diff options
author | Martin Liska <mliska@suse.cz> | 2022-11-15 11:11:41 +0100 |
---|---|---|
committer | Martin Liska <mliska@suse.cz> | 2022-11-15 16:44:55 +0100 |
commit | 5f3fa2655cb256d336e90e74e42a2452d0fbf0e8 (patch) | |
tree | 374004f2a4a03bed153fff6a5d4ec156d105e0d9 /libsanitizer/hwasan | |
parent | d1288d850944f69a795e4ff444a427eba3fec11b (diff) | |
download | gcc-5f3fa2655cb256d336e90e74e42a2452d0fbf0e8.zip gcc-5f3fa2655cb256d336e90e74e42a2452d0fbf0e8.tar.gz gcc-5f3fa2655cb256d336e90e74e42a2452d0fbf0e8.tar.bz2 |
libsanitizer: merge from upstream ae59131d3ef311fb4b1e50627c6457be00e60dc9
Diffstat (limited to 'libsanitizer/hwasan')
-rw-r--r-- | libsanitizer/hwasan/hwasan.cpp | 8 | ||||
-rw-r--r-- | libsanitizer/hwasan/hwasan_flags.inc | 2 | ||||
-rw-r--r-- | libsanitizer/hwasan/hwasan_fuchsia.cpp | 4 | ||||
-rw-r--r-- | libsanitizer/hwasan/hwasan_report.cpp | 24 |
4 files changed, 24 insertions, 14 deletions
diff --git a/libsanitizer/hwasan/hwasan.cpp b/libsanitizer/hwasan/hwasan.cpp index bb946c2..9db4fb0 100644 --- a/libsanitizer/hwasan/hwasan.cpp +++ b/libsanitizer/hwasan/hwasan.cpp @@ -340,7 +340,13 @@ __attribute__((constructor(0))) void __hwasan_init() { DisableCoreDumperIfNecessary(); InitInstrumentation(); - InitLoadedGlobals(); + if constexpr (!SANITIZER_FUCHSIA) { + // Fuchsia's libc provides a hook (__sanitizer_module_loaded) that runs on + // the startup path which calls into __hwasan_library_loaded on all + // initially loaded modules, so explicitly registering the globals here + // isn't needed. + InitLoadedGlobals(); + } // Needs to be called here because flags()->random_tags might not have been // initialized when InitInstrumentation() was called. diff --git a/libsanitizer/hwasan/hwasan_flags.inc b/libsanitizer/hwasan/hwasan_flags.inc index 18ea47f..4a226ee 100644 --- a/libsanitizer/hwasan/hwasan_flags.inc +++ b/libsanitizer/hwasan/hwasan_flags.inc @@ -39,7 +39,7 @@ HWASAN_FLAG( HWASAN_FLAG(bool, free_checks_tail_magic, 1, "If set, free() will check the magic values " - "to the right of the allocated object " + "after the allocated object " "if the allocation size is not a divident of the granule size") HWASAN_FLAG( int, max_free_fill_size, 0, diff --git a/libsanitizer/hwasan/hwasan_fuchsia.cpp b/libsanitizer/hwasan/hwasan_fuchsia.cpp index 967c796..858fac0 100644 --- a/libsanitizer/hwasan/hwasan_fuchsia.cpp +++ b/libsanitizer/hwasan/hwasan_fuchsia.cpp @@ -224,6 +224,10 @@ void __sanitizer_thread_exit_hook(void *hook, thrd_t self) { __hwasan::ThreadExitHook(hook, self); } +void __sanitizer_module_loaded(const struct dl_phdr_info *info, size_t) { + __hwasan_library_loaded(info->dlpi_addr, info->dlpi_phdr, info->dlpi_phnum); +} + } // extern "C" #endif // SANITIZER_FUCHSIA diff --git a/libsanitizer/hwasan/hwasan_report.cpp b/libsanitizer/hwasan/hwasan_report.cpp index fe769589..de08215 100644 --- a/libsanitizer/hwasan/hwasan_report.cpp +++ b/libsanitizer/hwasan/hwasan_report.cpp @@ -309,16 +309,16 @@ static void ShowHeapOrGlobalCandidate(uptr untagged_addr, tag_t *candidate, whence = "inside"; } else if (candidate == left) { offset = untagged_addr - chunk.End(); - whence = "to the right of"; + whence = "after"; } else { offset = chunk.Beg() - untagged_addr; - whence = "to the left of"; + whence = "before"; } Printf("%s", d.Error()); Printf("\nCause: heap-buffer-overflow\n"); Printf("%s", d.Default()); Printf("%s", d.Location()); - Printf("%p is located %zd bytes %s %zd-byte region [%p,%p)\n", + Printf("%p is located %zd bytes %s a %zd-byte region [%p,%p)\n", untagged_addr, offset, whence, chunk.UsedSize(), chunk.Beg(), chunk.End()); Printf("%s", d.Allocation()); @@ -340,27 +340,27 @@ static void ShowHeapOrGlobalCandidate(uptr untagged_addr, tag_t *candidate, Printf("%s", d.Location()); if (sym->SymbolizeData(mem, &info) && info.start) { Printf( - "%p is located %zd bytes to the %s of %zd-byte global variable " + "%p is located %zd bytes %s a %zd-byte global variable " "%s [%p,%p) in %s\n", untagged_addr, candidate == left ? untagged_addr - (info.start + info.size) : info.start - untagged_addr, - candidate == left ? "right" : "left", info.size, info.name, + candidate == left ? "after" : "before", info.size, info.name, info.start, info.start + info.size, module_name); } else { uptr size = GetGlobalSizeFromDescriptor(mem); if (size == 0) // We couldn't find the size of the global from the descriptors. Printf( - "%p is located to the %s of a global variable in " + "%p is located %s a global variable in " "\n #0 0x%x (%s+0x%x)\n", - untagged_addr, candidate == left ? "right" : "left", mem, + untagged_addr, candidate == left ? "after" : "before", mem, module_name, module_address); else Printf( - "%p is located to the %s of a %zd-byte global variable in " + "%p is located %s a %zd-byte global variable in " "\n #0 0x%x (%s+0x%x)\n", - untagged_addr, candidate == left ? "right" : "left", size, mem, + untagged_addr, candidate == left ? "after" : "before", size, mem, module_name, module_address); } Printf("%s", d.Default()); @@ -459,7 +459,7 @@ void PrintAddressDescription( Printf("%s", d.Error()); Printf("\nCause: use-after-free\n"); Printf("%s", d.Location()); - Printf("%p is located %zd bytes inside of %zd-byte region [%p,%p)\n", + Printf("%p is located %zd bytes inside a %zd-byte region [%p,%p)\n", untagged_addr, untagged_addr - UntagAddr(har.tagged_addr), har.requested_size, UntagAddr(har.tagged_addr), UntagAddr(har.tagged_addr) + har.requested_size); @@ -518,7 +518,7 @@ static void PrintTagInfoAroundAddr(tag_t *tag_ptr, uptr num_rows, InternalScopedString s; for (tag_t *row = beg_row; row < end_row; row += row_len) { s.append("%s", row == center_row_beg ? "=>" : " "); - s.append("%p:", (void *)row); + s.append("%p:", (void *)ShadowToMem(reinterpret_cast<uptr>(row))); for (uptr i = 0; i < row_len; i++) { s.append("%s", row + i == tag_ptr ? "[" : " "); print_tag(s, &row[i]); @@ -660,7 +660,7 @@ void ReportTailOverwritten(StackTrace *stack, uptr tagged_addr, uptr orig_size, s.append("%s ", actual_expected[i] != tail[i] ? "^^" : " "); s.append("\nThis error occurs when a buffer overflow overwrites memory\n" - "to the right of a heap object, but within the %zd-byte granule, e.g.\n" + "after a heap object, but within the %zd-byte granule, e.g.\n" " char *x = new char[20];\n" " x[25] = 42;\n" "%s does not detect such bugs in uninstrumented code at the time of write," |