asan_rtl.cc revision fce5bd4cc29fddb5e8f0cb9c12df7c10187a991d
1//===-- asan_rtl.cc -------------------------------------------------------===// 2// 3// The LLVM Compiler Infrastructure 4// 5// This file is distributed under the University of Illinois Open Source 6// License. See LICENSE.TXT for details. 7// 8//===----------------------------------------------------------------------===// 9// 10// This file is a part of AddressSanitizer, an address sanity checker. 11// 12// Main file of the ASan run-time library. 13//===----------------------------------------------------------------------===// 14#include "asan_allocator.h" 15#include "asan_interceptors.h" 16#include "asan_interface.h" 17#include "asan_internal.h" 18#include "asan_lock.h" 19#include "asan_mapping.h" 20#include "asan_stack.h" 21#include "asan_stats.h" 22#include "asan_thread.h" 23#include "asan_thread_registry.h" 24#include "sanitizer_common/sanitizer_atomic.h" 25#include "sanitizer_common/sanitizer_libc.h" 26 27namespace __sanitizer { 28using namespace __asan; 29 30void Die() { 31 static atomic_uint32_t num_calls; 32 if (atomic_fetch_add(&num_calls, 1, memory_order_relaxed) != 0) { 33 // Don't die twice - run a busy loop. 34 while (1) { } 35 } 36 if (FLAG_sleep_before_dying) { 37 Report("Sleeping for %zd second(s)\n", FLAG_sleep_before_dying); 38 SleepForSeconds(FLAG_sleep_before_dying); 39 } 40 if (FLAG_unmap_shadow_on_exit) 41 UnmapOrDie((void*)kLowShadowBeg, kHighShadowEnd - kLowShadowBeg); 42 if (death_callback) 43 death_callback(); 44 if (FLAG_abort_on_error) 45 Abort(); 46 Exit(FLAG_exitcode); 47} 48 49void CheckFailed(const char *file, int line, const char *cond, u64 v1, u64 v2) { 50 AsanReport("AddressSanitizer CHECK failed: %s:%d \"%s\" (%zx, %zx)\n", 51 file, line, cond, (uptr)v1, (uptr)v2); 52 PRINT_CURRENT_STACK(); 53 ShowStatsAndAbort(); 54} 55 56} // namespace __sanitizer 57 58namespace __asan { 59 60// -------------------------- Flags ------------------------- {{{1 61static const uptr kMallocContextSize = 30; 62 63uptr FLAG_malloc_context_size = kMallocContextSize; 64uptr FLAG_max_malloc_fill_size = 0; 65s64 FLAG_v = 0; 66uptr FLAG_redzone = (ASAN_LOW_MEMORY) ? 64 : 128; // power of two, >= 32 67uptr FLAG_quarantine_size = (ASAN_LOW_MEMORY) ? 1UL << 24 : 1UL << 28; 68static s64 FLAG_atexit = 0; 69bool FLAG_poison_shadow = 1; 70s64 FLAG_report_globals = 1; 71bool FLAG_handle_segv = ASAN_NEEDS_SEGV; 72bool FLAG_use_sigaltstack = 0; 73bool FLAG_symbolize = 0; 74s64 FLAG_demangle = 1; 75s64 FLAG_debug = 0; 76bool FLAG_replace_cfallocator = 1; // Used on Mac only. 77bool FLAG_mac_ignore_invalid_free = 0; // Used on Mac only. 78bool FLAG_replace_str = 1; 79bool FLAG_replace_intrin = 1; 80bool FLAG_use_fake_stack = 1; 81s64 FLAG_exitcode = ASAN_DEFAULT_FAILURE_EXITCODE; 82bool FLAG_allow_user_poisoning = 1; 83s64 FLAG_sleep_before_dying = 0; 84bool FLAG_abort_on_error = 0; 85bool FLAG_unmap_shadow_on_exit = 0; 86bool FLAG_disable_core = __WORDSIZE == 64; 87bool FLAG_check_malloc_usable_size = 1; 88 89// -------------------------- Globals --------------------- {{{1 90int asan_inited; 91bool asan_init_is_running; 92void (*death_callback)(void); 93static void (*error_report_callback)(const char*); 94char *error_message_buffer = 0; 95uptr error_message_buffer_pos = 0; 96uptr error_message_buffer_size = 0; 97 98// -------------------------- Misc ---------------- {{{1 99void ShowStatsAndAbort() { 100 __asan_print_accumulated_stats(); 101 Die(); 102} 103 104static void PrintBytes(const char *before, uptr *a) { 105 u8 *bytes = (u8*)a; 106 uptr byte_num = (__WORDSIZE) / 8; 107 AsanPrintf("%s%p:", before, (void*)a); 108 for (uptr i = 0; i < byte_num; i++) { 109 AsanPrintf(" %x%x", bytes[i] >> 4, bytes[i] & 15); 110 } 111 AsanPrintf("\n"); 112} 113 114void AppendToErrorMessageBuffer(const char *buffer) { 115 if (error_message_buffer) { 116 uptr length = internal_strlen(buffer); 117 CHECK_GE(error_message_buffer_size, error_message_buffer_pos); 118 uptr remaining = error_message_buffer_size - error_message_buffer_pos; 119 internal_strncpy(error_message_buffer + error_message_buffer_pos, 120 buffer, remaining); 121 error_message_buffer[error_message_buffer_size - 1] = '\0'; 122 // FIXME: reallocate the buffer instead of truncating the message. 123 error_message_buffer_pos += remaining > length ? length : remaining; 124 } 125} 126 127// ---------------------- mmap -------------------- {{{1 128// Reserve memory range [beg, end]. 129static void ReserveShadowMemoryRange(uptr beg, uptr end) { 130 CHECK((beg % kPageSize) == 0); 131 CHECK(((end + 1) % kPageSize) == 0); 132 uptr size = end - beg + 1; 133 void *res = MmapFixedNoReserve(beg, size); 134 CHECK(res == (void*)beg && "ReserveShadowMemoryRange failed"); 135} 136 137// ---------------------- LowLevelAllocator ------------- {{{1 138void *LowLevelAllocator::Allocate(uptr size) { 139 CHECK((size & (size - 1)) == 0 && "size must be a power of two"); 140 if (allocated_end_ - allocated_current_ < (sptr)size) { 141 uptr size_to_allocate = Max(size, kPageSize); 142 allocated_current_ = 143 (char*)MmapOrDie(size_to_allocate, __FUNCTION__); 144 allocated_end_ = allocated_current_ + size_to_allocate; 145 PoisonShadow((uptr)allocated_current_, size_to_allocate, 146 kAsanInternalHeapMagic); 147 } 148 CHECK(allocated_end_ - allocated_current_ >= (sptr)size); 149 void *res = allocated_current_; 150 allocated_current_ += size; 151 return res; 152} 153 154// ---------------------- DescribeAddress -------------------- {{{1 155static bool DescribeStackAddress(uptr addr, uptr access_size) { 156 AsanThread *t = asanThreadRegistry().FindThreadByStackAddress(addr); 157 if (!t) return false; 158 const sptr kBufSize = 4095; 159 char buf[kBufSize]; 160 uptr offset = 0; 161 const char *frame_descr = t->GetFrameNameByAddr(addr, &offset); 162 // This string is created by the compiler and has the following form: 163 // "FunctioName n alloc_1 alloc_2 ... alloc_n" 164 // where alloc_i looks like "offset size len ObjectName ". 165 CHECK(frame_descr); 166 // Report the function name and the offset. 167 const char *name_end = internal_strchr(frame_descr, ' '); 168 CHECK(name_end); 169 buf[0] = 0; 170 internal_strncat(buf, frame_descr, 171 Min(kBufSize, 172 static_cast<sptr>(name_end - frame_descr))); 173 AsanPrintf("Address %p is located at offset %zu " 174 "in frame <%s> of T%d's stack:\n", 175 (void*)addr, offset, buf, t->tid()); 176 // Report the number of stack objects. 177 char *p; 178 uptr n_objects = internal_simple_strtoll(name_end, &p, 10); 179 CHECK(n_objects > 0); 180 AsanPrintf(" This frame has %zu object(s):\n", n_objects); 181 // Report all objects in this frame. 182 for (uptr i = 0; i < n_objects; i++) { 183 uptr beg, size; 184 sptr len; 185 beg = internal_simple_strtoll(p, &p, 10); 186 size = internal_simple_strtoll(p, &p, 10); 187 len = internal_simple_strtoll(p, &p, 10); 188 if (beg <= 0 || size <= 0 || len < 0 || *p != ' ') { 189 AsanPrintf("AddressSanitizer can't parse the stack frame " 190 "descriptor: |%s|\n", frame_descr); 191 break; 192 } 193 p++; 194 buf[0] = 0; 195 internal_strncat(buf, p, Min(kBufSize, len)); 196 p += len; 197 AsanPrintf(" [%zu, %zu) '%s'\n", beg, beg + size, buf); 198 } 199 AsanPrintf("HINT: this may be a false positive if your program uses " 200 "some custom stack unwind mechanism\n" 201 " (longjmp and C++ exceptions *are* supported)\n"); 202 t->summary()->Announce(); 203 return true; 204} 205 206static NOINLINE void DescribeAddress(uptr addr, uptr access_size) { 207 // Check if this is a global. 208 if (DescribeAddrIfGlobal(addr)) 209 return; 210 211 if (DescribeStackAddress(addr, access_size)) 212 return; 213 214 // finally, check if this is a heap. 215 DescribeHeapAddress(addr, access_size); 216} 217 218// -------------------------- Run-time entry ------------------- {{{1 219// exported functions 220#define ASAN_REPORT_ERROR(type, is_write, size) \ 221extern "C" NOINLINE INTERFACE_ATTRIBUTE \ 222void __asan_report_ ## type ## size(uptr addr); \ 223void __asan_report_ ## type ## size(uptr addr) { \ 224 GET_CALLER_PC_BP_SP; \ 225 __asan_report_error(pc, bp, sp, addr, is_write, size); \ 226} 227 228ASAN_REPORT_ERROR(load, false, 1) 229ASAN_REPORT_ERROR(load, false, 2) 230ASAN_REPORT_ERROR(load, false, 4) 231ASAN_REPORT_ERROR(load, false, 8) 232ASAN_REPORT_ERROR(load, false, 16) 233ASAN_REPORT_ERROR(store, true, 1) 234ASAN_REPORT_ERROR(store, true, 2) 235ASAN_REPORT_ERROR(store, true, 4) 236ASAN_REPORT_ERROR(store, true, 8) 237ASAN_REPORT_ERROR(store, true, 16) 238 239// Force the linker to keep the symbols for various ASan interface functions. 240// We want to keep those in the executable in order to let the instrumented 241// dynamic libraries access the symbol even if it is not used by the executable 242// itself. This should help if the build system is removing dead code at link 243// time. 244static NOINLINE void force_interface_symbols() { 245 volatile int fake_condition = 0; // prevent dead condition elimination. 246 if (fake_condition) { 247 __asan_report_load1(0); 248 __asan_report_load2(0); 249 __asan_report_load4(0); 250 __asan_report_load8(0); 251 __asan_report_load16(0); 252 __asan_report_store1(0); 253 __asan_report_store2(0); 254 __asan_report_store4(0); 255 __asan_report_store8(0); 256 __asan_report_store16(0); 257 __asan_register_global(0, 0, 0); 258 __asan_register_globals(0, 0); 259 __asan_unregister_globals(0, 0); 260 __asan_set_death_callback(0); 261 __asan_set_error_report_callback(0); 262 __asan_handle_no_return(); 263 } 264} 265 266// -------------------------- Init ------------------- {{{1 267static void IntFlagValue(const char *flags, const char *flag, 268 s64 *out_val) { 269 if (!flags) return; 270 const char *str = internal_strstr(flags, flag); 271 if (!str) return; 272 *out_val = internal_atoll(str + internal_strlen(flag)); 273} 274 275static void BoolFlagValue(const char *flags, const char *flag, 276 bool *out_val) { 277 if (!flags) return; 278 const char *str = internal_strstr(flags, flag); 279 if (!str) return; 280 const char *suffix = str + internal_strlen(flag); 281 if (!internal_atoll(str + internal_strlen(flag))) { 282 if (suffix[0] == '0') { 283 *out_val = false; 284 return; 285 } 286 } else { 287 *out_val = true; 288 return; 289 } 290 switch (suffix[0]) { 291 case 'y': 292 case 't': { 293 *out_val = true; 294 break; 295 } 296 case 'n': 297 case 'f': { 298 *out_val = false; 299 break; 300 } 301 default: return; 302 } 303} 304 305static void asan_atexit() { 306 AsanPrintf("AddressSanitizer exit stats:\n"); 307 __asan_print_accumulated_stats(); 308} 309 310} // namespace __asan 311 312// ---------------------- Interface ---------------- {{{1 313using namespace __asan; // NOLINT 314 315int __asan_set_error_exit_code(int exit_code) { 316 int old = FLAG_exitcode; 317 FLAG_exitcode = exit_code; 318 return old; 319} 320 321void NOINLINE __asan_handle_no_return() { 322 int local_stack; 323 AsanThread *curr_thread = asanThreadRegistry().GetCurrent(); 324 CHECK(curr_thread); 325 uptr top = curr_thread->stack_top(); 326 uptr bottom = ((uptr)&local_stack - kPageSize) & ~(kPageSize-1); 327 PoisonShadow(bottom, top - bottom, 0); 328} 329 330void NOINLINE __asan_set_death_callback(void (*callback)(void)) { 331 death_callback = callback; 332} 333 334void NOINLINE __asan_set_error_report_callback(void (*callback)(const char*)) { 335 error_report_callback = callback; 336 if (callback) { 337 error_message_buffer_size = 1 << 16; 338 error_message_buffer = 339 (char*)MmapOrDie(error_message_buffer_size, __FUNCTION__); 340 error_message_buffer_pos = 0; 341 } 342} 343 344void __asan_report_error(uptr pc, uptr bp, uptr sp, 345 uptr addr, bool is_write, uptr access_size) { 346 // Do not print more than one report, otherwise they will mix up. 347 static atomic_uint32_t num_calls; 348 if (atomic_fetch_add(&num_calls, 1, memory_order_relaxed) != 0) return; 349 350 AsanPrintf("====================================================" 351 "=============\n"); 352 const char *bug_descr = "unknown-crash"; 353 if (AddrIsInMem(addr)) { 354 u8 *shadow_addr = (u8*)MemToShadow(addr); 355 // If we are accessing 16 bytes, look at the second shadow byte. 356 if (*shadow_addr == 0 && access_size > SHADOW_GRANULARITY) 357 shadow_addr++; 358 // If we are in the partial right redzone, look at the next shadow byte. 359 if (*shadow_addr > 0 && *shadow_addr < 128) 360 shadow_addr++; 361 switch (*shadow_addr) { 362 case kAsanHeapLeftRedzoneMagic: 363 case kAsanHeapRightRedzoneMagic: 364 bug_descr = "heap-buffer-overflow"; 365 break; 366 case kAsanHeapFreeMagic: 367 bug_descr = "heap-use-after-free"; 368 break; 369 case kAsanStackLeftRedzoneMagic: 370 bug_descr = "stack-buffer-underflow"; 371 break; 372 case kAsanStackMidRedzoneMagic: 373 case kAsanStackRightRedzoneMagic: 374 case kAsanStackPartialRedzoneMagic: 375 bug_descr = "stack-buffer-overflow"; 376 break; 377 case kAsanStackAfterReturnMagic: 378 bug_descr = "stack-use-after-return"; 379 break; 380 case kAsanUserPoisonedMemoryMagic: 381 bug_descr = "use-after-poison"; 382 break; 383 case kAsanGlobalRedzoneMagic: 384 bug_descr = "global-buffer-overflow"; 385 break; 386 } 387 } 388 389 AsanThread *curr_thread = asanThreadRegistry().GetCurrent(); 390 u32 curr_tid = asanThreadRegistry().GetCurrentTidOrInvalid(); 391 392 if (curr_thread) { 393 // We started reporting an error message. Stop using the fake stack 394 // in case we will call an instrumented function from a symbolizer. 395 curr_thread->fake_stack().StopUsingFakeStack(); 396 } 397 398 AsanReport("ERROR: AddressSanitizer %s on address " 399 "%p at pc 0x%zx bp 0x%zx sp 0x%zx\n", 400 bug_descr, (void*)addr, pc, bp, sp); 401 402 AsanPrintf("%s of size %zu at %p thread T%d\n", 403 access_size ? (is_write ? "WRITE" : "READ") : "ACCESS", 404 access_size, (void*)addr, curr_tid); 405 406 if (FLAG_debug) { 407 PrintBytes("PC: ", (uptr*)pc); 408 } 409 410 GET_STACK_TRACE_WITH_PC_AND_BP(kStackTraceMax, pc, bp); 411 stack.PrintStack(); 412 413 CHECK(AddrIsInMem(addr)); 414 415 DescribeAddress(addr, access_size); 416 417 uptr shadow_addr = MemToShadow(addr); 418 AsanReport("ABORTING\n"); 419 __asan_print_accumulated_stats(); 420 AsanPrintf("Shadow byte and word:\n"); 421 AsanPrintf(" %p: %x\n", (void*)shadow_addr, *(unsigned char*)shadow_addr); 422 uptr aligned_shadow = shadow_addr & ~(kWordSize - 1); 423 PrintBytes(" ", (uptr*)(aligned_shadow)); 424 AsanPrintf("More shadow bytes:\n"); 425 PrintBytes(" ", (uptr*)(aligned_shadow-4*kWordSize)); 426 PrintBytes(" ", (uptr*)(aligned_shadow-3*kWordSize)); 427 PrintBytes(" ", (uptr*)(aligned_shadow-2*kWordSize)); 428 PrintBytes(" ", (uptr*)(aligned_shadow-1*kWordSize)); 429 PrintBytes("=>", (uptr*)(aligned_shadow+0*kWordSize)); 430 PrintBytes(" ", (uptr*)(aligned_shadow+1*kWordSize)); 431 PrintBytes(" ", (uptr*)(aligned_shadow+2*kWordSize)); 432 PrintBytes(" ", (uptr*)(aligned_shadow+3*kWordSize)); 433 PrintBytes(" ", (uptr*)(aligned_shadow+4*kWordSize)); 434 if (error_report_callback) { 435 error_report_callback(error_message_buffer); 436 } 437 Die(); 438} 439 440static void ParseAsanOptions(const char *options) { 441 IntFlagValue(options, "malloc_context_size=", 442 (s64*)&FLAG_malloc_context_size); 443 CHECK(FLAG_malloc_context_size <= kMallocContextSize); 444 445 IntFlagValue(options, "max_malloc_fill_size=", 446 (s64*)&FLAG_max_malloc_fill_size); 447 448 IntFlagValue(options, "verbosity=", &FLAG_v); 449 450 IntFlagValue(options, "redzone=", (s64*)&FLAG_redzone); 451 CHECK(FLAG_redzone >= 16); 452 CHECK(IsPowerOfTwo(FLAG_redzone)); 453 IntFlagValue(options, "quarantine_size=", (s64*)&FLAG_quarantine_size); 454 455 IntFlagValue(options, "atexit=", &FLAG_atexit); 456 BoolFlagValue(options, "poison_shadow=", &FLAG_poison_shadow); 457 IntFlagValue(options, "report_globals=", &FLAG_report_globals); 458 BoolFlagValue(options, "handle_segv=", &FLAG_handle_segv); 459 BoolFlagValue(options, "use_sigaltstack=", &FLAG_use_sigaltstack); 460 BoolFlagValue(options, "symbolize=", &FLAG_symbolize); 461 IntFlagValue(options, "demangle=", &FLAG_demangle); 462 IntFlagValue(options, "debug=", &FLAG_debug); 463 BoolFlagValue(options, "replace_cfallocator=", &FLAG_replace_cfallocator); 464 BoolFlagValue(options, "mac_ignore_invalid_free=", 465 &FLAG_mac_ignore_invalid_free); 466 BoolFlagValue(options, "replace_str=", &FLAG_replace_str); 467 BoolFlagValue(options, "replace_intrin=", &FLAG_replace_intrin); 468 BoolFlagValue(options, "use_fake_stack=", &FLAG_use_fake_stack); 469 IntFlagValue(options, "exitcode=", &FLAG_exitcode); 470 BoolFlagValue(options, "allow_user_poisoning=", &FLAG_allow_user_poisoning); 471 IntFlagValue(options, "sleep_before_dying=", &FLAG_sleep_before_dying); 472 BoolFlagValue(options, "abort_on_error=", &FLAG_abort_on_error); 473 BoolFlagValue(options, "unmap_shadow_on_exit=", &FLAG_unmap_shadow_on_exit); 474 // By default, disable core dumper on 64-bit -- 475 // it makes little sense to dump 16T+ core. 476 BoolFlagValue(options, "disable_core=", &FLAG_disable_core); 477 478 // Allow the users to work around the bug in Nvidia drivers prior to 295.*. 479 BoolFlagValue(options, "check_malloc_usable_size=", 480 &FLAG_check_malloc_usable_size); 481} 482 483void __asan_init() { 484 if (asan_inited) return; 485 asan_init_is_running = true; 486 487 // Make sure we are not statically linked. 488 AsanDoesNotSupportStaticLinkage(); 489 490#if !defined(_WIN32) 491 if (__asan_default_options) { 492 ParseAsanOptions(__asan_default_options); 493 if (FLAG_v) { 494 Report("Using the defaults from __asan_default_options: %s\n", 495 __asan_default_options); 496 } 497 } 498#endif 499 // flags 500 const char *options = GetEnv("ASAN_OPTIONS"); 501 ParseAsanOptions(options); 502 503 if (FLAG_v && options) { 504 Report("Parsed ASAN_OPTIONS: %s\n", options); 505 } 506 507 if (FLAG_atexit) { 508 Atexit(asan_atexit); 509 } 510 511 // interceptors 512 InitializeAsanInterceptors(); 513 514 ReplaceSystemMalloc(); 515 ReplaceOperatorsNewAndDelete(); 516 517 if (FLAG_v) { 518 Printf("|| `[%p, %p]` || HighMem ||\n", 519 (void*)kHighMemBeg, (void*)kHighMemEnd); 520 Printf("|| `[%p, %p]` || HighShadow ||\n", 521 (void*)kHighShadowBeg, (void*)kHighShadowEnd); 522 Printf("|| `[%p, %p]` || ShadowGap ||\n", 523 (void*)kShadowGapBeg, (void*)kShadowGapEnd); 524 Printf("|| `[%p, %p]` || LowShadow ||\n", 525 (void*)kLowShadowBeg, (void*)kLowShadowEnd); 526 Printf("|| `[%p, %p]` || LowMem ||\n", 527 (void*)kLowMemBeg, (void*)kLowMemEnd); 528 Printf("MemToShadow(shadow): %p %p %p %p\n", 529 (void*)MEM_TO_SHADOW(kLowShadowBeg), 530 (void*)MEM_TO_SHADOW(kLowShadowEnd), 531 (void*)MEM_TO_SHADOW(kHighShadowBeg), 532 (void*)MEM_TO_SHADOW(kHighShadowEnd)); 533 Printf("red_zone=%zu\n", (uptr)FLAG_redzone); 534 Printf("malloc_context_size=%zu\n", (uptr)FLAG_malloc_context_size); 535 536 Printf("SHADOW_SCALE: %zx\n", (uptr)SHADOW_SCALE); 537 Printf("SHADOW_GRANULARITY: %zx\n", (uptr)SHADOW_GRANULARITY); 538 Printf("SHADOW_OFFSET: %zx\n", (uptr)SHADOW_OFFSET); 539 CHECK(SHADOW_SCALE >= 3 && SHADOW_SCALE <= 7); 540 } 541 542 if (FLAG_disable_core) { 543 DisableCoreDumper(); 544 } 545 546 uptr shadow_start = kLowShadowBeg; 547 if (kLowShadowBeg > 0) shadow_start -= kMmapGranularity; 548 uptr shadow_end = kHighShadowEnd; 549 if (MemoryRangeIsAvailable(shadow_start, shadow_end)) { 550 if (kLowShadowBeg != kLowShadowEnd) { 551 // mmap the low shadow plus at least one page. 552 ReserveShadowMemoryRange(kLowShadowBeg - kMmapGranularity, kLowShadowEnd); 553 } 554 // mmap the high shadow. 555 ReserveShadowMemoryRange(kHighShadowBeg, kHighShadowEnd); 556 // protect the gap 557 void *prot = Mprotect(kShadowGapBeg, kShadowGapEnd - kShadowGapBeg + 1); 558 CHECK(prot == (void*)kShadowGapBeg); 559 } else { 560 Report("Shadow memory range interleaves with an existing memory mapping. " 561 "ASan cannot proceed correctly. ABORTING.\n"); 562 DumpProcessMap(); 563 Die(); 564 } 565 566 InstallSignalHandlers(); 567 568 // On Linux AsanThread::ThreadStart() calls malloc() that's why asan_inited 569 // should be set to 1 prior to initializing the threads. 570 asan_inited = 1; 571 asan_init_is_running = false; 572 573 asanThreadRegistry().Init(); 574 asanThreadRegistry().GetMain()->ThreadStart(); 575 force_interface_symbols(); // no-op. 576 577 if (FLAG_v) { 578 Report("AddressSanitizer Init done\n"); 579 } 580} 581 582#if defined(ASAN_USE_PREINIT_ARRAY) 583 // On Linux, we force __asan_init to be called before anyone else 584 // by placing it into .preinit_array section. 585 // FIXME: do we have anything like this on Mac? 586 __attribute__((section(".preinit_array"))) 587 typeof(__asan_init) *__asan_preinit =__asan_init; 588#elif defined(_WIN32) && defined(_DLL) 589 // On Windows, when using dynamic CRT (/MD), we can put a pointer 590 // to __asan_init into the global list of C initializers. 591 // See crt0dat.c in the CRT sources for the details. 592 #pragma section(".CRT$XIB", long, read) // NOLINT 593 __declspec(allocate(".CRT$XIB")) void (*__asan_preinit)() = __asan_init; 594#endif 595