search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
[clang][extract-api] Emit "navigator" property of "name" in SymbolGraph
[llvm-project.git] / compiler-rt / lib / hwasan / hwasan.cpp
blobf8725a17343265c264ba6316fdbdd5478db3ea1c
1 //===-- hwasan.cpp --------------------------------------------------------===//
2 //
3 // Part of the LLVM Project, under the Apache License v2.0 with LLVM Exceptions.
4 // See https://llvm.org/LICENSE.txt for license information.
5 // SPDX-License-Identifier: Apache-2.0 WITH LLVM-exception
6 //
7 //===----------------------------------------------------------------------===//
8 //
9 // This file is a part of HWAddressSanitizer.
10 //
11 // HWAddressSanitizer runtime.
12 //===----------------------------------------------------------------------===//
13
14 #include "hwasan.h"
15
16 #include "hwasan_checks.h"
17 #include "hwasan_dynamic_shadow.h"
18 #include "hwasan_globals.h"
19 #include "hwasan_mapping.h"
20 #include "hwasan_poisoning.h"
21 #include "hwasan_report.h"
22 #include "hwasan_thread.h"
23 #include "hwasan_thread_list.h"
24 #include "sanitizer_common/sanitizer_atomic.h"
25 #include "sanitizer_common/sanitizer_common.h"
26 #include "sanitizer_common/sanitizer_flag_parser.h"
27 #include "sanitizer_common/sanitizer_flags.h"
28 #include "sanitizer_common/sanitizer_interface_internal.h"
29 #include "sanitizer_common/sanitizer_libc.h"
30 #include "sanitizer_common/sanitizer_procmaps.h"
31 #include "sanitizer_common/sanitizer_stackdepot.h"
32 #include "sanitizer_common/sanitizer_stacktrace.h"
33 #include "sanitizer_common/sanitizer_symbolizer.h"
34 #include "ubsan/ubsan_flags.h"
35 #include "ubsan/ubsan_init.h"
36
37 // ACHTUNG! No system header includes in this file.
38
39 using namespace __sanitizer;
40
41 namespace __hwasan {
42
43 static Flags hwasan_flags;
44
45 Flags *flags() {
46 return &hwasan_flags;
47 }
48
49 int hwasan_inited = 0;
50 int hwasan_instrumentation_inited = 0;
51 bool hwasan_init_is_running;
52
53 int hwasan_report_count = 0;
54
55 uptr kLowShadowStart;
56 uptr kLowShadowEnd;
57 uptr kHighShadowStart;
58 uptr kHighShadowEnd;
59
60 void Flags::SetDefaults() {
61 #define HWASAN_FLAG(Type, Name, DefaultValue, Description) Name = DefaultValue;
62 #include "hwasan_flags.inc"
63 #undef HWASAN_FLAG
64 }
65
66 static void RegisterHwasanFlags(FlagParser *parser, Flags *f) {
67 #define HWASAN_FLAG(Type, Name, DefaultValue, Description) \
68 RegisterFlag(parser, #Name, Description, &f->Name);
69 #include "hwasan_flags.inc"
70 #undef HWASAN_FLAG
71 }
72
73 static void InitializeFlags() {
74 SetCommonFlagsDefaults();
75 {
76 CommonFlags cf;
77 cf.CopyFrom(*common_flags());
78 cf.external_symbolizer_path = GetEnv("HWASAN_SYMBOLIZER_PATH");
79 cf.malloc_context_size = 20;
80 cf.handle_ioctl = true;
81 // FIXME: test and enable.
82 cf.check_printf = false;
83 cf.intercept_tls_get_addr = true;
84 cf.exitcode = 99;
85 // 8 shadow pages ~512kB, small enough to cover common stack sizes.
86 cf.clear_shadow_mmap_threshold = 4096 * (SANITIZER_ANDROID ? 2 : 8);
87 // Sigtrap is used in error reporting.
88 cf.handle_sigtrap = kHandleSignalExclusive;
89
90 #if SANITIZER_ANDROID
91 // Let platform handle other signals. It is better at reporting them then we
92 // are.
93 cf.handle_segv = kHandleSignalNo;
94 cf.handle_sigbus = kHandleSignalNo;
95 cf.handle_abort = kHandleSignalNo;
96 cf.handle_sigill = kHandleSignalNo;
97 cf.handle_sigfpe = kHandleSignalNo;
98 #endif
99 OverrideCommonFlags(cf);
100 }
101
102 Flags *f = flags();
103 f->SetDefaults();
104
105 FlagParser parser;
106 RegisterHwasanFlags(&parser, f);
107 RegisterCommonFlags(&parser);
108
109 #if HWASAN_CONTAINS_UBSAN
110 __ubsan::Flags *uf = __ubsan::flags();
111 uf->SetDefaults();
112
113 FlagParser ubsan_parser;
114 __ubsan::RegisterUbsanFlags(&ubsan_parser, uf);
115 RegisterCommonFlags(&ubsan_parser);
116 #endif
117
118 // Override from user-specified string.
119 if (__hwasan_default_options)
120 parser.ParseString(__hwasan_default_options());
121 #if HWASAN_CONTAINS_UBSAN
122 const char *ubsan_default_options = __ubsan_default_options();
123 ubsan_parser.ParseString(ubsan_default_options);
124 #endif
125
126 parser.ParseStringFromEnv("HWASAN_OPTIONS");
127 #if HWASAN_CONTAINS_UBSAN
128 ubsan_parser.ParseStringFromEnv("UBSAN_OPTIONS");
129 #endif
130
131 InitializeCommonFlags();
132
133 if (Verbosity()) ReportUnrecognizedFlags();
134
135 if (common_flags()->help) parser.PrintFlagDescriptions();
136 }
137
138 static void CheckUnwind() {
139 GET_FATAL_STACK_TRACE_PC_BP(StackTrace::GetCurrentPc(), GET_CURRENT_FRAME());
140 stack.Print();
141 }
142
143 static void HwasanFormatMemoryUsage(InternalScopedString &s) {
144 HwasanThreadList &thread_list = hwasanThreadList();
145 auto thread_stats = thread_list.GetThreadStats();
146 auto sds = StackDepotGetStats();
147 AllocatorStatCounters asc;
148 GetAllocatorStats(asc);
149 s.append(
150 "HWASAN pid: %d rss: %zd threads: %zd stacks: %zd"
151 " thr_aux: %zd stack_depot: %zd uniq_stacks: %zd"
152 " heap: %zd",
153 internal_getpid(), GetRSS(), thread_stats.n_live_threads,
154 thread_stats.total_stack_size,
155 thread_stats.n_live_threads * thread_list.MemoryUsedPerThread(),
156 sds.allocated, sds.n_uniq_ids, asc[AllocatorStatMapped]);
157 }
158
159 #if SANITIZER_ANDROID
160 static constexpr uptr kMemoryUsageBufferSize = 4096;
161
162 static char *memory_usage_buffer = nullptr;
163
164 static void InitMemoryUsage() {
165 memory_usage_buffer =
166 (char *)MmapOrDie(kMemoryUsageBufferSize, "memory usage string");
167 CHECK(memory_usage_buffer);
168 memory_usage_buffer[0] = '\0';
169 DecorateMapping((uptr)memory_usage_buffer, kMemoryUsageBufferSize,
170 memory_usage_buffer);
171 }
172
173 void UpdateMemoryUsage() {
174 if (!flags()->export_memory_stats)
175 return;
176 if (!memory_usage_buffer)
177 InitMemoryUsage();
178 InternalScopedString s;
179 HwasanFormatMemoryUsage(s);
180 internal_strncpy(memory_usage_buffer, s.data(), kMemoryUsageBufferSize - 1);
181 memory_usage_buffer[kMemoryUsageBufferSize - 1] = '\0';
182 }
183 #else
184 void UpdateMemoryUsage() {}
185 #endif
186
187 void HwasanAtExit() {
188 if (common_flags()->print_module_map)
189 DumpProcessMap();
190 if (flags()->print_stats && (flags()->atexit || hwasan_report_count > 0))
191 ReportStats();
192 if (hwasan_report_count > 0) {
193 // ReportAtExitStatistics();
194 if (common_flags()->exitcode)
195 internal__exit(common_flags()->exitcode);
196 }
197 }
198
199 void HandleTagMismatch(AccessInfo ai, uptr pc, uptr frame, void *uc,
200 uptr *registers_frame) {
201 InternalMmapVector<BufferedStackTrace> stack_buffer(1);
202 BufferedStackTrace *stack = stack_buffer.data();
203 stack->Reset();
204 stack->Unwind(pc, frame, uc, common_flags()->fast_unwind_on_fatal);
205
206 // The second stack frame contains the failure __hwasan_check function, as
207 // we have a stack frame for the registers saved in __hwasan_tag_mismatch that
208 // we wish to ignore. This (currently) only occurs on AArch64, as x64
209 // implementations use SIGTRAP to implement the failure, and thus do not go
210 // through the stack saver.
211 if (registers_frame && stack->trace && stack->size > 0) {
212 stack->trace++;
213 stack->size--;
214 }
215
216 bool fatal = flags()->halt_on_error || !ai.recover;
217 ReportTagMismatch(stack, ai.addr, ai.size, ai.is_store, fatal,
218 registers_frame);
219 }
220
221 void HwasanTagMismatch(uptr addr, uptr access_info, uptr *registers_frame,
222 size_t outsize) {
223 __hwasan::AccessInfo ai;
224 ai.is_store = access_info & 0x10;
225 ai.is_load = !ai.is_store;
226 ai.recover = access_info & 0x20;
227 ai.addr = addr;
228 if ((access_info & 0xf) == 0xf)
229 ai.size = outsize;
230 else
231 ai.size = 1 << (access_info & 0xf);
232
233 HandleTagMismatch(ai, (uptr)__builtin_return_address(0),
234 (uptr)__builtin_frame_address(0), nullptr, registers_frame);
235 __builtin_unreachable();
236 }
237
238 Thread *GetCurrentThread() {
239 uptr *ThreadLongPtr = GetCurrentThreadLongPtr();
240 if (UNLIKELY(*ThreadLongPtr == 0))
241 return nullptr;
242 auto *R = (StackAllocationsRingBuffer *)ThreadLongPtr;
243 return hwasanThreadList().GetThreadByBufferAddress((uptr)R->Next());
244 }
245
246 } // namespace __hwasan
247
248 using namespace __hwasan;
249
250 void __sanitizer::BufferedStackTrace::UnwindImpl(
251 uptr pc, uptr bp, void *context, bool request_fast, u32 max_depth) {
252 Thread *t = GetCurrentThread();
253 if (!t) {
254 // The thread is still being created, or has already been destroyed.
255 size = 0;
256 return;
257 }
258 Unwind(max_depth, pc, bp, context, t->stack_top(), t->stack_bottom(),
259 request_fast);
260 }
261
262 static bool InitializeSingleGlobal(const hwasan_global &global) {
263 uptr full_granule_size = RoundDownTo(global.size(), 16);
264 TagMemoryAligned(global.addr(), full_granule_size, global.tag());
265 if (global.size() % 16)
266 TagMemoryAligned(global.addr() + full_granule_size, 16, global.size() % 16);
267 return false;
268 }
269
270 static void InitLoadedGlobals() {
271 dl_iterate_phdr(
272 [](dl_phdr_info *info, size_t /* size */, void * /* data */) -> int {
273 for (const hwasan_global &global : HwasanGlobalsFor(
274 info->dlpi_addr, info->dlpi_phdr, info->dlpi_phnum))
275 InitializeSingleGlobal(global);
276 return 0;
277 },
278 nullptr);
279 }
280
281 // Prepare to run instrumented code on the main thread.
282 static void InitInstrumentation() {
283 if (hwasan_instrumentation_inited) return;
284
285 InitializeOsSupport();
286
287 if (!InitShadow()) {
288 Printf("FATAL: HWAddressSanitizer cannot mmap the shadow memory.\n");
289 DumpProcessMap();
290 Die();
291 }
292
293 InitThreads();
294
295 hwasan_instrumentation_inited = 1;
296 }
297
298 // Interface.
299
300 uptr __hwasan_shadow_memory_dynamic_address; // Global interface symbol.
301
302 // This function was used by the old frame descriptor mechanism. We keep it
303 // around to avoid breaking ABI.
304 void __hwasan_init_frames(uptr beg, uptr end) {}
305
306 void __hwasan_init_static() {
307 InitShadowGOT();
308 InitInstrumentation();
309
310 // In the non-static code path we call dl_iterate_phdr here. But at this point
311 // libc might not have been initialized enough for dl_iterate_phdr to work.
312 // Fortunately, since this is a statically linked executable we can use the
313 // linker-defined symbol __ehdr_start to find the only relevant set of phdrs.
314 extern ElfW(Ehdr) __ehdr_start;
315 for (const hwasan_global &global : HwasanGlobalsFor(
316 /* base */ 0,
317 reinterpret_cast<const ElfW(Phdr) *>(
318 reinterpret_cast<const char *>(&__ehdr_start) +
319 __ehdr_start.e_phoff),
320 __ehdr_start.e_phnum))
321 InitializeSingleGlobal(global);
322 }
323
324 __attribute__((constructor(0))) void __hwasan_init() {
325 CHECK(!hwasan_init_is_running);
326 if (hwasan_inited) return;
327 hwasan_init_is_running = 1;
328 SanitizerToolName = "HWAddressSanitizer";
329
330 InitTlsSize();
331
332 CacheBinaryName();
333 InitializeFlags();
334
335 // Install tool-specific callbacks in sanitizer_common.
336 SetCheckUnwindCallback(CheckUnwind);
337
338 __sanitizer_set_report_path(common_flags()->log_path);
339
340 AndroidTestTlsSlot();
341
342 DisableCoreDumperIfNecessary();
343
344 InitInstrumentation();
345 InitLoadedGlobals();
346
347 // Needs to be called here because flags()->random_tags might not have been
348 // initialized when InitInstrumentation() was called.
349 GetCurrentThread()->EnsureRandomStateInited();
350
351 SetPrintfAndReportCallback(AppendToErrorMessageBuffer);
352 // This may call libc -> needs initialized shadow.
353 AndroidLogInit();
354
355 InitializeInterceptors();
356 InstallDeadlySignalHandlers(HwasanOnDeadlySignal);
357 InstallAtExitHandler(); // Needs __cxa_atexit interceptor.
358
359 InitializeCoverage(common_flags()->coverage, common_flags()->coverage_dir);
360
361 HwasanTSDInit();
362 HwasanTSDThreadInit();
363
364 HwasanAllocatorInit();
365 HwasanInstallAtForkHandler();
366
367 #if HWASAN_CONTAINS_UBSAN
368 __ubsan::InitAsPlugin();
369 #endif
370
371 VPrintf(1, "HWAddressSanitizer init done\n");
372
373 hwasan_init_is_running = 0;
374 hwasan_inited = 1;
375 }
376
377 void __hwasan_library_loaded(ElfW(Addr) base, const ElfW(Phdr) * phdr,
378 ElfW(Half) phnum) {
379 for (const hwasan_global &global : HwasanGlobalsFor(base, phdr, phnum))
380 InitializeSingleGlobal(global);
381 }
382
383 void __hwasan_library_unloaded(ElfW(Addr) base, const ElfW(Phdr) * phdr,
384 ElfW(Half) phnum) {
385 for (; phnum != 0; ++phdr, --phnum)
386 if (phdr->p_type == PT_LOAD)
387 TagMemory(base + phdr->p_vaddr, phdr->p_memsz, 0);
388 }
389
390 void __hwasan_print_shadow(const void *p, uptr sz) {
391 uptr ptr_raw = UntagAddr(reinterpret_cast<uptr>(p));
392 uptr shadow_first = MemToShadow(ptr_raw);
393 uptr shadow_last = MemToShadow(ptr_raw + sz - 1);
394 Printf("HWASan shadow map for %zx .. %zx (pointer tag %x)\n", ptr_raw,
395 ptr_raw + sz, GetTagFromPointer((uptr)p));
396 for (uptr s = shadow_first; s <= shadow_last; ++s) {
397 tag_t mem_tag = *reinterpret_cast<tag_t *>(s);
398 uptr granule_addr = ShadowToMem(s);
399 if (mem_tag && mem_tag < kShadowAlignment)
400 Printf(" %zx: %02x(%02x)\n", granule_addr, mem_tag,
401 *reinterpret_cast<tag_t *>(granule_addr + kShadowAlignment - 1));
402 else
403 Printf(" %zx: %02x\n", granule_addr, mem_tag);
404 }
405 }
406
407 sptr __hwasan_test_shadow(const void *p, uptr sz) {
408 if (sz == 0)
409 return -1;
410 tag_t ptr_tag = GetTagFromPointer((uptr)p);
411 uptr ptr_raw = UntagAddr(reinterpret_cast<uptr>(p));
412 uptr shadow_first = MemToShadow(ptr_raw);
413 uptr shadow_last = MemToShadow(ptr_raw + sz - 1);
414 for (uptr s = shadow_first; s <= shadow_last; ++s)
415 if (*(tag_t *)s != ptr_tag) {
416 sptr offset = ShadowToMem(s) - ptr_raw;
417 return offset < 0 ? 0 : offset;
418 }
419 return -1;
420 }
421
422 u16 __sanitizer_unaligned_load16(const uu16 *p) {
423 return *p;
424 }
425 u32 __sanitizer_unaligned_load32(const uu32 *p) {
426 return *p;
427 }
428 u64 __sanitizer_unaligned_load64(const uu64 *p) {
429 return *p;
430 }
431 void __sanitizer_unaligned_store16(uu16 *p, u16 x) {
432 *p = x;
433 }
434 void __sanitizer_unaligned_store32(uu32 *p, u32 x) {
435 *p = x;
436 }
437 void __sanitizer_unaligned_store64(uu64 *p, u64 x) {
438 *p = x;
439 }
440
441 void __hwasan_loadN(uptr p, uptr sz) {
442 CheckAddressSized<ErrorAction::Abort, AccessType::Load>(p, sz);
443 }
444 void __hwasan_load1(uptr p) {
445 CheckAddress<ErrorAction::Abort, AccessType::Load, 0>(p);
446 }
447 void __hwasan_load2(uptr p) {
448 CheckAddress<ErrorAction::Abort, AccessType::Load, 1>(p);
449 }
450 void __hwasan_load4(uptr p) {
451 CheckAddress<ErrorAction::Abort, AccessType::Load, 2>(p);
452 }
453 void __hwasan_load8(uptr p) {
454 CheckAddress<ErrorAction::Abort, AccessType::Load, 3>(p);
455 }
456 void __hwasan_load16(uptr p) {
457 CheckAddress<ErrorAction::Abort, AccessType::Load, 4>(p);
458 }
459
460 void __hwasan_loadN_noabort(uptr p, uptr sz) {
461 CheckAddressSized<ErrorAction::Recover, AccessType::Load>(p, sz);
462 }
463 void __hwasan_load1_noabort(uptr p) {
464 CheckAddress<ErrorAction::Recover, AccessType::Load, 0>(p);
465 }
466 void __hwasan_load2_noabort(uptr p) {
467 CheckAddress<ErrorAction::Recover, AccessType::Load, 1>(p);
468 }
469 void __hwasan_load4_noabort(uptr p) {
470 CheckAddress<ErrorAction::Recover, AccessType::Load, 2>(p);
471 }
472 void __hwasan_load8_noabort(uptr p) {
473 CheckAddress<ErrorAction::Recover, AccessType::Load, 3>(p);
474 }
475 void __hwasan_load16_noabort(uptr p) {
476 CheckAddress<ErrorAction::Recover, AccessType::Load, 4>(p);
477 }
478
479 void __hwasan_storeN(uptr p, uptr sz) {
480 CheckAddressSized<ErrorAction::Abort, AccessType::Store>(p, sz);
481 }
482 void __hwasan_store1(uptr p) {
483 CheckAddress<ErrorAction::Abort, AccessType::Store, 0>(p);
484 }
485 void __hwasan_store2(uptr p) {
486 CheckAddress<ErrorAction::Abort, AccessType::Store, 1>(p);
487 }
488 void __hwasan_store4(uptr p) {
489 CheckAddress<ErrorAction::Abort, AccessType::Store, 2>(p);
490 }
491 void __hwasan_store8(uptr p) {
492 CheckAddress<ErrorAction::Abort, AccessType::Store, 3>(p);
493 }
494 void __hwasan_store16(uptr p) {
495 CheckAddress<ErrorAction::Abort, AccessType::Store, 4>(p);
496 }
497
498 void __hwasan_storeN_noabort(uptr p, uptr sz) {
499 CheckAddressSized<ErrorAction::Recover, AccessType::Store>(p, sz);
500 }
501 void __hwasan_store1_noabort(uptr p) {
502 CheckAddress<ErrorAction::Recover, AccessType::Store, 0>(p);
503 }
504 void __hwasan_store2_noabort(uptr p) {
505 CheckAddress<ErrorAction::Recover, AccessType::Store, 1>(p);
506 }
507 void __hwasan_store4_noabort(uptr p) {
508 CheckAddress<ErrorAction::Recover, AccessType::Store, 2>(p);
509 }
510 void __hwasan_store8_noabort(uptr p) {
511 CheckAddress<ErrorAction::Recover, AccessType::Store, 3>(p);
512 }
513 void __hwasan_store16_noabort(uptr p) {
514 CheckAddress<ErrorAction::Recover, AccessType::Store, 4>(p);
515 }
516
517 void __hwasan_tag_memory(uptr p, u8 tag, uptr sz) {
518 TagMemoryAligned(p, sz, tag);
519 }
520
521 uptr __hwasan_tag_pointer(uptr p, u8 tag) {
522 return AddTagToPointer(p, tag);
523 }
524
525 void __hwasan_handle_longjmp(const void *sp_dst) {
526 uptr dst = (uptr)sp_dst;
527 // HWASan does not support tagged SP.
528 CHECK(GetTagFromPointer(dst) == 0);
529
530 uptr sp = (uptr)__builtin_frame_address(0);
531 static const uptr kMaxExpectedCleanupSize = 64 << 20; // 64M
532 if (dst < sp || dst - sp > kMaxExpectedCleanupSize) {
533 Report(
534 "WARNING: HWASan is ignoring requested __hwasan_handle_longjmp: "
535 "stack top: %p; target %p; distance: %p (%zd)\n"
536 "False positive error reports may follow\n",
537 (void *)sp, (void *)dst, dst - sp);
538 return;
539 }
540 TagMemory(sp, dst - sp, 0);
541 }
542
543 void __hwasan_handle_vfork(const void *sp_dst) {
544 uptr sp = (uptr)sp_dst;
545 Thread *t = GetCurrentThread();
546 CHECK(t);
547 uptr top = t->stack_top();
548 uptr bottom = t->stack_bottom();
549 if (top == 0 || bottom == 0 || sp < bottom || sp >= top) {
550 Report(
551 "WARNING: HWASan is ignoring requested __hwasan_handle_vfork: "
552 "stack top: %zx; current %zx; bottom: %zx \n"
553 "False positive error reports may follow\n",
554 top, sp, bottom);
555 return;
556 }
557 TagMemory(bottom, sp - bottom, 0);
558 }
559
560 extern "C" void *__hwasan_extra_spill_area() {
561 Thread *t = GetCurrentThread();
562 return &t->vfork_spill();
563 }
564
565 void __hwasan_print_memory_usage() {
566 InternalScopedString s;
567 HwasanFormatMemoryUsage(s);
568 Printf("%s\n", s.data());
569 }
570
571 static const u8 kFallbackTag = 0xBB & kTagMask;
572
573 u8 __hwasan_generate_tag() {
574 Thread *t = GetCurrentThread();
575 if (!t) return kFallbackTag;
576 return t->GenerateRandomTag();
577 }
578
579 #if !SANITIZER_SUPPORTS_WEAK_HOOKS
580 extern "C" {
581 SANITIZER_INTERFACE_ATTRIBUTE SANITIZER_WEAK_ATTRIBUTE
582 const char* __hwasan_default_options() { return ""; }
583 } // extern "C"
584 #endif
585
586 extern "C" {
587 SANITIZER_INTERFACE_ATTRIBUTE
588 void __sanitizer_print_stack_trace() {
589 GET_FATAL_STACK_TRACE_PC_BP(StackTrace::GetCurrentPc(), GET_CURRENT_FRAME());
590 stack.Print();
591 }
592
593 // Entry point for interoperability between __hwasan_tag_mismatch (ASM) and the
594 // rest of the mismatch handling code (C++).
595 void __hwasan_tag_mismatch4(uptr addr, uptr access_info, uptr *registers_frame,
596 size_t outsize) {
597 __hwasan::HwasanTagMismatch(addr, access_info, registers_frame, outsize);
598 }
599
600 } // extern "C"
LLVM monorepo