[CFI] Force LLVM to die if the implicit blacklist files cannot be found.

Currently LLVM CFI tries to use an implicit blacklist file, currently in /usr/lib64/clang/<version>/share. If the file is not there, LLVM happily continues, which causes CFI to add checks to files/functions that are known to fail, generating binaries that fail. This CL causes LLVM to die (I hope) if it can't find these implicit blacklist files. Patch by Caroline Tice! Differential Revision: https://reviews.llvm.org/D46403 llvm-svn: 331674
2024-12-04 20:20:54 +00:00 · 2018-05-07 20:54:05 +00:00 · 2018-05-07 20:54:05 +00:00 · 374599cf23
commit 374599cf23
parent 7130a93934
4 changed files with 9 additions and 1 deletions
--- a/clang/lib/Driver/SanitizerArgs.cpp
+++ b/clang/lib/Driver/SanitizerArgs.cpp
@ -115,6 +115,10 @@ static void addDefaultBlacklists(const Driver &D, SanitizerMask Kinds,
    llvm::sys::path::append(Path, "share", BL.File);
    if (llvm::sys::fs::exists(Path))
      BlacklistFiles.push_back(Path.str());
+    else if (BL.Mask == CFI)
+      // If cfi_blacklist.txt cannot be found in the resource dir, driver
+      // should fail.
+      D.Diag(clang::diag::err_drv_no_such_file) << Path;
  }
 }

--- a/clang/test/Driver/Inputs/resource_dir_with_cfi_blacklist/share/cfi_blacklist.txt
+++ b/clang/test/Driver/Inputs/resource_dir_with_cfi_blacklist/share/cfi_blacklist.txt
--- a/clang/test/Driver/fsanitize-blacklist.c
+++ b/clang/test/Driver/fsanitize-blacklist.c
@ -62,4 +62,8 @@
 // CHECK-ONLY-FIRST-DISABLED: -fsanitize-blacklist={{.*}}.second
 // CHECK-ONLY_FIRST-DISABLED-NOT: good

+// If cfi_blacklist.txt cannot be found in the resource dir, driver should fail.
+// RUN: %clang -target x86_64-linux-gnu -fsanitize=cfi -resource-dir=/dev/null %s -### 2>&1 | FileCheck %s --check-prefix=CHECK-MISSING-CFI-BLACKLIST
+// CHECK-MISSING-CFI-BLACKLIST: error: no such file or directory: '{{.*}}/share/cfi_blacklist.txt'
+
 // DELIMITERS: {{^ *"}}
--- a/clang/test/Frontend/dependency-gen.c
+++ b/clang/test/Frontend/dependency-gen.c
@ -21,7 +21,7 @@
 // RUN: %clang -MD -MF - %s -fsyntax-only -I ./ | FileCheck -check-prefix=CHECK-SIX %s
 // CHECK-SIX: {{ }}x.h
 // RUN: echo "fun:foo" > %t.blacklist
-// RUN: %clang -MD -MF - %s -fsyntax-only -fsanitize=cfi-vcall -flto -fvisibility=hidden -fsanitize-blacklist=%t.blacklist -I ./ | FileCheck -check-prefix=CHECK-SEVEN %s
+// RUN: %clang -MD -MF - %s -fsyntax-only -resource-dir=%S/../Driver/Inputs/resource_dir_with_cfi_blacklist -fsanitize=cfi-vcall -flto -fvisibility=hidden -fsanitize-blacklist=%t.blacklist -I ./ | FileCheck -check-prefix=CHECK-SEVEN %s
 // CHECK-SEVEN: .blacklist
 // CHECK-SEVEN: {{ }}x.h
 #ifndef INCLUDE_FLAG_TEST