[libcxx-commits] [PATCH] D103002: [libunwind] Inform ASan that resumption is noreturn

Shoaib Meenai via Phabricator via libcxx-commits libcxx-commits at lists.llvm.org
Sun May 23 20:59:10 PDT 2021

smeenai created this revision.
smeenai added a reviewer: rprichard.
Herald added a project: libunwind.
Herald added a subscriber: libcxx-commits.
Herald added a reviewer: libunwind.
smeenai requested review of this revision.
Herald added a project: LLVM.
Herald added a subscriber: llvm-commits.

If you're building libunwind instrumented with ASan, `_Unwind_RaiseException`
will poison the stack and then transfer control in a manner which isn't
understood by ASan, so the stack will remain poisoned. This can cause
false positives, e.g. if you call an uninstrumented function (so it
doesn't re-poison the stack) after catching an exception. Add a call to
`__asan_handle_no_return` inside `__unw_resume` to get ASan to unpoison
the stack and avoid this.

`__unw_resume` seems like the appropriate place to make this call, since
it's used for resumption by all unwind implementations except SJLJ. SJLJ
uses `__builtin_longjmp` to handle resumption, which is already
recognized as noreturn (and therefore ASan adds the `__asan_handle_no_return`
call itself), so it doesn't need any special handling.

PR32434 is somewhat similar (in particular needing a component built
without ASan to trigger the bug), and rG781ef03e1012 <https://reviews.llvm.org/rG781ef03e10120bf3b6a0770a1832a2e7fa37c079>, the fix for that
bug, adds an interceptor for `_Unwind_RaiseException`. This interceptor
won't always be triggered though, e.g. if you statically link the
unwinder into libc++abi in a way that prevents interposing the unwinder
functions (e.g. marking the symbols as hidden, using `--exclude-libs`,
or using `-Bsymbolic`). rG53335d6d86d5 <https://reviews.llvm.org/rG53335d6d86d5a3790d8fd6bcfa8860a577ccabfd> makes `__cxa_throw` call
`__asan_handle_no_return` explicitly, to similarly avoid relying on

  rG LLVM Github Monorepo



Index: libunwind/src/libunwind.cpp
--- libunwind/src/libunwind.cpp
+++ libunwind/src/libunwind.cpp
@@ -15,6 +15,9 @@
 #include "config.h"
 #include <stdlib.h>
+#if __has_feature(address_sanitizer)
+#include <sanitizer/asan_interface.h>
 #if !defined(__USING_SJLJ_EXCEPTIONS__)
@@ -184,6 +187,10 @@
 /// Resume execution at cursor position (aka longjump).
 _LIBUNWIND_HIDDEN int __unw_resume(unw_cursor_t *cursor) {
   _LIBUNWIND_TRACE_API("__unw_resume(cursor=%p)", static_cast<void *>(cursor));
+#if __has_feature(address_sanitizer)
+  // Inform the ASan runtime that now might be a good time to clean stuff up.
+  __asan_handle_no_return();
   AbstractUnwindCursor *co = (AbstractUnwindCursor *)cursor;
   return UNW_EUNSPEC;

-------------- next part --------------
A non-text attachment was scrubbed...
Name: D103002.347304.patch
Type: text/x-patch
Size: 835 bytes
Desc: not available
URL: <http://lists.llvm.org/pipermail/libcxx-commits/attachments/20210524/92260413/attachment.bin>

More information about the libcxx-commits mailing list