[clang] 03b84e4 - [clang] Report sanitizer blacklist as a dependency in cc1
Voss, Matthew via cfe-commits
cfe-commits at lists.llvm.org
Thu Nov 7 16:50:02 PST 2019
Hi Jan,
It looks like this commit is causing DFSAN failures on the sanitizer bots and our internal CI. Could you take a look?
http://lab.llvm.org:8011/builders/sanitizer-x86_64-linux/builds/24312/steps/64-bit%20check-dfsan/logs/stdio
Thanks,
Matthew
> -----Original Message-----
> From: cfe-commits <cfe-commits-bounces at lists.llvm.org> On Behalf Of Jan
> Korous via cfe-commits
> Sent: Thursday, November 7, 2019 2:07 PM
> To: cfe-commits at lists.llvm.org
> Subject: [clang] 03b84e4 - [clang] Report sanitizer blacklist as a
> dependency in cc1
>
>
> Author: Jan Korous
> Date: 2019-11-07T14:06:43-08:00
> New Revision: 03b84e4f6d0e1c04f22d69cc445f36e1f713beb4
>
> URL: https://github.com/llvm/llvm-
> project/commit/03b84e4f6d0e1c04f22d69cc445f36e1f713beb4
> DIFF: https://github.com/llvm/llvm-
> project/commit/03b84e4f6d0e1c04f22d69cc445f36e1f713beb4.diff
>
> LOG: [clang] Report sanitizer blacklist as a dependency in cc1
>
> Previously these were reported from the driver which blocked clang-scan-
> deps from getting the full set of dependencies from cc1 commands.
>
> Also the default sanitizer blacklist that is added in driver was never
> reported as a dependency. I introduced -fsanitize-system-blacklist cc1
> option to keep track of which blacklists were user-specified and which
> were added by driver and clang -MD now also reports system blacklists as
> dependencies.
>
> Differential Revision: https://reviews.llvm.org/D69290
>
> Added:
>
>
> Modified:
> clang/include/clang/Driver/Options.td
> clang/include/clang/Driver/SanitizerArgs.h
> clang/lib/Driver/SanitizerArgs.cpp
> clang/lib/Frontend/CompilerInvocation.cpp
> clang/test/Driver/fsanitize-blacklist.c
> clang/test/Frontend/dependency-gen.c
>
> Removed:
>
>
>
> ##########################################################################
> ######
> diff --git a/clang/include/clang/Driver/Options.td
> b/clang/include/clang/Driver/Options.td
> index dcd2976a97f2..c2e30a16b8da 100644
> --- a/clang/include/clang/Driver/Options.td
> +++ b/clang/include/clang/Driver/Options.td
> @@ -979,6 +979,9 @@ def fno_sanitize_EQ : CommaJoined<["-"], "fno-
> sanitize=">, Group<f_clang_Group>, def fsanitize_blacklist : Joined<["-
> "], "fsanitize-blacklist=">,
> Group<f_clang_Group>,
> HelpText<"Path to blacklist file for
> sanitizers">;
> +def fsanitize_system_blacklist : Joined<["-"],
> +"fsanitize-system-blacklist=">,
> + HelpText<"Path to system blacklist file for sanitizers">,
> + Flags<[CC1Option]>;
> def fno_sanitize_blacklist : Flag<["-"], "fno-sanitize-blacklist">,
> Group<f_clang_Group>,
> HelpText<"Don't use blacklist file for
> sanitizers">;
>
> diff --git a/clang/include/clang/Driver/SanitizerArgs.h
> b/clang/include/clang/Driver/SanitizerArgs.h
> index c37499e0f201..0aebf8cb225d 100644
> --- a/clang/include/clang/Driver/SanitizerArgs.h
> +++ b/clang/include/clang/Driver/SanitizerArgs.h
> @@ -25,8 +25,8 @@ class SanitizerArgs {
> SanitizerSet RecoverableSanitizers;
> SanitizerSet TrapSanitizers;
>
> - std::vector<std::string> BlacklistFiles;
> - std::vector<std::string> ExtraDeps;
> + std::vector<std::string> UserBlacklistFiles;
> + std::vector<std::string> SystemBlacklistFiles;
> int CoverageFeatures = 0;
> int MsanTrackOrigins = 0;
> bool MsanUseAfterDtor = true;
>
> diff --git a/clang/lib/Driver/SanitizerArgs.cpp
> b/clang/lib/Driver/SanitizerArgs.cpp
> index cc6c5e6ef438..8937197c253c 100644
> --- a/clang/lib/Driver/SanitizerArgs.cpp
> +++ b/clang/lib/Driver/SanitizerArgs.cpp
> @@ -557,29 +557,35 @@ SanitizerArgs::SanitizerArgs(const ToolChain &TC,
>
> // Setup blacklist files.
> // Add default blacklist from resource directory.
> - addDefaultBlacklists(D, Kinds, BlacklistFiles);
> + addDefaultBlacklists(D, Kinds, SystemBlacklistFiles);
> // Parse -f(no-)sanitize-blacklist options.
> for (const auto *Arg : Args) {
> if (Arg->getOption().matches(options::OPT_fsanitize_blacklist)) {
> Arg->claim();
> std::string BLPath = Arg->getValue();
> if (llvm::sys::fs::exists(BLPath)) {
> - BlacklistFiles.push_back(BLPath);
> - ExtraDeps.push_back(BLPath);
> + UserBlacklistFiles.push_back(BLPath);
> } else {
> D.Diag(clang::diag::err_drv_no_such_file) << BLPath;
> }
> } else if (Arg-
> >getOption().matches(options::OPT_fno_sanitize_blacklist)) {
> Arg->claim();
> - BlacklistFiles.clear();
> - ExtraDeps.clear();
> + UserBlacklistFiles.clear();
> + SystemBlacklistFiles.clear();
> }
> }
> // Validate blacklists format.
> {
> std::string BLError;
> std::unique_ptr<llvm::SpecialCaseList> SCL(
> - llvm::SpecialCaseList::create(BlacklistFiles, BLError));
> + llvm::SpecialCaseList::create(UserBlacklistFiles, BLError));
> + if (!SCL.get())
> + D.Diag(clang::diag::err_drv_malformed_sanitizer_blacklist) <<
> + BLError; } {
> + std::string BLError;
> + std::unique_ptr<llvm::SpecialCaseList> SCL(
> + llvm::SpecialCaseList::create(SystemBlacklistFiles, BLError));
> if (!SCL.get())
> D.Diag(clang::diag::err_drv_malformed_sanitizer_blacklist) <<
> BLError;
> }
> @@ -952,15 +958,15 @@ void SanitizerArgs::addArgs(const ToolChain &TC,
> const llvm::opt::ArgList &Args,
> CmdArgs.push_back(
> Args.MakeArgString("-fsanitize-trap=" +
> toString(TrapSanitizers)));
>
> - for (const auto &BLPath : BlacklistFiles) {
> + for (const auto &BLPath : UserBlacklistFiles) {
> SmallString<64> BlacklistOpt("-fsanitize-blacklist=");
> BlacklistOpt += BLPath;
> CmdArgs.push_back(Args.MakeArgString(BlacklistOpt));
> }
> - for (const auto &Dep : ExtraDeps) {
> - SmallString<64> ExtraDepOpt("-fdepfile-entry=");
> - ExtraDepOpt += Dep;
> - CmdArgs.push_back(Args.MakeArgString(ExtraDepOpt));
> + for (const auto &BLPath : SystemBlacklistFiles) {
> + SmallString<64> BlacklistOpt("-fsanitize-system-blacklist=");
> + BlacklistOpt += BLPath;
> + CmdArgs.push_back(Args.MakeArgString(BlacklistOpt));
> }
>
> if (MsanTrackOrigins)
>
> diff --git a/clang/lib/Frontend/CompilerInvocation.cpp
> b/clang/lib/Frontend/CompilerInvocation.cpp
> index 195a29d71187..17fd4ce7752b 100644
> --- a/clang/lib/Frontend/CompilerInvocation.cpp
> +++ b/clang/lib/Frontend/CompilerInvocation.cpp
> @@ -1447,7 +1447,26 @@ static void
> ParseDependencyOutputArgs(DependencyOutputOptions &Opts,
> // Add sanitizer blacklists as extra dependencies.
> // They won't be discovered by the regular preprocessor, so
> // we let make / ninja to know about this implicit dependency.
> - Opts.ExtraDeps = Args.getAllArgValues(OPT_fdepfile_entry);
> + if (!Args.hasArg(OPT_fno_sanitize_blacklist)) {
> + for (const auto *A : Args.filtered(OPT_fsanitize_blacklist)) {
> + StringRef Val = A->getValue();
> + if (Val.find('=') == StringRef::npos)
> + Opts.ExtraDeps.push_back(Val);
> + }
> + if (Opts.IncludeSystemHeaders) {
> + for (const auto *A : Args.filtered(OPT_fsanitize_system_blacklist))
> {
> + StringRef Val = A->getValue();
> + if (Val.find('=') == StringRef::npos)
> + Opts.ExtraDeps.push_back(Val);
> + }
> + }
> + }
> +
> + // Propagate the extra dependencies.
> + for (const auto *A : Args.filtered(OPT_fdepfile_entry)) {
> + Opts.ExtraDeps.push_back(A->getValue());
> + }
> +
> // Only the -fmodule-file=<file> form.
> for (const auto *A : Args.filtered(OPT_fmodule_file)) {
> StringRef Val = A->getValue();
>
> diff --git a/clang/test/Driver/fsanitize-blacklist.c
> b/clang/test/Driver/fsanitize-blacklist.c
> index e08905c94eda..6878298e6752 100644
> --- a/clang/test/Driver/fsanitize-blacklist.c
> +++ b/clang/test/Driver/fsanitize-blacklist.c
> @@ -16,22 +16,18 @@
> // RUN: %clang -target aarch64-linux-gnu -fsanitize=hwaddress -fsanitize-
> blacklist=%t.good -fsanitize-blacklist=%t.second %s -### 2>&1 | FileCheck
> %s --check-prefix=CHECK-BLACKLIST // CHECK-BLACKLIST: -fsanitize-
> blacklist={{.*}}.good" "-fsanitize-blacklist={{.*}}.second
>
> -// Now, check for -fdepfile-entry flags.
> -// RUN: %clang -target x86_64-linux-gnu -fsanitize=address -fsanitize-
> blacklist=%t.good -fsanitize-blacklist=%t.second %s -### 2>&1 | FileCheck
> %s --check-prefix=CHECK-BLACKLIST2 -// CHECK-BLACKLIST2: -fdepfile-
> entry={{.*}}.good" "-fdepfile-entry={{.*}}.second
> -
> // Check that the default blacklist is not added as an extra dependency.
> // RUN: %clang -target x86_64-linux-gnu -fsanitize=address -resource-
> dir=%S/Inputs/resource_dir %s -### 2>&1 | FileCheck %s --check-
> prefix=CHECK-DEFAULT-BLACKLIST-ASAN --implicit-check-not=fdepfile-entry --
> implicit-check-not=-fsanitize-blacklist=
> -// CHECK-DEFAULT-BLACKLIST-ASAN: -fsanitize-
> blacklist={{.*[^w]}}asan_blacklist.txt
> +// CHECK-DEFAULT-BLACKLIST-ASAN:
> +-fsanitize-system-blacklist={{.*[^w]}}asan_blacklist.txt
> // RUN: %clang -target x86_64-linux-gnu -fsanitize=hwaddress -resource-
> dir=%S/Inputs/resource_dir %s -### 2>&1 | FileCheck %s --check-
> prefix=CHECK-DEFAULT-BLACKLIST-HWASAN --implicit-check-not=fdepfile-entry
> --implicit-check-not=-fsanitize-blacklist=
> -// CHECK-DEFAULT-BLACKLIST-HWASAN: -fsanitize-
> blacklist={{.*}}hwasan_blacklist.txt
> +// CHECK-DEFAULT-BLACKLIST-HWASAN:
> +-fsanitize-system-blacklist={{.*}}hwasan_blacklist.txt
>
> // RUN: %clang -target x86_64-linux-gnu -fsanitize=integer -resource-
> dir=%S/Inputs/resource_dir %s -### 2>&1 | FileCheck %s --check-
> prefix=CHECK-DEFAULT-UBSAN-BLACKLIST --implicit-check-not=fdepfile-entry -
> -implicit-check-not=-fsanitize-blacklist=
> // RUN: %clang -target x86_64-linux-gnu -fsanitize=nullability -resource-
> dir=%S/Inputs/resource_dir %s -### 2>&1 | FileCheck %s --check-
> prefix=CHECK-DEFAULT-UBSAN-BLACKLIST --implicit-check-not=fdepfile-entry -
> -implicit-check-not=-fsanitize-blacklist=
> // RUN: %clang -target x86_64-linux-gnu -fsanitize=undefined -resource-
> dir=%S/Inputs/resource_dir %s -### 2>&1 | FileCheck %s --check-
> prefix=CHECK-DEFAULT-UBSAN-BLACKLIST --implicit-check-not=fdepfile-entry -
> -implicit-check-not=-fsanitize-blacklist=
> // RUN: %clang -target x86_64-linux-gnu -fsanitize=alignment -resource-
> dir=%S/Inputs/resource_dir %s -### 2>&1 | FileCheck %s --check-
> prefix=CHECK-DEFAULT-UBSAN-BLACKLIST --implicit-check-not=fdepfile-entry -
> -implicit-check-not=-fsanitize-blacklist=
> // RUN: %clang -target %itanium_abi_triple -fsanitize=float-divide-by-
> zero -resource-dir=%S/Inputs/resource_dir %s -### 2>&1 | FileCheck %s --
> check-prefix=CHECK-DEFAULT-UBSAN-BLACKLIST --implicit-check-not=fdepfile-
> entry --implicit-check-not=-fsanitize-blacklist=
> -// CHECK-DEFAULT-UBSAN-BLACKLIST: -fsanitize-
> blacklist={{.*}}ubsan_blacklist.txt
> +// CHECK-DEFAULT-UBSAN-BLACKLIST:
> +-fsanitize-system-blacklist={{.*}}ubsan_blacklist.txt
>
> // Check that combining ubsan and another sanitizer results in both
> blacklists being used.
> // RUN: %clang -target x86_64-linux-gnu -fsanitize=undefined,address -
> resource-dir=%S/Inputs/resource_dir %s -### 2>&1 | FileCheck %s --check-
> prefix=CHECK-DEFAULT-UBSAN-BLACKLIST --check-prefix=CHECK-DEFAULT-ASAN-
> BLACKLIST --implicit-check-not=fdepfile-entry --implicit-check-not=-
> fsanitize-blacklist=
>
> diff --git a/clang/test/Frontend/dependency-gen.c
> b/clang/test/Frontend/dependency-gen.c
> index 963419cb1188..1db9b04c1d9f 100644
> --- a/clang/test/Frontend/dependency-gen.c
> +++ b/clang/test/Frontend/dependency-gen.c
> @@ -27,3 +27,20 @@
> #ifndef INCLUDE_FLAG_TEST
> #include <x.h>
> #endif
> +
> +// RUN: echo "fun:foo" > %t.blacklist1
> +// RUN: echo "fun:foo" > %t.blacklist2
> +// RUN: %clang -MD -MF - %s -fsyntax-only
> +-resource-dir=%S/Inputs/resource_dir_with_cfi_blacklist -fsanitize=cfi-
> vcall -flto -fvisibility=hidden -fsanitize-blacklist=%t.blacklist1 -
> fsanitize-blacklist=%t.blacklist2 -I ./ | FileCheck -check-prefix=TWO-
> BLACK-LISTS %s // TWO-BLACK-LISTS: dependency-gen.o:
> +// TWO-BLACK-LISTS-DAG: blacklist1
> +// TWO-BLACK-LISTS-DAG: blacklist2
> +// TWO-BLACK-LISTS-DAG: x.h
> +// TWO-BLACK-LISTS-DAG: dependency-gen.c
> +
> +// RUN: %clang -MD -MF - %s -fsyntax-only
> +-resource-dir=%S/Inputs/resource_dir_with_cfi_blacklist -fsanitize=cfi-
> vcall -flto -fvisibility=hidden -I ./ | FileCheck -check-prefix=USER-AND-
> SYS-DEPS %s // USER-AND-SYS-DEPS: dependency-gen.o:
> +// USER-AND-SYS-DEPS-DAG: cfi_blacklist.txt
> +
> +// RUN: %clang -MMD -MF - %s -fsyntax-only
> +-resource-dir=%S/Inputs/resource_dir_with_cfi_blacklist -fsanitize=cfi-
> vcall -flto -fvisibility=hidden -I ./ | FileCheck -check-prefix=ONLY-USER-
> DEPS %s // ONLY-USER-DEPS: dependency-gen.o:
> +// NOT-ONLY-USER-DEPS: cfi_blacklist.txt
> \ No newline at end of file
>
>
>
> _______________________________________________
> cfe-commits mailing list
> cfe-commits at lists.llvm.org
> https://lists.llvm.org/cgi-bin/mailman/listinfo/cfe-commits
More information about the cfe-commits
mailing list