[all-commits] [llvm/llvm-project] 46c7fc: [libFuzzer] Fix unwinding for Fuchsia

Marco Vanotti via All-commits all-commits at lists.llvm.org
Thu Nov 21 15:47:23 PST 2019 

  Branch: refs/heads/master
  Home:   https://github.com/llvm/llvm-project
  Commit: 46c7fc22cfb14a5b4445261c3ae849242f4d2ff9
      https://github.com/llvm/llvm-project/commit/46c7fc22cfb14a5b4445261c3ae849242f4d2ff9
  Author: Marco Vanotti <mvanotti at google.com>
  Date:   2019-11-21 (Thu, 21 Nov 2019)

  Changed paths:
    M compiler-rt/lib/fuzzer/FuzzerUtilFuchsia.cpp

  Log Message:
  -----------
  [libFuzzer] Fix unwinding for Fuchsia

Summary:
This commit fixes part of the issues with stack unwinding in fuchsia for
arm64 and x86_64. It consists of multiple fixes:

(1) The cfa_offset calculation was wrong, instead of pointing to the
previous stack pointer, it was pointing to the current  one. It worked in
most of the cases because the crashing functions already had a
prologue and had their cfa information relative to another register. The
fix consists on adding a constant that can be used to calculate the
crashing function's stack pointer, and base all the cfi information
relative to that offset.

(2) (arm64) Due to errors with the syntax for the dwarf information, most
of the `OP_NUM` macros were not working. The problem was that they were
referred to as `r##NUM` (like `r14`), when it should have been `x##num`
(like `x14`), or even without the x.

(3) (arm64) The link register was being considered a part of the main
registers (`r30`), when in the real struct it has its own field. Given
that the link register is in the same spot in the struct as r[30] would be,
and that C++ doesn't care about anything, the calculation was still correct.

(4) (x86_64) The stack doesn't need to be aligned to 16 bytes when we
jump to the trampoline function, but it needs to be before performing
call instructions. Encoding that logic in cfi information was tricky, so
we decided to make the cfa information relative to `rbp` and align `rsp`.
Note that this could have been done using another register directly,
but it seems cleaner to make a new fake stack frame.

There are some other minor changes like adding a `brk 1` instruction in
arm64 to make sure that we never return to the crash trampoline (similar to
what we do in x86_64).

Sadly this commit does not fix unwinding for all use cases for arm64.
Crashing functions that do not add information related to the return column in
their cfi information will fail to unwind due to a bug in libunwinder.

Reviewers: mcgrathr, jakehehrlich, phosek, kcc, aarongreen

Subscribers: aprantl, kristof.beyls, #sanitizers, llvm-commits

Tags: #sanitizers, #llvm

Differential Revision: https://reviews.llvm.org/D69579

More information about the All-commits mailing list