asan_rtl.cc revision 70e177e29c6f9ac987b65a79f6b4f3ebdabc75cc
15821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)//===-- asan_rtl.cc -------------------------------------------------------===// 25821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)// 35821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)// The LLVM Compiler Infrastructure 45821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)// 55821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)// This file is distributed under the University of Illinois Open Source 65821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)// License. See LICENSE.TXT for details. 75821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)// 85821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)//===----------------------------------------------------------------------===// 95d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles)// 105821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)// This file is a part of AddressSanitizer, an address sanity checker. 112a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles)// 125821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)// Main file of the ASan run-time library. 132a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles)//===----------------------------------------------------------------------===// 145821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)#include "asan_allocator.h" 155821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)#include "asan_interceptors.h" 162a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles)#include "asan_interface.h" 175821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)#include "asan_internal.h" 185821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)#include "asan_lock.h" 195821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)#include "asan_mapping.h" 205821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)#include "asan_report.h" 21c2e0dbddbe15c98d52c4786dac06cb8952a8ae6dTorne (Richard Coles)#include "asan_stack.h" 225821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)#include "asan_stats.h" 23868fa2fe829687343ffae624259930155e16dbd8Torne (Richard Coles)#include "asan_thread.h" 245821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)#include "asan_thread_registry.h" 255821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)#include "sanitizer_common/sanitizer_atomic.h" 265821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)#include "sanitizer_common/sanitizer_flags.h" 275821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)#include "sanitizer_common/sanitizer_libc.h" 285821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)#include "sanitizer_common/sanitizer_symbolizer.h" 295821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 305821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)namespace __sanitizer { 315821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)using namespace __asan; 325821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 335821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)void Die() { 345821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) static atomic_uint32_t num_calls; 355821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) if (atomic_fetch_add(&num_calls, 1, memory_order_relaxed) != 0) { 365821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) // Don't die twice - run a busy loop. 375821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) while (1) { } 385821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) } 395821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) if (flags()->sleep_before_dying) { 405821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) Report("Sleeping for %d second(s)\n", flags()->sleep_before_dying); 415821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) SleepForSeconds(flags()->sleep_before_dying); 425821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) } 435821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) if (flags()->unmap_shadow_on_exit) 445821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) UnmapOrDie((void*)kLowShadowBeg, kHighShadowEnd - kLowShadowBeg); 455821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) if (death_callback) 465821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) death_callback(); 472a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) if (flags()->abort_on_error) 485821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) Abort(); 495821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) Exit(flags()->exitcode); 505821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)} 515821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 525821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)SANITIZER_INTERFACE_ATTRIBUTE 535821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)void CheckFailed(const char *file, int line, const char *cond, u64 v1, u64 v2) { 545821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) AsanReport("AddressSanitizer CHECK failed: %s:%d \"%s\" (0x%zx, 0x%zx)\n", 555821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) file, line, cond, (uptr)v1, (uptr)v2); 565821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) PRINT_CURRENT_STACK(); 575821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) ShowStatsAndAbort(); 585821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)} 595821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 605821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)} // namespace __sanitizer 615821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 625821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)namespace __asan { 635821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 645821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)// -------------------------- Flags ------------------------- {{{1 655821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)static const int kMallocContextSize = 30; 662a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) 672a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles)static Flags asan_flags; 682a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) 695821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)Flags *flags() { 705821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) return &asan_flags; 715821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)} 725821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 735821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)static void ParseFlagsFromString(Flags *f, const char *str) { 745821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) ParseFlag(str, &f->quarantine_size, "quarantine_size"); 755821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) ParseFlag(str, &f->symbolize, "symbolize"); 765821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) ParseFlag(str, &f->verbosity, "verbosity"); 775821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) ParseFlag(str, &f->redzone, "redzone"); 785821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) CHECK(f->redzone >= 16); 795821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) CHECK(IsPowerOfTwo(f->redzone)); 805821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 815821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) ParseFlag(str, &f->debug, "debug"); 825821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) ParseFlag(str, &f->report_globals, "report_globals"); 835821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) ParseFlag(str, &f->check_initialization_order, "initialization_order"); 845821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) ParseFlag(str, &f->malloc_context_size, "malloc_context_size"); 855821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) CHECK(f->malloc_context_size <= kMallocContextSize); 865821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 875821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) ParseFlag(str, &f->replace_str, "replace_str"); 885821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) ParseFlag(str, &f->replace_intrin, "replace_intrin"); 895821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) ParseFlag(str, &f->replace_cfallocator, "replace_cfallocator"); 905821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) ParseFlag(str, &f->mac_ignore_invalid_free, "mac_ignore_invalid_free"); 915821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) ParseFlag(str, &f->use_fake_stack, "use_fake_stack"); 925821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) ParseFlag(str, &f->max_malloc_fill_size, "max_malloc_fill_size"); 935821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) ParseFlag(str, &f->exitcode, "exitcode"); 945821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) ParseFlag(str, &f->allow_user_poisoning, "allow_user_poisoning"); 955821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) ParseFlag(str, &f->sleep_before_dying, "sleep_before_dying"); 965821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) ParseFlag(str, &f->handle_segv, "handle_segv"); 975821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) ParseFlag(str, &f->use_sigaltstack, "use_sigaltstack"); 985821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) ParseFlag(str, &f->check_malloc_usable_size, "check_malloc_usable_size"); 995821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) ParseFlag(str, &f->unmap_shadow_on_exit, "unmap_shadow_on_exit"); 1005821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) ParseFlag(str, &f->abort_on_error, "abort_on_error"); 1015821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) ParseFlag(str, &f->atexit, "atexit"); 1025821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) ParseFlag(str, &f->disable_core, "disable_core"); 103a02191e04bc25c4935f804f2c080ae28663d096dBen Murdoch ParseFlag(str, &f->strip_path_prefix, "strip_path_prefix"); 104a02191e04bc25c4935f804f2c080ae28663d096dBen Murdoch ParseFlag(str, &f->allow_reexec, "allow_reexec"); 105a02191e04bc25c4935f804f2c080ae28663d096dBen Murdoch} 1065821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 1075821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)extern "C" { 1085821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)SANITIZER_WEAK_ATTRIBUTE 1095821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)SANITIZER_INTERFACE_ATTRIBUTE 1105821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)const char* __asan_default_options() { return ""; } 1115821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)} // extern "C" 1125821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 1135821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)void InitializeFlags(Flags *f, const char *env) { 1145821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) internal_memset(f, 0, sizeof(*f)); 1155821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 1165821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) f->quarantine_size = (ASAN_LOW_MEMORY) ? 1UL << 24 : 1UL << 28; 1175821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) f->symbolize = false; 118a02191e04bc25c4935f804f2c080ae28663d096dBen Murdoch f->verbosity = 0; 1195821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) f->redzone = (ASAN_LOW_MEMORY) ? 64 : 128; 1205821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) f->debug = false; 1215d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) f->report_globals = 1; 1225d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) f->check_initialization_order = true; 1235821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) f->malloc_context_size = kMallocContextSize; 1245821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) f->replace_str = true; 1255821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) f->replace_intrin = true; 1265821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) f->replace_cfallocator = true; 1275821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) f->mac_ignore_invalid_free = false; 1285821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) f->use_fake_stack = true; 1295821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) f->max_malloc_fill_size = 0; 130a02191e04bc25c4935f804f2c080ae28663d096dBen Murdoch f->exitcode = ASAN_DEFAULT_FAILURE_EXITCODE; 131a02191e04bc25c4935f804f2c080ae28663d096dBen Murdoch f->allow_user_poisoning = true; 132a02191e04bc25c4935f804f2c080ae28663d096dBen Murdoch f->sleep_before_dying = 0; 133a02191e04bc25c4935f804f2c080ae28663d096dBen Murdoch f->handle_segv = ASAN_NEEDS_SEGV; 1345821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) f->use_sigaltstack = false; 1355821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) f->check_malloc_usable_size = true; 1365821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) f->unmap_shadow_on_exit = false; 1375821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) f->abort_on_error = false; 1385821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) f->atexit = false; 1395821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) f->disable_core = (__WORDSIZE == 64); 1402a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) f->strip_path_prefix = ""; 1412a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) f->allow_reexec = true; 1425821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 143a3f6a49ab37290eeeb8db0f41ec0f1cb74a68be7Torne (Richard Coles) // Override from user-specified string. 1445821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) ParseFlagsFromString(f, __asan_default_options()); 1455d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) if (flags()->verbosity) { 1465d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) Report("Using the defaults from __asan_default_options: %s\n", 1475821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) __asan_default_options()); 1485821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) } 1495821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 1505821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) // Override from command line. 1515821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) ParseFlagsFromString(f, env); 1525d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles)} 1535d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) 1545821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)// -------------------------- Globals --------------------- {{{1 1555821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)int asan_inited; 1565821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)bool asan_init_is_running; 1575821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)void (*death_callback)(void); 1585821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 1595821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)// -------------------------- Misc ---------------- {{{1 1605821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)void ShowStatsAndAbort() { 1615821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) __asan_print_accumulated_stats(); 1625821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) Die(); 1635821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)} 1645821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 1655821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)// ---------------------- mmap -------------------- {{{1 1665821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)// Reserve memory range [beg, end]. 1675821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)static void ReserveShadowMemoryRange(uptr beg, uptr end) { 1685821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) CHECK((beg % kPageSize) == 0); 1695821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) CHECK(((end + 1) % kPageSize) == 0); 1705821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) uptr size = end - beg + 1; 1715821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) void *res = MmapFixedNoReserve(beg, size); 1725821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) CHECK(res == (void*)beg && "ReserveShadowMemoryRange failed"); 1735821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)} 1745821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 1755821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)// --------------- LowLevelAllocateCallbac ---------- {{{1 1765821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)static void OnLowLevelAllocate(uptr ptr, uptr size) { 1775821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) PoisonShadow(ptr, size, kAsanInternalHeapMagic); 1785821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)} 1795821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 1802a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles)// -------------------------- Run-time entry ------------------- {{{1 1812a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles)// exported functions 1822a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles)#define ASAN_REPORT_ERROR(type, is_write, size) \ 1835821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)extern "C" NOINLINE INTERFACE_ATTRIBUTE \ 184a1401311d1ab56c4ed0a474bd38c108f75cb0cd9Torne (Richard Coles)void __asan_report_ ## type ## size(uptr addr); \ 1852a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles)void __asan_report_ ## type ## size(uptr addr) { \ 1865821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) GET_CALLER_PC_BP_SP; \ 1875821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) __asan_report_error(pc, bp, sp, addr, is_write, size); \ 1885821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)} 1892a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) 1905821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)ASAN_REPORT_ERROR(load, false, 1) 1915821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)ASAN_REPORT_ERROR(load, false, 2) 1925821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)ASAN_REPORT_ERROR(load, false, 4) 1935821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)ASAN_REPORT_ERROR(load, false, 8) 1945d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles)ASAN_REPORT_ERROR(load, false, 16) 1955d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles)ASAN_REPORT_ERROR(store, true, 1) 1965d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles)ASAN_REPORT_ERROR(store, true, 2) 1975d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles)ASAN_REPORT_ERROR(store, true, 4) 1985d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles)ASAN_REPORT_ERROR(store, true, 8) 1995821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)ASAN_REPORT_ERROR(store, true, 16) 2005d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) 2015d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles)// Force the linker to keep the symbols for various ASan interface functions. 2025821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)// We want to keep those in the executable in order to let the instrumented 2035821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)// dynamic libraries access the symbol even if it is not used by the executable 2045821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)// itself. This should help if the build system is removing dead code at link 2052a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles)// time. 2065821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)static NOINLINE void force_interface_symbols() { 2075821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) volatile int fake_condition = 0; // prevent dead condition elimination. 2085821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) // __asan_report_* functions are noreturn, so we need a switch to prevent 2095821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) // the compiler from removing any of them. 2105821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) switch (fake_condition) { 2115821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) case 1: __asan_report_load1(0); break; 2122a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) case 2: __asan_report_load2(0); break; 2135821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) case 3: __asan_report_load4(0); break; 2145821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) case 4: __asan_report_load8(0); break; 21590dce4d38c5ff5333bea97d859d4e484e27edf0cTorne (Richard Coles) case 5: __asan_report_load16(0); break; 21690dce4d38c5ff5333bea97d859d4e484e27edf0cTorne (Richard Coles) case 6: __asan_report_store1(0); break; 21790dce4d38c5ff5333bea97d859d4e484e27edf0cTorne (Richard Coles) case 7: __asan_report_store2(0); break; 2185821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) case 8: __asan_report_store4(0); break; 2195821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) case 9: __asan_report_store8(0); break; 2205821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) case 10: __asan_report_store16(0); break; 2215821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) case 11: __asan_register_global(0, 0, 0); break; 2222a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) case 12: __asan_register_globals(0, 0); break; 2235821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) case 13: __asan_unregister_globals(0, 0); break; 2245821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) case 14: __asan_set_death_callback(0); break; 2255821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) case 15: __asan_set_error_report_callback(0); break; 2265821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) case 16: __asan_handle_no_return(); break; 2275821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) case 17: __asan_address_is_poisoned(0); break; 2285821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) case 18: __asan_get_allocated_size(0); break; 2295821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) case 19: __asan_get_current_allocated_bytes(); break; 2305821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) case 20: __asan_get_estimated_allocated_size(0); break; 2315821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) case 21: __asan_get_free_bytes(); break; 2325821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) case 22: __asan_get_heap_size(); break; 2335821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) case 23: __asan_get_ownership(0); break; 2345821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) case 24: __asan_get_unmapped_bytes(); break; 2355821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) case 25: __asan_poison_memory_region(0, 0); break; 2365821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) case 26: __asan_unpoison_memory_region(0, 0); break; 2375821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) case 27: __asan_set_error_exit_code(0); break; 2385821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) case 28: __asan_stack_free(0, 0, 0); break; 2395821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) case 29: __asan_stack_malloc(0, 0); break; 2405821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) case 30: __asan_set_on_error_callback(0); break; 2415821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) case 31: __asan_default_options(); break; 2425821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) case 32: __asan_before_dynamic_init(0, 0); break; 2435821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) case 33: __asan_after_dynamic_init(); break; 2445821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) case 34: __asan_malloc_hook(0, 0); break; 2455821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) case 35: __asan_free_hook(0); break; 2465821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) case 36: __asan_set_symbolize_callback(0); break; 2475821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) } 2485821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)} 2495821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 2505821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)static void asan_atexit() { 2515821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) AsanPrintf("AddressSanitizer exit stats:\n"); 2525821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) __asan_print_accumulated_stats(); 2535821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)} 2545821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 2555821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)} // namespace __asan 2565821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 25768043e1e95eeb07d5cae7aca370b26518b0867d6Torne (Richard Coles)// ---------------------- Interface ---------------- {{{1 2585821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)using namespace __asan; // NOLINT 2595821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 260a1401311d1ab56c4ed0a474bd38c108f75cb0cd9Torne (Richard Coles)int NOINLINE __asan_set_error_exit_code(int exit_code) { 2612a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) int old = flags()->exitcode; 2625821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) flags()->exitcode = exit_code; 2635821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) return old; 2645821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)} 2655821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 2665821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)void NOINLINE __asan_handle_no_return() { 2675821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) int local_stack; 2685821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) AsanThread *curr_thread = asanThreadRegistry().GetCurrent(); 2695821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) CHECK(curr_thread); 2705821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) uptr top = curr_thread->stack_top(); 2715821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) uptr bottom = ((uptr)&local_stack - kPageSize) & ~(kPageSize-1); 2725821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) PoisonShadow(bottom, top - bottom, 0); 2735821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)} 2745821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 2755821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)void NOINLINE __asan_set_death_callback(void (*callback)(void)) { 2765821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) death_callback = callback; 2775821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)} 278 279void __asan_init() { 280 if (asan_inited) return; 281 CHECK(!asan_init_is_running && "ASan init calls itself!"); 282 asan_init_is_running = true; 283 284 // Setup internal allocator callback. 285 SetLowLevelAllocateCallback(OnLowLevelAllocate); 286 287 // Make sure we are not statically linked. 288 AsanDoesNotSupportStaticLinkage(); 289 290 // Initialize flags. This must be done early, because most of the 291 // initialization steps look at flags(). 292 const char *options = GetEnv("ASAN_OPTIONS"); 293 InitializeFlags(flags(), options); 294 295 if (flags()->verbosity && options) { 296 Report("Parsed ASAN_OPTIONS: %s\n", options); 297 } 298 299 // Re-exec ourselves if we need to set additional env or command line args. 300 MaybeReexec(); 301 302 if (flags()->atexit) { 303 Atexit(asan_atexit); 304 } 305 306 // interceptors 307 InitializeAsanInterceptors(); 308 309 ReplaceSystemMalloc(); 310 ReplaceOperatorsNewAndDelete(); 311 312 if (flags()->verbosity) { 313 Printf("|| `[%p, %p]` || HighMem ||\n", 314 (void*)kHighMemBeg, (void*)kHighMemEnd); 315 Printf("|| `[%p, %p]` || HighShadow ||\n", 316 (void*)kHighShadowBeg, (void*)kHighShadowEnd); 317 Printf("|| `[%p, %p]` || ShadowGap ||\n", 318 (void*)kShadowGapBeg, (void*)kShadowGapEnd); 319 Printf("|| `[%p, %p]` || LowShadow ||\n", 320 (void*)kLowShadowBeg, (void*)kLowShadowEnd); 321 Printf("|| `[%p, %p]` || LowMem ||\n", 322 (void*)kLowMemBeg, (void*)kLowMemEnd); 323 Printf("MemToShadow(shadow): %p %p %p %p\n", 324 (void*)MEM_TO_SHADOW(kLowShadowBeg), 325 (void*)MEM_TO_SHADOW(kLowShadowEnd), 326 (void*)MEM_TO_SHADOW(kHighShadowBeg), 327 (void*)MEM_TO_SHADOW(kHighShadowEnd)); 328 Printf("red_zone=%zu\n", (uptr)flags()->redzone); 329 Printf("malloc_context_size=%zu\n", (uptr)flags()->malloc_context_size); 330 331 Printf("SHADOW_SCALE: %zx\n", (uptr)SHADOW_SCALE); 332 Printf("SHADOW_GRANULARITY: %zx\n", (uptr)SHADOW_GRANULARITY); 333 Printf("SHADOW_OFFSET: %zx\n", (uptr)SHADOW_OFFSET); 334 CHECK(SHADOW_SCALE >= 3 && SHADOW_SCALE <= 7); 335 } 336 337 if (flags()->disable_core) { 338 DisableCoreDumper(); 339 } 340 341 uptr shadow_start = kLowShadowBeg; 342 if (kLowShadowBeg > 0) shadow_start -= kMmapGranularity; 343 uptr shadow_end = kHighShadowEnd; 344 if (MemoryRangeIsAvailable(shadow_start, shadow_end)) { 345 if (kLowShadowBeg != kLowShadowEnd) { 346 // mmap the low shadow plus at least one page. 347 ReserveShadowMemoryRange(kLowShadowBeg - kMmapGranularity, kLowShadowEnd); 348 } 349 // mmap the high shadow. 350 ReserveShadowMemoryRange(kHighShadowBeg, kHighShadowEnd); 351 // protect the gap 352 void *prot = Mprotect(kShadowGapBeg, kShadowGapEnd - kShadowGapBeg + 1); 353 CHECK(prot == (void*)kShadowGapBeg); 354 } else { 355 Report("Shadow memory range interleaves with an existing memory mapping. " 356 "ASan cannot proceed correctly. ABORTING.\n"); 357 DumpProcessMap(); 358 Die(); 359 } 360 361 InstallSignalHandlers(); 362 // Start symbolizer process if necessary. 363 if (flags()->symbolize) { 364 const char *external_symbolizer = GetEnv("ASAN_SYMBOLIZER_PATH"); 365 if (external_symbolizer) { 366 InitializeExternalSymbolizer(external_symbolizer); 367 } 368 } 369#ifdef _WIN32 370 __asan_set_symbolize_callback(WinSymbolize); 371#endif // _WIN32 372 373 // On Linux AsanThread::ThreadStart() calls malloc() that's why asan_inited 374 // should be set to 1 prior to initializing the threads. 375 asan_inited = 1; 376 asan_init_is_running = false; 377 378 asanThreadRegistry().Init(); 379 asanThreadRegistry().GetMain()->ThreadStart(); 380 force_interface_symbols(); // no-op. 381 382 if (flags()->verbosity) { 383 Report("AddressSanitizer Init done\n"); 384 } 385} 386 387#if defined(ASAN_USE_PREINIT_ARRAY) 388 // On Linux, we force __asan_init to be called before anyone else 389 // by placing it into .preinit_array section. 390 // FIXME: do we have anything like this on Mac? 391 __attribute__((section(".preinit_array"))) 392 typeof(__asan_init) *__asan_preinit =__asan_init; 393#elif defined(_WIN32) && defined(_DLL) 394 // On Windows, when using dynamic CRT (/MD), we can put a pointer 395 // to __asan_init into the global list of C initializers. 396 // See crt0dat.c in the CRT sources for the details. 397 #pragma section(".CRT$XIB", long, read) // NOLINT 398 __declspec(allocate(".CRT$XIB")) void (*__asan_preinit)() = __asan_init; 399#endif 400