[compiler-rt] 25de3f9 - [GWP-ASan] Fix PRNG to use IE TLS.

Mitch Phillips via llvm-commits llvm-commits at lists.llvm.org
Thu Feb 6 10:08:39 PST 2020 

Author: Mitch Phillips
Date: 2020-02-06T10:08:23-08:00
New Revision: 25de3f98b8a7436404dbc185040645f2549a8a8f

URL: https://github.com/llvm/llvm-project/commit/25de3f98b8a7436404dbc185040645f2549a8a8f
DIFF: https://github.com/llvm/llvm-project/commit/25de3f98b8a7436404dbc185040645f2549a8a8f.diff

LOG: [GWP-ASan] Fix PRNG to use IE TLS.

Summary:
GWP-ASan's PRNG didn't use Initial-Exec TLS. Fix that to ensure that we don't
have infinite recursion, and also that we don't allocate a DTV on Android when
GWP-ASan is touched.

Test coverage ensuring that the sample counter is UINT32_MAX for an
uninitialised GWP-ASan is provided by gwp_asan/tests/late_init.cpp.

Reviewers: pcc, cferris

Reviewed By: pcc

Subscribers: #sanitizers, llvm-commits, rprichard, eugenis

Tags: #sanitizers, #llvm

Differential Revision: https://reviews.llvm.org/D74135

Added: 
    

Modified: 
    compiler-rt/lib/gwp_asan/guarded_pool_allocator.cpp
    compiler-rt/lib/gwp_asan/random.cpp
    compiler-rt/lib/gwp_asan/random.h

Removed: 
    


################################################################################
diff  --git a/compiler-rt/lib/gwp_asan/guarded_pool_allocator.cpp b/compiler-rt/lib/gwp_asan/guarded_pool_allocator.cpp
index 4ce4d80870fb..7af99e482f3d 100644
--- a/compiler-rt/lib/gwp_asan/guarded_pool_allocator.cpp
+++ b/compiler-rt/lib/gwp_asan/guarded_pool_allocator.cpp
@@ -99,6 +99,7 @@ void GuardedPoolAllocator::init(const options::Options &Opts) {
   else
     AdjustedSampleRatePlusOne = 2;
 
+  initPRNG();
   ThreadLocals.NextSampleCounter =
       (getRandomUnsigned32() % (AdjustedSampleRatePlusOne - 1)) + 1;
 

diff  --git a/compiler-rt/lib/gwp_asan/random.cpp b/compiler-rt/lib/gwp_asan/random.cpp
index d8efe624d990..2180f9204084 100644
--- a/compiler-rt/lib/gwp_asan/random.cpp
+++ b/compiler-rt/lib/gwp_asan/random.cpp
@@ -11,9 +11,18 @@
 
 #include <time.h>
 
+// Initialised to a magic constant so that an uninitialised GWP-ASan won't
+// regenerate its sample counter for as long as possible. The xorshift32()
+// algorithm used below results in getRandomUnsigned32(0xff82eb50) ==
+// 0xfffffea4.
+GWP_ASAN_TLS_INITIAL_EXEC uint32_t RandomState = 0xff82eb50;
+
 namespace gwp_asan {
+void initPRNG() {
+  RandomState = time(nullptr) + getThreadID();
+}
+
 uint32_t getRandomUnsigned32() {
-  thread_local uint32_t RandomState = time(nullptr) + getThreadID();
   RandomState ^= RandomState << 13;
   RandomState ^= RandomState >> 17;
   RandomState ^= RandomState << 5;

diff  --git a/compiler-rt/lib/gwp_asan/random.h b/compiler-rt/lib/gwp_asan/random.h
index 5fcf30d557ee..953b98909e95 100644
--- a/compiler-rt/lib/gwp_asan/random.h
+++ b/compiler-rt/lib/gwp_asan/random.h
@@ -12,6 +12,9 @@
 #include <stdint.h>
 
 namespace gwp_asan {
+// Initialise the PRNG, using time and thread ID as the seed.
+void initPRNG();
+
 // xorshift (32-bit output), extremely fast PRNG that uses arithmetic operations
 // only. Seeded using walltime.
 uint32_t getRandomUnsigned32();

More information about the llvm-commits mailing list