diff options
| author | Dmitry Vyukov <dvyukov@google.com> | 2018-07-20 08:33:41 +0000 |
|---|---|---|
| committer | Dmitry Vyukov <dvyukov@google.com> | 2018-07-20 08:33:41 +0000 |
| commit | f52726aae910348a2f6d598b707aec263f7e67e2 (patch) | |
| tree | bf6b8fd714ea68186342a63d084c5dc4b4cc39ae | |
| parent | 99337e246cc258e89dc68f0b0e654be89d010cf7 (diff) | |
| download | bcm5719-llvm-f52726aae910348a2f6d598b707aec263f7e67e2.tar.gz bcm5719-llvm-f52726aae910348a2f6d598b707aec263f7e67e2.zip | |
sanitizers: consistently check result of MmapFixedNoReserve
MmapFixedNoReserve does not terminate process on failure.
Failure to check its result and die will always lead to harder
to debug crashes later in execution. This was observed in Go
processes due to some address space conflicts.
Consistently check result of MmapFixedNoReserve.
While we are here also add warn_unused_result attribute
to prevent such bugs in future and change return type to bool
as that's what all callers want.
Reviewed in https://reviews.llvm.org/D49367
llvm-svn: 337531
| -rw-r--r-- | compiler-rt/lib/asan/asan_shadow_setup.cc | 3 | ||||
| -rw-r--r-- | compiler-rt/lib/dfsan/dfsan.cc | 3 | ||||
| -rw-r--r-- | compiler-rt/lib/hwasan/hwasan_linux.cc | 3 | ||||
| -rw-r--r-- | compiler-rt/lib/msan/msan_linux.cc | 2 | ||||
| -rw-r--r-- | compiler-rt/lib/msan/msan_poisoning.cc | 3 | ||||
| -rw-r--r-- | compiler-rt/lib/sanitizer_common/sanitizer_common.h | 4 | ||||
| -rw-r--r-- | compiler-rt/lib/sanitizer_common/sanitizer_internal_defs.h | 2 | ||||
| -rw-r--r-- | compiler-rt/lib/sanitizer_common/sanitizer_posix_libcdep.cc | 8 | ||||
| -rw-r--r-- | compiler-rt/lib/sanitizer_common/sanitizer_win.cc | 8 | ||||
| -rw-r--r-- | compiler-rt/lib/tsan/rtl/tsan_platform_posix.cc | 18 | ||||
| -rw-r--r-- | compiler-rt/lib/tsan/rtl/tsan_rtl.cc | 19 | ||||
| -rw-r--r-- | compiler-rt/lib/tsan/rtl/tsan_sync.cc | 3 |
12 files changed, 40 insertions, 36 deletions
diff --git a/compiler-rt/lib/asan/asan_shadow_setup.cc b/compiler-rt/lib/asan/asan_shadow_setup.cc index 6cf531f37a1..083926e70aa 100644 --- a/compiler-rt/lib/asan/asan_shadow_setup.cc +++ b/compiler-rt/lib/asan/asan_shadow_setup.cc @@ -31,8 +31,7 @@ void ReserveShadowMemoryRange(uptr beg, uptr end, const char *name) { CHECK_EQ(((end + 1) % GetMmapGranularity()), 0); uptr size = end - beg + 1; DecreaseTotalMmap(size); // Don't count the shadow against mmap_limit_mb. - void *res = MmapFixedNoReserve(beg, size, name); - if (res != (void *)beg) { + if (!MmapFixedNoReserve(beg, size, name)) { Report( "ReserveShadowMemoryRange failed while trying to map 0x%zx bytes. " "Perhaps you're using ulimit -v\n", diff --git a/compiler-rt/lib/dfsan/dfsan.cc b/compiler-rt/lib/dfsan/dfsan.cc index 9e360c959fa..d4dbebc43a7 100644 --- a/compiler-rt/lib/dfsan/dfsan.cc +++ b/compiler-rt/lib/dfsan/dfsan.cc @@ -425,7 +425,8 @@ static void dfsan_init(int argc, char **argv, char **envp) { InitializePlatformEarly(); - MmapFixedNoReserve(ShadowAddr(), UnusedAddr() - ShadowAddr()); + if (!MmapFixedNoReserve(ShadowAddr(), UnusedAddr() - ShadowAddr())) + Die(); // Protect the region of memory we don't use, to preserve the one-to-one // mapping from application to shadow memory. But if ASLR is disabled, Linux diff --git a/compiler-rt/lib/hwasan/hwasan_linux.cc b/compiler-rt/lib/hwasan/hwasan_linux.cc index 068fd768559..5ab98dca594 100644 --- a/compiler-rt/lib/hwasan/hwasan_linux.cc +++ b/compiler-rt/lib/hwasan/hwasan_linux.cc @@ -44,8 +44,7 @@ static void ReserveShadowMemoryRange(uptr beg, uptr end, const char *name) { CHECK_EQ(((end + 1) % GetMmapGranularity()), 0); uptr size = end - beg + 1; DecreaseTotalMmap(size); // Don't count the shadow against mmap_limit_mb. - void *res = MmapFixedNoReserve(beg, size, name); - if (res != (void *)beg) { + if (!MmapFixedNoReserve(beg, size, name)) { Report( "ReserveShadowMemoryRange failed while trying to map 0x%zx bytes. " "Perhaps you're using ulimit -v\n", diff --git a/compiler-rt/lib/msan/msan_linux.cc b/compiler-rt/lib/msan/msan_linux.cc index 973e6620ef6..385a650c4af 100644 --- a/compiler-rt/lib/msan/msan_linux.cc +++ b/compiler-rt/lib/msan/msan_linux.cc @@ -143,7 +143,7 @@ bool InitShadow(bool init_origins) { if (map) { if (!CheckMemoryRangeAvailability(start, size)) return false; - if ((uptr)MmapFixedNoReserve(start, size, kMemoryLayout[i].name) != start) + if (!MmapFixedNoReserve(start, size, kMemoryLayout[i].name)) return false; if (common_flags()->use_madv_dontdump) DontDumpShadowMemory(start, size); diff --git a/compiler-rt/lib/msan/msan_poisoning.cc b/compiler-rt/lib/msan/msan_poisoning.cc index 92134f6a15b..7420d946928 100644 --- a/compiler-rt/lib/msan/msan_poisoning.cc +++ b/compiler-rt/lib/msan/msan_poisoning.cc @@ -139,7 +139,8 @@ void SetShadow(const void *ptr, uptr size, u8 value) { if (page_end != shadow_end) { REAL(memset)((void *)page_end, 0, shadow_end - page_end); } - MmapFixedNoReserve(page_beg, page_end - page_beg); + if (!MmapFixedNoReserve(page_beg, page_end - page_beg)) + Die(); } } } diff --git a/compiler-rt/lib/sanitizer_common/sanitizer_common.h b/compiler-rt/lib/sanitizer_common/sanitizer_common.h index c37db56d323..3b999edfbe5 100644 --- a/compiler-rt/lib/sanitizer_common/sanitizer_common.h +++ b/compiler-rt/lib/sanitizer_common/sanitizer_common.h @@ -88,8 +88,8 @@ void UnmapOrDie(void *addr, uptr size); // Behaves just like MmapOrDie, but tolerates out of memory condition, in that // case returns nullptr. void *MmapOrDieOnFatalError(uptr size, const char *mem_type); -void *MmapFixedNoReserve(uptr fixed_addr, uptr size, - const char *name = nullptr); +bool MmapFixedNoReserve(uptr fixed_addr, uptr size, const char *name = nullptr) + WARN_UNUSED_RESULT; void *MmapNoReserveOrDie(uptr size, const char *mem_type); void *MmapFixedOrDie(uptr fixed_addr, uptr size); // Behaves just like MmapFixedOrDie, but tolerates out of memory condition, in diff --git a/compiler-rt/lib/sanitizer_common/sanitizer_internal_defs.h b/compiler-rt/lib/sanitizer_common/sanitizer_internal_defs.h index a955733fb52..e4aa07b2521 100644 --- a/compiler-rt/lib/sanitizer_common/sanitizer_internal_defs.h +++ b/compiler-rt/lib/sanitizer_common/sanitizer_internal_defs.h @@ -211,6 +211,7 @@ typedef u64 tid_t; # define LIKELY(x) (x) # define UNLIKELY(x) (x) # define PREFETCH(x) /* _mm_prefetch(x, _MM_HINT_NTA) */ (void)0 +# define WARN_UNUSED_RESULT #else // _MSC_VER # define ALWAYS_INLINE inline __attribute__((always_inline)) # define ALIAS(x) __attribute__((alias(x))) @@ -229,6 +230,7 @@ typedef u64 tid_t; # else # define PREFETCH(x) __builtin_prefetch(x) # endif +# define WARN_UNUSED_RESULT __attribute__((warn_unused_result)) #endif // _MSC_VER #if !defined(_MSC_VER) || defined(__clang__) diff --git a/compiler-rt/lib/sanitizer_common/sanitizer_posix_libcdep.cc b/compiler-rt/lib/sanitizer_common/sanitizer_posix_libcdep.cc index eaf15788155..266e9bdba05 100644 --- a/compiler-rt/lib/sanitizer_common/sanitizer_posix_libcdep.cc +++ b/compiler-rt/lib/sanitizer_common/sanitizer_posix_libcdep.cc @@ -328,7 +328,7 @@ int GetNamedMappingFd(const char *name, uptr size) { } #endif -void *MmapFixedNoReserve(uptr fixed_addr, uptr size, const char *name) { +bool MmapFixedNoReserve(uptr fixed_addr, uptr size, const char *name) { int fd = name ? GetNamedMappingFd(name, size) : -1; unsigned flags = MAP_PRIVATE | MAP_FIXED | MAP_NORESERVE; if (fd == -1) flags |= MAP_ANON; @@ -338,12 +338,14 @@ void *MmapFixedNoReserve(uptr fixed_addr, uptr size, const char *name) { RoundUpTo(size, PageSize), PROT_READ | PROT_WRITE, flags, fd, 0); int reserrno; - if (internal_iserror(p, &reserrno)) + if (internal_iserror(p, &reserrno)) { Report("ERROR: %s failed to " "allocate 0x%zx (%zd) bytes at address %zx (errno: %d)\n", SanitizerToolName, size, size, fixed_addr, reserrno); + return false; + } IncreaseTotalMmap(size); - return (void *)p; + return true; } uptr ReservedAddressRange::Init(uptr size, const char *name, uptr fixed_addr) { diff --git a/compiler-rt/lib/sanitizer_common/sanitizer_win.cc b/compiler-rt/lib/sanitizer_common/sanitizer_win.cc index cacc0d12ff6..b8060b2e640 100644 --- a/compiler-rt/lib/sanitizer_common/sanitizer_win.cc +++ b/compiler-rt/lib/sanitizer_common/sanitizer_win.cc @@ -202,7 +202,7 @@ void *MmapAlignedOrDieOnFatalError(uptr size, uptr alignment, return (void *)mapped_addr; } -void *MmapFixedNoReserve(uptr fixed_addr, uptr size, const char *name) { +bool MmapFixedNoReserve(uptr fixed_addr, uptr size, const char *name) { // FIXME: is this really "NoReserve"? On Win32 this does not matter much, // but on Win64 it does. (void)name; // unsupported @@ -215,11 +215,13 @@ void *MmapFixedNoReserve(uptr fixed_addr, uptr size, const char *name) { void *p = VirtualAlloc((LPVOID)fixed_addr, size, MEM_RESERVE | MEM_COMMIT, PAGE_READWRITE); #endif - if (p == 0) + if (p == 0) { Report("ERROR: %s failed to " "allocate %p (%zd) bytes at %p (error code: %d)\n", SanitizerToolName, size, size, fixed_addr, GetLastError()); - return p; + return false; + } + return true; } // Memory space mapped by 'MmapFixedOrDie' must have been reserved by diff --git a/compiler-rt/lib/tsan/rtl/tsan_platform_posix.cc b/compiler-rt/lib/tsan/rtl/tsan_platform_posix.cc index d2345c79cfb..c38dcc7f2c1 100644 --- a/compiler-rt/lib/tsan/rtl/tsan_platform_posix.cc +++ b/compiler-rt/lib/tsan/rtl/tsan_platform_posix.cc @@ -54,13 +54,9 @@ static void DontDumpShadow(uptr addr, uptr size) { #if !SANITIZER_GO void InitializeShadowMemory() { // Map memory shadow. - uptr shadow = - (uptr)MmapFixedNoReserve(ShadowBeg(), ShadowEnd() - ShadowBeg(), - "shadow"); - if (shadow != ShadowBeg()) { + if (!MmapFixedNoReserve(ShadowBeg(), ShadowEnd() - ShadowBeg(), "shadow")) { Printf("FATAL: ThreadSanitizer can not mmap the shadow memory\n"); - Printf("FATAL: Make sure to compile with -fPIE and " - "to link with -pie (%p, %p).\n", shadow, ShadowBeg()); + Printf("FATAL: Make sure to compile with -fPIE and to link with -pie.\n"); Die(); } // This memory range is used for thread stacks and large user mmaps. @@ -110,13 +106,11 @@ void InitializeShadowMemory() { (ShadowEnd() - ShadowBeg()) >> 30); // Map meta shadow. - uptr meta_size = MetaShadowEnd() - MetaShadowBeg(); - uptr meta = - (uptr)MmapFixedNoReserve(MetaShadowBeg(), meta_size, "meta shadow"); - if (meta != MetaShadowBeg()) { + const uptr meta = MetaShadowBeg(); + const uptr meta_size = MetaShadowEnd() - meta; + if (!MmapFixedNoReserve(meta, meta_size, "meta shadow")) { Printf("FATAL: ThreadSanitizer can not mmap the shadow memory\n"); - Printf("FATAL: Make sure to compile with -fPIE and " - "to link with -pie (%p, %p).\n", meta, MetaShadowBeg()); + Printf("FATAL: Make sure to compile with -fPIE and to link with -pie.\n"); Die(); } NoHugePagesInShadow(meta, meta_size); diff --git a/compiler-rt/lib/tsan/rtl/tsan_rtl.cc b/compiler-rt/lib/tsan/rtl/tsan_rtl.cc index 14a3e3c43a7..5841222927b 100644 --- a/compiler-rt/lib/tsan/rtl/tsan_rtl.cc +++ b/compiler-rt/lib/tsan/rtl/tsan_rtl.cc @@ -246,7 +246,8 @@ void MapShadow(uptr addr, uptr size) { const uptr kPageSize = GetPageSizeCached(); uptr shadow_begin = RoundDownTo((uptr)MemToShadow(addr), kPageSize); uptr shadow_end = RoundUpTo((uptr)MemToShadow(addr + size), kPageSize); - MmapFixedNoReserve(shadow_begin, shadow_end - shadow_begin, "shadow"); + if (!MmapFixedNoReserve(shadow_begin, shadow_end - shadow_begin, "shadow")) + Die(); // Meta shadow is 2:1, so tread carefully. static bool data_mapped = false; @@ -258,7 +259,8 @@ void MapShadow(uptr addr, uptr size) { if (!data_mapped) { // First call maps data+bss. data_mapped = true; - MmapFixedNoReserve(meta_begin, meta_end - meta_begin, "meta shadow"); + if (!MmapFixedNoReserve(meta_begin, meta_end - meta_begin, "meta shadow")) + Die(); } else { // Mapping continous heap. // Windows wants 64K alignment. @@ -268,7 +270,8 @@ void MapShadow(uptr addr, uptr size) { return; if (meta_begin < mapped_meta_end) meta_begin = mapped_meta_end; - MmapFixedNoReserve(meta_begin, meta_end - meta_begin, "meta shadow"); + if (!MmapFixedNoReserve(meta_begin, meta_end - meta_begin, "meta shadow")) + Die(); mapped_meta_end = meta_end; } VPrintf(2, "mapped meta shadow for (%p-%p) at (%p-%p)\n", @@ -280,10 +283,9 @@ void MapThreadTrace(uptr addr, uptr size, const char *name) { CHECK_GE(addr, TraceMemBeg()); CHECK_LE(addr + size, TraceMemEnd()); CHECK_EQ(addr, addr & ~((64 << 10) - 1)); // windows wants 64K alignment - uptr addr1 = (uptr)MmapFixedNoReserve(addr, size, name); - if (addr1 != addr) { - Printf("FATAL: ThreadSanitizer can not mmap thread trace (%p/%p->%p)\n", - addr, size, addr1); + if (!MmapFixedNoReserve(addr, size, name)) { + Printf("FATAL: ThreadSanitizer can not mmap thread trace (%p/%p)\n", + addr, size); Die(); } } @@ -923,7 +925,8 @@ static void MemoryRangeSet(ThreadState *thr, uptr pc, uptr addr, uptr size, u64 *p1 = p; p = RoundDown(end, kPageSize); UnmapOrDie((void*)p1, (uptr)p - (uptr)p1); - MmapFixedNoReserve((uptr)p1, (uptr)p - (uptr)p1); + if (!MmapFixedNoReserve((uptr)p1, (uptr)p - (uptr)p1)) + Die(); // Set the ending. while (p < end) { *p++ = val; diff --git a/compiler-rt/lib/tsan/rtl/tsan_sync.cc b/compiler-rt/lib/tsan/rtl/tsan_sync.cc index 44ae558fa1b..ba3953375ee 100644 --- a/compiler-rt/lib/tsan/rtl/tsan_sync.cc +++ b/compiler-rt/lib/tsan/rtl/tsan_sync.cc @@ -176,7 +176,8 @@ void MetaMap::ResetRange(Processor *proc, uptr p, uptr sz) { uptr metap = (uptr)MemToMeta(p0); uptr metasz = sz0 / kMetaRatio; UnmapOrDie((void*)metap, metasz); - MmapFixedNoReserve(metap, metasz); + if (!MmapFixedNoReserve(metap, metasz)) + Die(); } MBlock* MetaMap::GetBlock(uptr p) { |
