This is an archive of the discontinued LLVM Phabricator instance.

Differential D11857

CFI: Introduce -fsanitize=cfi-icall flag.
ClosedPublic

Authored by pcc on Aug 7 2015, 6:31 PM.

Details

Reviewers
kcc
samsonov
rsmith
Commits
rG2c7f7e31c4c0: CFI: Introduce -fsanitize=cfi-icall flag.
rC247238: CFI: Introduce -fsanitize=cfi-icall flag.
rL247238: CFI: Introduce -fsanitize=cfi-icall flag.
Summary

This flag causes the compiler to emit bit set entries for functions as well
as runtime bitset checks at indirect call sites. Depends on the new function
bitset mechanism.

Diff Detail

Repository
rL LLVM

Event Timeline

pcc updated this revision to Diff 31568.Aug 7 2015, 6:31 PM
pcc retitled this revision from to CFI: Introduce -fsanitize=cfi-icall flag..
pcc updated this object.
pcc added reviewers: kcc, samsonov, rsmith.
pcc added a subscriber: cfe-commits.
rsmith edited edge metadata.Aug 8 2015, 5:40 PM

This seems to have a lot of overlap with the function sanitizer. The documentation would probably benefit from some advice about when to use each and how they compare.

lib/AST/ItaniumMangle.cpp
4119–4126 ↗(On Diff #31568)

:( Making up a name here seems like it should not be necessary. Could you use a named metadata node with no name as the key for your bitset? (Weird as it is, that seems to be our representation for "internal linkage" metadata.)

samsonov edited edge metadata.Aug 10 2015, 1:23 PM

Driver changes look good.

pcc updated this revision to Diff 31871.Aug 11 2015, 3:00 PM
pcc edited edge metadata.
  • Create distinct MDNodes for types with internal linkage; replace custom bit set mangling with mangleTypeName throughout
  • Add documentation explaining the difference between this and -fsanitize=function
pcc added a comment.Aug 11 2015, 3:01 PM

The documentation would probably benefit from some advice about when to use each and how they compare.

Added.

lib/AST/ItaniumMangle.cpp
4119–4126 ↗(On Diff #31568)

Done. This also required some improvements to the bitset lowering pass (D11857) to permit non-string bitset identifiers.

jevinskie added a subscriber: jevinskie.Aug 11 2015, 3:09 PM
pcc mentioned this in D12026: Decorating vptr load & stores with !invariant.group.Aug 14 2015, 11:32 AM
pcc mentioned this in D12038: CodeGen: Introduce CodeGenModule::CreateMetadataIdentifierForType..Aug 14 2015, 12:02 PM
pcc updated this revision to Diff 32179.Aug 14 2015, 1:52 PM

Rebase onto D12038

pcc mentioned this in D11856: LowerBitSets: Extend pass to support functions as bitset members..Aug 17 2015, 1:05 PM
kcc added inline comments.Aug 24 2015, 4:14 PM
docs/ControlFlowIntegrity.rst
149 ↗(On Diff #32179)

mention that LTO is require explicitly?

pcc updated this revision to Diff 33020.Aug 24 2015, 4:31 PM
  • Address comment
docs/ControlFlowIntegrity.rst
149 ↗(On Diff #32179)

Done above.

pcc updated this revision to Diff 33175.Aug 25 2015, 9:10 PM
  • Add apology for lack of documentation
pcc mentioned this in rL247080: LowerBitSets: Extend pass to support functions as bitset members..Sep 8 2015, 2:59 PM
pcc mentioned this in rL247098: CodeGen: Introduce CodeGenModule::CreateMetadataIdentifierForType..Sep 8 2015, 4:02 PM
kcc accepted this revision.Sep 9 2015, 6:38 PM
kcc edited edge metadata.

LGTM with a nit

test/CodeGen/cfi-icall.c
1 ↗(On Diff #33175)

Add a comment explaining what we are testing here.
same below.

This revision is now accepted and ready to land.Sep 9 2015, 6:38 PM
Closed by commit rL247238: CFI: Introduce -fsanitize=cfi-icall flag. (authored by pcc). · Explain WhySep 9 2015, 7:19 PM
This revision was automatically updated to reflect the committed changes.
pcc added inline comments.Sep 9 2015, 7:23 PM
test/CodeGen/cfi-icall.c
1 ↗(On Diff #33175)

Done

Revision Contents

PathSize
cfe/
trunk/
docs/
62 lines
8 lines
include/
clang/
AST/
3 lines
Basic/
4 lines
lib/
AST/
17 lines
17 lines
CodeGen/
7 lines
23 lines
38 lines
20 lines
Driver/
2 lines
1 line
test/
CodeGen/
20 lines
CodeGenCXX/
24 lines
23 lines
4 lines
8 lines
70 lines
Driver/
5 lines

Diff 34403

cfe/trunk/docs/ControlFlowIntegrity.rst

Show All 14 Lines
Clang includes an implementation of a number of control flow integrity (CFI) Clang includes an implementation of a number of control flow integrity (CFI)
schemes, which are designed to abort the program upon detecting certain forms schemes, which are designed to abort the program upon detecting certain forms
of undefined behavior that can potentially allow attackers to subvert the of undefined behavior that can potentially allow attackers to subvert the
program's control flow. These schemes have been optimized for performance, program's control flow. These schemes have been optimized for performance,
allowing developers to enable them in release builds. allowing developers to enable them in release builds.
To enable Clang's available CFI schemes, use the flag ``-fsanitize=cfi``. To enable Clang's available CFI schemes, use the flag ``-fsanitize=cfi``.
As currently implemented, CFI relies on link-time optimization (LTO); so it is As currently implemented, all of Clang's CFI schemes (``cfi-vcall``,
required to specify ``-flto``, and the linker used must support LTO, for example ``cfi-derived-cast``, ``cfi-unrelated-cast``, ``cfi-nvcall``, ``cfi-icall``)
via the `gold plugin`_. To allow the checks to be implemented efficiently, rely on link-time optimization (LTO); so it is required to specify
the program must be structured such that certain object files are compiled ``-flto``, and the linker used must support LTO, for example via the `gold
with CFI enabled, and are statically linked into the program. This may plugin`_. To allow the checks to be implemented efficiently, the program must
preclude the use of shared libraries in some cases. be structured such that certain object files are compiled with CFI enabled,
and are statically linked into the program. This may preclude the use of
shared libraries in some cases.
Clang currently implements forward-edge CFI for member function calls and Clang currently implements forward-edge CFI for member function calls and
bad cast checking. More schemes are under development. bad cast checking. More schemes are under development.
.. _gold plugin: http://llvm.org/docs/GoldPlugin.html .. _gold plugin: http://llvm.org/docs/GoldPlugin.html
Forward-Edge CFI for Virtual Calls Forward-Edge CFI for Virtual Calls
---------------------------------- ----------------------------------
▲ Show 20 LinesShow All 81 Lines▼ Show 20 Lines
to the least derived such class. to the least derived such class.
Casting an instance of a base class to such a derived class is technically Casting an instance of a base class to such a derived class is technically
undefined behavior, but it is a relatively common hack for introducing undefined behavior, but it is a relatively common hack for introducing
member functions on class instances with specific properties that works under member functions on class instances with specific properties that works under
most compilers and should not have security implications, so we allow it by most compilers and should not have security implications, so we allow it by
default. It can be disabled with ``-fsanitize=cfi-cast-strict``. default. It can be disabled with ``-fsanitize=cfi-cast-strict``.
Indirect Function Call Checking
-------------------------------
This scheme checks that function calls take place using a function of the
correct dynamic type; that is, the dynamic type of the function must match
the static type used at the call. This CFI scheme can be enabled on its own
using ``-fsanitize=cfi-icall``.
For this scheme to work, each indirect function call in the program, other
than calls in :ref:`blacklisted <cfi-blacklist>` functions, must call a
function which was either compiled with ``-fsanitize=cfi-icall`` enabled,
or whose address was taken by a function in a translation unit compiled with
``-fsanitize=cfi-icall``.
If a function in a translation unit compiled with ``-fsanitize=cfi-icall``
takes the address of a function not compiled with ``-fsanitize=cfi-icall``,
that address may differ from the address taken by a function in a translation
unit not compiled with ``-fsanitize=cfi-icall``. This is technically a
violation of the C and C++ standards, but it should not affect most programs.
Each translation unit compiled with ``-fsanitize=cfi-icall`` must be
statically linked into the program or shared library, and calls across
shared library boundaries are handled as if the callee was not compiled with
``-fsanitize=cfi-icall``.
This scheme is currently only supported on the x86 and x86_64 architectures.
``-fsanitize=cfi-icall`` and ``-fsanitize=function``
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
This tool is similar to ``-fsanitize=function`` in that both tools check
the types of function calls. However, the two tools occupy different points
on the design space; ``-fsanitize=function`` is a developer tool designed
to find bugs in local development builds, whereas ``-fsanitize=cfi-icall``
is a security hardening mechanism designed to be deployed in release builds.
``-fsanitize=function`` has a higher space and time overhead due to a more
complex type check at indirect call sites, as well as a need for run-time
type information (RTTI), which may make it unsuitable for deployment. Because
of the need for RTTI, ``-fsanitize=function`` can only be used with C++
programs, whereas ``-fsanitize=cfi-icall`` can protect both C and C++ programs.
On the other hand, ``-fsanitize=function`` conforms more closely with the C++
standard and user expectations around interaction with shared libraries;
the identity of function pointers is maintained, and calls across shared
library boundaries are no different from calls within a single program or
shared library.
.. _cfi-blacklist: .. _cfi-blacklist:
Blacklist Blacklist
--------- ---------
A :doc:`SanitizerSpecialCaseList` can be used to relax CFI checks for certain A :doc:`SanitizerSpecialCaseList` can be used to relax CFI checks for certain
source files, functions and types using the ``src``, ``fun`` and ``type`` source files, functions and types using the ``src``, ``fun`` and ``type``
entity types. entity types.
Show All 32 Lines

cfe/trunk/docs/ControlFlowIntegrityDesign.rst

Show First 20 LinesShow All 267 Lines▼ Show 20 Lines
bytes. This number was found experimentally to provide a good tradeoff. bytes. This number was found experimentally to provide a good tradeoff.
Eliminating Bit Vector Checks for All-Ones Bit Vectors Eliminating Bit Vector Checks for All-Ones Bit Vectors
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
If the bit vector is all ones, the bit vector check is redundant; we simply If the bit vector is all ones, the bit vector check is redundant; we simply
need to check that the address is in range and well aligned. This is more need to check that the address is in range and well aligned. This is more
likely to occur if the virtual tables are padded. likely to occur if the virtual tables are padded.
Forward-Edge CFI for Indirect Function Calls
============================================
Sorry, no documentation yet, but see the comments at the top of
``LowerBitSets::buildBitSetsFromFunctions`` in `LowerBitSets.cpp`_.
.. _LowerBitSets.cpp: http://llvm.org/klaus/llvm/blob/master/lib/Transforms/IPO/LowerBitSets.cpp

cfe/trunk/include/clang/AST/Mangle.h

Show First 20 LinesShow All 138 Lines▼ Show 20 Lines virtual void mangleSEHFinallyBlock(const NamedDecl *EnclosingDecl,
raw_ostream &Out) = 0; raw_ostream &Out) = 0;
/// Generates a unique string for an externally visible type for use with TBAA /// Generates a unique string for an externally visible type for use with TBAA
/// or type uniquing. /// or type uniquing.
/// TODO: Extend this to internal types by generating names that are unique /// TODO: Extend this to internal types by generating names that are unique
/// across translation units so it can be used with LTO. /// across translation units so it can be used with LTO.
virtual void mangleTypeName(QualType T, raw_ostream &) = 0; virtual void mangleTypeName(QualType T, raw_ostream &) = 0;
virtual void mangleCXXVTableBitSet(const CXXRecordDecl *RD,
raw_ostream &) = 0;
/// @} /// @}
}; };
class ItaniumMangleContext : public MangleContext { class ItaniumMangleContext : public MangleContext {
public: public:
explicit ItaniumMangleContext(ASTContext &C, DiagnosticsEngine &D) explicit ItaniumMangleContext(ASTContext &C, DiagnosticsEngine &D)
: MangleContext(C, D, MK_Itanium) {} : MangleContext(C, D, MK_Itanium) {}
▲ Show 20 LinesShow All 92 LinesShow Last 20 Lines

cfe/trunk/include/clang/Basic/Sanitizers.def

Show First 20 LinesShow All 78 Lines▼ Show 20 Lines
SANITIZER("unsigned-integer-overflow", UnsignedIntegerOverflow) SANITIZER("unsigned-integer-overflow", UnsignedIntegerOverflow)
// DataFlowSanitizer // DataFlowSanitizer
SANITIZER("dataflow", DataFlow) SANITIZER("dataflow", DataFlow)
// Control Flow Integrity // Control Flow Integrity
SANITIZER("cfi-cast-strict", CFICastStrict) SANITIZER("cfi-cast-strict", CFICastStrict)
SANITIZER("cfi-derived-cast", CFIDerivedCast) SANITIZER("cfi-derived-cast", CFIDerivedCast)
SANITIZER("cfi-icall", CFIICall)
SANITIZER("cfi-unrelated-cast", CFIUnrelatedCast) SANITIZER("cfi-unrelated-cast", CFIUnrelatedCast)
SANITIZER("cfi-nvcall", CFINVCall) SANITIZER("cfi-nvcall", CFINVCall)
SANITIZER("cfi-vcall", CFIVCall) SANITIZER("cfi-vcall", CFIVCall)
SANITIZER_GROUP("cfi", CFI, SANITIZER_GROUP("cfi", CFI,
CFIDerivedCast | CFIUnrelatedCast | CFINVCall | CFIVCall) CFIDerivedCast | CFIICall | CFIUnrelatedCast | CFINVCall |
CFIVCall)
// Safe Stack // Safe Stack
SANITIZER("safe-stack", SafeStack) SANITIZER("safe-stack", SafeStack)
// -fsanitize=undefined includes all the sanitizers which have low overhead, no // -fsanitize=undefined includes all the sanitizers which have low overhead, no
// ABI or address space layout implications, and only catch undefined behavior. // ABI or address space layout implications, and only catch undefined behavior.
SANITIZER_GROUP("undefined", Undefined, SANITIZER_GROUP("undefined", Undefined,
Alignment | Bool | ArrayBounds | Enum | FloatCastOverflow | Alignment | Bool | ArrayBounds | Enum | FloatCastOverflow |
Show All 21 Lines

cfe/trunk/lib/AST/ItaniumMangle.cpp

Show First 20 LinesShow All 168 Lines▼ Show 20 Linespublic:
void mangleSEHFinallyBlock(const NamedDecl *EnclosingDecl, void mangleSEHFinallyBlock(const NamedDecl *EnclosingDecl,
raw_ostream &Out) override; raw_ostream &Out) override;
void mangleItaniumThreadLocalInit(const VarDecl *D, raw_ostream &) override; void mangleItaniumThreadLocalInit(const VarDecl *D, raw_ostream &) override;
void mangleItaniumThreadLocalWrapper(const VarDecl *D, void mangleItaniumThreadLocalWrapper(const VarDecl *D,
raw_ostream &) override; raw_ostream &) override;
void mangleStringLiteral(const StringLiteral *, raw_ostream &) override; void mangleStringLiteral(const StringLiteral *, raw_ostream &) override;
void mangleCXXVTableBitSet(const CXXRecordDecl *RD, raw_ostream &) override;
bool getNextDiscriminator(const NamedDecl *ND, unsigned &disc) { bool getNextDiscriminator(const NamedDecl *ND, unsigned &disc) {
// Lambda closure types are already numbered. // Lambda closure types are already numbered.
if (isLambda(ND)) if (isLambda(ND))
return false; return false;
// Anonymous tags are already numbered. // Anonymous tags are already numbered.
if (const TagDecl *Tag = dyn_cast<TagDecl>(ND)) { if (const TagDecl *Tag = dyn_cast<TagDecl>(ND)) {
if (Tag->getName().empty() && !Tag->getTypedefNameForAnonDecl()) if (Tag->getName().empty() && !Tag->getTypedefNameForAnonDecl())
▲ Show 20 LinesShow All 3,906 Lines▼ Show 20 Linesvoid ItaniumMangleContextImpl::mangleCXXRTTIName(QualType Ty,
Mangler.getStream() << "_ZTS"; Mangler.getStream() << "_ZTS";
Mangler.mangleType(Ty); Mangler.mangleType(Ty);
} }
void ItaniumMangleContextImpl::mangleTypeName(QualType Ty, raw_ostream &Out) { void ItaniumMangleContextImpl::mangleTypeName(QualType Ty, raw_ostream &Out) {
mangleCXXRTTIName(Ty, Out); mangleCXXRTTIName(Ty, Out);
} }
void ItaniumMangleContextImpl::mangleCXXVTableBitSet(const CXXRecordDecl *RD,
raw_ostream &Out) {
if (!RD->isExternallyVisible()) {
// This part of the identifier needs to be unique across all translation
// units in the linked program. The scheme fails if multiple translation
// units are compiled using the same relative source file path, or if
// multiple translation units are built from the same source file.
SourceManager &SM = getASTContext().getSourceManager();
Out << "[" << SM.getFileEntryForID(SM.getMainFileID())->getName() << "]";
}
CXXNameMangler Mangler(*this, Out);
Mangler.mangleType(QualType(RD->getTypeForDecl(), 0));
}
void ItaniumMangleContextImpl::mangleStringLiteral(const StringLiteral *, raw_ostream &) { void ItaniumMangleContextImpl::mangleStringLiteral(const StringLiteral *, raw_ostream &) {
llvm_unreachable("Can't mangle string literals"); llvm_unreachable("Can't mangle string literals");
} }
ItaniumMangleContext * ItaniumMangleContext *
ItaniumMangleContext::create(ASTContext &Context, DiagnosticsEngine &Diags) { ItaniumMangleContext::create(ASTContext &Context, DiagnosticsEngine &Diags) {
return new ItaniumMangleContextImpl(Context, Diags); return new ItaniumMangleContextImpl(Context, Diags);
} }

cfe/trunk/lib/AST/MicrosoftMangle.cpp

Show First 20 LinesShow All 155 Lines▼ Show 20 Linespublic:
void mangleDynamicInitializer(const VarDecl *D, raw_ostream &Out) override; void mangleDynamicInitializer(const VarDecl *D, raw_ostream &Out) override;
void mangleDynamicAtExitDestructor(const VarDecl *D, void mangleDynamicAtExitDestructor(const VarDecl *D,
raw_ostream &Out) override; raw_ostream &Out) override;
void mangleSEHFilterExpression(const NamedDecl *EnclosingDecl, void mangleSEHFilterExpression(const NamedDecl *EnclosingDecl,
raw_ostream &Out) override; raw_ostream &Out) override;
void mangleSEHFinallyBlock(const NamedDecl *EnclosingDecl, void mangleSEHFinallyBlock(const NamedDecl *EnclosingDecl,
raw_ostream &Out) override; raw_ostream &Out) override;
void mangleStringLiteral(const StringLiteral *SL, raw_ostream &Out) override; void mangleStringLiteral(const StringLiteral *SL, raw_ostream &Out) override;
void mangleCXXVTableBitSet(const CXXRecordDecl *RD,
raw_ostream &Out) override;
bool getNextDiscriminator(const NamedDecl *ND, unsigned &disc) { bool getNextDiscriminator(const NamedDecl *ND, unsigned &disc) {
// Lambda closure types are already numbered. // Lambda closure types are already numbered.
if (isLambda(ND)) if (isLambda(ND))
return false; return false;
const DeclContext *DC = getEffectiveDeclContext(ND); const DeclContext *DC = getEffectiveDeclContext(ND);
if (!DC->isFunctionOrMethod()) if (!DC->isFunctionOrMethod())
return false; return false;
▲ Show 20 LinesShow All 2,597 Lines▼ Show 20 Linesvoid MicrosoftMangleContextImpl::mangleStringLiteral(const StringLiteral *SL,
if (NumCharsToMangle < 32) if (NumCharsToMangle < 32)
for (unsigned NullTerminator = 0; NullTerminator < SL->getCharByteWidth(); for (unsigned NullTerminator = 0; NullTerminator < SL->getCharByteWidth();
++NullTerminator) ++NullTerminator)
MangleByte(0); MangleByte(0);
Mangler.getStream() << '@'; Mangler.getStream() << '@';
} }
void MicrosoftMangleContextImpl::mangleCXXVTableBitSet(const CXXRecordDecl *RD,
raw_ostream &Out) {
if (!RD->isExternallyVisible()) {
// This part of the identifier needs to be unique across all translation
// units in the linked program. The scheme fails if multiple translation
// units are compiled using the same relative source file path, or if
// multiple translation units are built from the same source file.
SourceManager &SM = getASTContext().getSourceManager();
Out << "[" << SM.getFileEntryForID(SM.getMainFileID())->getName() << "]";
}
MicrosoftCXXNameMangler mangler(*this, Out);
mangler.mangleName(RD);
}
MicrosoftMangleContext * MicrosoftMangleContext *
MicrosoftMangleContext::create(ASTContext &Context, DiagnosticsEngine &Diags) { MicrosoftMangleContext::create(ASTContext &Context, DiagnosticsEngine &Diags) {
return new MicrosoftMangleContextImpl(Context, Diags); return new MicrosoftMangleContextImpl(Context, Diags);
} }

cfe/trunk/lib/CodeGen/CGClass.cpp

Show First 20 LinesShow All 2,467 Lines▼ Show 20 Linesvoid CodeGenFunction::EmitVTablePtrCheck(const CXXRecordDecl *RD,
llvm::Value *VTable, llvm::Value *VTable,
CFITypeCheckKind TCK, CFITypeCheckKind TCK,
SourceLocation Loc) { SourceLocation Loc) {
if (CGM.IsCFIBlacklistedRecord(RD)) if (CGM.IsCFIBlacklistedRecord(RD))
return; return;
SanitizerScope SanScope(this); SanitizerScope SanScope(this);
std::string OutName;
llvm::raw_string_ostream Out(OutName);
CGM.getCXXABI().getMangleContext().mangleCXXVTableBitSet(RD, Out);
llvm::Value *BitSetName = llvm::MetadataAsValue::get( llvm::Value *BitSetName = llvm::MetadataAsValue::get(
getLLVMContext(), llvm::MDString::get(getLLVMContext(), Out.str())); getLLVMContext(),
CGM.CreateMetadataIdentifierForType(QualType(RD->getTypeForDecl(), 0)));
llvm::Value *CastedVTable = Builder.CreateBitCast(VTable, Int8PtrTy); llvm::Value *CastedVTable = Builder.CreateBitCast(VTable, Int8PtrTy);
llvm::Value *BitSetTest = llvm::Value *BitSetTest =
Builder.CreateCall(CGM.getIntrinsic(llvm::Intrinsic::bitset_test), Builder.CreateCall(CGM.getIntrinsic(llvm::Intrinsic::bitset_test),
{CastedVTable, BitSetName}); {CastedVTable, BitSetName});
SanitizerMask M; SanitizerMask M;
switch (TCK) { switch (TCK) {
▲ Show 20 LinesShow All 220 LinesShow Last 20 Lines

cfe/trunk/lib/CodeGen/CGExpr.cpp

Show First 20 LinesShow All 3,774 Lines▼ Show 20 Lines if (llvm::Constant *PrefixSig =
EmitCheck(std::make_pair(CalleeRTTIMatch, SanitizerKind::Function), EmitCheck(std::make_pair(CalleeRTTIMatch, SanitizerKind::Function),
"function_type_mismatch", StaticData, Callee); "function_type_mismatch", StaticData, Callee);
Builder.CreateBr(Cont); Builder.CreateBr(Cont);
EmitBlock(Cont); EmitBlock(Cont);
} }
} }
// If we are checking indirect calls and this call is indirect, check that the
// function pointer is a member of the bit set for the function type.
if (SanOpts.has(SanitizerKind::CFIICall) &&
(!TargetDecl || !isa<FunctionDecl>(TargetDecl))) {
SanitizerScope SanScope(this);
llvm::Value *BitSetName = llvm::MetadataAsValue::get(
getLLVMContext(),
CGM.CreateMetadataIdentifierForType(QualType(FnType, 0)));
llvm::Value *CastedCallee = Builder.CreateBitCast(Callee, Int8PtrTy);
llvm::Value *BitSetTest =
Builder.CreateCall(CGM.getIntrinsic(llvm::Intrinsic::bitset_test),
{CastedCallee, BitSetName});
llvm::Constant *StaticData[] = {
EmitCheckSourceLocation(E->getLocStart()),
EmitCheckTypeDescriptor(QualType(FnType, 0)),
};
EmitCheck(std::make_pair(BitSetTest, SanitizerKind::CFIICall),
"cfi_bad_icall", StaticData, CastedCallee);
}
CallArgList Args; CallArgList Args;
if (Chain) if (Chain)
Args.add(RValue::get(Builder.CreateBitCast(Chain, CGM.VoidPtrTy)), Args.add(RValue::get(Builder.CreateBitCast(Chain, CGM.VoidPtrTy)),
CGM.getContext().VoidPtrTy); CGM.getContext().VoidPtrTy);
EmitCallArgs(Args, dyn_cast<FunctionProtoType>(FnType), E->arguments(), EmitCallArgs(Args, dyn_cast<FunctionProtoType>(FnType), E->arguments(),
E->getDirectCallee(), /*ParamsToSkip*/ 0); E->getDirectCallee(), /*ParamsToSkip*/ 0);
const CGFunctionInfo &FnInfo = CGM.getTypes().arrangeFreeFunctionCall( const CGFunctionInfo &FnInfo = CGM.getTypes().arrangeFreeFunctionCall(
▲ Show 20 LinesShow All 163 LinesShow Last 20 Lines

cfe/trunk/lib/CodeGen/CGVTables.cpp

Show First 20 LinesShow All 887 Lines▼ Show 20 Lines if (!LangOpts.Sanitize.has(SanitizerKind::CFIVCall) &&
!LangOpts.Sanitize.has(SanitizerKind::CFINVCall) && !LangOpts.Sanitize.has(SanitizerKind::CFINVCall) &&
!LangOpts.Sanitize.has(SanitizerKind::CFIDerivedCast) && !LangOpts.Sanitize.has(SanitizerKind::CFIDerivedCast) &&
!LangOpts.Sanitize.has(SanitizerKind::CFIUnrelatedCast)) !LangOpts.Sanitize.has(SanitizerKind::CFIUnrelatedCast))
return; return;
CharUnits PointerWidth = CharUnits PointerWidth =
Context.toCharUnitsFromBits(Context.getTargetInfo().getPointerWidth(0)); Context.toCharUnitsFromBits(Context.getTargetInfo().getPointerWidth(0));
std::vector<llvm::MDTuple *> BitsetEntries; typedef std::pair<const CXXRecordDecl *, unsigned> BSEntry;
std::vector<BSEntry> BitsetEntries;
// Create a bit set entry for each address point. // Create a bit set entry for each address point.
for (auto &&AP : VTLayout.getAddressPoints()) { for (auto &&AP : VTLayout.getAddressPoints()) {
if (IsCFIBlacklistedRecord(AP.first.getBase())) if (IsCFIBlacklistedRecord(AP.first.getBase()))
continue; continue;
BitsetEntries.push_back(CreateVTableBitSetEntry( BitsetEntries.push_back(std::make_pair(AP.first.getBase(), AP.second));
VTable, PointerWidth * AP.second, AP.first.getBase()));
} }
// Sort the bit set entries for determinism. // Sort the bit set entries for determinism.
std::sort(BitsetEntries.begin(), BitsetEntries.end(), [](llvm::MDTuple *T1, std::sort(BitsetEntries.begin(), BitsetEntries.end(),
llvm::MDTuple *T2) { [this](const BSEntry &E1, const BSEntry &E2) {
if (T1 == T2) if (&E1 == &E2)
return false; return false;
StringRef S1 = cast<llvm::MDString>(T1->getOperand(0))->getString(); std::string S1;
StringRef S2 = cast<llvm::MDString>(T2->getOperand(0))->getString(); llvm::raw_string_ostream O1(S1);
getCXXABI().getMangleContext().mangleTypeName(
QualType(E1.first->getTypeForDecl(), 0), O1);
O1.flush();
std::string S2;
llvm::raw_string_ostream O2(S2);
getCXXABI().getMangleContext().mangleTypeName(
QualType(E2.first->getTypeForDecl(), 0), O2);
O2.flush();
if (S1 < S2) if (S1 < S2)
return true; return true;
if (S1 != S2) if (S1 != S2)
return false; return false;
uint64_t Offset1 = cast<llvm::ConstantInt>( return E1.second < E2.second;
cast<llvm::ConstantAsMetadata>(T1->getOperand(2))
->getValue())->getZExtValue();
uint64_t Offset2 = cast<llvm::ConstantInt>(
cast<llvm::ConstantAsMetadata>(T2->getOperand(2))
->getValue())->getZExtValue();
assert(Offset1 != Offset2);
return Offset1 < Offset2;
}); });
llvm::NamedMDNode *BitsetsMD = llvm::NamedMDNode *BitsetsMD =
getModule().getOrInsertNamedMetadata("llvm.bitsets"); getModule().getOrInsertNamedMetadata("llvm.bitsets");
for (auto BitsetEntry : BitsetEntries) for (auto BitsetEntry : BitsetEntries)
BitsetsMD->addOperand(BitsetEntry); BitsetsMD->addOperand(CreateVTableBitSetEntry(
VTable, PointerWidth * BitsetEntry.second, BitsetEntry.first));
} }

cfe/trunk/lib/CodeGen/CodeGenModule.cpp

Show First 20 LinesShow All 935 Lines▼ Show 20 Linesvoid CodeGenModule::SetFunctionAttributes(GlobalDecl GD, llvm::Function *F,
if (const SectionAttr *SA = FD->getAttr<SectionAttr>()) if (const SectionAttr *SA = FD->getAttr<SectionAttr>())
F->setSection(SA->getName()); F->setSection(SA->getName());
// A replaceable global allocation function does not act like a builtin by // A replaceable global allocation function does not act like a builtin by
// default, only if it is invoked by a new-expression or delete-expression. // default, only if it is invoked by a new-expression or delete-expression.
if (FD->isReplaceableGlobalAllocationFunction()) if (FD->isReplaceableGlobalAllocationFunction())
F->addAttribute(llvm::AttributeSet::FunctionIndex, F->addAttribute(llvm::AttributeSet::FunctionIndex,
llvm::Attribute::NoBuiltin); llvm::Attribute::NoBuiltin);
// If we are checking indirect calls and this is not a non-static member
// function, emit a bit set entry for the function type.
if (LangOpts.Sanitize.has(SanitizerKind::CFIICall) &&
!(isa<CXXMethodDecl>(FD) && !cast<CXXMethodDecl>(FD)->isStatic())) {
llvm::NamedMDNode *BitsetsMD =
getModule().getOrInsertNamedMetadata("llvm.bitsets");
llvm::Metadata *BitsetOps[] = {
CreateMetadataIdentifierForType(FD->getType()),
llvm::ConstantAsMetadata::get(F),
llvm::ConstantAsMetadata::get(llvm::ConstantInt::get(Int64Ty, 0))};
BitsetsMD->addOperand(llvm::MDTuple::get(getLLVMContext(), BitsetOps));
}
} }
void CodeGenModule::addUsedGlobal(llvm::GlobalValue *GV) { void CodeGenModule::addUsedGlobal(llvm::GlobalValue *GV) {
assert(!GV->isDeclaration() && assert(!GV->isDeclaration() &&
"Only globals with definition can force usage."); "Only globals with definition can force usage.");
LLVMUsed.emplace_back(GV); LLVMUsed.emplace_back(GV);
} }
▲ Show 20 LinesShow All 2,867 Lines▼ Show 20 Lines InternalId = llvm::MDNode::getDistinct(getLLVMContext(),
llvm::ArrayRef<llvm::Metadata *>()); llvm::ArrayRef<llvm::Metadata *>());
} }
return InternalId; return InternalId;
} }
llvm::MDTuple *CodeGenModule::CreateVTableBitSetEntry( llvm::MDTuple *CodeGenModule::CreateVTableBitSetEntry(
llvm::GlobalVariable *VTable, CharUnits Offset, const CXXRecordDecl *RD) { llvm::GlobalVariable *VTable, CharUnits Offset, const CXXRecordDecl *RD) {
std::string OutName;
llvm::raw_string_ostream Out(OutName);
getCXXABI().getMangleContext().mangleCXXVTableBitSet(RD, Out);
llvm::Metadata *BitsetOps[] = { llvm::Metadata *BitsetOps[] = {
llvm::MDString::get(getLLVMContext(), Out.str()), CreateMetadataIdentifierForType(QualType(RD->getTypeForDecl(), 0)),
llvm::ConstantAsMetadata::get(VTable), llvm::ConstantAsMetadata::get(VTable),
llvm::ConstantAsMetadata::get( llvm::ConstantAsMetadata::get(
llvm::ConstantInt::get(Int64Ty, Offset.getQuantity()))}; llvm::ConstantInt::get(Int64Ty, Offset.getQuantity()))};
return llvm::MDTuple::get(getLLVMContext(), BitsetOps); return llvm::MDTuple::get(getLLVMContext(), BitsetOps);
} }

cfe/trunk/lib/Driver/ToolChain.cpp

Show First 20 LinesShow All 489 Lines▼ Show 20 Linesbool ToolChain::AddFastMathRuntimeIfAvailable(const ArgList &Args,
CmdArgs.push_back(Args.MakeArgString(Path)); CmdArgs.push_back(Args.MakeArgString(Path));
return true; return true;
} }
SanitizerMask ToolChain::getSupportedSanitizers() const { SanitizerMask ToolChain::getSupportedSanitizers() const {
// Return sanitizers which don't require runtime support and are not // Return sanitizers which don't require runtime support and are not
// platform or architecture-dependent. // platform or architecture-dependent.
using namespace SanitizerKind; using namespace SanitizerKind;
return (Undefined & ~Vptr & ~Function) | CFI | CFICastStrict | return (Undefined & ~Vptr & ~Function) | (CFI & ~CFIICall) | CFICastStrict |
UnsignedIntegerOverflow | LocalBounds; UnsignedIntegerOverflow | LocalBounds;
} }

cfe/trunk/lib/Driver/ToolChains.cpp

Show First 20 LinesShow All 3,758 Lines▼ Show 20 Lines if (IsX86_64 || IsMIPS64 || IsAArch64)
Res |= SanitizerKind::DataFlow; Res |= SanitizerKind::DataFlow;
if (IsX86_64 || IsMIPS64) if (IsX86_64 || IsMIPS64)
Res |= SanitizerKind::Leak; Res |= SanitizerKind::Leak;
if (IsX86_64 || IsMIPS64 || IsAArch64) if (IsX86_64 || IsMIPS64 || IsAArch64)
Res |= SanitizerKind::Thread; Res |= SanitizerKind::Thread;
if (IsX86_64 || IsMIPS64 || IsPowerPC64) if (IsX86_64 || IsMIPS64 || IsPowerPC64)
Res |= SanitizerKind::Memory; Res |= SanitizerKind::Memory;
if (IsX86 || IsX86_64) { if (IsX86 || IsX86_64) {
Res |= SanitizerKind::CFIICall;
Res |= SanitizerKind::Function; Res |= SanitizerKind::Function;
Res |= SanitizerKind::SafeStack; Res |= SanitizerKind::SafeStack;
} }
return Res; return Res;
} }
/// DragonFly - DragonFly tool chain which can call as(1) and ld(1) directly. /// DragonFly - DragonFly tool chain which can call as(1) and ld(1) directly.
▲ Show 20 LinesShow All 219 LinesShow Last 20 Lines

cfe/trunk/test/CodeGen/cfi-icall.c

// RUN: %clang_cc1 -triple x86_64-unknown-linux -fsanitize=cfi-icall -fsanitize-trap=cfi-icall -emit-llvm -o - %s | FileCheck --check-prefix=ITANIUM %s
// RUN: %clang_cc1 -triple x86_64-pc-windows-msvc -fsanitize=cfi-icall -fsanitize-trap=cfi-icall -emit-llvm -o - %s | FileCheck --check-prefix=MS %s
// Tests that we assign appropriate identifiers to unprototyped functions.
void f() {
}
void xf();
void g(int b) {
void (*fp)() = b ? f : xf;
// ITANIUM: call i1 @llvm.bitset.test(i8* {{.*}}, metadata !"_ZTSFvE")
fp();
}
// ITANIUM-DAG: !{!"_ZTSFvE", void ()* @f, i64 0}
// ITANIUM-DAG: !{!"_ZTSFvE", void (...)* @xf, i64 0}
// MS-DAG: !{!"?6AX@Z", void ()* @f, i64 0}
// MS-DAG: !{!"?6AX@Z", void (...)* @xf, i64 0}

cfe/trunk/test/CodeGenCXX/cfi-cast.cpp

Show All 12 Lines
struct B : A { struct B : A {
virtual void f(); virtual void f();
}; };
struct C : A {}; struct C : A {};
// CHECK-DCAST-LABEL: define void @_Z3abpP1A // CHECK-DCAST-LABEL: define void @_Z3abpP1A
void abp(A *a) { void abp(A *a) {
// CHECK-DCAST: [[P:%[^ ]*]] = call i1 @llvm.bitset.test(i8* {{%[^ ]*}}, metadata !"1B") // CHECK-DCAST: [[P:%[^ ]*]] = call i1 @llvm.bitset.test(i8* {{%[^ ]*}}, metadata !"_ZTS1B")
// CHECK-DCAST-NEXT: br i1 [[P]], label %[[CONTBB:[^ ]*]], label %[[TRAPBB:[^ ,]*]] // CHECK-DCAST-NEXT: br i1 [[P]], label %[[CONTBB:[^ ]*]], label %[[TRAPBB:[^ ,]*]]
// CHECK-DCAST: [[TRAPBB]] // CHECK-DCAST: [[TRAPBB]]
// CHECK-DCAST-NEXT: call void @llvm.trap() // CHECK-DCAST-NEXT: call void @llvm.trap()
// CHECK-DCAST-NEXT: unreachable // CHECK-DCAST-NEXT: unreachable
// CHECK-DCAST: [[CONTBB]] // CHECK-DCAST: [[CONTBB]]
// CHECK-DCAST: ret // CHECK-DCAST: ret
static_cast<B*>(a); static_cast<B*>(a);
} }
// CHECK-DCAST-LABEL: define void @_Z3abrR1A // CHECK-DCAST-LABEL: define void @_Z3abrR1A
void abr(A &a) { void abr(A &a) {
// CHECK-DCAST: [[P:%[^ ]*]] = call i1 @llvm.bitset.test(i8* {{%[^ ]*}}, metadata !"1B") // CHECK-DCAST: [[P:%[^ ]*]] = call i1 @llvm.bitset.test(i8* {{%[^ ]*}}, metadata !"_ZTS1B")
// CHECK-DCAST-NEXT: br i1 [[P]], label %[[CONTBB:[^ ]*]], label %[[TRAPBB:[^ ,]*]] // CHECK-DCAST-NEXT: br i1 [[P]], label %[[CONTBB:[^ ]*]], label %[[TRAPBB:[^ ,]*]]
// CHECK-DCAST: [[TRAPBB]] // CHECK-DCAST: [[TRAPBB]]
// CHECK-DCAST-NEXT: call void @llvm.trap() // CHECK-DCAST-NEXT: call void @llvm.trap()
// CHECK-DCAST-NEXT: unreachable // CHECK-DCAST-NEXT: unreachable
// CHECK-DCAST: [[CONTBB]] // CHECK-DCAST: [[CONTBB]]
// CHECK-DCAST: ret // CHECK-DCAST: ret
static_cast<B&>(a); static_cast<B&>(a);
} }
// CHECK-DCAST-LABEL: define void @_Z4abrrO1A // CHECK-DCAST-LABEL: define void @_Z4abrrO1A
void abrr(A &&a) { void abrr(A &&a) {
// CHECK-DCAST: [[P:%[^ ]*]] = call i1 @llvm.bitset.test(i8* {{%[^ ]*}}, metadata !"1B") // CHECK-DCAST: [[P:%[^ ]*]] = call i1 @llvm.bitset.test(i8* {{%[^ ]*}}, metadata !"_ZTS1B")
// CHECK-DCAST-NEXT: br i1 [[P]], label %[[CONTBB:[^ ]*]], label %[[TRAPBB:[^ ,]*]] // CHECK-DCAST-NEXT: br i1 [[P]], label %[[CONTBB:[^ ]*]], label %[[TRAPBB:[^ ,]*]]
// CHECK-DCAST: [[TRAPBB]] // CHECK-DCAST: [[TRAPBB]]
// CHECK-DCAST-NEXT: call void @llvm.trap() // CHECK-DCAST-NEXT: call void @llvm.trap()
// CHECK-DCAST-NEXT: unreachable // CHECK-DCAST-NEXT: unreachable
// CHECK-DCAST: [[CONTBB]] // CHECK-DCAST: [[CONTBB]]
// CHECK-DCAST: ret // CHECK-DCAST: ret
static_cast<B&&>(a); static_cast<B&&>(a);
} }
// CHECK-UCAST-LABEL: define void @_Z3vbpPv // CHECK-UCAST-LABEL: define void @_Z3vbpPv
void vbp(void *p) { void vbp(void *p) {
// CHECK-UCAST: [[P:%[^ ]*]] = call i1 @llvm.bitset.test(i8* {{%[^ ]*}}, metadata !"1B") // CHECK-UCAST: [[P:%[^ ]*]] = call i1 @llvm.bitset.test(i8* {{%[^ ]*}}, metadata !"_ZTS1B")
// CHECK-UCAST-NEXT: br i1 [[P]], label %[[CONTBB:[^ ]*]], label %[[TRAPBB:[^ ,]*]] // CHECK-UCAST-NEXT: br i1 [[P]], label %[[CONTBB:[^ ]*]], label %[[TRAPBB:[^ ,]*]]
// CHECK-UCAST: [[TRAPBB]] // CHECK-UCAST: [[TRAPBB]]
// CHECK-UCAST-NEXT: call void @llvm.trap() // CHECK-UCAST-NEXT: call void @llvm.trap()
// CHECK-UCAST-NEXT: unreachable // CHECK-UCAST-NEXT: unreachable
// CHECK-UCAST: [[CONTBB]] // CHECK-UCAST: [[CONTBB]]
// CHECK-UCAST: ret // CHECK-UCAST: ret
static_cast<B*>(p); static_cast<B*>(p);
} }
// CHECK-UCAST-LABEL: define void @_Z3vbrRc // CHECK-UCAST-LABEL: define void @_Z3vbrRc
void vbr(char &r) { void vbr(char &r) {
// CHECK-UCAST: [[P:%[^ ]*]] = call i1 @llvm.bitset.test(i8* {{%[^ ]*}}, metadata !"1B") // CHECK-UCAST: [[P:%[^ ]*]] = call i1 @llvm.bitset.test(i8* {{%[^ ]*}}, metadata !"_ZTS1B")
// CHECK-UCAST-NEXT: br i1 [[P]], label %[[CONTBB:[^ ]*]], label %[[TRAPBB:[^ ,]*]] // CHECK-UCAST-NEXT: br i1 [[P]], label %[[CONTBB:[^ ]*]], label %[[TRAPBB:[^ ,]*]]
// CHECK-UCAST: [[TRAPBB]] // CHECK-UCAST: [[TRAPBB]]
// CHECK-UCAST-NEXT: call void @llvm.trap() // CHECK-UCAST-NEXT: call void @llvm.trap()
// CHECK-UCAST-NEXT: unreachable // CHECK-UCAST-NEXT: unreachable
// CHECK-UCAST: [[CONTBB]] // CHECK-UCAST: [[CONTBB]]
// CHECK-UCAST: ret // CHECK-UCAST: ret
reinterpret_cast<B&>(r); reinterpret_cast<B&>(r);
} }
// CHECK-UCAST-LABEL: define void @_Z4vbrrOc // CHECK-UCAST-LABEL: define void @_Z4vbrrOc
void vbrr(char &&r) { void vbrr(char &&r) {
// CHECK-UCAST: [[P:%[^ ]*]] = call i1 @llvm.bitset.test(i8* {{%[^ ]*}}, metadata !"1B") // CHECK-UCAST: [[P:%[^ ]*]] = call i1 @llvm.bitset.test(i8* {{%[^ ]*}}, metadata !"_ZTS1B")
// CHECK-UCAST-NEXT: br i1 [[P]], label %[[CONTBB:[^ ]*]], label %[[TRAPBB:[^ ,]*]] // CHECK-UCAST-NEXT: br i1 [[P]], label %[[CONTBB:[^ ]*]], label %[[TRAPBB:[^ ,]*]]
// CHECK-UCAST: [[TRAPBB]] // CHECK-UCAST: [[TRAPBB]]
// CHECK-UCAST-NEXT: call void @llvm.trap() // CHECK-UCAST-NEXT: call void @llvm.trap()
// CHECK-UCAST-NEXT: unreachable // CHECK-UCAST-NEXT: unreachable
// CHECK-UCAST: [[CONTBB]] // CHECK-UCAST: [[CONTBB]]
// CHECK-UCAST: ret // CHECK-UCAST: ret
reinterpret_cast<B&&>(r); reinterpret_cast<B&&>(r);
} }
// CHECK-UCAST-LABEL: define void @_Z3vcpPv // CHECK-UCAST-LABEL: define void @_Z3vcpPv
// CHECK-UCAST-STRICT-LABEL: define void @_Z3vcpPv // CHECK-UCAST-STRICT-LABEL: define void @_Z3vcpPv
void vcp(void *p) { void vcp(void *p) {
// CHECK-UCAST: [[P:%[^ ]*]] = call i1 @llvm.bitset.test(i8* {{%[^ ]*}}, metadata !"1A") // CHECK-UCAST: [[P:%[^ ]*]] = call i1 @llvm.bitset.test(i8* {{%[^ ]*}}, metadata !"_ZTS1A")
// CHECK-UCAST-STRICT: [[P:%[^ ]*]] = call i1 @llvm.bitset.test(i8* {{%[^ ]*}}, metadata !"1C") // CHECK-UCAST-STRICT: [[P:%[^ ]*]] = call i1 @llvm.bitset.test(i8* {{%[^ ]*}}, metadata !"_ZTS1C")
static_cast<C*>(p); static_cast<C*>(p);
} }
// CHECK-UCAST-LABEL: define void @_Z3bcpP1B // CHECK-UCAST-LABEL: define void @_Z3bcpP1B
// CHECK-UCAST-STRICT-LABEL: define void @_Z3bcpP1B // CHECK-UCAST-STRICT-LABEL: define void @_Z3bcpP1B
void bcp(B *p) { void bcp(B *p) {
// CHECK-UCAST: [[P:%[^ ]*]] = call i1 @llvm.bitset.test(i8* {{%[^ ]*}}, metadata !"1A") // CHECK-UCAST: [[P:%[^ ]*]] = call i1 @llvm.bitset.test(i8* {{%[^ ]*}}, metadata !"_ZTS1A")
// CHECK-UCAST-STRICT: [[P:%[^ ]*]] = call i1 @llvm.bitset.test(i8* {{%[^ ]*}}, metadata !"1C") // CHECK-UCAST-STRICT: [[P:%[^ ]*]] = call i1 @llvm.bitset.test(i8* {{%[^ ]*}}, metadata !"_ZTS1C")
(C *)p; (C *)p;
} }
// CHECK-UCAST-LABEL: define void @_Z8bcp_callP1B // CHECK-UCAST-LABEL: define void @_Z8bcp_callP1B
// CHECK-UCAST-STRICT-LABEL: define void @_Z8bcp_callP1B // CHECK-UCAST-STRICT-LABEL: define void @_Z8bcp_callP1B
void bcp_call(B *p) { void bcp_call(B *p) {
// CHECK-UCAST: [[P:%[^ ]*]] = call i1 @llvm.bitset.test(i8* {{%[^ ]*}}, metadata !"1A") // CHECK-UCAST: [[P:%[^ ]*]] = call i1 @llvm.bitset.test(i8* {{%[^ ]*}}, metadata !"_ZTS1A")
// CHECK-UCAST-STRICT: [[P:%[^ ]*]] = call i1 @llvm.bitset.test(i8* {{%[^ ]*}}, metadata !"1C") // CHECK-UCAST-STRICT: [[P:%[^ ]*]] = call i1 @llvm.bitset.test(i8* {{%[^ ]*}}, metadata !"_ZTS1C")
((C *)p)->f(); ((C *)p)->f();
} }

cfe/trunk/test/CodeGenCXX/cfi-icall.cpp

// RUN: %clang_cc1 -triple x86_64-unknown-linux -fsanitize=cfi-icall -fsanitize-trap=cfi-icall -emit-llvm -o - %s | FileCheck --check-prefix=CHECK --check-prefix=ITANIUM %s
// RUN: %clang_cc1 -triple x86_64-pc-windows-msvc -fsanitize=cfi-icall -fsanitize-trap=cfi-icall -emit-llvm -o - %s | FileCheck --check-prefix=CHECK --check-prefix=MS %s
// Tests that we assign unnamed metadata nodes to functions whose types have
// internal linkage.
namespace {
struct S {};
void f(S *s) {
}
}
void g() {
void (*fp)(S *) = f;
// CHECK: call i1 @llvm.bitset.test(i8* {{.*}}, metadata ![[VOIDS:[0-9]+]])
fp(0);
}
// ITANIUM: !{![[VOIDS]], void (%"struct.(anonymous namespace)::S"*)* @_ZN12_GLOBAL__N_11fEPNS_1SE, i64 0}
// MS: !{![[VOIDS]], void (%"struct.(anonymous namespace)::S"*)* @"\01?f@?A@@YAXPEAUS@?A@@@Z", i64 0}

cfe/trunk/test/CodeGenCXX/cfi-ms-rtti.cpp

// RUN: %clang_cc1 -emit-llvm -o - -triple=x86_64-pc-win32 %s -fsanitize=cfi-vcall | FileCheck --check-prefix=RTTI %s // RUN: %clang_cc1 -emit-llvm -o - -triple=x86_64-pc-win32 %s -fsanitize=cfi-vcall | FileCheck --check-prefix=RTTI %s
// RUN: %clang_cc1 -emit-llvm -o - -triple=x86_64-pc-win32 %s -fsanitize=cfi-vcall -fno-rtti-data | FileCheck --check-prefix=NO-RTTI %s // RUN: %clang_cc1 -emit-llvm -o - -triple=x86_64-pc-win32 %s -fsanitize=cfi-vcall -fno-rtti-data | FileCheck --check-prefix=NO-RTTI %s
struct A { struct A {
A(); A();
virtual void f() {} virtual void f() {}
}; };
A::A() {} A::A() {}
// RTTI: !{!"A@@", [2 x i8*]* {{.*}}, i64 8} // RTTI: !{!"?AUA@@", [2 x i8*]* {{.*}}, i64 8}
// NO-RTTI: !{!"A@@", [1 x i8*]* {{.*}}, i64 0} // NO-RTTI: !{!"?AUA@@", [1 x i8*]* {{.*}}, i64 0}

cfe/trunk/test/CodeGenCXX/cfi-nvcall.cpp

Show All 11 Lines
struct C : A { struct C : A {
void g(); void g();
}; };
// CHECK-LABEL: @bg // CHECK-LABEL: @bg
// CHECK-STRICT-LABEL: @bg // CHECK-STRICT-LABEL: @bg
extern "C" void bg(B *b) { extern "C" void bg(B *b) {
// CHECK: call i1 @llvm.bitset.test(i8* {{%[^ ]*}}, metadata !"1B") // CHECK: call i1 @llvm.bitset.test(i8* {{%[^ ]*}}, metadata !"_ZTS1B")
// CHECK-STRICT: call i1 @llvm.bitset.test(i8* {{%[^ ]*}}, metadata !"1B") // CHECK-STRICT: call i1 @llvm.bitset.test(i8* {{%[^ ]*}}, metadata !"_ZTS1B")
b->g(); b->g();
} }
// CHECK-LABEL: @cg // CHECK-LABEL: @cg
// CHECK-STRICT-LABEL: @cg // CHECK-STRICT-LABEL: @cg
extern "C" void cg(C *c) { extern "C" void cg(C *c) {
// http://clang.llvm.org/docs/ControlFlowIntegrity.html#strictness // http://clang.llvm.org/docs/ControlFlowIntegrity.html#strictness
// In this case C's layout is the same as its base class, so we allow // In this case C's layout is the same as its base class, so we allow
// c to be of type A in non-strict mode. // c to be of type A in non-strict mode.
// CHECK: call i1 @llvm.bitset.test(i8* {{%[^ ]*}}, metadata !"1A") // CHECK: call i1 @llvm.bitset.test(i8* {{%[^ ]*}}, metadata !"_ZTS1A")
// CHECK-STRICT: call i1 @llvm.bitset.test(i8* {{%[^ ]*}}, metadata !"1C") // CHECK-STRICT: call i1 @llvm.bitset.test(i8* {{%[^ ]*}}, metadata !"_ZTS1C")
c->g(); c->g();
} }

cfe/trunk/test/CodeGenCXX/cfi-vcall.cpp

Show First 20 LinesShow All 54 Lines▼ Show 20 Lines
// DIAG: @[[SRC:.*]] = private unnamed_addr constant [{{.*}} x i8] c"{{.*}}cfi-vcall.cpp\00", align 1 // DIAG: @[[SRC:.*]] = private unnamed_addr constant [{{.*}} x i8] c"{{.*}}cfi-vcall.cpp\00", align 1
// DIAG: @[[TYPE:.*]] = private unnamed_addr constant { i16, i16, [4 x i8] } { i16 -1, i16 0, [4 x i8] c"'A'\00" } // DIAG: @[[TYPE:.*]] = private unnamed_addr constant { i16, i16, [4 x i8] } { i16 -1, i16 0, [4 x i8] c"'A'\00" }
// DIAG: @[[BADTYPESTATIC:.*]] = private unnamed_addr global { { [{{.*}} x i8]*, i32, i32 }, { i16, i16, [4 x i8] }*, i8 } { { [{{.*}} x i8]*, i32, i32 } { [{{.*}} x i8]* @[[SRC]], i32 [[@LINE+21]], i32 3 }, { i16, i16, [4 x i8] }* @[[TYPE]], i8 0 } // DIAG: @[[BADTYPESTATIC:.*]] = private unnamed_addr global { { [{{.*}} x i8]*, i32, i32 }, { i16, i16, [4 x i8] }*, i8 } { { [{{.*}} x i8]*, i32, i32 } { [{{.*}} x i8]* @[[SRC]], i32 [[@LINE+21]], i32 3 }, { i16, i16, [4 x i8] }* @[[TYPE]], i8 0 }
// ITANIUM: define void @_Z2afP1A // ITANIUM: define void @_Z2afP1A
// MS: define void @"\01?af@@YAXPEAUA@@@Z" // MS: define void @"\01?af@@YAXPEAUA@@@Z"
void af(A *a) { void af(A *a) {
// ITANIUM: [[P:%[^ ]*]] = call i1 @llvm.bitset.test(i8* [[VT:%[^ ]*]], metadata !"1A") // ITANIUM: [[P:%[^ ]*]] = call i1 @llvm.bitset.test(i8* [[VT:%[^ ]*]], metadata !"_ZTS1A")
// MS: [[P:%[^ ]*]] = call i1 @llvm.bitset.test(i8* [[VT:%[^ ]*]], metadata !"A@@") // MS: [[P:%[^ ]*]] = call i1 @llvm.bitset.test(i8* [[VT:%[^ ]*]], metadata !"?AUA@@")
// CHECK-NEXT: br i1 [[P]], label %[[CONTBB:[^ ,]*]], label %[[TRAPBB:[^ ,]*]] // CHECK-NEXT: br i1 [[P]], label %[[CONTBB:[^ ,]*]], label %[[TRAPBB:[^ ,]*]]
// CHECK-NEXT: {{^$}} // CHECK-NEXT: {{^$}}
// CHECK: [[TRAPBB]] // CHECK: [[TRAPBB]]
// NDIAG-NEXT: call void @llvm.trap() // NDIAG-NEXT: call void @llvm.trap()
// NDIAG-NEXT: unreachable // NDIAG-NEXT: unreachable
// DIAG-NEXT: [[VTINT:%[^ ]*]] = ptrtoint i8* [[VT]] to i64 // DIAG-NEXT: [[VTINT:%[^ ]*]] = ptrtoint i8* [[VT]] to i64
// DIAG-ABORT-NEXT: call void @__ubsan_handle_cfi_bad_type_abort(i8* bitcast ({{.*}} @[[BADTYPESTATIC]] to i8*), i64 [[VTINT]]) // DIAG-ABORT-NEXT: call void @__ubsan_handle_cfi_bad_type_abort(i8* bitcast ({{.*}} @[[BADTYPESTATIC]] to i8*), i64 [[VTINT]])
// DIAG-ABORT-NEXT: unreachable // DIAG-ABORT-NEXT: unreachable
// DIAG-RECOVER-NEXT: call void @__ubsan_handle_cfi_bad_type(i8* bitcast ({{.*}} @[[BADTYPESTATIC]] to i8*), i64 [[VTINT]]) // DIAG-RECOVER-NEXT: call void @__ubsan_handle_cfi_bad_type(i8* bitcast ({{.*}} @[[BADTYPESTATIC]] to i8*), i64 [[VTINT]])
// DIAG-RECOVER-NEXT: br label %[[CONTBB]] // DIAG-RECOVER-NEXT: br label %[[CONTBB]]
// CHECK: [[CONTBB]] // CHECK: [[CONTBB]]
// CHECK: call void % // CHECK: call void %
a->f(); a->f();
} }
// ITANIUM: define internal void @_Z3df1PN12_GLOBAL__N_11DE // ITANIUM: define internal void @_Z3df1PN12_GLOBAL__N_11DE
// MS: define internal void @"\01?df1@@YAXPEAUD@?A@@@Z" // MS: define internal void @"\01?df1@@YAXPEAUD@?A@@@Z"
void df1(D *d) { void df1(D *d) {
// ITANIUM: {{%[^ ]*}} = call i1 @llvm.bitset.test(i8* {{%[^ ]*}}, metadata !"[{{.*}}cfi-vcall.cpp]N12_GLOBAL__N_11DE") // ITANIUM: {{%[^ ]*}} = call i1 @llvm.bitset.test(i8* {{%[^ ]*}}, metadata ![[DTYPE:[0-9]+]])
// MS: {{%[^ ]*}} = call i1 @llvm.bitset.test(i8* {{%[^ ]*}}, metadata !"A@@") // MS: {{%[^ ]*}} = call i1 @llvm.bitset.test(i8* {{%[^ ]*}}, metadata !"?AUA@@")
d->f(); d->f();
} }
// ITANIUM: define internal void @_Z3dg1PN12_GLOBAL__N_11DE // ITANIUM: define internal void @_Z3dg1PN12_GLOBAL__N_11DE
// MS: define internal void @"\01?dg1@@YAXPEAUD@?A@@@Z" // MS: define internal void @"\01?dg1@@YAXPEAUD@?A@@@Z"
void dg1(D *d) { void dg1(D *d) {
// ITANIUM: {{%[^ ]*}} = call i1 @llvm.bitset.test(i8* {{%[^ ]*}}, metadata !"1B") // ITANIUM: {{%[^ ]*}} = call i1 @llvm.bitset.test(i8* {{%[^ ]*}}, metadata !"_ZTS1B")
// MS: {{%[^ ]*}} = call i1 @llvm.bitset.test(i8* {{%[^ ]*}}, metadata !"B@@") // MS: {{%[^ ]*}} = call i1 @llvm.bitset.test(i8* {{%[^ ]*}}, metadata !"?AUB@@")
d->g(); d->g();
} }
// ITANIUM: define internal void @_Z3dh1PN12_GLOBAL__N_11DE // ITANIUM: define internal void @_Z3dh1PN12_GLOBAL__N_11DE
// MS: define internal void @"\01?dh1@@YAXPEAUD@?A@@@Z" // MS: define internal void @"\01?dh1@@YAXPEAUD@?A@@@Z"
void dh1(D *d) { void dh1(D *d) {
// ITANIUM: {{%[^ ]*}} = call i1 @llvm.bitset.test(i8* {{%[^ ]*}}, metadata !"[{{.*}}cfi-vcall.cpp]N12_GLOBAL__N_11DE") // ITANIUM: {{%[^ ]*}} = call i1 @llvm.bitset.test(i8* {{%[^ ]*}}, metadata ![[DTYPE]])
// MS: {{%[^ ]*}} = call i1 @llvm.bitset.test(i8* {{%[^ ]*}}, metadata !"[{{.*}}cfi-vcall.cpp]D@?A@@") // MS: {{%[^ ]*}} = call i1 @llvm.bitset.test(i8* {{%[^ ]*}}, metadata ![[DTYPE:[0-9]+]])
d->h(); d->h();
} }
// ITANIUM: define internal void @_Z3df2PN12_GLOBAL__N_11DE // ITANIUM: define internal void @_Z3df2PN12_GLOBAL__N_11DE
// MS: define internal void @"\01?df2@@YAXPEAUD@?A@@@Z" // MS: define internal void @"\01?df2@@YAXPEAUD@?A@@@Z"
__attribute__((no_sanitize("cfi"))) __attribute__((no_sanitize("cfi")))
void df2(D *d) { void df2(D *d) {
// CHECK-NOT: call i1 @llvm.bitset.test // CHECK-NOT: call i1 @llvm.bitset.test
Show All 34 Lines
struct C : B, A {}; struct C : B, A {};
struct D : C { struct D : C {
void m_fn1(); void m_fn1();
}; };
// ITANIUM: define void @_ZN5test21fEPNS_1DE // ITANIUM: define void @_ZN5test21fEPNS_1DE
// MS: define void @"\01?f@test2@@YAXPEAUD@1@@Z" // MS: define void @"\01?f@test2@@YAXPEAUD@1@@Z"
void f(D *d) { void f(D *d) {
// ITANIUM: {{%[^ ]*}} = call i1 @llvm.bitset.test(i8* {{%[^ ]*}}, metadata !"N5test21DE") // ITANIUM: {{%[^ ]*}} = call i1 @llvm.bitset.test(i8* {{%[^ ]*}}, metadata !"_ZTSN5test21DE")
// MS: {{%[^ ]*}} = call i1 @llvm.bitset.test(i8* {{%[^ ]*}}, metadata !"A@test2@@") // MS: {{%[^ ]*}} = call i1 @llvm.bitset.test(i8* {{%[^ ]*}}, metadata !"?AUA@test2@@")
d->m_fn1(); d->m_fn1();
} }
} }
// Check for the expected number of elements (9 or 15 respectively). // Check for the expected number of elements (9 or 15 respectively).
// MS: !llvm.bitsets = !{[[X:[^,]*(,[^,]*){8}]]} // MS: !llvm.bitsets = !{[[X:[^,]*(,[^,]*){8}]]}
// ITANIUM: !llvm.bitsets = !{[[X:[^,]*(,[^,]*){14}]]} // ITANIUM: !llvm.bitsets = !{[[X:[^,]*(,[^,]*){14}]]}
// ITANIUM-DAG: !{!"1A", [3 x i8*]* @_ZTV1A, i64 16} // ITANIUM-DAG: !{!"_ZTS1A", [3 x i8*]* @_ZTV1A, i64 16}
// ITANIUM-DAG: !{!"1A", [7 x i8*]* @_ZTCN12_GLOBAL__N_11DE0_1B, i64 32} // ITANIUM-DAG: !{!"_ZTS1A", [7 x i8*]* @_ZTCN12_GLOBAL__N_11DE0_1B, i64 32}
// ITANIUM-DAG: !{!"1B", [7 x i8*]* @_ZTCN12_GLOBAL__N_11DE0_1B, i64 32} // ITANIUM-DAG: !{!"_ZTS1B", [7 x i8*]* @_ZTCN12_GLOBAL__N_11DE0_1B, i64 32}
// ITANIUM-DAG: !{!"1A", [9 x i8*]* @_ZTCN12_GLOBAL__N_11DE8_1C, i64 64} // ITANIUM-DAG: !{!"_ZTS1A", [9 x i8*]* @_ZTCN12_GLOBAL__N_11DE8_1C, i64 64}
// ITANIUM-DAG: !{!"1C", [9 x i8*]* @_ZTCN12_GLOBAL__N_11DE8_1C, i64 32} // ITANIUM-DAG: !{!"_ZTS1C", [9 x i8*]* @_ZTCN12_GLOBAL__N_11DE8_1C, i64 32}
// ITANIUM-DAG: !{!"1A", [12 x i8*]* @_ZTVN12_GLOBAL__N_11DE, i64 32} // ITANIUM-DAG: !{!"_ZTS1A", [12 x i8*]* @_ZTVN12_GLOBAL__N_11DE, i64 32}
// ITANIUM-DAG: !{!"1B", [12 x i8*]* @_ZTVN12_GLOBAL__N_11DE, i64 32} // ITANIUM-DAG: !{!"_ZTS1B", [12 x i8*]* @_ZTVN12_GLOBAL__N_11DE, i64 32}
// ITANIUM-DAG: !{!"1C", [12 x i8*]* @_ZTVN12_GLOBAL__N_11DE, i64 88} // ITANIUM-DAG: !{!"_ZTS1C", [12 x i8*]* @_ZTVN12_GLOBAL__N_11DE, i64 88}
// ITANIUM-DAG: !{!"[{{.*}}cfi-vcall.cpp]N12_GLOBAL__N_11DE", [12 x i8*]* @_ZTVN12_GLOBAL__N_11DE, i64 32} // ITANIUM-DAG: !{![[DTYPE]], [12 x i8*]* @_ZTVN12_GLOBAL__N_11DE, i64 32}
// ITANIUM-DAG: !{!"1A", [7 x i8*]* @_ZTV1B, i64 32} // ITANIUM-DAG: !{!"_ZTS1A", [7 x i8*]* @_ZTV1B, i64 32}
// ITANIUM-DAG: !{!"1B", [7 x i8*]* @_ZTV1B, i64 32} // ITANIUM-DAG: !{!"_ZTS1B", [7 x i8*]* @_ZTV1B, i64 32}
// ITANIUM-DAG: !{!"1A", [5 x i8*]* @_ZTV1C, i64 32} // ITANIUM-DAG: !{!"_ZTS1A", [5 x i8*]* @_ZTV1C, i64 32}
// ITANIUM-DAG: !{!"1C", [5 x i8*]* @_ZTV1C, i64 32} // ITANIUM-DAG: !{!"_ZTS1C", [5 x i8*]* @_ZTV1C, i64 32}
// ITANIUM-DAG: !{!"1A", [3 x i8*]* @_ZTVZ3foovE2FA, i64 16} // ITANIUM-DAG: !{!"_ZTS1A", [3 x i8*]* @_ZTVZ3foovE2FA, i64 16}
// ITANIUM-DAG: !{!"[{{.*}}cfi-vcall.cpp]Z3foovE2FA", [3 x i8*]* @_ZTVZ3foovE2FA, i64 16} // ITANIUM-DAG: !{!{{[0-9]+}}, [3 x i8*]* @_ZTVZ3foovE2FA, i64 16}
// MS-DAG: !{!"A@@", [2 x i8*]* @[[VTA]], i64 8} // MS-DAG: !{!"?AUA@@", [2 x i8*]* @[[VTA]], i64 8}
// MS-DAG: !{!"B@@", [3 x i8*]* @[[VTB]], i64 8} // MS-DAG: !{!"?AUB@@", [3 x i8*]* @[[VTB]], i64 8}
// MS-DAG: !{!"A@@", [2 x i8*]* @[[VTAinB]], i64 8} // MS-DAG: !{!"?AUA@@", [2 x i8*]* @[[VTAinB]], i64 8}
// MS-DAG: !{!"A@@", [2 x i8*]* @[[VTAinC]], i64 8} // MS-DAG: !{!"?AUA@@", [2 x i8*]* @[[VTAinC]], i64 8}
// MS-DAG: !{!"B@@", [3 x i8*]* @[[VTBinD]], i64 8} // MS-DAG: !{!"?AUB@@", [3 x i8*]* @[[VTBinD]], i64 8}
// MS-DAG: !{!"[{{.*}}cfi-vcall.cpp]D@?A@@", [3 x i8*]* @[[VTBinD]], i64 8} // MS-DAG: !{![[DTYPE]], [3 x i8*]* @[[VTBinD]], i64 8}
// MS-DAG: !{!"A@@", [2 x i8*]* @[[VTAinBinD]], i64 8} // MS-DAG: !{!"?AUA@@", [2 x i8*]* @[[VTAinBinD]], i64 8}
// MS-DAG: !{!"A@@", [2 x i8*]* @[[VTFA]], i64 8} // MS-DAG: !{!"?AUA@@", [2 x i8*]* @[[VTFA]], i64 8}
// MS-DAG: !{!"[{{.*}}cfi-vcall.cpp]FA@?1??foo@@YAXXZ@", [2 x i8*]* @[[VTFA]], i64 8} // MS-DAG: !{!{{[0-9]+}}, [2 x i8*]* @[[VTFA]], i64 8}

cfe/trunk/test/Driver/fsanitize.c

Show First 20 LinesShow All 228 Lines▼ Show 20 Lines
// RUN: %clang -target i386-pc-openbsd -fsanitize=address %s -### 2>&1 | FileCheck %s --check-prefix=CHECK-ASAN-OPENBSD // RUN: %clang -target i386-pc-openbsd -fsanitize=address %s -### 2>&1 | FileCheck %s --check-prefix=CHECK-ASAN-OPENBSD
// CHECK-ASAN-OPENBSD: unsupported option '-fsanitize=address' for target 'i386-pc-openbsd' // CHECK-ASAN-OPENBSD: unsupported option '-fsanitize=address' for target 'i386-pc-openbsd'
// RUN: %clang -target x86_64-linux-gnu -fsanitize=cfi -flto -c %s -### 2>&1 | FileCheck %s --check-prefix=CHECK-CFI // RUN: %clang -target x86_64-linux-gnu -fsanitize=cfi -flto -c %s -### 2>&1 | FileCheck %s --check-prefix=CHECK-CFI
// RUN: %clang -target x86_64-linux-gnu -fsanitize=cfi-derived-cast -flto -c %s -### 2>&1 | FileCheck %s --check-prefix=CHECK-CFI-DCAST // RUN: %clang -target x86_64-linux-gnu -fsanitize=cfi-derived-cast -flto -c %s -### 2>&1 | FileCheck %s --check-prefix=CHECK-CFI-DCAST
// RUN: %clang -target x86_64-linux-gnu -fsanitize=cfi-unrelated-cast -flto -c %s -### 2>&1 | FileCheck %s --check-prefix=CHECK-CFI-UCAST // RUN: %clang -target x86_64-linux-gnu -fsanitize=cfi-unrelated-cast -flto -c %s -### 2>&1 | FileCheck %s --check-prefix=CHECK-CFI-UCAST
// RUN: %clang -target x86_64-linux-gnu -flto -fsanitize=cfi-nvcall -c %s -### 2>&1 | FileCheck %s --check-prefix=CHECK-CFI-NVCALL // RUN: %clang -target x86_64-linux-gnu -flto -fsanitize=cfi-nvcall -c %s -### 2>&1 | FileCheck %s --check-prefix=CHECK-CFI-NVCALL
// RUN: %clang -target x86_64-linux-gnu -flto -fsanitize=cfi-vcall -c %s -### 2>&1 | FileCheck %s --check-prefix=CHECK-CFI-VCALL // RUN: %clang -target x86_64-linux-gnu -flto -fsanitize=cfi-vcall -c %s -### 2>&1 | FileCheck %s --check-prefix=CHECK-CFI-VCALL
// CHECK-CFI: -emit-llvm-bc{{.*}}-fsanitize=cfi-derived-cast,cfi-unrelated-cast,cfi-nvcall,cfi-vcall // CHECK-CFI: -emit-llvm-bc{{.*}}-fsanitize=cfi-derived-cast,cfi-icall,cfi-unrelated-cast,cfi-nvcall,cfi-vcall
// CHECK-CFI-DCAST: -emit-llvm-bc{{.*}}-fsanitize=cfi-derived-cast // CHECK-CFI-DCAST: -emit-llvm-bc{{.*}}-fsanitize=cfi-derived-cast
// CHECK-CFI-UCAST: -emit-llvm-bc{{.*}}-fsanitize=cfi-unrelated-cast // CHECK-CFI-UCAST: -emit-llvm-bc{{.*}}-fsanitize=cfi-unrelated-cast
// CHECK-CFI-NVCALL: -emit-llvm-bc{{.*}}-fsanitize=cfi-nvcall // CHECK-CFI-NVCALL: -emit-llvm-bc{{.*}}-fsanitize=cfi-nvcall
// CHECK-CFI-VCALL: -emit-llvm-bc{{.*}}-fsanitize=cfi-vcall // CHECK-CFI-VCALL: -emit-llvm-bc{{.*}}-fsanitize=cfi-vcall
// RUN: %clang -target x86_64-linux-gnu -flto -fsanitize=cfi-derived-cast -fno-lto -c %s -### 2>&1 | FileCheck %s --check-prefix=CHECK-CFI-NOLTO // RUN: %clang -target x86_64-linux-gnu -flto -fsanitize=cfi-derived-cast -fno-lto -c %s -### 2>&1 | FileCheck %s --check-prefix=CHECK-CFI-NOLTO
// CHECK-CFI-NOLTO: '-fsanitize=cfi-derived-cast' only allowed with '-flto' // CHECK-CFI-NOLTO: '-fsanitize=cfi-derived-cast' only allowed with '-flto'
// RUN: %clang -target mips-unknown-linux -fsanitize=cfi-icall %s -### 2>&1 | FileCheck %s --check-prefix=CHECK-CFI-ICALL-MIPS
// CHECK-CFI-ICALL-MIPS: unsupported option '-fsanitize=cfi-icall' for target 'mips-unknown-linux'
// RUN: %clang -target x86_64-linux-gnu -fsanitize-trap=address -c %s -### 2>&1 | FileCheck %s --check-prefix=CHECK-ASAN-TRAP // RUN: %clang -target x86_64-linux-gnu -fsanitize-trap=address -c %s -### 2>&1 | FileCheck %s --check-prefix=CHECK-ASAN-TRAP
// CHECK-ASAN-TRAP: error: unsupported argument 'address' to option '-fsanitize-trap' // CHECK-ASAN-TRAP: error: unsupported argument 'address' to option '-fsanitize-trap'
// RUN: %clang -target x86_64-apple-darwin10 -mmacosx-version-min=10.7 -flto -fsanitize=cfi-vcall -fno-sanitize-trap=cfi -c %s -### 2>&1 | FileCheck %s --check-prefix=CHECK-CFI-NOTRAP-OLD-MACOS // RUN: %clang -target x86_64-apple-darwin10 -mmacosx-version-min=10.7 -flto -fsanitize=cfi-vcall -fno-sanitize-trap=cfi -c %s -### 2>&1 | FileCheck %s --check-prefix=CHECK-CFI-NOTRAP-OLD-MACOS
// CHECK-CFI-NOTRAP-OLD-MACOS: error: unsupported option '-fno-sanitize-trap=cfi-vcall' for target 'x86_64-apple-darwin10' // CHECK-CFI-NOTRAP-OLD-MACOS: error: unsupported option '-fno-sanitize-trap=cfi-vcall' for target 'x86_64-apple-darwin10'
// RUN: %clang -target x86_64-pc-win32 -flto -fsanitize=cfi-vcall -fno-sanitize-trap=cfi -c %s -### 2>&1 | FileCheck %s --check-prefix=CHECK-CFI-NOTRAP-WIN // RUN: %clang -target x86_64-pc-win32 -flto -fsanitize=cfi-vcall -fno-sanitize-trap=cfi -c %s -### 2>&1 | FileCheck %s --check-prefix=CHECK-CFI-NOTRAP-WIN
// CHECK-CFI-NOTRAP-WIN: -emit-llvm-bc // CHECK-CFI-NOTRAP-WIN: -emit-llvm-bc
Show All 35 Lines