This is an archive of the discontinued LLVM Phabricator instance.

[GWP-ASan] Split the unwinder into segv/non-segv.
ClosedPublic

Authored by hctim on Jul 16 2020, 4:59 PM.

Details

Summary

Splits the unwinder into a non-segv (for allocation/deallocation traces) and a
segv unwinder. This ensures that implementations can select an accurate, slower
unwinder in the segv handler (if they choose to use the GWP-ASan provided one).
This is important as fast frame-pointer unwinders (like the sanitizer unwinder)
don't like unwinding through signal handlers.

Diff Detail

Event Timeline

hctim created this revision.Jul 16 2020, 4:59 PM
Herald added a project: Restricted Project. · View Herald TranscriptJul 16 2020, 4:59 PM
Herald added a subscriber: Restricted Project. · View Herald Transcript
hctim updated this revision to Diff 278637.Jul 16 2020, 4:59 PM

Correct diff.

hctim added a subscriber: cryptoad.Jul 16 2020, 5:01 PM

+@cryptoad as this touches non-standalone scudo, but to a very limited degree.

hctim updated this revision to Diff 278638.Jul 16 2020, 5:03 PM
  • Remove vestigal changes to sanitizer_common.
hctim updated this revision to Diff 278640.Jul 16 2020, 5:06 PM
  • And patch in the changes to scudo/standalone.

(last change, promise)

morehouse added inline comments.Jul 17 2020, 8:36 AM
compiler-rt/lib/gwp_asan/optional/backtrace_linux_libc.cpp
30

I'm probably missing something here... Since this is the same implementation as Backtrace, the whole change seems pointless?

hctim marked 2 inline comments as done.Jul 17 2020, 9:03 AM
hctim added inline comments.
compiler-rt/lib/gwp_asan/optional/backtrace_linux_libc.cpp
30

The libc unwinder doesn't have the problems as it's DWARF based.

Scudo prebuilts out of the LLVM tree use this unwinder (so no problems), but Scudo when built from source on other codebases gives us the flexibility to drop in a faster, frame-pointer based unwinder - where this change is necessary. Or, when using the sanitizer unwinder, this change is also necessary to fallback from the FP unwinder to a DWARF unwinder in the segv handler.

morehouse accepted this revision.Jul 17 2020, 10:18 AM
morehouse added inline comments.
compiler-rt/lib/gwp_asan/optional/backtrace_sanitizer_common.cpp
66

Very similar to Backtrace. Let's factor out a helper function that does fast unwind only when Context == nullptr.

This revision is now accepted and ready to land.Jul 17 2020, 10:18 AM
hctim updated this revision to Diff 278844.Jul 17 2020, 10:35 AM
hctim marked 3 inline comments as done.
  • Refactor the backtrace code into a common core.
compiler-rt/lib/gwp_asan/optional/backtrace_sanitizer_common.cpp
66

Done.

morehouse accepted this revision.Jul 17 2020, 10:39 AM
cryptoad accepted this revision.Jul 17 2020, 10:43 AM
This revision was automatically updated to reflect the committed changes.
hans added a subscriber: hans.Jul 21 2020, 2:18 AM

After this change, two gwp-asan tests started failing:

GwpAsan-Unittest :: ./GwpAsan-x86_64-Test/BacktraceGuardedPoolAllocator.DoubleFree
GwpAsan-Unittest :: ./GwpAsan-x86_64-Test/BacktraceGuardedPoolAllocator.UseAfterFree

It seems variable names are not symbolized (but the backtrace and function names look fine), and so the death test expectations don't match.

This seems to happen in builds configured with -DCOMPILER_RT_BUILD_BUILTINS=OFF

Can you please take a look? Full error message and reproducer here: https://bugs.chromium.org/p/chromium/issues/detail?id=1107769

I've reverted in ab6263c9258ccd0e3c9cb4f675979f22cfba6131 in the meantime.