1 //===-- sanitizer_common_libcdep.cpp --------------------------------------===// 2 // 3 // Part of the LLVM Project, under the Apache License v2.0 with LLVM Exceptions. 4 // See https://llvm.org/LICENSE.txt for license information. 5 // SPDX-License-Identifier: Apache-2.0 WITH LLVM-exception 6 // 7 //===----------------------------------------------------------------------===// 8 // 9 // This file is shared between AddressSanitizer and ThreadSanitizer 10 // run-time libraries. 11 //===----------------------------------------------------------------------===// 12 13 #include "sanitizer_allocator_interface.h" 14 #include "sanitizer_common.h" 15 #include "sanitizer_flags.h" 16 #include "sanitizer_procmaps.h" 17 18 19 namespace __sanitizer { 20 21 static void (*SoftRssLimitExceededCallback)(bool exceeded); 22 void SetSoftRssLimitExceededCallback(void (*Callback)(bool exceeded)) { 23 CHECK_EQ(SoftRssLimitExceededCallback, nullptr); 24 SoftRssLimitExceededCallback = Callback; 25 } 26 27 #if (SANITIZER_LINUX || SANITIZER_NETBSD) && !SANITIZER_GO 28 // Weak default implementation for when sanitizer_stackdepot is not linked in. 29 SANITIZER_WEAK_ATTRIBUTE StackDepotStats *StackDepotGetStats() { 30 return nullptr; 31 } 32 33 void *BackgroundThread(void *arg) { 34 const uptr hard_rss_limit_mb = common_flags()->hard_rss_limit_mb; 35 const uptr soft_rss_limit_mb = common_flags()->soft_rss_limit_mb; 36 const bool heap_profile = common_flags()->heap_profile; 37 uptr prev_reported_rss = 0; 38 uptr prev_reported_stack_depot_size = 0; 39 bool reached_soft_rss_limit = false; 40 uptr rss_during_last_reported_profile = 0; 41 while (true) { 42 SleepForMillis(100); 43 const uptr current_rss_mb = GetRSS() >> 20; 44 if (Verbosity()) { 45 // If RSS has grown 10% since last time, print some information. 46 if (prev_reported_rss * 11 / 10 < current_rss_mb) { 47 Printf("%s: RSS: %zdMb\n", SanitizerToolName, current_rss_mb); 48 prev_reported_rss = current_rss_mb; 49 } 50 // If stack depot has grown 10% since last time, print it too. 51 StackDepotStats *stack_depot_stats = StackDepotGetStats(); 52 if (stack_depot_stats) { 53 if (prev_reported_stack_depot_size * 11 / 10 < 54 stack_depot_stats->allocated) { 55 Printf("%s: StackDepot: %zd ids; %zdM allocated\n", SanitizerToolName, 56 stack_depot_stats->n_uniq_ids, 57 stack_depot_stats->allocated >> 20); 58 prev_reported_stack_depot_size = stack_depot_stats->allocated; 59 } 60 } 61 } 62 // Check RSS against the limit. 63 if (hard_rss_limit_mb && hard_rss_limit_mb < current_rss_mb) { 64 Report("%s: hard rss limit exhausted (%zdMb vs %zdMb)\n", 65 SanitizerToolName, hard_rss_limit_mb, current_rss_mb); 66 DumpProcessMap(); 67 Die(); 68 } 69 if (soft_rss_limit_mb) { 70 if (soft_rss_limit_mb < current_rss_mb && !reached_soft_rss_limit) { 71 reached_soft_rss_limit = true; 72 Report("%s: soft rss limit exhausted (%zdMb vs %zdMb)\n", 73 SanitizerToolName, soft_rss_limit_mb, current_rss_mb); 74 if (SoftRssLimitExceededCallback) 75 SoftRssLimitExceededCallback(true); 76 } else if (soft_rss_limit_mb >= current_rss_mb && 77 reached_soft_rss_limit) { 78 reached_soft_rss_limit = false; 79 if (SoftRssLimitExceededCallback) 80 SoftRssLimitExceededCallback(false); 81 } 82 } 83 if (heap_profile && 84 current_rss_mb > rss_during_last_reported_profile * 1.1) { 85 Printf("\n\nHEAP PROFILE at RSS %zdMb\n", current_rss_mb); 86 __sanitizer_print_memory_profile(90, 20); 87 rss_during_last_reported_profile = current_rss_mb; 88 } 89 } 90 } 91 #endif 92 93 void WriteToSyslog(const char *msg) { 94 InternalScopedString msg_copy; 95 msg_copy.append("%s", msg); 96 const char *p = msg_copy.data(); 97 98 // Print one line at a time. 99 // syslog, at least on Android, has an implicit message length limit. 100 while (char* q = internal_strchr(p, '\n')) { 101 *q = '\0'; 102 WriteOneLineToSyslog(p); 103 p = q + 1; 104 } 105 // Print remaining characters, if there are any. 106 // Note that this will add an extra newline at the end. 107 // FIXME: buffer extra output. This would need a thread-local buffer, which 108 // on Android requires plugging into the tools (ex. ASan's) Thread class. 109 if (*p) 110 WriteOneLineToSyslog(p); 111 } 112 113 void MaybeStartBackgroudThread() { 114 #if (SANITIZER_LINUX || SANITIZER_NETBSD) && \ 115 !SANITIZER_GO // Need to implement/test on other platforms. 116 // Start the background thread if one of the rss limits is given. 117 if (!common_flags()->hard_rss_limit_mb && 118 !common_flags()->soft_rss_limit_mb && 119 !common_flags()->heap_profile) return; 120 if (!&real_pthread_create) return; // Can't spawn the thread anyway. 121 internal_start_thread(BackgroundThread, nullptr); 122 #endif 123 } 124 125 static void (*sandboxing_callback)(); 126 void SetSandboxingCallback(void (*f)()) { 127 sandboxing_callback = f; 128 } 129 130 uptr ReservedAddressRange::InitAligned(uptr size, uptr align, 131 const char *name) { 132 CHECK(IsPowerOfTwo(align)); 133 if (align <= GetPageSizeCached()) 134 return Init(size, name); 135 uptr start = Init(size + align, name); 136 start += align - (start & (align - 1)); 137 return start; 138 } 139 140 #if !SANITIZER_FUCHSIA 141 142 // Reserve memory range [beg, end]. 143 // We need to use inclusive range because end+1 may not be representable. 144 void ReserveShadowMemoryRange(uptr beg, uptr end, const char *name, 145 bool madvise_shadow) { 146 CHECK_EQ((beg % GetMmapGranularity()), 0); 147 CHECK_EQ(((end + 1) % GetMmapGranularity()), 0); 148 uptr size = end - beg + 1; 149 DecreaseTotalMmap(size); // Don't count the shadow against mmap_limit_mb. 150 if (madvise_shadow ? !MmapFixedSuperNoReserve(beg, size, name) 151 : !MmapFixedNoReserve(beg, size, name)) { 152 Report( 153 "ReserveShadowMemoryRange failed while trying to map 0x%zx bytes. " 154 "Perhaps you're using ulimit -v\n", 155 size); 156 Abort(); 157 } 158 if (madvise_shadow && common_flags()->use_madv_dontdump) 159 DontDumpShadowMemory(beg, size); 160 } 161 162 void ProtectGap(uptr addr, uptr size, uptr zero_base_shadow_start, 163 uptr zero_base_max_shadow_start) { 164 if (!size) 165 return; 166 void *res = MmapFixedNoAccess(addr, size, "shadow gap"); 167 if (addr == (uptr)res) 168 return; 169 // A few pages at the start of the address space can not be protected. 170 // But we really want to protect as much as possible, to prevent this memory 171 // being returned as a result of a non-FIXED mmap(). 172 if (addr == zero_base_shadow_start) { 173 uptr step = GetMmapGranularity(); 174 while (size > step && addr < zero_base_max_shadow_start) { 175 addr += step; 176 size -= step; 177 void *res = MmapFixedNoAccess(addr, size, "shadow gap"); 178 if (addr == (uptr)res) 179 return; 180 } 181 } 182 183 Report( 184 "ERROR: Failed to protect the shadow gap. " 185 "%s cannot proceed correctly. ABORTING.\n", 186 SanitizerToolName); 187 DumpProcessMap(); 188 Die(); 189 } 190 191 #endif // !SANITIZER_FUCHSIA 192 193 } // namespace __sanitizer 194 195 SANITIZER_INTERFACE_WEAK_DEF(void, __sanitizer_sandbox_on_notify, 196 __sanitizer_sandbox_arguments *args) { 197 __sanitizer::PlatformPrepareForSandboxing(args); 198 if (__sanitizer::sandboxing_callback) 199 __sanitizer::sandboxing_callback(); 200 } 201