Add an internal API to get a poisoned pointer.

The motivation is to make destroyed/moved-from objects cause crashes when they are accessed.

PiperOrigin-RevId: 646229564
Change-Id: I68d9c189b542df0933af08f5ad63dc1f5764d856

6 files changed, 219 insertions, 0 deletions

diff --git a/CMake/AbseilDll.cmake b/CMake/AbseilDll.cmake
index 87904542..27f79b72 100644
--- a/CMake/AbseilDll.cmake
+++ b/CMake/AbseilDll.cmake
@@ -28,6 +28,8 @@ set(ABSL_INTERNAL_DLL_FILES
   "base/internal/low_level_scheduling.h"
   "base/internal/nullability_impl.h"
   "base/internal/per_thread_tls.h"
+  "base/internal/poison.cc"
+  "base/internal/poison.h"
   "base/prefetch.h"
   "base/internal/pretty_function.h"
   "base/internal/raw_logging.cc"
diff --git a/absl/base/BUILD.bazel b/absl/base/BUILD.bazel
index bc949452..cfa7eaf5 100644
--- a/absl/base/BUILD.bazel
+++ b/absl/base/BUILD.bazel
@@ -866,6 +866,40 @@ cc_test(
     ],
 )
 
+cc_library(
+    name = "poison",
+    srcs = [
+        "internal/poison.cc",
+    ],
+    hdrs = ["internal/poison.h"],
+    copts = ABSL_DEFAULT_COPTS,
+    linkopts = ABSL_DEFAULT_LINKOPTS,
+    visibility = [
+        "//absl:__subpackages__",
+    ],
+    deps = [
+        ":config",
+        ":core_headers",
+    ],
+)
+
+cc_test(
+    name = "poison_test",
+    size = "small",
+    timeout = "short",
+    srcs = [
+        "internal/poison_test.cc",
+    ],
+    copts = ABSL_TEST_COPTS,
+    linkopts = ABSL_DEFAULT_LINKOPTS,
+    deps = [
+        ":config",
+        ":poison",
+        "@com_google_googletest//:gtest",
+        "@com_google_googletest//:gtest_main",
+    ],
+)
+
 cc_test(
     name = "unique_small_name_test",
     size = "small",
diff --git a/absl/base/CMakeLists.txt b/absl/base/CMakeLists.txt
index e010efec..4423dace 100644
--- a/absl/base/CMakeLists.txt
+++ b/absl/base/CMakeLists.txt
@@ -739,3 +739,32 @@ absl_cc_test(
     absl::optional
     GTest::gtest_main
 )
+
+absl_cc_library(
+  NAME
+    poison
+  SRCS
+    "internal/poison.cc"
+  HDRS
+    "internal/poison.h"
+  COPTS
+    ${ABSL_DEFAULT_COPTS}
+  LINKOPTS
+    ${ABSL_DEFAULT_LINKOPTS}
+  DEPS
+    absl::config
+    absl::core_headers
+)
+
+absl_cc_test(
+  NAME
+    poison_test
+  SRCS
+    "internal/poison_test.cc"
+  COPTS
+    ${ABSL_TEST_COPTS}
+  DEPS
+    absl::config
+    absl::poison
+    GTest::gtest_main
+)
diff --git a/absl/base/internal/poison.cc b/absl/base/internal/poison.cc
new file mode 100644
index 00000000..c6d8f8ee
--- /dev/null
+++ b/absl/base/internal/poison.cc
@@ -0,0 +1,79 @@
+// Copyright 2024 The Abseil Authors
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+//     https://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+#include "absl/base/internal/poison.h"
+
+#include <atomic>
+#include <cstdint>  // NOLINT - used in ifdef
+#include <cstdlib>
+
+#include "absl/base/attributes.h"
+#include "absl/base/config.h"
+
+#if defined(ABSL_HAVE_ADDRESS_SANITIZER)
+#include <sanitizer/asan_interface.h>
+#elif defined(ABSL_HAVE_MEMORY_SANITIZER)
+#include <sanitizer/msan_interface.h>
+#elif defined(ABSL_HAVE_MMAP) && !defined(SGX_SIM)
+#include <sys/mman.h>
+#elif defined(_MSC_VER)
+#include <windows.h>
+#endif
+
+namespace absl {
+ABSL_NAMESPACE_BEGIN
+namespace base_internal {
+namespace {
+constexpr size_t kPageSize = 1 << 12;
+alignas(kPageSize) static char poison_page[kPageSize];
+}  // namespace
+
+std::atomic<void*> poison_data = {&poison_page};
+
+namespace {
+
+#if defined(ABSL_HAVE_ADDRESS_SANITIZER)
+void PoisonBlock(void* data) { ASAN_POISON_MEMORY_REGION(data, kPageSize); }
+#elif defined(ABSL_HAVE_MEMORY_SANITIZER)
+void PoisonBlock(void* data) { __msan_poison(data, kPageSize); }
+#elif defined(ABSL_HAVE_MMAP)
+void PoisonBlock(void* data) { mprotect(data, kPageSize, PROT_NONE); }
+#elif defined(_MSC_VER)
+void PoisonBlock(void* data) {
+  DWORD old_mode = 0;
+  VirtualProtect(data, kPageSize, PAGE_NOACCESS, &old_mode);
+}
+#else
+void PoisonBlock(void* data) {
+  // We can't make poisoned memory, so just use a likely bad pointer.
+  // Pointers are required to have high bits that are all zero or all one for
+  // certain 64-bit CPUs. This pointer value will hopefully cause a crash on
+  // dereference and also be clearly recognizable as invalid.
+  constexpr uint64_t kBadPtr = 0xBAD0BAD0BAD0BAD0;
+  poison_data = reinterpret_cast<void*>(static_cast<uintptr_t>(kBadPtr));
+}
+#endif
+
+void* InitializePoisonedPointer() {
+  PoisonBlock(&poison_page);
+  return &poison_page;
+}
+
+}  // namespace
+
+ABSL_ATTRIBUTE_UNUSED void* force_initialize = InitializePoisonedPointer();
+
+}  // namespace base_internal
+ABSL_NAMESPACE_END
+}  // namespace absl
diff --git a/absl/base/internal/poison.h b/absl/base/internal/poison.h
new file mode 100644
index 00000000..aac1506a
--- /dev/null
+++ b/absl/base/internal/poison.h
@@ -0,0 +1,36 @@
+// Copyright 2024 The Abseil Authors
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+//     https://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+#ifndef ABSL_BASE_INTERNAL_POISON_H_
+#define ABSL_BASE_INTERNAL_POISON_H_
+
+#include <atomic>
+
+#include "absl/base/config.h"
+
+namespace absl {
+ABSL_NAMESPACE_BEGIN
+namespace base_internal {
+
+extern std::atomic<void*> poison_data;
+
+inline void* get_poisoned_pointer() {
+  return poison_data.load(std::memory_order_relaxed);
+}
+
+}  // namespace base_internal
+ABSL_NAMESPACE_END
+}  // namespace absl
+
+#endif  // ABSL_BASE_INTERNAL_POISON_H_
diff --git a/absl/base/internal/poison_test.cc b/absl/base/internal/poison_test.cc
new file mode 100644
index 00000000..ee72c177
--- /dev/null
+++ b/absl/base/internal/poison_test.cc
@@ -0,0 +1,39 @@
+// Copyright 2024 The Abseil Authors
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+//     https://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+#include "absl/base/internal/poison.h"
+
+#include <iostream>
+
+#include "gtest/gtest.h"
+#include "absl/base/config.h"
+
+namespace absl {
+ABSL_NAMESPACE_BEGIN
+namespace base_internal {
+namespace {
+
+TEST(PoisonTest, CrashesOnDereference) {
+#ifdef __ANDROID__
+  GTEST_SKIP() << "On Android, poisoned pointer dereference times out instead "
+                  "of crashing.";
+#endif
+  void* poisoned_ptr = get_poisoned_pointer();
+  EXPECT_DEATH_IF_SUPPORTED(std::cout << *static_cast<int*>(poisoned_ptr), "");
+}
+
+}  // namespace
+}  // namespace base_internal
+ABSL_NAMESPACE_END
+}  // namespace absl