diff --git a/compiler-rt/test/hwasan/TestCases/stack-uas.c b/compiler-rt/test/hwasan/TestCases/stack-uas.c --- a/compiler-rt/test/hwasan/TestCases/stack-uas.c +++ b/compiler-rt/test/hwasan/TestCases/stack-uas.c @@ -1,16 +1,16 @@ // Tests use-after-scope detection and reporting. -// RUN: %clang_hwasan -mllvm -hwasan-use-after-scope -g %s -o %t && not %run %t 2>&1 | FileCheck %s -// RUN: %clang_hwasan -mllvm -hwasan-use-after-scope -g %s -o %t && not %env_hwasan_opts=symbolize=0 %run %t 2>&1 | FileCheck %s --check-prefix=NOSYM +// RUN: %clang_hwasan -g %s -o %t && not %run %t 2>&1 | FileCheck %s +// RUN: %clang_hwasan -g %s -o %t && not %env_hwasan_opts=symbolize=0 %run %t 2>&1 | FileCheck %s --check-prefix=NOSYM +// Use after scope is turned on by default. +// RUN: %clang_hwasan -g %s -o %t && not %run %t 2>&1 | FileCheck %s // RUN: %clang_hwasan -mllvm -hwasan-use-after-scope=false -g %s -o %t && %run %t 2>&1 -// Use after scope is turned off by default. -// RUN: %clang_hwasan -g %s -o %t && %run %t 2>&1 -// RUN: %clang_hwasan -mllvm -hwasan-use-after-scope -g %s -o %t && not %run %t 2>&1 | FileCheck %s +// RUN: %clang_hwasan -g %s -o %t && not %run %t 2>&1 | FileCheck %s // Run the same test as above, but using the __hwasan_add_frame_record libcall. // The output should be the exact same. -// RUN: %clang_hwasan -mllvm -hwasan-use-after-scope -mllvm -hwasan-record-stack-history=libcall -g %s -o %t && not %env_hwasan_opts=symbolize=0 %run %t 2>&1 | FileCheck %s --check-prefix=NOSYM +// RUN: %clang_hwasan -mllvm -hwasan-record-stack-history=libcall -g %s -o %t && not %env_hwasan_opts=symbolize=0 %run %t 2>&1 | FileCheck %s --check-prefix=NOSYM // REQUIRES: stable-runtime diff --git a/compiler-rt/test/hwasan/TestCases/use-after-scope-capture.cpp b/compiler-rt/test/hwasan/TestCases/use-after-scope-capture.cpp --- a/compiler-rt/test/hwasan/TestCases/use-after-scope-capture.cpp +++ b/compiler-rt/test/hwasan/TestCases/use-after-scope-capture.cpp @@ -1,6 +1,6 @@ // This is the ASAN test of the same name ported to HWAsan. -// RUN: %clangxx_hwasan -mllvm -hwasan-use-after-scope --std=c++11 -O1 %s -o %t && not %run %t 2>&1 | FileCheck %s +// RUN: %clangxx_hwasan --std=c++11 -O1 %s -o %t && not %run %t 2>&1 | FileCheck %s // REQUIRES: aarch64-target-arch || riscv64-target-arch // REQUIRES: stable-runtime diff --git a/compiler-rt/test/hwasan/TestCases/use-after-scope-dtor-order.cpp b/compiler-rt/test/hwasan/TestCases/use-after-scope-dtor-order.cpp --- a/compiler-rt/test/hwasan/TestCases/use-after-scope-dtor-order.cpp +++ b/compiler-rt/test/hwasan/TestCases/use-after-scope-dtor-order.cpp @@ -1,6 +1,6 @@ // This is the ASAN test of the same name ported to HWAsan. -// RUN: %clangxx_hwasan -mllvm -hwasan-use-after-scope -O1 %s -o %t && \ +// RUN: %clangxx_hwasan -O1 %s -o %t && \ // RUN: not %run %t 2>&1 | FileCheck %s // REQUIRES: aarch64-target-arch || riscv64-target-arch diff --git a/compiler-rt/test/hwasan/TestCases/use-after-scope-goto.cpp b/compiler-rt/test/hwasan/TestCases/use-after-scope-goto.cpp --- a/compiler-rt/test/hwasan/TestCases/use-after-scope-goto.cpp +++ b/compiler-rt/test/hwasan/TestCases/use-after-scope-goto.cpp @@ -1,6 +1,6 @@ // This is the ASAN test of the same name ported to HWAsan. -// RUN: %clangxx_hwasan -mllvm -hwasan-use-after-scope -O0 %s -o %t && %run %t +// RUN: %clangxx_hwasan -O0 %s -o %t && %run %t // Function jumps over variable initialization making lifetime analysis // ambiguous. Asan should ignore such variable and program must not fail. diff --git a/compiler-rt/test/hwasan/TestCases/use-after-scope-if.cpp b/compiler-rt/test/hwasan/TestCases/use-after-scope-if.cpp --- a/compiler-rt/test/hwasan/TestCases/use-after-scope-if.cpp +++ b/compiler-rt/test/hwasan/TestCases/use-after-scope-if.cpp @@ -1,6 +1,6 @@ // This is the ASAN test of the same name ported to HWAsan. -// RUN: %clangxx_hwasan -mllvm -hwasan-use-after-scope -O1 %s -o %t && \ +// RUN: %clangxx_hwasan -O1 %s -o %t && \ // RUN: not %run %t 2>&1 | FileCheck %s // REQUIRES: aarch64-target-arch || riscv64-target-arch diff --git a/compiler-rt/test/hwasan/TestCases/use-after-scope-inlined.cpp b/compiler-rt/test/hwasan/TestCases/use-after-scope-inlined.cpp --- a/compiler-rt/test/hwasan/TestCases/use-after-scope-inlined.cpp +++ b/compiler-rt/test/hwasan/TestCases/use-after-scope-inlined.cpp @@ -4,7 +4,7 @@ // happens. "always_inline" is not enough, as Clang doesn't emit // llvm.lifetime intrinsics at -O0. // -// RUN: %clangxx_hwasan -mllvm -hwasan-use-after-scope -O2 %s -o %t && \ +// RUN: %clangxx_hwasan -O2 %s -o %t && \ // RUN: not %run %t 2>&1 | FileCheck %s // REQUIRES: aarch64-target-arch || riscv64-target-arch diff --git a/compiler-rt/test/hwasan/TestCases/use-after-scope-loop-bug.cpp b/compiler-rt/test/hwasan/TestCases/use-after-scope-loop-bug.cpp --- a/compiler-rt/test/hwasan/TestCases/use-after-scope-loop-bug.cpp +++ b/compiler-rt/test/hwasan/TestCases/use-after-scope-loop-bug.cpp @@ -1,6 +1,6 @@ // This is the ASAN test of the same name ported to HWAsan. -// RUN: %clangxx_hwasan -mllvm -hwasan-use-after-scope -O1 %s -o %t && \ +// RUN: %clangxx_hwasan -O1 %s -o %t && \ // RUN: not %run %t 2>&1 | FileCheck %s // REQUIRES: aarch64-target-arch || riscv64-target-arch diff --git a/compiler-rt/test/hwasan/TestCases/use-after-scope-loop-removed.cpp b/compiler-rt/test/hwasan/TestCases/use-after-scope-loop-removed.cpp --- a/compiler-rt/test/hwasan/TestCases/use-after-scope-loop-removed.cpp +++ b/compiler-rt/test/hwasan/TestCases/use-after-scope-loop-removed.cpp @@ -1,6 +1,6 @@ // This is the ASAN test of the same name ported to HWAsan. -// RUN: %clangxx_hwasan -mllvm -hwasan-use-after-scope -O1 %s -o %t && \ +// RUN: %clangxx_hwasan -O1 %s -o %t && \ // RUN: not %run %t 2>&1 | FileCheck %s // REQUIRES: aarch64-target-arch || riscv64-target-arch diff --git a/compiler-rt/test/hwasan/TestCases/use-after-scope-loop.cpp b/compiler-rt/test/hwasan/TestCases/use-after-scope-loop.cpp --- a/compiler-rt/test/hwasan/TestCases/use-after-scope-loop.cpp +++ b/compiler-rt/test/hwasan/TestCases/use-after-scope-loop.cpp @@ -1,6 +1,6 @@ // This is the ASAN test of the same name ported to HWAsan. -// RUN: %clangxx_hwasan -mllvm -hwasan-use-after-scope -O1 %s -o %t && \ +// RUN: %clangxx_hwasan -O1 %s -o %t && \ // RUN: not %run %t 2>&1 | FileCheck %s // REQUIRES: aarch64-target-arch || riscv64-target-arch diff --git a/compiler-rt/test/hwasan/TestCases/use-after-scope-nobug.cpp b/compiler-rt/test/hwasan/TestCases/use-after-scope-nobug.cpp --- a/compiler-rt/test/hwasan/TestCases/use-after-scope-nobug.cpp +++ b/compiler-rt/test/hwasan/TestCases/use-after-scope-nobug.cpp @@ -1,6 +1,6 @@ // This is the ASAN test of the same name ported to HWAsan. -// RUN: %clangxx_hwasan -mllvm -hwasan-use-after-scope -O1 %s -o %t && %run %t +// RUN: %clangxx_hwasan -O1 %s -o %t && %run %t // REQUIRES: aarch64-target-arch || riscv64-target-arch // REQUIRES: stable-runtime diff --git a/compiler-rt/test/hwasan/TestCases/use-after-scope-setjmp.cpp b/compiler-rt/test/hwasan/TestCases/use-after-scope-setjmp.cpp --- a/compiler-rt/test/hwasan/TestCases/use-after-scope-setjmp.cpp +++ b/compiler-rt/test/hwasan/TestCases/use-after-scope-setjmp.cpp @@ -1,4 +1,4 @@ -// RUN: %clangxx_hwasan -mllvm -hwasan-use-stack-safety=0 -mllvm -hwasan-use-after-scope -O2 %s -o %t && \ +// RUN: %clangxx_hwasan -mllvm -hwasan-use-stack-safety=0 -O2 %s -o %t && \ // RUN: %run %t 2>&1 // REQUIRES: aarch64-target-arch || riscv64-target-arch diff --git a/compiler-rt/test/hwasan/TestCases/use-after-scope-temp.cpp b/compiler-rt/test/hwasan/TestCases/use-after-scope-temp.cpp --- a/compiler-rt/test/hwasan/TestCases/use-after-scope-temp.cpp +++ b/compiler-rt/test/hwasan/TestCases/use-after-scope-temp.cpp @@ -1,6 +1,6 @@ // This is the ASAN test of the same name ported to HWAsan. -// RUN: %clangxx_hwasan -mllvm -hwasan-use-after-scope -std=c++11 -O1 %s -o %t && \ +// RUN: %clangxx_hwasan -std=c++11 -O1 %s -o %t && \ // RUN: not %run %t 2>&1 | FileCheck %s // REQUIRES: aarch64-target-arch || riscv64-target-arch diff --git a/compiler-rt/test/hwasan/TestCases/use-after-scope-temp2.cpp b/compiler-rt/test/hwasan/TestCases/use-after-scope-temp2.cpp --- a/compiler-rt/test/hwasan/TestCases/use-after-scope-temp2.cpp +++ b/compiler-rt/test/hwasan/TestCases/use-after-scope-temp2.cpp @@ -1,6 +1,6 @@ // This is the ASAN test of the same name ported to HWAsan. -// RUN: %clangxx_hwasan -mllvm -hwasan-use-after-scope -std=c++11 -O1 %s -o %t && \ +// RUN: %clangxx_hwasan -std=c++11 -O1 %s -o %t && \ // RUN: not %run %t 2>&1 | FileCheck %s // REQUIRES: aarch64-target-arch || riscv64-target-arch diff --git a/compiler-rt/test/hwasan/TestCases/use-after-scope-types.cpp b/compiler-rt/test/hwasan/TestCases/use-after-scope-types.cpp --- a/compiler-rt/test/hwasan/TestCases/use-after-scope-types.cpp +++ b/compiler-rt/test/hwasan/TestCases/use-after-scope-types.cpp @@ -1,7 +1,7 @@ // This is the ASAN test of the same name ported to HWAsan. -// RUN: %clangxx_hwasan -mllvm -hwasan-use-after-scope -std=c++11 -O0 %s -o %t -// RUN: %clangxx_hwasan -fno-exceptions -mllvm -hwasan-use-after-scope -std=c++11 -O0 %s -o %t-noexcept +// RUN: %clangxx_hwasan -std=c++11 -O0 %s -o %t +// RUN: %clangxx_hwasan -fno-exceptions -std=c++11 -O0 %s -o %t-noexcept // RUN: not %run %t 0 2>&1 | FileCheck %s // RUN: not %run %t 1 2>&1 | FileCheck %s diff --git a/compiler-rt/test/hwasan/TestCases/use-after-scope.cpp b/compiler-rt/test/hwasan/TestCases/use-after-scope.cpp --- a/compiler-rt/test/hwasan/TestCases/use-after-scope.cpp +++ b/compiler-rt/test/hwasan/TestCases/use-after-scope.cpp @@ -1,6 +1,6 @@ // This is the ASAN test of the same name ported to HWAsan. -// RUN: %clangxx_hwasan -mllvm -hwasan-use-after-scope -O1 %s -o %t && \ +// RUN: %clangxx_hwasan -O1 %s -o %t \ // RUN: not %run %t 2>&1 | FileCheck %s // REQUIRES: aarch64-target-arch || riscv64-target-arch diff --git a/llvm/docs/ReleaseNotes.rst b/llvm/docs/ReleaseNotes.rst --- a/llvm/docs/ReleaseNotes.rst +++ b/llvm/docs/ReleaseNotes.rst @@ -133,6 +133,7 @@ Changes to Sanitizers --------------------- +* HWASan now defaults to detecting use-after-scope bugs. Other Changes ------------- diff --git a/llvm/lib/Transforms/Instrumentation/HWAddressSanitizer.cpp b/llvm/lib/Transforms/Instrumentation/HWAddressSanitizer.cpp --- a/llvm/lib/Transforms/Instrumentation/HWAddressSanitizer.cpp +++ b/llvm/lib/Transforms/Instrumentation/HWAddressSanitizer.cpp @@ -134,7 +134,7 @@ static cl::opt ClUseAfterScope("hwasan-use-after-scope", cl::desc("detect use after scope within function"), - cl::Hidden, cl::init(false)); + cl::Hidden, cl::init(true)); static cl::opt ClGenerateTagsWithCalls( "hwasan-generate-tags-with-calls", diff --git a/llvm/test/Instrumentation/HWAddressSanitizer/X86/alloca.ll b/llvm/test/Instrumentation/HWAddressSanitizer/X86/alloca.ll --- a/llvm/test/Instrumentation/HWAddressSanitizer/X86/alloca.ll +++ b/llvm/test/Instrumentation/HWAddressSanitizer/X86/alloca.ll @@ -109,6 +109,7 @@ ; CHECK-NEXT: [[TMP8:%.*]] = shl i64 [[TMP5]], 57 ; CHECK-NEXT: [[TMP9:%.*]] = or i64 [[TMP7]], [[TMP8]] ; CHECK-NEXT: [[BUF_SROA_0_HWASAN:%.*]] = inttoptr i64 [[TMP9]] to ptr +; CHECK-NEXT: call void @llvm.lifetime.start.p0(i64 16, ptr nonnull [[BUF_SROA_0]]) ; CHECK-NEXT: [[TMP10:%.*]] = trunc i64 [[TMP5]] to i8 ; CHECK-NEXT: call void @__hwasan_tag_memory(ptr [[BUF_SROA_0]], i8 [[TMP10]], i64 16) ; CHECK-NEXT: [[TMP11:%.*]] = ptrtoint ptr [[BUF_SROA_0_HWASAN]] to i64 @@ -116,6 +117,7 @@ ; CHECK-NEXT: store volatile i8 0, ptr [[BUF_SROA_0_HWASAN]], align 4 ; CHECK-NEXT: [[TMP12:%.*]] = trunc i64 [[HWASAN_UAR_TAG]] to i8 ; CHECK-NEXT: call void @__hwasan_tag_memory(ptr [[BUF_SROA_0]], i8 [[TMP12]], i64 16) +; CHECK-NEXT: call void @llvm.lifetime.end.p0(i64 16, ptr nonnull [[BUF_SROA_0]]) ; CHECK-NEXT: ret i32 0 ; ; INLINE-LABEL: define i32 @test_simple @@ -148,6 +150,7 @@ ; INLINE-NEXT: [[TMP19:%.*]] = shl i64 [[TMP16]], 57 ; INLINE-NEXT: [[TMP20:%.*]] = or i64 [[TMP18]], [[TMP19]] ; INLINE-NEXT: [[BUF_SROA_0_HWASAN:%.*]] = inttoptr i64 [[TMP20]] to ptr +; INLINE-NEXT: call void @llvm.lifetime.start.p0(i64 16, ptr nonnull [[BUF_SROA_0]]) ; INLINE-NEXT: [[TMP21:%.*]] = trunc i64 [[TMP16]] to i8 ; INLINE-NEXT: [[TMP22:%.*]] = ptrtoint ptr [[BUF_SROA_0]] to i64 ; INLINE-NEXT: [[TMP23:%.*]] = and i64 [[TMP22]], -9079256848778919937 @@ -194,6 +197,7 @@ ; INLINE-NEXT: [[TMP54:%.*]] = lshr i64 [[TMP53]], 4 ; INLINE-NEXT: [[TMP55:%.*]] = getelementptr i8, ptr [[TMP14]], i64 [[TMP54]] ; INLINE-NEXT: call void @llvm.memset.p0.i64(ptr align 1 [[TMP55]], i8 [[TMP51]], i64 1, i1 false) +; INLINE-NEXT: call void @llvm.lifetime.end.p0(i64 16, ptr nonnull [[BUF_SROA_0]]) ; INLINE-NEXT: ret i32 0 ; entry: