Skip to content

Commit

Permalink
Add -fsanitize-address-use-after-return (#4334)
Browse files Browse the repository at this point in the history
  • Loading branch information
@JohanEngelen
JohanEngelen authored Feb 27, 2023
1 parent 8ed521d commit 981c58e
Show file tree
Hide file tree
Showing 4 changed files with 36 additions and 3 deletions.
29 changes: 29 additions & 0 deletions driver/cl_options_sanitizers.cpp
View file
Original file line number Diff line number Diff line change
Expand Up @@ -25,6 +25,16 @@
#include "llvm/Support/VirtualFileSystem.h"
#endif

#if LDC_LLVM_VER >= 1400
#include "llvm/Transforms/Instrumentation/AddressSanitizerOptions.h"
#else
namespace llvm {
// Declaring this simplifies code later, but the option is never used with LLVM
// <= 13.
enum class AsanDetectStackUseAfterReturnMode { Never, Runtime, Always };
}
#endif

namespace {

using namespace opts;
Expand Down Expand Up @@ -121,6 +131,25 @@ void parseFSanitizeCoverageCmdlineParameter(llvm::SanitizerCoverageOptions &opts

namespace opts {

cl::opt<llvm::AsanDetectStackUseAfterReturnMode> fSanitizeAddressUseAfterReturn(
"fsanitize-address-use-after-return", cl::ZeroOrMore,
cl::desc("Select the mode of detecting stack use-after-return (UAR) in "
"AddressSanitizer: never | runtime (default) | always"),
cl::init(llvm::AsanDetectStackUseAfterReturnMode::Runtime),
cl::values(
clEnumValN(
llvm::AsanDetectStackUseAfterReturnMode::Never, "never",
"Completely disables detection of UAR errors (reduces code size)."),
clEnumValN(llvm::AsanDetectStackUseAfterReturnMode::Runtime, "runtime",
"Adds the code for detection, but it can be disabled via the "
"runtime environment "
"(ASAN_OPTIONS=detect_stack_use_after_return=0). Requires "
"druntime support."),
clEnumValN(
llvm::AsanDetectStackUseAfterReturnMode::Always, "always",
"Enables detection of UAR errors in all cases. (reduces code size, "
"but not as much as never). Requires druntime support.")));

SanitizerBits enabledSanitizers = 0;

// Parse sanitizer name passed on commandline and return the corresponding
Expand Down
3 changes: 3 additions & 0 deletions driver/cl_options_sanitizers.h
View file
Original file line number Diff line number Diff line change
Expand Up @@ -20,6 +20,7 @@ class FuncDeclaration;
namespace llvm {
class raw_ostream;
class StringRef;
enum class AsanDetectStackUseAfterReturnMode;
}

namespace opts {
Expand All @@ -37,6 +38,8 @@ enum SanitizerCheck : SanitizerBits {
};
extern SanitizerBits enabledSanitizers;

extern cl::opt<llvm::AsanDetectStackUseAfterReturnMode> fSanitizeAddressUseAfterReturn;

inline bool isAnySanitizerEnabled() { return enabledSanitizers; }
inline bool isSanitizerEnabled(SanitizerBits san) {
return enabledSanitizers & san;
Expand Down
2 changes: 1 addition & 1 deletion gen/optimizer.cpp
View file
Original file line number Diff line number Diff line change
Expand Up @@ -454,7 +454,7 @@ static void addAddressSanitizerPasses(ModulePassManager &mpm,
aso.CompileKernel = false;
aso.Recover = false;
aso.UseAfterScope = true;
aso.UseAfterReturn = AsanDetectStackUseAfterReturnMode::Runtime;
aso.UseAfterReturn = opts::fSanitizeAddressUseAfterReturn;

#if LDC_LLVM_VER >= 1600
mpm.addPass(AddressSanitizerPass(aso));
Expand Down
5 changes: 3 additions & 2 deletions tests/sanitizers/fuzz_asan.d
View file
Original file line number Diff line number Diff line change
Expand Up @@ -3,7 +3,8 @@
// REQUIRES: Fuzzer, ASan

// See https://github.com/ldc-developers/ldc/issues/2222 for %disable_fp_elim
// RUN: %ldc -g -fsanitize=address,fuzzer %disable_fp_elim %s -of=%t%exe
// See https://github.com/ldc-developers/ldc/pull/4328 for -fsanitize-address-use-after-return=never
// RUN: %ldc -g -fsanitize=address,fuzzer -fsanitize-address-use-after-return=never %disable_fp_elim %s -of=%t%exe
// RUN: not %t%exe 2>&1 | FileCheck %s

bool FuzzMe(ubyte* data, size_t dataSize)
Expand All @@ -12,7 +13,7 @@ bool FuzzMe(ubyte* data, size_t dataSize)
data[0] == 'F' &&
data[1] == 'U' &&
data[2] == 'Z' &&
// CHECK: ERROR: AddressSanitizer: {{stack-buffer-overflow|stack-use-after-return}}
// CHECK: ERROR: AddressSanitizer: stack-buffer-overflow
// CHECK-NEXT: READ of size 1
// CHECK-NEXT: #0 {{.*}} in {{.*fuzz_asan6FuzzMe.*}} {{.*}}fuzz_asan.d:
// FIXME, debug line info is wrong (Github issue #2090). Once fixed, add [[@LINE+1]]
Expand Down

0 comments on commit 981c58e

Please sign in to comment.