Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Strip top bits from pointers before reading memory contents #320

Merged
merged 1 commit into from Nov 30, 2018
Merged

Strip top bits from pointers before reading memory contents #320

merged 1 commit into from Nov 30, 2018

Conversation

kattrali
Copy link
Contributor

In the new Xcode 10 build system, Swift object register values have the
top bit used as a flag. This change strips the flag while not losing
anything relevant to us in our quest to see error messages for assertion
failures.

Design

Added a new validation to bsg_kscrw_i_writeMemoryContentsIfNotable which strips the top from the address if it is not valid and rechecks the new value. If it is then valid, it is used as the object address.

Tests

  • Tested manually on physical devices and emulators for iOS 11 & 12
  • Added a new integration test, which runs successfully on Xcode 10.1 + iOS 12.1

Discussion

This technique no longer works at all for assertion messages less than 16 characters, as they aren't stored in the register values.

Linked issues

Fixes #318

Review

  • Consistency between the changeset and the goal stated above
  • Internal consistency with the rest of the library - is there any overlap between existing interfaces and any which have been added?
  • Performance and complexity - are there any cases of unexpected O(n^3) when iterating, recursing, flat mapping, etc?
  • Thoroughness of added tests and any missing edge cases
  • Idiomatic use of the language

@kattrali kattrali force-pushed the kattrali/swift-assertion-msg-fix branch from ca3311f to 91d011d Compare November 29, 2018 01:33
fractalwrench
fractalwrench reviewed Nov 29, 2018
View reviewed changes
Copy link
Contributor

@fractalwrench fractalwrench left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I've confirmed the fix works - do we have any options for supporting error messages whose length is less than 16 characters? If not I think it'd be a good idea to write a scenario to verify this behaviour, otherwise this PR lgtm.

features/crashprobe.feature Show resolved Hide resolved
CHANGELOG.md Outdated Show resolved Hide resolved
@kattrali
fix: Strip top bits from pointers before reading memory contents
7094543 
In the new Xcode 10 build system, Swift object register values have the
top bit used as a flag. This change strips the flag while not losing
anything relevant to us in our quest to see error messages for assertion
failures.

This technique does not capture messages which are less than 16
characters, as short strings are stored as raw char arrays on the stack
rather than being allocated. (See WWDC 2018 #401 for more info on new
string optimizations)

While it is possible to check for char arrays as well as pointers when
searching for notable address values, sweeping up local variables has a
likely chance of capturing unintended data as well from the surrounding
code, some of which may be sensitive. It is also not guaranteed that the
value would still be on the stack after the message is logged, so it is
possible to get only unrelated string values as the message.

In the current Swift stdlib, the following messages passed to
fatalError, preconditionFailure, and precondition (and their internal
func counterparts) are less than 16 characters:

* empty string
* `unavailable`
* `not implemented`
* `abstract method`
* `unknown value`
* `invalid count` (where a dictionary contains < 0 items(?))
* `invalid index` (where a dictionary ceases to be a dictionary)
* `don't touch me` (from SpriteKit)
* `close() failed` (from the private Subprocess implementation)

The vast majority have more meaningful messages.

Reference:
* https://asciiwwdc.com/2018/sessions/401

Fixes #318
@kattrali kattrali force-pushed the kattrali/swift-assertion-msg-fix branch from 91d011d to 7094543 Compare November 29, 2018 22:56
@kattrali kattrali merged commit bc4b40e into master Nov 30, 2018
@kattrali kattrali deleted the kattrali/swift-assertion-msg-fix branch November 30, 2018 00:21
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@fractalwrench fractalwrench fractalwrench left review comments

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
2 participants
@kattrali @fractalwrench