Google Git
Sign in
llvm / llvm-project / a4ba780510518150cc11b330bbd2beb447e1f50e
commita4ba780510518150cc11b330bbd2beb447e1f50e[log] [tgz]
authorLouis Dionne <ldionne.2@gmail.com>Fri Oct 29 12:36:57 2021 -0400
committerLouis Dionne <ldionne.2@gmail.com>Tue Nov 09 13:17:45 2021 -0500
tree8a5547a947b7afa2a773b4087f848d7939c94c16
parent56f7da6e0d29139d7684b2dc08901fefb64e4fa1 [diff]
[libc++] Enable -Wformat-nonliteral when building libc++

Using user-provided data as a format string is a well known source of
security vulnerabilities. For this reason, it is a good idea to compile
our code with -Wformat-nonliteral, which basically warns if a non-constant
string is used as a format specifier. This is the compiler’s best signal
that a format string call may be insecure.

I audited the code after adding the warning and made sure that the few
places where we used a non-literal string as a format string were not
potential security issues. I either disabled the warning locally for
those instances or fixed the warning by using a literal. The idea is
that after we add the warning to the build, any new use of a non-literal
string in a format string will trigger a diagnostic, and we can either
get rid of it or disable the warning locally, which is a way of
acknowledging that it has been audited.

I also looked into enabling it in the test suite, which would perhaps
allow finding additional instances of it in our headers, however that
is not possible at the moment because Clang doesn't support putting
__attribute__((__format__(...))) on variadic templates, which would
be needed.

rdar://84571685

Differential Revision: https://reviews.llvm.org/D112927
2 files changed
tree: 8a5547a947b7afa2a773b4087f848d7939c94c16
  1. .github/
  2. clang/
  3. clang-tools-extra/
  4. cmake/
  5. compiler-rt/
  6. cross-project-tests/
  7. flang/
  8. libc/
  9. libclc/
  10. libcxx/
  11. libcxxabi/
  12. libunwind/
  13. lld/
  14. lldb/
  15. llvm/
  16. mlir/
  17. openmp/
  18. polly/
  19. pstl/
  20. runtimes/
  21. utils/
  22. .arcconfig
  23. .arclint
  24. .clang-format
  25. .clang-tidy
  26. .git-blame-ignore-revs
  27. .gitignore
  28. .mailmap
  29. CONTRIBUTING.md
  30. README.md
  31. SECURITY.md
README.md

The LLVM Compiler Infrastructure

This directory and its sub-directories contain source code for LLVM, a toolkit for the construction of highly optimized compilers, optimizers, and run-time environments.

The README briefly describes how to get started with building LLVM. For more information on how to contribute to the LLVM project, please take a look at the Contributing to LLVM guide.

Getting Started with the LLVM System

Taken from https://llvm.org/docs/GettingStarted.html.

Overview

Welcome to the LLVM project!

The LLVM project has multiple components. The core of the project is itself called “LLVM”. This contains all of the tools, libraries, and header files needed to process intermediate representations and convert them into object files. Tools include an assembler, disassembler, bitcode analyzer, and bitcode optimizer. It also contains basic regression tests.

C-like languages use the Clang front end. This component compiles C, C++, Objective-C, and Objective-C++ code into LLVM bitcode -- and from there into object files, using LLVM.

Other components include: the libc++ C++ standard library, the LLD linker, and more.

Getting the Source Code and Building LLVM

The LLVM Getting Started documentation may be out of date. The Clang Getting Started page might have more accurate information.

This is an example work-flow and configuration to get and build the LLVM source:

  1. Checkout LLVM (including related sub-projects like Clang):

    • git clone https://github.com/llvm/llvm-project.git

    • Or, on windows, git clone --config core.autocrlf=false https://github.com/llvm/llvm-project.git

  2. Configure and build LLVM and Clang:

    • cd llvm-project

    • cmake -S llvm -B build -G <generator> [options]

      Some common build system generators are:

      • Ninja --- for generating Ninja build files. Most llvm developers use Ninja.
      • Unix Makefiles --- for generating make-compatible parallel makefiles.
      • Visual Studio --- for generating Visual Studio projects and solutions.
      • Xcode --- for generating Xcode projects.

      Some common options:

      • -DLLVM_ENABLE_PROJECTS='...' --- semicolon-separated list of the LLVM sub-projects you'd like to additionally build. Can include any of: clang, clang-tools-extra, compiler-rt,cross-project-tests, flang, libc, libclc, libcxx, libcxxabi, libunwind, lld, lldb, mlir, openmp, polly, or pstl.

        For example, to build LLVM, Clang, libcxx, and libcxxabi, use -DLLVM_ENABLE_PROJECTS="clang;libcxx;libcxxabi".

      • -DCMAKE_INSTALL_PREFIX=directory --- Specify for directory the full path name of where you want the LLVM tools and libraries to be installed (default /usr/local).

      • -DCMAKE_BUILD_TYPE=type --- Valid options for type are Debug, Release, RelWithDebInfo, and MinSizeRel. Default is Debug.

      • -DLLVM_ENABLE_ASSERTIONS=On --- Compile with assertion checks enabled (default is Yes for Debug builds, No for all other build types).

    • cmake --build build [-- [options] <target>] or your build system specified above directly.

      • The default target (i.e. ninja or make) will build all of LLVM.

      • The check-all target (i.e. ninja check-all) will run the regression tests to ensure everything is in working order.

      • CMake will generate targets for each tool and library, and most LLVM sub-projects generate their own check-<project> target.

      • Running a serial build will be slow. To improve speed, try running a parallel build. That's done by default in Ninja; for make, use the option -j NNN, where NNN is the number of parallel jobs, e.g. the number of CPUs you have.

    • For more information see CMake

Consult the Getting Started with LLVM page for detailed information on configuring and compiling LLVM. You can visit Directory Layout to learn about the layout of the source code tree.