[compiler-rt] r352003 - [Sanitizers] UBSan unreachable incompatible with ASan in the presence of `noreturn` calls
Julian Lettner via llvm-commits
llvm-commits at lists.llvm.org
Wed Jan 23 17:06:19 PST 2019
Author: yln
Date: Wed Jan 23 17:06:19 2019
New Revision: 352003
URL: http://llvm.org/viewvc/llvm-project?rev=352003&view=rev
Log:
[Sanitizers] UBSan unreachable incompatible with ASan in the presence of `noreturn` calls
Summary:
UBSan wants to detect when unreachable code is actually reached, so it
adds instrumentation before every `unreachable` instruction. However,
the optimizer will remove code after calls to functions marked with
`noreturn`. To avoid this UBSan removes `noreturn` from both the call
instruction as well as from the function itself. Unfortunately, ASan
relies on this annotation to unpoison the stack by inserting calls to
`_asan_handle_no_return` before `noreturn` functions. This is important
for functions that do not return but access the the stack memory, e.g.,
unwinder functions *like* `longjmp` (`longjmp` itself is actually
"double-proofed" via its interceptor). The result is that when ASan and
UBSan are combined, the `noreturn` attributes are missing and ASan
cannot unpoison the stack, so it has false positives when stack
unwinding is used.
Changes:
# UBSan now adds the `expect_noreturn` attribute whenever it removes
the `noreturn` attribute from a function
# ASan additionally checks for the presence of this attribute
Generated code:
```
call void @__asan_handle_no_return // Additionally inserted to avoid false positives
call void @longjmp
call void @__asan_handle_no_return
call void @__ubsan_handle_builtin_unreachable
unreachable
```
The second call to `__asan_handle_no_return` is redundant. This will be
cleaned up in a follow-up patch.
rdar://problem/40723397
Reviewers: delcypher, eugenis
Tags: #sanitizers
Differential Revision: https://reviews.llvm.org/D56624
Added:
compiler-rt/trunk/test/ubsan/TestCases/Misc/unreachable_asan-compatibility.c
Added: compiler-rt/trunk/test/ubsan/TestCases/Misc/unreachable_asan-compatibility.c
URL: http://llvm.org/viewvc/llvm-project/compiler-rt/trunk/test/ubsan/TestCases/Misc/unreachable_asan-compatibility.c?rev=352003&view=auto
==============================================================================
--- compiler-rt/trunk/test/ubsan/TestCases/Misc/unreachable_asan-compatibility.c (added)
+++ compiler-rt/trunk/test/ubsan/TestCases/Misc/unreachable_asan-compatibility.c Wed Jan 23 17:06:19 2019
@@ -0,0 +1,16 @@
+// Ensure compatiblity of UBSan unreachable with ASan in the presence of
+// noreturn functions
+// RUN: %clang -O2 -fsanitize=address,unreachable %s -emit-llvm -S -o - | FileCheck %s
+// REQUIRES: ubsan-asan
+
+void bar(void) __attribute__((noreturn));
+
+void foo() {
+ bar();
+}
+// CHECK-LABEL: define void @foo()
+// CHECK: call void @__asan_handle_no_return
+// CHECK-NEXT: call void @bar
+// CHECK-NEXT: call void @__asan_handle_no_return
+// CHECK-NEXT: call void @__ubsan_handle_builtin_unreachable
+// CHECK-NEXT: unreachable
More information about the llvm-commits
mailing list