2016-04-24 00:41:24 +08:00
|
|
|
//===-- esan_interceptors.cpp ---------------------------------------------===//
|
|
|
|
//
|
|
|
|
// The LLVM Compiler Infrastructure
|
|
|
|
//
|
|
|
|
// This file is distributed under the University of Illinois Open Source
|
|
|
|
// License. See LICENSE.TXT for details.
|
|
|
|
//
|
|
|
|
//===----------------------------------------------------------------------===//
|
|
|
|
//
|
|
|
|
// This file is a part of EfficiencySanitizer, a family of performance tuners.
|
|
|
|
//
|
|
|
|
// Interception routines for the esan run-time.
|
|
|
|
//===----------------------------------------------------------------------===//
|
|
|
|
|
|
|
|
#include "esan.h"
|
[esan] EfficiencySanitizer shadow memory
Summary:
Adds shadow memory mapping support common to all tools to the new
Efficiencysanitizer ("esan") family of tools. This includes:
+ Shadow memory layout and mapping support for 64-bit Linux for any
power-of-2 scale-down (1x, 2x, 4x, 8x, 16x, etc.) that ensures that
shadow(shadow(address)) does not overlap shadow or application
memory.
+ Mmap interception to ensure the application does not map on top of
our shadow memory.
+ Init-time sanity checks for shadow regions.
+ A test of the mmap conflict mechanism.
Reviewers: aizatsky, filcab
Subscribers: filcab, kubabrecka, llvm-commits, vitalybuka, eugenis, kcc, zhaoqin
Differential Revision: http://reviews.llvm.org/D19921
llvm-svn: 269198
2016-05-11 23:47:54 +08:00
|
|
|
#include "esan_shadow.h"
|
2016-04-24 00:41:24 +08:00
|
|
|
#include "interception/interception.h"
|
|
|
|
#include "sanitizer_common/sanitizer_common.h"
|
|
|
|
#include "sanitizer_common/sanitizer_libc.h"
|
[sanitizer][esan] Add internal_sigaction_syscall
Summary:
Adds a version of sigaction that uses a raw system call, to avoid circular
dependencies and support calling sigaction prior to setting up
interceptors. The new sigaction relies on an assembly sigreturn routine
for its restorer, which is Linux x86_64-only for now.
Uses the new sigaction to initialize the working set tool's shadow fault
handler prior to libc interceptor being set up. This is required to
support instrumentation invoked during interceptor setup, which happens
with an instrumented tcmalloc or other allocator compiled with esan.
Adds a test that emulates an instrumented allocator.
Reviewers: aizatsky
Subscribers: vitalybuka, tberghammer, zhaoqin, danalbert, kcc, srhines, eugenis, llvm-commits, kubabrecka
Differential Revision: http://reviews.llvm.org/D21083
llvm-svn: 272676
2016-06-14 23:15:38 +08:00
|
|
|
#include "sanitizer_common/sanitizer_linux.h"
|
2016-04-24 00:41:24 +08:00
|
|
|
#include "sanitizer_common/sanitizer_stacktrace.h"
|
|
|
|
|
|
|
|
using namespace __esan; // NOLINT
|
|
|
|
|
|
|
|
#define CUR_PC() (StackTrace::GetCurrentPc())
|
|
|
|
|
|
|
|
//===----------------------------------------------------------------------===//
|
|
|
|
// Interception via sanitizer common interceptors
|
|
|
|
//===----------------------------------------------------------------------===//
|
|
|
|
|
|
|
|
// Get the per-platform defines for what is possible to intercept
|
|
|
|
#include "sanitizer_common/sanitizer_platform_interceptors.h"
|
|
|
|
|
|
|
|
// TODO(bruening): tsan disables several interceptors (getpwent, etc.) claiming
|
|
|
|
// that interception is a perf hit: should we do the same?
|
|
|
|
|
|
|
|
// We have no need to intercept:
|
|
|
|
#undef SANITIZER_INTERCEPT_TLS_GET_ADDR
|
|
|
|
|
|
|
|
// TODO(bruening): the common realpath interceptor assumes malloc is
|
|
|
|
// intercepted! We should try to parametrize that, though we'll
|
|
|
|
// intercept malloc soon ourselves and can then remove this undef.
|
|
|
|
#undef SANITIZER_INTERCEPT_REALPATH
|
|
|
|
|
2016-07-07 05:04:48 +08:00
|
|
|
// We provide our own version:
|
|
|
|
#undef SANITIZER_INTERCEPT_SIGPROCMASK
|
|
|
|
|
2016-04-24 00:41:24 +08:00
|
|
|
#define COMMON_INTERCEPTOR_NOTHING_IS_INITIALIZED (!EsanIsInitialized)
|
|
|
|
|
|
|
|
#define COMMON_INTERCEPT_FUNCTION(name) INTERCEPT_FUNCTION(name)
|
2016-04-28 05:24:21 +08:00
|
|
|
#define COMMON_INTERCEPT_FUNCTION_VER(name, ver) \
|
|
|
|
INTERCEPT_FUNCTION_VER(name, ver)
|
2016-04-24 00:41:24 +08:00
|
|
|
|
2016-06-04 06:30:10 +08:00
|
|
|
// We must initialize during early interceptors, to support tcmalloc.
|
|
|
|
// This means that for some apps we fully initialize prior to
|
|
|
|
// __esan_init() being called.
|
2016-04-25 11:56:20 +08:00
|
|
|
// We currently do not use ctx.
|
2016-04-24 00:41:24 +08:00
|
|
|
#define COMMON_INTERCEPTOR_ENTER(ctx, func, ...) \
|
|
|
|
do { \
|
|
|
|
if (UNLIKELY(COMMON_INTERCEPTOR_NOTHING_IS_INITIALIZED)) { \
|
2016-06-04 06:30:10 +08:00
|
|
|
if (!UNLIKELY(EsanDuringInit)) \
|
|
|
|
initializeLibrary(__esan_which_tool); \
|
2016-04-24 00:41:24 +08:00
|
|
|
return REAL(func)(__VA_ARGS__); \
|
|
|
|
} \
|
2016-04-25 11:56:20 +08:00
|
|
|
ctx = nullptr; \
|
2016-04-24 00:41:24 +08:00
|
|
|
(void)ctx; \
|
|
|
|
} while (false)
|
|
|
|
|
|
|
|
#define COMMON_INTERCEPTOR_ENTER_NOIGNORE(ctx, func, ...) \
|
|
|
|
COMMON_INTERCEPTOR_ENTER(ctx, func, __VA_ARGS__)
|
|
|
|
|
|
|
|
#define COMMON_INTERCEPTOR_WRITE_RANGE(ctx, ptr, size) \
|
|
|
|
processRangeAccess(CUR_PC(), (uptr)ptr, size, true)
|
|
|
|
|
|
|
|
#define COMMON_INTERCEPTOR_READ_RANGE(ctx, ptr, size) \
|
|
|
|
processRangeAccess(CUR_PC(), (uptr)ptr, size, false)
|
|
|
|
|
|
|
|
// This is only called if the app explicitly calls exit(), not on
|
|
|
|
// a normal exit.
|
|
|
|
#define COMMON_INTERCEPTOR_ON_EXIT(ctx) finalizeLibrary()
|
|
|
|
|
2016-05-04 03:44:32 +08:00
|
|
|
#define COMMON_INTERCEPTOR_FILE_OPEN(ctx, file, path) \
|
|
|
|
do { \
|
|
|
|
(void)(ctx); \
|
|
|
|
(void)(file); \
|
|
|
|
(void)(path); \
|
|
|
|
} while (false)
|
|
|
|
#define COMMON_INTERCEPTOR_FILE_CLOSE(ctx, file) \
|
|
|
|
do { \
|
|
|
|
(void)(ctx); \
|
|
|
|
(void)(file); \
|
|
|
|
} while (false)
|
|
|
|
#define COMMON_INTERCEPTOR_LIBRARY_LOADED(filename, handle) \
|
|
|
|
do { \
|
|
|
|
(void)(filename); \
|
|
|
|
(void)(handle); \
|
|
|
|
} while (false)
|
|
|
|
#define COMMON_INTERCEPTOR_LIBRARY_UNLOADED() \
|
|
|
|
do { \
|
|
|
|
} while (false)
|
|
|
|
#define COMMON_INTERCEPTOR_ACQUIRE(ctx, u) \
|
|
|
|
do { \
|
|
|
|
(void)(ctx); \
|
|
|
|
(void)(u); \
|
|
|
|
} while (false)
|
|
|
|
#define COMMON_INTERCEPTOR_RELEASE(ctx, u) \
|
|
|
|
do { \
|
|
|
|
(void)(ctx); \
|
|
|
|
(void)(u); \
|
|
|
|
} while (false)
|
|
|
|
#define COMMON_INTERCEPTOR_DIR_ACQUIRE(ctx, path) \
|
|
|
|
do { \
|
|
|
|
(void)(ctx); \
|
|
|
|
(void)(path); \
|
|
|
|
} while (false)
|
|
|
|
#define COMMON_INTERCEPTOR_FD_ACQUIRE(ctx, fd) \
|
|
|
|
do { \
|
|
|
|
(void)(ctx); \
|
|
|
|
(void)(fd); \
|
|
|
|
} while (false)
|
|
|
|
#define COMMON_INTERCEPTOR_FD_RELEASE(ctx, fd) \
|
|
|
|
do { \
|
|
|
|
(void)(ctx); \
|
|
|
|
(void)(fd); \
|
|
|
|
} while (false)
|
|
|
|
#define COMMON_INTERCEPTOR_FD_ACCESS(ctx, fd) \
|
|
|
|
do { \
|
|
|
|
(void)(ctx); \
|
|
|
|
(void)(fd); \
|
|
|
|
} while (false)
|
|
|
|
#define COMMON_INTERCEPTOR_FD_SOCKET_ACCEPT(ctx, fd, newfd) \
|
|
|
|
do { \
|
|
|
|
(void)(ctx); \
|
|
|
|
(void)(fd); \
|
|
|
|
(void)(newfd); \
|
|
|
|
} while (false)
|
|
|
|
#define COMMON_INTERCEPTOR_SET_THREAD_NAME(ctx, name) \
|
|
|
|
do { \
|
|
|
|
(void)(ctx); \
|
|
|
|
(void)(name); \
|
|
|
|
} while (false)
|
|
|
|
#define COMMON_INTERCEPTOR_SET_PTHREAD_NAME(ctx, thread, name) \
|
|
|
|
do { \
|
|
|
|
(void)(ctx); \
|
|
|
|
(void)(thread); \
|
|
|
|
(void)(name); \
|
|
|
|
} while (false)
|
2016-04-24 00:41:24 +08:00
|
|
|
#define COMMON_INTERCEPTOR_BLOCK_REAL(name) REAL(name)
|
2016-05-04 03:44:32 +08:00
|
|
|
#define COMMON_INTERCEPTOR_MUTEX_LOCK(ctx, m) \
|
|
|
|
do { \
|
|
|
|
(void)(ctx); \
|
|
|
|
(void)(m); \
|
|
|
|
} while (false)
|
|
|
|
#define COMMON_INTERCEPTOR_MUTEX_UNLOCK(ctx, m) \
|
|
|
|
do { \
|
|
|
|
(void)(ctx); \
|
|
|
|
(void)(m); \
|
|
|
|
} while (false)
|
|
|
|
#define COMMON_INTERCEPTOR_MUTEX_REPAIR(ctx, m) \
|
|
|
|
do { \
|
|
|
|
(void)(ctx); \
|
|
|
|
(void)(m); \
|
|
|
|
} while (false)
|
|
|
|
#define COMMON_INTERCEPTOR_HANDLE_RECVMSG(ctx, msg) \
|
|
|
|
do { \
|
|
|
|
(void)(ctx); \
|
|
|
|
(void)(msg); \
|
|
|
|
} while (false)
|
|
|
|
#define COMMON_INTERCEPTOR_USER_CALLBACK_START() \
|
|
|
|
do { \
|
|
|
|
} while (false)
|
|
|
|
#define COMMON_INTERCEPTOR_USER_CALLBACK_END() \
|
|
|
|
do { \
|
|
|
|
} while (false)
|
2016-04-24 00:41:24 +08:00
|
|
|
|
|
|
|
#include "sanitizer_common/sanitizer_common_interceptors.inc"
|
|
|
|
|
|
|
|
//===----------------------------------------------------------------------===//
|
|
|
|
// Syscall interception
|
|
|
|
//===----------------------------------------------------------------------===//
|
|
|
|
|
|
|
|
// We want the caller's PC b/c unlike the other function interceptors these
|
|
|
|
// are separate pre and post functions called around the app's syscall().
|
|
|
|
|
|
|
|
#define COMMON_SYSCALL_PRE_READ_RANGE(ptr, size) \
|
|
|
|
processRangeAccess(GET_CALLER_PC(), (uptr)ptr, size, false)
|
|
|
|
|
2016-05-04 03:44:32 +08:00
|
|
|
#define COMMON_SYSCALL_PRE_WRITE_RANGE(ptr, size) \
|
|
|
|
do { \
|
|
|
|
(void)(ptr); \
|
|
|
|
(void)(size); \
|
|
|
|
} while (false)
|
2016-04-24 00:41:24 +08:00
|
|
|
|
2016-05-04 03:44:32 +08:00
|
|
|
#define COMMON_SYSCALL_POST_READ_RANGE(ptr, size) \
|
|
|
|
do { \
|
|
|
|
(void)(ptr); \
|
|
|
|
(void)(size); \
|
|
|
|
} while (false)
|
2016-04-24 00:41:24 +08:00
|
|
|
|
|
|
|
// The actual amount written is in post, not pre.
|
|
|
|
#define COMMON_SYSCALL_POST_WRITE_RANGE(ptr, size) \
|
|
|
|
processRangeAccess(GET_CALLER_PC(), (uptr)ptr, size, true)
|
|
|
|
|
2016-05-04 03:44:32 +08:00
|
|
|
#define COMMON_SYSCALL_ACQUIRE(addr) \
|
|
|
|
do { \
|
|
|
|
(void)(addr); \
|
|
|
|
} while (false)
|
|
|
|
#define COMMON_SYSCALL_RELEASE(addr) \
|
|
|
|
do { \
|
|
|
|
(void)(addr); \
|
|
|
|
} while (false)
|
|
|
|
#define COMMON_SYSCALL_FD_CLOSE(fd) \
|
|
|
|
do { \
|
|
|
|
(void)(fd); \
|
|
|
|
} while (false)
|
|
|
|
#define COMMON_SYSCALL_FD_ACQUIRE(fd) \
|
|
|
|
do { \
|
|
|
|
(void)(fd); \
|
|
|
|
} while (false)
|
|
|
|
#define COMMON_SYSCALL_FD_RELEASE(fd) \
|
|
|
|
do { \
|
|
|
|
(void)(fd); \
|
|
|
|
} while (false)
|
|
|
|
#define COMMON_SYSCALL_PRE_FORK() \
|
|
|
|
do { \
|
|
|
|
} while (false)
|
|
|
|
#define COMMON_SYSCALL_POST_FORK(res) \
|
|
|
|
do { \
|
|
|
|
(void)(res); \
|
|
|
|
} while (false)
|
2016-04-24 00:41:24 +08:00
|
|
|
|
|
|
|
#include "sanitizer_common/sanitizer_common_syscalls.inc"
|
|
|
|
|
|
|
|
//===----------------------------------------------------------------------===//
|
|
|
|
// Custom interceptors
|
|
|
|
//===----------------------------------------------------------------------===//
|
|
|
|
|
|
|
|
// TODO(bruening): move more of these to the common interception pool as they
|
|
|
|
// are shared with tsan and asan.
|
|
|
|
// While our other files match LLVM style, here we match sanitizer style as we
|
|
|
|
// expect to move these to the common pool.
|
|
|
|
|
|
|
|
INTERCEPTOR(char *, strcpy, char *dst, const char *src) { // NOLINT
|
|
|
|
void *ctx;
|
|
|
|
COMMON_INTERCEPTOR_ENTER(ctx, strcpy, dst, src);
|
|
|
|
uptr srclen = internal_strlen(src);
|
|
|
|
COMMON_INTERCEPTOR_WRITE_RANGE(ctx, dst, srclen + 1);
|
|
|
|
COMMON_INTERCEPTOR_READ_RANGE(ctx, src, srclen + 1);
|
|
|
|
return REAL(strcpy)(dst, src); // NOLINT
|
|
|
|
}
|
|
|
|
|
|
|
|
INTERCEPTOR(char *, strncpy, char *dst, char *src, uptr n) {
|
|
|
|
void *ctx;
|
|
|
|
COMMON_INTERCEPTOR_ENTER(ctx, strncpy, dst, src, n);
|
|
|
|
uptr srclen = internal_strnlen(src, n);
|
|
|
|
uptr copied_size = srclen + 1 > n ? n : srclen + 1;
|
|
|
|
COMMON_INTERCEPTOR_WRITE_RANGE(ctx, dst, copied_size);
|
|
|
|
COMMON_INTERCEPTOR_READ_RANGE(ctx, src, copied_size);
|
|
|
|
return REAL(strncpy)(dst, src, n);
|
|
|
|
}
|
|
|
|
|
|
|
|
INTERCEPTOR(int, open, const char *name, int flags, int mode) {
|
|
|
|
void *ctx;
|
|
|
|
COMMON_INTERCEPTOR_ENTER(ctx, open, name, flags, mode);
|
|
|
|
COMMON_INTERCEPTOR_READ_STRING(ctx, name, 0);
|
|
|
|
return REAL(open)(name, flags, mode);
|
|
|
|
}
|
|
|
|
|
|
|
|
#if SANITIZER_LINUX
|
|
|
|
INTERCEPTOR(int, open64, const char *name, int flags, int mode) {
|
|
|
|
void *ctx;
|
|
|
|
COMMON_INTERCEPTOR_ENTER(ctx, open64, name, flags, mode);
|
|
|
|
COMMON_INTERCEPTOR_READ_STRING(ctx, name, 0);
|
|
|
|
return REAL(open64)(name, flags, mode);
|
|
|
|
}
|
|
|
|
#define ESAN_MAYBE_INTERCEPT_OPEN64 INTERCEPT_FUNCTION(open64)
|
|
|
|
#else
|
|
|
|
#define ESAN_MAYBE_INTERCEPT_OPEN64
|
|
|
|
#endif
|
|
|
|
|
|
|
|
INTERCEPTOR(int, creat, const char *name, int mode) {
|
|
|
|
void *ctx;
|
|
|
|
COMMON_INTERCEPTOR_ENTER(ctx, creat, name, mode);
|
|
|
|
COMMON_INTERCEPTOR_READ_STRING(ctx, name, 0);
|
|
|
|
return REAL(creat)(name, mode);
|
|
|
|
}
|
|
|
|
|
|
|
|
#if SANITIZER_LINUX
|
|
|
|
INTERCEPTOR(int, creat64, const char *name, int mode) {
|
|
|
|
void *ctx;
|
|
|
|
COMMON_INTERCEPTOR_ENTER(ctx, creat64, name, mode);
|
|
|
|
COMMON_INTERCEPTOR_READ_STRING(ctx, name, 0);
|
|
|
|
return REAL(creat64)(name, mode);
|
|
|
|
}
|
|
|
|
#define ESAN_MAYBE_INTERCEPT_CREAT64 INTERCEPT_FUNCTION(creat64)
|
|
|
|
#else
|
|
|
|
#define ESAN_MAYBE_INTERCEPT_CREAT64
|
|
|
|
#endif
|
|
|
|
|
|
|
|
INTERCEPTOR(int, unlink, char *path) {
|
|
|
|
void *ctx;
|
|
|
|
COMMON_INTERCEPTOR_ENTER(ctx, unlink, path);
|
|
|
|
COMMON_INTERCEPTOR_READ_STRING(ctx, path, 0);
|
|
|
|
return REAL(unlink)(path);
|
|
|
|
}
|
|
|
|
|
|
|
|
INTERCEPTOR(uptr, fread, void *ptr, uptr size, uptr nmemb, void *f) {
|
|
|
|
void *ctx;
|
|
|
|
COMMON_INTERCEPTOR_ENTER(ctx, fread, ptr, size, nmemb, f);
|
|
|
|
COMMON_INTERCEPTOR_WRITE_RANGE(ctx, ptr, size * nmemb);
|
|
|
|
return REAL(fread)(ptr, size, nmemb, f);
|
|
|
|
}
|
|
|
|
|
|
|
|
INTERCEPTOR(uptr, fwrite, const void *p, uptr size, uptr nmemb, void *f) {
|
|
|
|
void *ctx;
|
|
|
|
COMMON_INTERCEPTOR_ENTER(ctx, fwrite, p, size, nmemb, f);
|
|
|
|
COMMON_INTERCEPTOR_READ_RANGE(ctx, p, size * nmemb);
|
|
|
|
return REAL(fwrite)(p, size, nmemb, f);
|
|
|
|
}
|
|
|
|
|
|
|
|
INTERCEPTOR(int, puts, const char *s) {
|
|
|
|
void *ctx;
|
|
|
|
COMMON_INTERCEPTOR_ENTER(ctx, puts, s);
|
|
|
|
COMMON_INTERCEPTOR_READ_RANGE(ctx, s, internal_strlen(s));
|
|
|
|
return REAL(puts)(s);
|
|
|
|
}
|
|
|
|
|
|
|
|
INTERCEPTOR(int, rmdir, char *path) {
|
|
|
|
void *ctx;
|
|
|
|
COMMON_INTERCEPTOR_ENTER(ctx, rmdir, path);
|
|
|
|
COMMON_INTERCEPTOR_READ_STRING(ctx, path, 0);
|
|
|
|
return REAL(rmdir)(path);
|
|
|
|
}
|
|
|
|
|
[esan] EfficiencySanitizer shadow memory
Summary:
Adds shadow memory mapping support common to all tools to the new
Efficiencysanitizer ("esan") family of tools. This includes:
+ Shadow memory layout and mapping support for 64-bit Linux for any
power-of-2 scale-down (1x, 2x, 4x, 8x, 16x, etc.) that ensures that
shadow(shadow(address)) does not overlap shadow or application
memory.
+ Mmap interception to ensure the application does not map on top of
our shadow memory.
+ Init-time sanity checks for shadow regions.
+ A test of the mmap conflict mechanism.
Reviewers: aizatsky, filcab
Subscribers: filcab, kubabrecka, llvm-commits, vitalybuka, eugenis, kcc, zhaoqin
Differential Revision: http://reviews.llvm.org/D19921
llvm-svn: 269198
2016-05-11 23:47:54 +08:00
|
|
|
//===----------------------------------------------------------------------===//
|
|
|
|
// Shadow-related interceptors
|
|
|
|
//===----------------------------------------------------------------------===//
|
|
|
|
|
|
|
|
// These are candidates for sharing with all sanitizers if shadow memory
|
|
|
|
// support is also standardized.
|
|
|
|
|
|
|
|
INTERCEPTOR(void *, mmap, void *addr, SIZE_T sz, int prot, int flags,
|
|
|
|
int fd, OFF_T off) {
|
2016-06-16 11:19:58 +08:00
|
|
|
if (UNLIKELY(REAL(mmap) == nullptr)) {
|
|
|
|
// With esan init during interceptor init and a static libc preventing
|
|
|
|
// our early-calloc from triggering, we can end up here before our
|
|
|
|
// REAL pointer is set up.
|
|
|
|
return (void *)internal_mmap(addr, sz, prot, flags, fd, off);
|
|
|
|
}
|
2016-06-04 06:30:10 +08:00
|
|
|
void *ctx;
|
|
|
|
COMMON_INTERCEPTOR_ENTER(ctx, mmap, addr, sz, prot, flags, fd, off);
|
[esan] EfficiencySanitizer shadow memory
Summary:
Adds shadow memory mapping support common to all tools to the new
Efficiencysanitizer ("esan") family of tools. This includes:
+ Shadow memory layout and mapping support for 64-bit Linux for any
power-of-2 scale-down (1x, 2x, 4x, 8x, 16x, etc.) that ensures that
shadow(shadow(address)) does not overlap shadow or application
memory.
+ Mmap interception to ensure the application does not map on top of
our shadow memory.
+ Init-time sanity checks for shadow regions.
+ A test of the mmap conflict mechanism.
Reviewers: aizatsky, filcab
Subscribers: filcab, kubabrecka, llvm-commits, vitalybuka, eugenis, kcc, zhaoqin
Differential Revision: http://reviews.llvm.org/D19921
llvm-svn: 269198
2016-05-11 23:47:54 +08:00
|
|
|
if (!fixMmapAddr(&addr, sz, flags))
|
|
|
|
return (void *)-1;
|
2016-05-28 08:25:16 +08:00
|
|
|
void *result = REAL(mmap)(addr, sz, prot, flags, fd, off);
|
|
|
|
return (void *)checkMmapResult((uptr)result, sz);
|
[esan] EfficiencySanitizer shadow memory
Summary:
Adds shadow memory mapping support common to all tools to the new
Efficiencysanitizer ("esan") family of tools. This includes:
+ Shadow memory layout and mapping support for 64-bit Linux for any
power-of-2 scale-down (1x, 2x, 4x, 8x, 16x, etc.) that ensures that
shadow(shadow(address)) does not overlap shadow or application
memory.
+ Mmap interception to ensure the application does not map on top of
our shadow memory.
+ Init-time sanity checks for shadow regions.
+ A test of the mmap conflict mechanism.
Reviewers: aizatsky, filcab
Subscribers: filcab, kubabrecka, llvm-commits, vitalybuka, eugenis, kcc, zhaoqin
Differential Revision: http://reviews.llvm.org/D19921
llvm-svn: 269198
2016-05-11 23:47:54 +08:00
|
|
|
}
|
|
|
|
|
|
|
|
#if SANITIZER_LINUX
|
|
|
|
INTERCEPTOR(void *, mmap64, void *addr, SIZE_T sz, int prot, int flags,
|
|
|
|
int fd, OFF64_T off) {
|
2016-06-04 06:30:10 +08:00
|
|
|
void *ctx;
|
|
|
|
COMMON_INTERCEPTOR_ENTER(ctx, mmap64, addr, sz, prot, flags, fd, off);
|
[esan] EfficiencySanitizer shadow memory
Summary:
Adds shadow memory mapping support common to all tools to the new
Efficiencysanitizer ("esan") family of tools. This includes:
+ Shadow memory layout and mapping support for 64-bit Linux for any
power-of-2 scale-down (1x, 2x, 4x, 8x, 16x, etc.) that ensures that
shadow(shadow(address)) does not overlap shadow or application
memory.
+ Mmap interception to ensure the application does not map on top of
our shadow memory.
+ Init-time sanity checks for shadow regions.
+ A test of the mmap conflict mechanism.
Reviewers: aizatsky, filcab
Subscribers: filcab, kubabrecka, llvm-commits, vitalybuka, eugenis, kcc, zhaoqin
Differential Revision: http://reviews.llvm.org/D19921
llvm-svn: 269198
2016-05-11 23:47:54 +08:00
|
|
|
if (!fixMmapAddr(&addr, sz, flags))
|
|
|
|
return (void *)-1;
|
2016-05-28 08:25:16 +08:00
|
|
|
void *result = REAL(mmap64)(addr, sz, prot, flags, fd, off);
|
|
|
|
return (void *)checkMmapResult((uptr)result, sz);
|
[esan] EfficiencySanitizer shadow memory
Summary:
Adds shadow memory mapping support common to all tools to the new
Efficiencysanitizer ("esan") family of tools. This includes:
+ Shadow memory layout and mapping support for 64-bit Linux for any
power-of-2 scale-down (1x, 2x, 4x, 8x, 16x, etc.) that ensures that
shadow(shadow(address)) does not overlap shadow or application
memory.
+ Mmap interception to ensure the application does not map on top of
our shadow memory.
+ Init-time sanity checks for shadow regions.
+ A test of the mmap conflict mechanism.
Reviewers: aizatsky, filcab
Subscribers: filcab, kubabrecka, llvm-commits, vitalybuka, eugenis, kcc, zhaoqin
Differential Revision: http://reviews.llvm.org/D19921
llvm-svn: 269198
2016-05-11 23:47:54 +08:00
|
|
|
}
|
|
|
|
#define ESAN_MAYBE_INTERCEPT_MMAP64 INTERCEPT_FUNCTION(mmap64)
|
|
|
|
#else
|
|
|
|
#define ESAN_MAYBE_INTERCEPT_MMAP64
|
|
|
|
#endif
|
|
|
|
|
2016-05-31 21:21:03 +08:00
|
|
|
//===----------------------------------------------------------------------===//
|
|
|
|
// Signal-related interceptors
|
|
|
|
//===----------------------------------------------------------------------===//
|
|
|
|
|
|
|
|
#if SANITIZER_LINUX
|
|
|
|
typedef void (*signal_handler_t)(int);
|
|
|
|
INTERCEPTOR(signal_handler_t, signal, int signum, signal_handler_t handler) {
|
|
|
|
void *ctx;
|
|
|
|
COMMON_INTERCEPTOR_ENTER(ctx, signal, signum, handler);
|
|
|
|
signal_handler_t result;
|
|
|
|
if (!processSignal(signum, handler, &result))
|
|
|
|
return result;
|
|
|
|
else
|
|
|
|
return REAL(signal)(signum, handler);
|
|
|
|
}
|
|
|
|
#define ESAN_MAYBE_INTERCEPT_SIGNAL INTERCEPT_FUNCTION(signal)
|
|
|
|
#else
|
|
|
|
#error Platform not supported
|
|
|
|
#define ESAN_MAYBE_INTERCEPT_SIGNAL
|
|
|
|
#endif
|
|
|
|
|
|
|
|
#if SANITIZER_LINUX
|
2016-06-03 12:30:47 +08:00
|
|
|
DECLARE_REAL(int, sigaction, int signum, const struct sigaction *act,
|
|
|
|
struct sigaction *oldact)
|
2016-05-31 21:21:03 +08:00
|
|
|
INTERCEPTOR(int, sigaction, int signum, const struct sigaction *act,
|
|
|
|
struct sigaction *oldact) {
|
|
|
|
void *ctx;
|
|
|
|
COMMON_INTERCEPTOR_ENTER(ctx, sigaction, signum, act, oldact);
|
|
|
|
if (!processSigaction(signum, act, oldact))
|
|
|
|
return 0;
|
|
|
|
else
|
|
|
|
return REAL(sigaction)(signum, act, oldact);
|
|
|
|
}
|
2016-06-03 12:30:47 +08:00
|
|
|
|
|
|
|
// This is required to properly use internal_sigaction.
|
|
|
|
namespace __sanitizer {
|
|
|
|
int real_sigaction(int signum, const void *act, void *oldact) {
|
[sanitizer][esan] Add internal_sigaction_syscall
Summary:
Adds a version of sigaction that uses a raw system call, to avoid circular
dependencies and support calling sigaction prior to setting up
interceptors. The new sigaction relies on an assembly sigreturn routine
for its restorer, which is Linux x86_64-only for now.
Uses the new sigaction to initialize the working set tool's shadow fault
handler prior to libc interceptor being set up. This is required to
support instrumentation invoked during interceptor setup, which happens
with an instrumented tcmalloc or other allocator compiled with esan.
Adds a test that emulates an instrumented allocator.
Reviewers: aizatsky
Subscribers: vitalybuka, tberghammer, zhaoqin, danalbert, kcc, srhines, eugenis, llvm-commits, kubabrecka
Differential Revision: http://reviews.llvm.org/D21083
llvm-svn: 272676
2016-06-14 23:15:38 +08:00
|
|
|
if (REAL(sigaction) == nullptr) {
|
|
|
|
// With an instrumented allocator, this is called during interceptor init
|
|
|
|
// and we need a raw syscall solution.
|
|
|
|
return internal_sigaction_syscall(signum, act, oldact);
|
|
|
|
}
|
2016-06-03 12:30:47 +08:00
|
|
|
return REAL(sigaction)(signum, (const struct sigaction *)act,
|
|
|
|
(struct sigaction *)oldact);
|
|
|
|
}
|
|
|
|
} // namespace __sanitizer
|
|
|
|
|
2016-05-31 21:21:03 +08:00
|
|
|
#define ESAN_MAYBE_INTERCEPT_SIGACTION INTERCEPT_FUNCTION(sigaction)
|
|
|
|
#else
|
|
|
|
#error Platform not supported
|
|
|
|
#define ESAN_MAYBE_INTERCEPT_SIGACTION
|
|
|
|
#endif
|
|
|
|
|
2016-07-07 05:04:48 +08:00
|
|
|
#if SANITIZER_LINUX
|
|
|
|
INTERCEPTOR(int, sigprocmask, int how, __sanitizer_sigset_t *set,
|
|
|
|
__sanitizer_sigset_t *oldset) {
|
|
|
|
void *ctx;
|
|
|
|
COMMON_INTERCEPTOR_ENTER(ctx, sigprocmask, how, set, oldset);
|
|
|
|
int res = 0;
|
|
|
|
if (processSigprocmask(how, set, oldset))
|
|
|
|
res = REAL(sigprocmask)(how, set, oldset);
|
|
|
|
if (!res && oldset)
|
|
|
|
COMMON_INTERCEPTOR_WRITE_RANGE(ctx, oldset, sizeof(*oldset));
|
|
|
|
return res;
|
|
|
|
}
|
|
|
|
#define ESAN_MAYBE_INTERCEPT_SIGPROCMASK INTERCEPT_FUNCTION(sigprocmask)
|
|
|
|
#else
|
|
|
|
#define ESAN_MAYBE_INTERCEPT_SIGPROCMASK
|
|
|
|
#endif
|
|
|
|
|
|
|
|
#if !SANITIZER_WINDOWS
|
|
|
|
INTERCEPTOR(int, pthread_sigmask, int how, __sanitizer_sigset_t *set,
|
|
|
|
__sanitizer_sigset_t *oldset) {
|
|
|
|
void *ctx;
|
|
|
|
COMMON_INTERCEPTOR_ENTER(ctx, pthread_sigmask, how, set, oldset);
|
|
|
|
int res = 0;
|
|
|
|
if (processSigprocmask(how, set, oldset))
|
|
|
|
res = REAL(sigprocmask)(how, set, oldset);
|
|
|
|
if (!res && oldset)
|
|
|
|
COMMON_INTERCEPTOR_WRITE_RANGE(ctx, oldset, sizeof(*oldset));
|
|
|
|
return res;
|
|
|
|
}
|
|
|
|
#define ESAN_MAYBE_INTERCEPT_PTHREAD_SIGMASK INTERCEPT_FUNCTION(pthread_sigmask)
|
|
|
|
#else
|
|
|
|
#define ESAN_MAYBE_INTERCEPT_PTHREAD_SIGMASK
|
|
|
|
#endif
|
|
|
|
|
2016-06-08 08:00:27 +08:00
|
|
|
//===----------------------------------------------------------------------===//
|
|
|
|
// Malloc interceptors
|
|
|
|
//===----------------------------------------------------------------------===//
|
|
|
|
|
2016-10-08 04:53:35 +08:00
|
|
|
static const uptr early_alloc_buf_size = 4096;
|
2016-10-04 04:03:10 +08:00
|
|
|
static uptr allocated_bytes;
|
|
|
|
static char early_alloc_buf[early_alloc_buf_size];
|
|
|
|
|
|
|
|
static bool isInEarlyAllocBuf(const void *ptr) {
|
|
|
|
return ((uptr)ptr >= (uptr)early_alloc_buf &&
|
|
|
|
((uptr)ptr - (uptr)early_alloc_buf) < sizeof(early_alloc_buf));
|
|
|
|
}
|
2016-06-08 08:00:27 +08:00
|
|
|
|
|
|
|
static void *handleEarlyAlloc(uptr size) {
|
|
|
|
// If esan is initialized during an interceptor (which happens with some
|
|
|
|
// tcmalloc implementations that call pthread_mutex_lock), the call from
|
2016-10-04 04:03:10 +08:00
|
|
|
// dlsym to calloc will deadlock.
|
|
|
|
// dlsym may also call malloc before REAL(malloc) is retrieved from dlsym.
|
|
|
|
// We work around it by using a static buffer for the early malloc/calloc
|
|
|
|
// requests.
|
2016-06-08 08:00:27 +08:00
|
|
|
// This solution will also allow us to deliberately intercept malloc & family
|
|
|
|
// in the future (to perform tool actions on each allocation, without
|
|
|
|
// replacing the allocator), as it also solves the problem of intercepting
|
|
|
|
// calloc when it will itself be called before its REAL pointer is
|
|
|
|
// initialized.
|
|
|
|
// We do not handle multiple threads here. This only happens at process init
|
|
|
|
// time, and while it's possible for a shared library to create early threads
|
|
|
|
// that race here, we consider that to be a corner case extreme enough that
|
|
|
|
// it's not worth the effort to handle.
|
2016-10-04 04:03:10 +08:00
|
|
|
void *mem = (void *)&early_alloc_buf[allocated_bytes];
|
|
|
|
allocated_bytes += size;
|
|
|
|
CHECK_LT(allocated_bytes, early_alloc_buf_size);
|
|
|
|
return mem;
|
2016-06-08 08:00:27 +08:00
|
|
|
}
|
|
|
|
|
|
|
|
INTERCEPTOR(void*, calloc, uptr size, uptr n) {
|
|
|
|
if (EsanDuringInit && REAL(calloc) == nullptr)
|
|
|
|
return handleEarlyAlloc(size * n);
|
|
|
|
void *ctx;
|
|
|
|
COMMON_INTERCEPTOR_ENTER(ctx, calloc, size, n);
|
|
|
|
void *res = REAL(calloc)(size, n);
|
|
|
|
// The memory is zeroed and thus is all written.
|
|
|
|
COMMON_INTERCEPTOR_WRITE_RANGE(nullptr, (uptr)res, size * n);
|
|
|
|
return res;
|
|
|
|
}
|
|
|
|
|
2016-10-04 04:03:10 +08:00
|
|
|
INTERCEPTOR(void*, malloc, uptr size) {
|
|
|
|
if (EsanDuringInit && REAL(malloc) == nullptr)
|
|
|
|
return handleEarlyAlloc(size);
|
|
|
|
void *ctx;
|
|
|
|
COMMON_INTERCEPTOR_ENTER(ctx, malloc, size);
|
|
|
|
return REAL(malloc)(size);
|
|
|
|
}
|
|
|
|
|
2016-06-08 08:00:27 +08:00
|
|
|
INTERCEPTOR(void, free, void *p) {
|
|
|
|
void *ctx;
|
2016-10-04 04:03:10 +08:00
|
|
|
// There are only a few early allocation requests, so we simply skip the free.
|
|
|
|
if (isInEarlyAllocBuf(p))
|
2016-06-08 08:00:27 +08:00
|
|
|
return;
|
2016-10-04 04:03:10 +08:00
|
|
|
COMMON_INTERCEPTOR_ENTER(ctx, free, p);
|
2016-06-08 08:00:27 +08:00
|
|
|
REAL(free)(p);
|
|
|
|
}
|
|
|
|
|
2016-04-24 00:41:24 +08:00
|
|
|
namespace __esan {
|
|
|
|
|
|
|
|
void initializeInterceptors() {
|
|
|
|
InitializeCommonInterceptors();
|
|
|
|
|
|
|
|
INTERCEPT_FUNCTION(strcpy); // NOLINT
|
|
|
|
INTERCEPT_FUNCTION(strncpy);
|
|
|
|
|
|
|
|
INTERCEPT_FUNCTION(open);
|
|
|
|
ESAN_MAYBE_INTERCEPT_OPEN64;
|
|
|
|
INTERCEPT_FUNCTION(creat);
|
|
|
|
ESAN_MAYBE_INTERCEPT_CREAT64;
|
|
|
|
INTERCEPT_FUNCTION(unlink);
|
|
|
|
INTERCEPT_FUNCTION(fread);
|
|
|
|
INTERCEPT_FUNCTION(fwrite);
|
|
|
|
INTERCEPT_FUNCTION(puts);
|
|
|
|
INTERCEPT_FUNCTION(rmdir);
|
|
|
|
|
[esan] EfficiencySanitizer shadow memory
Summary:
Adds shadow memory mapping support common to all tools to the new
Efficiencysanitizer ("esan") family of tools. This includes:
+ Shadow memory layout and mapping support for 64-bit Linux for any
power-of-2 scale-down (1x, 2x, 4x, 8x, 16x, etc.) that ensures that
shadow(shadow(address)) does not overlap shadow or application
memory.
+ Mmap interception to ensure the application does not map on top of
our shadow memory.
+ Init-time sanity checks for shadow regions.
+ A test of the mmap conflict mechanism.
Reviewers: aizatsky, filcab
Subscribers: filcab, kubabrecka, llvm-commits, vitalybuka, eugenis, kcc, zhaoqin
Differential Revision: http://reviews.llvm.org/D19921
llvm-svn: 269198
2016-05-11 23:47:54 +08:00
|
|
|
INTERCEPT_FUNCTION(mmap);
|
|
|
|
ESAN_MAYBE_INTERCEPT_MMAP64;
|
|
|
|
|
2016-05-31 21:21:03 +08:00
|
|
|
ESAN_MAYBE_INTERCEPT_SIGNAL;
|
|
|
|
ESAN_MAYBE_INTERCEPT_SIGACTION;
|
2016-07-07 05:04:48 +08:00
|
|
|
ESAN_MAYBE_INTERCEPT_SIGPROCMASK;
|
|
|
|
ESAN_MAYBE_INTERCEPT_PTHREAD_SIGMASK;
|
2016-05-31 21:21:03 +08:00
|
|
|
|
2016-06-08 08:00:27 +08:00
|
|
|
INTERCEPT_FUNCTION(calloc);
|
2016-10-04 04:03:10 +08:00
|
|
|
INTERCEPT_FUNCTION(malloc);
|
2016-06-08 08:00:27 +08:00
|
|
|
INTERCEPT_FUNCTION(free);
|
2016-04-24 00:41:24 +08:00
|
|
|
|
|
|
|
// TODO(bruening): intercept routines that other sanitizers intercept that
|
|
|
|
// are not in the common pool or here yet, ideally by adding to the common
|
|
|
|
// pool. Examples include wcslen and bcopy.
|
|
|
|
|
|
|
|
// TODO(bruening): there are many more libc routines that read or write data
|
|
|
|
// structures that no sanitizer is intercepting: sigaction, strtol, etc.
|
|
|
|
}
|
|
|
|
|
|
|
|
} // namespace __esan
|