| OLD | NEW |
|---|
| 1 //===- subzero/runtime/szrt_asan.c - AddressSanitizer Runtime -----*- C -*-===// | 1 //===- subzero/runtime/szrt_asan.c - AddressSanitizer Runtime -----*- C -*-===// |
| 2 // | 2 // |
| 3 // The Subzero Code Generator | 3 // The Subzero Code Generator |
| 4 // | 4 // |
| 5 // This file is distributed under the University of Illinois Open Source | 5 // This file is distributed under the University of Illinois Open Source |
| 6 // License. See LICENSE.TXT for details. | 6 // License. See LICENSE.TXT for details. |
| 7 // | 7 // |
| 8 //===----------------------------------------------------------------------===// | 8 //===----------------------------------------------------------------------===// |
| 9 /// | 9 /// |
| 10 /// \file | 10 /// \file |
| (...skipping 27 matching lines...) Expand all Loading... |
| 38 #define IS_SHADOW_ALIGNED(p) (SHADOW_OFFSET(p) == 0) | 38 #define IS_SHADOW_ALIGNED(p) (SHADOW_OFFSET(p) == 0) |
| 39 | 39 |
| 40 #define MEM2SHADOW(p) (((uintptr_t)(p) >> SHADOW_SCALE_LOG2) + shadow_offset) | 40 #define MEM2SHADOW(p) (((uintptr_t)(p) >> SHADOW_SCALE_LOG2) + shadow_offset) |
| 41 #define SHADOW2MEM(p) \ | 41 #define SHADOW2MEM(p) \ |
| 42 ((uintptr_t)((char *)(p)-shadow_offset) << SHADOW_SCALE_LOG2) | 42 ((uintptr_t)((char *)(p)-shadow_offset) << SHADOW_SCALE_LOG2) |
| 43 | 43 |
| 44 #define POISON_VAL (-1) | 44 #define POISON_VAL (-1) |
| 45 | 45 |
| 46 static char *shadow_offset = NULL; | 46 static char *shadow_offset = NULL; |
| 47 | 47 |
| 48 void __asan_init(void); | 48 void __asan_init(int, void **, int *); |
| 49 void __asan_check(char *, int); | 49 void __asan_check(char *, int); |
| 50 void *__asan_malloc(size_t); | 50 void *__asan_malloc(size_t); |
| 51 void __asan_free(char *); | 51 void __asan_free(char *); |
| 52 void __asan_poison(char *, int); | 52 void __asan_poison(char *, int); |
| 53 void __asan_unpoison(char *, int); | 53 void __asan_unpoison(char *, int); |
| 54 | 54 |
| 55 void __asan_init(void) { | 55 void __asan_init(int n_rzs, void **rzs, int *rz_sizes) { |
| 56 // ensure the redzones are large enough to hold metadata | 56 // ensure the redzones are large enough to hold metadata |
| 57 assert(RZ_SIZE >= sizeof(void *) && RZ_SIZE >= sizeof(size_t)); | 57 assert(RZ_SIZE >= sizeof(void *) && RZ_SIZE >= sizeof(size_t)); |
| 58 assert(shadow_offset == NULL); | 58 assert(shadow_offset == NULL); |
| 59 size_t length = (IS_32_BIT) ? SHADOW_LENGTH_32 : SHADOW_LENGTH_64; | 59 size_t length = (IS_32_BIT) ? SHADOW_LENGTH_32 : SHADOW_LENGTH_64; |
| 60 int prot = PROT_READ | PROT_WRITE; | 60 int prot = PROT_READ | PROT_WRITE; |
| 61 int flags = MAP_PRIVATE | MAP_ANONYMOUS; | 61 int flags = MAP_PRIVATE | MAP_ANONYMOUS; |
| 62 int fd = -1; | 62 int fd = -1; |
| 63 off_t offset = 0; | 63 off_t offset = 0; |
| 64 shadow_offset = mmap((void *)length, length, prot, flags, fd, offset); | 64 shadow_offset = mmap((void *)length, length, prot, flags, fd, offset); |
| 65 if (shadow_offset == NULL) | 65 if (shadow_offset == NULL) |
| 66 fprintf(stderr, "unable to allocate shadow memory\n"); | 66 fprintf(stderr, "unable to allocate shadow memory\n"); |
| 67 else | 67 else |
| 68 printf("set up shadow memory at %p\n", shadow_offset); | 68 printf("set up shadow memory at %p\n", shadow_offset); |
| 69 if (mprotect(MEM2SHADOW(shadow_offset), length >> SHADOW_SCALE_LOG2, | 69 if (mprotect(MEM2SHADOW(shadow_offset), length >> SHADOW_SCALE_LOG2, |
| 70 PROT_NONE)) | 70 PROT_NONE)) |
| 71 fprintf(stderr, "could not protect bad region\n"); | 71 fprintf(stderr, "could not protect bad region\n"); |
| 72 else | 72 else |
| 73 printf("protected bad region\n"); | 73 printf("protected bad region\n"); |
| 74 |
| 75 // poison global redzones |
| 76 printf("poisioning %d global redzones\n", n_rzs); |
| 77 for (int i = 0; i < n_rzs; i++) { |
| 78 printf("(%d) poisoning redzone of size %d at %p\n", i, rz_sizes[i], rzs[i]); |
| 79 __asan_poison(rzs[i], rz_sizes[i]); |
| 80 } |
| 74 } | 81 } |
| 75 | 82 |
| 76 void __asan_check(char *ptr, int size) { | 83 void __asan_check(char *ptr, int size) { |
| 77 printf("check %d bytes at %p\n", size, ptr); | 84 printf("check %d bytes at %p\n", size, ptr); |
| 78 char *end = ptr + size; | 85 char *end = ptr + size; |
| 79 for (; ptr < end; ++ptr) { | 86 for (; ptr < end; ++ptr) { |
| 80 char shadow = *(char *)MEM2SHADOW(ptr); | 87 char shadow = *(char *)MEM2SHADOW(ptr); |
| 81 printf("checking %p with shadow %d\n", ptr, shadow); | 88 printf("checking %p with shadow %d\n", ptr, shadow); |
| 82 if (shadow != 0 && (shadow < 0 || SHADOW_OFFSET(ptr) > shadow)) { | 89 if (shadow != 0 && (shadow < 0 || SHADOW_OFFSET(ptr) > shadow)) { |
| 83 fprintf(stderr, "Illegal access of %d bytes at %p\n", size, ptr); | 90 fprintf(stderr, "Illegal access of %d bytes at %p\n", size, ptr); |
| (...skipping 58 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 142 assert(size < 2 * RZ_SIZE); | 149 assert(size < 2 * RZ_SIZE); |
| 143 printf("unpoison %d bytes at %p: %p - %p\n", size, ptr, MEM2SHADOW(ptr), | 150 printf("unpoison %d bytes at %p: %p - %p\n", size, ptr, MEM2SHADOW(ptr), |
| 144 MEM2SHADOW(end)); | 151 MEM2SHADOW(end)); |
| 145 *(char *)MEM2SHADOW(ptr) = 0; | 152 *(char *)MEM2SHADOW(ptr) = 0; |
| 146 ptr += SHADOW_OFFSET(size); | 153 ptr += SHADOW_OFFSET(size); |
| 147 assert(IS_SHADOW_ALIGNED(ptr)); | 154 assert(IS_SHADOW_ALIGNED(ptr)); |
| 148 for (; ptr != end; ptr += SHADOW_SCALE) { | 155 for (; ptr != end; ptr += SHADOW_SCALE) { |
| 149 *(char *)MEM2SHADOW(ptr) = 0; | 156 *(char *)MEM2SHADOW(ptr) = 0; |
| 150 } | 157 } |
| 151 } | 158 } |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 2108083002:
Implemented aligning and poisoning global redzones (Closed)
Base URL: https://chromium.googlesource.com/native_client/pnacl-subzero.git@master