2019-08-01 22:08:18 +08:00
|
|
|
//===-- msan_linux.cpp ----------------------------------------------------===//
|
2012-12-11 20:27:27 +08:00
|
|
|
//
|
2019-01-19 16:50:56 +08:00
|
|
|
// Part of the LLVM Project, under the Apache License v2.0 with LLVM Exceptions.
|
|
|
|
// See https://llvm.org/LICENSE.txt for license information.
|
|
|
|
// SPDX-License-Identifier: Apache-2.0 WITH LLVM-exception
|
2012-12-11 20:27:27 +08:00
|
|
|
//
|
|
|
|
//===----------------------------------------------------------------------===//
|
|
|
|
//
|
|
|
|
// This file is a part of MemorySanitizer.
|
|
|
|
//
|
2017-10-26 01:09:05 +08:00
|
|
|
// Linux-, NetBSD- and FreeBSD-specific code.
|
2012-12-11 20:27:27 +08:00
|
|
|
//===----------------------------------------------------------------------===//
|
|
|
|
|
2013-03-19 22:33:38 +08:00
|
|
|
#include "sanitizer_common/sanitizer_platform.h"
|
2017-10-26 01:09:05 +08:00
|
|
|
#if SANITIZER_FREEBSD || SANITIZER_LINUX || SANITIZER_NETBSD
|
2012-12-11 20:27:27 +08:00
|
|
|
|
|
|
|
#include "msan.h"
|
2018-06-09 07:31:42 +08:00
|
|
|
#include "msan_report.h"
|
2014-04-04 17:47:41 +08:00
|
|
|
#include "msan_thread.h"
|
2012-12-11 20:27:27 +08:00
|
|
|
|
2013-03-12 02:07:42 +08:00
|
|
|
#include <elf.h>
|
|
|
|
#include <link.h>
|
2014-04-04 17:47:41 +08:00
|
|
|
#include <pthread.h>
|
2012-12-11 20:27:27 +08:00
|
|
|
#include <stdio.h>
|
|
|
|
#include <stdlib.h>
|
|
|
|
#include <signal.h>
|
|
|
|
#include <unistd.h>
|
|
|
|
#include <unwind.h>
|
|
|
|
#include <sys/time.h>
|
|
|
|
#include <sys/resource.h>
|
|
|
|
|
|
|
|
#include "sanitizer_common/sanitizer_common.h"
|
|
|
|
#include "sanitizer_common/sanitizer_procmaps.h"
|
|
|
|
|
|
|
|
namespace __msan {
|
|
|
|
|
2014-11-28 19:42:55 +08:00
|
|
|
void ReportMapRange(const char *descr, uptr beg, uptr size) {
|
|
|
|
if (size > 0) {
|
|
|
|
uptr end = beg + size - 1;
|
2021-08-13 01:55:59 +08:00
|
|
|
VPrintf(1, "%s : 0x%zx - 0x%zx\n", descr, beg, end);
|
2014-11-28 19:42:55 +08:00
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
static bool CheckMemoryRangeAvailability(uptr beg, uptr size) {
|
|
|
|
if (size > 0) {
|
|
|
|
uptr end = beg + size - 1;
|
|
|
|
if (!MemoryRangeIsAvailable(beg, end)) {
|
2021-08-13 01:55:59 +08:00
|
|
|
Printf("FATAL: Memory range 0x%zx - 0x%zx is not available.\n", beg, end);
|
2014-11-28 19:42:55 +08:00
|
|
|
return false;
|
|
|
|
}
|
2013-11-11 17:27:20 +08:00
|
|
|
}
|
2014-11-28 19:42:55 +08:00
|
|
|
return true;
|
|
|
|
}
|
2013-11-11 17:27:20 +08:00
|
|
|
|
2015-05-30 06:31:28 +08:00
|
|
|
static bool ProtectMemoryRange(uptr beg, uptr size, const char *name) {
|
2014-11-28 19:42:55 +08:00
|
|
|
if (size > 0) {
|
2016-04-23 07:46:53 +08:00
|
|
|
void *addr = MmapFixedNoAccess(beg, size, name);
|
2015-10-01 08:22:21 +08:00
|
|
|
if (beg == 0 && addr) {
|
2015-05-24 10:47:59 +08:00
|
|
|
// Depending on the kernel configuration, we may not be able to protect
|
|
|
|
// the page at address zero.
|
|
|
|
uptr gap = 16 * GetPageSizeCached();
|
|
|
|
beg += gap;
|
|
|
|
size -= gap;
|
2016-04-23 07:46:53 +08:00
|
|
|
addr = MmapFixedNoAccess(beg, size, name);
|
2015-05-24 10:47:59 +08:00
|
|
|
}
|
|
|
|
if ((uptr)addr != beg) {
|
|
|
|
uptr end = beg + size - 1;
|
2021-08-13 01:55:59 +08:00
|
|
|
Printf("FATAL: Cannot protect memory range 0x%zx - 0x%zx (%s).\n", beg,
|
|
|
|
end, name);
|
2014-11-28 19:42:55 +08:00
|
|
|
return false;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
return true;
|
|
|
|
}
|
|
|
|
|
2015-01-27 21:20:34 +08:00
|
|
|
static void CheckMemoryLayoutSanity() {
|
|
|
|
uptr prev_end = 0;
|
|
|
|
for (unsigned i = 0; i < kMemoryLayoutSize; ++i) {
|
|
|
|
uptr start = kMemoryLayout[i].start;
|
|
|
|
uptr end = kMemoryLayout[i].end;
|
|
|
|
MappingDesc::Type type = kMemoryLayout[i].type;
|
|
|
|
CHECK_LT(start, end);
|
|
|
|
CHECK_EQ(prev_end, start);
|
|
|
|
CHECK(addr_is_type(start, type));
|
|
|
|
CHECK(addr_is_type((start + end) / 2, type));
|
|
|
|
CHECK(addr_is_type(end - 1, type));
|
|
|
|
if (type == MappingDesc::APP) {
|
|
|
|
uptr addr = start;
|
|
|
|
CHECK(MEM_IS_SHADOW(MEM_TO_SHADOW(addr)));
|
|
|
|
CHECK(MEM_IS_ORIGIN(MEM_TO_ORIGIN(addr)));
|
|
|
|
CHECK_EQ(MEM_TO_ORIGIN(addr), SHADOW_TO_ORIGIN(MEM_TO_SHADOW(addr)));
|
|
|
|
|
|
|
|
addr = (start + end) / 2;
|
|
|
|
CHECK(MEM_IS_SHADOW(MEM_TO_SHADOW(addr)));
|
|
|
|
CHECK(MEM_IS_ORIGIN(MEM_TO_ORIGIN(addr)));
|
|
|
|
CHECK_EQ(MEM_TO_ORIGIN(addr), SHADOW_TO_ORIGIN(MEM_TO_SHADOW(addr)));
|
|
|
|
|
|
|
|
addr = end - 1;
|
|
|
|
CHECK(MEM_IS_SHADOW(MEM_TO_SHADOW(addr)));
|
|
|
|
CHECK(MEM_IS_ORIGIN(MEM_TO_ORIGIN(addr)));
|
|
|
|
CHECK_EQ(MEM_TO_ORIGIN(addr), SHADOW_TO_ORIGIN(MEM_TO_SHADOW(addr)));
|
|
|
|
}
|
|
|
|
prev_end = end;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
2015-05-24 10:47:59 +08:00
|
|
|
bool InitShadow(bool init_origins) {
|
2014-11-28 19:42:55 +08:00
|
|
|
// Let user know mapping parameters first.
|
2021-08-15 09:42:05 +08:00
|
|
|
VPrintf(1, "__msan_init %p\n", reinterpret_cast<void *>(&__msan_init));
|
2015-01-27 21:20:34 +08:00
|
|
|
for (unsigned i = 0; i < kMemoryLayoutSize; ++i)
|
|
|
|
VPrintf(1, "%s: %zx - %zx\n", kMemoryLayout[i].name, kMemoryLayout[i].start,
|
|
|
|
kMemoryLayout[i].end - 1);
|
|
|
|
|
|
|
|
CheckMemoryLayoutSanity();
|
2014-11-28 19:42:55 +08:00
|
|
|
|
|
|
|
if (!MEM_IS_APP(&__msan_init)) {
|
|
|
|
Printf("FATAL: Code %p is out of application range. Non-PIE build?\n",
|
2021-08-15 09:42:05 +08:00
|
|
|
reinterpret_cast<void *>(&__msan_init));
|
2012-12-26 14:37:23 +08:00
|
|
|
return false;
|
|
|
|
}
|
|
|
|
|
2017-11-08 07:51:22 +08:00
|
|
|
const uptr maxVirtualAddress = GetMaxUserVirtualAddress();
|
2015-10-29 21:04:19 +08:00
|
|
|
|
2015-01-27 21:20:34 +08:00
|
|
|
for (unsigned i = 0; i < kMemoryLayoutSize; ++i) {
|
|
|
|
uptr start = kMemoryLayout[i].start;
|
|
|
|
uptr end = kMemoryLayout[i].end;
|
2019-09-12 05:33:06 +08:00
|
|
|
uptr size = end - start;
|
2015-01-27 21:20:34 +08:00
|
|
|
MappingDesc::Type type = kMemoryLayout[i].type;
|
2015-05-24 10:47:59 +08:00
|
|
|
|
2015-10-29 21:04:19 +08:00
|
|
|
// Check if the segment should be mapped based on platform constraints.
|
|
|
|
if (start >= maxVirtualAddress)
|
|
|
|
continue;
|
|
|
|
|
2015-05-24 10:47:59 +08:00
|
|
|
bool map = type == MappingDesc::SHADOW ||
|
|
|
|
(init_origins && type == MappingDesc::ORIGIN);
|
|
|
|
bool protect = type == MappingDesc::INVALID ||
|
|
|
|
(!init_origins && type == MappingDesc::ORIGIN);
|
|
|
|
CHECK(!(map && protect));
|
|
|
|
if (!map && !protect)
|
|
|
|
CHECK(type == MappingDesc::APP);
|
|
|
|
if (map) {
|
|
|
|
if (!CheckMemoryRangeAvailability(start, size))
|
|
|
|
return false;
|
2020-08-01 08:18:06 +08:00
|
|
|
if (!MmapFixedSuperNoReserve(start, size, kMemoryLayout[i].name))
|
2015-05-24 10:47:59 +08:00
|
|
|
return false;
|
2015-02-03 18:15:15 +08:00
|
|
|
if (common_flags()->use_madv_dontdump)
|
|
|
|
DontDumpShadowMemory(start, size);
|
2015-05-24 10:47:59 +08:00
|
|
|
}
|
|
|
|
if (protect) {
|
|
|
|
if (!CheckMemoryRangeAvailability(start, size))
|
|
|
|
return false;
|
2015-05-30 06:31:28 +08:00
|
|
|
if (!ProtectMemoryRange(start, size, kMemoryLayout[i].name))
|
2015-05-24 10:47:59 +08:00
|
|
|
return false;
|
2015-01-27 21:20:34 +08:00
|
|
|
}
|
2014-11-28 19:42:55 +08:00
|
|
|
}
|
|
|
|
|
2012-12-11 20:27:27 +08:00
|
|
|
return true;
|
|
|
|
}
|
|
|
|
|
2013-01-10 19:17:55 +08:00
|
|
|
static void MsanAtExit(void) {
|
2014-06-24 17:04:06 +08:00
|
|
|
if (flags()->print_stats && (flags()->atexit || msan_report_count > 0))
|
|
|
|
ReportStats();
|
2013-01-10 19:17:55 +08:00
|
|
|
if (msan_report_count > 0) {
|
|
|
|
ReportAtExitStatistics();
|
2015-08-22 04:49:37 +08:00
|
|
|
if (common_flags()->exitcode)
|
|
|
|
internal__exit(common_flags()->exitcode);
|
2013-01-10 19:17:55 +08:00
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
void InstallAtExitHandler() {
|
|
|
|
atexit(MsanAtExit);
|
|
|
|
}
|
2013-03-12 02:07:42 +08:00
|
|
|
|
2014-04-04 17:47:41 +08:00
|
|
|
// ---------------------- TSD ---------------- {{{1
|
|
|
|
|
[Sanitizer][ASAN][MSAN] Fix infinite recursion on FreeBSD
Summary:
MSAN was broken on FreeBSD by https://reviews.llvm.org/D55703: after this
change accesses to the key variable call __tls_get_addr, which is
intercepted. The interceptor then calls GetCurrentThread which calls
MsanTSDGet which again calls __tls_get_addr, etc...
Using the default implementation in the SANITIZER_FREEBSD case fixes MSAN
for me.
I then applied the same change to ASAN (introduced in https://reviews.llvm.org/D55596)
but that did not work yet. In the ASAN case, we get infinite recursion
again during initialization, this time because calling pthread_key_create() early on
results in infinite recursion. pthread_key_create() calls sysctlbyname()
which is intercepted but COMMON_INTERCEPTOR_NOTHING_IS_INITIALIZED returns
true, so the interceptor calls internal_sysctlbyname() which then ends up
calling the interceptor again. I fixed this issue by using dlsym() to get
the libc version of sysctlbyname() instead.
This fixes https://llvm.org/PR40761
Reviewers: vitalybuka, krytarowski, devnexen, dim, bsdjhb, #sanitizers, MaskRay
Reviewed By: MaskRay
Subscribers: MaskRay, emaste, kubamracek, jfb, #sanitizers, llvm-commits
Tags: #sanitizers, #llvm
Differential Revision: https://reviews.llvm.org/D65221
llvm-svn: 367442
2019-08-01 00:31:55 +08:00
|
|
|
#if SANITIZER_NETBSD
|
|
|
|
// Thread Static Data cannot be used in early init on NetBSD.
|
2018-12-28 05:43:46 +08:00
|
|
|
// Reuse the MSan TSD API for compatibility with existing code
|
|
|
|
// with an alternative implementation.
|
|
|
|
|
|
|
|
static void (*tsd_destructor)(void *tsd) = nullptr;
|
|
|
|
|
|
|
|
struct tsd_key {
|
|
|
|
tsd_key() : key(nullptr) {}
|
|
|
|
~tsd_key() {
|
|
|
|
CHECK(tsd_destructor);
|
|
|
|
if (key)
|
|
|
|
(*tsd_destructor)(key);
|
|
|
|
}
|
|
|
|
MsanThread *key;
|
|
|
|
};
|
|
|
|
|
|
|
|
static thread_local struct tsd_key key;
|
|
|
|
|
|
|
|
void MsanTSDInit(void (*destructor)(void *tsd)) {
|
|
|
|
CHECK(!tsd_destructor);
|
|
|
|
tsd_destructor = destructor;
|
|
|
|
}
|
|
|
|
|
|
|
|
MsanThread *GetCurrentThread() {
|
|
|
|
CHECK(tsd_destructor);
|
|
|
|
return key.key;
|
|
|
|
}
|
|
|
|
|
|
|
|
void SetCurrentThread(MsanThread *tsd) {
|
|
|
|
CHECK(tsd_destructor);
|
|
|
|
CHECK(tsd);
|
|
|
|
CHECK(!key.key);
|
|
|
|
key.key = tsd;
|
|
|
|
}
|
|
|
|
|
|
|
|
void MsanTSDDtor(void *tsd) {
|
|
|
|
CHECK(tsd_destructor);
|
|
|
|
CHECK_EQ(key.key, tsd);
|
|
|
|
key.key = nullptr;
|
|
|
|
// Make sure that signal handler can not see a stale current thread pointer.
|
|
|
|
atomic_signal_fence(memory_order_seq_cst);
|
|
|
|
MsanThread::TSDDtor(tsd);
|
|
|
|
}
|
|
|
|
#else
|
2014-04-04 17:47:41 +08:00
|
|
|
static pthread_key_t tsd_key;
|
|
|
|
static bool tsd_key_inited = false;
|
2014-12-17 18:30:06 +08:00
|
|
|
|
2014-04-04 17:47:41 +08:00
|
|
|
void MsanTSDInit(void (*destructor)(void *tsd)) {
|
|
|
|
CHECK(!tsd_key_inited);
|
|
|
|
tsd_key_inited = true;
|
|
|
|
CHECK_EQ(0, pthread_key_create(&tsd_key, destructor));
|
|
|
|
}
|
|
|
|
|
2014-12-17 18:30:06 +08:00
|
|
|
static THREADLOCAL MsanThread* msan_current_thread;
|
|
|
|
|
|
|
|
MsanThread *GetCurrentThread() {
|
|
|
|
return msan_current_thread;
|
2014-04-04 17:47:41 +08:00
|
|
|
}
|
|
|
|
|
2014-12-17 18:30:06 +08:00
|
|
|
void SetCurrentThread(MsanThread *t) {
|
|
|
|
// Make sure we do not reset the current MsanThread.
|
|
|
|
CHECK_EQ(0, msan_current_thread);
|
|
|
|
msan_current_thread = t;
|
|
|
|
// Make sure that MsanTSDDtor gets called at the end.
|
2014-04-04 17:47:41 +08:00
|
|
|
CHECK(tsd_key_inited);
|
2014-12-17 18:30:06 +08:00
|
|
|
pthread_setspecific(tsd_key, (void *)t);
|
2014-04-04 17:47:41 +08:00
|
|
|
}
|
|
|
|
|
|
|
|
void MsanTSDDtor(void *tsd) {
|
|
|
|
MsanThread *t = (MsanThread*)tsd;
|
|
|
|
if (t->destructor_iterations_ > 1) {
|
|
|
|
t->destructor_iterations_--;
|
|
|
|
CHECK_EQ(0, pthread_setspecific(tsd_key, tsd));
|
|
|
|
return;
|
|
|
|
}
|
2014-12-17 18:30:06 +08:00
|
|
|
msan_current_thread = nullptr;
|
|
|
|
// Make sure that signal handler can not see a stale current thread pointer.
|
|
|
|
atomic_signal_fence(memory_order_seq_cst);
|
2014-04-04 17:47:41 +08:00
|
|
|
MsanThread::TSDDtor(tsd);
|
|
|
|
}
|
2018-12-28 05:43:46 +08:00
|
|
|
#endif
|
2014-04-04 17:47:41 +08:00
|
|
|
|
2015-10-01 08:22:21 +08:00
|
|
|
} // namespace __msan
|
2012-12-11 20:27:27 +08:00
|
|
|
|
2017-10-26 01:09:05 +08:00
|
|
|
#endif // SANITIZER_FREEBSD || SANITIZER_LINUX || SANITIZER_NETBSD
|