1 //===-- MemoryHistoryASan.cpp ---------------------------------------------===//
2 //
3 // Part of the LLVM Project, under the Apache License v2.0 with LLVM Exceptions.
4 // See https://llvm.org/LICENSE.txt for license information.
5 // SPDX-License-Identifier: Apache-2.0 WITH LLVM-exception
6 //
7 //===----------------------------------------------------------------------===//
8 
9 #include "MemoryHistoryASan.h"
10 
11 #include "lldb/Target/MemoryHistory.h"
12 
13 #include "Plugins/Process/Utility/HistoryThread.h"
14 #include "lldb/Core/Debugger.h"
15 #include "lldb/Core/Module.h"
16 #include "lldb/Core/PluginInterface.h"
17 #include "lldb/Core/PluginManager.h"
18 #include "lldb/Core/ValueObject.h"
19 #include "lldb/Expression/UserExpression.h"
20 #include "lldb/Target/ExecutionContext.h"
21 #include "lldb/Target/Target.h"
22 #include "lldb/Target/Thread.h"
23 #include "lldb/Target/ThreadList.h"
24 #include "lldb/lldb-private.h"
25 
26 #include <sstream>
27 
28 using namespace lldb;
29 using namespace lldb_private;
30 
31 LLDB_PLUGIN_DEFINE(MemoryHistoryASan)
32 
33 MemoryHistorySP MemoryHistoryASan::CreateInstance(const ProcessSP &process_sp) {
34   if (!process_sp.get())
35     return nullptr;
36 
37   Target &target = process_sp->GetTarget();
38 
39   const ModuleList &target_modules = target.GetImages();
40   std::lock_guard<std::recursive_mutex> guard(target_modules.GetMutex());
41   const size_t num_modules = target_modules.GetSize();
42   for (size_t i = 0; i < num_modules; ++i) {
43     Module *module_pointer = target_modules.GetModulePointerAtIndexUnlocked(i);
44 
45     const Symbol *symbol = module_pointer->FindFirstSymbolWithNameAndType(
46         ConstString("__asan_get_alloc_stack"), lldb::eSymbolTypeAny);
47 
48     if (symbol != nullptr)
49       return MemoryHistorySP(new MemoryHistoryASan(process_sp));
50   }
51 
52   return MemoryHistorySP();
53 }
54 
55 void MemoryHistoryASan::Initialize() {
56   PluginManager::RegisterPlugin(
57       GetPluginNameStatic(), "ASan memory history provider.", CreateInstance);
58 }
59 
60 void MemoryHistoryASan::Terminate() {
61   PluginManager::UnregisterPlugin(CreateInstance);
62 }
63 
64 ConstString MemoryHistoryASan::GetPluginNameStatic() {
65   static ConstString g_name("asan");
66   return g_name;
67 }
68 
69 MemoryHistoryASan::MemoryHistoryASan(const ProcessSP &process_sp) {
70   if (process_sp)
71     m_process_wp = process_sp;
72 }
73 
74 const char *memory_history_asan_command_prefix = R"(
75     extern "C"
76     {
77         size_t __asan_get_alloc_stack(void *addr, void **trace, size_t size, int *thread_id);
78         size_t __asan_get_free_stack(void *addr, void **trace, size_t size, int *thread_id);
79     }
80 
81     struct data {
82         void *alloc_trace[256];
83         size_t alloc_count;
84         int alloc_tid;
85 
86         void *free_trace[256];
87         size_t free_count;
88         int free_tid;
89     };
90 )";
91 
92 const char *memory_history_asan_command_format =
93     R"(
94     data t;
95 
96     t.alloc_count = __asan_get_alloc_stack((void *)0x%)" PRIx64
97     R"(, t.alloc_trace, 256, &t.alloc_tid);
98     t.free_count = __asan_get_free_stack((void *)0x%)" PRIx64
99     R"(, t.free_trace, 256, &t.free_tid);
100 
101     t;
102 )";
103 
104 static void CreateHistoryThreadFromValueObject(ProcessSP process_sp,
105                                                ValueObjectSP return_value_sp,
106                                                const char *type,
107                                                const char *thread_name,
108                                                HistoryThreads &result) {
109   std::string count_path = "." + std::string(type) + "_count";
110   std::string tid_path = "." + std::string(type) + "_tid";
111   std::string trace_path = "." + std::string(type) + "_trace";
112 
113   ValueObjectSP count_sp =
114       return_value_sp->GetValueForExpressionPath(count_path.c_str());
115   ValueObjectSP tid_sp =
116       return_value_sp->GetValueForExpressionPath(tid_path.c_str());
117 
118   if (!count_sp || !tid_sp)
119     return;
120 
121   int count = count_sp->GetValueAsUnsigned(0);
122   tid_t tid = tid_sp->GetValueAsUnsigned(0) + 1;
123 
124   if (count <= 0)
125     return;
126 
127   ValueObjectSP trace_sp =
128       return_value_sp->GetValueForExpressionPath(trace_path.c_str());
129 
130   if (!trace_sp)
131     return;
132 
133   std::vector<lldb::addr_t> pcs;
134   for (int i = 0; i < count; i++) {
135     addr_t pc = trace_sp->GetChildAtIndex(i, true)->GetValueAsUnsigned(0);
136     if (pc == 0 || pc == 1 || pc == LLDB_INVALID_ADDRESS)
137       continue;
138     pcs.push_back(pc);
139   }
140 
141   // The ASAN runtime already massages the return addresses into call
142   // addresses, we don't want LLDB's unwinder to try to locate the previous
143   // instruction again as this might lead to us reporting a different line.
144   bool pcs_are_call_addresses = true;
145   HistoryThread *history_thread =
146       new HistoryThread(*process_sp, tid, pcs, pcs_are_call_addresses);
147   ThreadSP new_thread_sp(history_thread);
148   std::ostringstream thread_name_with_number;
149   thread_name_with_number << thread_name << " Thread " << tid;
150   history_thread->SetThreadName(thread_name_with_number.str().c_str());
151   // Save this in the Process' ExtendedThreadList so a strong pointer retains
152   // the object
153   process_sp->GetExtendedThreadList().AddThread(new_thread_sp);
154   result.push_back(new_thread_sp);
155 }
156 
157 HistoryThreads MemoryHistoryASan::GetHistoryThreads(lldb::addr_t address) {
158   HistoryThreads result;
159 
160   ProcessSP process_sp = m_process_wp.lock();
161   if (!process_sp)
162     return result;
163 
164   ThreadSP thread_sp =
165       process_sp->GetThreadList().GetExpressionExecutionThread();
166   if (!thread_sp)
167     return result;
168 
169   StackFrameSP frame_sp = thread_sp->GetSelectedFrame();
170   if (!frame_sp)
171     return result;
172 
173   ExecutionContext exe_ctx(frame_sp);
174   ValueObjectSP return_value_sp;
175   StreamString expr;
176   Status eval_error;
177   expr.Printf(memory_history_asan_command_format, address, address);
178 
179   EvaluateExpressionOptions options;
180   options.SetUnwindOnError(true);
181   options.SetTryAllThreads(true);
182   options.SetStopOthers(true);
183   options.SetIgnoreBreakpoints(true);
184   options.SetTimeout(process_sp->GetUtilityExpressionTimeout());
185   options.SetPrefix(memory_history_asan_command_prefix);
186   options.SetAutoApplyFixIts(false);
187   options.SetLanguage(eLanguageTypeObjC_plus_plus);
188 
189   ExpressionResults expr_result = UserExpression::Evaluate(
190       exe_ctx, options, expr.GetString(), "", return_value_sp, eval_error);
191   if (expr_result != eExpressionCompleted) {
192     process_sp->GetTarget().GetDebugger().GetAsyncOutputStream()->Printf(
193         "Warning: Cannot evaluate AddressSanitizer expression:\n%s\n",
194         eval_error.AsCString());
195     return result;
196   }
197 
198   if (!return_value_sp)
199     return result;
200 
201   CreateHistoryThreadFromValueObject(process_sp, return_value_sp, "free",
202                                      "Memory deallocated by", result);
203   CreateHistoryThreadFromValueObject(process_sp, return_value_sp, "alloc",
204                                      "Memory allocated by", result);
205 
206   return result;
207 }
208