caio/clang-p2996
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
d661b4b57504b965a37dc30b79bdd5ac36fca9ec
clang-p2996/lldb/source/Plugins/InstrumentationRuntime/ASan/InstrumentationRuntimeASan.cpp
Jim Ingham 076341d108 Make sure SelectMostRelevantFrame happens only when returning to the user. 
This is a user facing action, it is meant to focus the user's attention on
something other than the 0th frame when you stop somewhere where that's
helpful. For instance, stopping in pthread_kill after an assert will select
the assert frame.

This is not something you want to have happen internally in lldb, both
because internally you really don't want the selected frame changing out
from under you, and because the recognizers can do arbitrary work, and that
can cause deadlocks or other unexpected behavior.

However, it's not something that the current code does
explicitly after a stop has been delivered, it's expected to happen implicitly
as part of stopping. I changing this to call SMRF explicitly after a user
stop, but that got pretty ugly quickly.

So I added a bool to control whether to run this and audited all the current
uses to determine whether we're returning to the user or not.

Differential Revision: https://reviews.llvm.org/D148863
2023-04-21 14:21:25 -07:00

328 lines
12 KiB
C++
Raw Blame History

//===-- InstrumentationRuntimeASan.cpp ------------------------------------===//
//
// Part of the LLVM Project, under the Apache License v2.0 with LLVM Exceptions.
// See https://llvm.org/LICENSE.txt for license information.
// SPDX-License-Identifier: Apache-2.0 WITH LLVM-exception
//
//===----------------------------------------------------------------------===//
#include "InstrumentationRuntimeASan.h"
#include "lldb/Breakpoint/StoppointCallbackContext.h"
#include "lldb/Core/Debugger.h"
#include "lldb/Core/Module.h"
#include "lldb/Core/PluginInterface.h"
#include "lldb/Core/PluginManager.h"
#include "lldb/Core/StreamFile.h"
#include "lldb/Core/ValueObject.h"
#include "lldb/Expression/UserExpression.h"
#include "lldb/Interpreter/CommandReturnObject.h"
#include "lldb/Symbol/Symbol.h"
#include "lldb/Target/InstrumentationRuntimeStopInfo.h"
#include "lldb/Target/StopInfo.h"
#include "lldb/Target/Target.h"
#include "lldb/Target/Thread.h"
#include "lldb/Utility/RegularExpression.h"
#include "lldb/Utility/Stream.h"
#include "llvm/ADT/StringSwitch.h"
using namespace lldb;
using namespace lldb_private;
LLDB_PLUGIN_DEFINE(InstrumentationRuntimeASan)
lldb::InstrumentationRuntimeSP
InstrumentationRuntimeASan::CreateInstance(const lldb::ProcessSP &process_sp) {
return InstrumentationRuntimeSP(new InstrumentationRuntimeASan(process_sp));
}
void InstrumentationRuntimeASan::Initialize() {
PluginManager::RegisterPlugin(
GetPluginNameStatic(), "AddressSanitizer instrumentation runtime plugin.",
CreateInstance, GetTypeStatic);
}
void InstrumentationRuntimeASan::Terminate() {
PluginManager::UnregisterPlugin(CreateInstance);
}
lldb::InstrumentationRuntimeType InstrumentationRuntimeASan::GetTypeStatic() {
return eInstrumentationRuntimeTypeAddressSanitizer;
}
InstrumentationRuntimeASan::~InstrumentationRuntimeASan() { Deactivate(); }
const RegularExpression &
InstrumentationRuntimeASan::GetPatternForRuntimeLibrary() {
// FIXME: This shouldn't include the "dylib" suffix.
static RegularExpression regex(
llvm::StringRef("libclang_rt.asan_(.*)_dynamic\\.dylib"));
return regex;
}
bool InstrumentationRuntimeASan::CheckIfRuntimeIsValid(
const lldb::ModuleSP module_sp) {
const Symbol *symbol = module_sp->FindFirstSymbolWithNameAndType(
ConstString("__asan_get_alloc_stack"), lldb::eSymbolTypeAny);
return symbol != nullptr;
}
const char *address_sanitizer_retrieve_report_data_prefix = R"(
extern "C"
{
int __asan_report_present();
void *__asan_get_report_pc();
void *__asan_get_report_bp();
void *__asan_get_report_sp();
void *__asan_get_report_address();
const char *__asan_get_report_description();
int __asan_get_report_access_type();
size_t __asan_get_report_access_size();
}
)";
const char *address_sanitizer_retrieve_report_data_command = R"(
struct {
int present;
int access_type;
void *pc;
void *bp;
void *sp;
void *address;
size_t access_size;
const char *description;
} t;
t.present = __asan_report_present();
t.access_type = __asan_get_report_access_type();
t.pc = __asan_get_report_pc();
t.bp = __asan_get_report_bp();
t.sp = __asan_get_report_sp();
t.address = __asan_get_report_address();
t.access_size = __asan_get_report_access_size();
t.description = __asan_get_report_description();
t
)";
StructuredData::ObjectSP InstrumentationRuntimeASan::RetrieveReportData() {
ProcessSP process_sp = GetProcessSP();
if (!process_sp)
return StructuredData::ObjectSP();
ThreadSP thread_sp =
process_sp->GetThreadList().GetExpressionExecutionThread();
StackFrameSP frame_sp =
thread_sp->GetSelectedFrame(DoNoSelectMostRelevantFrame);
if (!frame_sp)
return StructuredData::ObjectSP();
EvaluateExpressionOptions options;
options.SetUnwindOnError(true);
options.SetTryAllThreads(true);
options.SetStopOthers(true);
options.SetIgnoreBreakpoints(true);
options.SetTimeout(process_sp->GetUtilityExpressionTimeout());
options.SetPrefix(address_sanitizer_retrieve_report_data_prefix);
options.SetAutoApplyFixIts(false);
options.SetLanguage(eLanguageTypeObjC_plus_plus);
ValueObjectSP return_value_sp;
ExecutionContext exe_ctx;
Status eval_error;
frame_sp->CalculateExecutionContext(exe_ctx);
ExpressionResults result = UserExpression::Evaluate(
exe_ctx, options, address_sanitizer_retrieve_report_data_command, "",
return_value_sp, eval_error);
if (result != eExpressionCompleted) {
StreamString ss;
ss << "cannot evaluate AddressSanitizer expression:\n";
ss << eval_error.AsCString();
Debugger::ReportWarning(ss.GetString().str(),
process_sp->GetTarget().GetDebugger().GetID());
return StructuredData::ObjectSP();
}
int present = return_value_sp->GetValueForExpressionPath(".present")
->GetValueAsUnsigned(0);
if (present != 1)
return StructuredData::ObjectSP();
addr_t pc =
return_value_sp->GetValueForExpressionPath(".pc")->GetValueAsUnsigned(0);
/* commented out because rdar://problem/18533301
addr_t bp =
return_value_sp->GetValueForExpressionPath(".bp")->GetValueAsUnsigned(0);
addr_t sp =
return_value_sp->GetValueForExpressionPath(".sp")->GetValueAsUnsigned(0);
*/
addr_t address = return_value_sp->GetValueForExpressionPath(".address")
->GetValueAsUnsigned(0);
addr_t access_type =
return_value_sp->GetValueForExpressionPath(".access_type")
->GetValueAsUnsigned(0);
addr_t access_size =
return_value_sp->GetValueForExpressionPath(".access_size")
->GetValueAsUnsigned(0);
addr_t description_ptr =
return_value_sp->GetValueForExpressionPath(".description")
->GetValueAsUnsigned(0);
std::string description;
Status error;
process_sp->ReadCStringFromMemory(description_ptr, description, error);
StructuredData::Dictionary *dict = new StructuredData::Dictionary();
dict->AddStringItem("instrumentation_class", "AddressSanitizer");
dict->AddStringItem("stop_type", "fatal_error");
dict->AddIntegerItem("pc", pc);
/* commented out because rdar://problem/18533301
dict->AddIntegerItem("bp", bp);
dict->AddIntegerItem("sp", sp);
*/
dict->AddIntegerItem("address", address);
dict->AddIntegerItem("access_type", access_type);
dict->AddIntegerItem("access_size", access_size);
dict->AddStringItem("description", description);
return StructuredData::ObjectSP(dict);
}
std::string
InstrumentationRuntimeASan::FormatDescription(StructuredData::ObjectSP report) {
std::string description = std::string(report->GetAsDictionary()
->GetValueForKey("description")
->GetAsString()
->GetValue());
return llvm::StringSwitch<std::string>(description)
.Case("heap-use-after-free", "Use of deallocated memory")
.Case("heap-buffer-overflow", "Heap buffer overflow")
.Case("stack-buffer-underflow", "Stack buffer underflow")
.Case("initialization-order-fiasco", "Initialization order problem")
.Case("stack-buffer-overflow", "Stack buffer overflow")
.Case("stack-use-after-return", "Use of stack memory after return")
.Case("use-after-poison", "Use of poisoned memory")
.Case("container-overflow", "Container overflow")
.Case("stack-use-after-scope", "Use of out-of-scope stack memory")
.Case("global-buffer-overflow", "Global buffer overflow")
.Case("unknown-crash", "Invalid memory access")
.Case("stack-overflow", "Stack space exhausted")
.Case("null-deref", "Dereference of null pointer")
.Case("wild-jump", "Jump to non-executable address")
.Case("wild-addr-write", "Write through wild pointer")
.Case("wild-addr-read", "Read from wild pointer")
.Case("wild-addr", "Access through wild pointer")
.Case("signal", "Deadly signal")
.Case("double-free", "Deallocation of freed memory")
.Case("new-delete-type-mismatch",
"Deallocation size different from allocation size")
.Case("bad-free", "Deallocation of non-allocated memory")
.Case("alloc-dealloc-mismatch",
"Mismatch between allocation and deallocation APIs")
.Case("bad-malloc_usable_size", "Invalid argument to malloc_usable_size")
.Case("bad-__sanitizer_get_allocated_size",
"Invalid argument to __sanitizer_get_allocated_size")
.Case("param-overlap",
"Call to function disallowing overlapping memory ranges")
.Case("negative-size-param", "Negative size used when accessing memory")
.Case("bad-__sanitizer_annotate_contiguous_container",
"Invalid argument to __sanitizer_annotate_contiguous_container")
.Case("odr-violation", "Symbol defined in multiple translation units")
.Case(
"invalid-pointer-pair",
"Comparison or arithmetic on pointers from different memory regions")
// for unknown report codes just show the code
.Default("AddressSanitizer detected: " + description);
}
bool InstrumentationRuntimeASan::NotifyBreakpointHit(
void *baton, StoppointCallbackContext *context, user_id_t break_id,
user_id_t break_loc_id) {
assert(baton && "null baton");
if (!baton)
return false;
InstrumentationRuntimeASan *const instance =
static_cast<InstrumentationRuntimeASan *>(baton);
ProcessSP process_sp = instance->GetProcessSP();
if (process_sp->GetModIDRef().IsLastResumeForUserExpression())
return false;
StructuredData::ObjectSP report = instance->RetrieveReportData();
std::string description;
if (report) {
description = instance->FormatDescription(report);
}
// Make sure this is the right process
if (process_sp && process_sp == context->exe_ctx_ref.GetProcessSP()) {
ThreadSP thread_sp = context->exe_ctx_ref.GetThreadSP();
if (thread_sp)
thread_sp->SetStopInfo(InstrumentationRuntimeStopInfo::
CreateStopReasonWithInstrumentationData(
*thread_sp, description, report));
StreamFileSP stream_sp(
process_sp->GetTarget().GetDebugger().GetOutputStreamSP());
if (stream_sp) {
stream_sp->Printf("AddressSanitizer report breakpoint hit. Use 'thread "
"info -s' to get extended information about the "
"report.\n");
}
return true; // Return true to stop the target
} else
return false; // Let target run
}
void InstrumentationRuntimeASan::Activate() {
if (IsActive())
return;
ProcessSP process_sp = GetProcessSP();
if (!process_sp)
return;
ConstString symbol_name("_ZN6__asanL7AsanDieEv");
const Symbol *symbol = GetRuntimeModuleSP()->FindFirstSymbolWithNameAndType(
symbol_name, eSymbolTypeCode);
if (symbol == nullptr)
return;
if (!symbol->ValueIsAddress() || !symbol->GetAddressRef().IsValid())
return;
Target &target = process_sp->GetTarget();
addr_t symbol_address = symbol->GetAddressRef().GetOpcodeLoadAddress(&target);
if (symbol_address == LLDB_INVALID_ADDRESS)
return;
const bool internal = true;
const bool hardware = false;
const bool sync = false;
Breakpoint *breakpoint =
process_sp->GetTarget()
.CreateBreakpoint(symbol_address, internal, hardware)
.get();
breakpoint->SetCallback(InstrumentationRuntimeASan::NotifyBreakpointHit, this,
sync);
breakpoint->SetBreakpointKind("address-sanitizer-report");
SetBreakpointID(breakpoint->GetID());
SetActive(true);
}
void InstrumentationRuntimeASan::Deactivate() {
if (GetBreakpointID() != LLDB_INVALID_BREAK_ID) {
ProcessSP process_sp = GetProcessSP();
if (process_sp) {
process_sp->GetTarget().RemoveBreakpointByID(GetBreakpointID());
SetBreakpointID(LLDB_INVALID_BREAK_ID);
}
}
SetActive(false);
}
Reference in New Issue View Git Blame Copy Permalink