2012-08-29 10:27:54 +08:00
|
|
|
//===-- sanitizer/common_interface_defs.h -----------------------*- C++ -*-===//
|
2012-06-05 21:50:57 +08:00
|
|
|
//
|
|
|
|
// The LLVM Compiler Infrastructure
|
|
|
|
//
|
|
|
|
// This file is distributed under the University of Illinois Open Source
|
|
|
|
// License. See LICENSE.TXT for details.
|
|
|
|
//
|
|
|
|
//===----------------------------------------------------------------------===//
|
|
|
|
//
|
2013-01-30 21:12:08 +08:00
|
|
|
// Common part of the public sanitizer interface.
|
2012-06-05 21:50:57 +08:00
|
|
|
//===----------------------------------------------------------------------===//
|
|
|
|
|
2012-08-29 10:27:54 +08:00
|
|
|
#ifndef SANITIZER_COMMON_INTERFACE_DEFS_H
|
|
|
|
#define SANITIZER_COMMON_INTERFACE_DEFS_H
|
2012-06-05 21:50:57 +08:00
|
|
|
|
2013-01-30 21:12:08 +08:00
|
|
|
#include <stddef.h>
|
|
|
|
#include <stdint.h>
|
2012-06-05 21:50:57 +08:00
|
|
|
|
[asan] make asan work with 7fff8000 offset and prelink
When prelink is installed in the system, prelink-ed
libraries map between 0x003000000000 and 0x004000000000 thus occupying the shadow Gap,
so we need so split the address space even further, like this:
|| [0x10007fff8000, 0x7fffffffffff] || HighMem ||
|| [0x02008fff7000, 0x10007fff7fff] || HighShadow ||
|| [0x004000000000, 0x02008fff6fff] || ShadowGap3 ||
|| [0x003000000000, 0x003fffffffff] || MidMem ||
|| [0x00087fff8000, 0x002fffffffff] || ShadowGap2 ||
|| [0x00067fff8000, 0x00087fff7fff] || MidShadow ||
|| [0x00008fff7000, 0x00067fff7fff] || ShadowGap ||
|| [0x00007fff8000, 0x00008fff6fff] || LowShadow ||
|| [0x000000000000, 0x00007fff7fff] || LowMem ||
Do it only if necessary.
Also added a bit of profiling code to make sure that the
mapping code is efficient.
Added a lit test to simulate prelink-ed libraries.
Unfortunately, this test does not work with binutils-gold linker.
If gold is the default linker the test silently passes.
Also replaced
__has_feature(address_sanitizer)
with
__has_feature(address_sanitizer) || defined(__SANITIZE_ADDRESS__)
in two places.
Patch partially by Jakub Jelinek.
llvm-svn: 175263
2013-02-15 20:00:24 +08:00
|
|
|
// GCC does not understand __has_feature.
|
|
|
|
#if !defined(__has_feature)
|
|
|
|
# define __has_feature(x) 0
|
|
|
|
#endif
|
|
|
|
|
2013-01-30 21:12:08 +08:00
|
|
|
#ifdef __cplusplus
|
2012-09-14 12:35:14 +08:00
|
|
|
extern "C" {
|
2013-01-30 21:12:08 +08:00
|
|
|
#endif
|
2014-05-19 20:53:03 +08:00
|
|
|
// Arguments for __sanitizer_sandbox_on_notify() below.
|
|
|
|
typedef struct {
|
|
|
|
// Enable sandbox support in sanitizer coverage.
|
|
|
|
int coverage_sandboxed;
|
|
|
|
// File descriptor to write coverage data to. If -1 is passed, a file will
|
|
|
|
// be pre-opened by __sanitizer_sandobx_on_notify(). This field has no
|
|
|
|
// effect if coverage_sandboxed == 0.
|
|
|
|
intptr_t coverage_fd;
|
|
|
|
// If non-zero, split the coverage data into well-formed blocks. This is
|
|
|
|
// useful when coverage_fd is a socket descriptor. Each block will contain
|
|
|
|
// a header, allowing data from multiple processes to be sent over the same
|
|
|
|
// socket.
|
|
|
|
unsigned int coverage_max_block_size;
|
|
|
|
} __sanitizer_sandbox_arguments;
|
|
|
|
|
2012-09-14 12:35:14 +08:00
|
|
|
// Tell the tools to write their reports to "path.<pid>" instead of stderr.
|
2013-01-30 21:12:08 +08:00
|
|
|
void __sanitizer_set_report_path(const char *path);
|
2016-05-28 05:23:05 +08:00
|
|
|
// Tell the tools to write their reports to the provided file descriptor
|
|
|
|
// (casted to void *).
|
|
|
|
void __sanitizer_set_report_fd(void *fd);
|
2012-11-02 17:23:36 +08:00
|
|
|
|
2012-12-10 21:10:40 +08:00
|
|
|
// Notify the tools that the sandbox is going to be turned on. The reserved
|
|
|
|
// parameter will be used in the future to hold a structure with functions
|
|
|
|
// that the tools may call to bypass the sandbox.
|
2014-05-19 20:53:03 +08:00
|
|
|
void __sanitizer_sandbox_on_notify(__sanitizer_sandbox_arguments *args);
|
2013-01-30 21:12:08 +08:00
|
|
|
|
2013-02-06 20:36:49 +08:00
|
|
|
// This function is called by the tool when it has just finished reporting
|
|
|
|
// an error. 'error_summary' is a one-line string that summarizes
|
|
|
|
// the error message. This function can be overridden by the client.
|
|
|
|
void __sanitizer_report_error_summary(const char *error_summary);
|
|
|
|
|
2013-04-10 21:59:32 +08:00
|
|
|
// Some of the sanitizers (e.g. asan/tsan) may miss bugs that happen
|
|
|
|
// in unaligned loads/stores. In order to find such bugs reliably one needs
|
|
|
|
// to replace plain unaligned loads/stores with these calls.
|
|
|
|
uint16_t __sanitizer_unaligned_load16(const void *p);
|
|
|
|
uint32_t __sanitizer_unaligned_load32(const void *p);
|
|
|
|
uint64_t __sanitizer_unaligned_load64(const void *p);
|
|
|
|
void __sanitizer_unaligned_store16(void *p, uint16_t x);
|
|
|
|
void __sanitizer_unaligned_store32(void *p, uint32_t x);
|
|
|
|
void __sanitizer_unaligned_store64(void *p, uint64_t x);
|
|
|
|
|
2013-11-18 22:02:05 +08:00
|
|
|
// Annotate the current state of a contiguous container, such as
|
|
|
|
// std::vector, std::string or similar.
|
|
|
|
// A contiguous container is a container that keeps all of its elements
|
|
|
|
// in a contiguous region of memory. The container owns the region of memory
|
|
|
|
// [beg, end); the memory [beg, mid) is used to store the current elements
|
|
|
|
// and the memory [mid, end) is reserved for future elements;
|
2014-01-13 23:06:20 +08:00
|
|
|
// beg <= mid <= end. For example, in "std::vector<> v"
|
2013-11-18 22:02:05 +08:00
|
|
|
// beg = &v[0];
|
|
|
|
// end = beg + v.capacity() * sizeof(v[0]);
|
|
|
|
// mid = beg + v.size() * sizeof(v[0]);
|
|
|
|
//
|
|
|
|
// This annotation tells the Sanitizer tool about the current state of the
|
|
|
|
// container so that the tool can report errors when memory from [mid, end)
|
|
|
|
// is accessed. Insert this annotation into methods like push_back/pop_back.
|
|
|
|
// Supply the old and the new values of mid (old_mid/new_mid).
|
|
|
|
// In the initial state mid == end and so should be the final
|
|
|
|
// state when the container is destroyed or when it reallocates the storage.
|
|
|
|
//
|
|
|
|
// Use with caution and don't use for anything other than vector-like classes.
|
|
|
|
//
|
2013-11-19 22:54:14 +08:00
|
|
|
// For AddressSanitizer, 'beg' should be 8-aligned and 'end' should
|
|
|
|
// be either 8-aligned or it should point to the end of a separate heap-,
|
|
|
|
// stack-, or global- allocated buffer. I.e. the following will not work:
|
|
|
|
// int64_t x[2]; // 16 bytes, 8-aligned.
|
|
|
|
// char *beg = (char *)&x[0];
|
|
|
|
// char *end = beg + 12; // Not 8 aligned, not the end of the buffer.
|
|
|
|
// This however will work fine:
|
|
|
|
// int32_t x[3]; // 12 bytes, but 8-aligned under AddressSanitizer.
|
|
|
|
// char *beg = (char*)&x[0];
|
|
|
|
// char *end = beg + 12; // Not 8-aligned, but is the end of the buffer.
|
2013-11-19 16:40:07 +08:00
|
|
|
void __sanitizer_annotate_contiguous_container(const void *beg,
|
|
|
|
const void *end,
|
|
|
|
const void *old_mid,
|
|
|
|
const void *new_mid);
|
2014-10-14 05:40:52 +08:00
|
|
|
// Returns true if the contiguous container [beg, end) is properly poisoned
|
2014-05-06 22:41:01 +08:00
|
|
|
// (e.g. with __sanitizer_annotate_contiguous_container), i.e. if
|
|
|
|
// - [beg, mid) is addressable,
|
|
|
|
// - [mid, end) is unaddressable.
|
|
|
|
// Full verification requires O(end-beg) time; this function tries to avoid
|
|
|
|
// such complexity by touching only parts of the container around beg/mid/end.
|
|
|
|
int __sanitizer_verify_contiguous_container(const void *beg, const void *mid,
|
|
|
|
const void *end);
|
2013-11-18 22:02:05 +08:00
|
|
|
|
2015-11-05 03:56:03 +08:00
|
|
|
// Similar to __sanitizer_verify_contiguous_container but returns the address
|
|
|
|
// of the first improperly poisoned byte otherwise. Returns null if the area
|
|
|
|
// is poisoned properly.
|
|
|
|
const void *__sanitizer_contiguous_container_find_bad_address(
|
|
|
|
const void *beg, const void *mid, const void *end);
|
|
|
|
|
2013-12-04 02:24:28 +08:00
|
|
|
// Print the stack trace leading to this call. Useful for debugging user code.
|
2017-12-22 04:51:16 +08:00
|
|
|
void __sanitizer_print_stack_trace(void);
|
2013-12-04 02:24:28 +08:00
|
|
|
|
2016-08-26 05:35:29 +08:00
|
|
|
// Symbolizes the supplied 'pc' using the format string 'fmt'.
|
|
|
|
// Outputs at most 'out_buf_size' bytes into 'out_buf'.
|
|
|
|
// The format syntax is described in
|
|
|
|
// lib/sanitizer_common/sanitizer_stacktrace_printer.h.
|
|
|
|
void __sanitizer_symbolize_pc(void *pc, const char *fmt, char *out_buf,
|
|
|
|
size_t out_buf_size);
|
2016-09-19 13:10:32 +08:00
|
|
|
// Same as __sanitizer_symbolize_pc, but for data section (i.e. globals).
|
2016-09-19 22:18:16 +08:00
|
|
|
void __sanitizer_symbolize_global(void *data_ptr, const char *fmt,
|
|
|
|
char *out_buf, size_t out_buf_size);
|
2016-08-26 05:35:29 +08:00
|
|
|
|
2014-12-16 07:02:57 +08:00
|
|
|
// Sets the callback to be called right before death on error.
|
|
|
|
// Passing 0 will unset the callback.
|
|
|
|
void __sanitizer_set_death_callback(void (*callback)(void));
|
2015-07-30 09:19:17 +08:00
|
|
|
|
|
|
|
// Interceptor hooks.
|
|
|
|
// Whenever a libc function interceptor is called it checks if the
|
|
|
|
// corresponding weak hook is defined, and it so -- calls it.
|
|
|
|
// The primary use case is data-flow-guided fuzzing, where the fuzzer needs
|
|
|
|
// to know what is being passed to libc functions, e.g. memcmp.
|
|
|
|
// FIXME: implement more hooks.
|
|
|
|
void __sanitizer_weak_hook_memcmp(void *called_pc, const void *s1,
|
2016-01-12 08:43:42 +08:00
|
|
|
const void *s2, size_t n, int result);
|
2015-07-30 10:32:51 +08:00
|
|
|
void __sanitizer_weak_hook_strncmp(void *called_pc, const char *s1,
|
2016-01-12 08:43:42 +08:00
|
|
|
const char *s2, size_t n, int result);
|
2016-07-16 05:28:58 +08:00
|
|
|
void __sanitizer_weak_hook_strncasecmp(void *called_pc, const char *s1,
|
|
|
|
const char *s2, size_t n, int result);
|
2016-01-12 08:43:42 +08:00
|
|
|
void __sanitizer_weak_hook_strcmp(void *called_pc, const char *s1,
|
|
|
|
const char *s2, int result);
|
2016-07-16 05:28:58 +08:00
|
|
|
void __sanitizer_weak_hook_strcasecmp(void *called_pc, const char *s1,
|
|
|
|
const char *s2, int result);
|
|
|
|
void __sanitizer_weak_hook_strstr(void *called_pc, const char *s1,
|
|
|
|
const char *s2, char *result);
|
|
|
|
void __sanitizer_weak_hook_strcasestr(void *called_pc, const char *s1,
|
|
|
|
const char *s2, char *result);
|
|
|
|
void __sanitizer_weak_hook_memmem(void *called_pc,
|
|
|
|
const void *s1, size_t len1,
|
|
|
|
const void *s2, size_t len2, void *result);
|
2016-06-02 09:21:52 +08:00
|
|
|
|
|
|
|
// Prints stack traces for all live heap allocations ordered by total
|
|
|
|
// allocation size until `top_percent` of total live heap is shown.
|
|
|
|
// `top_percent` should be between 1 and 100.
|
2017-03-16 07:27:14 +08:00
|
|
|
// At most `max_number_of_contexts` contexts (stack traces) is printed.
|
2016-06-02 12:01:58 +08:00
|
|
|
// Experimental feature currently available only with asan on Linux/x86_64.
|
2017-03-16 07:27:14 +08:00
|
|
|
void __sanitizer_print_memory_profile(size_t top_percent,
|
|
|
|
size_t max_number_of_contexts);
|
2016-06-21 20:29:18 +08:00
|
|
|
|
|
|
|
// Fiber annotation interface.
|
|
|
|
// Before switching to a different stack, one must call
|
|
|
|
// __sanitizer_start_switch_fiber with a pointer to the bottom of the
|
|
|
|
// destination stack and its size. When code starts running on the new stack,
|
|
|
|
// it must call __sanitizer_finish_switch_fiber to finalize the switch.
|
|
|
|
// The start_switch function takes a void** to store the current fake stack if
|
|
|
|
// there is one (it is needed when detect_stack_use_after_return is enabled).
|
|
|
|
// When restoring a stack, this pointer must be given to the finish_switch
|
|
|
|
// function. In most cases, this void* can be stored on the stack just before
|
|
|
|
// switching. When leaving a fiber definitely, null must be passed as first
|
|
|
|
// argument to the start_switch function so that the fake stack is destroyed.
|
|
|
|
// If you do not want support for stack use-after-return detection, you can
|
|
|
|
// always pass null to these two functions.
|
|
|
|
// Note that the fake stack mechanism is disabled during fiber switch, so if a
|
|
|
|
// signal callback runs during the switch, it will not benefit from the stack
|
|
|
|
// use-after-return detection.
|
|
|
|
void __sanitizer_start_switch_fiber(void **fake_stack_save,
|
|
|
|
const void *bottom, size_t size);
|
2016-09-28 20:28:16 +08:00
|
|
|
void __sanitizer_finish_switch_fiber(void *fake_stack_save,
|
|
|
|
const void **bottom_old,
|
|
|
|
size_t *size_old);
|
2016-12-06 05:45:14 +08:00
|
|
|
|
|
|
|
// Get full module name and calculate pc offset within it.
|
|
|
|
// Returns 1 if pc belongs to some module, 0 if module was not found.
|
|
|
|
int __sanitizer_get_module_and_offset_for_pc(void *pc, char *module_path,
|
|
|
|
size_t module_path_len,
|
|
|
|
void **pc_offset);
|
|
|
|
|
2013-01-30 21:12:08 +08:00
|
|
|
#ifdef __cplusplus
|
2012-09-14 12:35:14 +08:00
|
|
|
} // extern "C"
|
2013-01-30 21:12:08 +08:00
|
|
|
#endif
|
2012-09-14 12:35:14 +08:00
|
|
|
|
2012-08-29 10:27:54 +08:00
|
|
|
#endif // SANITIZER_COMMON_INTERFACE_DEFS_H
|