SanitizerArgs.cpp source code [llvm_projects/clang/lib/Driver/SanitizerArgs.cpp]

1	//===--- SanitizerArgs.cpp - Arguments for sanitizer tools ---------------===//
2	//
3	// Part of the LLVM Project, under the Apache License v2.0 with LLVM Exceptions.
4	// See https://llvm.org/LICENSE.txt for license information.
5	// SPDX-License-Identifier: Apache-2.0 WITH LLVM-exception
6	//
7	//===----------------------------------------------------------------------===//
8	#include "clang/Driver/SanitizerArgs.h"
9	#include "clang/Basic/Sanitizers.h"
10	#include "clang/Driver/Driver.h"
11	#include "clang/Driver/Options.h"
12	#include "clang/Driver/ToolChain.h"
13	#include "llvm/ADT/SmallVector.h"
14	#include "llvm/ADT/StringRef.h"
15	#include "llvm/ADT/StringSwitch.h"
16	#include "llvm/Support/Path.h"
17	#include "llvm/Support/SpecialCaseList.h"
18	#include "llvm/Support/VirtualFileSystem.h"
19	#include "llvm/TargetParser/AArch64TargetParser.h"
20	#include "llvm/TargetParser/RISCVTargetParser.h"
21	#include "llvm/TargetParser/TargetParser.h"
22	#include "llvm/Transforms/Instrumentation/AddressSanitizerOptions.h"
23	#include <memory>
24
25	using namespace clang;
26	using namespace clang::driver;
27	using namespace llvm::opt;
28
29	static const SanitizerMask NeedsUbsanRt =
30	SanitizerKind::Undefined \| SanitizerKind::Integer \|
31	SanitizerKind::LocalBounds \| SanitizerKind::ImplicitConversion \|
32	SanitizerKind::Nullability \| SanitizerKind::CFI \|
33	SanitizerKind::FloatDivideByZero \| SanitizerKind::ObjCCast \|
34	SanitizerKind::Vptr;
35	static const SanitizerMask NeedsUbsanCxxRt =
36	SanitizerKind::Vptr \| SanitizerKind::CFI;
37	static const SanitizerMask NotAllowedWithTrap = SanitizerKind::Vptr;
38	static const SanitizerMask NotAllowedWithMinimalRuntime = SanitizerKind::Vptr;
39	static const SanitizerMask NotAllowedWithExecuteOnly =
40	SanitizerKind::Function \| SanitizerKind::KCFI;
41	static const SanitizerMask NeedsUnwindTables =
42	SanitizerKind::Address \| SanitizerKind::HWAddress \| SanitizerKind::Type \|
43	SanitizerKind::Thread \| SanitizerKind::Memory \| SanitizerKind::DataFlow \|
44	SanitizerKind::NumericalStability;
45	static const SanitizerMask SupportsCoverage =
46	SanitizerKind::Address \| SanitizerKind::HWAddress \|
47	SanitizerKind::KernelAddress \| SanitizerKind::KernelHWAddress \|
48	SanitizerKind::Type \| SanitizerKind::MemtagStack \|
49	SanitizerKind::MemtagHeap \| SanitizerKind::MemtagGlobals \|
50	SanitizerKind::Memory \| SanitizerKind::KernelMemory \| SanitizerKind::Leak \|
51	SanitizerKind::Undefined \| SanitizerKind::Integer \| SanitizerKind::Bounds \|
52	SanitizerKind::ImplicitConversion \| SanitizerKind::Nullability \|
53	SanitizerKind::DataFlow \| SanitizerKind::Fuzzer \|
54	SanitizerKind::FuzzerNoLink \| SanitizerKind::FloatDivideByZero \|
55	SanitizerKind::SafeStack \| SanitizerKind::ShadowCallStack \|
56	SanitizerKind::Thread \| SanitizerKind::ObjCCast \| SanitizerKind::KCFI \|
57	SanitizerKind::NumericalStability \| SanitizerKind::Vptr \|
58	SanitizerKind::CFI;
59	static const SanitizerMask RecoverableByDefault =
60	SanitizerKind::Undefined \| SanitizerKind::Integer \|
61	SanitizerKind::ImplicitConversion \| SanitizerKind::Nullability \|
62	SanitizerKind::FloatDivideByZero \| SanitizerKind::ObjCCast \|
63	SanitizerKind::Vptr;
64	static const SanitizerMask Unrecoverable =
65	SanitizerKind::Unreachable \| SanitizerKind::Return;
66	static const SanitizerMask AlwaysRecoverable = SanitizerKind::KernelAddress \|
67	SanitizerKind::KernelHWAddress \|
68	SanitizerKind::KCFI;
69	static const SanitizerMask NeedsLTO = SanitizerKind::CFI;
70	static const SanitizerMask TrappingSupported =
71	SanitizerKind::Undefined \| SanitizerKind::Integer \|
72	SanitizerKind::ImplicitConversion \| SanitizerKind::Nullability \|
73	SanitizerKind::LocalBounds \| SanitizerKind::CFI \|
74	SanitizerKind::FloatDivideByZero \| SanitizerKind::ObjCCast;
75	static const SanitizerMask MergeDefault =
76	SanitizerKind::Undefined \| SanitizerKind::Vptr;
77	static const SanitizerMask TrappingDefault =
78	SanitizerKind::CFI \| SanitizerKind::LocalBounds;
79	static const SanitizerMask AnnotateDebugInfoDefault;
80	static const SanitizerMask CFIClasses =
81	SanitizerKind::CFIVCall \| SanitizerKind::CFINVCall \|
82	SanitizerKind::CFIMFCall \| SanitizerKind::CFIDerivedCast \|
83	SanitizerKind::CFIUnrelatedCast;
84	static const SanitizerMask CompatibleWithMinimalRuntime =
85	TrappingSupported \| SanitizerKind::Scudo \| SanitizerKind::ShadowCallStack \|
86	SanitizerKind::MemtagStack \| SanitizerKind::MemtagHeap \|
87	SanitizerKind::MemtagGlobals \| SanitizerKind::KCFI;
88
89	enum CoverageFeature {
90	CoverageFunc = `1` << `0`,
91	CoverageBB = `1` << `1`,
92	CoverageEdge = `1` << `2`,
93	CoverageIndirCall = `1` << `3`,
94	CoverageTraceBB = `1` << `4`, // Deprecated.
95	CoverageTraceCmp = `1` << `5`,
96	CoverageTraceDiv = `1` << `6`,
97	CoverageTraceGep = `1` << `7`,
98	Coverage8bitCounters = `1` << `8`, // Deprecated.
99	CoverageTracePC = `1` << `9`,
100	CoverageTracePCGuard = `1` << `10`,
101	CoverageNoPrune = `1` << `11`,
102	CoverageInline8bitCounters = `1` << `12`,
103	CoveragePCTable = `1` << `13`,
104	CoverageStackDepth = `1` << `14`,
105	CoverageInlineBoolFlag = `1` << `15`,
106	CoverageTraceLoads = `1` << `16`,
107	CoverageTraceStores = `1` << `17`,
108	CoverageControlFlow = `1` << `18`,
109	};
110
111	enum BinaryMetadataFeature {
112	BinaryMetadataCovered = `1` << `0`,
113	BinaryMetadataAtomics = `1` << `1`,
114	BinaryMetadataUAR = `1` << `2`,
115	};
116
117	/// Parse a -fsanitize= or -fno-sanitize= argument's values, diagnosing any
118	/// invalid components. Returns a SanitizerMask.
119	static SanitizerMask parseArgValues(const Driver &D, const llvm::opt::Arg *A,
120	bool DiagnoseErrors);
121
122	/// Parse a -fsanitize=<sanitizer1>=<value1>... or -fno-sanitize= argument's
123	/// values, diagnosing any invalid components.
124	/// Cutoffs are stored in the passed parameter.
125	static void parseArgCutoffs(const Driver &D, const llvm::opt::Arg *A,
126	bool DiagnoseErrors, SanitizerMaskCutoffs &Cutoffs);
127
128	/// Parse -f(no-)?sanitize-coverage= flag values, diagnosing any invalid
129	/// components. Returns OR of members of \c CoverageFeature enumeration.
130	static int parseCoverageFeatures(const Driver &D, const llvm::opt::Arg *A,
131	bool DiagnoseErrors);
132
133	/// Parse -fsanitize-undefined-ignore-overflow-pattern= flag values, diagnosing
134	/// any invalid values. Returns a mask of excluded overflow patterns.
135	static int parseOverflowPatternExclusionValues(const Driver &D,
136	const llvm::opt::Arg *A,
137	bool DiagnoseErrors);
138
139	/// Parse -f(no-)?sanitize-metadata= flag values, diagnosing any invalid
140	/// components. Returns OR of members of \c BinaryMetadataFeature enumeration.
141	static int parseBinaryMetadataFeatures(const Driver &D, const llvm::opt::Arg *A,
142	bool DiagnoseErrors);
143
144	/// Produce an argument string from ArgList \p Args, which shows how it
145	/// provides some sanitizer kind from \p Mask. For example, the argument list
146	/// "-fsanitize=thread,vptr -fsanitize=address" with mask \c NeedsUbsanRt
147	/// would produce "-fsanitize=vptr".
148	static std::string lastArgumentForMask(const Driver &D,
149	const llvm::opt::ArgList &Args,
150	SanitizerMask Mask);
151
152	/// Produce an argument string from argument \p A, which shows how it provides
153	/// a value in \p Mask. For instance, the argument
154	/// "-fsanitize=address,alignment" with mask \c NeedsUbsanRt would produce
155	/// "-fsanitize=alignment".
156	static std::string describeSanitizeArg(const llvm::opt::Arg *A,
157	SanitizerMask Mask);
158
159	/// Produce a string containing comma-separated names of sanitizers in \p
160	/// Sanitizers set.
161	static std::string toString(const clang::SanitizerSet &Sanitizers);
162
163	/// Produce a string containing comma-separated names of sanitizers and
164	/// sanitizer groups in \p Sanitizers set.
165	static std::string toStringWithGroups(const clang::SanitizerSet &Sanitizers);
166
167	/// Return true if an execute-only target disallows data access to code
168	/// sections.
169	static bool isExecuteOnlyTarget(const llvm::Triple &Triple,
170	const llvm::opt::ArgList &Args) {
171	if (Triple.isPS5())
172	return true;
173	return Args.hasFlagNoClaim(Pos: options::OPT_mexecute_only,
174	Neg: options::OPT_mno_execute_only, Default: false);
175	}
176
177	static void validateSpecialCaseListFormat(const Driver &D,
178	std::vector<std::string> &SCLFiles,
179	unsigned MalformedSCLErrorDiagID,
180	bool DiagnoseErrors) {
181	if (SCLFiles.empty())
182	return;
183
184	std::string BLError;
185	std::unique_ptr<llvm::SpecialCaseList> SCL(
186	llvm::SpecialCaseList::create(Paths: SCLFiles, FS&: D.getVFS(), Error&: BLError));
187	if (!SCL && DiagnoseErrors)
188	D.Diag(DiagID: MalformedSCLErrorDiagID) << BLError;
189	}
190
191	static void addDefaultIgnorelists(const Driver &D, SanitizerMask Kinds,
192	std::vector<std::string> &IgnorelistFiles,
193	bool DiagnoseErrors) {
194	struct Ignorelist {
195	const char *File;
196	SanitizerMask Mask;
197	} Ignorelists[] = {{.File: "asan_ignorelist.txt", .Mask: SanitizerKind::Address},
198	{.File: "hwasan_ignorelist.txt", .Mask: SanitizerKind::HWAddress},
199	{.File: "memtag_ignorelist.txt", .Mask: SanitizerKind::MemTag},
200	{.File: "msan_ignorelist.txt", .Mask: SanitizerKind::Memory},
201	{.File: "nsan_ignorelist.txt", .Mask: SanitizerKind::NumericalStability},
202	{.File: "tsan_ignorelist.txt", .Mask: SanitizerKind::Thread},
203	{.File: "tysan_blacklist.txt", .Mask: SanitizerKind::Type},
204	{.File: "dfsan_abilist.txt", .Mask: SanitizerKind::DataFlow},
205	{.File: "cfi_ignorelist.txt", .Mask: SanitizerKind::CFI},
206	{.File: "ubsan_ignorelist.txt",
207	.Mask: SanitizerKind::Undefined \| SanitizerKind::Vptr \|
208	SanitizerKind::Integer \| SanitizerKind::Nullability \|
209	SanitizerKind::FloatDivideByZero}};
210
211	for (auto BL : Ignorelists) {
212	if (!(Kinds & BL.Mask))
213	continue;
214
215	clang::SmallString<`64`> Path(D.ResourceDir);
216	llvm::sys::path::append(path&: Path, a: "share", b: BL.File);
217	if (D.getVFS().exists(Path))
218	IgnorelistFiles.push_back(x: std::string(Path));
219	else if (BL.Mask == SanitizerKind::CFI && DiagnoseErrors)
220	// If cfi_ignorelist.txt cannot be found in the resource dir, driver
221	// should fail.
222	D.Diag(DiagID: clang::diag::err_drv_missing_sanitizer_ignorelist) << Path;
223	}
224	validateSpecialCaseListFormat(
225	D, SCLFiles&: IgnorelistFiles, MalformedSCLErrorDiagID: clang::diag::err_drv_malformed_sanitizer_ignorelist,
226	DiagnoseErrors);
227	}
228
229	/// Parse -f(no-)?sanitize-(coverage-)?(allow\|ignore)list argument's values,
230	/// diagnosing any invalid file paths and validating special case list format.
231	static void parseSpecialCaseListArg(const Driver &D,
232	const llvm::opt::ArgList &Args,
233	std::vector<std::string> &SCLFiles,
234	llvm::opt::OptSpecifier SCLOptionID,
235	llvm::opt::OptSpecifier NoSCLOptionID,
236	unsigned MalformedSCLErrorDiagID,
237	bool DiagnoseErrors) {
238	for (const auto *Arg : Args) {
239	// Match -fsanitize-(coverage-)?(allow\|ignore)list.
240	if (Arg->getOption().matches(ID: SCLOptionID)) {
241	Arg->claim();
242	std::string SCLPath = Arg->getValue();
243	if (D.getVFS().exists(Path: SCLPath)) {
244	SCLFiles.push_back(x: SCLPath);
245	} else if (DiagnoseErrors) {
246	D.Diag(DiagID: clang::diag::err_drv_no_such_file) << SCLPath;
247	}
248	// Match -fno-sanitize-ignorelist.
249	} else if (Arg->getOption().matches(ID: NoSCLOptionID)) {
250	Arg->claim();
251	SCLFiles.clear();
252	}
253	}
254	validateSpecialCaseListFormat(D, SCLFiles, MalformedSCLErrorDiagID,
255	DiagnoseErrors);
256	}
257
258	/// Sets group bits for every group that has at least one representative already
259	/// enabled in \p Kinds.
260	static SanitizerMask setGroupBits(SanitizerMask Kinds) {
261	#define SANITIZER(NAME, ID)
262	#define SANITIZER_GROUP(NAME, ID, ALIAS) \
263	if (Kinds & SanitizerKind::ID) \
264	Kinds \|= SanitizerKind::ID##Group;
265	#include "clang/Basic/Sanitizers.def"
266	return Kinds;
267	}
268
269	// Computes the sanitizer mask as:
270	// Default + Arguments (in or out) + AlwaysIn - AlwaysOut
271	// with arguments parsed from left to right.
272	static SanitizerMask
273	parseSanitizeArgs(const Driver &D, const llvm::opt::ArgList &Args,
274	bool DiagnoseErrors, SanitizerMask Default,
275	SanitizerMask AlwaysIn, SanitizerMask AlwaysOut, int OptInID,
276	int OptOutID) {
277	assert(!(AlwaysIn & AlwaysOut) &&
278	"parseSanitizeArgs called with contradictory in/out requirements");
279
280	SanitizerMask Output = Default;
281	// Keep track of which violations we have already reported, to avoid
282	// duplicate error messages.
283	SanitizerMask DiagnosedAlwaysInViolations;
284	SanitizerMask DiagnosedAlwaysOutViolations;
285	for (const auto *Arg : Args) {
286	if (Arg->getOption().matches(ID: OptInID)) {
287	SanitizerMask Add = parseArgValues(D, A: Arg, DiagnoseErrors);
288	// Report error if user explicitly tries to opt-in to an always-out
289	// sanitizer.
290	if (SanitizerMask KindsToDiagnose =
291	Add & AlwaysOut & ~DiagnosedAlwaysOutViolations) {
292	if (DiagnoseErrors) {
293	SanitizerSet SetToDiagnose;
294	SetToDiagnose.Mask \|= KindsToDiagnose;
295	D.Diag(DiagID: diag::err_drv_unsupported_option_argument)
296	<< Arg->getSpelling() << toStringWithGroups(Sanitizers: SetToDiagnose);
297	DiagnosedAlwaysOutViolations \|= KindsToDiagnose;
298	}
299	}
300	Output \|= expandSanitizerGroups(Kinds: Add);
301	Arg->claim();
302	} else if (Arg->getOption().matches(ID: OptOutID)) {
303	SanitizerMask Remove = parseArgValues(D, A: Arg, DiagnoseErrors);
304	// Report error if user explicitly tries to opt-out of an always-in
305	// sanitizer.
306	if (SanitizerMask KindsToDiagnose =
307	Remove & AlwaysIn & ~DiagnosedAlwaysInViolations) {
308	if (DiagnoseErrors) {
309	SanitizerSet SetToDiagnose;
310	SetToDiagnose.Mask \|= KindsToDiagnose;
311	D.Diag(DiagID: diag::err_drv_unsupported_option_argument)
312	<< Arg->getSpelling() << toStringWithGroups(Sanitizers: SetToDiagnose);
313	DiagnosedAlwaysInViolations \|= KindsToDiagnose;
314	}
315	}
316	Output &= ~expandSanitizerGroups(Kinds: Remove);
317	Arg->claim();
318	}
319	}
320
321	Output \|= AlwaysIn;
322	Output &= ~AlwaysOut;
323
324	return Output;
325	}
326
327	static SanitizerMask parseSanitizeTrapArgs(const Driver &D,
328	const llvm::opt::ArgList &Args,
329	bool DiagnoseErrors) {
330	SanitizerMask AlwaysTrap; // Empty
331	SanitizerMask NeverTrap = ~(setGroupBits(TrappingSupported));
332
333	return parseSanitizeArgs(D, Args, DiagnoseErrors, Default: TrappingDefault, AlwaysIn: AlwaysTrap,
334	AlwaysOut: NeverTrap, OptInID: options::OPT_fsanitize_trap_EQ,
335	OptOutID: options::OPT_fno_sanitize_trap_EQ);
336	}
337
338	static SanitizerMaskCutoffs
339	parseSanitizeSkipHotCutoffArgs(const Driver &D, const llvm::opt::ArgList &Args,
340	bool DiagnoseErrors) {
341	SanitizerMaskCutoffs Cutoffs;
342	for (const auto *Arg : Args)
343	if (Arg->getOption().matches(ID: options::OPT_fsanitize_skip_hot_cutoff_EQ)) {
344	Arg->claim();
345	parseArgCutoffs(D, A: Arg, DiagnoseErrors, Cutoffs);
346	}
347
348	return Cutoffs;
349	}
350
351	bool SanitizerArgs::needsFuzzerInterceptors() const {
352	return needsFuzzer() && !needsAsanRt() && !needsTsanRt() && !needsMsanRt();
353	}
354
355	bool SanitizerArgs::needsUbsanRt() const {
356	// All of these include ubsan.
357	if (needsAsanRt() \|\| needsMsanRt() \|\| needsNsanRt() \|\| needsHwasanRt() \|\|
358	needsTsanRt() \|\| needsDfsanRt() \|\| needsLsanRt() \|\|
359	needsCfiCrossDsoDiagRt() \|\| (needsScudoRt() && !requiresMinimalRuntime()))
360	return false;
361
362	return (Sanitizers.Mask & NeedsUbsanRt & ~TrapSanitizers.Mask) \|\|
363	CoverageFeatures;
364	}
365
366	bool SanitizerArgs::needsUbsanCXXRt() const {
367	// Link UBSAN C++ runtime very selectively, as it's needed in only very
368	// specific cases, but forces the program to depend on C++ ABI. UBSAN C++
369	// runtime is not included with other sanitizers.
370	return static_cast<bool>(Sanitizers.Mask & NeedsUbsanCxxRt &
371	~TrapSanitizers.Mask);
372	}
373
374	bool SanitizerArgs::needsCfiCrossDsoRt() const {
375	// Diag runtime includes cross dso runtime.
376	return !needsCfiCrossDsoDiagRt() && CfiCrossDso && !ImplicitCfiRuntime;
377	}
378
379	bool SanitizerArgs::needsCfiCrossDsoDiagRt() const {
380	// UBSsan handles CFI diagnostics without cross-DSO suppport.
381	return (Sanitizers.Mask & SanitizerKind::CFI & ~TrapSanitizers.Mask) &&
382	CfiCrossDso && !ImplicitCfiRuntime;
383	}
384
385	bool SanitizerArgs::requiresPIE() const { return NeedPIE; }
386
387	bool SanitizerArgs::needsUnwindTables() const {
388	return static_cast<bool>(Sanitizers.Mask & NeedsUnwindTables);
389	}
390
391	bool SanitizerArgs::needsLTO() const {
392	return static_cast<bool>(Sanitizers.Mask & NeedsLTO);
393	}
394
395	SanitizerArgs::SanitizerArgs(const ToolChain &TC,
396	const llvm::opt::ArgList &Args,
397	bool DiagnoseErrors) {
398	SanitizerMask AllRemove; // During the loop below, the accumulated set of
399	// sanitizers disabled by the current sanitizer
400	// argument or any argument after it.
401	SanitizerMask AllAddedKinds; // Mask of all sanitizers ever enabled by
402	// -fsanitize= flags (directly or via group
403	// expansion), some of which may be disabled
404	// later. Used to carefully prune
405	// unused-argument diagnostics.
406	SanitizerMask DiagnosedKinds; // All Kinds we have diagnosed up to now.
407	// Used to deduplicate diagnostics.
408	SanitizerMask Kinds;
409	const SanitizerMask Supported = setGroupBits(TC.getSupportedSanitizers());
410
411	CfiCrossDso = Args.hasFlag(Pos: options::OPT_fsanitize_cfi_cross_dso,
412	Neg: options::OPT_fno_sanitize_cfi_cross_dso, Default: false);
413
414	ToolChain::RTTIMode RTTIMode = TC.getRTTIMode();
415
416	const Driver &D = TC.getDriver();
417	SanitizerMask TrappingKinds = parseSanitizeTrapArgs(D, Args, DiagnoseErrors);
418	SanitizerMask InvalidTrappingKinds = TrappingKinds & NotAllowedWithTrap;
419
420	MinimalRuntime =
421	Args.hasFlag(Pos: options::OPT_fsanitize_minimal_runtime,
422	Neg: options::OPT_fno_sanitize_minimal_runtime, Default: MinimalRuntime);
423
424	// The object size sanitizer should not be enabled at -O0.
425	Arg *OptLevel = Args.getLastArg(Ids: options::OPT_O_Group);
426	bool RemoveObjectSizeAtO0 =
427	!OptLevel \|\| OptLevel->getOption().matches(ID: options::OPT_O0);
428
429	for (const llvm::opt::Arg *Arg : llvm::reverse(C: Args)) {
430	if (Arg->getOption().matches(ID: options::OPT_fsanitize_EQ)) {
431	Arg->claim();
432	SanitizerMask Add = parseArgValues(D, A: Arg, DiagnoseErrors);
433
434	if (RemoveObjectSizeAtO0) {
435	AllRemove \|= SanitizerKind::ObjectSize;
436
437	// The user explicitly enabled the object size sanitizer. Warn
438	// that this does nothing at -O0.
439	if ((Add & SanitizerKind::ObjectSize) && DiagnoseErrors)
440	D.Diag(DiagID: diag::warn_drv_object_size_disabled_O0)
441	<< Arg->getAsString(Args);
442	}
443
444	AllAddedKinds \|= expandSanitizerGroups(Kinds: Add);
445
446	// Avoid diagnosing any sanitizer which is disabled later.
447	Add &= ~AllRemove;
448	// At this point we have not expanded groups, so any unsupported
449	// sanitizers in Add are those which have been explicitly enabled.
450	// Diagnose them.
451	if (SanitizerMask KindsToDiagnose =
452	Add & InvalidTrappingKinds & ~DiagnosedKinds) {
453	if (DiagnoseErrors) {
454	std::string Desc = describeSanitizeArg(A: Arg, Mask: KindsToDiagnose);
455	D.Diag(DiagID: diag::err_drv_argument_not_allowed_with)
456	<< Desc << "-fsanitize-trap=undefined";
457	}
458	DiagnosedKinds \|= KindsToDiagnose;
459	}
460	Add &= ~InvalidTrappingKinds;
461
462	if (MinimalRuntime) {
463	if (SanitizerMask KindsToDiagnose =
464	Add & NotAllowedWithMinimalRuntime & ~DiagnosedKinds) {
465	if (DiagnoseErrors) {
466	std::string Desc = describeSanitizeArg(A: Arg, Mask: KindsToDiagnose);
467	D.Diag(DiagID: diag::err_drv_argument_not_allowed_with)
468	<< Desc << "-fsanitize-minimal-runtime";
469	}
470	DiagnosedKinds \|= KindsToDiagnose;
471	}
472	Add &= ~NotAllowedWithMinimalRuntime;
473	}
474
475	if (llvm::opt::Arg *A = Args.getLastArg(Ids: options::OPT_mcmodel_EQ)) {
476	StringRef CM = A->getValue();
477	if (CM != "small" &&
478	(Add & SanitizerKind::Function & ~DiagnosedKinds)) {
479	if (DiagnoseErrors)
480	D.Diag(DiagID: diag::err_drv_argument_only_allowed_with)
481	<< "-fsanitize=function"
482	<< "-mcmodel=small";
483	Add &= ~SanitizerKind::Function;
484	DiagnosedKinds \|= SanitizerKind::Function;
485	}
486	}
487	// -fsanitize=function and -fsanitize=kcfi instrument indirect function
488	// calls to load a type hash before the function label. Therefore, an
489	// execute-only target doesn't support the function and kcfi sanitizers.
490	const llvm::Triple &Triple = TC.getTriple();
491	if (isExecuteOnlyTarget(Triple, Args)) {
492	if (SanitizerMask KindsToDiagnose =
493	Add & NotAllowedWithExecuteOnly & ~DiagnosedKinds) {
494	if (DiagnoseErrors) {
495	std::string Desc = describeSanitizeArg(A: Arg, Mask: KindsToDiagnose);
496	llvm::opt::Arg *A = Args.getLastArgNoClaim(
497	Ids: options::OPT_mexecute_only, Ids: options::OPT_mno_execute_only);
498	if (A && A->getOption().matches(ID: options::OPT_mexecute_only))
499	D.Diag(DiagID: diag::err_drv_argument_not_allowed_with)
500	<< Desc << A->getAsString(Args);
501	else
502	D.Diag(DiagID: diag::err_drv_unsupported_opt_for_target)
503	<< Desc << Triple.str();
504	}
505	DiagnosedKinds \|= KindsToDiagnose;
506	}
507	Add &= ~NotAllowedWithExecuteOnly;
508	}
509
510	// FIXME: Make CFI on member function calls compatible with cross-DSO CFI.
511	// There are currently two problems:
512	// - Virtual function call checks need to pass a pointer to the function
513	// address to llvm.type.test and a pointer to the address point to the
514	// diagnostic function. Currently we pass the same pointer to both
515	// places.
516	// - Non-virtual function call checks may need to check multiple type
517	// identifiers.
518	// Fixing both of those may require changes to the cross-DSO CFI
519	// interface.
520	if (CfiCrossDso && (Add & SanitizerKind::CFIMFCall & ~DiagnosedKinds)) {
521	if (DiagnoseErrors)
522	D.Diag(DiagID: diag::err_drv_argument_not_allowed_with)
523	<< "-fsanitize=cfi-mfcall"
524	<< "-fsanitize-cfi-cross-dso";
525	Add &= ~SanitizerKind::CFIMFCall;
526	DiagnosedKinds \|= SanitizerKind::CFIMFCall;
527	}
528
529	if (SanitizerMask KindsToDiagnose = Add & ~Supported & ~DiagnosedKinds) {
530	if (DiagnoseErrors) {
531	std::string Desc = describeSanitizeArg(A: Arg, Mask: KindsToDiagnose);
532	D.Diag(DiagID: diag::err_drv_unsupported_opt_for_target)
533	<< Desc << TC.getTriple().str();
534	}
535	DiagnosedKinds \|= KindsToDiagnose;
536	}
537	Add &= Supported;
538
539	// Test for -fno-rtti + explicit -fsanitizer=vptr before expanding groups
540	// so we don't error out if -fno-rtti and -fsanitize=undefined were
541	// passed.
542	if ((Add & SanitizerKind::Vptr) && (RTTIMode == ToolChain::RM_Disabled)) {
543	if (const llvm::opt::Arg *NoRTTIArg = TC.getRTTIArg()) {
544	assert(NoRTTIArg->getOption().matches(options::OPT_fno_rtti) &&
545	"RTTI disabled without -fno-rtti option?");
546	// The user explicitly passed -fno-rtti with -fsanitize=vptr, but
547	// the vptr sanitizer requires RTTI, so this is a user error.
548	if (DiagnoseErrors)
549	D.Diag(DiagID: diag::err_drv_argument_not_allowed_with)
550	<< "-fsanitize=vptr" << NoRTTIArg->getAsString(Args);
551	} else {
552	// The vptr sanitizer requires RTTI, but RTTI is disabled (by
553	// default). Warn that the vptr sanitizer is being disabled.
554	if (DiagnoseErrors)
555	D.Diag(DiagID: diag::warn_drv_disabling_vptr_no_rtti_default);
556	}
557
558	// Take out the Vptr sanitizer from the enabled sanitizers
559	AllRemove \|= SanitizerKind::Vptr;
560	}
561
562	Add = expandSanitizerGroups(Kinds: Add);
563	// Group expansion may have enabled a sanitizer which is disabled later.
564	Add &= ~AllRemove;
565	// Silently discard any unsupported sanitizers implicitly enabled through
566	// group expansion.
567	Add &= ~InvalidTrappingKinds;
568	if (MinimalRuntime) {
569	Add &= ~NotAllowedWithMinimalRuntime;
570	}
571	// NotAllowedWithExecuteOnly is silently discarded on an execute-only
572	// target if implicitly enabled through group expansion.
573	if (isExecuteOnlyTarget(Triple, Args))
574	Add &= ~NotAllowedWithExecuteOnly;
575	if (CfiCrossDso)
576	Add &= ~SanitizerKind::CFIMFCall;
577	// -fsanitize=undefined does not expand to signed-integer-overflow in
578	// -fwrapv (implied by -fno-strict-overflow) mode.
579	if (Add & SanitizerKind::UndefinedGroup) {
580	bool S = Args.hasFlagNoClaim(Pos: options::OPT_fno_strict_overflow,
581	Neg: options::OPT_fstrict_overflow, Default: false);
582	if (Args.hasFlagNoClaim(Pos: options::OPT_fwrapv, Neg: options::OPT_fno_wrapv, Default: S))
583	Add &= ~SanitizerKind::SignedIntegerOverflow;
584	if (Args.hasFlagNoClaim(Pos: options::OPT_fwrapv_pointer,
585	Neg: options::OPT_fno_wrapv_pointer, Default: S))
586	Add &= ~SanitizerKind::PointerOverflow;
587	}
588	Add &= Supported;
589
590	if (Add & SanitizerKind::Fuzzer)
591	Add \|= SanitizerKind::FuzzerNoLink;
592
593	// Enable coverage if the fuzzing flag is set.
594	if (Add & SanitizerKind::FuzzerNoLink) {
595	CoverageFeatures \|= CoverageInline8bitCounters \| CoverageIndirCall \|
596	CoverageTraceCmp \| CoveragePCTable;
597	// Due to TLS differences, stack depth tracking is only enabled on Linux
598	if (TC.getTriple().isOSLinux())
599	CoverageFeatures \|= CoverageStackDepth;
600	}
601
602	Kinds \|= Add;
603	} else if (Arg->getOption().matches(ID: options::OPT_fno_sanitize_EQ)) {
604	Arg->claim();
605	SanitizerMask Remove = parseArgValues(D, A: Arg, DiagnoseErrors);
606	AllRemove \|= expandSanitizerGroups(Kinds: Remove);
607	}
608	}
609
610	std::pair<SanitizerMask, SanitizerMask> IncompatibleGroups[] = {
611	std::make_pair(x: SanitizerKind::Address,
612	y: SanitizerKind::Thread \| SanitizerKind::Memory),
613	std::make_pair(x: SanitizerKind::Type,
614	y: SanitizerKind::Address \| SanitizerKind::KernelAddress \|
615	SanitizerKind::Memory \| SanitizerKind::Leak \|
616	SanitizerKind::Thread \| SanitizerKind::KernelAddress),
617	std::make_pair(x: SanitizerKind::Thread, y: SanitizerKind::Memory),
618	std::make_pair(x: SanitizerKind::Leak,
619	y: SanitizerKind::Thread \| SanitizerKind::Memory),
620	std::make_pair(x: SanitizerKind::KernelAddress,
621	y: SanitizerKind::Address \| SanitizerKind::Leak \|
622	SanitizerKind::Thread \| SanitizerKind::Memory),
623	std::make_pair(x: SanitizerKind::HWAddress,
624	y: SanitizerKind::Address \| SanitizerKind::Thread \|
625	SanitizerKind::Memory \| SanitizerKind::KernelAddress),
626	std::make_pair(x: SanitizerKind::Scudo,
627	y: SanitizerKind::Address \| SanitizerKind::HWAddress \|
628	SanitizerKind::Leak \| SanitizerKind::Thread \|
629	SanitizerKind::Memory \| SanitizerKind::KernelAddress),
630	std::make_pair(x: SanitizerKind::SafeStack,
631	y: (TC.getTriple().isOSFuchsia() ? SanitizerMask ()
632	: SanitizerKind::Leak) \|
633	SanitizerKind::Address \| SanitizerKind::HWAddress \|
634	SanitizerKind::Thread \| SanitizerKind::Memory \|
635	SanitizerKind::KernelAddress),
636	std::make_pair(x: SanitizerKind::KernelHWAddress,
637	y: SanitizerKind::Address \| SanitizerKind::HWAddress \|
638	SanitizerKind::Leak \| SanitizerKind::Thread \|
639	SanitizerKind::Memory \| SanitizerKind::KernelAddress \|
640	SanitizerKind::SafeStack),
641	std::make_pair(x: SanitizerKind::KernelMemory,
642	y: SanitizerKind::Address \| SanitizerKind::HWAddress \|
643	SanitizerKind::Leak \| SanitizerKind::Thread \|
644	SanitizerKind::Memory \| SanitizerKind::KernelAddress \|
645	SanitizerKind::Scudo \| SanitizerKind::SafeStack),
646	std::make_pair(x: SanitizerKind::MemTag, y: SanitizerKind::Address \|
647	SanitizerKind::KernelAddress \|
648	SanitizerKind::HWAddress \|
649	SanitizerKind::KernelHWAddress),
650	std::make_pair(x: SanitizerKind::KCFI, y: SanitizerKind::Function),
651	std::make_pair(x: SanitizerKind::Realtime,
652	y: SanitizerKind::Address \| SanitizerKind::Thread \|
653	SanitizerKind::Undefined \| SanitizerKind::Memory)};
654
655	// Enable toolchain specific default sanitizers if not explicitly disabled.
656	SanitizerMask Default = TC.getDefaultSanitizers() & ~AllRemove;
657
658	// Disable default sanitizers that are incompatible with explicitly requested
659	// ones.
660	for (auto G : IncompatibleGroups) {
661	SanitizerMask Group = G.first;
662	if ((Default & Group) && (Kinds & G.second))
663	Default &= ~Group;
664	}
665
666	Kinds \|= Default;
667
668	// We disable the vptr sanitizer if it was enabled by group expansion but RTTI
669	// is disabled.
670	if ((Kinds & SanitizerKind::Vptr) && (RTTIMode == ToolChain::RM_Disabled)) {
671	Kinds &= ~SanitizerKind::Vptr;
672	}
673
674	// Check that LTO is enabled if we need it.
675	if ((Kinds & NeedsLTO) && !D.isUsingLTO() && DiagnoseErrors) {
676	D.Diag(DiagID: diag::err_drv_argument_only_allowed_with)
677	<< lastArgumentForMask(D, Args, Mask: Kinds & NeedsLTO) << "-flto";
678	}
679
680	if ((Kinds & SanitizerKind::ShadowCallStack) && TC.getTriple().isAArch64() &&
681	!llvm::AArch64::isX18ReservedByDefault(TT: TC.getTriple()) &&
682	!Args.hasArg(Ids: options::OPT_ffixed_x18) && DiagnoseErrors) {
683	D.Diag(DiagID: diag::err_drv_argument_only_allowed_with)
684	<< lastArgumentForMask(D, Args, Mask: Kinds & SanitizerKind::ShadowCallStack)
685	<< "-ffixed-x18";
686	}
687
688	// Report error if there are non-trapping sanitizers that require
689	// c++abi-specific parts of UBSan runtime, and they are not provided by the
690	// toolchain. We don't have a good way to check the latter, so we just
691	// check if the toolchan supports vptr.
692	if (~Supported & SanitizerKind::Vptr) {
693	SanitizerMask KindsToDiagnose = Kinds & ~TrappingKinds & NeedsUbsanCxxRt;
694	// The runtime library supports the Microsoft C++ ABI, but only well enough
695	// for CFI. FIXME: Remove this once we support vptr on Windows.
696	if (TC.getTriple().isOSWindows())
697	KindsToDiagnose &= ~SanitizerKind::CFI;
698	if (KindsToDiagnose) {
699	SanitizerSet S;
700	S.Mask = KindsToDiagnose;
701	if (DiagnoseErrors)
702	D.Diag(DiagID: diag::err_drv_unsupported_opt_for_target)
703	<< ("-fno-sanitize-trap=" + toString(Sanitizers: S)) << TC.getTriple().str();
704	Kinds &= ~KindsToDiagnose;
705	}
706	}
707
708	// Warn about incompatible groups of sanitizers.
709	for (auto G : IncompatibleGroups) {
710	SanitizerMask Group = G.first;
711	if (Kinds & Group) {
712	if (SanitizerMask Incompatible = Kinds & G.second) {
713	if (DiagnoseErrors)
714	D.Diag(DiagID: clang::diag::err_drv_argument_not_allowed_with)
715	<< lastArgumentForMask(D, Args, Mask: Group)
716	<< lastArgumentForMask(D, Args, Mask: Incompatible);
717	Kinds &= ~Incompatible;
718	}
719	}
720	}
721	// FIXME: Currently -fsanitize=leak is silently ignored in the presence of
722	// -fsanitize=address. Perhaps it should print an error, or perhaps
723	// -f(-no)sanitize=leak should change whether leak detection is enabled by
724	// default in ASan?
725
726	// Parse -f(no-)?sanitize-recover flags.
727	SanitizerMask RecoverableKinds = parseSanitizeArgs(
728	D, Args, DiagnoseErrors, Default: RecoverableByDefault, AlwaysIn: AlwaysRecoverable,
729	AlwaysOut: Unrecoverable, OptInID: options::OPT_fsanitize_recover_EQ,
730	OptOutID: options::OPT_fno_sanitize_recover_EQ);
731	RecoverableKinds &= Kinds;
732
733	TrappingKinds &= Kinds;
734	RecoverableKinds &= ~TrappingKinds;
735
736	// Parse -f(no-)?sanitize-nonmerged-handlers flags
737	SanitizerMask MergeKinds =
738	parseSanitizeArgs(D, Args, DiagnoseErrors, Default: MergeDefault, AlwaysIn: {}, AlwaysOut: {},
739	OptInID: options::OPT_fsanitize_merge_handlers_EQ,
740	OptOutID: options::OPT_fno_sanitize_merge_handlers_EQ);
741	MergeKinds &= Kinds;
742
743	// Parse -fno-fsanitize-skip-hot-cutoff flags
744	SkipHotCutoffs = parseSanitizeSkipHotCutoffArgs(D, Args, DiagnoseErrors);
745
746	// Parse -f(no-)?sanitize-annotate-debug-info flags
747	SanitizerMask AnnotateDebugInfoKinds =
748	parseSanitizeArgs(D, Args, DiagnoseErrors, Default: AnnotateDebugInfoDefault, AlwaysIn: {},
749	AlwaysOut: {}, OptInID: options::OPT_fsanitize_annotate_debug_info_EQ,
750	OptOutID: options::OPT_fno_sanitize_annotate_debug_info_EQ);
751	AnnotateDebugInfoKinds &= Kinds;
752
753	// Setup ignorelist files.
754	// Add default ignorelist from resource directory for activated sanitizers,
755	// and validate special case lists format.
756	if (!Args.hasArgNoClaim(Ids: options::OPT_fno_sanitize_ignorelist))
757	addDefaultIgnorelists(D, Kinds, IgnorelistFiles&: SystemIgnorelistFiles, DiagnoseErrors);
758
759	// Parse -f(no-)?sanitize-ignorelist options.
760	// This also validates special case lists format.
761	parseSpecialCaseListArg(
762	D, Args, SCLFiles&: UserIgnorelistFiles, SCLOptionID: options::OPT_fsanitize_ignorelist_EQ,
763	NoSCLOptionID: options::OPT_fno_sanitize_ignorelist,
764	MalformedSCLErrorDiagID: clang::diag::err_drv_malformed_sanitizer_ignorelist, DiagnoseErrors);
765
766	// Verify that -fsanitize-coverage-stack-depth-callback-min is >= 0.
767	if (Arg *A = Args.getLastArg(
768	Ids: options::OPT_fsanitize_coverage_stack_depth_callback_min_EQ)) {
769	StringRef S = A->getValue();
770	if (S.getAsInteger(Radix: `0`, Result&: CoverageStackDepthCallbackMin) \|\|
771	CoverageStackDepthCallbackMin < `0`) {
772	if (DiagnoseErrors)
773	D.Diag(DiagID: clang::diag::err_drv_invalid_value) << A->getAsString(Args) << S;
774	}
775	}
776
777	// Parse -f[no-]sanitize-memory-track-origins[=level] options.
778	if (AllAddedKinds & SanitizerKind::Memory) {
779	if (Arg *A =
780	Args.getLastArg(Ids: options::OPT_fsanitize_memory_track_origins_EQ,
781	Ids: options::OPT_fno_sanitize_memory_track_origins)) {
782	if (!A->getOption().matches(
783	ID: options::OPT_fno_sanitize_memory_track_origins)) {
784	StringRef S = A->getValue();
785	if (S.getAsInteger(Radix: `0`, Result&: MsanTrackOrigins) \|\| MsanTrackOrigins < `0` \|\|
786	MsanTrackOrigins > `2`) {
787	if (DiagnoseErrors)
788	D.Diag(DiagID: clang::diag::err_drv_invalid_value)
789	<< A->getAsString(Args) << S;
790	}
791	}
792	}
793	MsanUseAfterDtor = Args.hasFlag(
794	Pos: options::OPT_fsanitize_memory_use_after_dtor,
795	Neg: options::OPT_fno_sanitize_memory_use_after_dtor, Default: MsanUseAfterDtor);
796	MsanParamRetval = Args.hasFlag(
797	Pos: options::OPT_fsanitize_memory_param_retval,
798	Neg: options::OPT_fno_sanitize_memory_param_retval, Default: MsanParamRetval);
799	} else if (AllAddedKinds & SanitizerKind::KernelMemory) {
800	MsanUseAfterDtor = false;
801	MsanParamRetval = Args.hasFlag(
802	Pos: options::OPT_fsanitize_memory_param_retval,
803	Neg: options::OPT_fno_sanitize_memory_param_retval, Default: MsanParamRetval);
804	} else {
805	MsanUseAfterDtor = false;
806	MsanParamRetval = false;
807	}
808
809	if (AllAddedKinds & SanitizerKind::MemTag) {
810	StringRef S =
811	Args.getLastArgValue(Id: options::OPT_fsanitize_memtag_mode_EQ, Default: "sync");
812	if (S == "async" \|\| S == "sync") {
813	MemtagMode = S.str();
814	} else {
815	D.Diag(DiagID: clang::diag::err_drv_invalid_value_with_suggestion)
816	<< "-fsanitize-memtag-mode=" << S << "{async, sync}";
817	MemtagMode = "sync";
818	}
819	}
820
821	if (AllAddedKinds & SanitizerKind::Thread) {
822	TsanMemoryAccess = Args.hasFlag(
823	Pos: options::OPT_fsanitize_thread_memory_access,
824	Neg: options::OPT_fno_sanitize_thread_memory_access, Default: TsanMemoryAccess);
825	TsanFuncEntryExit = Args.hasFlag(
826	Pos: options::OPT_fsanitize_thread_func_entry_exit,
827	Neg: options::OPT_fno_sanitize_thread_func_entry_exit, Default: TsanFuncEntryExit);
828	TsanAtomics =
829	Args.hasFlag(Pos: options::OPT_fsanitize_thread_atomics,
830	Neg: options::OPT_fno_sanitize_thread_atomics, Default: TsanAtomics);
831	}
832
833	if (AllAddedKinds & SanitizerKind::CFI) {
834	// Without PIE, external function address may resolve to a PLT record, which
835	// can not be verified by the target module.
836	NeedPIE \|= CfiCrossDso;
837	CfiICallGeneralizePointers =
838	Args.hasArg(Ids: options::OPT_fsanitize_cfi_icall_generalize_pointers);
839
840	CfiICallNormalizeIntegers =
841	Args.hasArg(Ids: options::OPT_fsanitize_cfi_icall_normalize_integers);
842
843	if (CfiCrossDso && CfiICallGeneralizePointers && DiagnoseErrors)
844	D.Diag(DiagID: diag::err_drv_argument_not_allowed_with)
845	<< "-fsanitize-cfi-cross-dso"
846	<< "-fsanitize-cfi-icall-generalize-pointers";
847
848	CfiCanonicalJumpTables =
849	Args.hasFlag(Pos: options::OPT_fsanitize_cfi_canonical_jump_tables,
850	Neg: options::OPT_fno_sanitize_cfi_canonical_jump_tables, Default: true);
851	}
852
853	if (AllAddedKinds & SanitizerKind::KCFI) {
854	CfiICallNormalizeIntegers =
855	Args.hasArg(Ids: options::OPT_fsanitize_cfi_icall_normalize_integers);
856
857	KcfiArity = Args.hasArg(Ids: options::OPT_fsanitize_kcfi_arity);
858
859	if (AllAddedKinds & SanitizerKind::CFI && DiagnoseErrors)
860	D.Diag(DiagID: diag::err_drv_argument_not_allowed_with)
861	<< "-fsanitize=kcfi"
862	<< lastArgumentForMask(D, Args, Mask: SanitizerKind::CFI);
863	}
864
865	Stats = Args.hasFlag(Pos: options::OPT_fsanitize_stats,
866	Neg: options::OPT_fno_sanitize_stats, Default: false);
867
868	if (MinimalRuntime) {
869	SanitizerMask IncompatibleMask =
870	Kinds & ~setGroupBits(CompatibleWithMinimalRuntime);
871	if (IncompatibleMask && DiagnoseErrors)
872	D.Diag(DiagID: clang::diag::err_drv_argument_not_allowed_with)
873	<< "-fsanitize-minimal-runtime"
874	<< lastArgumentForMask(D, Args, Mask: IncompatibleMask);
875	}
876
877	for (const auto *Arg : Args.filtered(
878	Ids: options::OPT_fsanitize_undefined_ignore_overflow_pattern_EQ)) {
879	Arg->claim();
880	OverflowPatternExclusions \|=
881	parseOverflowPatternExclusionValues(D, A: Arg, DiagnoseErrors);
882	}
883
884	// Parse -f(no-)?sanitize-coverage flags if coverage is supported by the
885	// enabled sanitizers.
886	for (const auto *Arg : Args) {
887	if (Arg->getOption().matches(ID: options::OPT_fsanitize_coverage)) {
888	int LegacySanitizeCoverage;
889	if (Arg->getNumValues() == `1` &&
890	!StringRef(Arg->getValue(N: `0`))
891	.getAsInteger(Radix: `0`, Result&: LegacySanitizeCoverage)) {
892	CoverageFeatures = `0`;
893	Arg->claim();
894	if (LegacySanitizeCoverage != `0` && DiagnoseErrors) {
895	D.Diag(DiagID: diag::warn_drv_deprecated_arg)
896	<< Arg->getAsString(Args) << /hasReplacement=/true
897	<< "-fsanitize-coverage=trace-pc-guard";
898	}
899	continue;
900	}
901	CoverageFeatures \|= parseCoverageFeatures(D, A: Arg, DiagnoseErrors);
902
903	// Disable coverage and not claim the flags if there is at least one
904	// non-supporting sanitizer.
905	if (!(AllAddedKinds & ~AllRemove & ~setGroupBits(SupportsCoverage))) {
906	Arg->claim();
907	} else {
908	CoverageFeatures = `0`;
909	}
910	} else if (Arg->getOption().matches(ID: options::OPT_fno_sanitize_coverage)) {
911	Arg->claim();
912	CoverageFeatures &= ~parseCoverageFeatures(D, A: Arg, DiagnoseErrors);
913	}
914	}
915	// Choose at most one coverage type: function, bb, or edge.
916	if (DiagnoseErrors) {
917	if ((CoverageFeatures & CoverageFunc) && (CoverageFeatures & CoverageBB))
918	D.Diag(DiagID: clang::diag::err_drv_argument_not_allowed_with)
919	<< "-fsanitize-coverage=func"
920	<< "-fsanitize-coverage=bb";
921	if ((CoverageFeatures & CoverageFunc) && (CoverageFeatures & CoverageEdge))
922	D.Diag(DiagID: clang::diag::err_drv_argument_not_allowed_with)
923	<< "-fsanitize-coverage=func"
924	<< "-fsanitize-coverage=edge";
925	if ((CoverageFeatures & CoverageBB) && (CoverageFeatures & CoverageEdge))
926	D.Diag(DiagID: clang::diag::err_drv_argument_not_allowed_with)
927	<< "-fsanitize-coverage=bb"
928	<< "-fsanitize-coverage=edge";
929	// Basic block tracing and 8-bit counters require some type of coverage
930	// enabled.
931	if (CoverageFeatures & CoverageTraceBB)
932	D.Diag(DiagID: clang::diag::warn_drv_deprecated_arg)
933	<< "-fsanitize-coverage=trace-bb" << /hasReplacement=/true
934	<< "-fsanitize-coverage=trace-pc-guard";
935	if (CoverageFeatures & Coverage8bitCounters)
936	D.Diag(DiagID: clang::diag::warn_drv_deprecated_arg)
937	<< "-fsanitize-coverage=8bit-counters" << /hasReplacement=/true
938	<< "-fsanitize-coverage=trace-pc-guard";
939	}
940
941	int InsertionPointTypes = CoverageFunc \| CoverageBB \| CoverageEdge;
942	int InstrumentationTypes = CoverageTracePC \| CoverageTracePCGuard \|
943	CoverageInline8bitCounters \| CoverageTraceLoads \|
944	CoverageTraceStores \| CoverageInlineBoolFlag \|
945	CoverageControlFlow;
946	if ((CoverageFeatures & InsertionPointTypes) &&
947	!(CoverageFeatures & InstrumentationTypes) && DiagnoseErrors) {
948	D.Diag(DiagID: clang::diag::warn_drv_deprecated_arg)
949	<< "-fsanitize-coverage=[func\|bb\|edge]" << /hasReplacement=/true
950	<< "-fsanitize-coverage=[func\|bb\|edge],[trace-pc-guard\|trace-pc],["
951	"control-flow]";
952	}
953
954	// trace-pc w/o func/bb/edge implies edge.
955	if (!(CoverageFeatures & InsertionPointTypes)) {
956	if (CoverageFeatures &
957	(CoverageTracePC \| CoverageTracePCGuard \| CoverageInline8bitCounters \|
958	CoverageInlineBoolFlag \| CoverageControlFlow))
959	CoverageFeatures \|= CoverageEdge;
960
961	if (CoverageFeatures & CoverageStackDepth)
962	CoverageFeatures \|= CoverageFunc;
963	}
964
965	// Parse -fsanitize-coverage-(allow\|ignore)list options if coverage enabled.
966	// This also validates special case lists format.
967	// Here, OptSpecifier() acts as a never-matching command-line argument.
968	// So, there is no way to clear coverage lists but you can append to them.
969	if (CoverageFeatures) {
970	parseSpecialCaseListArg(
971	D, Args, SCLFiles&: CoverageAllowlistFiles,
972	SCLOptionID: options::OPT_fsanitize_coverage_allowlist, NoSCLOptionID: OptSpecifier (),
973	MalformedSCLErrorDiagID: clang::diag::err_drv_malformed_sanitizer_coverage_allowlist,
974	DiagnoseErrors);
975	parseSpecialCaseListArg(
976	D, Args, SCLFiles&: CoverageIgnorelistFiles,
977	SCLOptionID: options::OPT_fsanitize_coverage_ignorelist, NoSCLOptionID: OptSpecifier (),
978	MalformedSCLErrorDiagID: clang::diag::err_drv_malformed_sanitizer_coverage_ignorelist,
979	DiagnoseErrors);
980	}
981
982	// Parse -f(no-)?sanitize-metadata.
983	for (const auto *Arg :
984	Args.filtered(Ids: options::OPT_fexperimental_sanitize_metadata_EQ,
985	Ids: options::OPT_fno_experimental_sanitize_metadata_EQ)) {
986	if (Arg->getOption().matches(
987	ID: options::OPT_fexperimental_sanitize_metadata_EQ)) {
988	Arg->claim();
989	BinaryMetadataFeatures \|=
990	parseBinaryMetadataFeatures(D, A: Arg, DiagnoseErrors);
991	} else {
992	Arg->claim();
993	BinaryMetadataFeatures &=
994	~parseBinaryMetadataFeatures(D, A: Arg, DiagnoseErrors);
995	}
996	}
997
998	// Parse -fsanitize-metadata-ignorelist option if enabled.
999	if (BinaryMetadataFeatures) {
1000	parseSpecialCaseListArg(
1001	D, Args, SCLFiles&: BinaryMetadataIgnorelistFiles,
1002	SCLOptionID: options::OPT_fexperimental_sanitize_metadata_ignorelist_EQ,
1003	NoSCLOptionID: OptSpecifier (), // Cannot clear ignore list, only append.
1004	MalformedSCLErrorDiagID: clang::diag::err_drv_malformed_sanitizer_metadata_ignorelist,
1005	DiagnoseErrors);
1006	}
1007
1008	SharedRuntime = Args.hasFlag(
1009	Pos: options::OPT_shared_libsan, Neg: options::OPT_static_libsan,
1010	Default: TC.getTriple().isAndroid() \|\| TC.getTriple().isOSFuchsia() \|\|
1011	TC.getTriple().isOSDarwin() \|\| TC.getTriple().isOSWindows());
1012	if (!SharedRuntime && TC.getTriple().isOSWindows()) {
1013	Arg *A =
1014	Args.getLastArg(Ids: options::OPT_shared_libsan, Ids: options::OPT_static_libsan);
1015	D.Diag(DiagID: clang::diag::err_drv_unsupported_opt_for_target)
1016	<< A->getSpelling() << TC.getTriple().str();
1017	}
1018
1019	ImplicitCfiRuntime = TC.getTriple().isAndroid();
1020
1021	if (AllAddedKinds & SanitizerKind::Address) {
1022	NeedPIE \|= TC.getTriple().isOSFuchsia();
1023	if (Arg *A =
1024	Args.getLastArg(Ids: options::OPT_fsanitize_address_field_padding)) {
1025	StringRef S = A->getValue();
1026	// Legal values are 0 and 1, 2, but in future we may add more levels.
1027	if ((S.getAsInteger(Radix: `0`, Result&: AsanFieldPadding) \|\| AsanFieldPadding < `0` \|\|
1028	AsanFieldPadding > `2`) &&
1029	DiagnoseErrors) {
1030	D.Diag(DiagID: clang::diag::err_drv_invalid_value) << A->getAsString(Args) << S;
1031	}
1032	}
1033
1034	if (Arg *WindowsDebugRTArg =
1035	Args.getLastArg(Ids: options::OPT__SLASH_MTd, Ids: options::OPT__SLASH_MT,
1036	Ids: options::OPT__SLASH_MDd, Ids: options::OPT__SLASH_MD,
1037	Ids: options::OPT__SLASH_LDd, Ids: options::OPT__SLASH_LD)) {
1038	switch (WindowsDebugRTArg->getOption().getID()) {
1039	case options::OPT__SLASH_MTd:
1040	case options::OPT__SLASH_MDd:
1041	case options::OPT__SLASH_LDd:
1042	if (DiagnoseErrors) {
1043	D.Diag(DiagID: clang::diag::err_drv_argument_not_allowed_with)
1044	<< WindowsDebugRTArg->getAsString(Args)
1045	<< lastArgumentForMask(D, Args, Mask: SanitizerKind::Address);
1046	D.Diag(DiagID: clang::diag::note_drv_address_sanitizer_debug_runtime);
1047	}
1048	}
1049	}
1050
1051	StableABI = Args.hasFlag(Pos: options::OPT_fsanitize_stable_abi,
1052	Neg: options::OPT_fno_sanitize_stable_abi, Default: false);
1053
1054	AsanPoisonCustomArrayCookie = Args.hasFlag(
1055	Pos: options::OPT_fsanitize_address_poison_custom_array_cookie,
1056	Neg: options::OPT_fno_sanitize_address_poison_custom_array_cookie,
1057	Default: AsanPoisonCustomArrayCookie);
1058
1059	AsanOutlineInstrumentation =
1060	Args.hasFlag(Pos: options::OPT_fsanitize_address_outline_instrumentation,
1061	Neg: options::OPT_fno_sanitize_address_outline_instrumentation,
1062	Default: AsanOutlineInstrumentation);
1063
1064	AsanGlobalsDeadStripping = Args.hasFlag(
1065	Pos: options::OPT_fsanitize_address_globals_dead_stripping,
1066	Neg: options::OPT_fno_sanitize_address_globals_dead_stripping, Default: true);
1067
1068	// Enable ODR indicators which allow better handling of mixed instrumented
1069	// and uninstrumented globals. Disable them for Windows where weak odr
1070	// indicators (.weak.__odr_asan_gen) may cause multiple definition linker*
1071	// errors in the absence of -lldmingw.
1072	AsanUseOdrIndicator =
1073	Args.hasFlag(Pos: options::OPT_fsanitize_address_use_odr_indicator,
1074	Neg: options::OPT_fno_sanitize_address_use_odr_indicator,
1075	Default: !TC.getTriple().isOSWindows());
1076
1077	if (AllAddedKinds & SanitizerKind::PointerCompare & ~AllRemove) {
1078	AsanInvalidPointerCmp = true;
1079	}
1080
1081	if (AllAddedKinds & SanitizerKind::PointerSubtract & ~AllRemove) {
1082	AsanInvalidPointerSub = true;
1083	}
1084
1085	if (TC.getTriple().isOSDarwin() &&
1086	(Args.hasArg(Ids: options::OPT_mkernel) \|\|
1087	Args.hasArg(Ids: options::OPT_fapple_kext))) {
1088	AsanDtorKind = llvm::AsanDtorKind::None;
1089	}
1090
1091	if (const auto *Arg =
1092	Args.getLastArg(Ids: options::OPT_sanitize_address_destructor_EQ)) {
1093	auto parsedAsanDtorKind = AsanDtorKindFromString(kind: Arg->getValue());
1094	if (parsedAsanDtorKind == llvm::AsanDtorKind::Invalid && DiagnoseErrors) {
1095	TC.getDriver().Diag(DiagID: clang::diag::err_drv_unsupported_option_argument)
1096	<< Arg->getSpelling() << Arg->getValue();
1097	}
1098	AsanDtorKind = parsedAsanDtorKind;
1099	}
1100
1101	if (const auto *Arg = Args.getLastArg(
1102	Ids: options::OPT_sanitize_address_use_after_return_EQ)) {
1103	auto parsedAsanUseAfterReturn =
1104	AsanDetectStackUseAfterReturnModeFromString(modeStr: Arg->getValue());
1105	if (parsedAsanUseAfterReturn ==
1106	llvm::AsanDetectStackUseAfterReturnMode::Invalid &&
1107	DiagnoseErrors) {
1108	TC.getDriver().Diag(DiagID: clang::diag::err_drv_unsupported_option_argument)
1109	<< Arg->getSpelling() << Arg->getValue();
1110	}
1111	AsanUseAfterReturn = parsedAsanUseAfterReturn;
1112	}
1113
1114	} else {
1115	// -fsanitize=pointer-compare/pointer-subtract requires -fsanitize=address.
1116	SanitizerMask DetectInvalidPointerPairs =
1117	SanitizerKind::PointerCompare \| SanitizerKind::PointerSubtract;
1118	if ((AllAddedKinds & DetectInvalidPointerPairs & ~AllRemove) &&
1119	DiagnoseErrors) {
1120	TC.getDriver().Diag(DiagID: clang::diag::err_drv_argument_only_allowed_with)
1121	<< lastArgumentForMask(D, Args,
1122	Mask: SanitizerKind::PointerCompare \|
1123	SanitizerKind::PointerSubtract)
1124	<< "-fsanitize=address";
1125	}
1126	}
1127
1128	if (AllAddedKinds & (SanitizerKind::Address \| SanitizerKind::KernelAddress)) {
1129	AsanUseAfterScope = Args.hasFlag(
1130	Pos: options::OPT_fsanitize_address_use_after_scope,
1131	Neg: options::OPT_fno_sanitize_address_use_after_scope, Default: AsanUseAfterScope);
1132	} else {
1133	AsanUseAfterScope = false;
1134	}
1135
1136	if (AllAddedKinds & SanitizerKind::HWAddress) {
1137	if (Arg *HwasanAbiArg =
1138	Args.getLastArg(Ids: options::OPT_fsanitize_hwaddress_abi_EQ)) {
1139	HwasanAbi = HwasanAbiArg->getValue();
1140	if (HwasanAbi != "platform" && HwasanAbi != "interceptor" &&
1141	DiagnoseErrors)
1142	D.Diag(DiagID: clang::diag::err_drv_invalid_value)
1143	<< HwasanAbiArg->getAsString(Args) << HwasanAbi;
1144	} else {
1145	HwasanAbi = "interceptor";
1146	}
1147	if (TC.getTriple().getArch() == llvm::Triple::x86_64)
1148	HwasanUseAliases = Args.hasFlag(
1149	Pos: options::OPT_fsanitize_hwaddress_experimental_aliasing,
1150	Neg: options::OPT_fno_sanitize_hwaddress_experimental_aliasing,
1151	Default: HwasanUseAliases);
1152	}
1153
1154	if (AllAddedKinds & SanitizerKind::SafeStack) {
1155	// SafeStack runtime is built into the system on Android and Fuchsia.
1156	SafeStackRuntime =
1157	!TC.getTriple().isAndroid() && !TC.getTriple().isOSFuchsia();
1158	}
1159
1160	LinkRuntimes =
1161	Args.hasFlag(Pos: options::OPT_fsanitize_link_runtime,
1162	Neg: options::OPT_fno_sanitize_link_runtime, Default: LinkRuntimes);
1163
1164	// Parse -link-cxx-sanitizer flag.
1165	LinkCXXRuntimes = D.CCCIsCXX();
1166	LinkCXXRuntimes =
1167	Args.hasFlag(Pos: options::OPT_fsanitize_link_cxx_runtime,
1168	Neg: options::OPT_fno_sanitize_link_cxx_runtime, Default: LinkCXXRuntimes);
1169
1170	NeedsMemProfRt = Args.hasFlag(Pos: options::OPT_fmemory_profile,
1171	PosAlias: options::OPT_fmemory_profile_EQ,
1172	Neg: options::OPT_fno_memory_profile, Default: false);
1173
1174	// Finally, initialize the set of available and recoverable sanitizers.
1175	Sanitizers.Mask \|= Kinds;
1176	RecoverableSanitizers.Mask \|= RecoverableKinds;
1177	TrapSanitizers.Mask \|= TrappingKinds;
1178	assert(!(RecoverableKinds & TrappingKinds) &&
1179	"Overlap between recoverable and trapping sanitizers");
1180
1181	MergeHandlers.Mask \|= MergeKinds;
1182
1183	AnnotateDebugInfo.Mask \|= AnnotateDebugInfoKinds;
1184
1185	// Zero out SkipHotCutoffs for unused sanitizers
1186	SkipHotCutoffs.clear(K: ~Sanitizers.Mask);
1187	}
1188
1189	static std::string toString(const clang::SanitizerSet &Sanitizers) {
1190	std::string Res;
1191	#define SANITIZER(NAME, ID) \
1192	if (Sanitizers.has(SanitizerKind::ID)) { \
1193	if (!Res.empty()) \
1194	Res += ","; \
1195	Res += NAME; \
1196	}
1197	#include "clang/Basic/Sanitizers.def"
1198	return Res;
1199	}
1200
1201	static std::string toString(const clang::SanitizerMaskCutoffs &Cutoffs) {
1202	llvm::SmallVector<std::string, `4`> Res;
1203	serializeSanitizerMaskCutoffs(Cutoffs, Values&: Res);
1204	return llvm::join(R&: Res, Separator: ",");
1205	}
1206
1207	static std::string toStringWithGroups(const clang::SanitizerSet &Sanitizers) {
1208	std::string Res;
1209	#define SANITIZER(NAME, ID) \
1210	if (Sanitizers.has(SanitizerKind::ID)) { \
1211	if (!Res.empty()) \
1212	Res += ","; \
1213	Res += NAME; \
1214	}
1215	#define SANITIZER_GROUP(NAME, ID, ALIAS) SANITIZER(NAME, ID##Group)
1216	#include "clang/Basic/Sanitizers.def"
1217	return Res;
1218	}
1219
1220	static void addSpecialCaseListOpt(const llvm::opt::ArgList &Args,
1221	llvm::opt::ArgStringList &CmdArgs,
1222	const char *SCLOptFlag,
1223	const std::vector<std::string> &SCLFiles) {
1224	for (const auto &SCLPath : SCLFiles) {
1225	SmallString<`64`> SCLOpt(SCLOptFlag);
1226	SCLOpt += SCLPath;
1227	CmdArgs.push_back(Elt: Args.MakeArgString(Str: SCLOpt));
1228	}
1229	}
1230
1231	static void addIncludeLinkerOption(const ToolChain &TC,
1232	const llvm::opt::ArgList &Args,
1233	llvm::opt::ArgStringList &CmdArgs,
1234	StringRef SymbolName) {
1235	SmallString<`64`> LinkerOptionFlag;
1236	LinkerOptionFlag = "--linker-option=/include:";
1237	if (TC.getTriple().getArch() == llvm::Triple::x86) {
1238	// Win32 mangles C function names with a '_' prefix.
1239	LinkerOptionFlag += `'_'`;
1240	}
1241	LinkerOptionFlag += SymbolName;
1242	CmdArgs.push_back(Elt: Args.MakeArgString(Str: LinkerOptionFlag));
1243	}
1244
1245	static bool hasTargetFeatureMTE(const llvm::opt::ArgStringList &CmdArgs) {
1246	for (auto Start = CmdArgs.begin(), End = CmdArgs.end(); Start != End;
1247	++Start) {
1248	auto It = std::find(first: Start, last: End, val: StringRef("+mte"));
1249	if (It == End)
1250	break;
1251	if (It > Start && *std::prev(x: It) == StringRef("-target-feature"))
1252	return true;
1253	Start = It;
1254	}
1255	return false;
1256	}
1257
1258	void SanitizerArgs::addArgs(const ToolChain &TC, const llvm::opt::ArgList &Args,
1259	llvm::opt::ArgStringList &CmdArgs,
1260	types::ID InputType) const {
1261	// NVPTX doesn't currently support sanitizers. Bailing out here means
1262	// that e.g. -fsanitize=address applies only to host code, which is what we
1263	// want for now.
1264	if (TC.getTriple().isNVPTX())
1265	return;
1266	// AMDGPU sanitizer support is experimental and controlled by -fgpu-sanitize.
1267	bool GPUSanitize = false;
1268	if (TC.getTriple().isAMDGPU()) {
1269	if (!Args.hasFlag(Pos: options::OPT_fgpu_sanitize, Neg: options::OPT_fno_gpu_sanitize,
1270	Default: true))
1271	return;
1272	GPUSanitize = true;
1273	}
1274
1275	// Translate available CoverageFeatures to corresponding clang-cc1 flags.
1276	// Do it even if Sanitizers.empty() since some forms of coverage don't require
1277	// sanitizers.
1278	std::pair<int, const char *> CoverageFlags[] = {
1279	std::make_pair(x: CoverageFunc, y: "-fsanitize-coverage-type=1"),
1280	std::make_pair(x: CoverageBB, y: "-fsanitize-coverage-type=2"),
1281	std::make_pair(x: CoverageEdge, y: "-fsanitize-coverage-type=3"),
1282	std::make_pair(x: CoverageIndirCall, y: "-fsanitize-coverage-indirect-calls"),
1283	std::make_pair(x: CoverageTraceBB, y: "-fsanitize-coverage-trace-bb"),
1284	std::make_pair(x: CoverageTraceCmp, y: "-fsanitize-coverage-trace-cmp"),
1285	std::make_pair(x: CoverageTraceDiv, y: "-fsanitize-coverage-trace-div"),
1286	std::make_pair(x: CoverageTraceGep, y: "-fsanitize-coverage-trace-gep"),
1287	std::make_pair(x: Coverage8bitCounters, y: "-fsanitize-coverage-8bit-counters"),
1288	std::make_pair(x: CoverageTracePC, y: "-fsanitize-coverage-trace-pc"),
1289	std::make_pair(x: CoverageTracePCGuard,
1290	y: "-fsanitize-coverage-trace-pc-guard"),
1291	std::make_pair(x: CoverageInline8bitCounters,
1292	y: "-fsanitize-coverage-inline-8bit-counters"),
1293	std::make_pair(x: CoverageInlineBoolFlag,
1294	y: "-fsanitize-coverage-inline-bool-flag"),
1295	std::make_pair(x: CoveragePCTable, y: "-fsanitize-coverage-pc-table"),
1296	std::make_pair(x: CoverageNoPrune, y: "-fsanitize-coverage-no-prune"),
1297	std::make_pair(x: CoverageStackDepth, y: "-fsanitize-coverage-stack-depth"),
1298	std::make_pair(x: CoverageTraceLoads, y: "-fsanitize-coverage-trace-loads"),
1299	std::make_pair(x: CoverageTraceStores, y: "-fsanitize-coverage-trace-stores"),
1300	std::make_pair(x: CoverageControlFlow, y: "-fsanitize-coverage-control-flow")};
1301	for (auto F : CoverageFlags) {
1302	if (CoverageFeatures & F.first)
1303	CmdArgs.push_back(Elt: F.second);
1304	}
1305	addSpecialCaseListOpt(
1306	Args, CmdArgs, SCLOptFlag: "-fsanitize-coverage-allowlist=", SCLFiles: CoverageAllowlistFiles);
1307	addSpecialCaseListOpt(Args, CmdArgs, SCLOptFlag: "-fsanitize-coverage-ignorelist=",
1308	SCLFiles: CoverageIgnorelistFiles);
1309
1310	if (CoverageStackDepthCallbackMin)
1311	CmdArgs.push_back(
1312	Elt: Args.MakeArgString(Str: "-fsanitize-coverage-stack-depth-callback-min=" +
1313	Twine(CoverageStackDepthCallbackMin)));
1314
1315	if (!GPUSanitize) {
1316	// Translate available BinaryMetadataFeatures to corresponding clang-cc1
1317	// flags. Does not depend on any other sanitizers. Unsupported on GPUs.
1318	const std::pair<int, std::string> BinaryMetadataFlags[] = {
1319	std::make_pair(x: BinaryMetadataCovered, y: "covered"),
1320	std::make_pair(x: BinaryMetadataAtomics, y: "atomics"),
1321	std::make_pair(x: BinaryMetadataUAR, y: "uar")};
1322	for (const auto &F : BinaryMetadataFlags) {
1323	if (BinaryMetadataFeatures & F.first)
1324	CmdArgs.push_back(
1325	Elt: Args.MakeArgString(Str: "-fexperimental-sanitize-metadata=" + F.second));
1326	}
1327	addSpecialCaseListOpt(Args, CmdArgs,
1328	SCLOptFlag: "-fexperimental-sanitize-metadata-ignorelist=",
1329	SCLFiles: BinaryMetadataIgnorelistFiles);
1330	}
1331
1332	if (TC.getTriple().isOSWindows() && needsUbsanRt() &&
1333	Args.hasFlag(Pos: options::OPT_frtlib_defaultlib,
1334	Neg: options::OPT_fno_rtlib_defaultlib, Default: true)) {
1335	// Instruct the code generator to embed linker directives in the object file
1336	// that cause the required runtime libraries to be linked.
1337	CmdArgs.push_back(
1338	Elt: Args.MakeArgString(Str: "--dependent-lib=" +
1339	TC.getCompilerRTBasename(Args, Component: "ubsan_standalone")));
1340	if (types::isCXX(Id: InputType))
1341	CmdArgs.push_back(Elt: Args.MakeArgString(
1342	Str: "--dependent-lib=" +
1343	TC.getCompilerRTBasename(Args, Component: "ubsan_standalone_cxx")));
1344	}
1345	if (TC.getTriple().isOSWindows() && needsStatsRt() &&
1346	Args.hasFlag(Pos: options::OPT_frtlib_defaultlib,
1347	Neg: options::OPT_fno_rtlib_defaultlib, Default: true)) {
1348	CmdArgs.push_back(Elt: Args.MakeArgString(
1349	Str: "--dependent-lib=" + TC.getCompilerRTBasename(Args, Component: "stats_client")));
1350
1351	// The main executable must export the stats runtime.
1352	// FIXME: Only exporting from the main executable (e.g. based on whether the
1353	// translation unit defines main()) would save a little space, but having
1354	// multiple copies of the runtime shouldn't hurt.
1355	CmdArgs.push_back(Elt: Args.MakeArgString(
1356	Str: "--dependent-lib=" + TC.getCompilerRTBasename(Args, Component: "stats")));
1357	addIncludeLinkerOption(TC, Args, CmdArgs, SymbolName: "__sanitizer_stats_register");
1358	}
1359
1360	if (Sanitizers.empty())
1361	return;
1362	CmdArgs.push_back(Elt: Args.MakeArgString(Str: "-fsanitize=" + toString(Sanitizers)));
1363
1364	if (!RecoverableSanitizers.empty())
1365	CmdArgs.push_back(Elt: Args.MakeArgString(Str: "-fsanitize-recover=" +
1366	toString(Sanitizers: RecoverableSanitizers)));
1367
1368	if (!TrapSanitizers.empty())
1369	CmdArgs.push_back(
1370	Elt: Args.MakeArgString(Str: "-fsanitize-trap=" + toString(Sanitizers: TrapSanitizers)));
1371
1372	if (!MergeHandlers.empty())
1373	CmdArgs.push_back(
1374	Elt: Args.MakeArgString(Str: "-fsanitize-merge=" + toString(Sanitizers: MergeHandlers)));
1375
1376	std::string SkipHotCutoffsStr = toString(Cutoffs: SkipHotCutoffs);
1377	if (!SkipHotCutoffsStr.empty())
1378	CmdArgs.push_back(
1379	Elt: Args.MakeArgString(Str: "-fsanitize-skip-hot-cutoff=" + SkipHotCutoffsStr));
1380
1381	if (!AnnotateDebugInfo.empty())
1382	CmdArgs.push_back(Elt: Args.MakeArgString(Str: "-fsanitize-annotate-debug-info=" +
1383	toString(Sanitizers: AnnotateDebugInfo)));
1384
1385	addSpecialCaseListOpt(Args, CmdArgs,
1386	SCLOptFlag: "-fsanitize-ignorelist=", SCLFiles: UserIgnorelistFiles);
1387	addSpecialCaseListOpt(Args, CmdArgs,
1388	SCLOptFlag: "-fsanitize-system-ignorelist=", SCLFiles: SystemIgnorelistFiles);
1389
1390	if (OverflowPatternExclusions)
1391	Args.AddAllArgs(
1392	Output&: CmdArgs, Id0: options::OPT_fsanitize_undefined_ignore_overflow_pattern_EQ);
1393
1394	if (MsanTrackOrigins)
1395	CmdArgs.push_back(Elt: Args.MakeArgString(Str: "-fsanitize-memory-track-origins=" +
1396	Twine(MsanTrackOrigins)));
1397
1398	if (MsanUseAfterDtor)
1399	CmdArgs.push_back(Elt: "-fsanitize-memory-use-after-dtor");
1400
1401	if (!MsanParamRetval)
1402	CmdArgs.push_back(Elt: "-fno-sanitize-memory-param-retval");
1403
1404	// FIXME: Pass these parameters as function attributes, not as -llvm flags.
1405	if (!TsanMemoryAccess) {
1406	CmdArgs.push_back(Elt: "-mllvm");
1407	CmdArgs.push_back(Elt: "-tsan-instrument-memory-accesses=0");
1408	CmdArgs.push_back(Elt: "-mllvm");
1409	CmdArgs.push_back(Elt: "-tsan-instrument-memintrinsics=0");
1410	}
1411	if (!TsanFuncEntryExit) {
1412	CmdArgs.push_back(Elt: "-mllvm");
1413	CmdArgs.push_back(Elt: "-tsan-instrument-func-entry-exit=0");
1414	}
1415	if (!TsanAtomics) {
1416	CmdArgs.push_back(Elt: "-mllvm");
1417	CmdArgs.push_back(Elt: "-tsan-instrument-atomics=0");
1418	}
1419
1420	if (HwasanUseAliases) {
1421	CmdArgs.push_back(Elt: "-mllvm");
1422	CmdArgs.push_back(Elt: "-hwasan-experimental-use-page-aliases=1");
1423	}
1424
1425	if (CfiCrossDso)
1426	CmdArgs.push_back(Elt: "-fsanitize-cfi-cross-dso");
1427
1428	if (CfiICallGeneralizePointers)
1429	CmdArgs.push_back(Elt: "-fsanitize-cfi-icall-generalize-pointers");
1430
1431	if (CfiICallNormalizeIntegers)
1432	CmdArgs.push_back(Elt: "-fsanitize-cfi-icall-experimental-normalize-integers");
1433
1434	if (KcfiArity) {
1435	if (!TC.getTriple().isOSLinux() \|\| !TC.getTriple().isArch64Bit()) {
1436	TC.getDriver().Diag(DiagID: clang::diag::err_drv_kcfi_arity_unsupported_target)
1437	<< TC.getTriple().str();
1438	}
1439	CmdArgs.push_back(Elt: "-fsanitize-kcfi-arity");
1440	}
1441
1442	if (CfiCanonicalJumpTables)
1443	CmdArgs.push_back(Elt: "-fsanitize-cfi-canonical-jump-tables");
1444
1445	if (Stats)
1446	CmdArgs.push_back(Elt: "-fsanitize-stats");
1447
1448	if (MinimalRuntime)
1449	CmdArgs.push_back(Elt: "-fsanitize-minimal-runtime");
1450
1451	if (AsanFieldPadding)
1452	CmdArgs.push_back(Elt: Args.MakeArgString(Str: "-fsanitize-address-field-padding=" +
1453	Twine(AsanFieldPadding)));
1454
1455	if (AsanUseAfterScope)
1456	CmdArgs.push_back(Elt: "-fsanitize-address-use-after-scope");
1457
1458	if (AsanPoisonCustomArrayCookie)
1459	CmdArgs.push_back(Elt: "-fsanitize-address-poison-custom-array-cookie");
1460
1461	if (AsanGlobalsDeadStripping)
1462	CmdArgs.push_back(Elt: "-fsanitize-address-globals-dead-stripping");
1463
1464	if (!AsanUseOdrIndicator)
1465	CmdArgs.push_back(Elt: "-fno-sanitize-address-use-odr-indicator");
1466
1467	if (AsanInvalidPointerCmp) {
1468	CmdArgs.push_back(Elt: "-mllvm");
1469	CmdArgs.push_back(Elt: "-asan-detect-invalid-pointer-cmp");
1470	}
1471
1472	if (AsanInvalidPointerSub) {
1473	CmdArgs.push_back(Elt: "-mllvm");
1474	CmdArgs.push_back(Elt: "-asan-detect-invalid-pointer-sub");
1475	}
1476
1477	if (AsanOutlineInstrumentation) {
1478	CmdArgs.push_back(Elt: "-mllvm");
1479	CmdArgs.push_back(Elt: "-asan-instrumentation-with-call-threshold=0");
1480	}
1481
1482	// When emitting Stable ABI instrumentation, force outlining calls and avoid
1483	// inlining shadow memory poisoning. While this is a big performance burden
1484	// for now it allows full abstraction from implementation details.
1485	if (StableABI) {
1486	CmdArgs.push_back(Elt: "-mllvm");
1487	CmdArgs.push_back(Elt: "-asan-instrumentation-with-call-threshold=0");
1488	CmdArgs.push_back(Elt: "-mllvm");
1489	CmdArgs.push_back(Elt: "-asan-max-inline-poisoning-size=0");
1490	CmdArgs.push_back(Elt: "-mllvm");
1491	CmdArgs.push_back(Elt: "-asan-guard-against-version-mismatch=0");
1492	}
1493
1494	// Only pass the option to the frontend if the user requested,
1495	// otherwise the frontend will just use the codegen default.
1496	if (AsanDtorKind != llvm::AsanDtorKind::Invalid) {
1497	CmdArgs.push_back(Elt: Args.MakeArgString(Str: "-fsanitize-address-destructor=" +
1498	AsanDtorKindToString(kind: AsanDtorKind)));
1499	}
1500
1501	if (AsanUseAfterReturn != llvm::AsanDetectStackUseAfterReturnMode::Invalid) {
1502	CmdArgs.push_back(Elt: Args.MakeArgString(
1503	Str: "-fsanitize-address-use-after-return=" +
1504	AsanDetectStackUseAfterReturnModeToString(mode: AsanUseAfterReturn)));
1505	}
1506
1507	if (!HwasanAbi.empty()) {
1508	CmdArgs.push_back(Elt: "-default-function-attr");
1509	CmdArgs.push_back(Elt: Args.MakeArgString(Str: "hwasan-abi=" + HwasanAbi));
1510	}
1511
1512	if (Sanitizers.has(K: SanitizerKind::HWAddress) && !HwasanUseAliases) {
1513	CmdArgs.push_back(Elt: "-target-feature");
1514	CmdArgs.push_back(Elt: "+tagged-globals");
1515	}
1516
1517	// MSan: Workaround for PR16386.
1518	// ASan: This is mainly to help LSan with cases such as
1519	// https://github.com/google/sanitizers/issues/373
1520	// We can't make this conditional on -fsanitize=leak, as that flag shouldn't
1521	// affect compilation.
1522	if (Sanitizers.has(K: SanitizerKind::Memory) \|\|
1523	Sanitizers.has(K: SanitizerKind::Address))
1524	CmdArgs.push_back(Elt: "-fno-assume-sane-operator-new");
1525
1526	// libFuzzer wants to intercept calls to certain library functions, so the
1527	// following -fno-builtin- flags force the compiler to emit interposable*
1528	// libcalls to these functions. Other sanitizers effectively do the same thing
1529	// by marking all library call sites with NoBuiltin attribute in their LLVM
1530	// pass. (see llvm::maybeMarkSanitizerLibraryCallNoBuiltin)
1531	if (Sanitizers.has(K: SanitizerKind::FuzzerNoLink)) {
1532	CmdArgs.push_back(Elt: "-fno-builtin-bcmp");
1533	CmdArgs.push_back(Elt: "-fno-builtin-memcmp");
1534	CmdArgs.push_back(Elt: "-fno-builtin-strncmp");
1535	CmdArgs.push_back(Elt: "-fno-builtin-strcmp");
1536	CmdArgs.push_back(Elt: "-fno-builtin-strncasecmp");
1537	CmdArgs.push_back(Elt: "-fno-builtin-strcasecmp");
1538	CmdArgs.push_back(Elt: "-fno-builtin-strstr");
1539	CmdArgs.push_back(Elt: "-fno-builtin-strcasestr");
1540	CmdArgs.push_back(Elt: "-fno-builtin-memmem");
1541	}
1542
1543	// Require -fvisibility= flag on non-Windows when compiling if vptr CFI is
1544	// enabled.
1545	if (Sanitizers.hasOneOf(K: CFIClasses) && !TC.getTriple().isOSWindows() &&
1546	!Args.hasArg(Ids: options::OPT_fvisibility_EQ)) {
1547	TC.getDriver().Diag(DiagID: clang::diag::err_drv_argument_only_allowed_with)
1548	<< lastArgumentForMask(D: TC.getDriver(), Args,
1549	Mask: Sanitizers.Mask & CFIClasses)
1550	<< "-fvisibility=";
1551	}
1552
1553	if (Sanitizers.has(K: SanitizerKind::MemtagStack) &&
1554	!hasTargetFeatureMTE(CmdArgs))
1555	TC.getDriver().Diag(DiagID: diag::err_stack_tagging_requires_hardware_feature);
1556	}
1557
1558	SanitizerMask parseArgValues(const Driver &D, const llvm::opt::Arg *A,
1559	bool DiagnoseErrors) {
1560	assert(
1561	(A->getOption().matches(options::OPT_fsanitize_EQ) \|\|
1562	A->getOption().matches(options::OPT_fno_sanitize_EQ) \|\|
1563	A->getOption().matches(options::OPT_fsanitize_recover_EQ) \|\|
1564	A->getOption().matches(options::OPT_fno_sanitize_recover_EQ) \|\|
1565	A->getOption().matches(options::OPT_fsanitize_trap_EQ) \|\|
1566	A->getOption().matches(options::OPT_fno_sanitize_trap_EQ) \|\|
1567	A->getOption().matches(options::OPT_fsanitize_merge_handlers_EQ) \|\|
1568	A->getOption().matches(options::OPT_fno_sanitize_merge_handlers_EQ) \|\|
1569	A->getOption().matches(options::OPT_fsanitize_annotate_debug_info_EQ) \|\|
1570	A->getOption().matches(
1571	options::OPT_fno_sanitize_annotate_debug_info_EQ)) &&
1572	"Invalid argument in parseArgValues!");
1573	SanitizerMask Kinds;
1574	for (int i = `0`, n = A->getNumValues(); i != n; ++i) {
1575	const char *Value = A->getValue(N: i);
1576	SanitizerMask Kind;
1577	// Special case: don't accept -fsanitize=all.
1578	if (A->getOption().matches(ID: options::OPT_fsanitize_EQ) &&
1579	`0` == strcmp(s1: "all", s2: Value))
1580	Kind = SanitizerMask ();
1581	else
1582	Kind = parseSanitizerValue(Value, /AllowGroups=/true);
1583
1584	if (Kind)
1585	Kinds \|= Kind;
1586	else if (DiagnoseErrors)
1587	D.Diag(DiagID: clang::diag::err_drv_unsupported_option_argument)
1588	<< A->getSpelling() << Value;
1589	}
1590	return Kinds;
1591	}
1592
1593	void parseArgCutoffs(const Driver &D, const llvm::opt::Arg *A,
1594	bool DiagnoseErrors, SanitizerMaskCutoffs &Cutoffs) {
1595	assert(A->getOption().matches(options::OPT_fsanitize_skip_hot_cutoff_EQ) &&
1596	"Invalid argument in parseArgCutoffs!");
1597	for (int i = `0`, n = A->getNumValues(); i != n; ++i) {
1598	const char *Value = A->getValue(N: i);
1599
1600	// We don't check the value of Cutoffs[i]: it's legal to specify
1601	// a cutoff of 0.
1602	if (!parseSanitizerWeightedValue(Value, /AllowGroups=/true, Cutoffs) &&
1603	DiagnoseErrors)
1604	D.Diag(DiagID: clang::diag::err_drv_unsupported_option_argument)
1605	<< A->getSpelling() << Value;
1606	}
1607	}
1608
1609	static int parseOverflowPatternExclusionValues(const Driver &D,
1610	const llvm::opt::Arg *A,
1611	bool DiagnoseErrors) {
1612	int Exclusions = `0`;
1613	for (int i = `0`, n = A->getNumValues(); i != n; ++i) {
1614	const char *Value = A->getValue(N: i);
1615	int E =
1616	llvm::StringSwitch<int>(Value)
1617	.Case(S: "none", Value: LangOptionsBase::None)
1618	.Case(S: "all", Value: LangOptionsBase::All)
1619	.Case(S: "add-unsigned-overflow-test",
1620	Value: LangOptionsBase::AddUnsignedOverflowTest)
1621	.Case(S: "add-signed-overflow-test",
1622	Value: LangOptionsBase::AddSignedOverflowTest)
1623	.Case(S: "negated-unsigned-const", Value: LangOptionsBase::NegUnsignedConst)
1624	.Case(S: "unsigned-post-decr-while", Value: LangOptionsBase::PostDecrInWhile)
1625	.Default(Value: `0`);
1626	if (E == `0`)
1627	D.Diag(DiagID: clang::diag::err_drv_unsupported_option_argument)
1628	<< A->getSpelling() << Value;
1629	Exclusions \|= E;
1630	}
1631	return Exclusions;
1632	}
1633
1634	int parseCoverageFeatures(const Driver &D, const llvm::opt::Arg *A,
1635	bool DiagnoseErrors) {
1636	assert(A->getOption().matches(options::OPT_fsanitize_coverage) \|\|
1637	A->getOption().matches(options::OPT_fno_sanitize_coverage));
1638	int Features = `0`;
1639	for (int i = `0`, n = A->getNumValues(); i != n; ++i) {
1640	const char *Value = A->getValue(N: i);
1641	int F = llvm::StringSwitch<int>(Value)
1642	.Case(S: "func", Value: CoverageFunc)
1643	.Case(S: "bb", Value: CoverageBB)
1644	.Case(S: "edge", Value: CoverageEdge)
1645	.Case(S: "indirect-calls", Value: CoverageIndirCall)
1646	.Case(S: "trace-bb", Value: CoverageTraceBB)
1647	.Case(S: "trace-cmp", Value: CoverageTraceCmp)
1648	.Case(S: "trace-div", Value: CoverageTraceDiv)
1649	.Case(S: "trace-gep", Value: CoverageTraceGep)
1650	.Case(S: "8bit-counters", Value: Coverage8bitCounters)
1651	.Case(S: "trace-pc", Value: CoverageTracePC)
1652	.Case(S: "trace-pc-guard", Value: CoverageTracePCGuard)
1653	.Case(S: "no-prune", Value: CoverageNoPrune)
1654	.Case(S: "inline-8bit-counters", Value: CoverageInline8bitCounters)
1655	.Case(S: "inline-bool-flag", Value: CoverageInlineBoolFlag)
1656	.Case(S: "pc-table", Value: CoveragePCTable)
1657	.Case(S: "stack-depth", Value: CoverageStackDepth)
1658	.Case(S: "trace-loads", Value: CoverageTraceLoads)
1659	.Case(S: "trace-stores", Value: CoverageTraceStores)
1660	.Case(S: "control-flow", Value: CoverageControlFlow)
1661	.Default(Value: `0`);
1662	if (F == `0` && DiagnoseErrors)
1663	D.Diag(DiagID: clang::diag::err_drv_unsupported_option_argument)
1664	<< A->getSpelling() << Value;
1665	Features \|= F;
1666	}
1667	return Features;
1668	}
1669
1670	int parseBinaryMetadataFeatures(const Driver &D, const llvm::opt::Arg *A,
1671	bool DiagnoseErrors) {
1672	assert(
1673	A->getOption().matches(options::OPT_fexperimental_sanitize_metadata_EQ) \|\|
1674	A->getOption().matches(
1675	options::OPT_fno_experimental_sanitize_metadata_EQ));
1676	int Features = `0`;
1677	for (int i = `0`, n = A->getNumValues(); i != n; ++i) {
1678	const char *Value = A->getValue(N: i);
1679	int F = llvm::StringSwitch<int>(Value)
1680	.Case(S: "covered", Value: BinaryMetadataCovered)
1681	.Case(S: "atomics", Value: BinaryMetadataAtomics)
1682	.Case(S: "uar", Value: BinaryMetadataUAR)
1683	.Case(S: "all", Value: ~`0`)
1684	.Default(Value: `0`);
1685	if (F == `0` && DiagnoseErrors)
1686	D.Diag(DiagID: clang::diag::err_drv_unsupported_option_argument)
1687	<< A->getSpelling() << Value;
1688	Features \|= F;
1689	}
1690	return Features;
1691	}
1692
1693	std::string lastArgumentForMask(const Driver &D, const llvm::opt::ArgList &Args,
1694	SanitizerMask Mask) {
1695	for (llvm::opt::ArgList::const_reverse_iterator I = Args.rbegin(),
1696	E = Args.rend();
1697	I != E; ++I) {
1698	const auto Arg = I;
1699	if (Arg->getOption().matches(ID: options::OPT_fsanitize_EQ)) {
1700	SanitizerMask AddKinds =
1701	expandSanitizerGroups(Kinds: parseArgValues(D, A: Arg, DiagnoseErrors: false));
1702	if (AddKinds & Mask)
1703	return describeSanitizeArg(A: Arg, Mask);
1704	} else if (Arg->getOption().matches(ID: options::OPT_fno_sanitize_EQ)) {
1705	SanitizerMask RemoveKinds =
1706	expandSanitizerGroups(Kinds: parseArgValues(D, A: Arg, DiagnoseErrors: false));
1707	Mask &= ~RemoveKinds;
1708	}
1709	}
1710	llvm_unreachable("arg list didn't provide expected value");
1711	}
1712
1713	std::string describeSanitizeArg(const llvm::opt::Arg *A, SanitizerMask Mask) {
1714	assert(A->getOption().matches(options::OPT_fsanitize_EQ) &&
1715	"Invalid argument in describeSanitizerArg!");
1716
1717	std::string Sanitizers;
1718	for (int i = `0`, n = A->getNumValues(); i != n; ++i) {
1719	if (expandSanitizerGroups(
1720	Kinds: parseSanitizerValue(Value: A->getValue(N: i), /AllowGroups=/true)) &
1721	Mask) {
1722	if (!Sanitizers.empty())
1723	Sanitizers += ",";
1724	Sanitizers += A->getValue(N: i);
1725	}
1726	}
1727
1728	assert(!Sanitizers.empty() && "arg didn't provide expected value");
1729	return "-fsanitize=" + Sanitizers;
1730	}
1731

Browse the source code of llvm_projects/clang/lib/Driver/SanitizerArgs.cpp