|
Revision tags: llvmorg-18.1.8, llvmorg-18.1.7, llvmorg-18.1.6, llvmorg-18.1.5, llvmorg-18.1.4, llvmorg-18.1.3, llvmorg-18.1.2, llvmorg-18.1.1, llvmorg-18.1.0, llvmorg-18.1.0-rc4, llvmorg-18.1.0-rc3 |
|
| #
3da01663 |
| 17-Feb-2024 |
Florian Mayer <fmayer@google.com> |
Reland^2 "[scudo] resize stack depot for allocation ring buffer"
Fix some warnings by matching types.
This reverts commit e1164d063558b1e89f20109d83c079caae1825d8.
|
| #
e1164d06 |
| 17-Feb-2024 |
Florian Mayer <fmayer@google.com> |
Revert "Reland "[scudo] resize stack depot for allocation ring buffer"" (#82088)
Reverts llvm/llvm-project#81028
|
| #
aff6cb49 |
| 17-Feb-2024 |
Florian Mayer <fmayer@google.com> |
Reland "[scudo] resize stack depot for allocation ring buffer" (#81028)
First commit of the stack is a clean reland, second is the fix.
There was a typo in the `static_assert` that meant we were
Reland "[scudo] resize stack depot for allocation ring buffer" (#81028)
First commit of the stack is a clean reland, second is the fix.
There was a typo in the `static_assert` that meant we were asserting the
size of the pointer, not the struct.
Also changed `alignas` to be more intuitive, but that is NFC.
Ran builds in Android here: https://r.android.com/2954411
show more ...
|
|
Revision tags: llvmorg-18.1.0-rc2 |
|
| #
c3291253 |
| 06-Feb-2024 |
Florian Mayer <fmayer@google.com> |
Revert "[scudo] [MTE] resize stack depot for allocation ring buffer" (#80777)
Reverts llvm/llvm-project#74515
Broke build: https://lab.llvm.org/buildbot/#/builders/75/builds/42512
|
| #
eff77d84 |
| 06-Feb-2024 |
Florian Mayer <fmayer@google.com> |
[scudo] [MTE] resize stack depot for allocation ring buffer (#74515)
Co-authored-by: ChiaHungDuan <f103119@gmail.com>
|
|
Revision tags: llvmorg-18.1.0-rc1, llvmorg-19-init |
|
| #
a5bdc4a4 |
| 09-Dec-2023 |
Florian Mayer <fmayer@google.com> |
[scudo] do not store size inside ring buffer (#74541)
|
|
Revision tags: llvmorg-17.0.6, llvmorg-17.0.5, llvmorg-17.0.4, llvmorg-17.0.3, llvmorg-17.0.2, llvmorg-17.0.1, llvmorg-17.0.0, llvmorg-17.0.0-rc4, llvmorg-17.0.0-rc3, llvmorg-17.0.0-rc2, llvmorg-17.0.0-rc1, llvmorg-18-init, llvmorg-16.0.6, llvmorg-16.0.5, llvmorg-16.0.4, llvmorg-16.0.3, llvmorg-16.0.2, llvmorg-16.0.1, llvmorg-16.0.0, llvmorg-16.0.0-rc4, llvmorg-16.0.0-rc3, llvmorg-16.0.0-rc2, llvmorg-16.0.0-rc1, llvmorg-17-init, llvmorg-15.0.7 |
|
| #
2426cc77 |
| 20-Dec-2022 |
Florian Mayer <fmayer@google.com> |
Dynamically allocate scudo allocation buffer.
This is so we can increase the buffer size for finding elusive bugs.
Tested by hand with this program
```
int main(int argc, char** argv) {
if (arg
Dynamically allocate scudo allocation buffer.
This is so we can increase the buffer size for finding elusive bugs.
Tested by hand with this program
```
int main(int argc, char** argv) {
if (argc < 2)
return 1;
int n = atoi(argv[1]);
char* x = reinterpret_cast<char*>(malloc(1));
*((volatile char*)x) = 1;
free(x);
for (; n > 0; --n) {
char* y = reinterpret_cast<char*>(malloc(1024));
*((volatile char*)y) = 1;
free(y);
}
*x = 2;
return 0;
}
```
SCUDO_OPTIONS=allocation_ring_buffer_size=30000 ./uaf 1000000
-> no allocation trace
SCUDO_OPTIONS=allocation_ring_buffer_size=30000000 ./uaf 1000000
-> allocation trace
Reviewed By: hctim, eugenis
Differential Revision: https://reviews.llvm.org/D140932
show more ...
|
|
Revision tags: llvmorg-15.0.6, llvmorg-15.0.5, llvmorg-15.0.4, llvmorg-15.0.3, working, llvmorg-15.0.2, llvmorg-15.0.1, llvmorg-15.0.0, llvmorg-15.0.0-rc3, llvmorg-15.0.0-rc2, llvmorg-15.0.0-rc1, llvmorg-16-init, llvmorg-14.0.6, llvmorg-14.0.5, llvmorg-14.0.4, llvmorg-14.0.3, llvmorg-14.0.2, llvmorg-14.0.1, llvmorg-14.0.0, llvmorg-14.0.0-rc4, llvmorg-14.0.0-rc3, llvmorg-14.0.0-rc2, llvmorg-14.0.0-rc1, llvmorg-15-init, llvmorg-13.0.1, llvmorg-13.0.1-rc3, llvmorg-13.0.1-rc2, llvmorg-13.0.1-rc1, llvmorg-13.0.0, llvmorg-13.0.0-rc4, llvmorg-13.0.0-rc3, llvmorg-13.0.0-rc2, llvmorg-13.0.0-rc1, llvmorg-14-init, llvmorg-12.0.1, llvmorg-12.0.1-rc4, llvmorg-12.0.1-rc3, llvmorg-12.0.1-rc2, llvmorg-12.0.1-rc1, llvmorg-12.0.0, llvmorg-12.0.0-rc5, llvmorg-12.0.0-rc4, llvmorg-12.0.0-rc3, llvmorg-12.0.0-rc2, llvmorg-11.1.0, llvmorg-11.1.0-rc3, llvmorg-12.0.0-rc1, llvmorg-13-init, llvmorg-11.1.0-rc2, llvmorg-11.1.0-rc1 |
|
| #
1f55fa0b |
| 06-Jan-2021 |
Peter Collingbourne <peter@pcc.me.uk> |
scudo: Add support for tracking stack traces of secondary allocations.
There is no centralized store of information related to secondary
allocations. Moreover the allocations themselves become inacc
scudo: Add support for tracking stack traces of secondary allocations.
There is no centralized store of information related to secondary
allocations. Moreover the allocations themselves become inaccessible
when the allocation is freed in order to implement UAF detection,
so we can't store information there to be used in case of UAF
anyway.
Therefore our storage location for tracking stack traces of secondary
allocations is a ring buffer. The ring buffer is copied to the process
creating the crash dump when a fault occurs.
The ring buffer is also used to store stack traces for primary
deallocations. Stack traces for primary allocations continue to be
stored inline.
In order to support the scenario where an access to the ring buffer
is interrupted by a concurrently occurring crash, the ring buffer is
accessed in a lock-free manner.
Differential Revision: https://reviews.llvm.org/D94212
show more ...
|
|
Revision tags: llvmorg-11.0.1, llvmorg-11.0.1-rc2 |
|
| #
ebff66be |
| 10-Dec-2020 |
Mitch Phillips <31459023+hctim@users.noreply.github.com> |
[scudo] [standalone] [NFC] clang-format code.
clang-format the scudo standalone codebase.
Reviewed By: cryptoad
Differential Revision: https://reviews.llvm.org/D93056
|
|
Revision tags: llvmorg-11.0.1-rc1, llvmorg-11.0.0, llvmorg-11.0.0-rc6, llvmorg-11.0.0-rc5, llvmorg-11.0.0-rc4, llvmorg-11.0.0-rc3, llvmorg-11.0.0-rc2, llvmorg-11.0.0-rc1, llvmorg-12-init, llvmorg-10.0.1, llvmorg-10.0.1-rc4, llvmorg-10.0.1-rc3, llvmorg-10.0.1-rc2, llvmorg-10.0.1-rc1, llvmorg-10.0.0, llvmorg-10.0.0-rc6, llvmorg-10.0.0-rc5, llvmorg-10.0.0-rc4, llvmorg-10.0.0-rc3, llvmorg-10.0.0-rc2, llvmorg-10.0.0-rc1 |
|
| #
21d50019 |
| 28-Jan-2020 |
Peter Collingbourne <peter@pcc.me.uk> |
scudo: Add support for diagnosing memory errors when memory tagging is enabled.
Introduce a function __scudo_get_error_info() that may be called to interpret
a crash resulting from a memory error, p
scudo: Add support for diagnosing memory errors when memory tagging is enabled.
Introduce a function __scudo_get_error_info() that may be called to interpret
a crash resulting from a memory error, potentially in another process,
given information extracted from the crashing process. The crash may be
interpreted as a use-after-free, buffer overflow or buffer underflow.
Also introduce a feature to optionally record a stack trace for each
allocation and deallocation. If this feature is enabled, a stack trace for
the allocation and (if applicable) the deallocation will also be available
via __scudo_get_error_info().
Differential Revision: https://reviews.llvm.org/D77283
show more ...
|