[compiler-rt] [Darwin][ASan][Test] Create a unoptimized wrapper function in unsanitized dylib for reliable suppression in test. (PR #131906)

Paddy McDonald via llvm-commits llvm-commits at lists.llvm.org
Thu Mar 20 11:03:53 PDT 2025 

https://github.com/padriff updated https://github.com/llvm/llvm-project/pull/131906

>From 18b874d5529ab111d5cd5023fd926a5889fb628d Mon Sep 17 00:00:00 2001
From: Paddy McDonald <paddy_mcdonald at apple.com>
Date: Tue, 18 Mar 2025 13:26:28 -0700
Subject: [PATCH] [Darwin][ASan][Test] Move test wrapper function to
 unsanitized dylib for parity with original configuration.

Test should be suppressing ASan for a function outside of sanitized code.
Update function to be extern "C" to match function decoration in original framework.

rdar://144800068
---
 .../TestCases/Darwin/suppressions-sandbox.cpp | 22 +++++++++++++++++--
 1 file changed, 20 insertions(+), 2 deletions(-)

diff --git a/compiler-rt/test/asan/TestCases/Darwin/suppressions-sandbox.cpp b/compiler-rt/test/asan/TestCases/Darwin/suppressions-sandbox.cpp
index be0a2b1aec516..651d0c5d05b07 100644
--- a/compiler-rt/test/asan/TestCases/Darwin/suppressions-sandbox.cpp
+++ b/compiler-rt/test/asan/TestCases/Darwin/suppressions-sandbox.cpp
@@ -1,5 +1,9 @@
+// Compile the intermediate function to a dylib without -fsanitize to avoid
+// suppressing symbols in sanitized code.
+// RUN: %clangxx -O0 -DSHARED_LIB %s -dynamiclib -o %t.dylib -framework Foundation
+
 // Check that without suppressions, we catch the issue.
-// RUN: %clangxx_asan -O0 %s -o %t -framework Foundation
+// RUN: %clangxx_asan -O0 %s -o %t -framework Foundation %t.dylib
 // RUN: not %run %t 2>&1 | FileCheck --check-prefix=CHECK-CRASH %s
 
 // Check that suppressing a function name works within a no-fork sandbox
@@ -13,23 +17,37 @@
 
 #include <CoreFoundation/CoreFoundation.h>
 
+#if defined(SHARED_LIB)
+
+extern "C" {
 // Disable optimizations to ensure that this function appears on the stack trace so our
 // configured suppressions `interceptor_via_fun:createCFString` can take effect.
-__attribute__((noinline, disable_tail_calls)) CFStringRef
+__attribute__((disable_tail_calls)) CFStringRef
 createCFString(const unsigned char *bytes, CFIndex length) {
   return CFStringCreateWithBytes(kCFAllocatorDefault, bytes, length,
                                  kCFStringEncodingUTF8, FALSE);
 }
+}
+
+#else
+
+extern "C" {
+CFStringRef createCFString(const unsigned char *bytes, CFIndex length);
+}
 
 int main() {
   char *a = (char *)malloc(6);
   strcpy(a, "hello");
+  // Intentional out-of-bounds access that will be caught unless an ASan suppression is provided.
   CFStringRef str = createCFString((unsigned char *)a, 10); // BOOM
+  // If this is printed to stderr then the ASan suppression has worked.
   fprintf(stderr, "Ignored.\n");
   free(a);
   CFRelease(str);
 }
 
+#endif
+
 // CHECK-CRASH: AddressSanitizer: heap-buffer-overflow
 // CHECK-CRASH-NOT: Ignored.
 // CHECK-IGNORE-NOT: AddressSanitizer: heap-buffer-overflow

More information about the llvm-commits mailing list