[PATCH] D48583: CFI: Print DSO names for failed cross-DSO icalls

Vlad Tsyrklevich via Phabricator via llvm-commits llvm-commits at lists.llvm.org
Mon Jun 25 20:21:58 PDT 2018 

vlad.tsyrklevich created this revision.
vlad.tsyrklevich added a reviewer: pcc.
Herald added subscribers: Sanitizers, llvm-commits, delcypher, kubamracek.

Repository:
  rCRT Compiler Runtime

https://reviews.llvm.org/D48583

Files:
  lib/ubsan/ubsan_handlers.cc
  test/cfi/icall/bad-cross-dso.c


Index: test/cfi/icall/bad-cross-dso.c
===================================================================
--- /dev/null
+++ test/cfi/icall/bad-cross-dso.c
@@ -0,0 +1,30 @@
+// Check that cross-DSO icalls diagnostics print the names of both modules
+
+// RUN: %clang -o %t1 %s -ldl
+// RUN: %t1 2>&1 | FileCheck --check-prefix=NCFI %s
+
+// RUN: %clang_cfi -o %t2 %s -ldl
+// RUN: %expect_crash %t2 2>&1 | FileCheck --check-prefix=CFI %s
+
+// RUN: %clang_cfi_diag -g -o %t3 %s -ldl
+// RUN: %t3 2>&1 | FileCheck --check-prefix=CFI-DIAG %s
+
+#define _GNU_SOURCE  // For RTLD_DEFAULT
+#include <stdio.h>
+#include <dlfcn.h>
+
+int main() {
+  // CFI: 1
+  // NCFI: 1
+  fprintf(stderr, "1\n");
+
+  // CFI-DIAG: runtime error: control flow integrity check for type 'void (int)' failed during indirect function call
+  // CFI-DIAG: getpid defined here
+  // CFI-DIAG: check failed in {{.*}}, destination function located in {{.*}}
+  void (*fp)(int) = dlsym(RTLD_DEFAULT, "getpid");
+  fp(1); // UB here
+
+  // CFI-NOT: 2
+  // NCFI: 2
+  fprintf(stderr, "2\n");
+}
Index: lib/ubsan/ubsan_handlers.cc
===================================================================
--- lib/ubsan/ubsan_handlers.cc
+++ lib/ubsan/ubsan_handlers.cc
@@ -660,6 +660,21 @@
   if (!FName)
     FName = "(unknown)";
   Diag(FLoc, DL_Note, ET, "%0 defined here") << FName;
+
+  // If the failure occurred due to a cross-DSO icall, report the DSO names.
+  const char *DstModule = FLoc.get()->info.module;
+  if (!DstModule)
+    DstModule = "(unknown)";
+
+  SymbolizedStackHolder CalleeLoc(getCallerLocation(Opts.pc));
+  const char *SrcModule = CalleeLoc.get()->info.module;
+  if (!SrcModule)
+    SrcModule = "(unknown)";
+
+  if (internal_strcmp(SrcModule, DstModule))
+    Diag(CalleeLoc, DL_Note, ET,
+         "check failed in %0, destination function located in %1")
+        << SrcModule << DstModule;
 }
 
 namespace __ubsan {


-------------- next part --------------
A non-text attachment was scrubbed...
Name: D48583.152831.patch
Type: text/x-patch
Size: 1915 bytes
Desc: not available
URL: <http://lists.llvm.org/pipermail/llvm-commits/attachments/20180626/df003216/attachment.bin>

More information about the llvm-commits mailing list