[scudo] Clean up string handling (#86364)

Do not abort if a vector cannot increase its own capacity. In that case,
push_back calls silently fail.

Modify the ScopedString implementation so that i

[scudo] Clean up string handling (#86364)

Do not abort if a vector cannot increase its own capacity. In that case,
push_back calls silently fail.

Modify the ScopedString implementation so that it no longer requires two
passes to do the format. Move the helper functions to be private member
functions so that they can use push_back directly. This allows the
capacity to be increased under the hood and/or silently discards data if
the capacity is exceeded and cannot be increased.

Add new tests for the Vector and ScopedString for capacity increase
failures.

Doing this so that if a map call fails, and we are attempting to write
an error string, we can still get some of the message dumped. This also
avoids crashing in Scudo code, and makes the caller handle any failures.

show more ...

[scudo] Change overloaded function name append.

The ScopedString class has two functions named append. One takes
a va_list, but on some platforms va_list is typedef'd to char*.
That means that this

[scudo] Change overloaded function name append.

The ScopedString class has two functions named append. One takes
a va_list, but on some platforms va_list is typedef'd to char*.
That means that this call:

std::string value;
Str.append("print this string %s", value.c_str());

The compiler can incorrectly think this is the va_list function,
leading to crashes when calling this. To fix this, change the name
of the va_list function to be vappend to avoid this.

Fix https://github.com/llvm/llvm-project/issues/62893

Reviewed By: Chia-hungDuan

Differential Revision: https://reviews.llvm.org/D153389

show more ...

[scudo] Make the placeholder type specifier be consistent with C/C++

This avoids `-Wformat` complains the placeholder type specifier mismatch
on `lld`/`llu`(used for `s64`/`u64`) which have slightly

[scudo] Make the placeholder type specifier be consistent with C/C++

This avoids `-Wformat` complains the placeholder type specifier mismatch
on `lld`/`llu`(used for `s64`/`u64`) which have slightly different
interpretation in string_utils.cpp.

Also enable Timer build which was disabled because of the complaining of
`-Wformat`.

Differential Revision: https://reviews.llvm.org/D147496

show more ...

scudo/standalone: prepare for enabling format string checking

Move __attribute__((format)) to the function declarations in the header file.
It's almost pointless in the source file.
But disable the

scudo/standalone: prepare for enabling format string checking

Move __attribute__((format)) to the function declarations in the header file.
It's almost pointless in the source file.
But disable the warning with -Wno-format for now
since there is a number of existing warnings.

Depends on D107984.

Reviewed By: vitalybuka

Differential Revision: https://reviews.llvm.org/D108014

show more ...

[scudo] Remove ScopedString::Length

Differential Revision: https://reviews.llvm.org/D103725

[scudo] Rework Vector/String

Some platforms (eg: Trusty) are extremelly memory constrained, which
doesn't necessarily work well with some of Scudo's current assumptions.

`Vector` by default (and as

[scudo] Rework Vector/String

Some platforms (eg: Trusty) are extremelly memory constrained, which
doesn't necessarily work well with some of Scudo's current assumptions.

`Vector` by default (and as such `String` and `ScopedString`) maps a
page, which is a bit of a waste. This CL changes `Vector` to use a
buffer local to the class first, then potentially map more memory if
needed (`ScopedString` currently are all stack based so it would be
stack data). We also want to allow a platform to prevent any dynamic
resizing, so I added a `CanGrow` templated parameter that for now is
always `true` but would be set to `false` on Trusty.

Differential Revision: https://reviews.llvm.org/D103641

show more ...

[scudo] Rework dieOnMapUnmapError

Said function had a few shortfalls:
- didn't set an abort message on Android
- was logged on several lines
- didn't provide extra information like the size requeste

[scudo] Rework dieOnMapUnmapError

Said function had a few shortfalls:
- didn't set an abort message on Android
- was logged on several lines
- didn't provide extra information like the size requested if OOM'ing

This improves the function to address those points.

Differential Revision: https://reviews.llvm.org/D103034

show more ...

[scudo][standalone] Add missing va_end() in ScopedString::append

In ScopedString::append va_list ArgsCopy is created but never cleanuped
which can lead to undefined behaviour, like stack corruption.

[scudo][standalone] Add missing va_end() in ScopedString::append

In ScopedString::append va_list ArgsCopy is created but never cleanuped
which can lead to undefined behaviour, like stack corruption.

Reviewed By: cryptoad

Differential Revision: https://reviews.llvm.org/D92383

show more ...

[scudo][standalone] Fix tests under ASan/UBSan

Fix a potential UB in `appendSignedDecimal` (with -INT64_MIN) by making
it a special case.

Fix the terrible test cases for `isOwned`: I was pretty slo

[scudo][standalone] Fix tests under ASan/UBSan

Fix a potential UB in `appendSignedDecimal` (with -INT64_MIN) by making
it a special case.

Fix the terrible test cases for `isOwned`: I was pretty sloppy on those
and used some stack & static variables, but since `isOwned` accesses
memory prior to the pointer to check for the validity of the Scudo
header, it ended up being detected as some global and stack buffer out
of bounds accesses. So not I am using buffers with enough room so that
the test will not access memory prior to the variables.

With those fixes, the tests pass on the ASan+UBSan Fuchsia build.

Thanks to Roland for pointing those out!

Differential Revision: https://reviews.llvm.org/D88170

show more ...

[scudo][standalone] Get statistics in a char buffer

Summary:
Following up on D68471, this CL introduces some `getStats` APIs to
gather statistics in char buffers (`ScopedString` really) instead of
p

[scudo][standalone] Get statistics in a char buffer

Summary:
Following up on D68471, this CL introduces some `getStats` APIs to
gather statistics in char buffers (`ScopedString` really) instead of
printing them out right away. Ultimately `printStats` will just
output the buffer, but that allows us to potentially do some work
on the intermediate buffer, and can be used for a `mallocz` type
of functionality. This allows us to pretty much get rid of all the
`Printf` calls around, but I am keeping the function in for
debugging purposes.

This changes the existing tests to use the new APIs when required.

I will add new tests as suggested in D68471 in another CL.

Reviewers: morehouse, hctim, vitalybuka, eugenis, cferris

Reviewed By: morehouse

Subscribers: delcypher, #sanitizers, llvm-commits

Tags: #llvm, #sanitizers

Differential Revision: https://reviews.llvm.org/D68653

llvm-svn: 374173

show more ...

compiler-rt: Rename .cc file in lib/scudo/standalone to .cpp

Like r367463, but for scudo/standalone.

llvm-svn: 367568