Diff 15041

include/clang/AST/Decl.h

Show First 20 Lines • Show All 3,257 Lines • ▼ Show 20 Lines	static bool classofKind(Kind K) {
return K >= firstRecord && K <= lastRecord;		return K >= firstRecord && K <= lastRecord;
}		}

/// isMsStrust - Get whether or not this is an ms_struct which can		/// isMsStrust - Get whether or not this is an ms_struct which can
/// be turned on with an attribute, pragma, or -mms-bitfields		/// be turned on with an attribute, pragma, or -mms-bitfields
/// commandline option.		/// commandline option.
bool isMsStruct(const ASTContext &C) const;		bool isMsStruct(const ASTContext &C) const;

		/// \brief Whether we are allowed to insert extra padding between fields.
		rsmithUnsubmitted Not Done Reply Inline Actions In new code, please use `\brief` instead of repeating the function name. rsmith: In new code, please use `\brief` instead of repeating the function name.
		kccAuthorUnsubmitted Not Done Reply Inline Actions done kcc: done
		/// These padding are added to help AddressSanitizer detect
		/// intra-object-overflow bugs.
		bool mayInsertExtraPadding(bool EmitRemark = false) const;
		rsmithUnsubmitted Not Done Reply Inline Actions Please use a leading lowercase letter for this function name for consistency with the rest of the class. rsmith: Please use a leading lowercase letter for this function name for consistency with the rest of…
		kccAuthorUnsubmitted Not Done Reply Inline Actions done kcc: done

private:		private:
/// \brief Deserialize just the fields.		/// \brief Deserialize just the fields.
void LoadFieldsFromExternalStorage() const;		void LoadFieldsFromExternalStorage() const;
};		};

class FileScopeAsmDecl : public Decl {		class FileScopeAsmDecl : public Decl {
virtual void anchor();		virtual void anchor();
StringLiteral *AsmString;		StringLiteral *AsmString;
▲ Show 20 Lines • Show All 454 Lines • Show Last 20 Lines

include/clang/Basic/DiagnosticFrontendKinds.td

Show All 40 Lines	def remark_fe_backend_optimization_remark_missed : Remark<"%0">, BackendInfo,
InGroup<BackendOptimizationRemarkMissed>;		InGroup<BackendOptimizationRemarkMissed>;
def remark_fe_backend_optimization_remark_analysis : Remark<"%0">, BackendInfo,		def remark_fe_backend_optimization_remark_analysis : Remark<"%0">, BackendInfo,
InGroup<BackendOptimizationRemarkAnalysis>;		InGroup<BackendOptimizationRemarkAnalysis>;
def warn_fe_backend_optimization_failure : Warning<"%0">, BackendInfo,		def warn_fe_backend_optimization_failure : Warning<"%0">, BackendInfo,
InGroup<BackendOptimizationFailure>, DefaultWarn;		InGroup<BackendOptimizationFailure>, DefaultWarn;
def note_fe_backend_optimization_remark_invalid_loc : Note<"could "		def note_fe_backend_optimization_remark_invalid_loc : Note<"could "
"not determine the original source location for %0:%1:%2">;		"not determine the original source location for %0:%1:%2">;

		def remark_sanitize_address_insert_extra_padding_accepted : Remark<
		"-fsanitize-address-field-padding applied to %0">, ShowInSystemHeader,
		InGroup<SanitizeAddressRemarks>;
		rsmithUnsubmitted Not Done Reply Inline Actions Remarks are end-user-visible, so should be a bit more friendly than this. Also, this diagnostic should use "%select{list\|of\|strings}1" rather than putting user-visible strings in the code in Decl.cpp. Something like: "-fsanitize-address-field-padding ignored for %0 because it %select{is packed\|is a union\|is trivially copyable\|has a trivial destructor\|is standard layout\|is in a blacklisted file\|is blacklisted}1" ... would seem reasonable. (I don't think it's worth remarking once per class if the reason we're not sanitizing is because the current language is C; in that case, we should warn once for the entire compilation.) rsmith: Remarks are end-user-visible, so should be a bit more friendly than this. Also, this diagnostic…
		kccAuthorUnsubmitted Not Done Reply Inline Actions Done except for "we should warn once for the entire compilation for C" What is the kosher way to achieve that in clang? (I assume that a function-scope static boolean is not kosher) kcc: Done except for "we should warn once for the entire compilation for C" What is the kosher way…
		def remark_sanitize_address_insert_extra_padding_rejected : Remark<
		"-fsanitize-address-field-padding ignored for %0 because it "
		"%select{is not C++\|is packed\|is a union\|is trivially copyable\|"
		"has trivial destructor\|is standard layout\|is in a blacklisted file\|"
		"is blacklisted}1">, ShowInSystemHeader,
		rsmithUnsubmitted Not Done Reply Inline Actions I don't think these should be `BackendInfo`, because they're reflecting frontend semantics changes. They should probably be just `ShowInSystemHeader`. rsmith: I don't think these should be `BackendInfo`, because they're reflecting frontend semantics…
		InGroup<SanitizeAddressRemarks>;

def err_fe_invalid_code_complete_file : Error<		def err_fe_invalid_code_complete_file : Error<
"cannot locate code-completion file %0">, DefaultFatal;		"cannot locate code-completion file %0">, DefaultFatal;
def err_fe_stdout_binary : Error<"unable to change standard output to binary">,		def err_fe_stdout_binary : Error<"unable to change standard output to binary">,
DefaultFatal;		DefaultFatal;
def err_fe_dependency_file_requires_MT : Error<		def err_fe_dependency_file_requires_MT : Error<
"-dependency-file requires at least one -MT or -MQ option">;		"-dependency-file requires at least one -MT or -MQ option">;
def err_fe_invalid_plugin_name : Error<		def err_fe_invalid_plugin_name : Error<
"unable to find plugin '%0'">;		"unable to find plugin '%0'">;
▲ Show 20 Lines • Show All 129 Lines • Show Last 20 Lines

include/clang/Basic/DiagnosticGroups.td

	Show First 20 Lines • Show All 721 Lines • ▼ Show 20 Lines
	def BackendOptimizationRemarkMissed : DiagGroup<"pass-missed">;			def BackendOptimizationRemarkMissed : DiagGroup<"pass-missed">;
	def BackendOptimizationRemarkAnalysis : DiagGroup<"pass-analysis">;			def BackendOptimizationRemarkAnalysis : DiagGroup<"pass-analysis">;
	def BackendOptimizationFailure : DiagGroup<"pass-failed">;			def BackendOptimizationFailure : DiagGroup<"pass-failed">;

	// Instrumentation based profiling warnings.			// Instrumentation based profiling warnings.
	def ProfileInstrOutOfDate : DiagGroup<"profile-instr-out-of-date">;			def ProfileInstrOutOfDate : DiagGroup<"profile-instr-out-of-date">;
	def ProfileInstrUnprofiled : DiagGroup<"profile-instr-unprofiled">;			def ProfileInstrUnprofiled : DiagGroup<"profile-instr-unprofiled">;

				// AddressSanitizer frontent instrumentation remarks.
				def SanitizeAddressRemarks : DiagGroup<"sanitize-address">;

	// A warning group for warnings about code that clang accepts when			// A warning group for warnings about code that clang accepts when
	// compiling CUDA C/C++ but which is not compatible with the CUDA spec.			// compiling CUDA C/C++ but which is not compatible with the CUDA spec.
	def CudaCompat : DiagGroup<"cuda-compat">;			def CudaCompat : DiagGroup<"cuda-compat">;

include/clang/Basic/SanitizerBlacklist.h

	Show All 29 Lines
	class SanitizerBlacklist {			class SanitizerBlacklist {
	std::unique_ptr<llvm::SpecialCaseList> SCL;			std::unique_ptr<llvm::SpecialCaseList> SCL;

	public:			public:
	SanitizerBlacklist(const std::string &BlacklistPath);			SanitizerBlacklist(const std::string &BlacklistPath);
	bool isIn(const llvm::Function &F) const;			bool isIn(const llvm::Function &F) const;
	bool isIn(const llvm::GlobalVariable &G,			bool isIn(const llvm::GlobalVariable &G,
	StringRef Category = StringRef()) const;			StringRef Category = StringRef()) const;
	bool isBlacklistedType(StringRef MangledTypeName) const;			bool isBlacklistedType(StringRef MangledTypeName,
				StringRef Category = StringRef()) const;
	bool isBlacklistedFunction(StringRef FunctionName) const;			bool isBlacklistedFunction(StringRef FunctionName) const;
	bool isBlacklistedFile(StringRef FileName,			bool isBlacklistedFile(StringRef FileName,
	StringRef Category = StringRef()) const;			StringRef Category = StringRef()) const;
	};			};

	} // end namespace clang			} // end namespace clang

	#endif			#endif

lib/AST/Decl.cpp

Show All 23 Lines
#include "clang/AST/PrettyPrinter.h"		#include "clang/AST/PrettyPrinter.h"
#include "clang/AST/Stmt.h"		#include "clang/AST/Stmt.h"
#include "clang/AST/TypeLoc.h"		#include "clang/AST/TypeLoc.h"
#include "clang/Basic/Builtins.h"		#include "clang/Basic/Builtins.h"
#include "clang/Basic/IdentifierTable.h"		#include "clang/Basic/IdentifierTable.h"
#include "clang/Basic/Module.h"		#include "clang/Basic/Module.h"
#include "clang/Basic/Specifiers.h"		#include "clang/Basic/Specifiers.h"
#include "clang/Basic/TargetInfo.h"		#include "clang/Basic/TargetInfo.h"
		#include "clang/Frontend/FrontendDiagnostic.h"
#include "llvm/Support/ErrorHandling.h"		#include "llvm/Support/ErrorHandling.h"
#include <algorithm>		#include <algorithm>

using namespace clang;		using namespace clang;

Decl clang::getPrimaryMergedDecl(Decl D) {		Decl clang::getPrimaryMergedDecl(Decl D) {
return D->getASTContext().getPrimaryMergedDecl(D);		return D->getASTContext().getPrimaryMergedDecl(D);
}		}
▲ Show 20 Lines • Show All 3,570 Lines • ▼ Show 20 Lines	#endif

if (Decls.empty())		if (Decls.empty())
return;		return;

std::tie(FirstDecl, LastDecl) = BuildDeclChain(Decls,		std::tie(FirstDecl, LastDecl) = BuildDeclChain(Decls,
/FieldsAlreadyLoaded=/false);		/FieldsAlreadyLoaded=/false);
}		}

		bool RecordDecl::mayInsertExtraPadding(bool EmitRemark) const {
		ASTContext &Context = getASTContext();
		if (!Context.getLangOpts().Sanitize.Address \|\|
		!Context.getLangOpts().Sanitize.SanitizeAddressFieldPadding)
		return false;
		auto &Blacklist = Context.getSanitizerBlacklist();
		const CXXRecordDecl *CXXRD = dyn_cast<CXXRecordDecl>(this);
		StringRef Filename = Context.getSourceManager().getFilename(getLocation());
		// We may be able to relax some of these requirements.
		int ReasonToReject = -1;
		if (!CXXRD \|\| CXXRD->isExternCContext())
		ReasonToReject = 0; // is not C++.
		rsmithUnsubmitted Not Done Reply Inline Actions It would seem prudent to also test whether the type is in an `extern "C"` linkage specification in C++ here: if (!CXXRD \|\| CXXRD->isExternCContext()) rsmith: It would seem prudent to also test whether the type is in an `extern "C"` linkage specification…
		else if (CXXRD->hasAttr<PackedAttr>())
		ReasonToReject = 1; // is packed.
		rsmithUnsubmitted Not Done Reply Inline Actions Please use `nullptr` rather than `0`. rsmith: Please use `nullptr` rather than `0`.
		kccAuthorUnsubmitted Not Done Reply Inline Actions Var changed to int. kcc: Var changed to int.
		else if (CXXRD->isUnion())
		ReasonToReject = 2; // is a union.
		else if (CXXRD->isTriviallyCopyable())
		ReasonToReject = 3; // is trivially copyable.
		else if (CXXRD->hasTrivialDestructor())
		ReasonToReject = 4; // has trivial destructor.
		else if (CXXRD->isStandardLayout())
		ReasonToReject = 5; // is standard layout.
		else if (Blacklist.isBlacklistedFile(Filename, "field-padding"))
		rsmithUnsubmitted Not Done Reply Inline Actions `hasSimpleDestructor` still does not seem right; it's a notion internal to how we manage implicit declaration and definition for destructors and shouldn't be used for anything else. Does `hasTrivialDestructor` work for you? rsmith: `hasSimpleDestructor` still does not seem right; it's a notion internal to how we manage…
		kccAuthorUnsubmitted Not Done Reply Inline Actions Yes, this seems to work, kcc: Yes, this seems to work,
		ReasonToReject = 6; // is in a blacklisted file.
		samsonovUnsubmitted Not Done Reply Inline Actions This looks weird: II->getName() is neither mangled nor qualified (what would it return for the record declared inside the namespaces)? Consider testing smth. like printQualifiedName(). samsonov: This looks weird: II->getName() is neither mangled nor qualified (what would it return for the…
		else if (Blacklist.isBlacklistedType(getQualifiedNameAsString(),
		"field-padding"))
		ReasonToReject = 7; // is blacklisted.

		if (EmitRemark) {
		rsmithUnsubmitted Not Done Reply Inline Actions Blacklisting by identifier doesn't seem ideal; there should probably be some way of specifying a namespace in the blacklist file. rsmith: Blacklisting by identifier doesn't seem ideal; there should probably be some way of specifying…
		kccAuthorUnsubmitted Not Done Reply Inline Actions done (using getQualifiedNameAsString()) kcc: done (using getQualifiedNameAsString())
		if (ReasonToReject >= 0)
		Context.getDiagnostics().Report(
		getLocation(),
		diag::remark_sanitize_address_insert_extra_padding_rejected)
		<< getQualifiedNameAsString() << ReasonToReject;
		else
		Context.getDiagnostics().Report(
		getLocation(),
		diag::remark_sanitize_address_insert_extra_padding_accepted)
		<< getQualifiedNameAsString();
		}
		return ReasonToReject < 0;
		}

//===----------------------------------------------------------------------===//		//===----------------------------------------------------------------------===//
// BlockDecl Implementation		// BlockDecl Implementation
//===----------------------------------------------------------------------===//		//===----------------------------------------------------------------------===//

void BlockDecl::setParams(ArrayRef<ParmVarDecl *> NewParamInfo) {		void BlockDecl::setParams(ArrayRef<ParmVarDecl *> NewParamInfo) {
assert(!ParamInfo && "Already has param info!");		assert(!ParamInfo && "Already has param info!");

// Zero params -> null pointer.		// Zero params -> null pointer.
▲ Show 20 Lines • Show All 324 Lines • Show Last 20 Lines

lib/AST/RecordLayoutBuilder.cpp

Show First 20 Lines • Show All 646 Lines • ▼ Show 20 Lines	void resetWithTargetAlignment(CharUnits TargetAlignment) {
Alignment = UnpackedAlignment = TargetAlignment;		Alignment = UnpackedAlignment = TargetAlignment;
}		}

void Layout(const RecordDecl *D);		void Layout(const RecordDecl *D);
void Layout(const CXXRecordDecl *D);		void Layout(const CXXRecordDecl *D);
void Layout(const ObjCInterfaceDecl *D);		void Layout(const ObjCInterfaceDecl *D);

void LayoutFields(const RecordDecl *D);		void LayoutFields(const RecordDecl *D);
void LayoutField(const FieldDecl *D);		void LayoutField(const FieldDecl *D, bool InsertExtraPadding);
void LayoutWideBitField(uint64_t FieldSize, uint64_t TypeSize,		void LayoutWideBitField(uint64_t FieldSize, uint64_t TypeSize,
bool FieldPacked, const FieldDecl *D);		bool FieldPacked, const FieldDecl *D);
void LayoutBitField(const FieldDecl *D);		void LayoutBitField(const FieldDecl *D);

TargetCXXABI getCXXABI() const {		TargetCXXABI getCXXABI() const {
return Context.getTargetInfo().getCXXABI();		return Context.getTargetInfo().getCXXABI();
}		}

▲ Show 20 Lines • Show All 662 Lines • ▼ Show 20 Lines	if (ObjCInterfaceDecl *SD = D->getSuperClass()) {
setSize(SL.getDataSize());		setSize(SL.getDataSize());
setDataSize(getSize());		setDataSize(getSize());
}		}

InitializeLayout(D);		InitializeLayout(D);
// Layout each ivar sequentially.		// Layout each ivar sequentially.
for (const ObjCIvarDecl *IVD = D->all_declared_ivar_begin(); IVD;		for (const ObjCIvarDecl *IVD = D->all_declared_ivar_begin(); IVD;
IVD = IVD->getNextIvar())		IVD = IVD->getNextIvar())
LayoutField(IVD);		LayoutField(IVD, false);

// Finally, round the size of the total struct up to the alignment of the		// Finally, round the size of the total struct up to the alignment of the
// struct itself.		// struct itself.
FinishLayout(D);		FinishLayout(D);
}		}

void RecordLayoutBuilder::LayoutFields(const RecordDecl *D) {		void RecordLayoutBuilder::LayoutFields(const RecordDecl *D) {
// Layout each field, for now, just sequentially, respecting alignment. In		// Layout each field, for now, just sequentially, respecting alignment. In
// the future, this will need to be tweakable by targets.		// the future, this will need to be tweakable by targets.
		bool InsertExtraPadding = D->mayInsertExtraPadding(/EmitRemark=/true);
		rsmithUnsubmitted Not Done Reply Inline Actions Typo. "Later in CodeGen, extra code will [...]" rsmith: Typo. "Later in CodeGen, extra code will [...]"
		kccAuthorUnsubmitted Not Done Reply Inline Actions done kcc: done
for (const auto *Field : D->fields())		for (const auto *Field : D->fields())
		rsmithUnsubmitted Not Done Reply Inline Actions This does not depend on the value of `FD`; perhaps remove `FD` and just call it once per class? rsmith: This does not depend on the value of `FD`; perhaps remove `FD` and just call it once per class?
		kccAuthorUnsubmitted Not Done Reply Inline Actions Agree. Moved to RecordDecl::MayInsertExtraPadding In future I may need a separate function to check a particular field (e.g. if we want paddings only after arrays). But not in this patch kcc: Agree. Moved to RecordDecl::MayInsertExtraPadding In future I may need a separate function to…
LayoutField(Field);		LayoutField(Field, InsertExtraPadding);
}		}

		rsmithUnsubmitted Not Done Reply Inline Actions This might be easier if you insert padding before fields rather than after them. rsmith: This might be easier if you insert padding before fields rather than after them.
		kccAuthorUnsubmitted Not Done Reply Inline Actions I've reverted the loop to its previous state because I actually decided to instrument the last field as well. This handles cases where we have an array of objects and an overflow from the last field of one objects touches the other object. kcc: I've reverted the loop to its previous state because I actually decided to instrument the last…
void RecordLayoutBuilder::LayoutWideBitField(uint64_t FieldSize,		void RecordLayoutBuilder::LayoutWideBitField(uint64_t FieldSize,
uint64_t TypeSize,		uint64_t TypeSize,
bool FieldPacked,		bool FieldPacked,
		rsmithUnsubmitted Not Done Reply Inline Actions Maybe factor out adding the padding from adding the field? I don't think they need to be done together, do they? Also, you shouldn't add padding at the end of the class if it ends in a flexible array member. rsmith: Maybe factor out adding the padding from adding the field? I don't think they need to be done…
		kccAuthorUnsubmitted Not Done Reply Inline Actions Maybe factor out adding the padding from adding the field? I don't think they need to be done together, do they? Err. Not sure here. It looks like it fits here naturally because we change the FieldSize which then affect the computation if the type's size, etc Also, you shouldn't add padding at the end of the class if it ends in a flexible array member. Added the check for !FieldSize.isZero() kcc: >> Maybe factor out adding the padding from adding the field? I don't think they need to be…
const FieldDecl *D) {		const FieldDecl *D) {
assert(Context.getLangOpts().CPlusPlus &&		assert(Context.getLangOpts().CPlusPlus &&
"Can only have wide bit-fields in C++!");		"Can only have wide bit-fields in C++!");

// Itanium C++ ABI 2.4:		// Itanium C++ ABI 2.4:
// If sizeof(T)*8 < n, let T' be the largest integral POD type with		// If sizeof(T)*8 < n, let T' be the largest integral POD type with
// sizeof(T')*8 <= n.		// sizeof(T')*8 <= n.

QualType IntegralPODTypes[] = {		QualType IntegralPODTypes[] = {
Context.UnsignedCharTy, Context.UnsignedShortTy, Context.UnsignedIntTy,		Context.UnsignedCharTy, Context.UnsignedShortTy, Context.UnsignedIntTy,
Context.UnsignedLongTy, Context.UnsignedLongLongTy		Context.UnsignedLongTy, Context.UnsignedLongLongTy
		rsmithUnsubmitted Not Done Reply Inline Actions This 'simple destructor' check doesn't seem right. What properties do you intend to check for here? rsmith: This 'simple destructor' check doesn't seem right. What properties do you intend to check for…
		kccAuthorUnsubmitted Not Done Reply Inline Actions I wanted to limit to classes that have a user defined DTOR, at least in one of the members, subclasses, etc. As I say in the comment above, we'll try to relax some of these requirements. This and other limitations are something that I was able to debug so far, I'll be removing/relaxing these requirements one by one later. kcc: I wanted to limit to classes that have a user defined DTOR, at least in one of the members…
};		};

		rsmithUnsubmitted Not Done Reply Inline Actions What's the reason behind picking these rules? It seems like we could be more aggressive here and still follow the C++ standard. Is this for C compatibility, or people who roll their own memcpy, or something else? I guess the ASan-instrumented memcpy can be taught that it's OK to copy intra-object redzone? rsmith: What's the reason behind picking these rules? It seems like we could be more aggressive here…
		kccAuthorUnsubmitted Not Done Reply Inline Actions It's quite hard to teach asan memcpy to avoid intra object redzones w/o extra false negatives and performance penalty. But I do want to relax the requirement of non-standard layout, just not in this CL kcc: It's quite hard to teach asan memcpy to avoid intra object redzones w/o extra false negatives…
QualType Type;		QualType Type;
for (const QualType &QT : IntegralPODTypes) {		for (const QualType &QT : IntegralPODTypes) {
uint64_t Size = Context.getTypeSize(QT);		uint64_t Size = Context.getTypeSize(QT);

if (Size > FieldSize)		if (Size > FieldSize)
break;		break;

Type = QT;		Type = QT;
		majnemerUnsubmitted Not Done Reply Inline Actions This doesn't look windows friendly. majnemer: This doesn't look windows friendly.
}		}
assert(!Type.isNull() && "Did not find a type!");		assert(!Type.isNull() && "Did not find a type!");

CharUnits TypeAlign = Context.getTypeAlignInChars(Type);		CharUnits TypeAlign = Context.getTypeAlignInChars(Type);
		rsmithUnsubmitted Not Done Reply Inline Actions Please fix =) I think reusing the same `-fsanitize-blacklist` flag makes sense. rsmith: Please fix =) I think reusing the same `-fsanitize-blacklist` flag makes sense.
		kccAuthorUnsubmitted Not Done Reply Inline Actions Alexey will commit a separate patch to move fsanitize=blacklist to langopts. Clearly, I will wait for that and update this CL kcc: Alexey will commit a separate patch to move fsanitize=blacklist to langopts. Clearly, I will…
		samsonovUnsubmitted Not Done Reply Inline Actions r219842 moves `-fsanitize-blacklist` is in LangOpts. You've probably thought about it, but I will warn you anyway: recompiling the library with the same compiler and compile flags, but different blacklist file will make it ABI-incompatible. So, we should be really careful in using it. samsonov: r219842 moves ``-fsanitize-blacklist`` is in LangOpts. You've probably thought about it, but I…

// We're not going to use any of the unfilled bits in the last byte.		// We're not going to use any of the unfilled bits in the last byte.
UnfilledBitsInLastUnit = 0;		UnfilledBitsInLastUnit = 0;
LastBitfieldTypeSize = 0;		LastBitfieldTypeSize = 0;

uint64_t FieldOffset;		uint64_t FieldOffset;
uint64_t UnpaddedFieldOffset = getDataSizeInBits() - UnfilledBitsInLastUnit;		uint64_t UnpaddedFieldOffset = getDataSizeInBits() - UnfilledBitsInLastUnit;

		rsmithUnsubmitted Not Done Reply Inline Actions If you're going to keep this, it should be put behind a remark flag, and should use the normal diagnostics machinery. rsmith: If you're going to keep this, it should be put behind a remark flag, and should use the normal…
		kccAuthorUnsubmitted Not Done Reply Inline Actions done (-Rsanitize-address) kcc: done (-Rsanitize-address)
if (IsUnion) {		if (IsUnion) {
setDataSize(std::max(getDataSizeInBits(), FieldSize));		setDataSize(std::max(getDataSizeInBits(), FieldSize));
FieldOffset = 0;		FieldOffset = 0;
} else {		} else {
// The bitfield is allocated starting at the next offset aligned		// The bitfield is allocated starting at the next offset aligned
// appropriately for T', with length n bits.		// appropriately for T', with length n bits.
FieldOffset = llvm::RoundUpToAlignment(getDataSizeInBits(),		FieldOffset = llvm::RoundUpToAlignment(getDataSizeInBits(),
Context.toBits(TypeAlign));		Context.toBits(TypeAlign));
▲ Show 20 Lines • Show All 248 Lines • ▼ Show 20 Lines	void RecordLayoutBuilder::LayoutBitField(const FieldDecl *D) {
// Update the size.		// Update the size.
setSize(std::max(getSizeInBits(), getDataSizeInBits()));		setSize(std::max(getSizeInBits(), getDataSizeInBits()));

// Remember max struct/class alignment.		// Remember max struct/class alignment.
UpdateAlignment(Context.toCharUnitsFromBits(FieldAlign),		UpdateAlignment(Context.toCharUnitsFromBits(FieldAlign),
Context.toCharUnitsFromBits(UnpackedFieldAlign));		Context.toCharUnitsFromBits(UnpackedFieldAlign));
}		}

void RecordLayoutBuilder::LayoutField(const FieldDecl *D) {		void RecordLayoutBuilder::LayoutField(const FieldDecl *D,
		bool InsertExtraPadding) {
if (D->isBitField()) {		if (D->isBitField()) {
LayoutBitField(D);		LayoutBitField(D);
return;		return;
}		}

uint64_t UnpaddedFieldOffset = getDataSizeInBits() - UnfilledBitsInLastUnit;		uint64_t UnpaddedFieldOffset = getDataSizeInBits() - UnfilledBitsInLastUnit;

// Reset the unfilled bits.		// Reset the unfilled bits.
▲ Show 20 Lines • Show All 87 Lines • ▼ Show 20 Lines	void RecordLayoutBuilder::LayoutField(const FieldDecl *D,
// Place this field at the current location.		// Place this field at the current location.
FieldOffsets.push_back(Context.toBits(FieldOffset));		FieldOffsets.push_back(Context.toBits(FieldOffset));

if (!ExternalLayout)		if (!ExternalLayout)
CheckFieldPadding(Context.toBits(FieldOffset), UnpaddedFieldOffset,		CheckFieldPadding(Context.toBits(FieldOffset), UnpaddedFieldOffset,
Context.toBits(UnpackedFieldOffset),		Context.toBits(UnpackedFieldOffset),
Context.toBits(UnpackedFieldAlign), FieldPacked, D);		Context.toBits(UnpackedFieldAlign), FieldPacked, D);

		if (InsertExtraPadding && !FieldSize.isZero()) {
		CharUnits ASanAlignment = CharUnits::fromQuantity(8);
		CharUnits ExtraSizeForAsan = ASanAlignment;
		if (FieldSize % ASanAlignment)
		ExtraSizeForAsan +=
		ASanAlignment - CharUnits::fromQuantity(FieldSize % ASanAlignment);
		FieldSize += ExtraSizeForAsan;
		}

// Reserve space for this field.		// Reserve space for this field.
uint64_t FieldSizeInBits = Context.toBits(FieldSize);		uint64_t FieldSizeInBits = Context.toBits(FieldSize);
if (IsUnion)		if (IsUnion)
setDataSize(std::max(getDataSizeInBits(), FieldSizeInBits));		setDataSize(std::max(getDataSizeInBits(), FieldSizeInBits));
else		else
setDataSize(FieldOffset + FieldSize);		setDataSize(FieldOffset + FieldSize);

// Update the size.		// Update the size.
▲ Show 20 Lines • Show All 1,370 Lines • Show Last 20 Lines

lib/Basic/SanitizerBlacklist.cpp

	Show All 38 Lines

	bool SanitizerBlacklist::isIn(const llvm::GlobalVariable &G,			bool SanitizerBlacklist::isIn(const llvm::GlobalVariable &G,
	StringRef Category) const {			StringRef Category) const {
	return isBlacklistedFile(G.getParent()->getModuleIdentifier(), Category) \|\|			return isBlacklistedFile(G.getParent()->getModuleIdentifier(), Category) \|\|
	SCL->inSection("global", G.getName(), Category) \|\|			SCL->inSection("global", G.getName(), Category) \|\|
	SCL->inSection("type", GetGlobalTypeString(G), Category);			SCL->inSection("type", GetGlobalTypeString(G), Category);
	}			}

	bool SanitizerBlacklist::isBlacklistedType(StringRef MangledTypeName) const {			bool SanitizerBlacklist::isBlacklistedType(StringRef MangledTypeName,
	return SCL->inSection("type", MangledTypeName);			StringRef Category) const {
				return SCL->inSection("type", MangledTypeName, Category);
	}			}

	bool SanitizerBlacklist::isBlacklistedFunction(StringRef FunctionName) const {			bool SanitizerBlacklist::isBlacklistedFunction(StringRef FunctionName) const {
	return SCL->inSection("fun", FunctionName);			return SCL->inSection("fun", FunctionName);
	}			}

	bool SanitizerBlacklist::isBlacklistedFile(StringRef FileName,			bool SanitizerBlacklist::isBlacklistedFile(StringRef Filename,
	StringRef Category) const {			StringRef Category) const {
	return SCL->inSection("src", FileName, Category);			return SCL->inSection("src", Filename, Category);
	}			}

lib/CodeGen/CGClass.cpp

Show First 20 Lines • Show All 696 Lines • ▼ Show 20 Lines	static bool IsConstructorDelegationValid(const CXXConstructorDecl *Ctor) {

// FIXME: Decide if we can do a delegation of a delegating constructor.		// FIXME: Decide if we can do a delegation of a delegating constructor.
if (Ctor->isDelegatingConstructor())		if (Ctor->isDelegatingConstructor())
return false;		return false;

return true;		return true;
}		}

		// Emit code in ctor (Prologue==true) or dtor (Prologue==false)
		rsmithUnsubmitted Not Done Reply Inline Actions "ctor" and "dtor" in lowercase please. Stripping the poison in the dtor doesn't match C++ semantics: you aren't required to run the dtor to reuse the storage as something else, but conversely you can't reuse the storage as something else unless you use placement-new to construct a new object. As a compromise to be nicer to existing code, maybe we should strip poison both in the dtor and in a new-expression? rsmith: "ctor" and "dtor" in lowercase please. Stripping the poison in the dtor doesn't match C++…
		kccAuthorUnsubmitted Not Done Reply Inline Actions We may be able to relax the requirement of unpoisoning in dtor, but not in this CL. I've seen at least few places (on in LLVM itself) where we should not instrument a class w/o dtor. striping poisin in new-expression is not a solution as it may lead to false negatives (e.g. when a new-expression is called on an illegal memory) kcc: We may be able to relax the requirement of unpoisoning in dtor, but not in this CL. I've seen…
		// to poison the extra field paddings inserted under
		// -fsanitize-address-field-padding=1\|2.
		void CodeGenFunction::EmitAsanPrologueOrEpilogue(bool Prologue) {
		ASTContext &Context = getContext();
		const CXXRecordDecl *ClassDecl =
		Prologue ? cast<CXXConstructorDecl>(CurGD.getDecl())->getParent()
		: cast<CXXDestructorDecl>(CurGD.getDecl())->getParent();
		if (!ClassDecl->mayInsertExtraPadding()) return;

		rsmithUnsubmitted Not Done Reply Inline Actions This doesn't match the set of checks you did in `MayInsertExtraPaddingAfterField`; in particular, do you need to consider unions here? rsmith: This doesn't match the set of checks you did in `MayInsertExtraPaddingAfterField`; in…
		kccAuthorUnsubmitted Not Done Reply Inline Actions Agree. I've moved all this logic into RecordDecl::MayInsertExtraPadding and call it twice, once from RecordLayoutBuilder::LayoutFields and once from CodeGenFunction::EmitAsanPrologueOrEpilogue kcc: Agree. I've moved all this logic into RecordDecl::MayInsertExtraPadding and call it twice, once…
		struct SizeAndOffset {
		uint64_t Size;
		uint64_t Offset;
		};

		rsmithUnsubmitted Not Done Reply Inline Actions Field names should be capitalized. rsmith: Field names should be capitalized.
		kccAuthorUnsubmitted Not Done Reply Inline Actions done kcc: done
		unsigned PtrSize = CGM.getDataLayout().getPointerSizeInBits();
		const ASTRecordLayout &Info = Context.getASTRecordLayout(ClassDecl);

		// Populate sizes and offsets of fields.
		SmallVector<SizeAndOffset, 16> SSV(Info.getFieldCount());
		for (unsigned i = 0, e = Info.getFieldCount(); i != e; ++i)
		SSV[i].Offset =
		Context.toCharUnitsFromBits(Info.getFieldOffset(i)).getQuantity();

		size_t NumFields = 0;
		rsmithUnsubmitted Not Done Reply Inline Actions Please don't hard-code `8` here; use `ASTContext::toCharUnitsFromBits` instead. rsmith: Please don't hard-code `8` here; use `ASTContext::toCharUnitsFromBits` instead.
		kccAuthorUnsubmitted Not Done Reply Inline Actions done kcc: done
		for (const auto *Field : ClassDecl->fields()) {
		const FieldDecl *D = Field;
		std::pair<CharUnits, CharUnits> FieldInfo =
		Context.getTypeInfoInChars(D->getType());
		CharUnits FieldSize = FieldInfo.first;
		assert(NumFields < SSV.size());
		SSV[NumFields].Size = D->isBitField() ? 0 : FieldSize.getQuantity();
		NumFields++;
		}
		assert(NumFields == SSV.size());
		if (SSV.size() <= 1) return;

		// We will insert calls to __asan_* run-time functions.
		// LLVM AddressSanitizer pass may decide to inline them later.
		llvm::Type *Args[2] = {IntPtrTy, IntPtrTy};
		llvm::FunctionType *FTy =
		llvm::FunctionType::get(CGM.VoidTy, Args, false);
		llvm::Constant *F = CGM.CreateRuntimeFunction(
		rsmithUnsubmitted Not Done Reply Inline Actions This is `IntPtrTy` (a member of `CodeGenFunction`). rsmith: This is `IntPtrTy` (a member of `CodeGenFunction`).
		kccAuthorUnsubmitted Not Done Reply Inline Actions done kcc: done
		FTy, Prologue ? "__asan_poison_intra_object_redzone"
		: "__asan_unpoison_intra_object_redzone");

		llvm::Value *ThisPtr = LoadCXXThis();
		ThisPtr = Builder.CreatePtrToInt(ThisPtr, IntPtrTy);
		QualType RecordTy = Context.getTypeDeclType(ClassDecl);
		uint64_t TypeSize = Context.getTypeSizeInChars(RecordTy).getQuantity();

		// For each field check if it has sufficient padding,
		// if so (un)poison it with a call.
		for (size_t i = 0; i < SSV.size(); i++) {
		uint64_t AsanAlignment = 8;
		uint64_t NextField = i == SSV.size() - 1 ? TypeSize : SSV[i + 1].Offset;
		uint64_t PoisonSize = NextField - SSV[i].Offset - SSV[i].Size;
		uint64_t EndOffset = SSV[i].Offset + SSV[i].Size;
		if (PoisonSize < AsanAlignment \|\| !SSV[i].Size \|\|
		(NextField % AsanAlignment) != 0)
		continue;
		Builder.CreateCall2(
		F, Builder.CreateAdd(ThisPtr, Builder.getIntN(PtrSize, EndOffset)),
		Builder.getIntN(PtrSize, PoisonSize));
		}
		}

/// EmitConstructorBody - Emits the body of the current constructor.		/// EmitConstructorBody - Emits the body of the current constructor.
void CodeGenFunction::EmitConstructorBody(FunctionArgList &Args) {		void CodeGenFunction::EmitConstructorBody(FunctionArgList &Args) {
		EmitAsanPrologueOrEpilogue(true);
const CXXConstructorDecl *Ctor = cast<CXXConstructorDecl>(CurGD.getDecl());		const CXXConstructorDecl *Ctor = cast<CXXConstructorDecl>(CurGD.getDecl());
CXXCtorType CtorType = CurGD.getCtorType();		CXXCtorType CtorType = CurGD.getCtorType();

assert((CGM.getTarget().getCXXABI().hasConstructorVariants() \|\|		assert((CGM.getTarget().getCXXABI().hasConstructorVariants() \|\|
CtorType == Ctor_Complete) &&		CtorType == Ctor_Complete) &&
"can only generate complete ctor for this ABI");		"can only generate complete ctor for this ABI");

// Before we go any further, try the complete->base constructor		// Before we go any further, try the complete->base constructor
▲ Show 20 Lines • Show All 72 Lines • ▼ Show 20 Lines	namespace {
public:		public:
FieldMemcpyizer(CodeGenFunction &CGF, const CXXRecordDecl *ClassDecl,		FieldMemcpyizer(CodeGenFunction &CGF, const CXXRecordDecl *ClassDecl,
const VarDecl *SrcRec)		const VarDecl *SrcRec)
: CGF(CGF), ClassDecl(ClassDecl), SrcRec(SrcRec),		: CGF(CGF), ClassDecl(ClassDecl), SrcRec(SrcRec),
RecLayout(CGF.getContext().getASTRecordLayout(ClassDecl)),		RecLayout(CGF.getContext().getASTRecordLayout(ClassDecl)),
FirstField(nullptr), LastField(nullptr), FirstFieldOffset(0),		FirstField(nullptr), LastField(nullptr), FirstFieldOffset(0),
LastFieldOffset(0), LastAddedFieldIndex(0) {}		LastFieldOffset(0), LastAddedFieldIndex(0) {}

static bool isMemcpyableField(FieldDecl *F) {		bool isMemcpyableField(FieldDecl *F) const {
		// Never memcpy fields when we are adding poisoned paddings.
		if (CGF.getContext().getLangOpts().Sanitize.SanitizeAddressFieldPadding)
		return false;
Qualifiers Qual = F->getType().getQualifiers();		Qualifiers Qual = F->getType().getQualifiers();
if (Qual.hasVolatile() \|\| Qual.hasObjCLifetime())		if (Qual.hasVolatile() \|\| Qual.hasObjCLifetime())
return false;		return false;
return true;		return true;
}		}

void addMemcpyableField(FieldDecl *F) {		void addMemcpyableField(FieldDecl *F) {
if (!FirstField)		if (!FirstField)
▲ Show 20 Lines • Show All 495 Lines • ▼ Show 20 Lines	void CodeGenFunction::EmitDestructorBody(FunctionArgList &Args) {

Stmt *Body = Dtor->getBody();		Stmt *Body = Dtor->getBody();

// If the body is a function-try-block, enter the try before		// If the body is a function-try-block, enter the try before
// anything else.		// anything else.
bool isTryBody = (Body && isa<CXXTryStmt>(Body));		bool isTryBody = (Body && isa<CXXTryStmt>(Body));
if (isTryBody)		if (isTryBody)
EnterCXXTryStmt(*cast<CXXTryStmt>(Body), true);		EnterCXXTryStmt(*cast<CXXTryStmt>(Body), true);
		EmitAsanPrologueOrEpilogue(false);

// Enter the epilogue cleanups.		// Enter the epilogue cleanups.
RunCleanupsScope DtorEpilogue(*this);		RunCleanupsScope DtorEpilogue(*this);

// If this is the complete variant, just invoke the base variant;		// If this is the complete variant, just invoke the base variant;
// the epilogue will destruct the virtual bases. But we can't do		// the epilogue will destruct the virtual bases. But we can't do
// this optimization if the body is a function-try-block, because		// this optimization if the body is a function-try-block, because
// we'd introduce two handler blocks. In the Microsoft ABI, we		// we'd introduce two handler blocks. In the Microsoft ABI, we
▲ Show 20 Lines • Show All 904 Lines • Show Last 20 Lines

lib/CodeGen/CodeGenFunction.h

Show First 20 Lines • Show All 1,261 Lines • ▼ Show 20 Lines	public:
void EmitBlockWithFallThrough(llvm::BasicBlock *BB, RegionCounter &Cnt);		void EmitBlockWithFallThrough(llvm::BasicBlock *BB, RegionCounter &Cnt);

void EmitForwardingCallToLambda(const CXXMethodDecl *LambdaCallOperator,		void EmitForwardingCallToLambda(const CXXMethodDecl *LambdaCallOperator,
CallArgList &CallArgs);		CallArgList &CallArgs);
void EmitLambdaToBlockPointerBody(FunctionArgList &Args);		void EmitLambdaToBlockPointerBody(FunctionArgList &Args);
void EmitLambdaBlockInvokeBody();		void EmitLambdaBlockInvokeBody();
void EmitLambdaDelegatingInvokeBody(const CXXMethodDecl *MD);		void EmitLambdaDelegatingInvokeBody(const CXXMethodDecl *MD);
void EmitLambdaStaticInvokeFunction(const CXXMethodDecl *MD);		void EmitLambdaStaticInvokeFunction(const CXXMethodDecl *MD);
		void EmitAsanPrologueOrEpilogue(bool Prologue);

/// EmitReturnBlock - Emit the unified return block, trying to avoid its		/// EmitReturnBlock - Emit the unified return block, trying to avoid its
/// emission when possible.		/// emission when possible.
void EmitReturnBlock();		void EmitReturnBlock();

/// FinishFunction - Complete IR generation of the current function. It is		/// FinishFunction - Complete IR generation of the current function. It is
/// legal to call this function even if there is no current insertion point.		/// legal to call this function even if there is no current insertion point.
void FinishFunction(SourceLocation EndLoc=SourceLocation());		void FinishFunction(SourceLocation EndLoc=SourceLocation());
▲ Show 20 Lines • Show All 1,590 Lines • Show Last 20 Lines

test/CodeGen/sanitize-address-field-padding.cpp

This file was added.

				// Test -fsanitize-address-field-padding
				// RUN: echo 'type:SomeNamespace::BlacklistedByName=field-padding' > %t.type.blacklist
				// RUN: echo 'src:*sanitize-address-field-padding.cpp=field-padding' > %t.file.blacklist
				// RUN: %clang_cc1 -fsanitize=address -fsanitize-address-field-padding=1 -fsanitize-blacklist=%t.type.blacklist -Rsanitize-address -emit-llvm -o - %s 2>&1 \| FileCheck %s
				// RUN: %clang_cc1 -fsanitize=address -fsanitize-address-field-padding=1 -fsanitize-blacklist=%t.file.blacklist -Rsanitize-address -emit-llvm -o - %s 2>&1 \| FileCheck %s --check-prefix=FILE_BLACKLIST
				// RUN: %clang_cc1 -fsanitize=address -emit-llvm -o - %s 2>&1 \| FileCheck %s --check-prefix=NO_PADDING
				// REQUIRES: shell
				//

				// The reasons to ignore a particular class are not set in stone and will change.
				//
				// CHECK: -fsanitize-address-field-padding applied to Positive1
				// CHECK: -fsanitize-address-field-padding ignored for Negative1 because it is trivially copyable
				// CHECK: -fsanitize-address-field-padding ignored for Negative2 because it is trivially copyable
				// CHECK: -fsanitize-address-field-padding ignored for Negative3 because it is a union
				// CHECK: -fsanitize-address-field-padding ignored for Negative4 because it is trivially copyable
				// CHECK: -fsanitize-address-field-padding ignored for Negative5 because it is packed
				// CHECK: -fsanitize-address-field-padding ignored for SomeNamespace::BlacklistedByName because it is blacklisted
				// CHECK: -fsanitize-address-field-padding ignored for ExternCStruct because it is not C++
				//
				// FILE_BLACKLIST: -fsanitize-address-field-padding ignored for Positive1 because it is in a blacklisted file
				// FILE_BLACKLIST-NOT: __asan_poison_intra_object_redzone
				// NO_PADDING-NOT: __asan_poison_intra_object_redzone


				class Positive1 {
				public:
				Positive1() {}
				~Positive1() {}
				int make_it_non_standard_layout;
				private:
				char private1;
				int private2;
				short private_array[6];
				long long private3;
				};

				Positive1 positive1;
				// Positive1 with extra paddings
				// CHECK: type { i32, [12 x i8], i8, [15 x i8], i32, [12 x i8], [6 x i16], [12 x i8], i64, [8 x i8] }

				class Negative1 {
				public:
				Negative1() {}
				int public1, public2;
				};
				Negative1 negative1;
				// CHECK: type { i32, i32 }

				class Negative2 {
				public:
				Negative2() {}
				private:
				int private1, private2;
				};
				Negative2 negative2;
				// CHECK: type { i32, i32 }

				union Negative3 {
				char m1[8];
				long long m2;
				};

				Negative3 negative3;
				// CHECK: type { i64 }

				class Negative4 {
				public:
				Negative4() {}
				// No DTOR
				int make_it_non_standard_layout;
				private:
				char private1;
				int private2;
				};

				Negative4 negative4;
				// CHECK: type { i32, i8, i32 }

				class __attribute__((packed)) Negative5 {
				public:
				Negative5() {}
				~Negative5() {}
				int make_it_non_standard_layout;
				private:
				char private1;
				int private2;
				};

				Negative5 negative5;
				// CHECK: type <{ i32, i8, i32 }>


				namespace SomeNamespace {
				class BlacklistedByName {
				public:
				BlacklistedByName() {}
				~BlacklistedByName() {}
				int make_it_non_standard_layout;
				private:
				char private1;
				int private2;
				};
				} // SomeNamespace

				SomeNamespace::BlacklistedByName blacklisted_by_name;

				extern "C" {
				class ExternCStruct {
				public:
				ExternCStruct() {}
				~ExternCStruct() {}
				int make_it_non_standard_layout;
				private:
				char private1;
				int private2;
				};
				} // extern "C"

				ExternCStruct extern_C_struct;

				// CTOR
				// CHECK-LABEL: define linkonce_odr void @_ZN9Positive1C1Ev
				// CHECK: call void @__asan_poison_intra_object_redzone({{.*}}, i64 12)
				// CHECK: call void @__asan_poison_intra_object_redzone({{.*}}, i64 15)
				// CHECK: call void @__asan_poison_intra_object_redzone({{.*}}, i64 12)
				// CHECK: call void @__asan_poison_intra_object_redzone({{.*}}, i64 12)
				// CHECK: call void @__asan_poison_intra_object_redzone({{.*}}, i64 8)
				// CHECK-NOT: __asan_poison_intra_object_redzone
				// CHECK: ret void
				// DTOR
				// CHECK-LABEL: define linkonce_odr void @_ZN9Positive1D1Ev
				// CHECK: call void @__asan_unpoison_intra_object_redzone({{.*}}, i64 12)
				// CHECK: call void @__asan_unpoison_intra_object_redzone({{.*}}, i64 15)
				// CHECK: call void @__asan_unpoison_intra_object_redzone({{.*}}, i64 12)
				// CHECK: call void @__asan_unpoison_intra_object_redzone({{.*}}, i64 12)
				// CHECK: call void @__asan_unpoison_intra_object_redzone({{.*}}, i64 8)
				// CHECK-NOT: __asan_unpoison_intra_object_redzone
				// CHECK: ret void
				//
				// CHECK-LABEL: define linkonce_odr void @_ZN9Negative1C1Ev
				// CHECK-NOT: call void @__asan_poison_intra_object_redzone
				// CHECK: ret void
				//
				// CHECK-LABEL: define linkonce_odr void @_ZN9Negative2C1Ev
				// CHECK-NOT: call void @__asan_poison_intra_object_redzone
				// CHECK: ret void
				//
				// CHECK-LABEL: define linkonce_odr void @_ZN9Negative4C1Ev
				// CHECK-NOT: call void @__asan_poison_intra_object_redzone
				// CHECK: ret void

This is an archive of the discontinued LLVM Phabricator instance.

Insert poisoned paddings between fields in C++ classes so that AddressSanitizer can find intra-object-overflow bugs
ClosedPublic

Details

Diff Detail

Event Timeline

Revision Contents

Diff 15041

include/clang/AST/Decl.h

include/clang/Basic/DiagnosticFrontendKinds.td

include/clang/Basic/DiagnosticGroups.td

include/clang/Basic/SanitizerBlacklist.h

lib/AST/Decl.cpp

lib/AST/RecordLayoutBuilder.cpp

lib/Basic/SanitizerBlacklist.cpp

lib/CodeGen/CGClass.cpp

lib/CodeGen/CodeGenFunction.h

test/CodeGen/sanitize-address-field-padding.cpp

This is an archive of the discontinued LLVM Phabricator instance.

Insert poisoned paddings between fields in C++ classes so that AddressSanitizer can find intra-object-overflow bugsClosedPublic

Details

Diff Detail

Event Timeline

Revision Contents

Diff 15041

include/clang/AST/Decl.h

include/clang/Basic/DiagnosticFrontendKinds.td

include/clang/Basic/DiagnosticGroups.td

include/clang/Basic/SanitizerBlacklist.h

lib/AST/Decl.cpp

lib/AST/RecordLayoutBuilder.cpp

lib/Basic/SanitizerBlacklist.cpp

lib/CodeGen/CGClass.cpp

lib/CodeGen/CodeGenFunction.h

test/CodeGen/sanitize-address-field-padding.cpp

Insert poisoned paddings between fields in C++ classes so that AddressSanitizer can find intra-object-overflow bugs
ClosedPublic