This is an archive of the discontinued LLVM Phabricator instance.

Paths

Table of Contentst

-
lib/asan/
-
asan/
3
CMakeLists.txt
1
asan_win_coverage_interception.cc

Differential D28600

[compiler-rt] [Sanitizer Coverage] Use interception to access to sanitizer coverage's strong functions defined in the main executable (for MD on Windows.)
AbandonedPublic

Authored by mpividori on Jan 12 2017, 12:58 AM.

Download Raw Diff

Details

Reviewers

kcc
zturner
aizatsky
rnk

Summary

When considering MD, asan is implemented as an external dll: clang-rt_asan_dynamic-arch.dll
We provide default implementation for sanitizer coverage's weak functions like: __sanitizer_cov_trace_pc_guard, __sanitizer_cov_trace_cmp , etc, imported from asan dll as: __sanitizer_cov_trace_pc_guard__dll, __sanitizer_cov_trace_cmp__dll , etc.

But clients can redefine and export a new definition in the main executable, like:

extern "C" __declspec(dllexport) void __sanitizer_cov_trace_pc_guard(u32* guard) {
  // Different implementation provided by the client.
}

However, other client's dlls, will continue using the default implementation imported from asan dll: __sanitizer_cov_trace_pc_guard__dll.

So, with the implementation in this diff, when asan dll is initialized, it will check if the main executable exports the definition of some weak function (for example __sanitizer_cov_trace_pc_guard). If it finds that function, then it will override the default function in the dll (__sanitizer_cov_trace_pc_guard__dll) with that pointer. So, all the client's dlls with instrumentation that import __sanitizer_cov_trace_pc_guard__dll() from asan dll, will be using the function provided by the main executable.

After this diff, sanitizer coverage is fixed for MD on Windows. In particular libFuzzer can provide custom implementation for all sanitizer coverage's weak functions, and they will be considered by asan dll.

Diff Detail

Repository: rL LLVM

Event Timeline

mpividori updated this revision to Diff 84084.Jan 12 2017, 12:58 AM

mpividori retitled this revision from to [compiler-rt] [Sanitizer Coverage] Use interception to access to sanitizer coverage's strong functions defined in the main executable (for MD on Windows.).

mpividori updated this object.

mpividori added reviewers: kcc, rnk, aizatsky, zturner.

mpividori set the repository for this revision to rL LLVM.

mpividori added a subscriber: llvm-commits.

Herald added subscribers: mgorny, dberris, kubamracek. · View Herald TranscriptJan 12 2017, 12:58 AM

rnk added inline comments.Jan 17 2017, 1:14 PM

lib/asan/asan_win_coverage_interception.cc
55	I think we may wish to have a .def file that includes the full list of weak sanitizer coverage callbacks to avoid this repetition.

@rnk I considered that, but I thought this would be simpler, although we repeat some declarations.

mpividori updated this revision to Diff 85469.Jan 23 2017, 3:22 PM

mpividori edited the summary of this revision. (Show Details)

kubamracek added inline comments.Jan 23 2017, 3:27 PM

lib/asan/CMakeLists.txt
80	Add asan_win_weak_interception.cc to ASAN_SOURCES instead.
lib/asan/asan_win_weak_interception.cc
14 ↗	(On Diff #85469)	Can you use the same ifdef'ing scheme as asan_win.cc is using, i.e.: #include "sanitizer_common/sanitizer_platform.h" #if SANITIZER_WINDOWS ?

mpividori added inline comments.Jan 23 2017, 3:29 PM

lib/asan/CMakeLists.txt
80	@kubamracek I can't because this is only for the dynamic version of asan (dll).
lib/asan/asan_win_weak_interception.cc
14 ↗	(On Diff #85469)	@kubamracek Ok, you are right. Thanks.

kubamracek added inline comments.Jan 23 2017, 3:30 PM

lib/asan/CMakeLists.txt
80	Then either define something like ASAN_DYNAMIC_SOURCES or use `#if ASAN_DYNAMIC` in the source file itself. This certainly doesn't belong here.

@kubamracek Done

Abandon revision, because this was redesigned in: https://reviews.llvm.org/D29168

Revision Contents

Path

Size

lib/

asan/

CMakeLists.txt

2 lines

asan_win_coverage_interception.cc

84 lines

Diff 84084

lib/asan/CMakeLists.txt

	Show First 20 Lines • Show All 71 Lines • ▼ Show 20 Lines
	append_list_if(COMPILER_RT_HAS_LIBSTDCXX stdc++ ASAN_DYNAMIC_LIBS)			append_list_if(COMPILER_RT_HAS_LIBSTDCXX stdc++ ASAN_DYNAMIC_LIBS)
	append_list_if(COMPILER_RT_HAS_LIBLOG log ASAN_DYNAMIC_LIBS)			append_list_if(COMPILER_RT_HAS_LIBLOG log ASAN_DYNAMIC_LIBS)

	# Compile ASan sources into an object library.			# Compile ASan sources into an object library.

	add_compiler_rt_object_libraries(RTAsan_dynamic			add_compiler_rt_object_libraries(RTAsan_dynamic
	OS ${SANITIZER_COMMON_SUPPORTED_OS}			OS ${SANITIZER_COMMON_SUPPORTED_OS}
	ARCHS ${ASAN_SUPPORTED_ARCH}			ARCHS ${ASAN_SUPPORTED_ARCH}
	SOURCES ${ASAN_SOURCES} ${ASAN_CXX_SOURCES}			SOURCES ${ASAN_SOURCES} ${ASAN_CXX_SOURCES} asan_win_coverage_interception.cc
				kubamracekUnsubmitted Not Done Reply Inline Actions Add asan_win_weak_interception.cc to ASAN_SOURCES instead. kubamracek: Add asan_win_weak_interception.cc to ASAN_SOURCES instead.
				mpividoriAuthorUnsubmitted Not Done Reply Inline Actions @kubamracek I can't because this is only for the dynamic version of asan (dll). mpividori: @kubamracek I can't because this is only for the dynamic version of asan (dll).
				kubamracekUnsubmitted Not Done Reply Inline Actions Then either define something like ASAN_DYNAMIC_SOURCES or use `#if ASAN_DYNAMIC` in the source file itself. This certainly doesn't belong here. kubamracek: Then either define something like ASAN_DYNAMIC_SOURCES or use `#if ASAN_DYNAMIC` in the source…
	CFLAGS ${ASAN_DYNAMIC_CFLAGS}			CFLAGS ${ASAN_DYNAMIC_CFLAGS}
	DEFS ${ASAN_DYNAMIC_DEFINITIONS})			DEFS ${ASAN_DYNAMIC_DEFINITIONS})

	if(NOT APPLE)			if(NOT APPLE)
	add_compiler_rt_object_libraries(RTAsan			add_compiler_rt_object_libraries(RTAsan
	ARCHS ${ASAN_SUPPORTED_ARCH}			ARCHS ${ASAN_SUPPORTED_ARCH}
	SOURCES ${ASAN_SOURCES} CFLAGS ${ASAN_CFLAGS}			SOURCES ${ASAN_SOURCES} CFLAGS ${ASAN_CFLAGS}
	DEFS ${ASAN_COMMON_DEFINITIONS})			DEFS ${ASAN_COMMON_DEFINITIONS})
	▲ Show 20 Lines • Show All 158 Lines • Show Last 20 Lines

lib/asan/asan_win_coverage_interception.cc

This file was added.

				//===-- asan_win_coverage_interception.cc ---------------------------------===//
				//
				// The LLVM Compiler Infrastructure
				//
				// This file is distributed under the University of Illinois Open Source
				// License. See LICENSE.TXT for details.
				//
				//===----------------------------------------------------------------------===//
				//
				// This file is a part of Sanitizer Coverage for Windows.
				//
				// This module should be statically linked to the Asan dll library in order to
				// delegate the calls of weak functions to the implementation in the main
				// executable when possible. (Based on: asan_win_dll_thunk.cc)
				//===----------------------------------------------------------------------===//

				#ifdef _WIN32
				#include "interception/interception.h"
				#include "sanitizer_common/sanitizer_platform_interceptors.h"
				#include "sanitizer_common/sanitizer_interface_internal.h"

				#ifdef _M_IX86
				#define WINAPI __stdcall
				#else
				#define WINAPI
				#endif

				// Interception helper functions and macros.
				extern "C" {
				void WINAPI GetModuleHandleA(const char module_name);
				void WINAPI GetProcAddress(void module, const char *proc_name);
				void abort();
				}

				using __sanitizer::uptr;
				using __sanitizer::u32;

				// Try to get a pointer to real_function in the main module and override
				// dll_function with that pointer. If the function isn't found, nothing changes.
				static void interceptWhenPossible(uptr dll_function, const char *real_function){
				uptr real = __interception::InternalGetProcAddress(
				(void *)GetModuleHandleA(0), real_function);
				if (real && !__interception::OverrideFunction((uptr)dll_function, real, 0))
				abort();
				}

				// Override default functions with implementation provided by users.
				#define INTERCEPT_WEAK(Name) \
				interceptWhenPossible((uptr) WEAK_DEF_NAME(Name), #Name);

				static int coverage_init() {
				// We need to intercept weak functions from Sanitizer Coverage in order to
				// delegate the calls to the implementation in the main executable when
				// non-defult implementations are provided.
				INTERCEPT_WEAK(__sanitizer_cov_trace_cmp)
				rnkUnsubmitted Not Done Reply Inline Actions I think we may wish to have a .def file that includes the full list of weak sanitizer coverage callbacks to avoid this repetition. rnk: I think we may wish to have a .def file that includes the full list of weak sanitizer coverage…
				INTERCEPT_WEAK(__sanitizer_cov_trace_cmp1)
				INTERCEPT_WEAK(__sanitizer_cov_trace_cmp2)
				INTERCEPT_WEAK(__sanitizer_cov_trace_cmp4)
				INTERCEPT_WEAK(__sanitizer_cov_trace_cmp8)
				INTERCEPT_WEAK(__sanitizer_cov_trace_switch)
				INTERCEPT_WEAK(__sanitizer_cov_trace_div4)
				INTERCEPT_WEAK(__sanitizer_cov_trace_div8)
				INTERCEPT_WEAK(__sanitizer_cov_trace_gep)
				INTERCEPT_WEAK(__sanitizer_cov_trace_pc_indir)
				INTERCEPT_WEAK(__sanitizer_cov_trace_pc_guard)
				INTERCEPT_WEAK(__sanitizer_cov_trace_pc_guard_init)
				// In DLLs, the callbacks are expected to return 0,
				// otherwise CRT initialization fails.
				return 0;
				}

				#pragma section(".CRT$XIB", long, read) // NOLINT
				__declspec(allocate(".CRT$XIB")) int (*__coverage_preinit)() = coverage_init;

				static void WINAPI coverage_thread_init(void *mod, unsigned long reason,
				void *reserved) {
				if (reason == /DLL_PROCESS_ATTACH=/1) coverage_init();
				}

				#pragma section(".CRT$XLAB", long, read) // NOLINT
				__declspec(allocate(".CRT$XLAB")) void (WINAPI __coverage_tls_init)(void ,
				unsigned long, void *) = coverage_thread_init;

				#endif // _WIN32