1 //===-- sanitizer_symbolizer_report.cpp -----------------------------------===//
2 //
3 // Part of the LLVM Project, under the Apache License v2.0 with LLVM Exceptions.
4 // See https://llvm.org/LICENSE.txt for license information.
5 // SPDX-License-Identifier: Apache-2.0 WITH LLVM-exception
6 //
7 //===----------------------------------------------------------------------===//
8 ///
9 /// This file is shared between AddressSanitizer and other sanitizer run-time
10 /// libraries and implements symbolized reports related functions.
11 ///
12 //===----------------------------------------------------------------------===//
13
14 #include "sanitizer_common.h"
15 #include "sanitizer_file.h"
16 #include "sanitizer_flags.h"
17 #include "sanitizer_procmaps.h"
18 #include "sanitizer_report_decorator.h"
19 #include "sanitizer_stacktrace.h"
20 #include "sanitizer_stacktrace_printer.h"
21 #include "sanitizer_symbolizer.h"
22
23 #if SANITIZER_POSIX
24 # include "sanitizer_posix.h"
25 # include <sys/mman.h>
26 #endif
27
28 namespace __sanitizer {
29
30 #if !SANITIZER_GO
ReportErrorSummary(const char * error_type,const AddressInfo & info,const char * alt_tool_name)31 void ReportErrorSummary(const char *error_type, const AddressInfo &info,
32 const char *alt_tool_name) {
33 if (!common_flags()->print_summary) return;
34 InternalScopedString buff;
35 buff.append("%s ", error_type);
36 RenderFrame(&buff, "%L %F", 0, info.address, &info,
37 common_flags()->symbolize_vs_style,
38 common_flags()->strip_path_prefix);
39 ReportErrorSummary(buff.data(), alt_tool_name);
40 }
41 #endif
42
43 #if !SANITIZER_FUCHSIA
44
SupportsColors()45 bool ReportFile::SupportsColors() {
46 SpinMutexLock l(mu);
47 ReopenIfNecessary();
48 return SupportsColoredOutput(fd);
49 }
50
ReportSupportsColors()51 static inline bool ReportSupportsColors() {
52 return report_file.SupportsColors();
53 }
54
55 #else // SANITIZER_FUCHSIA
56
57 // Fuchsia's logs always go through post-processing that handles colorization.
ReportSupportsColors()58 static inline bool ReportSupportsColors() { return true; }
59
60 #endif // !SANITIZER_FUCHSIA
61
ColorizeReports()62 bool ColorizeReports() {
63 // FIXME: Add proper Windows support to AnsiColorDecorator and re-enable color
64 // printing on Windows.
65 if (SANITIZER_WINDOWS)
66 return false;
67
68 const char *flag = common_flags()->color;
69 return internal_strcmp(flag, "always") == 0 ||
70 (internal_strcmp(flag, "auto") == 0 && ReportSupportsColors());
71 }
72
ReportErrorSummary(const char * error_type,const StackTrace * stack,const char * alt_tool_name)73 void ReportErrorSummary(const char *error_type, const StackTrace *stack,
74 const char *alt_tool_name) {
75 #if !SANITIZER_GO
76 if (!common_flags()->print_summary)
77 return;
78 if (stack->size == 0) {
79 ReportErrorSummary(error_type);
80 return;
81 }
82 // Currently, we include the first stack frame into the report summary.
83 // Maybe sometimes we need to choose another frame (e.g. skip memcpy/etc).
84 uptr pc = StackTrace::GetPreviousInstructionPc(stack->trace[0]);
85 SymbolizedStack *frame = Symbolizer::GetOrInit()->SymbolizePC(pc);
86 ReportErrorSummary(error_type, frame->info, alt_tool_name);
87 frame->ClearAll();
88 #endif
89 }
90
ReportMmapWriteExec(int prot,int flags)91 void ReportMmapWriteExec(int prot, int flags) {
92 #if SANITIZER_POSIX && (!SANITIZER_GO && !SANITIZER_ANDROID)
93 int pflags = (PROT_WRITE | PROT_EXEC);
94 if ((prot & pflags) != pflags)
95 return;
96
97 # if SANITIZER_MAC && defined(MAP_JIT)
98 if ((flags & MAP_JIT) == MAP_JIT)
99 return;
100 # endif
101
102 ScopedErrorReportLock l;
103 SanitizerCommonDecorator d;
104
105 InternalMmapVector<BufferedStackTrace> stack_buffer(1);
106 BufferedStackTrace *stack = stack_buffer.data();
107 stack->Reset();
108 uptr top = 0;
109 uptr bottom = 0;
110 GET_CALLER_PC_BP_SP;
111 (void)sp;
112 bool fast = common_flags()->fast_unwind_on_fatal;
113 if (StackTrace::WillUseFastUnwind(fast)) {
114 GetThreadStackTopAndBottom(false, &top, &bottom);
115 stack->Unwind(kStackTraceMax, pc, bp, nullptr, top, bottom, true);
116 } else {
117 stack->Unwind(kStackTraceMax, pc, 0, nullptr, 0, 0, false);
118 }
119
120 Printf("%s", d.Warning());
121 Report("WARNING: %s: writable-executable page usage\n", SanitizerToolName);
122 Printf("%s", d.Default());
123
124 stack->Print();
125 ReportErrorSummary("w-and-x-usage", stack);
126 #endif
127 }
128
129 #if !SANITIZER_FUCHSIA && !SANITIZER_GO
StartReportDeadlySignal()130 void StartReportDeadlySignal() {
131 // Write the first message using fd=2, just in case.
132 // It may actually fail to write in case stderr is closed.
133 CatastrophicErrorWrite(SanitizerToolName, internal_strlen(SanitizerToolName));
134 static const char kDeadlySignal[] = ":DEADLYSIGNAL\n";
135 CatastrophicErrorWrite(kDeadlySignal, sizeof(kDeadlySignal) - 1);
136 }
137
MaybeReportNonExecRegion(uptr pc)138 static void MaybeReportNonExecRegion(uptr pc) {
139 #if SANITIZER_FREEBSD || SANITIZER_LINUX || SANITIZER_NETBSD
140 MemoryMappingLayout proc_maps(/*cache_enabled*/ true);
141 MemoryMappedSegment segment;
142 while (proc_maps.Next(&segment)) {
143 if (pc >= segment.start && pc < segment.end && !segment.IsExecutable())
144 Report("Hint: PC is at a non-executable region. Maybe a wild jump?\n");
145 }
146 #endif
147 }
148
PrintMemoryByte(InternalScopedString * str,const char * before,u8 byte)149 static void PrintMemoryByte(InternalScopedString *str, const char *before,
150 u8 byte) {
151 SanitizerCommonDecorator d;
152 str->append("%s%s%x%x%s ", before, d.MemoryByte(), byte >> 4, byte & 15,
153 d.Default());
154 }
155
MaybeDumpInstructionBytes(uptr pc)156 static void MaybeDumpInstructionBytes(uptr pc) {
157 if (!common_flags()->dump_instruction_bytes || (pc < GetPageSizeCached()))
158 return;
159 InternalScopedString str;
160 str.append("First 16 instruction bytes at pc: ");
161 if (IsAccessibleMemoryRange(pc, 16)) {
162 for (int i = 0; i < 16; ++i) {
163 PrintMemoryByte(&str, "", ((u8 *)pc)[i]);
164 }
165 str.append("\n");
166 } else {
167 str.append("unaccessible\n");
168 }
169 Report("%s", str.data());
170 }
171
MaybeDumpRegisters(void * context)172 static void MaybeDumpRegisters(void *context) {
173 if (!common_flags()->dump_registers) return;
174 SignalContext::DumpAllRegisters(context);
175 }
176
ReportStackOverflowImpl(const SignalContext & sig,u32 tid,UnwindSignalStackCallbackType unwind,const void * unwind_context)177 static void ReportStackOverflowImpl(const SignalContext &sig, u32 tid,
178 UnwindSignalStackCallbackType unwind,
179 const void *unwind_context) {
180 SanitizerCommonDecorator d;
181 Printf("%s", d.Warning());
182 static const char kDescription[] = "stack-overflow";
183 Report("ERROR: %s: %s on address %p (pc %p bp %p sp %p T%d)\n",
184 SanitizerToolName, kDescription, (void *)sig.addr, (void *)sig.pc,
185 (void *)sig.bp, (void *)sig.sp, tid);
186 Printf("%s", d.Default());
187 InternalMmapVector<BufferedStackTrace> stack_buffer(1);
188 BufferedStackTrace *stack = stack_buffer.data();
189 stack->Reset();
190 unwind(sig, unwind_context, stack);
191 stack->Print();
192 ReportErrorSummary(kDescription, stack);
193 }
194
ReportDeadlySignalImpl(const SignalContext & sig,u32 tid,UnwindSignalStackCallbackType unwind,const void * unwind_context)195 static void ReportDeadlySignalImpl(const SignalContext &sig, u32 tid,
196 UnwindSignalStackCallbackType unwind,
197 const void *unwind_context) {
198 SanitizerCommonDecorator d;
199 Printf("%s", d.Warning());
200 const char *description = sig.Describe();
201 if (sig.is_memory_access && !sig.is_true_faulting_addr)
202 Report("ERROR: %s: %s on unknown address (pc %p bp %p sp %p T%d)\n",
203 SanitizerToolName, description, (void *)sig.pc, (void *)sig.bp,
204 (void *)sig.sp, tid);
205 else
206 Report("ERROR: %s: %s on unknown address %p (pc %p bp %p sp %p T%d)\n",
207 SanitizerToolName, description, (void *)sig.addr, (void *)sig.pc,
208 (void *)sig.bp, (void *)sig.sp, tid);
209 Printf("%s", d.Default());
210 if (sig.pc < GetPageSizeCached())
211 Report("Hint: pc points to the zero page.\n");
212 if (sig.is_memory_access) {
213 const char *access_type =
214 sig.write_flag == SignalContext::WRITE
215 ? "WRITE"
216 : (sig.write_flag == SignalContext::READ ? "READ" : "UNKNOWN");
217 Report("The signal is caused by a %s memory access.\n", access_type);
218 if (!sig.is_true_faulting_addr)
219 Report("Hint: this fault was caused by a dereference of a high value "
220 "address (see register values below). Disassemble the provided "
221 "pc to learn which register was used.\n");
222 else if (sig.addr < GetPageSizeCached())
223 Report("Hint: address points to the zero page.\n");
224 }
225 MaybeReportNonExecRegion(sig.pc);
226 InternalMmapVector<BufferedStackTrace> stack_buffer(1);
227 BufferedStackTrace *stack = stack_buffer.data();
228 stack->Reset();
229 unwind(sig, unwind_context, stack);
230 stack->Print();
231 MaybeDumpInstructionBytes(sig.pc);
232 MaybeDumpRegisters(sig.context);
233 Printf("%s can not provide additional info.\n", SanitizerToolName);
234 ReportErrorSummary(description, stack);
235 }
236
ReportDeadlySignal(const SignalContext & sig,u32 tid,UnwindSignalStackCallbackType unwind,const void * unwind_context)237 void ReportDeadlySignal(const SignalContext &sig, u32 tid,
238 UnwindSignalStackCallbackType unwind,
239 const void *unwind_context) {
240 if (sig.IsStackOverflow())
241 ReportStackOverflowImpl(sig, tid, unwind, unwind_context);
242 else
243 ReportDeadlySignalImpl(sig, tid, unwind, unwind_context);
244 }
245
HandleDeadlySignal(void * siginfo,void * context,u32 tid,UnwindSignalStackCallbackType unwind,const void * unwind_context)246 void HandleDeadlySignal(void *siginfo, void *context, u32 tid,
247 UnwindSignalStackCallbackType unwind,
248 const void *unwind_context) {
249 StartReportDeadlySignal();
250 ScopedErrorReportLock rl;
251 SignalContext sig(siginfo, context);
252 ReportDeadlySignal(sig, tid, unwind, unwind_context);
253 Report("ABORTING\n");
254 Die();
255 }
256
257 #endif // !SANITIZER_FUCHSIA && !SANITIZER_GO
258
259 atomic_uintptr_t ScopedErrorReportLock::reporting_thread_ = {0};
260 StaticSpinMutex ScopedErrorReportLock::mutex_;
261
Lock()262 void ScopedErrorReportLock::Lock() {
263 uptr current = GetThreadSelf();
264 for (;;) {
265 uptr expected = 0;
266 if (atomic_compare_exchange_strong(&reporting_thread_, &expected, current,
267 memory_order_relaxed)) {
268 // We've claimed reporting_thread so proceed.
269 mutex_.Lock();
270 return;
271 }
272
273 if (expected == current) {
274 // This is either asynch signal or nested error during error reporting.
275 // Fail simple to avoid deadlocks in Report().
276
277 // Can't use Report() here because of potential deadlocks in nested
278 // signal handlers.
279 CatastrophicErrorWrite(SanitizerToolName,
280 internal_strlen(SanitizerToolName));
281 static const char msg[] = ": nested bug in the same thread, aborting.\n";
282 CatastrophicErrorWrite(msg, sizeof(msg) - 1);
283
284 internal__exit(common_flags()->exitcode);
285 }
286
287 internal_sched_yield();
288 }
289 }
290
Unlock()291 void ScopedErrorReportLock::Unlock() {
292 mutex_.Unlock();
293 atomic_store_relaxed(&reporting_thread_, 0);
294 }
295
CheckLocked()296 void ScopedErrorReportLock::CheckLocked() { mutex_.CheckLocked(); }
297
298 } // namespace __sanitizer
299