This is an archive of the discontinued LLVM Phabricator instance.

Differential D69113

Expose __hwasan_tag_mismatch_stub
ClosedPublic

Authored by mmalcomson on Oct 17 2019, 8:47 AM.

Details

Reviewers
eugenis
kcc
pcc
Group Reviewers
Restricted Project
Commits
rG6d11abfe3507: [compiler-rt] Expose __hwasan_tag_mismatch_stub
rG612eadb7bc06: Expose __hwasan_tag_mismatch_stub
Summary

GCC would like to emit a function call to report a tag mismatch
rather than hard-code the brk instruction directly.

__hwasan_tag_mismatch_stub contains most of the functionality to do
this already, but requires exposure in the dynamic library.

This patch moves __hwasan_tag_mismatch_stub outside of the anonymous
namespace that it was defined in and declares it in
hwasan_interface_internal.h.

We also add the ability to pass sizes larger than 16 bytes to this
reporting function by providing a fourth parameter that is only looked
at when the size provided is not in the original accepted range.

This does not change the behaviour where it is already being called,
since the previous definition only accepted sizes up to 16 bytes and
hence the change in behaviour is not seen by existing users.
The change in declaration does not matter, since the only existing use
is in the __hwasan_tag_mismatch function written in assembly.

Tested with gcc and clang on an AArch64 vm.

Diff Detail

Event Timeline

mmalcomson created this revision.Oct 17 2019, 8:47 AM
Herald added a project: Restricted Project. · View Herald TranscriptOct 17 2019, 8:47 AM
Herald added subscribers: llvm-commits, kristof.beyls. · View Herald Transcript
eugenis added inline comments.Oct 17 2019, 2:27 PM
compiler-rt/lib/hwasan/hwasan_interface_internal.h
115

I think the _stub suffix does not make sense in a public interface function.
How about __hwasan_tag_mismatch4 - where 4 stands for the number of arguments?

compiler-rt/lib/hwasan/hwasan_linux.cpp
487

There is a pre-existing bug here: this function needs to set the is_load member.

mmalcomson updated this revision to Diff 225636.Oct 18 2019, 8:30 AM
eugenis accepted this revision.Oct 18 2019, 3:37 PM

LGTM

This revision is now accepted and ready to land.Oct 18 2019, 3:37 PM
Closed by commit rG612eadb7bc06: Expose __hwasan_tag_mismatch_stub (authored by tellenbach). · Explain WhyOct 24 2019, 3:07 AM
This revision was automatically updated to reflect the committed changes.

Revision Contents

PathSize
compiler-rt/
lib/
hwasan/
4 lines
35 lines
4 lines

Diff 226219

compiler-rt/lib/hwasan/hwasan_interface_internal.h

Show First 20 LinesShow All 106 Lines▼ Show 20 Lines
SANITIZER_INTERFACE_ATTRIBUTE SANITIZER_INTERFACE_ATTRIBUTE
uptr __hwasan_tag_pointer(uptr p, u8 tag); uptr __hwasan_tag_pointer(uptr p, u8 tag);
SANITIZER_INTERFACE_ATTRIBUTE SANITIZER_INTERFACE_ATTRIBUTE
void __hwasan_tag_mismatch(uptr addr, u8 ts); void __hwasan_tag_mismatch(uptr addr, u8 ts);
SANITIZER_INTERFACE_ATTRIBUTE SANITIZER_INTERFACE_ATTRIBUTE
void __hwasan_tag_mismatch4(uptr addr, uptr access_info, uptr *registers_frame,
eugenisUnsubmitted
Not Done
ReplyInline Actions

I think the _stub suffix does not make sense in a public interface function.
How about __hwasan_tag_mismatch4 - where 4 stands for the number of arguments?

eugenis: I think the _stub suffix does not make sense in a public interface function. How about…
size_t outsize);
SANITIZER_INTERFACE_ATTRIBUTE
u8 __hwasan_generate_tag(); u8 __hwasan_generate_tag();
// Returns the offset of the first tag mismatch or -1 if the whole range is // Returns the offset of the first tag mismatch or -1 if the whole range is
// good. // good.
SANITIZER_INTERFACE_ATTRIBUTE SANITIZER_INTERFACE_ATTRIBUTE
sptr __hwasan_test_shadow(const void *x, uptr size); sptr __hwasan_test_shadow(const void *x, uptr size);
SANITIZER_INTERFACE_ATTRIBUTE SANITIZER_WEAK_ATTRIBUTE SANITIZER_INTERFACE_ATTRIBUTE SANITIZER_WEAK_ATTRIBUTE
▲ Show 20 LinesShow All 101 LinesShow Last 20 Lines

compiler-rt/lib/hwasan/hwasan_linux.cpp

Show First 20 LinesShow All 454 Lines▼ Show 20 Lines#if defined(__aarch64__)
uc->uc_mcontext.pc += 4; uc->uc_mcontext.pc += 4;
#elif defined(__x86_64__) #elif defined(__x86_64__)
#else #else
# error Unsupported architecture # error Unsupported architecture
#endif #endif
return true; return true;
} }
// Entry point stub for interoperability between __hwasan_tag_mismatch (ASM) and
// the rest of the mismatch handling code (C++).
extern "C" void __hwasan_tag_mismatch_stub(uptr addr, uptr access_info,
uptr *registers_frame) {
AccessInfo ai;
ai.is_store = access_info & 0x10;
ai.recover = false;
ai.addr = addr;
ai.size = 1 << (access_info & 0xf);
HandleTagMismatch(ai, (uptr)__builtin_return_address(0),
(uptr)__builtin_frame_address(0), nullptr, registers_frame);
__builtin_unreachable();
}
static void OnStackUnwind(const SignalContext &sig, const void *, static void OnStackUnwind(const SignalContext &sig, const void *,
BufferedStackTrace *stack) { BufferedStackTrace *stack) {
stack->Unwind(StackTrace::GetNextInstructionPc(sig.pc), sig.bp, sig.context, stack->Unwind(StackTrace::GetNextInstructionPc(sig.pc), sig.bp, sig.context,
common_flags()->fast_unwind_on_fatal); common_flags()->fast_unwind_on_fatal);
} }
void HwasanOnDeadlySignal(int signo, void *info, void *context) { void HwasanOnDeadlySignal(int signo, void *info, void *context) {
// Probably a tag mismatch. // Probably a tag mismatch.
if (signo == SIGTRAP) if (signo == SIGTRAP)
if (HwasanOnSIGTRAP(signo, (siginfo_t *)info, (ucontext_t*)context)) if (HwasanOnSIGTRAP(signo, (siginfo_t *)info, (ucontext_t*)context))
return; return;
HandleDeadlySignal(info, context, GetTid(), &OnStackUnwind, nullptr); HandleDeadlySignal(info, context, GetTid(), &OnStackUnwind, nullptr);
} }
} // namespace __hwasan } // namespace __hwasan
// Entry point for interoperability between __hwasan_tag_mismatch (ASM) and the
// rest of the mismatch handling code (C++).
void __hwasan_tag_mismatch4(uptr addr, uptr access_info, uptr *registers_frame,
size_t outsize) {
__hwasan::AccessInfo ai;
ai.is_store = access_info & 0x10;
ai.is_load = !ai.is_store;
eugenisUnsubmitted
Not Done
ReplyInline Actions

There is a pre-existing bug here: this function needs to set the is_load member.

eugenis: There is a pre-existing bug here: this function needs to set the is_load member.
ai.recover = access_info & 0x20;
ai.addr = addr;
if ((access_info & 0xf) == 0xf)
ai.size = outsize;
else
ai.size = 1 << (access_info & 0xf);
__hwasan::HandleTagMismatch(ai, (uptr)__builtin_return_address(0),
(uptr)__builtin_frame_address(0), nullptr,
registers_frame);
__builtin_unreachable();
}
#endif // SANITIZER_FREEBSD || SANITIZER_LINUX || SANITIZER_NETBSD #endif // SANITIZER_FREEBSD || SANITIZER_LINUX || SANITIZER_NETBSD

compiler-rt/lib/hwasan/hwasan_tag_mismatch_aarch64.S

Show First 20 LinesShow All 129 Lines▼ Show 20 Lines__hwasan_tag_mismatch_v2:
stp x14, x15, [sp, #112] stp x14, x15, [sp, #112]
stp x12, x13, [sp, #96] stp x12, x13, [sp, #96]
stp x10, x11, [sp, #80] stp x10, x11, [sp, #80]
stp x8, x9, [sp, #64] stp x8, x9, [sp, #64]
stp x6, x7, [sp, #48] stp x6, x7, [sp, #48]
stp x4, x5, [sp, #32] stp x4, x5, [sp, #32]
stp x2, x3, [sp, #16] stp x2, x3, [sp, #16]
// Pass the address of the frame to __hwasan_tag_mismatch_stub, so that it can // Pass the address of the frame to __hwasan_tag_mismatch4, so that it can
// extract the saved registers from this frame without having to worry about // extract the saved registers from this frame without having to worry about
// finding this frame. // finding this frame.
mov x2, sp mov x2, sp
bl __hwasan_tag_mismatch_stub bl __hwasan_tag_mismatch4
CFI_ENDPROC CFI_ENDPROC
.Lfunc_end0: .Lfunc_end0:
.size __hwasan_tag_mismatch, .Lfunc_end0-__hwasan_tag_mismatch .size __hwasan_tag_mismatch, .Lfunc_end0-__hwasan_tag_mismatch
#endif // defined(__aarch64__) #endif // defined(__aarch64__)
// We do not need executable stack. // We do not need executable stack.
NO_EXEC_STACK_DIRECTIVE NO_EXEC_STACK_DIRECTIVE