[all-commits] [llvm/llvm-project] 3d2925: [win/asan] AllocateMemoryForTrampoline within 2 GB...
Hans via All-commits
all-commits at lists.llvm.org
Tue Sep 17 23:58:35 PDT 2024
Branch: refs/heads/main
Home: https://github.com/llvm/llvm-project
Commit: 3d2925b9de0d60694a9f28edd2419f8eed34f1a1
https://github.com/llvm/llvm-project/commit/3d2925b9de0d60694a9f28edd2419f8eed34f1a1
Author: Hans <hans at hanshq.net>
Date: 2024-09-18 (Wed, 18 Sep 2024)
Changed paths:
M compiler-rt/lib/interception/interception_win.cpp
Log Message:
-----------
[win/asan] AllocateMemoryForTrampoline within 2 GB of the module's base address (#108822)
Since we may copy code (see CopyInstructions) to the trampoline which
could reference data inside the original module, we really want the
trampoline to be within 2 GB of not just the original function, but
within anything that function may have rip-relative accesses to, i.e.
within 2 GB of that function's whole module.
This fixes interception failures like the following scenario:
1. Intercept `CreateProcess` in kernel32.dll, allocating a trampoline
region right after
2. Start intercepting `memcpy` in the main executable, which is loaded
at a lower address than kernel32.dll, but still within 2 GB of the
trampoline region so we keep using it.
3. Try to copy instructions from `memcpy` to the trampoline. Turns out
one instruction references data that is more than 2GB away from the
trampoline, so it can't be relocated.
4. The process exits due to a CHECK failure
(Full story at https://crbug.com/341936875#comment45 and following.)
To unsubscribe from these emails, change your notification settings at https://github.com/llvm/llvm-project/settings/notifications
More information about the All-commits
mailing list