1//===-- sanitizer_posix.cc ------------------------------------------------===// 2// 3// The LLVM Compiler Infrastructure 4// 5// This file is distributed under the University of Illinois Open Source 6// License. See LICENSE.TXT for details. 7// 8//===----------------------------------------------------------------------===// 9// 10// This file is shared between AddressSanitizer and ThreadSanitizer 11// run-time libraries and implements POSIX-specific functions from 12// sanitizer_posix.h. 13//===----------------------------------------------------------------------===// 14 15#include "sanitizer_platform.h" 16#if SANITIZER_POSIX 17 18#include "sanitizer_common.h" 19#include "sanitizer_libc.h" 20#include "sanitizer_posix.h" 21#include "sanitizer_procmaps.h" 22#include "sanitizer_stacktrace.h" 23 24#include <fcntl.h> 25#include <signal.h> 26#include <sys/mman.h> 27 28#if SANITIZER_LINUX 29#include <sys/utsname.h> 30#endif 31 32#if SANITIZER_LINUX && !SANITIZER_ANDROID 33#include <sys/personality.h> 34#endif 35 36#if SANITIZER_FREEBSD 37// The MAP_NORESERVE define has been removed in FreeBSD 11.x, and even before 38// that, it was never implemented. So just define it to zero. 39#undef MAP_NORESERVE 40#define MAP_NORESERVE 0 41#endif 42 43namespace __sanitizer { 44 45// ------------- sanitizer_common.h 46uptr GetMmapGranularity() { 47 return GetPageSize(); 48} 49 50#if SANITIZER_WORDSIZE == 32 51// Take care of unusable kernel area in top gigabyte. 52static uptr GetKernelAreaSize() { 53#if SANITIZER_LINUX && !SANITIZER_X32 54 const uptr gbyte = 1UL << 30; 55 56 // Firstly check if there are writable segments 57 // mapped to top gigabyte (e.g. stack). 58 MemoryMappingLayout proc_maps(/*cache_enabled*/true); 59 uptr end, prot; 60 while (proc_maps.Next(/*start*/0, &end, 61 /*offset*/0, /*filename*/0, 62 /*filename_size*/0, &prot)) { 63 if ((end >= 3 * gbyte) 64 && (prot & MemoryMappingLayout::kProtectionWrite) != 0) 65 return 0; 66 } 67 68#if !SANITIZER_ANDROID 69 // Even if nothing is mapped, top Gb may still be accessible 70 // if we are running on 64-bit kernel. 71 // Uname may report misleading results if personality type 72 // is modified (e.g. under schroot) so check this as well. 73 struct utsname uname_info; 74 int pers = personality(0xffffffffUL); 75 if (!(pers & PER_MASK) 76 && uname(&uname_info) == 0 77 && internal_strstr(uname_info.machine, "64")) 78 return 0; 79#endif // SANITIZER_ANDROID 80 81 // Top gigabyte is reserved for kernel. 82 return gbyte; 83#else 84 return 0; 85#endif // SANITIZER_LINUX && !SANITIZER_X32 86} 87#endif // SANITIZER_WORDSIZE == 32 88 89uptr GetMaxVirtualAddress() { 90#if SANITIZER_WORDSIZE == 64 91# if defined(__powerpc64__) || defined(__aarch64__) 92 // On PowerPC64 we have two different address space layouts: 44- and 46-bit. 93 // We somehow need to figure out which one we are using now and choose 94 // one of 0x00000fffffffffffUL and 0x00003fffffffffffUL. 95 // Note that with 'ulimit -s unlimited' the stack is moved away from the top 96 // of the address space, so simply checking the stack address is not enough. 97 // This should (does) work for both PowerPC64 Endian modes. 98 // Similarly, aarch64 has multiple address space layouts: 39, 42 and 47-bit. 99 return (1ULL << (MostSignificantSetBitIndex(GET_CURRENT_FRAME()) + 1)) - 1; 100# elif defined(__mips64) 101 return (1ULL << 40) - 1; // 0x000000ffffffffffUL; 102# else 103 return (1ULL << 47) - 1; // 0x00007fffffffffffUL; 104# endif 105#else // SANITIZER_WORDSIZE == 32 106 uptr res = (1ULL << 32) - 1; // 0xffffffff; 107 if (!common_flags()->full_address_space) 108 res -= GetKernelAreaSize(); 109 CHECK_LT(reinterpret_cast<uptr>(&res), res); 110 return res; 111#endif // SANITIZER_WORDSIZE 112} 113 114void *MmapOrDie(uptr size, const char *mem_type) { 115 size = RoundUpTo(size, GetPageSizeCached()); 116 uptr res = internal_mmap(0, size, 117 PROT_READ | PROT_WRITE, 118 MAP_PRIVATE | MAP_ANON, -1, 0); 119 int reserrno; 120 if (internal_iserror(res, &reserrno)) { 121 static int recursion_count; 122 if (recursion_count) { 123 // The Report() and CHECK calls below may call mmap recursively and fail. 124 // If we went into recursion, just die. 125 RawWrite("ERROR: Failed to mmap\n"); 126 Die(); 127 } 128 recursion_count++; 129 Report("ERROR: %s failed to " 130 "allocate 0x%zx (%zd) bytes of %s (errno: %d)\n", 131 SanitizerToolName, size, size, mem_type, reserrno); 132 DumpProcessMap(); 133 CHECK("unable to mmap" && 0); 134 } 135 IncreaseTotalMmap(size); 136 return (void *)res; 137} 138 139void UnmapOrDie(void *addr, uptr size) { 140 if (!addr || !size) return; 141 uptr res = internal_munmap(addr, size); 142 if (internal_iserror(res)) { 143 Report("ERROR: %s failed to deallocate 0x%zx (%zd) bytes at address %p\n", 144 SanitizerToolName, size, size, addr); 145 CHECK("unable to unmap" && 0); 146 } 147 DecreaseTotalMmap(size); 148} 149 150void *MmapNoReserveOrDie(uptr size, const char *mem_type) { 151 uptr PageSize = GetPageSizeCached(); 152 uptr p = internal_mmap(0, 153 RoundUpTo(size, PageSize), 154 PROT_READ | PROT_WRITE, 155 MAP_PRIVATE | MAP_ANON | MAP_NORESERVE, 156 -1, 0); 157 int reserrno; 158 if (internal_iserror(p, &reserrno)) { 159 Report("ERROR: %s failed to " 160 "allocate noreserve 0x%zx (%zd) bytes for '%s' (errno: %d)\n", 161 SanitizerToolName, size, size, mem_type, reserrno); 162 CHECK("unable to mmap" && 0); 163 } 164 IncreaseTotalMmap(size); 165 return (void *)p; 166} 167 168void *MmapFixedNoReserve(uptr fixed_addr, uptr size) { 169 uptr PageSize = GetPageSizeCached(); 170 uptr p = internal_mmap((void*)(fixed_addr & ~(PageSize - 1)), 171 RoundUpTo(size, PageSize), 172 PROT_READ | PROT_WRITE, 173 MAP_PRIVATE | MAP_ANON | MAP_FIXED | MAP_NORESERVE, 174 -1, 0); 175 int reserrno; 176 if (internal_iserror(p, &reserrno)) 177 Report("ERROR: %s failed to " 178 "allocate 0x%zx (%zd) bytes at address %zx (errno: %d)\n", 179 SanitizerToolName, size, size, fixed_addr, reserrno); 180 IncreaseTotalMmap(size); 181 return (void *)p; 182} 183 184void *MmapFixedOrDie(uptr fixed_addr, uptr size) { 185 uptr PageSize = GetPageSizeCached(); 186 uptr p = internal_mmap((void*)(fixed_addr & ~(PageSize - 1)), 187 RoundUpTo(size, PageSize), 188 PROT_READ | PROT_WRITE, 189 MAP_PRIVATE | MAP_ANON | MAP_FIXED, 190 -1, 0); 191 int reserrno; 192 if (internal_iserror(p, &reserrno)) { 193 Report("ERROR: %s failed to " 194 "allocate 0x%zx (%zd) bytes at address %zx (errno: %d)\n", 195 SanitizerToolName, size, size, fixed_addr, reserrno); 196 CHECK("unable to mmap" && 0); 197 } 198 IncreaseTotalMmap(size); 199 return (void *)p; 200} 201 202void *MmapNoAccess(uptr fixed_addr, uptr size) { 203 return (void *)internal_mmap((void*)fixed_addr, size, 204 PROT_NONE, 205 MAP_PRIVATE | MAP_ANON | MAP_FIXED | 206 MAP_NORESERVE, -1, 0); 207} 208 209bool MprotectNoAccess(uptr addr, uptr size) { 210 return 0 == internal_mprotect((void*)addr, size, PROT_NONE); 211} 212 213fd_t OpenFile(const char *filename, FileAccessMode mode, error_t *errno_p) { 214 int flags; 215 switch (mode) { 216 case RdOnly: flags = O_RDONLY; break; 217 case WrOnly: flags = O_WRONLY | O_CREAT; break; 218 case RdWr: flags = O_RDWR | O_CREAT; break; 219 } 220 fd_t res = internal_open(filename, flags, 0660); 221 if (internal_iserror(res, errno_p)) 222 return kInvalidFd; 223 return res; 224} 225 226void CloseFile(fd_t fd) { 227 internal_close(fd); 228} 229 230bool ReadFromFile(fd_t fd, void *buff, uptr buff_size, uptr *bytes_read, 231 error_t *error_p) { 232 uptr res = internal_read(fd, buff, buff_size); 233 if (internal_iserror(res, error_p)) 234 return false; 235 if (bytes_read) 236 *bytes_read = res; 237 return true; 238} 239 240bool WriteToFile(fd_t fd, const void *buff, uptr buff_size, uptr *bytes_written, 241 error_t *error_p) { 242 uptr res = internal_write(fd, buff, buff_size); 243 if (internal_iserror(res, error_p)) 244 return false; 245 if (bytes_written) 246 *bytes_written = res; 247 return true; 248} 249 250bool RenameFile(const char *oldpath, const char *newpath, error_t *error_p) { 251 uptr res = internal_rename(oldpath, newpath); 252 return !internal_iserror(res, error_p); 253} 254 255void *MapFileToMemory(const char *file_name, uptr *buff_size) { 256 fd_t fd = OpenFile(file_name, RdOnly); 257 CHECK(fd != kInvalidFd); 258 uptr fsize = internal_filesize(fd); 259 CHECK_NE(fsize, (uptr)-1); 260 CHECK_GT(fsize, 0); 261 *buff_size = RoundUpTo(fsize, GetPageSizeCached()); 262 uptr map = internal_mmap(0, *buff_size, PROT_READ, MAP_PRIVATE, fd, 0); 263 return internal_iserror(map) ? 0 : (void *)map; 264} 265 266void *MapWritableFileToMemory(void *addr, uptr size, fd_t fd, uptr offset) { 267 uptr flags = MAP_SHARED; 268 if (addr) flags |= MAP_FIXED; 269 uptr p = internal_mmap(addr, size, PROT_READ | PROT_WRITE, flags, fd, offset); 270 int mmap_errno = 0; 271 if (internal_iserror(p, &mmap_errno)) { 272 Printf("could not map writable file (%d, %zu, %zu): %zd, errno: %d\n", 273 fd, offset, size, p, mmap_errno); 274 return 0; 275 } 276 return (void *)p; 277} 278 279static inline bool IntervalsAreSeparate(uptr start1, uptr end1, 280 uptr start2, uptr end2) { 281 CHECK(start1 <= end1); 282 CHECK(start2 <= end2); 283 return (end1 < start2) || (end2 < start1); 284} 285 286// FIXME: this is thread-unsafe, but should not cause problems most of the time. 287// When the shadow is mapped only a single thread usually exists (plus maybe 288// several worker threads on Mac, which aren't expected to map big chunks of 289// memory). 290bool MemoryRangeIsAvailable(uptr range_start, uptr range_end) { 291 MemoryMappingLayout proc_maps(/*cache_enabled*/true); 292 uptr start, end; 293 while (proc_maps.Next(&start, &end, 294 /*offset*/0, /*filename*/0, /*filename_size*/0, 295 /*protection*/0)) { 296 CHECK_NE(0, end); 297 if (!IntervalsAreSeparate(start, end - 1, range_start, range_end)) 298 return false; 299 } 300 return true; 301} 302 303void DumpProcessMap() { 304 MemoryMappingLayout proc_maps(/*cache_enabled*/true); 305 uptr start, end; 306 const sptr kBufSize = 4095; 307 char *filename = (char*)MmapOrDie(kBufSize, __func__); 308 Report("Process memory map follows:\n"); 309 while (proc_maps.Next(&start, &end, /* file_offset */0, 310 filename, kBufSize, /* protection */0)) { 311 Printf("\t%p-%p\t%s\n", (void*)start, (void*)end, filename); 312 } 313 Report("End of process memory map.\n"); 314 UnmapOrDie(filename, kBufSize); 315} 316 317const char *GetPwd() { 318 return GetEnv("PWD"); 319} 320 321char *FindPathToBinary(const char *name) { 322 const char *path = GetEnv("PATH"); 323 if (!path) 324 return 0; 325 uptr name_len = internal_strlen(name); 326 InternalScopedBuffer<char> buffer(kMaxPathLength); 327 const char *beg = path; 328 while (true) { 329 const char *end = internal_strchrnul(beg, ':'); 330 uptr prefix_len = end - beg; 331 if (prefix_len + name_len + 2 <= kMaxPathLength) { 332 internal_memcpy(buffer.data(), beg, prefix_len); 333 buffer[prefix_len] = '/'; 334 internal_memcpy(&buffer[prefix_len + 1], name, name_len); 335 buffer[prefix_len + 1 + name_len] = '\0'; 336 if (FileExists(buffer.data())) 337 return internal_strdup(buffer.data()); 338 } 339 if (*end == '\0') break; 340 beg = end + 1; 341 } 342 return 0; 343} 344 345bool IsPathSeparator(const char c) { 346 return c == '/'; 347} 348 349bool IsAbsolutePath(const char *path) { 350 return path != nullptr && IsPathSeparator(path[0]); 351} 352 353void ReportFile::Write(const char *buffer, uptr length) { 354 SpinMutexLock l(mu); 355 static const char *kWriteError = 356 "ReportFile::Write() can't output requested buffer!\n"; 357 ReopenIfNecessary(); 358 if (length != internal_write(fd, buffer, length)) { 359 internal_write(fd, kWriteError, internal_strlen(kWriteError)); 360 Die(); 361 } 362} 363 364bool GetCodeRangeForFile(const char *module, uptr *start, uptr *end) { 365 uptr s, e, off, prot; 366 InternalScopedString buff(kMaxPathLength); 367 MemoryMappingLayout proc_maps(/*cache_enabled*/false); 368 while (proc_maps.Next(&s, &e, &off, buff.data(), buff.size(), &prot)) { 369 if ((prot & MemoryMappingLayout::kProtectionExecute) != 0 370 && internal_strcmp(module, buff.data()) == 0) { 371 *start = s; 372 *end = e; 373 return true; 374 } 375 } 376 return false; 377} 378 379SignalContext SignalContext::Create(void *siginfo, void *context) { 380 uptr addr = (uptr)((siginfo_t*)siginfo)->si_addr; 381 uptr pc, sp, bp; 382 GetPcSpBp(context, &pc, &sp, &bp); 383 return SignalContext(context, addr, pc, sp, bp); 384} 385 386} // namespace __sanitizer 387 388#endif // SANITIZER_POSIX 389