This is an archive of the discontinued LLVM Phabricator instance.

Differential D83994

[GWP-ASan] Split the unwinder into segv/non-segv.
ClosedPublic

Authored by hctim on Jul 16 2020, 4:59 PM.

Details

Reviewers
morehouse
cryptoad
Commits
rG4f029d1be4e1: [GWP-ASan] Split the unwinder into segv/non-segv.
rG502f0cc0e388: [GWP-ASan] Split the unwinder into segv/non-segv.
Summary

Splits the unwinder into a non-segv (for allocation/deallocation traces) and a
segv unwinder. This ensures that implementations can select an accurate, slower
unwinder in the segv handler (if they choose to use the GWP-ASan provided one).
This is important as fast frame-pointer unwinders (like the sanitizer unwinder)
don't like unwinding through signal handlers.

Diff Detail

Event Timeline

hctim created this revision.Jul 16 2020, 4:59 PM
Herald added a project: Restricted Project. · View Herald TranscriptJul 16 2020, 4:59 PM
Herald added a subscriber: Restricted Project. · View Herald Transcript
hctim updated this revision to Diff 278637.Jul 16 2020, 4:59 PM

Correct diff.

Herald added a subscriber: mgorny. · View Herald TranscriptJul 16 2020, 4:59 PM
hctim added a subscriber: cryptoad.Jul 16 2020, 5:01 PM

+@cryptoad as this touches non-standalone scudo, but to a very limited degree.

hctim updated this revision to Diff 278638.Jul 16 2020, 5:03 PM
  • Remove vestigal changes to sanitizer_common.
hctim updated this revision to Diff 278640.Jul 16 2020, 5:06 PM
  • And patch in the changes to scudo/standalone.

(last change, promise)

Harbormaster failed remote builds in B64612: Diff 278637!Jul 16 2020, 5:25 PM
Harbormaster failed remote builds in B64611: Diff 278636!Jul 16 2020, 5:30 PM
Harbormaster failed remote builds in B64614: Diff 278638!Jul 16 2020, 5:35 PM
Harbormaster failed remote builds in B64616: Diff 278640!Jul 16 2020, 5:40 PM
morehouse added inline comments.Jul 17 2020, 8:36 AM
compiler-rt/lib/gwp_asan/optional/backtrace_linux_libc.cpp
30

I'm probably missing something here... Since this is the same implementation as Backtrace, the whole change seems pointless?

hctim marked 2 inline comments as done.Jul 17 2020, 9:03 AM
hctim added inline comments.
compiler-rt/lib/gwp_asan/optional/backtrace_linux_libc.cpp
30

The libc unwinder doesn't have the problems as it's DWARF based.

Scudo prebuilts out of the LLVM tree use this unwinder (so no problems), but Scudo when built from source on other codebases gives us the flexibility to drop in a faster, frame-pointer based unwinder - where this change is necessary. Or, when using the sanitizer unwinder, this change is also necessary to fallback from the FP unwinder to a DWARF unwinder in the segv handler.

morehouse accepted this revision.Jul 17 2020, 10:18 AM
morehouse added inline comments.
compiler-rt/lib/gwp_asan/optional/backtrace_sanitizer_common.cpp
71

Very similar to Backtrace. Let's factor out a helper function that does fast unwind only when Context == nullptr.

This revision is now accepted and ready to land.Jul 17 2020, 10:18 AM
hctim updated this revision to Diff 278844.Jul 17 2020, 10:35 AM
hctim marked 3 inline comments as done.
  • Refactor the backtrace code into a common core.
compiler-rt/lib/gwp_asan/optional/backtrace_sanitizer_common.cpp
71

Done.

morehouse accepted this revision.Jul 17 2020, 10:39 AM
cryptoad accepted this revision.Jul 17 2020, 10:43 AM
Harbormaster failed remote builds in B64717: Diff 278844!Jul 17 2020, 11:12 AM
Closed by commit rG502f0cc0e388: [GWP-ASan] Split the unwinder into segv/non-segv. (authored by hctim). · Explain WhyJul 17 2020, 1:05 PM
This revision was automatically updated to reflect the committed changes.
hans added a subscriber: hans.Jul 21 2020, 2:18 AM

After this change, two gwp-asan tests started failing:

GwpAsan-Unittest :: ./GwpAsan-x86_64-Test/BacktraceGuardedPoolAllocator.DoubleFree
GwpAsan-Unittest :: ./GwpAsan-x86_64-Test/BacktraceGuardedPoolAllocator.UseAfterFree

It seems variable names are not symbolized (but the backtrace and function names look fine), and so the death test expectations don't match.

This seems to happen in builds configured with -DCOMPILER_RT_BUILD_BUILTINS=OFF

Can you please take a look? Full error message and reproducer here: https://bugs.chromium.org/p/chromium/issues/detail?id=1107769

I've reverted in ab6263c9258ccd0e3c9cb4f675979f22cfba6131 in the meantime.

Revision Contents

PathSize
compiler-rt/
lib/
gwp_asan/
optional/
12 lines
37 lines
15 lines
17 lines
tests/
3 lines
3 lines
scudo/
4 lines
standalone/
2 lines
test/
gwp_asan/
29 lines

Diff 278882

compiler-rt/lib/gwp_asan/optional/backtrace_linux_libc.cpp

Show All 17 Lines
namespace { namespace {
size_t Backtrace(uintptr_t *TraceBuffer, size_t Size) { size_t Backtrace(uintptr_t *TraceBuffer, size_t Size) {
static_assert(sizeof(uintptr_t) == sizeof(void *), "uintptr_t is not void*"); static_assert(sizeof(uintptr_t) == sizeof(void *), "uintptr_t is not void*");
return backtrace(reinterpret_cast<void **>(TraceBuffer), Size); return backtrace(reinterpret_cast<void **>(TraceBuffer), Size);
} }
// We don't need any custom handling for the Segv backtrace - the libc unwinder
// has no problems with unwinding through a signal handler. Force inlining here
// to avoid the additional frame.
GWP_ASAN_ALWAYS_INLINE size_t SegvBacktrace(uintptr_t *TraceBuffer, size_t Size,
void * /*Context*/) {
morehouseUnsubmitted
Done
ReplyInline Actions

I'm probably missing something here... Since this is the same implementation as Backtrace, the whole change seems pointless?

morehouse: I'm probably missing something here... Since this is the same implementation as `Backtrace`…
hctimAuthorUnsubmitted
Done
ReplyInline Actions

The libc unwinder doesn't have the problems as it's DWARF based.

Scudo prebuilts out of the LLVM tree use this unwinder (so no problems), but Scudo when built from source on other codebases gives us the flexibility to drop in a faster, frame-pointer based unwinder - where this change is necessary. Or, when using the sanitizer unwinder, this change is also necessary to fallback from the FP unwinder to a DWARF unwinder in the segv handler.

hctim: The libc unwinder doesn't have the problems as it's DWARF based. Scudo prebuilts out of the…
return Backtrace(TraceBuffer, Size);
}
static void PrintBacktrace(uintptr_t *Trace, size_t TraceLength, static void PrintBacktrace(uintptr_t *Trace, size_t TraceLength,
gwp_asan::crash_handler::Printf_t Printf) { gwp_asan::crash_handler::Printf_t Printf) {
if (TraceLength == 0) { if (TraceLength == 0) {
Printf(" <not found (does your allocator support backtracing?)>\n\n"); Printf(" <not found (does your allocator support backtracing?)>\n\n");
return; return;
} }
char **BacktraceSymbols = char **BacktraceSymbols =
Show All 14 Lines
namespace gwp_asan { namespace gwp_asan {
namespace options { namespace options {
Backtrace_t getBacktraceFunction() { return Backtrace; } Backtrace_t getBacktraceFunction() { return Backtrace; }
crash_handler::PrintBacktrace_t getPrintBacktraceFunction() { crash_handler::PrintBacktrace_t getPrintBacktraceFunction() {
return PrintBacktrace; return PrintBacktrace;
} }
} // namespace options } // namespace options
namespace crash_handler {
SegvBacktrace_t getSegvBacktraceFunction() { return SegvBacktrace; }
} // namespace crash_handler
} // namespace gwp_asan } // namespace gwp_asan

compiler-rt/lib/gwp_asan/optional/backtrace_sanitizer_common.cpp

Show All 16 Lines
#include "sanitizer_common/sanitizer_flag_parser.h" #include "sanitizer_common/sanitizer_flag_parser.h"
#include "sanitizer_common/sanitizer_flags.h" #include "sanitizer_common/sanitizer_flags.h"
#include "sanitizer_common/sanitizer_stacktrace.h" #include "sanitizer_common/sanitizer_stacktrace.h"
void __sanitizer::BufferedStackTrace::UnwindImpl(uptr pc, uptr bp, void __sanitizer::BufferedStackTrace::UnwindImpl(uptr pc, uptr bp,
void *context, void *context,
bool request_fast, bool request_fast,
u32 max_depth) { u32 max_depth) {
if (!StackTrace::WillUseFastUnwind(request_fast)) { if (!StackTrace::WillUseFastUnwind(request_fast))
return Unwind(max_depth, pc, bp, context, 0, 0, request_fast); return Unwind(max_depth, pc, 0, context, 0, 0, false);
}
Unwind(max_depth, pc, 0, context, 0, 0, false); uptr top = 0;
uptr bottom = 0;
GetThreadStackTopAndBottom(/*at_initialization*/ false, &top, &bottom);
return Unwind(max_depth, pc, bp, context, top, bottom, request_fast);
} }
namespace { namespace {
size_t Backtrace(uintptr_t *TraceBuffer, size_t Size) { size_t BacktraceCommon(uintptr_t *TraceBuffer, size_t Size, void *Context) {
// Use the slow sanitizer unwinder in the segv handler. Fast frame pointer
// unwinders can end up dropping frames because the kernel sigreturn() frame's
// return address is the return address at time of fault. This has the result
// of never actually capturing the PC where the signal was raised.
bool UseFastUnwind = (Context == nullptr);
__sanitizer::BufferedStackTrace Trace; __sanitizer::BufferedStackTrace Trace;
Trace.Reset(); Trace.Reset();
if (Size > __sanitizer::kStackTraceMax) if (Size > __sanitizer::kStackTraceMax)
Size = __sanitizer::kStackTraceMax; Size = __sanitizer::kStackTraceMax;
Trace.Unwind((__sanitizer::uptr)__builtin_return_address(0), Trace.Unwind((__sanitizer::uptr)__builtin_return_address(0),
(__sanitizer::uptr)__builtin_frame_address(0), (__sanitizer::uptr)__builtin_frame_address(0), Context,
/* ucontext */ nullptr, UseFastUnwind, Size - 1);
/* fast unwind */ true, Size - 1);
memcpy(TraceBuffer, Trace.trace, Trace.size * sizeof(uintptr_t)); memcpy(TraceBuffer, Trace.trace, Trace.size * sizeof(uintptr_t));
return Trace.size; return Trace.size;
} }
size_t Backtrace(uintptr_t *TraceBuffer, size_t Size) {
return BacktraceCommon(TraceBuffer, Size, nullptr);
}
size_t SegvBacktrace(uintptr_t *TraceBuffer, size_t Size, void *Context) {
return BacktraceCommon(TraceBuffer, Size, Context);
}
static void PrintBacktrace(uintptr_t *Trace, size_t TraceLength, static void PrintBacktrace(uintptr_t *Trace, size_t TraceLength,
gwp_asan::crash_handler::Printf_t Printf) { gwp_asan::crash_handler::Printf_t Printf) {
__sanitizer::StackTrace StackTrace; __sanitizer::StackTrace StackTrace;
StackTrace.trace = reinterpret_cast<__sanitizer::uptr *>(Trace); StackTrace.trace = reinterpret_cast<__sanitizer::uptr *>(Trace);
StackTrace.size = TraceLength; StackTrace.size = TraceLength;
if (StackTrace.size == 0) { if (StackTrace.size == 0) {
Printf(" <unknown (does your allocator support backtracing?)>\n\n"); Printf(" <unknown (does your allocator support backtracing?)>\n\n");
morehouseUnsubmitted
Done
ReplyInline Actions

Very similar to Backtrace. Let's factor out a helper function that does fast unwind only when Context == nullptr.

morehouse: Very similar to `Backtrace`. Let's factor out a helper function that does fast unwind only…
hctimAuthorUnsubmitted
Done
ReplyInline Actions

Done.

hctim: Done.
return; return;
} }
StackTrace.Print(); StackTrace.Print();
} }
} // anonymous namespace } // anonymous namespace
namespace gwp_asan { namespace gwp_asan {
Show All 9 LinesBacktrace_t getBacktraceFunction() {
__sanitizer::SetCommonFlagsDefaults(); __sanitizer::SetCommonFlagsDefaults();
__sanitizer::InitializeCommonFlags(); __sanitizer::InitializeCommonFlags();
return Backtrace; return Backtrace;
} }
crash_handler::PrintBacktrace_t getPrintBacktraceFunction() { crash_handler::PrintBacktrace_t getPrintBacktraceFunction() {
return PrintBacktrace; return PrintBacktrace;
} }
} // namespace options } // namespace options
namespace crash_handler {
SegvBacktrace_t getSegvBacktraceFunction() { return SegvBacktrace; }
} // namespace crash_handler
} // namespace gwp_asan } // namespace gwp_asan

compiler-rt/lib/gwp_asan/optional/segv_handler.h

Show First 20 LinesShow All 53 Lines▼ Show 20 Lines
typedef void (*PrintBacktrace_t)(uintptr_t *TraceBuffer, size_t TraceLength, typedef void (*PrintBacktrace_t)(uintptr_t *TraceBuffer, size_t TraceLength,
Printf_t Print); Printf_t Print);
// Returns a function pointer to a basic PrintBacktrace implementation. This // Returns a function pointer to a basic PrintBacktrace implementation. This
// implementation simply prints the stack trace in a human readable fashion // implementation simply prints the stack trace in a human readable fashion
// without any symbolization. // without any symbolization.
PrintBacktrace_t getBasicPrintBacktraceFunction(); PrintBacktrace_t getBasicPrintBacktraceFunction();
// Returns a function pointer to a backtrace function that's suitable for
// unwinding through a signal handler. This is important primarily for frame-
// pointer based unwinders, DWARF or other unwinders can simply provide the
// normal backtrace function as the implementation here. On POSIX, SignalContext
// should be the `ucontext_t` from the signal handler.
typedef size_t (*SegvBacktrace_t)(uintptr_t *TraceBuffer, size_t Size,
void *SignalContext);
SegvBacktrace_t getSegvBacktraceFunction();
// Install the SIGSEGV crash handler for printing use-after-free and heap- // Install the SIGSEGV crash handler for printing use-after-free and heap-
// buffer-{under|over}flow exceptions if the user asked for it. This is platform // buffer-{under|over}flow exceptions if the user asked for it. This is platform
// specific as even though POSIX and Windows both support registering handlers // specific as even though POSIX and Windows both support registering handlers
// through signal(), we have to use platform-specific signal handlers to obtain // through signal(), we have to use platform-specific signal handlers to obtain
// the address that caused the SIGSEGV exception. GPA->init() must be called // the address that caused the SIGSEGV exception. GPA->init() must be called
// before this function. // before this function.
void installSignalHandlers(gwp_asan::GuardedPoolAllocator *GPA, Printf_t Printf, void installSignalHandlers(gwp_asan::GuardedPoolAllocator *GPA, Printf_t Printf,
PrintBacktrace_t PrintBacktrace, PrintBacktrace_t PrintBacktrace,
options::Backtrace_t Backtrace); SegvBacktrace_t SegvBacktrace);
void uninstallSignalHandlers(); void uninstallSignalHandlers();
void dumpReport(uintptr_t ErrorPtr, const gwp_asan::AllocatorState *State, void dumpReport(uintptr_t ErrorPtr, const gwp_asan::AllocatorState *State,
const gwp_asan::AllocationMetadata *Metadata, const gwp_asan::AllocationMetadata *Metadata,
options::Backtrace_t Backtrace, Printf_t Printf, SegvBacktrace_t SegvBacktrace, Printf_t Printf,
PrintBacktrace_t PrintBacktrace); PrintBacktrace_t PrintBacktrace, void *Context);
} // namespace crash_handler } // namespace crash_handler
} // namespace gwp_asan } // namespace gwp_asan
#endif // GWP_ASAN_OPTIONAL_CRASH_HANDLER_H_ #endif // GWP_ASAN_OPTIONAL_CRASH_HANDLER_H_

compiler-rt/lib/gwp_asan/optional/segv_handler_posix.cpp

Show All 17 Lines
#include <stdio.h> #include <stdio.h>
namespace { namespace {
using gwp_asan::AllocationMetadata; using gwp_asan::AllocationMetadata;
using gwp_asan::Error; using gwp_asan::Error;
using gwp_asan::GuardedPoolAllocator; using gwp_asan::GuardedPoolAllocator;
using gwp_asan::crash_handler::PrintBacktrace_t; using gwp_asan::crash_handler::PrintBacktrace_t;
using gwp_asan::crash_handler::Printf_t; using gwp_asan::crash_handler::Printf_t;
using gwp_asan::options::Backtrace_t; using gwp_asan::crash_handler::SegvBacktrace_t;
struct sigaction PreviousHandler; struct sigaction PreviousHandler;
bool SignalHandlerInstalled; bool SignalHandlerInstalled;
gwp_asan::GuardedPoolAllocator *GPAForSignalHandler; gwp_asan::GuardedPoolAllocator *GPAForSignalHandler;
Printf_t PrintfForSignalHandler; Printf_t PrintfForSignalHandler;
PrintBacktrace_t PrintBacktraceForSignalHandler; PrintBacktrace_t PrintBacktraceForSignalHandler;
Backtrace_t BacktraceForSignalHandler; SegvBacktrace_t BacktraceForSignalHandler;
static void sigSegvHandler(int sig, siginfo_t *info, void *ucontext) { static void sigSegvHandler(int sig, siginfo_t *info, void *ucontext) {
if (GPAForSignalHandler) { if (GPAForSignalHandler) {
GPAForSignalHandler->stop(); GPAForSignalHandler->stop();
gwp_asan::crash_handler::dumpReport( gwp_asan::crash_handler::dumpReport(
reinterpret_cast<uintptr_t>(info->si_addr), reinterpret_cast<uintptr_t>(info->si_addr),
GPAForSignalHandler->getAllocatorState(), GPAForSignalHandler->getAllocatorState(),
GPAForSignalHandler->getMetadataRegion(), BacktraceForSignalHandler, GPAForSignalHandler->getMetadataRegion(), BacktraceForSignalHandler,
PrintfForSignalHandler, PrintBacktraceForSignalHandler); PrintfForSignalHandler, PrintBacktraceForSignalHandler, ucontext);
} }
// Process any previous handlers. // Process any previous handlers.
if (PreviousHandler.sa_flags & SA_SIGINFO) { if (PreviousHandler.sa_flags & SA_SIGINFO) {
PreviousHandler.sa_sigaction(sig, info, ucontext); PreviousHandler.sa_sigaction(sig, info, ucontext);
} else if (PreviousHandler.sa_handler == SIG_DFL) { } else if (PreviousHandler.sa_handler == SIG_DFL) {
// If the previous handler was the default handler, cause a core dump. // If the previous handler was the default handler, cause a core dump.
signal(SIGSEGV, SIG_DFL); signal(SIGSEGV, SIG_DFL);
▲ Show 20 LinesShow All 81 Lines▼ Show 20 Lines
namespace gwp_asan { namespace gwp_asan {
namespace crash_handler { namespace crash_handler {
PrintBacktrace_t getBasicPrintBacktraceFunction() { PrintBacktrace_t getBasicPrintBacktraceFunction() {
return defaultPrintStackTrace; return defaultPrintStackTrace;
} }
void installSignalHandlers(gwp_asan::GuardedPoolAllocator *GPA, Printf_t Printf, void installSignalHandlers(gwp_asan::GuardedPoolAllocator *GPA, Printf_t Printf,
PrintBacktrace_t PrintBacktrace, PrintBacktrace_t PrintBacktrace,
options::Backtrace_t Backtrace) { SegvBacktrace_t SegvBacktrace) {
GPAForSignalHandler = GPA; GPAForSignalHandler = GPA;
PrintfForSignalHandler = Printf; PrintfForSignalHandler = Printf;
PrintBacktraceForSignalHandler = PrintBacktrace; PrintBacktraceForSignalHandler = PrintBacktrace;
BacktraceForSignalHandler = Backtrace; BacktraceForSignalHandler = SegvBacktrace;
struct sigaction Action; struct sigaction Action;
Action.sa_sigaction = sigSegvHandler; Action.sa_sigaction = sigSegvHandler;
Action.sa_flags = SA_SIGINFO; Action.sa_flags = SA_SIGINFO;
sigaction(SIGSEGV, &Action, &PreviousHandler); sigaction(SIGSEGV, &Action, &PreviousHandler);
SignalHandlerInstalled = true; SignalHandlerInstalled = true;
} }
void uninstallSignalHandlers() { void uninstallSignalHandlers() {
if (SignalHandlerInstalled) { if (SignalHandlerInstalled) {
sigaction(SIGSEGV, &PreviousHandler, nullptr); sigaction(SIGSEGV, &PreviousHandler, nullptr);
SignalHandlerInstalled = false; SignalHandlerInstalled = false;
} }
} }
void dumpReport(uintptr_t ErrorPtr, const gwp_asan::AllocatorState *State, void dumpReport(uintptr_t ErrorPtr, const gwp_asan::AllocatorState *State,
const gwp_asan::AllocationMetadata *Metadata, const gwp_asan::AllocationMetadata *Metadata,
options::Backtrace_t Backtrace, Printf_t Printf, SegvBacktrace_t SegvBacktrace, Printf_t Printf,
PrintBacktrace_t PrintBacktrace) { PrintBacktrace_t PrintBacktrace, void *Context) {
assert(State && "dumpReport missing Allocator State."); assert(State && "dumpReport missing Allocator State.");
assert(Metadata && "dumpReport missing Metadata."); assert(Metadata && "dumpReport missing Metadata.");
assert(Printf && "dumpReport missing Printf."); assert(Printf && "dumpReport missing Printf.");
if (!__gwp_asan_error_is_mine(State, ErrorPtr)) if (!__gwp_asan_error_is_mine(State, ErrorPtr))
return; return;
Printf("*** GWP-ASan detected a memory error ***\n"); Printf("*** GWP-ASan detected a memory error ***\n");
Show All 16 Lines const gwp_asan::AllocationMetadata *AllocMeta =
__gwp_asan_get_metadata(State, Metadata, ErrorPtr); __gwp_asan_get_metadata(State, Metadata, ErrorPtr);
// Print the error header. // Print the error header.
printHeader(E, ErrorPtr, AllocMeta, Printf); printHeader(E, ErrorPtr, AllocMeta, Printf);
// Print the fault backtrace. // Print the fault backtrace.
static constexpr unsigned kMaximumStackFramesForCrashTrace = 512; static constexpr unsigned kMaximumStackFramesForCrashTrace = 512;
uintptr_t Trace[kMaximumStackFramesForCrashTrace]; uintptr_t Trace[kMaximumStackFramesForCrashTrace];
size_t TraceLength = Backtrace(Trace, kMaximumStackFramesForCrashTrace); size_t TraceLength =
SegvBacktrace(Trace, kMaximumStackFramesForCrashTrace, Context);
PrintBacktrace(Trace, TraceLength, Printf); PrintBacktrace(Trace, TraceLength, Printf);
if (AllocMeta == nullptr) if (AllocMeta == nullptr)
return; return;
// Maybe print the deallocation trace. // Maybe print the deallocation trace.
if (__gwp_asan_is_deallocated(AllocMeta)) { if (__gwp_asan_is_deallocated(AllocMeta)) {
Show All 22 Lines

compiler-rt/lib/gwp_asan/tests/CMakeLists.txt

include(CompilerRTCompile) include(CompilerRTCompile)
set(GWP_ASAN_UNITTEST_CFLAGS set(GWP_ASAN_UNITTEST_CFLAGS
${COMPILER_RT_UNITTEST_CFLAGS} ${COMPILER_RT_UNITTEST_CFLAGS}
${COMPILER_RT_GTEST_CFLAGS} ${COMPILER_RT_GTEST_CFLAGS}
-I${COMPILER_RT_SOURCE_DIR}/lib/ -I${COMPILER_RT_SOURCE_DIR}/lib/
-O2 -O2
-g) -g
-fno-omit-frame-pointer)
file(GLOB GWP_ASAN_HEADERS ../*.h) file(GLOB GWP_ASAN_HEADERS ../*.h)
set(GWP_ASAN_UNITTESTS set(GWP_ASAN_UNITTESTS
optional/printf_sanitizer_common.cpp optional/printf_sanitizer_common.cpp
alignment.cpp alignment.cpp
backtrace.cpp backtrace.cpp
basic.cpp basic.cpp
compression.cpp compression.cpp
▲ Show 20 LinesShow All 55 LinesShow Last 20 Lines

compiler-rt/lib/gwp_asan/tests/harness.h

Show First 20 LinesShow All 80 Lines▼ Show 20 Lines void SetUp() override {
Opts.setDefaults(); Opts.setDefaults();
Opts.Backtrace = gwp_asan::options::getBacktraceFunction(); Opts.Backtrace = gwp_asan::options::getBacktraceFunction();
Opts.InstallForkHandlers = gwp_asan::test::OnlyOnce(); Opts.InstallForkHandlers = gwp_asan::test::OnlyOnce();
GPA.init(Opts); GPA.init(Opts);
gwp_asan::crash_handler::installSignalHandlers( gwp_asan::crash_handler::installSignalHandlers(
&GPA, gwp_asan::test::getPrintfFunction(), &GPA, gwp_asan::test::getPrintfFunction(),
gwp_asan::options::getPrintBacktraceFunction(), Opts.Backtrace); gwp_asan::options::getPrintBacktraceFunction(),
gwp_asan::crash_handler::getSegvBacktraceFunction());
} }
void TearDown() override { void TearDown() override {
GPA.uninitTestOnly(); GPA.uninitTestOnly();
gwp_asan::crash_handler::uninstallSignalHandlers(); gwp_asan::crash_handler::uninstallSignalHandlers();
} }
protected: protected:
gwp_asan::GuardedPoolAllocator GPA; gwp_asan::GuardedPoolAllocator GPA;
}; };
#endif // GWP_ASAN_TESTS_HARNESS_H_ #endif // GWP_ASAN_TESTS_HARNESS_H_

compiler-rt/lib/scudo/scudo_allocator.cpp

Show All 23 Lines
#include "sanitizer_common/sanitizer_allocator_checks.h" #include "sanitizer_common/sanitizer_allocator_checks.h"
#include "sanitizer_common/sanitizer_allocator_interface.h" #include "sanitizer_common/sanitizer_allocator_interface.h"
#include "sanitizer_common/sanitizer_quarantine.h" #include "sanitizer_common/sanitizer_quarantine.h"
#ifdef GWP_ASAN_HOOKS #ifdef GWP_ASAN_HOOKS
# include "gwp_asan/guarded_pool_allocator.h" # include "gwp_asan/guarded_pool_allocator.h"
# include "gwp_asan/optional/backtrace.h" # include "gwp_asan/optional/backtrace.h"
# include "gwp_asan/optional/options_parser.h" # include "gwp_asan/optional/options_parser.h"
#include "gwp_asan/optional/segv_handler.h"
#endif // GWP_ASAN_HOOKS #endif // GWP_ASAN_HOOKS
#include <errno.h> #include <errno.h>
#include <string.h> #include <string.h>
namespace __scudo { namespace __scudo {
// Global static cookie, initialized at start-up. // Global static cookie, initialized at start-up.
▲ Show 20 LinesShow All 634 Lines▼ Show 20 Lines#ifdef GWP_ASAN_HOOKS
gwp_asan::options::initOptions(); gwp_asan::options::initOptions();
gwp_asan::options::Options &Opts = gwp_asan::options::getOptions(); gwp_asan::options::Options &Opts = gwp_asan::options::getOptions();
Opts.Backtrace = gwp_asan::options::getBacktraceFunction(); Opts.Backtrace = gwp_asan::options::getBacktraceFunction();
GuardedAlloc.init(Opts); GuardedAlloc.init(Opts);
if (Opts.InstallSignalHandlers) if (Opts.InstallSignalHandlers)
gwp_asan::crash_handler::installSignalHandlers( gwp_asan::crash_handler::installSignalHandlers(
&GuardedAlloc, __sanitizer::Printf, &GuardedAlloc, __sanitizer::Printf,
gwp_asan::options::getPrintBacktraceFunction(), Opts.Backtrace); gwp_asan::options::getPrintBacktraceFunction(),
gwp_asan::crash_handler::getSegvBacktraceFunction());
#endif // GWP_ASAN_HOOKS #endif // GWP_ASAN_HOOKS
} }
void ScudoTSD::init() { void ScudoTSD::init() {
getBackend().initCache(&Cache); getBackend().initCache(&Cache);
memset(QuarantineCachePlaceHolder, 0, sizeof(QuarantineCachePlaceHolder)); memset(QuarantineCachePlaceHolder, 0, sizeof(QuarantineCachePlaceHolder));
} }
▲ Show 20 LinesShow All 134 LinesShow Last 20 Lines

compiler-rt/lib/scudo/standalone/combined.h

Show First 20 LinesShow All 186 Lines▼ Show 20 Lines#ifdef GWP_ASAN_HOOKS
// handler. // handler.
Opt.InstallForkHandlers = false; Opt.InstallForkHandlers = false;
Opt.Backtrace = gwp_asan::options::getBacktraceFunction(); Opt.Backtrace = gwp_asan::options::getBacktraceFunction();
GuardedAlloc.init(Opt); GuardedAlloc.init(Opt);
if (Opt.InstallSignalHandlers) if (Opt.InstallSignalHandlers)
gwp_asan::crash_handler::installSignalHandlers( gwp_asan::crash_handler::installSignalHandlers(
&GuardedAlloc, Printf, gwp_asan::options::getPrintBacktraceFunction(), &GuardedAlloc, Printf, gwp_asan::options::getPrintBacktraceFunction(),
Opt.Backtrace); gwp_asan::crash_handler::getSegvBacktraceFunction());
#endif // GWP_ASAN_HOOKS #endif // GWP_ASAN_HOOKS
} }
void reset() { memset(this, 0, sizeof(*this)); } void reset() { memset(this, 0, sizeof(*this)); }
void unmapTestOnly() { void unmapTestOnly() {
TSDRegistry.unmapTestOnly(); TSDRegistry.unmapTestOnly();
Primary.unmapTestOnly(); Primary.unmapTestOnly();
▲ Show 20 LinesShow All 869 LinesShow Last 20 Lines

compiler-rt/test/gwp_asan/backtrace.c

  • This file was added.
// REQUIRES: gwp_asan
// RUN: %clang_gwp_asan %s -g -o %t
// RUN: %expect_crash %t 2>&1 | FileCheck %s
#include <stdlib.h>
__attribute__((noinline)) void *allocate_mem() { return malloc(1); }
__attribute__((noinline)) void free_mem(void *ptr) { free(ptr); }
__attribute__((noinline)) void touch_mem(void *ptr) {
volatile char sink = *((volatile char *)ptr);
}
// CHECK: Use After Free
// CHECK: touch_mem
// CHECK: was deallocated
// CHECK: free_mem
// CHECK: was allocated
// CHECK: allocate_mem
int main() {
for (unsigned i = 0; i < 0x10000; ++i) {
void *ptr = allocate_mem();
free_mem(ptr);
touch_mem(ptr);
}
return 0;
}