This is an archive of the discontinued LLVM Phabricator instance.

Differential D127163

[clang] Add -fsanitize=memtag-globals (no-op).
ClosedPublic

Authored by hctim on Jun 6 2022, 3:46 PM.

Details

Reviewers
eugenis
aaron.ballman
Commits
rG45d88cd00846: [clang] Add -fsanitize=memtag-globals (no-op).
Summary

Adds the -fsanitize plumbing for memtag-globals. Makes -fsanitize=memtag
imply -fsanitize=memtag-globals.

This has no effect on codegen for now.

Diff Detail

Event Timeline

hctim created this revision.Jun 6 2022, 3:46 PM
Herald added a reviewer: aaron.ballman. · View Herald TranscriptJun 6 2022, 3:46 PM
Herald added a project: Restricted Project. · View Herald Transcript
hctim requested review of this revision.Jun 6 2022, 3:46 PM
Herald added a project: Restricted Project. · View Herald TranscriptJun 6 2022, 3:46 PM
Herald added subscribers: cfe-commits, MaskRay. · View Herald Transcript
Harbormaster completed remote builds in B168174: Diff 434635.Jun 6 2022, 5:06 PM
eugenis added inline comments.Jun 7 2022, 12:24 PM
clang/lib/Driver/ToolChains/Linux.cpp
767 ↗(On Diff #434635)

Hmm why are all the other memtag* not here?

clang/lib/Sema/SemaDeclAttr.cpp
7892 ↗(On Diff #434635)

Maybe "applies to globals"? On the other hand, MSan "applies" to globals but does not need this logic.

isSanitizerAttributeAllowedOnGlobals?

vitalybuka added a subscriber: vitalybuka.Jun 7 2022, 2:52 PM

Why do we want this as a separate -fsanitize=
Maybe better to have some modifier flag like -fsanitize-memtag-globals=1 ?

eugenis added a comment.Jun 7 2022, 3:16 PM

I don't have a lot of arguments either way, do you?
Ignorelist support is one for the new sanitizer type.

hctim added a comment.Jun 7 2022, 3:20 PM

We already have -fsanitize=memtag that implies -fsanitize=memtag-heap and -fsanitize=memtag-stack.

It makes the most sense IMHO in the world where we want heap MTE. -fsanitize=memtag-heap is the most reasonable instead of -fsanitize-memtag-heap, as "do i need -fsanitize=memtag as well, like MSan?" is never a question.

vitalybuka added a comment.Jun 7 2022, 3:40 PM
In D127163#3564919, @hctim wrote:

We already have -fsanitize=memtag that implies -fsanitize=memtag-heap and -fsanitize=memtag-stack.

It makes the most sense IMHO in the world where we want heap MTE. -fsanitize=memtag-heap is the most reasonable instead of -fsanitize-memtag-heap, as "do i need -fsanitize=memtag as well, like MSan?" is never a question.

I see, thanks for explaining.

hctim marked 2 inline comments as done.Jun 10 2022, 3:34 PM
hctim added inline comments.
clang/lib/Driver/ToolChains/Linux.cpp
767 ↗(On Diff #434635)

Yeah, just realised this isn't necessary, looks like it's covered in clang/lib/Driver/ToolChain.cpp:1088 (the entire bitset of MemTag, which is MemtagStack | MemtagGlobals | MemtagHeap).

clang/lib/Sema/SemaDeclAttr.cpp
7892 ↗(On Diff #434635)

yeah, isSanitizerAttributeAllowedOnGlobals sounds good to me. also pulled this over to a different change adding support for __attribute__((no_sanitize("hwaddress"))): D127544

hctim updated this revision to Diff 436059.Jun 10 2022, 3:34 PM
hctim marked 2 inline comments as done.

update

Harbormaster completed remote builds in B169174: Diff 436059.Jun 10 2022, 4:41 PM
eugenis accepted this revision.Jun 14 2022, 4:45 PM

LGTM

This revision is now accepted and ready to land.Jun 14 2022, 4:45 PM
aaron.ballman accepted this revision.Jun 15 2022, 4:45 AM

LGTM

This revision was landed with ongoing or failed builds.Jun 15 2022, 10:08 AM
Closed by commit rG45d88cd00846: [clang] Add -fsanitize=memtag-globals (no-op). (authored by hctim). · Explain Why
This revision was automatically updated to reflect the committed changes.
hctim added a commit: rG45d88cd00846: [clang] Add -fsanitize=memtag-globals (no-op)..
thakis added a subscriber: thakis.Jun 15 2022, 2:44 PM

FYI: If you change serialized opts in a def file, you have to bump the pch version, else with builds that don't embed the llvm revision (LLVM_APPEND_VC_REV=OFF) won't notice they have to invalidate pchs.

(In this case, I did this in https://github.com/llvm/llvm-project/commit/307109266f6c7598dfc69b6388fa271662de9388 for this change.)

hctim added a comment.Jun 15 2022, 2:57 PM
In D127163#3587115, @thakis wrote:

FYI: If you change serialized opts in a def file, you have to bump the pch version, else with builds that don't embed the llvm revision (LLVM_APPEND_VC_REV=OFF) won't notice they have to invalidate pchs.

(In this case, I did this in https://github.com/llvm/llvm-project/commit/307109266f6c7598dfc69b6388fa271662de9388 for this change.)

Thanks!

Revision Contents

PathSize
clang/
include/
clang/
Basic/
2 lines
3 lines
Driver/
7 lines
lib/
Driver/
6 lines
test/
Driver/
6 lines

Diff 437231

clang/include/clang/Basic/Features.def

Show First 20 LinesShow All 43 Lines▼ Show 20 LinesFEATURE(leak_sanitizer,
LangOpts.Sanitize.has(SanitizerKind::Leak)) LangOpts.Sanitize.has(SanitizerKind::Leak))
FEATURE(hwaddress_sanitizer, FEATURE(hwaddress_sanitizer,
LangOpts.Sanitize.hasOneOf(SanitizerKind::HWAddress | LangOpts.Sanitize.hasOneOf(SanitizerKind::HWAddress |
SanitizerKind::KernelHWAddress)) SanitizerKind::KernelHWAddress))
FEATURE(memtag_stack, FEATURE(memtag_stack,
LangOpts.Sanitize.has(SanitizerKind::MemtagStack)) LangOpts.Sanitize.has(SanitizerKind::MemtagStack))
FEATURE(memtag_heap, FEATURE(memtag_heap,
LangOpts.Sanitize.has(SanitizerKind::MemtagHeap)) LangOpts.Sanitize.has(SanitizerKind::MemtagHeap))
FEATURE(memtag_globals,
LangOpts.Sanitize.has(SanitizerKind::MemtagGlobals))
FEATURE(xray_instrument, LangOpts.XRayInstrument) FEATURE(xray_instrument, LangOpts.XRayInstrument)
FEATURE(undefined_behavior_sanitizer, FEATURE(undefined_behavior_sanitizer,
LangOpts.Sanitize.hasOneOf(SanitizerKind::Undefined)) LangOpts.Sanitize.hasOneOf(SanitizerKind::Undefined))
FEATURE(coverage_sanitizer, LangOpts.SanitizeCoverage) FEATURE(coverage_sanitizer, LangOpts.SanitizeCoverage)
FEATURE(assume_nonnull, true) FEATURE(assume_nonnull, true)
FEATURE(attribute_analyzer_noreturn, true) FEATURE(attribute_analyzer_noreturn, true)
FEATURE(attribute_availability, true) FEATURE(attribute_availability, true)
FEATURE(attribute_availability_with_message, true) FEATURE(attribute_availability_with_message, true)
▲ Show 20 LinesShow All 219 LinesShow Last 20 Lines

clang/include/clang/Basic/Sanitizers.def

Show First 20 LinesShow All 52 Lines▼ Show 20 Lines
SANITIZER("hwaddress", HWAddress) SANITIZER("hwaddress", HWAddress)
// Kernel Hardware-assisted AddressSanitizer (KHWASan) // Kernel Hardware-assisted AddressSanitizer (KHWASan)
SANITIZER("kernel-hwaddress", KernelHWAddress) SANITIZER("kernel-hwaddress", KernelHWAddress)
// A variant of AddressSanitizer using AArch64 MTE extension. // A variant of AddressSanitizer using AArch64 MTE extension.
SANITIZER("memtag-stack", MemtagStack) SANITIZER("memtag-stack", MemtagStack)
SANITIZER("memtag-heap", MemtagHeap) SANITIZER("memtag-heap", MemtagHeap)
SANITIZER_GROUP("memtag", MemTag, MemtagStack | MemtagHeap) SANITIZER("memtag-globals", MemtagGlobals)
SANITIZER_GROUP("memtag", MemTag, MemtagStack | MemtagHeap | MemtagGlobals)
// MemorySanitizer // MemorySanitizer
SANITIZER("memory", Memory) SANITIZER("memory", Memory)
// Kernel MemorySanitizer (KMSAN) // Kernel MemorySanitizer (KMSAN)
SANITIZER("kernel-memory", KernelMemory) SANITIZER("kernel-memory", KernelMemory)
// libFuzzer // libFuzzer
▲ Show 20 LinesShow All 122 LinesShow Last 20 Lines

clang/include/clang/Driver/SanitizerArgs.h

Show First 20 LinesShow All 93 Lines▼ Show 20 Linespublic:
bool requiresMinimalRuntime() const { return MinimalRuntime; } bool requiresMinimalRuntime() const { return MinimalRuntime; }
bool needsDfsanRt() const { return Sanitizers.has(SanitizerKind::DataFlow); } bool needsDfsanRt() const { return Sanitizers.has(SanitizerKind::DataFlow); }
bool needsSafeStackRt() const { return SafeStackRuntime; } bool needsSafeStackRt() const { return SafeStackRuntime; }
bool needsCfiRt() const; bool needsCfiRt() const;
bool needsCfiDiagRt() const; bool needsCfiDiagRt() const;
bool needsStatsRt() const { return Stats; } bool needsStatsRt() const { return Stats; }
bool needsScudoRt() const { return Sanitizers.has(SanitizerKind::Scudo); } bool needsScudoRt() const { return Sanitizers.has(SanitizerKind::Scudo); }
bool hasMemTag() const { return hasMemtagHeap() || hasMemtagStack(); } bool hasMemTag() const {
return hasMemtagHeap() || hasMemtagStack() || hasMemtagGlobals();
}
bool hasMemtagHeap() const { bool hasMemtagHeap() const {
return Sanitizers.has(SanitizerKind::MemtagHeap); return Sanitizers.has(SanitizerKind::MemtagHeap);
} }
bool hasMemtagStack() const { bool hasMemtagStack() const {
return Sanitizers.has(SanitizerKind::MemtagStack); return Sanitizers.has(SanitizerKind::MemtagStack);
} }
bool hasMemtagGlobals() const {
return Sanitizers.has(SanitizerKind::MemtagGlobals);
}
const std::string &getMemtagMode() const { const std::string &getMemtagMode() const {
assert(!MemtagMode.empty()); assert(!MemtagMode.empty());
return MemtagMode; return MemtagMode;
} }
bool requiresPIE() const; bool requiresPIE() const;
bool needsUnwindTables() const; bool needsUnwindTables() const;
bool needsLTO() const; bool needsLTO() const;
Show All 12 Lines

clang/lib/Driver/SanitizerArgs.cpp

Show All 39 Linesstatic const SanitizerMask RequiresPIE =
SanitizerKind::DataFlow | SanitizerKind::HWAddress | SanitizerKind::Scudo; SanitizerKind::DataFlow | SanitizerKind::HWAddress | SanitizerKind::Scudo;
static const SanitizerMask NeedsUnwindTables = static const SanitizerMask NeedsUnwindTables =
SanitizerKind::Address | SanitizerKind::HWAddress | SanitizerKind::Thread | SanitizerKind::Address | SanitizerKind::HWAddress | SanitizerKind::Thread |
SanitizerKind::Memory | SanitizerKind::DataFlow; SanitizerKind::Memory | SanitizerKind::DataFlow;
static const SanitizerMask SupportsCoverage = static const SanitizerMask SupportsCoverage =
SanitizerKind::Address | SanitizerKind::HWAddress | SanitizerKind::Address | SanitizerKind::HWAddress |
SanitizerKind::KernelAddress | SanitizerKind::KernelHWAddress | SanitizerKind::KernelAddress | SanitizerKind::KernelHWAddress |
SanitizerKind::MemtagStack | SanitizerKind::MemtagHeap | SanitizerKind::MemtagStack | SanitizerKind::MemtagHeap |
SanitizerKind::Memory | SanitizerKind::KernelMemory | SanitizerKind::Leak | SanitizerKind::MemtagGlobals | SanitizerKind::Memory |
SanitizerKind::KernelMemory | SanitizerKind::Leak |
SanitizerKind::Undefined | SanitizerKind::Integer | SanitizerKind::Bounds | SanitizerKind::Undefined | SanitizerKind::Integer | SanitizerKind::Bounds |
SanitizerKind::ImplicitConversion | SanitizerKind::Nullability | SanitizerKind::ImplicitConversion | SanitizerKind::Nullability |
SanitizerKind::DataFlow | SanitizerKind::Fuzzer | SanitizerKind::DataFlow | SanitizerKind::Fuzzer |
SanitizerKind::FuzzerNoLink | SanitizerKind::FloatDivideByZero | SanitizerKind::FuzzerNoLink | SanitizerKind::FloatDivideByZero |
SanitizerKind::SafeStack | SanitizerKind::ShadowCallStack | SanitizerKind::SafeStack | SanitizerKind::ShadowCallStack |
SanitizerKind::Thread | SanitizerKind::ObjCCast; SanitizerKind::Thread | SanitizerKind::ObjCCast;
static const SanitizerMask RecoverableByDefault = static const SanitizerMask RecoverableByDefault =
SanitizerKind::Undefined | SanitizerKind::Integer | SanitizerKind::Undefined | SanitizerKind::Integer |
Show All 11 Linesstatic const SanitizerMask TrappingSupported =
SanitizerKind::ObjCCast; SanitizerKind::ObjCCast;
static const SanitizerMask TrappingDefault = SanitizerKind::CFI; static const SanitizerMask TrappingDefault = SanitizerKind::CFI;
static const SanitizerMask CFIClasses = static const SanitizerMask CFIClasses =
SanitizerKind::CFIVCall | SanitizerKind::CFINVCall | SanitizerKind::CFIVCall | SanitizerKind::CFINVCall |
SanitizerKind::CFIMFCall | SanitizerKind::CFIDerivedCast | SanitizerKind::CFIMFCall | SanitizerKind::CFIDerivedCast |
SanitizerKind::CFIUnrelatedCast; SanitizerKind::CFIUnrelatedCast;
static const SanitizerMask CompatibleWithMinimalRuntime = static const SanitizerMask CompatibleWithMinimalRuntime =
TrappingSupported | SanitizerKind::Scudo | SanitizerKind::ShadowCallStack | TrappingSupported | SanitizerKind::Scudo | SanitizerKind::ShadowCallStack |
SanitizerKind::MemtagStack | SanitizerKind::MemtagHeap; SanitizerKind::MemtagStack | SanitizerKind::MemtagHeap |
SanitizerKind::MemtagGlobals;
enum CoverageFeature { enum CoverageFeature {
CoverageFunc = 1 << 0, CoverageFunc = 1 << 0,
CoverageBB = 1 << 1, CoverageBB = 1 << 1,
CoverageEdge = 1 << 2, CoverageEdge = 1 << 2,
CoverageIndirCall = 1 << 3, CoverageIndirCall = 1 << 3,
CoverageTraceBB = 1 << 4, // Deprecated. CoverageTraceBB = 1 << 4, // Deprecated.
CoverageTraceCmp = 1 << 5, CoverageTraceCmp = 1 << 5,
▲ Show 20 LinesShow All 1,268 LinesShow Last 20 Lines

clang/test/Driver/fsanitize.c

Show First 20 LinesShow All 187 Lines▼ Show 20 Lines
// RUN: %clang -target aarch64-linux-android -fsanitize=memtag,hwaddress -fno-rtti %s -### 2>&1 | FileCheck %s --check-prefix=CHECK-SANMT-SANHA // RUN: %clang -target aarch64-linux-android -fsanitize=memtag,hwaddress -fno-rtti %s -### 2>&1 | FileCheck %s --check-prefix=CHECK-SANMT-SANHA
// CHECK-SANMT-SANHA: '-fsanitize=memtag' not allowed with '-fsanitize=hwaddress' // CHECK-SANMT-SANHA: '-fsanitize=memtag' not allowed with '-fsanitize=hwaddress'
// RUN: %clang -target i386-linux-android -fsanitize=memtag -fno-rtti %s -### 2>&1 | FileCheck %s --check-prefix=CHECK-SANMT-BAD-ARCH // RUN: %clang -target i386-linux-android -fsanitize=memtag -fno-rtti %s -### 2>&1 | FileCheck %s --check-prefix=CHECK-SANMT-BAD-ARCH
// RUN: %clang -target x86_64-linux-android -fsanitize=memtag -fno-rtti %s -### 2>&1 | FileCheck %s --check-prefix=CHECK-SANMT-BAD-ARCH // RUN: %clang -target x86_64-linux-android -fsanitize=memtag -fno-rtti %s -### 2>&1 | FileCheck %s --check-prefix=CHECK-SANMT-BAD-ARCH
// CHECK-SANMT-BAD-ARCH: unsupported option '-fsanitize=memtag' for target // CHECK-SANMT-BAD-ARCH: unsupported option '-fsanitize=memtag' for target
// RUN: %clang -target aarch64-linux -fsanitize=memtag -march=armv8-a+memtag %s -### 2>&1 | FileCheck %s --check-prefix=CHECK-SANMT-MT // RUN: %clang -target aarch64-linux-android31 -fsanitize=memtag -march=armv8-a+memtag %s -### 2>&1 | FileCheck %s --check-prefix=CHECK-SANMT-MT
// CHECK-SANMT-MT: "-target-feature" "+mte" // CHECK-SANMT-MT: "-target-feature" "+mte"
// CHECK-SANMT-MT-SAME: "-fsanitize=memtag-stack,memtag-heap" // CHECK-SANMT-MT-SAME: "-fsanitize=memtag-stack,memtag-heap,memtag-globals"
// RUN: %clang -target aarch64-linux -fsanitize=memtag %s -### 2>&1 | FileCheck %s --check-prefix=CHECK-SANMT-NOMT-0 // RUN: %clang -target aarch64-linux -fsanitize=memtag %s -### 2>&1 | FileCheck %s --check-prefix=CHECK-SANMT-NOMT-0
// CHECK-SANMT-NOMT-0: '-fsanitize=memtag-stack' requires hardware support (+memtag) // CHECK-SANMT-NOMT-0: '-fsanitize=memtag-stack' requires hardware support (+memtag)
// RUN: %clang -target aarch64-linux -fsanitize=memtag -I +mte %s -### 2>&1 | FileCheck %s --check-prefix=CHECK-SANMT-NOMT-1 // RUN: %clang -target aarch64-linux -fsanitize=memtag -I +mte %s -### 2>&1 | FileCheck %s --check-prefix=CHECK-SANMT-NOMT-1
// CHECK-SANMT-NOMT-1: '-fsanitize=memtag-stack' requires hardware support (+memtag) // CHECK-SANMT-NOMT-1: '-fsanitize=memtag-stack' requires hardware support (+memtag)
// RUN: %clang -target x86_64-linux-gnu -fsanitize=address -fsanitize-address-use-after-scope %s -### 2>&1 | FileCheck %s --check-prefix=CHECK-USE-AFTER-SCOPE // RUN: %clang -target x86_64-linux-gnu -fsanitize=address -fsanitize-address-use-after-scope %s -### 2>&1 | FileCheck %s --check-prefix=CHECK-USE-AFTER-SCOPE
▲ Show 20 LinesShow All 615 Lines▼ Show 20 Lines
// RUN: %clang -target x86_64-linux-gnu -fsanitize=integer -fsanitize-trap=integer %s -### 2>&1 | FileCheck %s --check-prefix=CHECK-INTSAN-TRAP // RUN: %clang -target x86_64-linux-gnu -fsanitize=integer -fsanitize-trap=integer %s -### 2>&1 | FileCheck %s --check-prefix=CHECK-INTSAN-TRAP
// CHECK-INTSAN-TRAP: "-fsanitize-trap=integer-divide-by-zero,shift-base,shift-exponent,signed-integer-overflow,unsigned-integer-overflow,unsigned-shift-base,implicit-unsigned-integer-truncation,implicit-signed-integer-truncation,implicit-integer-sign-change" // CHECK-INTSAN-TRAP: "-fsanitize-trap=integer-divide-by-zero,shift-base,shift-exponent,signed-integer-overflow,unsigned-integer-overflow,unsigned-shift-base,implicit-unsigned-integer-truncation,implicit-signed-integer-truncation,implicit-integer-sign-change"
// RUN: %clang -target x86_64-linux-gnu -fsanitize=integer -fsanitize-minimal-runtime %s -### 2>&1 | FileCheck %s --check-prefix=CHECK-INTSAN-MINIMAL // RUN: %clang -target x86_64-linux-gnu -fsanitize=integer -fsanitize-minimal-runtime %s -### 2>&1 | FileCheck %s --check-prefix=CHECK-INTSAN-MINIMAL
// CHECK-INTSAN-MINIMAL: "-fsanitize=integer-divide-by-zero,shift-base,shift-exponent,signed-integer-overflow,unsigned-integer-overflow,unsigned-shift-base,implicit-unsigned-integer-truncation,implicit-signed-integer-truncation,implicit-integer-sign-change" // CHECK-INTSAN-MINIMAL: "-fsanitize=integer-divide-by-zero,shift-base,shift-exponent,signed-integer-overflow,unsigned-integer-overflow,unsigned-shift-base,implicit-unsigned-integer-truncation,implicit-signed-integer-truncation,implicit-integer-sign-change"
// CHECK-INTSAN-MINIMAL: "-fsanitize-minimal-runtime" // CHECK-INTSAN-MINIMAL: "-fsanitize-minimal-runtime"
// RUN: %clang -target aarch64-linux-android -march=armv8-a+memtag -fsanitize=memtag -fsanitize-minimal-runtime %s -### 2>&1 | FileCheck %s --check-prefix=CHECK-MEMTAG-MINIMAL // RUN: %clang -target aarch64-linux-android -march=armv8-a+memtag -fsanitize=memtag -fsanitize-minimal-runtime %s -### 2>&1 | FileCheck %s --check-prefix=CHECK-MEMTAG-MINIMAL
// CHECK-MEMTAG-MINIMAL: "-fsanitize=memtag-stack,memtag-heap" // CHECK-MEMTAG-MINIMAL: "-fsanitize=memtag-stack,memtag-heap,memtag-globals"
// CHECK-MEMTAG-MINIMAL: "-fsanitize-minimal-runtime" // CHECK-MEMTAG-MINIMAL: "-fsanitize-minimal-runtime"
// RUN: %clang -target x86_64-linux-gnu -fsanitize=undefined -fsanitize=function -fsanitize-minimal-runtime %s -### 2>&1 | FileCheck %s --check-prefix=CHECK-UBSAN-FUNCTION-MINIMAL // RUN: %clang -target x86_64-linux-gnu -fsanitize=undefined -fsanitize=function -fsanitize-minimal-runtime %s -### 2>&1 | FileCheck %s --check-prefix=CHECK-UBSAN-FUNCTION-MINIMAL
// CHECK-UBSAN-FUNCTION-MINIMAL: error: invalid argument '-fsanitize=function' not allowed with '-fsanitize-minimal-runtime' // CHECK-UBSAN-FUNCTION-MINIMAL: error: invalid argument '-fsanitize=function' not allowed with '-fsanitize-minimal-runtime'
// RUN: %clang -target x86_64-linux-gnu -fsanitize=undefined -fsanitize=vptr -fsanitize-minimal-runtime %s -### 2>&1 | FileCheck %s --check-prefix=CHECK-UBSAN-VPTR-MINIMAL // RUN: %clang -target x86_64-linux-gnu -fsanitize=undefined -fsanitize=vptr -fsanitize-minimal-runtime %s -### 2>&1 | FileCheck %s --check-prefix=CHECK-UBSAN-VPTR-MINIMAL
// CHECK-UBSAN-VPTR-MINIMAL: error: invalid argument '-fsanitize=vptr' not allowed with '-fsanitize-minimal-runtime' // CHECK-UBSAN-VPTR-MINIMAL: error: invalid argument '-fsanitize=vptr' not allowed with '-fsanitize-minimal-runtime'
▲ Show 20 LinesShow All 106 LinesShow Last 20 Lines