Skip to content

Set -Cpanic=abort in windows-msvc stack protector tests #148849

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Draft
wants to merge 1 commit into
base: main
Choose a base branch
from
+97 −61
Draft

Set -Cpanic=abort in windows-msvc stack protector tests #148849

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
76 changes: 49 additions & 27 deletions tests/assembly-llvm/stack-protector/stack-protector-heuristics-effect-windows-32bit.rs
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -7,7 +7,7 @@
//@ [strong] compile-flags: -Z stack-protector=strong
//@ [basic] compile-flags: -Z stack-protector=basic
//@ [none] compile-flags: -Z stack-protector=none
//@ compile-flags: -C opt-level=2 -Z merge-functions=disabled
//@ compile-flags: -C opt-level=2 -Z merge-functions=disabled -Cpanic=abort

#![crate_type = "lib"]
#![allow(internal_features)]
Expand All @@ -16,16 +16,19 @@
// CHECK-LABEL: emptyfn:
#[no_mangle]
pub fn emptyfn() {
// CHECK-DAG: .cv_fpo_endprologue
// all: __security_check_cookie
// strong-NOT: __security_check_cookie
// basic-NOT: __security_check_cookie
// none-NOT: __security_check_cookie
// missing-NOT: __security_check_cookie
// CHECK-DAG: .cv_fpo_endproc
}

// CHECK-LABEL: array_char
#[no_mangle]
pub fn array_char(f: fn(*const char)) {
// CHECK-DAG: .cv_fpo_endprologue
let a = ['c'; 1];
let b = ['d'; 3];
let c = ['e'; 15];
Expand All @@ -39,11 +42,14 @@ pub fn array_char(f: fn(*const char)) {
// basic: __security_check_cookie
// none-NOT: __security_check_cookie
// missing-NOT: __security_check_cookie

// CHECK-DAG: .cv_fpo_endproc
}

// CHECK-LABEL: array_u8_1
#[no_mangle]
pub fn array_u8_1(f: fn(*const u8)) {
// CHECK-DAG: .cv_fpo_endprologue
let a = [0u8; 1];
f(&a as *const _);

Expand All @@ -55,11 +61,14 @@ pub fn array_u8_1(f: fn(*const u8)) {
// basic-NOT: __security_check_cookie
// none-NOT: __security_check_cookie
// missing-NOT: __security_check_cookie

// CHECK-DAG: .cv_fpo_endproc
}

// CHECK-LABEL: array_u8_small:
#[no_mangle]
pub fn array_u8_small(f: fn(*const u8)) {
// CHECK-DAG: .cv_fpo_endprologue
let a = [0u8; 2];
let b = [0u8; 7];
f(&a as *const _);
Expand All @@ -72,11 +81,14 @@ pub fn array_u8_small(f: fn(*const u8)) {
// basic-NOT: __security_check_cookie
// none-NOT: __security_check_cookie
// missing-NOT: __security_check_cookie

// CHECK-DAG: .cv_fpo_endproc
}

// CHECK-LABEL: array_u8_large:
#[no_mangle]
pub fn array_u8_large(f: fn(*const u8)) {
// CHECK-DAG: .cv_fpo_endprologue
let a = [0u8; 9];
f(&a as *const _);

Expand All @@ -88,6 +100,8 @@ pub fn array_u8_large(f: fn(*const u8)) {
// basic: __security_check_cookie
// none-NOT: __security_check_cookie
// missing-NOT: __security_check_cookie

// CHECK-DAG: .cv_fpo_endproc
}

#[derive(Copy, Clone)]
Expand All @@ -96,6 +110,7 @@ pub struct ByteSizedNewtype(u8);
// CHECK-LABEL: array_bytesizednewtype_9:
#[no_mangle]
pub fn array_bytesizednewtype_9(f: fn(*const ByteSizedNewtype)) {
// CHECK-DAG: .cv_fpo_endprologue
let a = [ByteSizedNewtype(0); 9];
f(&a as *const _);

Expand All @@ -107,11 +122,14 @@ pub fn array_bytesizednewtype_9(f: fn(*const ByteSizedNewtype)) {
// basic: __security_check_cookie
// none-NOT: __security_check_cookie
// missing-NOT: __security_check_cookie

// CHECK-DAG: .cv_fpo_endproc
}

// CHECK-LABEL: local_var_addr_used_indirectly
#[no_mangle]
pub fn local_var_addr_used_indirectly(f: fn(bool)) {
// CHECK-DAG: .cv_fpo_endprologue
let a = 5;
let a_addr = &a as *const _ as usize;
f(a_addr & 0x10 == 0);
Expand All @@ -134,37 +152,27 @@ pub fn local_var_addr_used_indirectly(f: fn(bool)) {
// basic-NOT: __security_check_cookie
// none-NOT: __security_check_cookie
// missing-NOT: __security_check_cookie

// CHECK-DAG: .cv_fpo_endproc
}

// CHECK-LABEL: local_string_addr_taken
#[no_mangle]
pub fn local_string_addr_taken(f: fn(&String)) {
// CHECK-DAG: .cv_fpo_endprologue
let x = String::new();
f(&x);

// Taking the address of the local variable `x` leads to stack smash
// protection with the `strong` heuristic, but not with the `basic`
// heuristic. It does not matter that the reference is not mut.
//
// An interesting note is that a similar function in C++ *would* be
// protected by the `basic` heuristic, because `std::string` has a char
// array internally as a small object optimization:
// ```
// cat <<EOF | clang++ -O2 -fstack-protector -S -x c++ - -o - | grep stack_chk
// #include <string>
// void f(void (*g)(const std::string&)) {
// std::string x;
// g(x);
// }
// EOF
// ```
//
// protection. It does not matter that the reference is not mut.

// all: __security_check_cookie
// strong-NOT: __security_check_cookie
// basic-NOT: __security_check_cookie
// strong: __security_check_cookie
// basic: __security_check_cookie
// none-NOT: __security_check_cookie
// missing-NOT: __security_check_cookie

// CHECK-DAG: .cv_fpo_endproc
}

pub trait SelfByRef {
Expand All @@ -180,6 +188,7 @@ impl SelfByRef for i32 {
// CHECK-LABEL: local_var_addr_taken_used_locally_only
#[no_mangle]
pub fn local_var_addr_taken_used_locally_only(factory: fn() -> i32, sink: fn(i32)) {
// CHECK-DAG: .cv_fpo_endprologue
let x = factory();
let g = x.f();
sink(g);
Expand All @@ -194,6 +203,8 @@ pub fn local_var_addr_taken_used_locally_only(factory: fn() -> i32, sink: fn(i32
// basic-NOT: __security_check_cookie
// none-NOT: __security_check_cookie
// missing-NOT: __security_check_cookie

// CHECK-DAG: .cv_fpo_endproc
}

pub struct Gigastruct {
Expand All @@ -207,6 +218,7 @@ pub struct Gigastruct {
// CHECK-LABEL: local_large_var_moved
#[no_mangle]
pub fn local_large_var_moved(f: fn(Gigastruct)) {
// CHECK-DAG: .cv_fpo_endprologue
let x = Gigastruct { does: 0, not: 1, have: 2, array: 3, members: 4 };
f(x);

Expand All @@ -231,11 +243,14 @@ pub fn local_large_var_moved(f: fn(Gigastruct)) {
// basic: __security_check_cookie
// none-NOT: __security_check_cookie
// missing-NOT: __security_check_cookie

// CHECK-DAG: .cv_fpo_endproc
}

// CHECK-LABEL: local_large_var_cloned
#[no_mangle]
pub fn local_large_var_cloned(f: fn(Gigastruct)) {
// CHECK-DAG: .cv_fpo_endprologue
f(Gigastruct { does: 0, not: 1, have: 2, array: 3, members: 4 });

// A new instance of `Gigastruct` is passed to `f()`, without any apparent
Expand All @@ -260,6 +275,8 @@ pub fn local_large_var_cloned(f: fn(Gigastruct)) {
// basic: __security_check_cookie
// none-NOT: __security_check_cookie
// missing-NOT: __security_check_cookie

// CHECK-DAG: .cv_fpo_endproc
}

extern "C" {
Expand Down Expand Up @@ -293,49 +310,57 @@ extern "C" {
// CHECK-LABEL: alloca_small_compile_time_constant_arg
#[no_mangle]
pub fn alloca_small_compile_time_constant_arg(f: fn(*mut ())) {
// CHECK-DAG: .cv_fpo_endprologue
f(unsafe { alloca(8) });

// all: __security_check_cookie
// strong-NOT: __security_check_cookie
// basic-NOT: __security_check_cookie
// none-NOT: __security_check_cookie
// missing-NOT: __security_check_cookie

// CHECK-DAG: .cv_fpo_endproc
}

// CHECK-LABEL: alloca_large_compile_time_constant_arg
#[no_mangle]
pub fn alloca_large_compile_time_constant_arg(f: fn(*mut ())) {
// CHECK-DAG: .cv_fpo_endprologue
f(unsafe { alloca(9) });

// all: __security_check_cookie
// strong-NOT: __security_check_cookie
// basic-NOT: __security_check_cookie
// none-NOT: __security_check_cookie
// missing-NOT: __security_check_cookie

// CHECK-DAG: .cv_fpo_endproc
}

// CHECK-LABEL: alloca_dynamic_arg
#[no_mangle]
pub fn alloca_dynamic_arg(f: fn(*mut ()), n: usize) {
// CHECK-DAG: .cv_fpo_endprologue
f(unsafe { alloca(n) });

// all: __security_check_cookie
// strong-NOT: __security_check_cookie
// basic-NOT: __security_check_cookie
// none-NOT: __security_check_cookie
// missing-NOT: __security_check_cookie

// CHECK-DAG: .cv_fpo_endproc
}

// The question then is: in what ways can Rust code generate array-`alloca`
// LLVM instructions? This appears to only be generated by
// rustc_codegen_ssa::traits::Builder::array_alloca() through
// rustc_codegen_ssa::mir::operand::OperandValue::store_unsized(). FWICT
// this is support for the "unsized locals" unstable feature:
// https://doc.rust-lang.org/unstable-book/language-features/unsized-locals.html.
// rustc_codegen_ssa::mir::operand::OperandValue::store_unsized().

// CHECK-LABEL: unsized_fn_param
#[no_mangle]
pub fn unsized_fn_param(s: [u8], l: bool, f: fn([u8])) {
// CHECK-DAG: .cv_fpo_endprologue
let n = if l { 1 } else { 2 };
f(*Box::<[u8]>::from(&s[0..n])); // slice-copy with Box::from

Expand All @@ -346,14 +371,11 @@ pub fn unsized_fn_param(s: [u8], l: bool, f: fn([u8])) {
// alloca, and is therefore not protected by the `strong` or `basic`
// heuristics.

// We should have a __security_check_cookie call in `all` and `strong` modes but
// LLVM does not support generating stack protectors in functions with funclet
// based EH personalities.
// https://github.com/llvm/llvm-project/blob/37fd3c96b917096d8a550038f6e61cdf0fc4174f/llvm/lib/CodeGen/StackProtector.cpp#L103C1-L109C4
// all-NOT: __security_check_cookie
// strong-NOT: __security_check_cookie

// basic-NOT: __security_check_cookie
// none-NOT: __security_check_cookie
// missing-NOT: __security_check_cookie

// CHECK-DAG: .cv_fpo_endproc
}
Loading
Loading