[clang] [sanitizer] Allow use-after-scope front-end argument to take effect with -fsanitize=kernel-address (PR #137015)

via cfe-commits cfe-commits at lists.llvm.org
Thu Apr 24 09:17:09 PDT 2025 

https://github.com/dgg5503 updated https://github.com/llvm/llvm-project/pull/137015

>From f448a60a4e7d158707de8f4e692547cd771fd506 Mon Sep 17 00:00:00 2001
From: Douglas Gliner <Douglas.Gliner at sony.com>
Date: Tue, 22 Apr 2025 16:22:59 -0700
Subject: [PATCH 1/2] Allow use-after-scope front-end argument to take effect
 with -fsanitize=kernel-address

Lifetime intrinsics required for detection of use-after-scope are not emitted
under kernel-address sanitizer (`-fsanitize=kernel-address`) when paired with
`-O0` & `-fsanitize-address-use-after-scope`.

This is because with `-fsanitize=kernel-address -O0` under
`shouldEmitLifetimeMarkers` in `clang\lib\CodeGen\CodeGenFunction.cpp`,
`CGOpts.SanitizeAddressUseAfterScope` is set to `false`. Therefore, the
following check, `CGOpts.OptimizationLevel != 0`, is run which evaluates to
`false` thus preventing the emission of lifetime markers.

The reason `CGOpts.SanitizeAddressUseAfterScope` is false stems from the fact
that this variable is normally set via the frontend flag
`-fsanitize-address-use-after-scope`, however, this flag only takes effect
under normal address sanitizer due to the gated logic in
`clang\lib\Driver\SanitizerArgs.cpp`, specifically,
`if (AllAddedKinds & SanitizerKind::Address)`. This check excludes
`SanitizerKind::KernelAddress` from consideration, so even if
`-fsanitize-address-use-after-scope` is supplied as a front-end argument, it
won't be passed to `cc1` thus preventing `use-after-scope` checks from
being emitted under `-fsanitize-kernel-address -O0`. Higher optimization levels
will allow emission of lifetime markers regardless thanks to the logic in
`shouldEmitLifetimeMarkers`.

This PR allows `-fsanitize-address-use-after-scope` to take effect under
kernel-address sanitizer.
---
 clang/lib/Driver/SanitizerArgs.cpp           | 8 +++++++-
 clang/test/CodeGen/lifetime-sanitizer.c      | 3 +++
 clang/test/CodeGenCXX/lifetime-sanitizer.cpp | 3 +++
 3 files changed, 13 insertions(+), 1 deletion(-)

diff --git a/clang/lib/Driver/SanitizerArgs.cpp b/clang/lib/Driver/SanitizerArgs.cpp
index f27cb813012f2..b428ded90a72e 100644
--- a/clang/lib/Driver/SanitizerArgs.cpp
+++ b/clang/lib/Driver/SanitizerArgs.cpp
@@ -1099,7 +1099,13 @@ SanitizerArgs::SanitizerArgs(const ToolChain &TC,
     }
 
   } else {
-    AsanUseAfterScope = false;
+    if (AllAddedKinds & SanitizerKind::KernelAddress) {
+      AsanUseAfterScope = Args.hasFlag(
+          options::OPT_fsanitize_address_use_after_scope,
+          options::OPT_fno_sanitize_address_use_after_scope, AsanUseAfterScope);
+    } else {
+      AsanUseAfterScope = false;
+    }
     // -fsanitize=pointer-compare/pointer-subtract requires -fsanitize=address.
     SanitizerMask DetectInvalidPointerPairs =
         SanitizerKind::PointerCompare | SanitizerKind::PointerSubtract;
diff --git a/clang/test/CodeGen/lifetime-sanitizer.c b/clang/test/CodeGen/lifetime-sanitizer.c
index b15d692b79e36..68879fda1e1a5 100644
--- a/clang/test/CodeGen/lifetime-sanitizer.c
+++ b/clang/test/CodeGen/lifetime-sanitizer.c
@@ -4,6 +4,9 @@
 // RUN:     -fsanitize=address -fsanitize-address-use-after-scope \
 // RUN:     -Xclang -disable-llvm-passes %s | FileCheck %s -check-prefix=LIFETIME
 // RUN: %clang -target x86_64-linux-gnu -S -emit-llvm -o - -O0 \
+// RUN:     -fsanitize=kernel-address -fsanitize-address-use-after-scope \
+// RUN:     -Xclang -disable-llvm-passes %s | FileCheck %s -check-prefix=LIFETIME
+// RUN: %clang -target x86_64-linux-gnu -S -emit-llvm -o - -O0 \
 // RUN:     -fsanitize=memory -Xclang -disable-llvm-passes %s | \
 // RUN:     FileCheck %s -check-prefix=LIFETIME
 // RUN: %clang -target aarch64-linux-gnu -S -emit-llvm -o - -O0 \
diff --git a/clang/test/CodeGenCXX/lifetime-sanitizer.cpp b/clang/test/CodeGenCXX/lifetime-sanitizer.cpp
index 33a8566092519..225d5e28921b8 100644
--- a/clang/test/CodeGenCXX/lifetime-sanitizer.cpp
+++ b/clang/test/CodeGenCXX/lifetime-sanitizer.cpp
@@ -5,6 +5,9 @@
 // RUN:     -fsanitize=address -fsanitize-address-use-after-scope \
 // RUN:     -Xclang -disable-llvm-passes %s | FileCheck %s -check-prefixes=CHECK,LIFETIME
 // RUN: %clang -w -target x86_64-linux-gnu -S -emit-llvm -o - -fno-exceptions -O0 \
+// RUN:     -fsanitize=kernel-address -fsanitize-address-use-after-scope \
+// RUN:     -Xclang -disable-llvm-passes %s | FileCheck %s -check-prefixes=CHECK,LIFETIME
+// RUN: %clang -w -target x86_64-linux-gnu -S -emit-llvm -o - -fno-exceptions -O0 \
 // RUN:     -fsanitize=memory -Xclang -disable-llvm-passes %s | \
 // RUN:     FileCheck %s -check-prefixes=CHECK,LIFETIME
 // RUN: %clang -w -target aarch64-linux-gnu -S -emit-llvm -o - -fno-exceptions -O0 \

>From 0334b67848eacf5f42a5e3a6a86e33cde4d1e21c Mon Sep 17 00:00:00 2001
From: Douglas Gliner <Douglas.Gliner at sony.com>
Date: Thu, 24 Apr 2025 09:07:08 -0700
Subject: [PATCH 2/2] tweak logic

---
 clang/lib/Driver/SanitizerArgs.cpp | 20 +++++++++-----------
 1 file changed, 9 insertions(+), 11 deletions(-)

diff --git a/clang/lib/Driver/SanitizerArgs.cpp b/clang/lib/Driver/SanitizerArgs.cpp
index b428ded90a72e..1d9213cd7e543 100644
--- a/clang/lib/Driver/SanitizerArgs.cpp
+++ b/clang/lib/Driver/SanitizerArgs.cpp
@@ -1034,10 +1034,6 @@ SanitizerArgs::SanitizerArgs(const ToolChain &TC,
     StableABI = Args.hasFlag(options::OPT_fsanitize_stable_abi,
                              options::OPT_fno_sanitize_stable_abi, false);
 
-    AsanUseAfterScope = Args.hasFlag(
-        options::OPT_fsanitize_address_use_after_scope,
-        options::OPT_fno_sanitize_address_use_after_scope, AsanUseAfterScope);
-
     AsanPoisonCustomArrayCookie = Args.hasFlag(
         options::OPT_fsanitize_address_poison_custom_array_cookie,
         options::OPT_fno_sanitize_address_poison_custom_array_cookie,
@@ -1099,13 +1095,6 @@ SanitizerArgs::SanitizerArgs(const ToolChain &TC,
     }
 
   } else {
-    if (AllAddedKinds & SanitizerKind::KernelAddress) {
-      AsanUseAfterScope = Args.hasFlag(
-          options::OPT_fsanitize_address_use_after_scope,
-          options::OPT_fno_sanitize_address_use_after_scope, AsanUseAfterScope);
-    } else {
-      AsanUseAfterScope = false;
-    }
     // -fsanitize=pointer-compare/pointer-subtract requires -fsanitize=address.
     SanitizerMask DetectInvalidPointerPairs =
         SanitizerKind::PointerCompare | SanitizerKind::PointerSubtract;
@@ -1119,6 +1108,15 @@ SanitizerArgs::SanitizerArgs(const ToolChain &TC,
     }
   }
 
+  if (AllAddedKinds &
+      (SanitizerKind::Address | SanitizerKind::KernelAddress)) {
+    AsanUseAfterScope = Args.hasFlag(
+        options::OPT_fsanitize_address_use_after_scope,
+        options::OPT_fno_sanitize_address_use_after_scope, AsanUseAfterScope);
+  } else {
+    AsanUseAfterScope = false;
+  }
+
   if (AllAddedKinds & SanitizerKind::HWAddress) {
     if (Arg *HwasanAbiArg =
             Args.getLastArg(options::OPT_fsanitize_hwaddress_abi_EQ)) {

More information about the cfe-commits mailing list