This is an archive of the discontinued LLVM Phabricator instance.

Differential D57720

[sanitizer] Decorate /proc/self/maps on Android.
ClosedPublic

Authored by eugenis on Feb 4 2019, 3:55 PM.

Details

Reviewers
pcc
vitalybuka
Commits
rG443c034391a2: [sanitizer] Decorate /proc/self/maps better.
rCRT353255: [sanitizer] Decorate /proc/self/maps better.
rL353255: [sanitizer] Decorate /proc/self/maps better.
Summary

Refactor the way /proc/self/maps entries are annotated to support most
(all?) posix platforms, with a special implementation for Android.
Extend the set of decorated Mmap* calls.

Generic implementation has limits (max number of files under /dev/shm is
64K on my machine), which can be conceivably reached when sanitizing
multiple programs at once. Android implemenation is essentially free, and
enabled by default.

The test in sanitizer_common is copied to hwasan and not reused directly
because hwasan fails way too many common tests at the moment.

Diff Detail

Repository
rL LLVM

Event Timeline

eugenis created this revision.Feb 4 2019, 3:55 PM
Herald added subscribers: jfb, kubamracek, srhines. · View Herald TranscriptFeb 4 2019, 3:55 PM
Harbormaster completed remote builds in B27702: Diff 185180.Feb 4 2019, 3:55 PM
eugenis updated this revision to Diff 185210.Feb 4 2019, 6:15 PM

.

Harbormaster completed remote builds in B27714: Diff 185210.Feb 4 2019, 6:15 PM
vitalybuka accepted this revision.Feb 5 2019, 2:04 PM
This revision is now accepted and ready to land.Feb 5 2019, 2:04 PM
eugenis updated this revision to Diff 185413.Feb 5 2019, 2:35 PM
eugenis marked an inline comment as done.

.

Harbormaster completed remote builds in B27773: Diff 185413.Feb 5 2019, 2:35 PM
eugenis added a subscriber: flowerhack.Feb 5 2019, 2:35 PM
eugenis added inline comments.
compiler-rt/lib/sanitizer_common/sanitizer_posix_libcdep.cc
353 ↗(On Diff #185210)

@flowerhack FYI this is resolved by internal_open-ing /dev/shm instead of relying on shm_open.

pcc added a comment.Feb 5 2019, 2:38 PM

The GetNamedMappingFd and DecorateMapping APIs seem a little awkwards to me. Everyone is using them as GetNamedMappingFd/mmap/DecorateMapping except for one place in hwasan. Would it make more sense to have a single function that does GetNamedMappingFd/mmap/DecorateMapping and continue using PR_SET_VMA_ANON_NAME in hwasan?

eugenis updated this revision to Diff 185425.Feb 5 2019, 3:21 PM

.

eugenis added a comment.Feb 5 2019, 3:21 PM
In D57720#1386140, @pcc wrote:

The GetNamedMappingFd and DecorateMapping APIs seem a little awkwards to me. Everyone is using them as GetNamedMappingFd/mmap/DecorateMapping except for one place in hwasan. Would it make more sense to have a single function that does GetNamedMappingFd/mmap/DecorateMapping and continue using PR_SET_VMA_ANON_NAME in hwasan?

Yes, this is way better.

Harbormaster completed remote builds in B27781: Diff 185425.Feb 5 2019, 3:21 PM
pcc accepted this revision.Feb 5 2019, 4:54 PM

LGTM

eugenis added a comment.Feb 5 2019, 5:11 PM

Btw, I've pushed the RSS utility here:
https://github.com/google/sanitizers/blob/master/hwaddress-sanitizer/scan.cc
It depends on this change to find the shadow region. It is hwasan-specific, but can be easily adapted to other sanitizers if needed.
It's also really ugly, but I don't want to invest time in beautifying it.

Closed by commit rL353255: [sanitizer] Decorate /proc/self/maps better. (authored by eugenis). · Explain WhyFeb 5 2019, 5:16 PM
This revision was automatically updated to reflect the committed changes.
Herald added a project: Restricted Project. · View Herald TranscriptFeb 5 2019, 5:16 PM
Herald added a subscriber: delcypher. · View Herald Transcript

Revision Contents

PathSize
compiler-rt/
trunk/
lib/
cfi/
2 lines
hwasan/
8 lines
sanitizer_common/
19 lines
9 lines
6 lines
12 lines
87 lines
61 lines
4 lines
test/
hwasan/
TestCases/
Linux/
59 lines

Diff 185450

compiler-rt/trunk/lib/cfi/cfi.cc

Show First 20 LinesShow All 180 Lines▼ Show 20 Lines#if SANITIZER_LINUX
void *res = mremap((void *)shadow_, GetShadowSize(), GetShadowSize(), void *res = mremap((void *)shadow_, GetShadowSize(), GetShadowSize(),
MREMAP_MAYMOVE | MREMAP_FIXED, (void *)main_shadow); MREMAP_MAYMOVE | MREMAP_FIXED, (void *)main_shadow);
CHECK(res != MAP_FAILED); CHECK(res != MAP_FAILED);
#elif SANITIZER_NETBSD #elif SANITIZER_NETBSD
void *res = mremap((void *)shadow_, GetShadowSize(), (void *)main_shadow, void *res = mremap((void *)shadow_, GetShadowSize(), (void *)main_shadow,
GetShadowSize(), MAP_FIXED); GetShadowSize(), MAP_FIXED);
CHECK(res != MAP_FAILED); CHECK(res != MAP_FAILED);
#else #else
void *res = MmapFixedOrDie(shadow_, GetShadowSize()); void *res = MmapFixedOrDie(shadow_, GetShadowSize(), "cfi shadow");
CHECK(res != MAP_FAILED); CHECK(res != MAP_FAILED);
::memcpy(&shadow_, &main_shadow, GetShadowSize()); ::memcpy(&shadow_, &main_shadow, GetShadowSize());
#endif #endif
} else { } else {
// Initial setup. // Initial setup.
CHECK_EQ(kCfiShadowLimitsStorageSize, GetPageSizeCached()); CHECK_EQ(kCfiShadowLimitsStorageSize, GetPageSizeCached());
CHECK_EQ(0, GetShadow()); CHECK_EQ(0, GetShadow());
cfi_shadow_limits_storage.limits.start = shadow_; cfi_shadow_limits_storage.limits.start = shadow_;
▲ Show 20 LinesShow All 279 LinesShow Last 20 Lines

compiler-rt/trunk/lib/hwasan/hwasan.cc

Show First 20 LinesShow All 184 Lines▼ Show 20 Lines s.append(
thread_stats.total_stack_size, thread_stats.total_stack_size,
thread_stats.n_live_threads * thread_list.MemoryUsedPerThread(), thread_stats.n_live_threads * thread_list.MemoryUsedPerThread(),
sds->allocated, sds->n_uniq_ids, asc[AllocatorStatMapped]); sds->allocated, sds->n_uniq_ids, asc[AllocatorStatMapped]);
} }
#if SANITIZER_ANDROID #if SANITIZER_ANDROID
static char *memory_usage_buffer = nullptr; static char *memory_usage_buffer = nullptr;
#define PR_SET_VMA 0x53564d41
#define PR_SET_VMA_ANON_NAME 0
static void InitMemoryUsage() { static void InitMemoryUsage() {
memory_usage_buffer = memory_usage_buffer =
(char *)MmapOrDie(kMemoryUsageBufferSize, "memory usage string"); (char *)MmapOrDie(kMemoryUsageBufferSize, "memory usage string");
CHECK(memory_usage_buffer); CHECK(memory_usage_buffer);
memory_usage_buffer[0] = '\0'; memory_usage_buffer[0] = '\0';
CHECK(internal_prctl(PR_SET_VMA, PR_SET_VMA_ANON_NAME, DecorateMapping((uptr)memory_usage_buffer, kMemoryUsageBufferSize,
(uptr)memory_usage_buffer, kMemoryUsageBufferSize, memory_usage_buffer);
(uptr)memory_usage_buffer) == 0);
} }
void UpdateMemoryUsage() { void UpdateMemoryUsage() {
if (!flags()->export_memory_stats) if (!flags()->export_memory_stats)
return; return;
if (!memory_usage_buffer) if (!memory_usage_buffer)
InitMemoryUsage(); InitMemoryUsage();
InternalScopedString s(kMemoryUsageBufferSize); InternalScopedString s(kMemoryUsageBufferSize);
▲ Show 20 LinesShow All 300 LinesShow Last 20 Lines

compiler-rt/trunk/lib/sanitizer_common/sanitizer_allocator_primary64.h

Show First 20 LinesShow All 74 Lines▼ Show 20 Lines if (kUsingConstantSpaceBeg) {
CHECK_EQ(kSpaceBeg, address_range.Init(TotalSpaceSize, CHECK_EQ(kSpaceBeg, address_range.Init(TotalSpaceSize,
PrimaryAllocatorName, kSpaceBeg)); PrimaryAllocatorName, kSpaceBeg));
} else { } else {
NonConstSpaceBeg = address_range.Init(TotalSpaceSize, NonConstSpaceBeg = address_range.Init(TotalSpaceSize,
PrimaryAllocatorName); PrimaryAllocatorName);
CHECK_NE(NonConstSpaceBeg, ~(uptr)0); CHECK_NE(NonConstSpaceBeg, ~(uptr)0);
} }
SetReleaseToOSIntervalMs(release_to_os_interval_ms); SetReleaseToOSIntervalMs(release_to_os_interval_ms);
MapWithCallbackOrDie(SpaceEnd(), AdditionalSize()); MapWithCallbackOrDie(SpaceEnd(), AdditionalSize(),
"SizeClassAllocator: region info");
// Check that the RegionInfo array is aligned on the CacheLine size. // Check that the RegionInfo array is aligned on the CacheLine size.
DCHECK_EQ(SpaceEnd() % kCacheLineSize, 0); DCHECK_EQ(SpaceEnd() % kCacheLineSize, 0);
} }
s32 ReleaseToOSIntervalMs() const { s32 ReleaseToOSIntervalMs() const {
return atomic_load(&release_to_os_interval_ms_, memory_order_relaxed); return atomic_load(&release_to_os_interval_ms_, memory_order_relaxed);
} }
▲ Show 20 LinesShow All 536 Lines▼ Show 20 Lines if (offset >> (SANITIZER_WORDSIZE / 2))
return offset / size; return offset / size;
return (u32)offset / (u32)size; return (u32)offset / (u32)size;
} }
CompactPtrT *GetFreeArray(uptr region_beg) const { CompactPtrT *GetFreeArray(uptr region_beg) const {
return reinterpret_cast<CompactPtrT *>(GetMetadataEnd(region_beg)); return reinterpret_cast<CompactPtrT *>(GetMetadataEnd(region_beg));
} }
bool MapWithCallback(uptr beg, uptr size) { bool MapWithCallback(uptr beg, uptr size, const char *name) {
uptr mapped = address_range.Map(beg, size); uptr mapped = address_range.Map(beg, size, name);
if (UNLIKELY(!mapped)) if (UNLIKELY(!mapped))
return false; return false;
CHECK_EQ(beg, mapped); CHECK_EQ(beg, mapped);
MapUnmapCallback().OnMap(beg, size); MapUnmapCallback().OnMap(beg, size);
return true; return true;
} }
void MapWithCallbackOrDie(uptr beg, uptr size) { void MapWithCallbackOrDie(uptr beg, uptr size, const char *name) {
CHECK_EQ(beg, address_range.MapOrDie(beg, size)); CHECK_EQ(beg, address_range.MapOrDie(beg, size, name));
MapUnmapCallback().OnMap(beg, size); MapUnmapCallback().OnMap(beg, size);
} }
void UnmapWithCallbackOrDie(uptr beg, uptr size) { void UnmapWithCallbackOrDie(uptr beg, uptr size) {
MapUnmapCallback().OnUnmap(beg, size); MapUnmapCallback().OnUnmap(beg, size);
address_range.Unmap(beg, size); address_range.Unmap(beg, size);
} }
bool EnsureFreeArraySpace(RegionInfo *region, uptr region_beg, bool EnsureFreeArraySpace(RegionInfo *region, uptr region_beg,
uptr num_freed_chunks) { uptr num_freed_chunks) {
uptr needed_space = num_freed_chunks * sizeof(CompactPtrT); uptr needed_space = num_freed_chunks * sizeof(CompactPtrT);
if (region->mapped_free_array < needed_space) { if (region->mapped_free_array < needed_space) {
uptr new_mapped_free_array = RoundUpTo(needed_space, kFreeArrayMapSize); uptr new_mapped_free_array = RoundUpTo(needed_space, kFreeArrayMapSize);
CHECK_LE(new_mapped_free_array, kFreeArraySize); CHECK_LE(new_mapped_free_array, kFreeArraySize);
uptr current_map_end = reinterpret_cast<uptr>(GetFreeArray(region_beg)) + uptr current_map_end = reinterpret_cast<uptr>(GetFreeArray(region_beg)) +
region->mapped_free_array; region->mapped_free_array;
uptr new_map_size = new_mapped_free_array - region->mapped_free_array; uptr new_map_size = new_mapped_free_array - region->mapped_free_array;
if (UNLIKELY(!MapWithCallback(current_map_end, new_map_size))) if (UNLIKELY(!MapWithCallback(current_map_end, new_map_size,
"SizeClassAllocator: freearray")))
return false; return false;
region->mapped_free_array = new_mapped_free_array; region->mapped_free_array = new_mapped_free_array;
} }
return true; return true;
} }
// Check whether this size class is exhausted. // Check whether this size class is exhausted.
bool IsRegionExhausted(RegionInfo *region, uptr class_id, bool IsRegionExhausted(RegionInfo *region, uptr class_id,
Show All 34 Lines if (LIKELY(total_user_bytes > region->mapped_user)) {
region->rtoi.last_release_at_ns = MonotonicNanoTime(); region->rtoi.last_release_at_ns = MonotonicNanoTime();
} }
// Do the mmap for the user memory. // Do the mmap for the user memory.
const uptr user_map_size = const uptr user_map_size =
RoundUpTo(total_user_bytes - region->mapped_user, kUserMapSize); RoundUpTo(total_user_bytes - region->mapped_user, kUserMapSize);
if (UNLIKELY(IsRegionExhausted(region, class_id, user_map_size))) if (UNLIKELY(IsRegionExhausted(region, class_id, user_map_size)))
return false; return false;
if (UNLIKELY(!MapWithCallback(region_beg + region->mapped_user, if (UNLIKELY(!MapWithCallback(region_beg + region->mapped_user,
user_map_size))) user_map_size,
"SizeClassAllocator: region data")))
return false; return false;
stat->Add(AllocatorStatMapped, user_map_size); stat->Add(AllocatorStatMapped, user_map_size);
region->mapped_user += user_map_size; region->mapped_user += user_map_size;
} }
const uptr new_chunks_count = const uptr new_chunks_count =
(region->mapped_user - region->allocated_user) / size; (region->mapped_user - region->allocated_user) / size;
if (kMetadataSize) { if (kMetadataSize) {
// Calculate the required space for metadata. // Calculate the required space for metadata.
const uptr total_meta_bytes = const uptr total_meta_bytes =
region->allocated_meta + new_chunks_count * kMetadataSize; region->allocated_meta + new_chunks_count * kMetadataSize;
const uptr meta_map_size = (total_meta_bytes > region->mapped_meta) ? const uptr meta_map_size = (total_meta_bytes > region->mapped_meta) ?
RoundUpTo(total_meta_bytes - region->mapped_meta, kMetaMapSize) : 0; RoundUpTo(total_meta_bytes - region->mapped_meta, kMetaMapSize) : 0;
// Map more space for metadata, if necessary. // Map more space for metadata, if necessary.
if (meta_map_size) { if (meta_map_size) {
if (UNLIKELY(IsRegionExhausted(region, class_id, meta_map_size))) if (UNLIKELY(IsRegionExhausted(region, class_id, meta_map_size)))
return false; return false;
if (UNLIKELY(!MapWithCallback( if (UNLIKELY(!MapWithCallback(
GetMetadataEnd(region_beg) - region->mapped_meta - meta_map_size, GetMetadataEnd(region_beg) - region->mapped_meta - meta_map_size,
meta_map_size))) meta_map_size, "SizeClassAllocator: region metadata")))
return false; return false;
region->mapped_meta += meta_map_size; region->mapped_meta += meta_map_size;
} }
} }
// If necessary, allocate more space for the free array and populate it with // If necessary, allocate more space for the free array and populate it with
// newly allocated chunks. // newly allocated chunks.
const uptr total_freed_chunks = region->num_freed_chunks + new_chunks_count; const uptr total_freed_chunks = region->num_freed_chunks + new_chunks_count;
▲ Show 20 LinesShow All 113 LinesShow Last 20 Lines

compiler-rt/trunk/lib/sanitizer_common/sanitizer_common.h

Show First 20 LinesShow All 95 Lines▼ Show 20 Lines
} }
void UnmapOrDie(void *addr, uptr size); void UnmapOrDie(void *addr, uptr size);
// Behaves just like MmapOrDie, but tolerates out of memory condition, in that // Behaves just like MmapOrDie, but tolerates out of memory condition, in that
// case returns nullptr. // case returns nullptr.
void *MmapOrDieOnFatalError(uptr size, const char *mem_type); void *MmapOrDieOnFatalError(uptr size, const char *mem_type);
bool MmapFixedNoReserve(uptr fixed_addr, uptr size, const char *name = nullptr) bool MmapFixedNoReserve(uptr fixed_addr, uptr size, const char *name = nullptr)
WARN_UNUSED_RESULT; WARN_UNUSED_RESULT;
void *MmapNoReserveOrDie(uptr size, const char *mem_type); void *MmapNoReserveOrDie(uptr size, const char *mem_type);
void *MmapFixedOrDie(uptr fixed_addr, uptr size); void *MmapFixedOrDie(uptr fixed_addr, uptr size, const char *name = nullptr);
// Behaves just like MmapFixedOrDie, but tolerates out of memory condition, in // Behaves just like MmapFixedOrDie, but tolerates out of memory condition, in
// that case returns nullptr. // that case returns nullptr.
void *MmapFixedOrDieOnFatalError(uptr fixed_addr, uptr size); void *MmapFixedOrDieOnFatalError(uptr fixed_addr, uptr size,
const char *name = nullptr);
void *MmapFixedNoAccess(uptr fixed_addr, uptr size, const char *name = nullptr); void *MmapFixedNoAccess(uptr fixed_addr, uptr size, const char *name = nullptr);
void *MmapNoAccess(uptr size); void *MmapNoAccess(uptr size);
// Map aligned chunk of address space; size and alignment are powers of two. // Map aligned chunk of address space; size and alignment are powers of two.
// Dies on all but out of memory errors, in the latter case returns nullptr. // Dies on all but out of memory errors, in the latter case returns nullptr.
void *MmapAlignedOrDieOnFatalError(uptr size, uptr alignment, void *MmapAlignedOrDieOnFatalError(uptr size, uptr alignment,
const char *mem_type); const char *mem_type);
// Disallow access to a memory range. Use MmapFixedNoAccess to allocate an // Disallow access to a memory range. Use MmapFixedNoAccess to allocate an
// unaccessible memory. // unaccessible memory.
Show All 19 Lines
// Check if the built VMA size matches the runtime one. // Check if the built VMA size matches the runtime one.
void CheckVMASize(); void CheckVMASize();
void RunMallocHooks(const void *ptr, uptr size); void RunMallocHooks(const void *ptr, uptr size);
void RunFreeHooks(const void *ptr); void RunFreeHooks(const void *ptr);
class ReservedAddressRange { class ReservedAddressRange {
public: public:
uptr Init(uptr size, const char *name = nullptr, uptr fixed_addr = 0); uptr Init(uptr size, const char *name = nullptr, uptr fixed_addr = 0);
uptr Map(uptr fixed_addr, uptr size); uptr Map(uptr fixed_addr, uptr size, const char *name = nullptr);
uptr MapOrDie(uptr fixed_addr, uptr size); uptr MapOrDie(uptr fixed_addr, uptr size, const char *name = nullptr);
void Unmap(uptr addr, uptr size); void Unmap(uptr addr, uptr size);
void *base() const { return base_; } void *base() const { return base_; }
uptr size() const { return size_; } uptr size() const { return size_; }
private: private:
void* base_; void* base_;
uptr size_; uptr size_;
const char* name_; const char* name_;
▲ Show 20 LinesShow All 820 LinesShow Last 20 Lines

compiler-rt/trunk/lib/sanitizer_common/sanitizer_flags.inc

Show First 20 LinesShow All 212 Lines▼ Show 20 LinesCOMMON_FLAG(bool, intercept_intrin, true,
"If set, uses custom wrappers for memset/memcpy/memmove " "If set, uses custom wrappers for memset/memcpy/memmove "
"intrinsics to find more errors.") "intrinsics to find more errors.")
COMMON_FLAG(bool, intercept_stat, true, COMMON_FLAG(bool, intercept_stat, true,
"If set, uses custom wrappers for *stat functions " "If set, uses custom wrappers for *stat functions "
"to find more errors.") "to find more errors.")
COMMON_FLAG(bool, intercept_send, true, COMMON_FLAG(bool, intercept_send, true,
"If set, uses custom wrappers for send* functions " "If set, uses custom wrappers for send* functions "
"to find more errors.") "to find more errors.")
COMMON_FLAG(bool, decorate_proc_maps, false, "If set, decorate sanitizer " COMMON_FLAG(bool, decorate_proc_maps, (bool)SANITIZER_ANDROID,
"mappings in /proc/self/maps with " "If set, decorate sanitizer mappings in /proc/self/maps with "
"user-readable names") "user-readable names")
COMMON_FLAG(int, exitcode, 1, "Override the program exit status if the tool " COMMON_FLAG(int, exitcode, 1, "Override the program exit status if the tool "
"found an error") "found an error")
COMMON_FLAG( COMMON_FLAG(
bool, abort_on_error, (bool)SANITIZER_ANDROID || (bool)SANITIZER_MAC, bool, abort_on_error, (bool)SANITIZER_ANDROID || (bool)SANITIZER_MAC,
"If set, the tool calls abort() instead of _exit() after printing the " "If set, the tool calls abort() instead of _exit() after printing the "
"error report.") "error report.")
COMMON_FLAG(bool, suppress_equal_pcs, true, COMMON_FLAG(bool, suppress_equal_pcs, true,
"Deduplicate multiple reports for single source location in " "Deduplicate multiple reports for single source location in "
Show All 16 Lines

compiler-rt/trunk/lib/sanitizer_common/sanitizer_posix.h

Show First 20 LinesShow All 98 Lines▼ Show 20 Lines
bool IsStateDetached(int state); bool IsStateDetached(int state);
// Move the fd out of {0, 1, 2} range. // Move the fd out of {0, 1, 2} range.
fd_t ReserveStandardFds(fd_t fd); fd_t ReserveStandardFds(fd_t fd);
bool ShouldMockFailureToOpen(const char *path); bool ShouldMockFailureToOpen(const char *path);
// Create a non-file mapping with a given /proc/self/maps name.
uptr MmapNamed(void *addr, uptr length, int prot, int flags, const char *name);
// Platforms should implement at most one of these.
// 1. Provide a pre-decorated file descriptor to use instead of an anonymous
// mapping.
int GetNamedMappingFd(const char *name, uptr size, int *flags);
// 2. Add name to an existing anonymous mapping. The caller must keep *name
// alive at least as long as the mapping exists.
void DecorateMapping(uptr addr, uptr size, const char *name);
} // namespace __sanitizer } // namespace __sanitizer
#endif // SANITIZER_POSIX_H #endif // SANITIZER_POSIX_H

compiler-rt/trunk/lib/sanitizer_common/sanitizer_posix.cc

Show All 37 Lines
// ------------- sanitizer_common.h // ------------- sanitizer_common.h
uptr GetMmapGranularity() { uptr GetMmapGranularity() {
return GetPageSize(); return GetPageSize();
} }
void *MmapOrDie(uptr size, const char *mem_type, bool raw_report) { void *MmapOrDie(uptr size, const char *mem_type, bool raw_report) {
size = RoundUpTo(size, GetPageSizeCached()); size = RoundUpTo(size, GetPageSizeCached());
uptr res = internal_mmap(nullptr, size, uptr res = MmapNamed(nullptr, size, PROT_READ | PROT_WRITE,
PROT_READ | PROT_WRITE, MAP_PRIVATE | MAP_ANON, mem_type);
MAP_PRIVATE | MAP_ANON, -1, 0);
int reserrno; int reserrno;
if (UNLIKELY(internal_iserror(res, &reserrno))) if (UNLIKELY(internal_iserror(res, &reserrno)))
ReportMmapFailureAndDie(size, mem_type, "allocate", reserrno, raw_report); ReportMmapFailureAndDie(size, mem_type, "allocate", reserrno, raw_report);
IncreaseTotalMmap(size); IncreaseTotalMmap(size);
return (void *)res; return (void *)res;
} }
void UnmapOrDie(void *addr, uptr size) { void UnmapOrDie(void *addr, uptr size) {
if (!addr || !size) return; if (!addr || !size) return;
uptr res = internal_munmap(addr, size); uptr res = internal_munmap(addr, size);
if (UNLIKELY(internal_iserror(res))) { if (UNLIKELY(internal_iserror(res))) {
Report("ERROR: %s failed to deallocate 0x%zx (%zd) bytes at address %p\n", Report("ERROR: %s failed to deallocate 0x%zx (%zd) bytes at address %p\n",
SanitizerToolName, size, size, addr); SanitizerToolName, size, size, addr);
CHECK("unable to unmap" && 0); CHECK("unable to unmap" && 0);
} }
DecreaseTotalMmap(size); DecreaseTotalMmap(size);
} }
void *MmapOrDieOnFatalError(uptr size, const char *mem_type) { void *MmapOrDieOnFatalError(uptr size, const char *mem_type) {
size = RoundUpTo(size, GetPageSizeCached()); size = RoundUpTo(size, GetPageSizeCached());
uptr res = internal_mmap(nullptr, size, uptr res = MmapNamed(nullptr, size, PROT_READ | PROT_WRITE,
PROT_READ | PROT_WRITE, MAP_PRIVATE | MAP_ANON, mem_type);
MAP_PRIVATE | MAP_ANON, -1, 0);
int reserrno; int reserrno;
if (UNLIKELY(internal_iserror(res, &reserrno))) { if (UNLIKELY(internal_iserror(res, &reserrno))) {
if (reserrno == ENOMEM) if (reserrno == ENOMEM)
return nullptr; return nullptr;
ReportMmapFailureAndDie(size, mem_type, "allocate", reserrno); ReportMmapFailureAndDie(size, mem_type, "allocate", reserrno);
} }
IncreaseTotalMmap(size); IncreaseTotalMmap(size);
return (void *)res; return (void *)res;
Show All 18 Linesvoid *MmapAlignedOrDieOnFatalError(uptr size, uptr alignment,
} }
uptr end = res + size; uptr end = res + size;
if (end != map_end) if (end != map_end)
UnmapOrDie((void*)end, map_end - end); UnmapOrDie((void*)end, map_end - end);
return (void*)res; return (void*)res;
} }
void *MmapNoReserveOrDie(uptr size, const char *mem_type) { void *MmapNoReserveOrDie(uptr size, const char *mem_type) {
uptr PageSize = GetPageSizeCached(); size = RoundUpTo(size, GetPageSizeCached());
uptr p = internal_mmap(nullptr, uptr p = MmapNamed(nullptr, size, PROT_READ | PROT_WRITE,
RoundUpTo(size, PageSize), MAP_PRIVATE | MAP_ANON | MAP_NORESERVE, mem_type);
PROT_READ | PROT_WRITE,
MAP_PRIVATE | MAP_ANON | MAP_NORESERVE,
-1, 0);
int reserrno; int reserrno;
if (UNLIKELY(internal_iserror(p, &reserrno))) if (UNLIKELY(internal_iserror(p, &reserrno)))
ReportMmapFailureAndDie(size, mem_type, "allocate noreserve", reserrno); ReportMmapFailureAndDie(size, mem_type, "allocate noreserve", reserrno);
IncreaseTotalMmap(size); IncreaseTotalMmap(size);
return (void *)p; return (void *)p;
} }
void *MmapFixedImpl(uptr fixed_addr, uptr size, bool tolerate_enomem) { static void *MmapFixedImpl(uptr fixed_addr, uptr size, bool tolerate_enomem,
uptr PageSize = GetPageSizeCached(); const char *name) {
uptr p = internal_mmap((void*)(fixed_addr & ~(PageSize - 1)), size = RoundUpTo(size, GetPageSizeCached());
RoundUpTo(size, PageSize), fixed_addr = RoundDownTo(fixed_addr, GetPageSizeCached());
PROT_READ | PROT_WRITE, uptr p = MmapNamed((void *)fixed_addr, size, PROT_READ | PROT_WRITE,
MAP_PRIVATE | MAP_ANON | MAP_FIXED, MAP_PRIVATE | MAP_ANON | MAP_FIXED, name);
-1, 0);
int reserrno; int reserrno;
if (UNLIKELY(internal_iserror(p, &reserrno))) { if (UNLIKELY(internal_iserror(p, &reserrno))) {
if (tolerate_enomem && reserrno == ENOMEM) if (tolerate_enomem && reserrno == ENOMEM)
return nullptr; return nullptr;
char mem_type[40]; char mem_type[40];
internal_snprintf(mem_type, sizeof(mem_type), "memory at address 0x%zx", internal_snprintf(mem_type, sizeof(mem_type), "memory at address 0x%zx",
fixed_addr); fixed_addr);
ReportMmapFailureAndDie(size, mem_type, "allocate", reserrno); ReportMmapFailureAndDie(size, mem_type, "allocate", reserrno);
} }
IncreaseTotalMmap(size); IncreaseTotalMmap(size);
return (void *)p; return (void *)p;
} }
void *MmapFixedOrDie(uptr fixed_addr, uptr size) { void *MmapFixedOrDie(uptr fixed_addr, uptr size, const char *name) {
return MmapFixedImpl(fixed_addr, size, false /*tolerate_enomem*/); return MmapFixedImpl(fixed_addr, size, false /*tolerate_enomem*/, name);
} }
void *MmapFixedOrDieOnFatalError(uptr fixed_addr, uptr size) { void *MmapFixedOrDieOnFatalError(uptr fixed_addr, uptr size, const char *name) {
return MmapFixedImpl(fixed_addr, size, true /*tolerate_enomem*/); return MmapFixedImpl(fixed_addr, size, true /*tolerate_enomem*/, name);
} }
bool MprotectNoAccess(uptr addr, uptr size) { bool MprotectNoAccess(uptr addr, uptr size) {
return 0 == internal_mprotect((void*)addr, size, PROT_NONE); return 0 == internal_mprotect((void*)addr, size, PROT_NONE);
} }
bool MprotectReadOnly(uptr addr, uptr size) { bool MprotectReadOnly(uptr addr, uptr size) {
return 0 == internal_mprotect((void *)addr, size, PROT_READ); return 0 == internal_mprotect((void *)addr, size, PROT_READ);
▲ Show 20 LinesShow All 185 Lines▼ Show 20 Linesfd_t ReserveStandardFds(fd_t fd) {
return fd; return fd;
} }
bool ShouldMockFailureToOpen(const char *path) { bool ShouldMockFailureToOpen(const char *path) {
return common_flags()->test_only_emulate_no_memorymap && return common_flags()->test_only_emulate_no_memorymap &&
internal_strncmp(path, "/proc/", 6) == 0; internal_strncmp(path, "/proc/", 6) == 0;
} }
#if SANITIZER_LINUX && !SANITIZER_ANDROID && !SANITIZER_GO
int GetNamedMappingFd(const char *name, uptr size, int *flags) {
if (!common_flags()->decorate_proc_maps || !name)
return -1;
char shmname[200];
CHECK(internal_strlen(name) < sizeof(shmname) - 10);
internal_snprintf(shmname, sizeof(shmname), "/dev/shm/%zu [%s]",
internal_getpid(), name);
int fd = ReserveStandardFds(
internal_open(shmname, O_RDWR | O_CREAT | O_TRUNC | O_CLOEXEC, S_IRWXU));
CHECK_GE(fd, 0);
int res = internal_ftruncate(fd, size);
CHECK_EQ(0, res);
res = internal_unlink(shmname);
CHECK_EQ(0, res);
*flags &= ~(MAP_ANON | MAP_ANONYMOUS);
return fd;
}
#else
int GetNamedMappingFd(const char *name, uptr size, int *flags) {
return -1;
}
#endif
#if SANITIZER_ANDROID
#define PR_SET_VMA 0x53564d41
#define PR_SET_VMA_ANON_NAME 0
void DecorateMapping(uptr addr, uptr size, const char *name) {
if (!common_flags()->decorate_proc_maps || !name)
return;
CHECK(internal_prctl(PR_SET_VMA, PR_SET_VMA_ANON_NAME, addr, size,
(uptr)name) == 0);
}
#else
void DecorateMapping(uptr addr, uptr size, const char *name) {
}
#endif
uptr MmapNamed(void *addr, uptr length, int prot, int flags, const char *name) {
int fd = GetNamedMappingFd(name, length, &flags);
uptr res = internal_mmap(addr, length, prot, flags, fd, 0);
if (!internal_iserror(res))
DecorateMapping(res, length, name);
return res;
}
} // namespace __sanitizer } // namespace __sanitizer
#endif // SANITIZER_POSIX #endif // SANITIZER_POSIX

compiler-rt/trunk/lib/sanitizer_common/sanitizer_posix_libcdep.cc

Show First 20 LinesShow All 301 Lines▼ Show 20 Lines
void PlatformPrepareForSandboxing(__sanitizer_sandbox_arguments *args) { void PlatformPrepareForSandboxing(__sanitizer_sandbox_arguments *args) {
// Some kinds of sandboxes may forbid filesystem access, so we won't be able // Some kinds of sandboxes may forbid filesystem access, so we won't be able
// to read the file mappings from /proc/self/maps. Luckily, neither the // to read the file mappings from /proc/self/maps. Luckily, neither the
// process will be able to load additional libraries, so it's fine to use the // process will be able to load additional libraries, so it's fine to use the
// cached mappings. // cached mappings.
MemoryMappingLayout::CacheMemoryMappings(); MemoryMappingLayout::CacheMemoryMappings();
} }
#if SANITIZER_ANDROID || SANITIZER_GO
int GetNamedMappingFd(const char *name, uptr size) {
return -1;
}
#else
int GetNamedMappingFd(const char *name, uptr size) {
if (!common_flags()->decorate_proc_maps)
return -1;
char shmname[200];
CHECK(internal_strlen(name) < sizeof(shmname) - 10);
internal_snprintf(shmname, sizeof(shmname), "%zu [%s]", internal_getpid(),
name);
int fd = shm_open(shmname, O_RDWR | O_CREAT | O_TRUNC, S_IRWXU);
CHECK_GE(fd, 0);
int res = internal_ftruncate(fd, size);
CHECK_EQ(0, res);
res = shm_unlink(shmname);
CHECK_EQ(0, res);
return fd;
}
#endif
bool MmapFixedNoReserve(uptr fixed_addr, uptr size, const char *name) { bool MmapFixedNoReserve(uptr fixed_addr, uptr size, const char *name) {
int fd = name ? GetNamedMappingFd(name, size) : -1; size = RoundUpTo(size, GetPageSizeCached());
unsigned flags = MAP_PRIVATE | MAP_FIXED | MAP_NORESERVE; fixed_addr = RoundDownTo(fixed_addr, GetPageSizeCached());
if (fd == -1) flags |= MAP_ANON; uptr p = MmapNamed((void *)fixed_addr, size, PROT_READ | PROT_WRITE,
MAP_PRIVATE | MAP_FIXED | MAP_NORESERVE | MAP_ANON, name);
uptr PageSize = GetPageSizeCached();
uptr p = internal_mmap((void *)(fixed_addr & ~(PageSize - 1)),
RoundUpTo(size, PageSize), PROT_READ | PROT_WRITE,
flags, fd, 0);
int reserrno; int reserrno;
if (internal_iserror(p, &reserrno)) { if (internal_iserror(p, &reserrno)) {
Report("ERROR: %s failed to " Report("ERROR: %s failed to "
"allocate 0x%zx (%zd) bytes at address %zx (errno: %d)\n", "allocate 0x%zx (%zd) bytes at address %zx (errno: %d)\n",
SanitizerToolName, size, size, fixed_addr, reserrno); SanitizerToolName, size, size, fixed_addr, reserrno);
return false; return false;
} }
IncreaseTotalMmap(size); IncreaseTotalMmap(size);
return true; return true;
} }
uptr ReservedAddressRange::Init(uptr size, const char *name, uptr fixed_addr) { uptr ReservedAddressRange::Init(uptr size, const char *name, uptr fixed_addr) {
// We don't pass `name` along because, when you enable `decorate_proc_maps` base_ = fixed_addr ? MmapFixedNoAccess(fixed_addr, size, name)
// AND actually use a named mapping AND are using a sanitizer intercepting : MmapNoAccess(size);
// `open` (e.g. TSAN, ESAN), then you'll get a failure during initialization.
// TODO(flowerhack): Fix the implementation of GetNamedMappingFd to solve
// this problem.
base_ = fixed_addr ? MmapFixedNoAccess(fixed_addr, size) : MmapNoAccess(size);
size_ = size; size_ = size;
name_ = name; name_ = name;
(void)os_handle_; // unsupported (void)os_handle_; // unsupported
return reinterpret_cast<uptr>(base_); return reinterpret_cast<uptr>(base_);
} }
// Uses fixed_addr for now. // Uses fixed_addr for now.
// Will use offset instead once we've implemented this function for real. // Will use offset instead once we've implemented this function for real.
uptr ReservedAddressRange::Map(uptr fixed_addr, uptr size) { uptr ReservedAddressRange::Map(uptr fixed_addr, uptr size, const char *name) {
return reinterpret_cast<uptr>(MmapFixedOrDieOnFatalError(fixed_addr, size)); return reinterpret_cast<uptr>(
MmapFixedOrDieOnFatalError(fixed_addr, size, name));
} }
uptr ReservedAddressRange::MapOrDie(uptr fixed_addr, uptr size) { uptr ReservedAddressRange::MapOrDie(uptr fixed_addr, uptr size,
return reinterpret_cast<uptr>(MmapFixedOrDie(fixed_addr, size)); const char *name) {
return reinterpret_cast<uptr>(MmapFixedOrDie(fixed_addr, size, name));
} }
void ReservedAddressRange::Unmap(uptr addr, uptr size) { void ReservedAddressRange::Unmap(uptr addr, uptr size) {
CHECK_LE(size, size_); CHECK_LE(size, size_);
if (addr == reinterpret_cast<uptr>(base_)) if (addr == reinterpret_cast<uptr>(base_))
// If we unmap the whole range, just null out the base. // If we unmap the whole range, just null out the base.
base_ = (size == size_) ? nullptr : reinterpret_cast<void*>(addr + size); base_ = (size == size_) ? nullptr : reinterpret_cast<void*>(addr + size);
else else
CHECK_EQ(addr + size, reinterpret_cast<uptr>(base_) + size_); CHECK_EQ(addr + size, reinterpret_cast<uptr>(base_) + size_);
size_ -= size; size_ -= size;
UnmapOrDie(reinterpret_cast<void*>(addr), size); UnmapOrDie(reinterpret_cast<void*>(addr), size);
} }
void *MmapFixedNoAccess(uptr fixed_addr, uptr size, const char *name) { void *MmapFixedNoAccess(uptr fixed_addr, uptr size, const char *name) {
int fd = name ? GetNamedMappingFd(name, size) : -1; return (void *)MmapNamed((void *)fixed_addr, size, PROT_NONE,
unsigned flags = MAP_PRIVATE | MAP_FIXED | MAP_NORESERVE; MAP_PRIVATE | MAP_FIXED | MAP_NORESERVE | MAP_ANON,
if (fd == -1) flags |= MAP_ANON; name);
return (void *)internal_mmap((void *)fixed_addr, size, PROT_NONE, flags, fd,
0);
} }
void *MmapNoAccess(uptr size) { void *MmapNoAccess(uptr size) {
unsigned flags = MAP_PRIVATE | MAP_ANON | MAP_NORESERVE; unsigned flags = MAP_PRIVATE | MAP_ANON | MAP_NORESERVE;
return (void *)internal_mmap(nullptr, size, PROT_NONE, flags, -1, 0); return (void *)internal_mmap(nullptr, size, PROT_NONE, flags, -1, 0);
} }
// This function is defined elsewhere if we intercepted pthread_attr_getstack. // This function is defined elsewhere if we intercepted pthread_attr_getstack.
▲ Show 20 LinesShow All 121 LinesShow Last 20 Lines

compiler-rt/trunk/lib/sanitizer_common/sanitizer_win.cc

Show First 20 LinesShow All 223 Lines▼ Show 20 Lines Report("ERROR: %s failed to "
SanitizerToolName, size, size, fixed_addr, GetLastError()); SanitizerToolName, size, size, fixed_addr, GetLastError());
return false; return false;
} }
return true; return true;
} }
// Memory space mapped by 'MmapFixedOrDie' must have been reserved by // Memory space mapped by 'MmapFixedOrDie' must have been reserved by
// 'MmapFixedNoAccess'. // 'MmapFixedNoAccess'.
void *MmapFixedOrDie(uptr fixed_addr, uptr size) { void *MmapFixedOrDie(uptr fixed_addr, uptr size, const char *name) {
void *p = VirtualAlloc((LPVOID)fixed_addr, size, void *p = VirtualAlloc((LPVOID)fixed_addr, size,
MEM_COMMIT, PAGE_READWRITE); MEM_COMMIT, PAGE_READWRITE);
if (p == 0) { if (p == 0) {
char mem_type[30]; char mem_type[30];
internal_snprintf(mem_type, sizeof(mem_type), "memory at address 0x%zx", internal_snprintf(mem_type, sizeof(mem_type), "memory at address 0x%zx",
fixed_addr); fixed_addr);
ReportMmapFailureAndDie(size, mem_type, "allocate", GetLastError()); ReportMmapFailureAndDie(size, mem_type, "allocate", GetLastError());
} }
Show All 14 Linesvoid ReservedAddressRange::Unmap(uptr addr, uptr size) {
// Only unmap if it covers the entire range. // Only unmap if it covers the entire range.
CHECK((addr == reinterpret_cast<uptr>(base_)) && (size == size_)); CHECK((addr == reinterpret_cast<uptr>(base_)) && (size == size_));
// We unmap the whole range, just null out the base. // We unmap the whole range, just null out the base.
base_ = nullptr; base_ = nullptr;
size_ = 0; size_ = 0;
UnmapOrDie(reinterpret_cast<void*>(addr), size); UnmapOrDie(reinterpret_cast<void*>(addr), size);
} }
void *MmapFixedOrDieOnFatalError(uptr fixed_addr, uptr size) { void *MmapFixedOrDieOnFatalError(uptr fixed_addr, uptr size, const char *name) {
void *p = VirtualAlloc((LPVOID)fixed_addr, size, void *p = VirtualAlloc((LPVOID)fixed_addr, size,
MEM_COMMIT, PAGE_READWRITE); MEM_COMMIT, PAGE_READWRITE);
if (p == 0) { if (p == 0) {
char mem_type[30]; char mem_type[30];
internal_snprintf(mem_type, sizeof(mem_type), "memory at address 0x%zx", internal_snprintf(mem_type, sizeof(mem_type), "memory at address 0x%zx",
fixed_addr); fixed_addr);
return ReturnNullptrOnOOMOrDie(size, mem_type, "allocate"); return ReturnNullptrOnOOMOrDie(size, mem_type, "allocate");
} }
▲ Show 20 LinesShow All 803 LinesShow Last 20 Lines

compiler-rt/trunk/test/hwasan/TestCases/Linux/decorate-proc-maps.c

// RUN: %clang_hwasan -g %s -o %t
// RUN: %env_hwasan_opts=decorate_proc_maps=1 %run %t 2>&1 | FileCheck %s --check-prefix=A
// RUN: %env_hwasan_opts=decorate_proc_maps=1 %run %t 2>&1 | FileCheck %s --check-prefix=B
// A: rw-p {{.*}}hwasan threads]
// A-NEXT: ---p {{.*}}shadow gap]
// A-NEXT: rw-p {{.*}}low shadow]
// A-NEXT: ---p {{.*}}shadow gap]
// A-NEXT: rw-p {{.*}}high shadow]
// B-DAG: rw-p {{.*}}SizeClassAllocator: region data]
// B-DAG: rw-p {{.*}}SizeClassAllocator: region metadata]
// B-DAG: rw-p {{.*}}SizeClassAllocator: freearray]
// B-DAG: rw-p {{.*}}SizeClassAllocator: region info]
// B-DAG: rw-p {{.*}}LargeMmapAllocator]
// B-DAG: rw-p {{.*}}stack depot]
#include <errno.h>
#include <fcntl.h>
#include <pthread.h>
#include <stdio.h>
#include <sys/stat.h>
#include <sys/types.h>
#include <unistd.h>
#include <pthread.h>
#include <stdlib.h>
void CopyFdToFd(int in_fd, int out_fd) {
const size_t kBufSize = 0x10000;
static char buf[kBufSize];
while (1) {
ssize_t got = read(in_fd, buf, kBufSize);
if (got > 0) {
write(out_fd, buf, got);
} else if (got == 0) {
break;
} else if (errno != EAGAIN || errno != EWOULDBLOCK || errno != EINTR) {
fprintf(stderr, "error reading file, errno %d\n", errno);
abort();
}
}
}
void *ThreadFn(void *arg) {
(void)arg;
int fd = open("/proc/self/maps", O_RDONLY);
CopyFdToFd(fd, 2);
close(fd);
return NULL;
}
int main(void) {
pthread_t t;
void * volatile res = malloc(100);
void * volatile res2 = malloc(100000);
pthread_create(&t, 0, ThreadFn, 0);
pthread_join(t, 0);
return (int)(size_t)res;
}