syzygy/integration_tests/allocator_shim.cc - Issue 2984933002: Allocator shims design prototype.

Side by Side Diff: syzygy/integration_tests/allocator_shim.cc

Issue 2984933002: Allocator shims design prototype. (Closed)

Patch Set: Removing files nto needed for this branch Created 3 years, 4 months ago

Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.

Jump to:

OLD	NEW
(Empty)
	1 // Copyright 2016 The Chromium Authors. All rights reserved.
	Sébastien Marchand 2017/07/25 16:21:53 2017 2017 njanevsk 2017/07/25 17:43:02 Done. Show quoted text On 2017/07/25 16:21:53, Sébastien Marchand wrote: > 2017 Done.
	2 // Use of this source code is governed by a BSD-style license that can be

	3 // found in the LICENSE file.

	4

	5 // This header defines symbols to override the same functions in the Visual C++
	Sébastien Marchand 2017/07/25 16:21:53 This isn't a header :) This isn't a header :) njanevsk 2017/07/25 17:43:01 Done. Show quoted text On 2017/07/25 16:21:53, Sébastien Marchand wrote: > This isn't a header :) Done.
	6 // CRT implementation.

	7

	8 #ifdef BASE_ALLOCATOR_ALLOCATOR_SHIM_OVERRIDE_UCRT_SYMBOLS_WIN_H_

	9 #error This header is meant to be included only once by allocator_shim.cc
	Sébastien Marchand 2017/07/25 16:21:53 We don't need this anymore. We don't need this anymore. njanevsk 2017/07/25 17:43:02 Done. Show quoted text On 2017/07/25 16:21:53, Sébastien Marchand wrote: > We don't need this anymore. Done.
	10 #endif

	11 #define BASE_ALLOCATOR_ALLOCATOR_SHIM_OVERRIDE_UCRT_SYMBOLS_WIN_H_

	12

	13 #include <windows.h>

	14 #include <malloc.h>

	15 #include <mutex>

	16 #include "base/logging.h"
	Sébastien Marchand 2017/07/25 16:21:53 Do you really need logging? Do you really need logging? njanevsk 2017/07/25 19:49:17 Done. Show quoted text On 2017/07/25 16:21:53, Sébastien Marchand wrote: > Do you really need logging? Done.
	17

	18 extern "C" {

	19

	20 namespace {

	21

	22 typedef HANDLE(WINAPI* HeapCreatePtr)(DWORD, SIZE_T, SIZE_T);
	Sébastien Marchand 2017/07/25 16:21:53 Add a comment to describe what these typedefs are. Add a comment to describe what these typedefs are. njanevsk 2017/07/25 17:43:02 Done. Show quoted text On 2017/07/25 16:21:53, Sébastien Marchand wrote: > Add a comment to describe what these typedefs are. Done.
	23 typedef BOOL(WINAPI* HeapDestroyPtr)(HANDLE);

	24 typedef LPVOID(WINAPI* HeapAllocPtr)(HANDLE, DWORD, SIZE_T);

	25 typedef LPVOID(WINAPI* HeapReAllocPtr)(HANDLE, DWORD, LPVOID, SIZE_T);

	26 typedef BOOL(WINAPI* HeapFreePtr)(HANDLE, DWORD, LPVOID);

	27

	28 int win_new_mode = 0;
	Sébastien Marchand 2017/07/25 16:21:53 You don't need this. You don't need this. njanevsk 2017/07/25 17:43:01 Done. Show quoted text On 2017/07/25 16:21:53, Sébastien Marchand wrote: > You don't need this. Done.
	29 std::mutex m;
	Sébastien Marchand 2017/07/25 16:21:53 Rename this to something more meaningful, add a co Rename this to something more meaningful, add a comment to describe what it's for. Move the declaration next to the asan_shim one. njanevsk 2017/07/25 17:43:02 Done. Show quoted text On 2017/07/25 16:21:53, Sébastien Marchand wrote: > Rename this to something more meaningful, add a comment to describe what it's > for. Move the declaration next to the asan_shim one. Done.
	30
	Sébastien Marchand 2017/07/25 16:21:52 Remove one of these BLs Remove one of these BLs njanevsk 2017/07/25 17:43:01 Done. Show quoted text On 2017/07/25 16:21:52, Sébastien Marchand wrote: > Remove one of these BLs Done.
	31

	32 struct asan_shim_struct {
	Sébastien Marchand 2017/07/25 16:21:53 Use a CamelCase name. Use a CamelCase name. njanevsk 2017/07/25 17:43:02 Done. Show quoted text On 2017/07/25 16:21:53, Sébastien Marchand wrote: > Use a CamelCase name. Done. chrisha 2017/07/25 18:47:14 Also, _struct / Struct isn't adding any additional Show quoted text On 2017/07/25 17:43:02, njanevsk wrote: > On 2017/07/25 16:21:53, Sébastien Marchand wrote: > > Use a CamelCase name. > > Done. Also, _struct / Struct isn't adding any additional information. This function is a collection of points to runtime library heap functions, so maybe a better name would be RuntimePointers? njanevsk 2017/07/25 19:49:17 I changed it to AsanRuntimePointers. I want to hav Show quoted text On 2017/07/25 18:47:14, chrisha wrote: > On 2017/07/25 17:43:02, njanevsk wrote: > > On 2017/07/25 16:21:53, Sébastien Marchand wrote: > > > Use a CamelCase name. > > > > Done. > > Also, _struct / Struct isn't adding any additional information. This function is > a collection of points to runtime library heap functions, so maybe a better name > would be RuntimePointers? I changed it to AsanRuntimePointers. I want to have Asan in the name to make it more specific and descriptive. RuntimePointers is general.
	33 HANDLE asan_heap = nullptr;

	34 HMODULE asan_module;

	35 HeapCreatePtr heap_create;

	36 HeapAllocPtr heap_alloc;

	37 HeapFreePtr heap_free;

	38 HeapReAllocPtr heap_realloc;
	chrisha 2017/07/25 18:47:14 All of these should have = nullptr as well. All of these should have = nullptr as well. njanevsk 2017/07/25 19:49:17 Done. Show quoted text On 2017/07/25 18:47:14, chrisha wrote: > All of these should have = nullptr as well. Done.
	39 };

	40

	41 asan_shim_struct asan_shim;

	42

	43 void load_asan_module() {

	44 std::unique_lock<std::mutex> lock(m);
	Sébastien Marchand 2017/07/25 16:21:52 I think that we could avoid all this by moving thi I think that we could avoid all this by moving this code to the constructor of the asan_shim struct, Chris, wdyt? njanevsk 2017/07/25 17:43:02 That sounds like a really good idea. That way the Show quoted text On 2017/07/25 16:21:52, Sébastien Marchand wrote: > I think that we could avoid all this by moving this code to the constructor of > the asan_shim struct, Chris, wdyt? That sounds like a really good idea. That way the variable will be initialized when created and we can get rid of the load_asan_module calls in each function. chrisha 2017/07/25 18:47:14 That means that we rely on the static initializers Show quoted text On 2017/07/25 17:43:02, njanevsk wrote: > On 2017/07/25 16:21:52, Sébastien Marchand wrote: > > I think that we could avoid all this by moving this code to the constructor of > > the asan_shim struct, Chris, wdyt? > > That sounds like a really good idea. That way the variable will be initialized > when created and we can get rid of the load_asan_module calls in each function. That means that we rely on the static initializers of this module having run before any heap allocations can be made. But, other static initializers running before ours might need to make heap allocations. I'd stick with the current mechanism (a gateway function for the initialization). I'd also move the lock acquisition inside of the check for asan_module == nullptr. In fact, you could get rid of the lock entirely, as we know we are running on x86 systems where 32-bit reads and writes are atomic. The worst case scenario is that multiple threads do the resolving at the same time, each coming up with the same answer. Finally, I'd call this functions something more meaningful, like ResolveRuntimePointers, maybe? njanevsk 2017/07/25 19:49:17 Thanks. I removed the lock. Seb are you satisified Show quoted text On 2017/07/25 18:47:14, chrisha wrote: > On 2017/07/25 17:43:02, njanevsk wrote: > > On 2017/07/25 16:21:52, Sébastien Marchand wrote: > > > I think that we could avoid all this by moving this code to the constructor > of > > > the asan_shim struct, Chris, wdyt? > > > > That sounds like a really good idea. That way the variable will be initialized > > when created and we can get rid of the load_asan_module calls in each > function. > > That means that we rely on the static initializers of this module having run > before any heap allocations can be made. But, other static initializers running > before ours might need to make heap allocations. I'd stick with the current > mechanism (a gateway function for the initialization). > > I'd also move the lock acquisition inside of the check for asan_module == > nullptr. > > In fact, you could get rid of the lock entirely, as we know we are running on > x86 systems where 32-bit reads and writes are atomic. The worst case scenario is > that multiple threads do the resolving at the same time, each coming up with the > same answer. > > Finally, I'd call this functions something more meaningful, like > ResolveRuntimePointers, maybe? Thanks. I removed the lock. Seb are you satisified with this solution? I renamed the function to: resolve_asan_runtime_pointers() Again I am using asan to make it more specific and in agreement with the data structure's name. Sébastien Marchand 2017/07/25 20:07:06 Yep, this approach sgtm. Show quoted text On 2017/07/25 19:49:17, njanevsk wrote: > On 2017/07/25 18:47:14, chrisha wrote: > > On 2017/07/25 17:43:02, njanevsk wrote: > > > On 2017/07/25 16:21:52, Sébastien Marchand wrote: > > > > I think that we could avoid all this by moving this code to the > constructor > > of > > > > the asan_shim struct, Chris, wdyt? > > > > > > That sounds like a really good idea. That way the variable will be > initialized > > > when created and we can get rid of the load_asan_module calls in each > > function. > > > > That means that we rely on the static initializers of this module having run > > before any heap allocations can be made. But, other static initializers > running > > before ours might need to make heap allocations. I'd stick with the current > > mechanism (a gateway function for the initialization). > > > > I'd also move the lock acquisition inside of the check for asan_module == > > nullptr. > > > > In fact, you could get rid of the lock entirely, as we know we are running on > > x86 systems where 32-bit reads and writes are atomic. The worst case scenario > is > > that multiple threads do the resolving at the same time, each coming up with > the > > same answer. > > > > Finally, I'd call this functions something more meaningful, like > > ResolveRuntimePointers, maybe? > Thanks. I removed the lock. Seb are you satisified with this solution? > I renamed the function to: > resolve_asan_runtime_pointers() > Again I am using asan to make it more specific and in agreement with the data > structure's name. Yep, this approach sgtm.
	45 if (asan_shim.asan_module == nullptr) {

	46 asan_shim.asan_module = GetModuleHandle(L"syzyasan_rtl.dll");

	47 asan_shim.heap_create = reinterpret_cast<HeapCreatePtr>(

	48 ::GetProcAddress(asan_shim.asan_module, "asan_HeapCreate"));

	49 asan_shim.heap_alloc = reinterpret_cast<HeapAllocPtr>(

	50 ::GetProcAddress(asan_shim.asan_module, "asan_HeapAlloc"));

	51 asan_shim.heap_free = reinterpret_cast<HeapFreePtr>(

	52 ::GetProcAddress(asan_shim.asan_module, "asan_HeapFree"));

	53 asan_shim.heap_realloc = reinterpret_cast<HeapReAllocPtr>(

	54 ::GetProcAddress(asan_shim.asan_module, "asan_HeapReAlloc"));

	55 }

	56 lock.unlock();

	57 }

	58

	59 inline HANDLE get_heap_handle() {

	60 load_asan_module();
	Sébastien Marchand 2017/07/25 16:21:53 put this behind a "if (asan_shim.asan_module == nu put this behind a "if (asan_shim.asan_module == nullptr)", otherwise you'll grab the lock for nothing. njanevsk 2017/07/25 19:49:17 Since we are getting rid of the lock this is N\A. Show quoted text On 2017/07/25 16:21:53, Sébastien Marchand wrote: > put this behind a "if (asan_shim.asan_module == nullptr)", otherwise you'll grab > the lock for nothing. Since we are getting rid of the lock this is N\A.
	61 return asan_shim.asan_heap;

	62 }

	63

	64 } // namespace

	65

	66 // This function behaves similarly to MSVC's _set_new_mode.

	67 // If flag is 0 (default), calls to malloc will behave normally.

	68 // If flag is 1, calls to malloc will behave like calls to new,

	69 // and the std_new_handler will be invoked on failure.

	70 // Returns the previous mode.

	71 //

	72 // Replaces _set_new_mode in ucrt\heap\new_mode.cpp

	73 int _set_new_mode(int flag) {

	74 return 0;

	75 }

	76

	77 // Replaces _query_new_mode in ucrt\heap\new_mode.cpp

	78 int _query_new_mode() {

	79 return 0;

	80 }

	81

	82 // These symbols override the CRT's implementation of the same functions.

	83 __declspec(restrict) void* malloc(size_t size) {

	84
	Sébastien Marchand 2017/07/25 16:21:53 Remove this BL. Remove this BL. njanevsk 2017/07/25 17:43:02 Done. Show quoted text On 2017/07/25 16:21:53, Sébastien Marchand wrote: > Remove this BL. Done.
	85 return asan_shim.heap_alloc(get_heap_handle(), 0, size);

	86 }

	87

	88 void free(void* ptr) {

	89 load_asan_module();
	Sébastien Marchand 2017/07/25 16:21:52 This is confusing, the load_asan_module is in some This is confusing, the load_asan_module is in some functions but not in the others, you could add a "GetAllocShim" function that returns a pointer to the initialized struct instead. njanevsk 2017/07/25 17:43:02 If we use a constructor for the structure then the Show quoted text On 2017/07/25 16:21:52, Sébastien Marchand wrote: > This is confusing, the load_asan_module is in some functions but not in the > others, you could add a "GetAllocShim" function that returns a pointer to the > initialized struct instead. If we use a constructor for the structure then the asan_shim structure will always be initialized and there will not be a need to call it in any of the methods.
	90 asan_shim.heap_free(get_heap_handle(), 0, ptr);

	91 }

	92

	93 __declspec(restrict) void* realloc(void* ptr, size_t size) {

	94 load_asan_module();

	95 return asan_shim.heap_realloc(get_heap_handle(), 0, ptr, size);

	96 }

	97

	98 __declspec(restrict) void* calloc(size_t n, size_t size) {

	99 load_asan_module();

	100 void* ptr = malloc(size * n);

	101 ::memset(ptr, 0, size * n);
	Sébastien Marchand 2017/07/25 16:21:53 Check if ptr == nullptr before this, the malloc ca Check if ptr == nullptr before this, the malloc call might fail in which case this function should return nullptr (http://www.cplusplus.com/reference/cstdlib/calloc/) njanevsk 2017/07/25 17:43:02 Done. Show quoted text On 2017/07/25 16:21:53, Sébastien Marchand wrote: > Check if ptr == nullptr before this, the malloc call might fail in which case > this function should return nullptr > (http://www.cplusplus.com/reference/cstdlib/calloc/) Done.
	102 return ptr;

	103 }

	104

	105 // The symbols

	106 // * __acrt_heap

	107 // * __acrt_initialize_heap

	108 // * __acrt_uninitialize_heap

	109 // * _get_heap_handle

	110 // must be overridden all or none, as they are otherwise supplied

	111 // by heap_handle.obj in the ucrt.lib file.

	112 HANDLE __acrt_heap = nullptr;

	113

	114 bool __acrt_initialize_heap() {

	115 __acrt_heap = ::HeapCreate(0, 0, 0);

	116 return true;

	117 }

	118

	119 bool __acrt_uninitialize_heap() {

	120 ::HeapDestroy(__acrt_heap);

	121 __acrt_heap = nullptr;

	122 return true;

	123 }

	124

	125 intptr_t _get_heap_handle(void) {

	126 return reinterpret_cast<intptr_t>(__acrt_heap);

	127 }

	128

	129 // The default dispatch translation unit has to define also the following
	Sébastien Marchand 2017/07/25 16:21:53 You don't need this comment afaik. You don't need this comment afaik. njanevsk 2017/07/25 17:43:02 Done. Show quoted text On 2017/07/25 16:21:53, Sébastien Marchand wrote: > You don't need this comment afaik. Done.
	130 // symbols (unless they are ultimately routed to the system symbols):

	131 // void malloc_stats(void);

	132 // int mallopt(int, int);

	133 // struct mallinfo mallinfo(void);

	134 // size_t malloc_size(void*);

	135 // size_t malloc_usable_size(const void*);

	136

	137 } // extern "C"

OLD	NEW

« no previous file with comments | « no previous file | syzygy/integration_tests/integration_tests.gyp » ('j') | no next file with comments »