search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
Daily bump.
[official-gcc.git] / libsanitizer / asan / asan_rtl.cc
blob6ddb01329adf501622c8b82c21632c4c3d5c97cd
1 //===-- asan_rtl.cc -------------------------------------------------------===//
2 //
3 // This file is distributed under the University of Illinois Open Source
4 // License. See LICENSE.TXT for details.
5 //
6 //===----------------------------------------------------------------------===//
7 //
8 // This file is a part of AddressSanitizer, an address sanity checker.
9 //
10 // Main file of the ASan run-time library.
11 //===----------------------------------------------------------------------===//
12 #include "asan_allocator.h"
13 #include "asan_interceptors.h"
14 #include "asan_internal.h"
15 #include "asan_mapping.h"
16 #include "asan_report.h"
17 #include "asan_stack.h"
18 #include "asan_stats.h"
19 #include "asan_thread.h"
20 #include "asan_thread_registry.h"
21 #include "sanitizer_common/sanitizer_atomic.h"
22 #include "sanitizer_common/sanitizer_flags.h"
23 #include "sanitizer_common/sanitizer_libc.h"
24 #include "sanitizer_common/sanitizer_symbolizer.h"
25
26 namespace __asan {
27
28 uptr AsanMappingProfile[kAsanMappingProfileSize];
29
30 static void AsanDie() {
31 static atomic_uint32_t num_calls;
32 if (atomic_fetch_add(&num_calls, 1, memory_order_relaxed) != 0) {
33 // Don't die twice - run a busy loop.
34 while (1) { }
35 }
36 if (flags()->sleep_before_dying) {
37 Report("Sleeping for %d second(s)\n", flags()->sleep_before_dying);
38 SleepForSeconds(flags()->sleep_before_dying);
39 }
40 if (flags()->unmap_shadow_on_exit) {
41 if (kMidMemBeg) {
42 UnmapOrDie((void*)kLowShadowBeg, kMidMemBeg - kLowShadowBeg);
43 UnmapOrDie((void*)kMidMemEnd, kHighShadowEnd - kMidMemEnd);
44 } else {
45 UnmapOrDie((void*)kLowShadowBeg, kHighShadowEnd - kLowShadowBeg);
46 }
47 }
48 if (death_callback)
49 death_callback();
50 if (flags()->abort_on_error)
51 Abort();
52 internal__exit(flags()->exitcode);
53 }
54
55 static void AsanCheckFailed(const char *file, int line, const char *cond,
56 u64 v1, u64 v2) {
57 Report("AddressSanitizer CHECK failed: %s:%d \"%s\" (0x%zx, 0x%zx)\n",
58 file, line, cond, (uptr)v1, (uptr)v2);
59 // FIXME: check for infinite recursion without a thread-local counter here.
60 PRINT_CURRENT_STACK();
61 Die();
62 }
63
64 // -------------------------- Flags ------------------------- {{{1
65 static const int kDeafultMallocContextSize = 30;
66
67 static Flags asan_flags;
68
69 Flags *flags() {
70 return &asan_flags;
71 }
72
73 static const char *MaybeCallAsanDefaultOptions() {
74 return (&__asan_default_options) ? __asan_default_options() : "";
75 }
76
77 static const char *MaybeUseAsanDefaultOptionsCompileDefiniton() {
78 #ifdef ASAN_DEFAULT_OPTIONS
79 // Stringize the macro value.
80 # define ASAN_STRINGIZE(x) #x
81 # define ASAN_STRINGIZE_OPTIONS(options) ASAN_STRINGIZE(options)
82 return ASAN_STRINGIZE_OPTIONS(ASAN_DEFAULT_OPTIONS);
83 #else
84 return "";
85 #endif
86 }
87
88 static void ParseFlagsFromString(Flags *f, const char *str) {
89 ParseFlag(str, &f->quarantine_size, "quarantine_size");
90 ParseFlag(str, &f->symbolize, "symbolize");
91 ParseFlag(str, &f->verbosity, "verbosity");
92 ParseFlag(str, &f->redzone, "redzone");
93 CHECK(f->redzone >= 16);
94 CHECK(IsPowerOfTwo(f->redzone));
95
96 ParseFlag(str, &f->debug, "debug");
97 ParseFlag(str, &f->report_globals, "report_globals");
98 ParseFlag(str, &f->check_initialization_order, "initialization_order");
99 ParseFlag(str, &f->malloc_context_size, "malloc_context_size");
100 CHECK((uptr)f->malloc_context_size <= kStackTraceMax);
101
102 ParseFlag(str, &f->replace_str, "replace_str");
103 ParseFlag(str, &f->replace_intrin, "replace_intrin");
104 ParseFlag(str, &f->mac_ignore_invalid_free, "mac_ignore_invalid_free");
105 ParseFlag(str, &f->use_fake_stack, "use_fake_stack");
106 ParseFlag(str, &f->max_malloc_fill_size, "max_malloc_fill_size");
107 ParseFlag(str, &f->exitcode, "exitcode");
108 ParseFlag(str, &f->allow_user_poisoning, "allow_user_poisoning");
109 ParseFlag(str, &f->sleep_before_dying, "sleep_before_dying");
110 ParseFlag(str, &f->handle_segv, "handle_segv");
111 ParseFlag(str, &f->use_sigaltstack, "use_sigaltstack");
112 ParseFlag(str, &f->check_malloc_usable_size, "check_malloc_usable_size");
113 ParseFlag(str, &f->unmap_shadow_on_exit, "unmap_shadow_on_exit");
114 ParseFlag(str, &f->abort_on_error, "abort_on_error");
115 ParseFlag(str, &f->print_stats, "print_stats");
116 ParseFlag(str, &f->print_legend, "print_legend");
117 ParseFlag(str, &f->atexit, "atexit");
118 ParseFlag(str, &f->disable_core, "disable_core");
119 ParseFlag(str, &f->strip_path_prefix, "strip_path_prefix");
120 ParseFlag(str, &f->allow_reexec, "allow_reexec");
121 ParseFlag(str, &f->print_full_thread_history, "print_full_thread_history");
122 ParseFlag(str, &f->log_path, "log_path");
123 ParseFlag(str, &f->fast_unwind_on_fatal, "fast_unwind_on_fatal");
124 ParseFlag(str, &f->fast_unwind_on_malloc, "fast_unwind_on_malloc");
125 ParseFlag(str, &f->poison_heap, "poison_heap");
126 ParseFlag(str, &f->alloc_dealloc_mismatch, "alloc_dealloc_mismatch");
127 ParseFlag(str, &f->use_stack_depot, "use_stack_depot");
128 }
129
130 void InitializeFlags(Flags *f, const char *env) {
131 internal_memset(f, 0, sizeof(*f));
132
133 f->quarantine_size = (ASAN_LOW_MEMORY) ? 1UL << 26 : 1UL << 28;
134 f->symbolize = false;
135 f->verbosity = 0;
136 f->redzone = ASAN_ALLOCATOR_VERSION == 2 ? 16 : (ASAN_LOW_MEMORY) ? 64 : 128;
137 f->debug = false;
138 f->report_globals = 1;
139 f->check_initialization_order = true;
140 f->malloc_context_size = kDeafultMallocContextSize;
141 f->replace_str = true;
142 f->replace_intrin = true;
143 f->mac_ignore_invalid_free = false;
144 f->use_fake_stack = true;
145 f->max_malloc_fill_size = 0;
146 f->exitcode = ASAN_DEFAULT_FAILURE_EXITCODE;
147 f->allow_user_poisoning = true;
148 f->sleep_before_dying = 0;
149 f->handle_segv = ASAN_NEEDS_SEGV;
150 f->use_sigaltstack = false;
151 f->check_malloc_usable_size = true;
152 f->unmap_shadow_on_exit = false;
153 f->abort_on_error = false;
154 f->print_stats = false;
155 f->print_legend = true;
156 f->atexit = false;
157 f->disable_core = (SANITIZER_WORDSIZE == 64);
158 f->strip_path_prefix = "";
159 f->allow_reexec = true;
160 f->print_full_thread_history = true;
161 f->log_path = 0;
162 f->fast_unwind_on_fatal = false;
163 f->fast_unwind_on_malloc = true;
164 f->poison_heap = true;
165 f->alloc_dealloc_mismatch = true;
166 f->use_stack_depot = true; // Only affects allocator2.
167
168 // Override from compile definition.
169 ParseFlagsFromString(f, MaybeUseAsanDefaultOptionsCompileDefiniton());
170
171 // Override from user-specified string.
172 ParseFlagsFromString(f, MaybeCallAsanDefaultOptions());
173 if (flags()->verbosity) {
174 Report("Using the defaults from __asan_default_options: %s\n",
175 MaybeCallAsanDefaultOptions());
176 }
177
178 // Override from command line.
179 ParseFlagsFromString(f, env);
180 }
181
182 // -------------------------- Globals --------------------- {{{1
183 int asan_inited;
184 bool asan_init_is_running;
185 void (*death_callback)(void);
186
187 #if !ASAN_FIXED_MAPPING
188 uptr kHighMemEnd, kMidMemBeg, kMidMemEnd;
189 #endif
190
191 // -------------------------- Misc ---------------- {{{1
192 void ShowStatsAndAbort() {
193 __asan_print_accumulated_stats();
194 Die();
195 }
196
197 // ---------------------- mmap -------------------- {{{1
198 // Reserve memory range [beg, end].
199 static void ReserveShadowMemoryRange(uptr beg, uptr end) {
200 CHECK((beg % GetPageSizeCached()) == 0);
201 CHECK(((end + 1) % GetPageSizeCached()) == 0);
202 uptr size = end - beg + 1;
203 void *res = MmapFixedNoReserve(beg, size);
204 if (res != (void*)beg) {
205 Report("ReserveShadowMemoryRange failed while trying to map 0x%zx bytes. "
206 "Perhaps you're using ulimit -v\n", size);
207 Abort();
208 }
209 }
210
211 // --------------- LowLevelAllocateCallbac ---------- {{{1
212 static void OnLowLevelAllocate(uptr ptr, uptr size) {
213 PoisonShadow(ptr, size, kAsanInternalHeapMagic);
214 }
215
216 // -------------------------- Run-time entry ------------------- {{{1
217 // exported functions
218 #define ASAN_REPORT_ERROR(type, is_write, size) \
219 extern "C" NOINLINE INTERFACE_ATTRIBUTE \
220 void __asan_report_ ## type ## size(uptr addr); \
221 void __asan_report_ ## type ## size(uptr addr) { \
222 GET_CALLER_PC_BP_SP; \
223 __asan_report_error(pc, bp, sp, addr, is_write, size); \
224 }
225
226 ASAN_REPORT_ERROR(load, false, 1)
227 ASAN_REPORT_ERROR(load, false, 2)
228 ASAN_REPORT_ERROR(load, false, 4)
229 ASAN_REPORT_ERROR(load, false, 8)
230 ASAN_REPORT_ERROR(load, false, 16)
231 ASAN_REPORT_ERROR(store, true, 1)
232 ASAN_REPORT_ERROR(store, true, 2)
233 ASAN_REPORT_ERROR(store, true, 4)
234 ASAN_REPORT_ERROR(store, true, 8)
235 ASAN_REPORT_ERROR(store, true, 16)
236
237 #define ASAN_REPORT_ERROR_N(type, is_write) \
238 extern "C" NOINLINE INTERFACE_ATTRIBUTE \
239 void __asan_report_ ## type ## _n(uptr addr, uptr size); \
240 void __asan_report_ ## type ## _n(uptr addr, uptr size) { \
241 GET_CALLER_PC_BP_SP; \
242 __asan_report_error(pc, bp, sp, addr, is_write, size); \
243 }
244
245 ASAN_REPORT_ERROR_N(load, false)
246 ASAN_REPORT_ERROR_N(store, true)
247
248 // Force the linker to keep the symbols for various ASan interface functions.
249 // We want to keep those in the executable in order to let the instrumented
250 // dynamic libraries access the symbol even if it is not used by the executable
251 // itself. This should help if the build system is removing dead code at link
252 // time.
253 static NOINLINE void force_interface_symbols() {
254 volatile int fake_condition = 0; // prevent dead condition elimination.
255 // __asan_report_* functions are noreturn, so we need a switch to prevent
256 // the compiler from removing any of them.
257 switch (fake_condition) {
258 case 1: __asan_report_load1(0); break;
259 case 2: __asan_report_load2(0); break;
260 case 3: __asan_report_load4(0); break;
261 case 4: __asan_report_load8(0); break;
262 case 5: __asan_report_load16(0); break;
263 case 6: __asan_report_store1(0); break;
264 case 7: __asan_report_store2(0); break;
265 case 8: __asan_report_store4(0); break;
266 case 9: __asan_report_store8(0); break;
267 case 10: __asan_report_store16(0); break;
268 case 12: __asan_register_globals(0, 0); break;
269 case 13: __asan_unregister_globals(0, 0); break;
270 case 14: __asan_set_death_callback(0); break;
271 case 15: __asan_set_error_report_callback(0); break;
272 case 16: __asan_handle_no_return(); break;
273 case 17: __asan_address_is_poisoned(0); break;
274 case 18: __asan_get_allocated_size(0); break;
275 case 19: __asan_get_current_allocated_bytes(); break;
276 case 20: __asan_get_estimated_allocated_size(0); break;
277 case 21: __asan_get_free_bytes(); break;
278 case 22: __asan_get_heap_size(); break;
279 case 23: __asan_get_ownership(0); break;
280 case 24: __asan_get_unmapped_bytes(); break;
281 case 25: __asan_poison_memory_region(0, 0); break;
282 case 26: __asan_unpoison_memory_region(0, 0); break;
283 case 27: __asan_set_error_exit_code(0); break;
284 case 28: __asan_stack_free(0, 0, 0); break;
285 case 29: __asan_stack_malloc(0, 0); break;
286 case 30: __asan_before_dynamic_init(0, 0); break;
287 case 31: __asan_after_dynamic_init(); break;
288 case 32: __asan_poison_stack_memory(0, 0); break;
289 case 33: __asan_unpoison_stack_memory(0, 0); break;
290 case 34: __asan_region_is_poisoned(0, 0); break;
291 case 35: __asan_describe_address(0); break;
292 }
293 }
294
295 static void asan_atexit() {
296 Printf("AddressSanitizer exit stats:\n");
297 __asan_print_accumulated_stats();
298 // Print AsanMappingProfile.
299 for (uptr i = 0; i < kAsanMappingProfileSize; i++) {
300 if (AsanMappingProfile[i] == 0) continue;
301 Printf("asan_mapping.h:%zd -- %zd\n", i, AsanMappingProfile[i]);
302 }
303 }
304
305 static void InitializeHighMemEnd() {
306 #if !ASAN_FIXED_MAPPING
307 #if SANITIZER_WORDSIZE == 64
308 # if defined(__powerpc64__)
309 // FIXME:
310 // On PowerPC64 we have two different address space layouts: 44- and 46-bit.
311 // We somehow need to figure our which one we are using now and choose
312 // one of 0x00000fffffffffffUL and 0x00003fffffffffffUL.
313 // Note that with 'ulimit -s unlimited' the stack is moved away from the top
314 // of the address space, so simply checking the stack address is not enough.
315 kHighMemEnd = (1ULL << 44) - 1; // 0x00000fffffffffffUL
316 # else
317 kHighMemEnd = (1ULL << 47) - 1; // 0x00007fffffffffffUL;
318 # endif
319 #else // SANITIZER_WORDSIZE == 32
320 kHighMemEnd = (1ULL << 32) - 1; // 0xffffffff;
321 #endif // SANITIZER_WORDSIZE
322 #endif // !ASAN_FIXED_MAPPING
323 }
324
325 static void ProtectGap(uptr a, uptr size) {
326 CHECK_EQ(a, (uptr)Mprotect(a, size));
327 }
328
329 static void PrintAddressSpaceLayout() {
330 Printf("|| `[%p, %p]` || HighMem ||\n",
331 (void*)kHighMemBeg, (void*)kHighMemEnd);
332 Printf("|| `[%p, %p]` || HighShadow ||\n",
333 (void*)kHighShadowBeg, (void*)kHighShadowEnd);
334 if (kMidMemBeg) {
335 Printf("|| `[%p, %p]` || ShadowGap3 ||\n",
336 (void*)kShadowGap3Beg, (void*)kShadowGap3End);
337 Printf("|| `[%p, %p]` || MidMem ||\n",
338 (void*)kMidMemBeg, (void*)kMidMemEnd);
339 Printf("|| `[%p, %p]` || ShadowGap2 ||\n",
340 (void*)kShadowGap2Beg, (void*)kShadowGap2End);
341 Printf("|| `[%p, %p]` || MidShadow ||\n",
342 (void*)kMidShadowBeg, (void*)kMidShadowEnd);
343 }
344 Printf("|| `[%p, %p]` || ShadowGap ||\n",
345 (void*)kShadowGapBeg, (void*)kShadowGapEnd);
346 if (kLowShadowBeg) {
347 Printf("|| `[%p, %p]` || LowShadow ||\n",
348 (void*)kLowShadowBeg, (void*)kLowShadowEnd);
349 Printf("|| `[%p, %p]` || LowMem ||\n",
350 (void*)kLowMemBeg, (void*)kLowMemEnd);
351 }
352 Printf("MemToShadow(shadow): %p %p %p %p",
353 (void*)MEM_TO_SHADOW(kLowShadowBeg),
354 (void*)MEM_TO_SHADOW(kLowShadowEnd),
355 (void*)MEM_TO_SHADOW(kHighShadowBeg),
356 (void*)MEM_TO_SHADOW(kHighShadowEnd));
357 if (kMidMemBeg) {
358 Printf(" %p %p",
359 (void*)MEM_TO_SHADOW(kMidShadowBeg),
360 (void*)MEM_TO_SHADOW(kMidShadowEnd));
361 }
362 Printf("\n");
363 Printf("red_zone=%zu\n", (uptr)flags()->redzone);
364 Printf("malloc_context_size=%zu\n", (uptr)flags()->malloc_context_size);
365
366 Printf("SHADOW_SCALE: %zx\n", (uptr)SHADOW_SCALE);
367 Printf("SHADOW_GRANULARITY: %zx\n", (uptr)SHADOW_GRANULARITY);
368 Printf("SHADOW_OFFSET: %zx\n", (uptr)SHADOW_OFFSET);
369 CHECK(SHADOW_SCALE >= 3 && SHADOW_SCALE <= 7);
370 if (kMidMemBeg)
371 CHECK(kMidShadowBeg > kLowShadowEnd &&
372 kMidMemBeg > kMidShadowEnd &&
373 kHighShadowBeg > kMidMemEnd);
374 }
375
376 } // namespace __asan
377
378 // ---------------------- Interface ---------------- {{{1
379 using namespace __asan; // NOLINT
380
381 #if !SANITIZER_SUPPORTS_WEAK_HOOKS
382 extern "C" {
383 SANITIZER_WEAK_ATTRIBUTE SANITIZER_INTERFACE_ATTRIBUTE
384 const char* __asan_default_options() { return ""; }
385 } // extern "C"
386 #endif
387
388 int NOINLINE __asan_set_error_exit_code(int exit_code) {
389 int old = flags()->exitcode;
390 flags()->exitcode = exit_code;
391 return old;
392 }
393
394 void NOINLINE __asan_handle_no_return() {
395 int local_stack;
396 AsanThread *curr_thread = asanThreadRegistry().GetCurrent();
397 CHECK(curr_thread);
398 uptr PageSize = GetPageSizeCached();
399 uptr top = curr_thread->stack_top();
400 uptr bottom = ((uptr)&local_stack - PageSize) & ~(PageSize-1);
401 PoisonShadow(bottom, top - bottom, 0);
402 }
403
404 void NOINLINE __asan_set_death_callback(void (*callback)(void)) {
405 death_callback = callback;
406 }
407
408 void __asan_init() {
409 if (asan_inited) return;
410 SanitizerToolName = "AddressSanitizer";
411 CHECK(!asan_init_is_running && "ASan init calls itself!");
412 asan_init_is_running = true;
413 InitializeHighMemEnd();
414
415 // Make sure we are not statically linked.
416 AsanDoesNotSupportStaticLinkage();
417
418 // Install tool-specific callbacks in sanitizer_common.
419 SetDieCallback(AsanDie);
420 SetCheckFailedCallback(AsanCheckFailed);
421 SetPrintfAndReportCallback(AppendToErrorMessageBuffer);
422
423 // Initialize flags. This must be done early, because most of the
424 // initialization steps look at flags().
425 const char *options = GetEnv("ASAN_OPTIONS");
426 InitializeFlags(flags(), options);
427 __sanitizer_set_report_path(flags()->log_path);
428
429 if (flags()->verbosity && options) {
430 Report("Parsed ASAN_OPTIONS: %s\n", options);
431 }
432
433 // Re-exec ourselves if we need to set additional env or command line args.
434 MaybeReexec();
435
436 // Setup internal allocator callback.
437 SetLowLevelAllocateCallback(OnLowLevelAllocate);
438
439 if (flags()->atexit) {
440 Atexit(asan_atexit);
441 }
442
443 // interceptors
444 InitializeAsanInterceptors();
445
446 ReplaceSystemMalloc();
447 ReplaceOperatorsNewAndDelete();
448
449 uptr shadow_start = kLowShadowBeg;
450 if (kLowShadowBeg) shadow_start -= GetMmapGranularity();
451 uptr shadow_end = kHighShadowEnd;
452 bool full_shadow_is_available =
453 MemoryRangeIsAvailable(shadow_start, shadow_end);
454
455 #if ASAN_LINUX && defined(__x86_64__) && !ASAN_FIXED_MAPPING
456 if (!full_shadow_is_available) {
457 kMidMemBeg = kLowMemEnd < 0x3000000000ULL ? 0x3000000000ULL : 0;
458 kMidMemEnd = kLowMemEnd < 0x3000000000ULL ? 0x4fffffffffULL : 0;
459 }
460 #endif
461
462 if (flags()->verbosity)
463 PrintAddressSpaceLayout();
464
465 if (flags()->disable_core) {
466 DisableCoreDumper();
467 }
468
469 if (full_shadow_is_available) {
470 // mmap the low shadow plus at least one page at the left.
471 if (kLowShadowBeg)
472 ReserveShadowMemoryRange(shadow_start, kLowShadowEnd);
473 // mmap the high shadow.
474 ReserveShadowMemoryRange(kHighShadowBeg, kHighShadowEnd);
475 // protect the gap.
476 ProtectGap(kShadowGapBeg, kShadowGapEnd - kShadowGapBeg + 1);
477 } else if (kMidMemBeg &&
478 MemoryRangeIsAvailable(shadow_start, kMidMemBeg - 1) &&
479 MemoryRangeIsAvailable(kMidMemEnd + 1, shadow_end)) {
480 CHECK(kLowShadowBeg != kLowShadowEnd);
481 // mmap the low shadow plus at least one page at the left.
482 ReserveShadowMemoryRange(shadow_start, kLowShadowEnd);
483 // mmap the mid shadow.
484 ReserveShadowMemoryRange(kMidShadowBeg, kMidShadowEnd);
485 // mmap the high shadow.
486 ReserveShadowMemoryRange(kHighShadowBeg, kHighShadowEnd);
487 // protect the gaps.
488 ProtectGap(kShadowGapBeg, kShadowGapEnd - kShadowGapBeg + 1);
489 ProtectGap(kShadowGap2Beg, kShadowGap2End - kShadowGap2Beg + 1);
490 ProtectGap(kShadowGap3Beg, kShadowGap3End - kShadowGap3Beg + 1);
491 } else {
492 Report("Shadow memory range interleaves with an existing memory mapping. "
493 "ASan cannot proceed correctly. ABORTING.\n");
494 DumpProcessMap();
495 Die();
496 }
497
498 InstallSignalHandlers();
499 // Start symbolizer process if necessary.
500 if (flags()->symbolize) {
501 const char *external_symbolizer = GetEnv("ASAN_SYMBOLIZER_PATH");
502 if (external_symbolizer) {
503 InitializeExternalSymbolizer(external_symbolizer);
504 }
505 }
506
507 // On Linux AsanThread::ThreadStart() calls malloc() that's why asan_inited
508 // should be set to 1 prior to initializing the threads.
509 asan_inited = 1;
510 asan_init_is_running = false;
511
512 asanThreadRegistry().Init();
513 asanThreadRegistry().GetMain()->ThreadStart();
514 force_interface_symbols(); // no-op.
515
516 InitializeAllocator();
517
518 if (flags()->verbosity) {
519 Report("AddressSanitizer Init done\n");
520 }
521 }
Mirror of the offical gcc git repository hosted at gcc.gnu.org