lib/ubsan_minimal/ubsan_minimal_handlers.cpp

3cab2bb3Spatrick#include "sanitizer_common/sanitizer_atomic.h"
3cab2bb3Spatrick
3cab2bb3Spatrick#include <stdlib.h>
3cab2bb3Spatrick#include <stdint.h>
3cab2bb3Spatrick#include <string.h>
3cab2bb3Spatrick#include <unistd.h>
3cab2bb3Spatrick
3cab2bb3Spatrick#ifdef KERNEL_USE
3cab2bb3Spatrickextern "C" void ubsan_message(const char *msg);
3cab2bb3Spatrickstatic void message(const char *msg) { ubsan_message(msg); }
3cab2bb3Spatrick#else
3cab2bb3Spatrickstatic void message(const char *msg) {
d89ec533Spatrick  (void)write(2, msg, strlen(msg));
3cab2bb3Spatrick}
3cab2bb3Spatrick#endif
3cab2bb3Spatrick
3cab2bb3Spatrickstatic const int kMaxCallerPcs = 20;
3cab2bb3Spatrickstatic __sanitizer::atomic_uintptr_t caller_pcs[kMaxCallerPcs];
3cab2bb3Spatrick// Number of elements in caller_pcs. A special value of kMaxCallerPcs + 1 means
3cab2bb3Spatrick// that "too many errors" has already been reported.
3cab2bb3Spatrickstatic __sanitizer::atomic_uint32_t caller_pcs_sz;
3cab2bb3Spatrick
*810390e3Srobert__attribute__((noinline)) static bool report_this_error(uintptr_t caller) {
*810390e3Srobert  if (caller == 0)
*810390e3Srobert    return false;
3cab2bb3Spatrick  while (true) {
3cab2bb3Spatrick    unsigned sz = __sanitizer::atomic_load_relaxed(&caller_pcs_sz);
3cab2bb3Spatrick    if (sz > kMaxCallerPcs) return false;  // early exit
3cab2bb3Spatrick    // when sz==kMaxCallerPcs print "too many errors", but only when cmpxchg
3cab2bb3Spatrick    // succeeds in order to not print it multiple times.
3cab2bb3Spatrick    if (sz > 0 && sz < kMaxCallerPcs) {
3cab2bb3Spatrick      uintptr_t p;
3cab2bb3Spatrick      for (unsigned i = 0; i < sz; ++i) {
3cab2bb3Spatrick        p = __sanitizer::atomic_load_relaxed(&caller_pcs[i]);
3cab2bb3Spatrick        if (p == 0) break;  // Concurrent update.
3cab2bb3Spatrick        if (p == caller) return false;
3cab2bb3Spatrick      }
3cab2bb3Spatrick      if (p == 0) continue;  // FIXME: yield?
3cab2bb3Spatrick    }
3cab2bb3Spatrick
3cab2bb3Spatrick    if (!__sanitizer::atomic_compare_exchange_strong(
3cab2bb3Spatrick            &caller_pcs_sz, &sz, sz + 1, __sanitizer::memory_order_seq_cst))
3cab2bb3Spatrick      continue;  // Concurrent update! Try again from the start.
3cab2bb3Spatrick
3cab2bb3Spatrick    if (sz == kMaxCallerPcs) {
3cab2bb3Spatrick      message("ubsan: too many errors\n");
3cab2bb3Spatrick      return false;
3cab2bb3Spatrick    }
3cab2bb3Spatrick    __sanitizer::atomic_store_relaxed(&caller_pcs[sz], caller);
3cab2bb3Spatrick    return true;
3cab2bb3Spatrick  }
3cab2bb3Spatrick}
3cab2bb3Spatrick
*810390e3Srobert__attribute__((noinline)) static void decorate_msg(char *buf,
*810390e3Srobert                                                   uintptr_t caller) {
*810390e3Srobert  // print the address by nibbles
*810390e3Srobert  for (unsigned shift = sizeof(uintptr_t) * 8; shift;) {
*810390e3Srobert    shift -= 4;
*810390e3Srobert    unsigned nibble = (caller >> shift) & 0xf;
*810390e3Srobert    *(buf++) = nibble < 10 ? nibble + '0' : nibble - 10 + 'a';
*810390e3Srobert  }
*810390e3Srobert  // finish the message
*810390e3Srobert  buf[0] = '\n';
*810390e3Srobert  buf[1] = '\0';
*810390e3Srobert}
*810390e3Srobert
3cab2bb3Spatrick#if defined(__ANDROID__)
3cab2bb3Spatrickextern "C" __attribute__((weak)) void android_set_abort_message(const char *);
3cab2bb3Spatrickstatic void abort_with_message(const char *msg) {
3cab2bb3Spatrick  if (&android_set_abort_message) android_set_abort_message(msg);
3cab2bb3Spatrick  abort();
3cab2bb3Spatrick}
3cab2bb3Spatrick#else
3cab2bb3Spatrickstatic void abort_with_message(const char *) { abort(); }
3cab2bb3Spatrick#endif
3cab2bb3Spatrick
3cab2bb3Spatrick#if SANITIZER_DEBUG
3cab2bb3Spatricknamespace __sanitizer {
3cab2bb3Spatrick// The DCHECK macro needs this symbol to be defined.
3cab2bb3Spatrickvoid NORETURN CheckFailed(const char *file, int, const char *cond, u64, u64) {
3cab2bb3Spatrick  message("Sanitizer CHECK failed: ");
3cab2bb3Spatrick  message(file);
3cab2bb3Spatrick  message(":?? : "); // FIXME: Show line number.
3cab2bb3Spatrick  message(cond);
3cab2bb3Spatrick  abort();
3cab2bb3Spatrick}
3cab2bb3Spatrick} // namespace __sanitizer
3cab2bb3Spatrick#endif
3cab2bb3Spatrick
3cab2bb3Spatrick#define INTERFACE extern "C" __attribute__((visibility("default")))
3cab2bb3Spatrick
*810390e3Srobert// How many chars we need to reserve to print an address.
*810390e3Srobertconstexpr unsigned kAddrBuf = SANITIZER_WORDSIZE / 4;
*810390e3Srobert#define MSG_TMPL(msg) "ubsan: " msg " by 0x"
*810390e3Srobert#define MSG_TMPL_END(buf, msg) (buf + sizeof(MSG_TMPL(msg)) - 1)
*810390e3Srobert// Reserve an additional byte for '\n'.
*810390e3Srobert#define MSG_BUF_LEN(msg) (sizeof(MSG_TMPL(msg)) + kAddrBuf + 1)
*810390e3Srobert
3cab2bb3Spatrick#define HANDLER_RECOVER(name, msg)                               \
3cab2bb3Spatrick  INTERFACE void __ubsan_handle_##name##_minimal() {             \
*810390e3Srobert    uintptr_t caller = GET_CALLER_PC();                  \
*810390e3Srobert    if (!report_this_error(caller)) return;                      \
*810390e3Srobert    char msg_buf[MSG_BUF_LEN(msg)] = MSG_TMPL(msg);              \
*810390e3Srobert    decorate_msg(MSG_TMPL_END(msg_buf, msg), caller);            \
*810390e3Srobert    message(msg_buf);                                            \
3cab2bb3Spatrick  }
3cab2bb3Spatrick
3cab2bb3Spatrick#define HANDLER_NORECOVER(name, msg)                             \
3cab2bb3Spatrick  INTERFACE void __ubsan_handle_##name##_minimal_abort() {       \
*810390e3Srobert    char msg_buf[MSG_BUF_LEN(msg)] = MSG_TMPL(msg);              \
*810390e3Srobert    decorate_msg(MSG_TMPL_END(msg_buf, msg), GET_CALLER_PC());   \
*810390e3Srobert    message(msg_buf);                                            \
*810390e3Srobert    abort_with_message(msg_buf);                                 \
3cab2bb3Spatrick  }
3cab2bb3Spatrick
3cab2bb3Spatrick#define HANDLER(name, msg)                                       \
3cab2bb3Spatrick  HANDLER_RECOVER(name, msg)                                     \
3cab2bb3Spatrick  HANDLER_NORECOVER(name, msg)
3cab2bb3Spatrick
3cab2bb3SpatrickHANDLER(type_mismatch, "type-mismatch")
3cab2bb3SpatrickHANDLER(alignment_assumption, "alignment-assumption")
3cab2bb3SpatrickHANDLER(add_overflow, "add-overflow")
3cab2bb3SpatrickHANDLER(sub_overflow, "sub-overflow")
3cab2bb3SpatrickHANDLER(mul_overflow, "mul-overflow")
3cab2bb3SpatrickHANDLER(negate_overflow, "negate-overflow")
3cab2bb3SpatrickHANDLER(divrem_overflow, "divrem-overflow")
3cab2bb3SpatrickHANDLER(shift_out_of_bounds, "shift-out-of-bounds")
3cab2bb3SpatrickHANDLER(out_of_bounds, "out-of-bounds")
3cab2bb3SpatrickHANDLER_RECOVER(builtin_unreachable, "builtin-unreachable")
3cab2bb3SpatrickHANDLER_RECOVER(missing_return, "missing-return")
3cab2bb3SpatrickHANDLER(vla_bound_not_positive, "vla-bound-not-positive")
3cab2bb3SpatrickHANDLER(float_cast_overflow, "float-cast-overflow")
3cab2bb3SpatrickHANDLER(load_invalid_value, "load-invalid-value")
3cab2bb3SpatrickHANDLER(invalid_builtin, "invalid-builtin")
1f9cb04fSpatrickHANDLER(invalid_objc_cast, "invalid-objc-cast")
3cab2bb3SpatrickHANDLER(function_type_mismatch, "function-type-mismatch")
3cab2bb3SpatrickHANDLER(implicit_conversion, "implicit-conversion")
3cab2bb3SpatrickHANDLER(nonnull_arg, "nonnull-arg")
3cab2bb3SpatrickHANDLER(nonnull_return, "nonnull-return")
3cab2bb3SpatrickHANDLER(nullability_arg, "nullability-arg")
3cab2bb3SpatrickHANDLER(nullability_return, "nullability-return")
3cab2bb3SpatrickHANDLER(pointer_overflow, "pointer-overflow")
3cab2bb3SpatrickHANDLER(cfi_check_fail, "cfi-check-fail")