This is an archive of the discontinued LLVM Phabricator instance.

Differential D37853

[scudo] Fix bad request handling when allocator has not been initialized
ClosedPublic

Authored by cryptoad on Sep 14 2017, 10:41 AM.

Details

Reviewers
alekseyshl
Commits
rG26e689f0c5dd: [scudo] Fix bad request handling when allocator has not been initialized
rCRT313294: [scudo] Fix bad request handling when allocator has not been initialized
rL313294: [scudo] Fix bad request handling when allocator has not been initialized
Summary

In a few functions (scudoMemalign and the like), we would call
ScudoAllocator::FailureHandler::OnBadRequest if the parameters didn't check
out. The issue is that if the allocator had not been initialized (eg: if this
is the first heap related function called), we would use variables like
allocator_may_return_null and exitcode that still had their default value
(as opposed to the one set by the user or the initialization path).

To solve this, we introduce handleBadRequest that will call initThreadMaybe,
allowing the options to be correctly initialized.

Unfortunately, the tests were passing because exitcode was still 0, so the
results looked like success. Change those tests to do what they were supposed
to.

Diff Detail

Event Timeline

cryptoad created this revision.Sep 14 2017, 10:41 AM
Harbormaster completed remote builds in B10230: Diff 115245.Sep 14 2017, 10:42 AM
alekseyshl edited edge metadata.Sep 14 2017, 11:30 AM

Would moving SetAllocatorMayReturnNull call earler in the init() function help to resolve the problem?

cryptoad added a comment.Sep 14 2017, 11:37 AM
In D37853#870912, @alekseyshl wrote:

Would moving SetAllocatorMayReturnNull call earler in the init() function help to resolve the problem?

Unfortunately, prior to this change, init might not be called at all. This would be the case for the following pseudo-example:

int main(void) {
  void *p = memalign(3, 3);
  return 0;
}

We would go directly to ScudoAllocator::FailureHandler::OnBadRequest without going through initThread -> initScudo -> initFlags.

cryptoad added a comment.Sep 14 2017, 11:41 AM

I should add for completeness sake that to be fair, it's not a "real life" issue, as it would require the first heap operation ever called to be wrong.
But it's not a proper behavior.

alekseyshl accepted this revision.Sep 14 2017, 1:34 PM

Ah, right, makes sense.

This revision is now accepted and ready to land.Sep 14 2017, 1:34 PM
cryptoad closed this revision.Sep 14 2017, 1:35 PM

Revision Contents

PathSize
lib/
scudo/
13 lines
test/
scudo/
5 lines
5 lines

Diff 115245

lib/scudo/scudo_allocator.cpp

Show First 20 LinesShow All 614 Lines▼ Show 20 Linesstruct ScudoAllocator {
} }
uptr getStats(AllocatorStat StatType) { uptr getStats(AllocatorStat StatType) {
initThreadMaybe(); initThreadMaybe();
uptr stats[AllocatorStatCount]; uptr stats[AllocatorStatCount];
BackendAllocator.getStats(stats); BackendAllocator.getStats(stats);
return stats[StatType]; return stats[StatType];
} }
void *handleBadRequest() {
initThreadMaybe();
return FailureHandler::OnBadRequest();
}
}; };
static ScudoAllocator Instance(LINKER_INITIALIZED); static ScudoAllocator Instance(LINKER_INITIALIZED);
static ScudoBackendAllocator &getBackendAllocator() { static ScudoBackendAllocator &getBackendAllocator() {
return Instance.BackendAllocator; return Instance.BackendAllocator;
} }
▲ Show 20 LinesShow All 41 Lines▼ Show 20 Linesvoid *scudoValloc(uptr Size) {
return SetErrnoOnNull( return SetErrnoOnNull(
Instance.allocate(Size, GetPageSizeCached(), FromMemalign)); Instance.allocate(Size, GetPageSizeCached(), FromMemalign));
} }
void *scudoPvalloc(uptr Size) { void *scudoPvalloc(uptr Size) {
uptr PageSize = GetPageSizeCached(); uptr PageSize = GetPageSizeCached();
if (UNLIKELY(CheckForPvallocOverflow(Size, PageSize))) { if (UNLIKELY(CheckForPvallocOverflow(Size, PageSize))) {
errno = errno_ENOMEM; errno = errno_ENOMEM;
return ScudoAllocator::FailureHandler::OnBadRequest(); return Instance.handleBadRequest();
} }
// pvalloc(0) should allocate one page. // pvalloc(0) should allocate one page.
Size = Size ? RoundUpTo(Size, PageSize) : PageSize; Size = Size ? RoundUpTo(Size, PageSize) : PageSize;
return SetErrnoOnNull(Instance.allocate(Size, PageSize, FromMemalign)); return SetErrnoOnNull(Instance.allocate(Size, PageSize, FromMemalign));
} }
void *scudoMemalign(uptr Alignment, uptr Size) { void *scudoMemalign(uptr Alignment, uptr Size) {
if (UNLIKELY(!IsPowerOfTwo(Alignment))) { if (UNLIKELY(!IsPowerOfTwo(Alignment))) {
errno = errno_EINVAL; errno = errno_EINVAL;
return ScudoAllocator::FailureHandler::OnBadRequest(); return Instance.handleBadRequest();
} }
return SetErrnoOnNull(Instance.allocate(Size, Alignment, FromMemalign)); return SetErrnoOnNull(Instance.allocate(Size, Alignment, FromMemalign));
} }
int scudoPosixMemalign(void **MemPtr, uptr Alignment, uptr Size) { int scudoPosixMemalign(void **MemPtr, uptr Alignment, uptr Size) {
if (UNLIKELY(!CheckPosixMemalignAlignment(Alignment))) { if (UNLIKELY(!CheckPosixMemalignAlignment(Alignment))) {
ScudoAllocator::FailureHandler::OnBadRequest(); Instance.handleBadRequest();
return errno_EINVAL; return errno_EINVAL;
} }
void *Ptr = Instance.allocate(Size, Alignment, FromMemalign); void *Ptr = Instance.allocate(Size, Alignment, FromMemalign);
if (UNLIKELY(!Ptr)) if (UNLIKELY(!Ptr))
return errno_ENOMEM; return errno_ENOMEM;
*MemPtr = Ptr; *MemPtr = Ptr;
return 0; return 0;
} }
void *scudoAlignedAlloc(uptr Alignment, uptr Size) { void *scudoAlignedAlloc(uptr Alignment, uptr Size) {
if (UNLIKELY(!CheckAlignedAllocAlignmentAndSize(Alignment, Size))) { if (UNLIKELY(!CheckAlignedAllocAlignmentAndSize(Alignment, Size))) {
errno = errno_EINVAL; errno = errno_EINVAL;
return ScudoAllocator::FailureHandler::OnBadRequest(); return Instance.handleBadRequest();
} }
return SetErrnoOnNull(Instance.allocate(Size, Alignment, FromMalloc)); return SetErrnoOnNull(Instance.allocate(Size, Alignment, FromMalloc));
} }
uptr scudoMallocUsableSize(void *Ptr) { uptr scudoMallocUsableSize(void *Ptr) {
return Instance.getUsableSize(Ptr); return Instance.getUsableSize(Ptr);
} }
Show All 33 Lines

test/scudo/memalign.cpp

// RUN: %clang_scudo %s -o %t // RUN: %clang_scudo %s -o %t
// RUN: %run %t valid 2>&1 // RUN: %run %t valid 2>&1
// RUN: %run %t invalid 2>&1 // RUN: not %run %t invalid 2>&1
// RUN: SCUDO_OPTIONS=allocator_may_return_null=1 %run %t invalid 2>&1
// Tests that the various aligned allocation functions work as intended. Also // Tests that the various aligned allocation functions work as intended. Also
// tests for the condition where the alignment is not a power of 2. // tests for the condition where the alignment is not a power of 2.
#include <assert.h> #include <assert.h>
#include <errno.h> #include <errno.h>
#include <malloc.h> #include <malloc.h>
#include <stdint.h> #include <stdint.h>
▲ Show 20 LinesShow All 69 LinesShow Last 20 Lines

test/scudo/valloc.cpp

// RUN: %clang_scudo %s -o %t // RUN: %clang_scudo %s -o %t
// RUN: %run %t valid 2>&1 // RUN: %run %t valid 2>&1
// RUN: %run %t invalid 2>&1 // RUN: not %run %t invalid 2>&1
// RUN: SCUDO_OPTIONS=allocator_may_return_null=1 %run %t invalid 2>&1
// Tests that valloc and pvalloc work as intended. // Tests that valloc and pvalloc work as intended.
#include <assert.h> #include <assert.h>
#include <errno.h> #include <errno.h>
#include <malloc.h> #include <malloc.h>
#include <stdint.h> #include <stdint.h>
#include <string.h> #include <string.h>
▲ Show 20 LinesShow All 52 LinesShow Last 20 Lines