asan_rtl.cc revision 33934fff43c5813394fe21e68b8d82b672013465
1//===-- asan_rtl.cc -------------------------------------------------------===// 2// 3// The LLVM Compiler Infrastructure 4// 5// This file is distributed under the University of Illinois Open Source 6// License. See LICENSE.TXT for details. 7// 8//===----------------------------------------------------------------------===// 9// 10// This file is a part of AddressSanitizer, an address sanity checker. 11// 12// Main file of the ASan run-time library. 13//===----------------------------------------------------------------------===// 14#include "asan_allocator.h" 15#include "asan_interceptors.h" 16#include "asan_internal.h" 17#include "asan_mapping.h" 18#include "asan_report.h" 19#include "asan_stack.h" 20#include "asan_stats.h" 21#include "asan_thread.h" 22#include "asan_thread_registry.h" 23#include "sanitizer_common/sanitizer_atomic.h" 24#include "sanitizer_common/sanitizer_flags.h" 25#include "sanitizer_common/sanitizer_libc.h" 26#include "sanitizer_common/sanitizer_symbolizer.h" 27 28namespace __asan { 29 30uptr AsanMappingProfile[kAsanMappingProfileSize]; 31 32static void AsanDie() { 33 static atomic_uint32_t num_calls; 34 if (atomic_fetch_add(&num_calls, 1, memory_order_relaxed) != 0) { 35 // Don't die twice - run a busy loop. 36 while (1) { } 37 } 38 if (flags()->sleep_before_dying) { 39 Report("Sleeping for %d second(s)\n", flags()->sleep_before_dying); 40 SleepForSeconds(flags()->sleep_before_dying); 41 } 42 if (flags()->unmap_shadow_on_exit) { 43 if (kMidMemBeg) { 44 UnmapOrDie((void*)kLowShadowBeg, kMidMemBeg - kLowShadowBeg); 45 UnmapOrDie((void*)kMidMemEnd, kHighShadowEnd - kMidMemEnd); 46 } else { 47 UnmapOrDie((void*)kLowShadowBeg, kHighShadowEnd - kLowShadowBeg); 48 } 49 } 50 if (death_callback) 51 death_callback(); 52 if (flags()->abort_on_error) 53 Abort(); 54 internal__exit(flags()->exitcode); 55} 56 57static void AsanCheckFailed(const char *file, int line, const char *cond, 58 u64 v1, u64 v2) { 59 Report("AddressSanitizer CHECK failed: %s:%d \"%s\" (0x%zx, 0x%zx)\n", 60 file, line, cond, (uptr)v1, (uptr)v2); 61 // FIXME: check for infinite recursion without a thread-local counter here. 62 PRINT_CURRENT_STACK(); 63 Die(); 64} 65 66// -------------------------- Flags ------------------------- {{{1 67static const int kDeafultMallocContextSize = 30; 68 69static Flags asan_flags; 70 71Flags *flags() { 72 return &asan_flags; 73} 74 75static const char *MaybeCallAsanDefaultOptions() { 76 return (&__asan_default_options) ? __asan_default_options() : ""; 77} 78 79static const char *MaybeUseAsanDefaultOptionsCompileDefiniton() { 80#ifdef ASAN_DEFAULT_OPTIONS 81// Stringize the macro value. 82# define ASAN_STRINGIZE(x) #x 83# define ASAN_STRINGIZE_OPTIONS(options) ASAN_STRINGIZE(options) 84 return ASAN_STRINGIZE_OPTIONS(ASAN_DEFAULT_OPTIONS); 85#else 86 return ""; 87#endif 88} 89 90static void ParseFlagsFromString(Flags *f, const char *str) { 91 ParseFlag(str, &f->quarantine_size, "quarantine_size"); 92 ParseFlag(str, &f->symbolize, "symbolize"); 93 ParseFlag(str, &f->verbosity, "verbosity"); 94 ParseFlag(str, &f->redzone, "redzone"); 95 CHECK(f->redzone >= 16); 96 CHECK(IsPowerOfTwo(f->redzone)); 97 98 ParseFlag(str, &f->debug, "debug"); 99 ParseFlag(str, &f->report_globals, "report_globals"); 100 ParseFlag(str, &f->check_initialization_order, "initialization_order"); 101 ParseFlag(str, &f->malloc_context_size, "malloc_context_size"); 102 CHECK((uptr)f->malloc_context_size <= kStackTraceMax); 103 104 ParseFlag(str, &f->replace_str, "replace_str"); 105 ParseFlag(str, &f->replace_intrin, "replace_intrin"); 106 ParseFlag(str, &f->mac_ignore_invalid_free, "mac_ignore_invalid_free"); 107 ParseFlag(str, &f->use_fake_stack, "use_fake_stack"); 108 ParseFlag(str, &f->max_malloc_fill_size, "max_malloc_fill_size"); 109 ParseFlag(str, &f->exitcode, "exitcode"); 110 ParseFlag(str, &f->allow_user_poisoning, "allow_user_poisoning"); 111 ParseFlag(str, &f->sleep_before_dying, "sleep_before_dying"); 112 ParseFlag(str, &f->handle_segv, "handle_segv"); 113 ParseFlag(str, &f->use_sigaltstack, "use_sigaltstack"); 114 ParseFlag(str, &f->check_malloc_usable_size, "check_malloc_usable_size"); 115 ParseFlag(str, &f->unmap_shadow_on_exit, "unmap_shadow_on_exit"); 116 ParseFlag(str, &f->abort_on_error, "abort_on_error"); 117 ParseFlag(str, &f->print_stats, "print_stats"); 118 ParseFlag(str, &f->print_legend, "print_legend"); 119 ParseFlag(str, &f->atexit, "atexit"); 120 ParseFlag(str, &f->disable_core, "disable_core"); 121 ParseFlag(str, &f->strip_path_prefix, "strip_path_prefix"); 122 ParseFlag(str, &f->allow_reexec, "allow_reexec"); 123 ParseFlag(str, &f->print_full_thread_history, "print_full_thread_history"); 124 ParseFlag(str, &f->log_path, "log_path"); 125 ParseFlag(str, &f->fast_unwind_on_fatal, "fast_unwind_on_fatal"); 126 ParseFlag(str, &f->fast_unwind_on_malloc, "fast_unwind_on_malloc"); 127 ParseFlag(str, &f->poison_heap, "poison_heap"); 128 ParseFlag(str, &f->alloc_dealloc_mismatch, "alloc_dealloc_mismatch"); 129 ParseFlag(str, &f->use_stack_depot, "use_stack_depot"); 130} 131 132void InitializeFlags(Flags *f, const char *env) { 133 internal_memset(f, 0, sizeof(*f)); 134 135 f->quarantine_size = (ASAN_LOW_MEMORY) ? 1UL << 26 : 1UL << 28; 136 f->symbolize = false; 137 f->verbosity = 0; 138 f->redzone = ASAN_ALLOCATOR_VERSION == 2 ? 16 : (ASAN_LOW_MEMORY) ? 64 : 128; 139 f->debug = false; 140 f->report_globals = 1; 141 f->check_initialization_order = true; 142 f->malloc_context_size = kDeafultMallocContextSize; 143 f->replace_str = true; 144 f->replace_intrin = true; 145 f->mac_ignore_invalid_free = false; 146 f->use_fake_stack = true; 147 f->max_malloc_fill_size = 0; 148 f->exitcode = ASAN_DEFAULT_FAILURE_EXITCODE; 149 f->allow_user_poisoning = true; 150 f->sleep_before_dying = 0; 151 f->handle_segv = ASAN_NEEDS_SEGV; 152 f->use_sigaltstack = false; 153 f->check_malloc_usable_size = true; 154 f->unmap_shadow_on_exit = false; 155 f->abort_on_error = false; 156 f->print_stats = false; 157 f->print_legend = true; 158 f->atexit = false; 159 f->disable_core = (SANITIZER_WORDSIZE == 64); 160 f->strip_path_prefix = ""; 161 f->allow_reexec = true; 162 f->print_full_thread_history = true; 163 f->log_path = 0; 164 f->fast_unwind_on_fatal = false; 165 f->fast_unwind_on_malloc = true; 166 f->poison_heap = true; 167 // Turn off alloc/dealloc mismatch checker on Mac for now. 168 // TODO(glider): Fix known issues and enable this back. 169 f->alloc_dealloc_mismatch = (ASAN_MAC == 0);; 170 f->use_stack_depot = true; // Only affects allocator2. 171 172 // Override from compile definition. 173 ParseFlagsFromString(f, MaybeUseAsanDefaultOptionsCompileDefiniton()); 174 175 // Override from user-specified string. 176 ParseFlagsFromString(f, MaybeCallAsanDefaultOptions()); 177 if (flags()->verbosity) { 178 Report("Using the defaults from __asan_default_options: %s\n", 179 MaybeCallAsanDefaultOptions()); 180 } 181 182 // Override from command line. 183 ParseFlagsFromString(f, env); 184} 185 186// -------------------------- Globals --------------------- {{{1 187int asan_inited; 188bool asan_init_is_running; 189void (*death_callback)(void); 190 191#if !ASAN_FIXED_MAPPING 192uptr kHighMemEnd, kMidMemBeg, kMidMemEnd; 193#endif 194 195// -------------------------- Misc ---------------- {{{1 196void ShowStatsAndAbort() { 197 __asan_print_accumulated_stats(); 198 Die(); 199} 200 201// ---------------------- mmap -------------------- {{{1 202// Reserve memory range [beg, end]. 203static void ReserveShadowMemoryRange(uptr beg, uptr end) { 204 CHECK((beg % GetPageSizeCached()) == 0); 205 CHECK(((end + 1) % GetPageSizeCached()) == 0); 206 uptr size = end - beg + 1; 207 void *res = MmapFixedNoReserve(beg, size); 208 if (res != (void*)beg) { 209 Report("ReserveShadowMemoryRange failed while trying to map 0x%zx bytes. " 210 "Perhaps you're using ulimit -v\n", size); 211 Abort(); 212 } 213} 214 215// --------------- LowLevelAllocateCallbac ---------- {{{1 216static void OnLowLevelAllocate(uptr ptr, uptr size) { 217 PoisonShadow(ptr, size, kAsanInternalHeapMagic); 218} 219 220// -------------------------- Run-time entry ------------------- {{{1 221// exported functions 222#define ASAN_REPORT_ERROR(type, is_write, size) \ 223extern "C" NOINLINE INTERFACE_ATTRIBUTE \ 224void __asan_report_ ## type ## size(uptr addr); \ 225void __asan_report_ ## type ## size(uptr addr) { \ 226 GET_CALLER_PC_BP_SP; \ 227 __asan_report_error(pc, bp, sp, addr, is_write, size); \ 228} 229 230ASAN_REPORT_ERROR(load, false, 1) 231ASAN_REPORT_ERROR(load, false, 2) 232ASAN_REPORT_ERROR(load, false, 4) 233ASAN_REPORT_ERROR(load, false, 8) 234ASAN_REPORT_ERROR(load, false, 16) 235ASAN_REPORT_ERROR(store, true, 1) 236ASAN_REPORT_ERROR(store, true, 2) 237ASAN_REPORT_ERROR(store, true, 4) 238ASAN_REPORT_ERROR(store, true, 8) 239ASAN_REPORT_ERROR(store, true, 16) 240 241#define ASAN_REPORT_ERROR_N(type, is_write) \ 242extern "C" NOINLINE INTERFACE_ATTRIBUTE \ 243void __asan_report_ ## type ## _n(uptr addr, uptr size); \ 244void __asan_report_ ## type ## _n(uptr addr, uptr size) { \ 245 GET_CALLER_PC_BP_SP; \ 246 __asan_report_error(pc, bp, sp, addr, is_write, size); \ 247} 248 249ASAN_REPORT_ERROR_N(load, false) 250ASAN_REPORT_ERROR_N(store, true) 251 252// Force the linker to keep the symbols for various ASan interface functions. 253// We want to keep those in the executable in order to let the instrumented 254// dynamic libraries access the symbol even if it is not used by the executable 255// itself. This should help if the build system is removing dead code at link 256// time. 257static NOINLINE void force_interface_symbols() { 258 volatile int fake_condition = 0; // prevent dead condition elimination. 259 // __asan_report_* functions are noreturn, so we need a switch to prevent 260 // the compiler from removing any of them. 261 switch (fake_condition) { 262 case 1: __asan_report_load1(0); break; 263 case 2: __asan_report_load2(0); break; 264 case 3: __asan_report_load4(0); break; 265 case 4: __asan_report_load8(0); break; 266 case 5: __asan_report_load16(0); break; 267 case 6: __asan_report_store1(0); break; 268 case 7: __asan_report_store2(0); break; 269 case 8: __asan_report_store4(0); break; 270 case 9: __asan_report_store8(0); break; 271 case 10: __asan_report_store16(0); break; 272 case 12: __asan_register_globals(0, 0); break; 273 case 13: __asan_unregister_globals(0, 0); break; 274 case 14: __asan_set_death_callback(0); break; 275 case 15: __asan_set_error_report_callback(0); break; 276 case 16: __asan_handle_no_return(); break; 277 case 17: __asan_address_is_poisoned(0); break; 278 case 18: __asan_get_allocated_size(0); break; 279 case 19: __asan_get_current_allocated_bytes(); break; 280 case 20: __asan_get_estimated_allocated_size(0); break; 281 case 21: __asan_get_free_bytes(); break; 282 case 22: __asan_get_heap_size(); break; 283 case 23: __asan_get_ownership(0); break; 284 case 24: __asan_get_unmapped_bytes(); break; 285 case 25: __asan_poison_memory_region(0, 0); break; 286 case 26: __asan_unpoison_memory_region(0, 0); break; 287 case 27: __asan_set_error_exit_code(0); break; 288 case 28: __asan_stack_free(0, 0, 0); break; 289 case 29: __asan_stack_malloc(0, 0); break; 290 case 30: __asan_before_dynamic_init(0, 0); break; 291 case 31: __asan_after_dynamic_init(); break; 292 case 32: __asan_poison_stack_memory(0, 0); break; 293 case 33: __asan_unpoison_stack_memory(0, 0); break; 294 case 34: __asan_region_is_poisoned(0, 0); break; 295 case 35: __asan_describe_address(0); break; 296 } 297} 298 299static void asan_atexit() { 300 Printf("AddressSanitizer exit stats:\n"); 301 __asan_print_accumulated_stats(); 302 // Print AsanMappingProfile. 303 for (uptr i = 0; i < kAsanMappingProfileSize; i++) { 304 if (AsanMappingProfile[i] == 0) continue; 305 Printf("asan_mapping.h:%zd -- %zd\n", i, AsanMappingProfile[i]); 306 } 307} 308 309static void InitializeHighMemEnd() { 310#if !ASAN_FIXED_MAPPING 311#if SANITIZER_WORDSIZE == 64 312# if defined(__powerpc64__) 313 // FIXME: 314 // On PowerPC64 we have two different address space layouts: 44- and 46-bit. 315 // We somehow need to figure our which one we are using now and choose 316 // one of 0x00000fffffffffffUL and 0x00003fffffffffffUL. 317 // Note that with 'ulimit -s unlimited' the stack is moved away from the top 318 // of the address space, so simply checking the stack address is not enough. 319 kHighMemEnd = (1ULL << 44) - 1; // 0x00000fffffffffffUL 320# else 321 kHighMemEnd = (1ULL << 47) - 1; // 0x00007fffffffffffUL; 322# endif 323#else // SANITIZER_WORDSIZE == 32 324 kHighMemEnd = (1ULL << 32) - 1; // 0xffffffff; 325#endif // SANITIZER_WORDSIZE 326#endif // !ASAN_FIXED_MAPPING 327} 328 329static void ProtectGap(uptr a, uptr size) { 330 CHECK_EQ(a, (uptr)Mprotect(a, size)); 331} 332 333static void PrintAddressSpaceLayout() { 334 Printf("|| `[%p, %p]` || HighMem ||\n", 335 (void*)kHighMemBeg, (void*)kHighMemEnd); 336 Printf("|| `[%p, %p]` || HighShadow ||\n", 337 (void*)kHighShadowBeg, (void*)kHighShadowEnd); 338 if (kMidMemBeg) { 339 Printf("|| `[%p, %p]` || ShadowGap3 ||\n", 340 (void*)kShadowGap3Beg, (void*)kShadowGap3End); 341 Printf("|| `[%p, %p]` || MidMem ||\n", 342 (void*)kMidMemBeg, (void*)kMidMemEnd); 343 Printf("|| `[%p, %p]` || ShadowGap2 ||\n", 344 (void*)kShadowGap2Beg, (void*)kShadowGap2End); 345 Printf("|| `[%p, %p]` || MidShadow ||\n", 346 (void*)kMidShadowBeg, (void*)kMidShadowEnd); 347 } 348 Printf("|| `[%p, %p]` || ShadowGap ||\n", 349 (void*)kShadowGapBeg, (void*)kShadowGapEnd); 350 if (kLowShadowBeg) { 351 Printf("|| `[%p, %p]` || LowShadow ||\n", 352 (void*)kLowShadowBeg, (void*)kLowShadowEnd); 353 Printf("|| `[%p, %p]` || LowMem ||\n", 354 (void*)kLowMemBeg, (void*)kLowMemEnd); 355 } 356 Printf("MemToShadow(shadow): %p %p %p %p", 357 (void*)MEM_TO_SHADOW(kLowShadowBeg), 358 (void*)MEM_TO_SHADOW(kLowShadowEnd), 359 (void*)MEM_TO_SHADOW(kHighShadowBeg), 360 (void*)MEM_TO_SHADOW(kHighShadowEnd)); 361 if (kMidMemBeg) { 362 Printf(" %p %p", 363 (void*)MEM_TO_SHADOW(kMidShadowBeg), 364 (void*)MEM_TO_SHADOW(kMidShadowEnd)); 365 } 366 Printf("\n"); 367 Printf("red_zone=%zu\n", (uptr)flags()->redzone); 368 Printf("malloc_context_size=%zu\n", (uptr)flags()->malloc_context_size); 369 370 Printf("SHADOW_SCALE: %zx\n", (uptr)SHADOW_SCALE); 371 Printf("SHADOW_GRANULARITY: %zx\n", (uptr)SHADOW_GRANULARITY); 372 Printf("SHADOW_OFFSET: %zx\n", (uptr)SHADOW_OFFSET); 373 CHECK(SHADOW_SCALE >= 3 && SHADOW_SCALE <= 7); 374 if (kMidMemBeg) 375 CHECK(kMidShadowBeg > kLowShadowEnd && 376 kMidMemBeg > kMidShadowEnd && 377 kHighShadowBeg > kMidMemEnd); 378} 379 380} // namespace __asan 381 382// ---------------------- Interface ---------------- {{{1 383using namespace __asan; // NOLINT 384 385#if !SANITIZER_SUPPORTS_WEAK_HOOKS 386extern "C" { 387SANITIZER_WEAK_ATTRIBUTE SANITIZER_INTERFACE_ATTRIBUTE 388const char* __asan_default_options() { return ""; } 389} // extern "C" 390#endif 391 392int NOINLINE __asan_set_error_exit_code(int exit_code) { 393 int old = flags()->exitcode; 394 flags()->exitcode = exit_code; 395 return old; 396} 397 398void NOINLINE __asan_handle_no_return() { 399 int local_stack; 400 AsanThread *curr_thread = asanThreadRegistry().GetCurrent(); 401 CHECK(curr_thread); 402 uptr PageSize = GetPageSizeCached(); 403 uptr top = curr_thread->stack_top(); 404 uptr bottom = ((uptr)&local_stack - PageSize) & ~(PageSize-1); 405 PoisonShadow(bottom, top - bottom, 0); 406} 407 408void NOINLINE __asan_set_death_callback(void (*callback)(void)) { 409 death_callback = callback; 410} 411 412void __asan_init() { 413 if (asan_inited) return; 414 SanitizerToolName = "AddressSanitizer"; 415 CHECK(!asan_init_is_running && "ASan init calls itself!"); 416 asan_init_is_running = true; 417 InitializeHighMemEnd(); 418 419 // Make sure we are not statically linked. 420 AsanDoesNotSupportStaticLinkage(); 421 422 // Install tool-specific callbacks in sanitizer_common. 423 SetDieCallback(AsanDie); 424 SetCheckFailedCallback(AsanCheckFailed); 425 SetPrintfAndReportCallback(AppendToErrorMessageBuffer); 426 427 // Initialize flags. This must be done early, because most of the 428 // initialization steps look at flags(). 429 const char *options = GetEnv("ASAN_OPTIONS"); 430 InitializeFlags(flags(), options); 431 __sanitizer_set_report_path(flags()->log_path); 432 433 if (flags()->verbosity && options) { 434 Report("Parsed ASAN_OPTIONS: %s\n", options); 435 } 436 437 // Re-exec ourselves if we need to set additional env or command line args. 438 MaybeReexec(); 439 440 // Setup internal allocator callback. 441 SetLowLevelAllocateCallback(OnLowLevelAllocate); 442 443 if (flags()->atexit) { 444 Atexit(asan_atexit); 445 } 446 447 // interceptors 448 InitializeAsanInterceptors(); 449 450 ReplaceSystemMalloc(); 451 ReplaceOperatorsNewAndDelete(); 452 453 uptr shadow_start = kLowShadowBeg; 454 if (kLowShadowBeg) shadow_start -= GetMmapGranularity(); 455 uptr shadow_end = kHighShadowEnd; 456 bool full_shadow_is_available = 457 MemoryRangeIsAvailable(shadow_start, shadow_end); 458 459#if ASAN_LINUX && defined(__x86_64__) && !ASAN_FIXED_MAPPING 460 if (!full_shadow_is_available) { 461 kMidMemBeg = kLowMemEnd < 0x3000000000ULL ? 0x3000000000ULL : 0; 462 kMidMemEnd = kLowMemEnd < 0x3000000000ULL ? 0x3fffffffffULL : 0; 463 } 464#endif 465 466 if (flags()->verbosity) 467 PrintAddressSpaceLayout(); 468 469 if (flags()->disable_core) { 470 DisableCoreDumper(); 471 } 472 473 if (full_shadow_is_available) { 474 // mmap the low shadow plus at least one page at the left. 475 if (kLowShadowBeg) 476 ReserveShadowMemoryRange(shadow_start, kLowShadowEnd); 477 // mmap the high shadow. 478 ReserveShadowMemoryRange(kHighShadowBeg, kHighShadowEnd); 479 // protect the gap. 480 ProtectGap(kShadowGapBeg, kShadowGapEnd - kShadowGapBeg + 1); 481 } else if (kMidMemBeg && 482 MemoryRangeIsAvailable(shadow_start, kMidMemBeg - 1) && 483 MemoryRangeIsAvailable(kMidMemEnd + 1, shadow_end)) { 484 CHECK(kLowShadowBeg != kLowShadowEnd); 485 // mmap the low shadow plus at least one page at the left. 486 ReserveShadowMemoryRange(shadow_start, kLowShadowEnd); 487 // mmap the mid shadow. 488 ReserveShadowMemoryRange(kMidShadowBeg, kMidShadowEnd); 489 // mmap the high shadow. 490 ReserveShadowMemoryRange(kHighShadowBeg, kHighShadowEnd); 491 // protect the gaps. 492 ProtectGap(kShadowGapBeg, kShadowGapEnd - kShadowGapBeg + 1); 493 ProtectGap(kShadowGap2Beg, kShadowGap2End - kShadowGap2Beg + 1); 494 ProtectGap(kShadowGap3Beg, kShadowGap3End - kShadowGap3Beg + 1); 495 } else { 496 Report("Shadow memory range interleaves with an existing memory mapping. " 497 "ASan cannot proceed correctly. ABORTING.\n"); 498 DumpProcessMap(); 499 Die(); 500 } 501 502 InstallSignalHandlers(); 503 // Start symbolizer process if necessary. 504 if (flags()->symbolize) { 505 const char *external_symbolizer = GetEnv("ASAN_SYMBOLIZER_PATH"); 506 if (external_symbolizer) { 507 InitializeExternalSymbolizer(external_symbolizer); 508 } 509 } 510 511 // On Linux AsanThread::ThreadStart() calls malloc() that's why asan_inited 512 // should be set to 1 prior to initializing the threads. 513 asan_inited = 1; 514 asan_init_is_running = false; 515 516 asanThreadRegistry().Init(); 517 asanThreadRegistry().GetMain()->ThreadStart(); 518 force_interface_symbols(); // no-op. 519 520 InitializeAllocator(); 521 522 if (flags()->verbosity) { 523 Report("AddressSanitizer Init done\n"); 524 } 525} 526