|
| 1 | +//===-- asan_fuchsia.cc --------------------------------------------------===// |
| 2 | +// |
| 3 | +// The LLVM Compiler Infrastructure |
| 4 | +// |
| 5 | +// This file is distributed under the University of Illinois Open Source |
| 6 | +// License. See LICENSE.TXT for details. |
| 7 | +// |
| 8 | +//===---------------------------------------------------------------------===// |
| 9 | +// |
| 10 | +// This file is a part of AddressSanitizer, an address sanity checker. |
| 11 | +// |
| 12 | +// Fuchsia-specific details. |
| 13 | +//===---------------------------------------------------------------------===// |
| 14 | + |
| 15 | +#include "sanitizer_common/sanitizer_fuchsia.h" |
| 16 | +#if SANITIZER_FUCHSIA |
| 17 | + |
| 18 | +#include "asan_interceptors.h" |
| 19 | +#include "asan_internal.h" |
| 20 | +#include "asan_stack.h" |
| 21 | +#include "asan_thread.h" |
| 22 | + |
| 23 | +#include <limits.h> |
| 24 | +#include <magenta/sanitizer.h> |
| 25 | +#include <magenta/syscalls.h> |
| 26 | +#include <magenta/threads.h> |
| 27 | + |
| 28 | +namespace __asan { |
| 29 | + |
| 30 | +// The system already set up the shadow memory for us. |
| 31 | +// __sanitizer::GetMaxVirtualAddress has already been called by |
| 32 | +// AsanInitInternal->InitializeHighMemEnd (asan_rtl.cc). |
| 33 | +// Just do some additional sanity checks here. |
| 34 | +void InitializeShadowMemory() { |
| 35 | + if (Verbosity()) PrintAddressSpaceLayout(); |
| 36 | + |
| 37 | + // Make sure SHADOW_OFFSET doesn't use __asan_shadow_memory_dynamic_address. |
| 38 | + __asan_shadow_memory_dynamic_address = kDefaultShadowSentinel; |
| 39 | + DCHECK(kLowShadowBeg != kDefaultShadowSentinel); |
| 40 | + __asan_shadow_memory_dynamic_address = kLowShadowBeg; |
| 41 | + |
| 42 | + CHECK_EQ(kShadowGapEnd, kHighShadowBeg - 1); |
| 43 | + CHECK_EQ(kHighMemEnd, __sanitizer::ShadowBounds.memory_limit - 1); |
| 44 | + CHECK_EQ(kHighMemBeg, __sanitizer::ShadowBounds.shadow_limit); |
| 45 | + CHECK_EQ(kHighShadowBeg, __sanitizer::ShadowBounds.shadow_base); |
| 46 | + CHECK_EQ(kShadowGapEnd, __sanitizer::ShadowBounds.shadow_base - 1); |
| 47 | + CHECK_EQ(kLowShadowEnd, 0); |
| 48 | + CHECK_EQ(kLowShadowBeg, 0); |
| 49 | +} |
| 50 | + |
| 51 | +void AsanApplyToGlobals(globals_op_fptr op, const void *needle) { |
| 52 | + UNIMPLEMENTED(); |
| 53 | +} |
| 54 | + |
| 55 | +void AsanCheckDynamicRTPrereqs() {} |
| 56 | +void AsanCheckIncompatibleRT() {} |
| 57 | +void InitializeAsanInterceptors() {} |
| 58 | + |
| 59 | +void *AsanDoesNotSupportStaticLinkage() { return nullptr; } |
| 60 | + |
| 61 | +void InitializePlatformExceptionHandlers() {} |
| 62 | +void AsanOnDeadlySignal(int signo, void *siginfo, void *context) { |
| 63 | + UNIMPLEMENTED(); |
| 64 | +} |
| 65 | + |
| 66 | +// We can use a plain thread_local variable for TSD. |
| 67 | +static thread_local void *per_thread; |
| 68 | + |
| 69 | +void *AsanTSDGet() { return per_thread; } |
| 70 | + |
| 71 | +void AsanTSDSet(void *tsd) { per_thread = tsd; } |
| 72 | + |
| 73 | +// There's no initialization needed, and the passed-in destructor |
| 74 | +// will never be called. Instead, our own thread destruction hook |
| 75 | +// (below) will call AsanThread::TSDDtor directly. |
| 76 | +void AsanTSDInit(void (*destructor)(void *tsd)) { |
| 77 | + DCHECK(destructor == &PlatformTSDDtor); |
| 78 | +} |
| 79 | + |
| 80 | +void PlatformTSDDtor(void *tsd) { UNREACHABLE(__func__); } |
| 81 | + |
| 82 | +static inline size_t AsanThreadMmapSize() { |
| 83 | + return RoundUpTo(sizeof(AsanThread), PAGE_SIZE); |
| 84 | +} |
| 85 | + |
| 86 | +struct AsanThread::InitOptions { |
| 87 | + uptr stack_bottom, stack_size; |
| 88 | +}; |
| 89 | + |
| 90 | +// Shared setup between thread creation and startup for the initial thread. |
| 91 | +static AsanThread *CreateAsanThread(StackTrace *stack, u32 parent_tid, |
| 92 | + uptr user_id, bool detached, |
| 93 | + const char *name, uptr stack_bottom, |
| 94 | + uptr stack_size) { |
| 95 | + // In lieu of AsanThread::Create. |
| 96 | + AsanThread *thread = (AsanThread *)MmapOrDie(AsanThreadMmapSize(), __func__); |
| 97 | + |
| 98 | + AsanThreadContext::CreateThreadContextArgs args = {thread, stack}; |
| 99 | + u32 tid = |
| 100 | + asanThreadRegistry().CreateThread(user_id, detached, parent_tid, &args); |
| 101 | + asanThreadRegistry().SetThreadName(tid, name); |
| 102 | + |
| 103 | + // On other systems, AsanThread::Init() is called from the new |
| 104 | + // thread itself. But on Fuchsia we already know the stack address |
| 105 | + // range beforehand, so we can do most of the setup right now. |
| 106 | + const AsanThread::InitOptions options = {stack_bottom, stack_size}; |
| 107 | + thread->Init(&options); |
| 108 | + |
| 109 | + return thread; |
| 110 | +} |
| 111 | + |
| 112 | +// This gets the same arguments passed to Init by CreateAsanThread, above. |
| 113 | +// We're in the creator thread before the new thread is actually started, |
| 114 | +// but its stack address range is already known. We don't bother tracking |
| 115 | +// the static TLS address range because the system itself already uses an |
| 116 | +// ASan-aware allocator for that. |
| 117 | +void AsanThread::SetThreadStackAndTls(const AsanThread::InitOptions *options) { |
| 118 | + DCHECK_NE(GetCurrentThread(), this); |
| 119 | + DCHECK_NE(GetCurrentThread(), nullptr); |
| 120 | + CHECK_NE(options->stack_bottom, 0); |
| 121 | + CHECK_NE(options->stack_size, 0); |
| 122 | + stack_bottom_ = options->stack_bottom; |
| 123 | + stack_top_ = options->stack_bottom + options->stack_size; |
| 124 | +} |
| 125 | + |
| 126 | +// Called by __asan::AsanInitInternal (asan_rtl.c). |
| 127 | +AsanThread *CreateMainThread() { |
| 128 | + thrd_t self = thrd_current(); |
| 129 | + char name[MX_MAX_NAME_LEN]; |
| 130 | + CHECK_NE(__sanitizer::MainThreadStackBase, 0); |
| 131 | + CHECK_GT(__sanitizer::MainThreadStackSize, 0); |
| 132 | + AsanThread *t = CreateAsanThread( |
| 133 | + nullptr, 0, reinterpret_cast<uptr>(self), true, |
| 134 | + _mx_object_get_property(thrd_get_mx_handle(self), MX_PROP_NAME, name, |
| 135 | + sizeof(name)) == MX_OK |
| 136 | + ? name |
| 137 | + : nullptr, |
| 138 | + __sanitizer::MainThreadStackBase, __sanitizer::MainThreadStackSize); |
| 139 | + SetCurrentThread(t); |
| 140 | + return t; |
| 141 | +} |
| 142 | + |
| 143 | +// This is called before each thread creation is attempted. So, in |
| 144 | +// its first call, the calling thread is the initial and sole thread. |
| 145 | +static void *BeforeThreadCreateHook(uptr user_id, bool detached, |
| 146 | + const char *name, uptr stack_bottom, |
| 147 | + uptr stack_size) { |
| 148 | + EnsureMainThreadIDIsCorrect(); |
| 149 | + // Strict init-order checking is thread-hostile. |
| 150 | + if (flags()->strict_init_order) StopInitOrderChecking(); |
| 151 | + |
| 152 | + GET_STACK_TRACE_THREAD; |
| 153 | + u32 parent_tid = GetCurrentTidOrInvalid(); |
| 154 | + |
| 155 | + return CreateAsanThread(&stack, parent_tid, user_id, detached, name, |
| 156 | + stack_bottom, stack_size); |
| 157 | +} |
| 158 | + |
| 159 | +// This is called after creating a new thread (in the creating thread), |
| 160 | +// with the pointer returned by BeforeThreadCreateHook (above). |
| 161 | +static void ThreadCreateHook(void *hook, bool aborted) { |
| 162 | + AsanThread *thread = static_cast<AsanThread *>(hook); |
| 163 | + if (!aborted) { |
| 164 | + // The thread was created successfully. |
| 165 | + // ThreadStartHook is already running in the new thread. |
| 166 | + } else { |
| 167 | + // The thread wasn't created after all. |
| 168 | + // Clean up everything we set up in BeforeThreadCreateHook. |
| 169 | + asanThreadRegistry().FinishThread(thread->tid()); |
| 170 | + UnmapOrDie(thread, AsanThreadMmapSize()); |
| 171 | + } |
| 172 | +} |
| 173 | + |
| 174 | +// This is called in the newly-created thread before it runs anything else, |
| 175 | +// with the pointer returned by BeforeThreadCreateHook (above). |
| 176 | +// cf. asan_interceptors.cc:asan_thread_start |
| 177 | +static void ThreadStartHook(void *hook, uptr os_id) { |
| 178 | + AsanThread *thread = static_cast<AsanThread *>(hook); |
| 179 | + SetCurrentThread(thread); |
| 180 | + |
| 181 | + // In lieu of AsanThread::ThreadStart. |
| 182 | + asanThreadRegistry().StartThread(thread->tid(), os_id, /*workerthread*/ false, |
| 183 | + nullptr); |
| 184 | +} |
| 185 | + |
| 186 | +// Each thread runs this just before it exits, |
| 187 | +// with the pointer returned by BeforeThreadCreateHook (above). |
| 188 | +// All per-thread destructors have already been called. |
| 189 | +static void ThreadExitHook(void *hook, uptr os_id) { |
| 190 | + AsanThread::TSDDtor(per_thread); |
| 191 | +} |
| 192 | + |
| 193 | +} // namespace __asan |
| 194 | + |
| 195 | +// These are declared (in extern "C") by <magenta/sanitizer.h>. |
| 196 | +// The system runtime will call our definitions directly. |
| 197 | + |
| 198 | +void *__sanitizer_before_thread_create_hook(thrd_t thread, bool detached, |
| 199 | + const char *name, void *stack_base, |
| 200 | + size_t stack_size) { |
| 201 | + return __asan::BeforeThreadCreateHook( |
| 202 | + reinterpret_cast<uptr>(thread), detached, name, |
| 203 | + reinterpret_cast<uptr>(stack_base), stack_size); |
| 204 | +} |
| 205 | + |
| 206 | +void __sanitizer_thread_create_hook(void *hook, thrd_t thread, int error) { |
| 207 | + __asan::ThreadCreateHook(hook, error != thrd_success); |
| 208 | +} |
| 209 | + |
| 210 | +void __sanitizer_thread_start_hook(void *hook, thrd_t self) { |
| 211 | + __asan::ThreadStartHook(hook, reinterpret_cast<uptr>(self)); |
| 212 | +} |
| 213 | + |
| 214 | +void __sanitizer_thread_exit_hook(void *hook, thrd_t self) { |
| 215 | + __asan::ThreadExitHook(hook, reinterpret_cast<uptr>(self)); |
| 216 | +} |
| 217 | + |
| 218 | +#endif // SANITIZER_FUCHSIA |
0 commit comments