib/CodeGen/CodeGenModule.h
  lib/Driver/SanitizerArgs.cpp
  lib/Frontend/CompilerInvocation.cpp
  test/CodeGen/address-safety-attr.cpp
  test/CodeGen/asan-globals.cpp
  test/CodeGen/sanitize-address-field-padding.cpp
  test/CodeGen/sanitize-init-order.cpp
  test/CodeGen/sanitize-thread-attr.cpp
  test/CodeGen/ubsan-blacklist.c
  test/CodeGen/ubsan-type-blacklist.cpp
  test/CodeGenCXX/cfi-blacklist.cpp
  test/Driver/Inputs/resource_dir/cfi_blacklist.txt
  test/Driver/fsanitize-blacklist.c
  test/Frontend/sanitizer-blacklists.c

-------------- next part --------------
A non-text attachment was scrubbed...
Name: D32842.97755.patch
Type: text/x-patch
Size: 41160 bytes
Desc: not available
URL: <http://lists.llvm.org/pipermail/cfe-commits/attachments/20170504/ed7e25d4/attachment-0001.bin>

More information about the cfe-commits mailing list