summaryrefslogtreecommitdiffstats
path: root/libsanitizer/lsan/lsan_common_linux.cc
blob: 80d2459a9ad1f7630d3847f1eefcbc823b5b99b4 (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
//=-- lsan_common_linux.cc ------------------------------------------------===//
//
// This file is distributed under the University of Illinois Open Source
// License. See LICENSE.TXT for details.
//
//===----------------------------------------------------------------------===//
//
// This file is a part of LeakSanitizer.
// Implementation of common leak checking functionality. Linux-specific code.
//
//===----------------------------------------------------------------------===//

#include "sanitizer_common/sanitizer_platform.h"
#include "lsan_common.h"

#if CAN_SANITIZE_LEAKS && SANITIZER_LINUX
#include <link.h>

#include "sanitizer_common/sanitizer_common.h"
#include "sanitizer_common/sanitizer_linux.h"
#include "sanitizer_common/sanitizer_stackdepot.h"

namespace __lsan {

static const char kLinkerName[] = "ld";
// We request 2 modules matching "ld", so we can print a warning if there's more
// than one match. But only the first one is actually used.
static char linker_placeholder[2 * sizeof(LoadedModule)] ALIGNED(64);
static LoadedModule *linker = 0;

static bool IsLinker(const char* full_name) {
  return LibraryNameIs(full_name, kLinkerName);
}

void InitializePlatformSpecificModules() {
  internal_memset(linker_placeholder, 0, sizeof(linker_placeholder));
  uptr num_matches = GetListOfModules(
      reinterpret_cast<LoadedModule *>(linker_placeholder), 2, IsLinker);
  if (num_matches == 1) {
    linker = reinterpret_cast<LoadedModule *>(linker_placeholder);
    return;
  }
  if (num_matches == 0)
    Report("LeakSanitizer: Dynamic linker not found. "
           "TLS will not be handled correctly.\n");
  else if (num_matches > 1)
    Report("LeakSanitizer: Multiple modules match \"%s\". "
           "TLS will not be handled correctly.\n", kLinkerName);
  linker = 0;
}

static int ProcessGlobalRegionsCallback(struct dl_phdr_info *info, size_t size,
                                        void *data) {
  Frontier *frontier = reinterpret_cast<Frontier *>(data);
  for (uptr j = 0; j < info->dlpi_phnum; j++) {
    const ElfW(Phdr) *phdr = &(info->dlpi_phdr[j]);
    // We're looking for .data and .bss sections, which reside in writeable,
    // loadable segments.
    if (!(phdr->p_flags & PF_W) || (phdr->p_type != PT_LOAD) ||
        (phdr->p_memsz == 0))
      continue;
    uptr begin = info->dlpi_addr + phdr->p_vaddr;
    uptr end = begin + phdr->p_memsz;
    uptr allocator_begin = 0, allocator_end = 0;
    GetAllocatorGlobalRange(&allocator_begin, &allocator_end);
    if (begin <= allocator_begin && allocator_begin < end) {
      CHECK_LE(allocator_begin, allocator_end);
      CHECK_LT(allocator_end, end);
      if (begin < allocator_begin)
        ScanRangeForPointers(begin, allocator_begin, frontier, "GLOBAL",
                             kReachable);
      if (allocator_end < end)
        ScanRangeForPointers(allocator_end, end, frontier, "GLOBAL",
                             kReachable);
    } else {
      ScanRangeForPointers(begin, end, frontier, "GLOBAL", kReachable);
    }
  }
  return 0;
}

// Scans global variables for heap pointers.
void ProcessGlobalRegions(Frontier *frontier) {
  // FIXME: dl_iterate_phdr acquires a linker lock, so we run a risk of
  // deadlocking by running this under StopTheWorld. However, the lock is
  // reentrant, so we should be able to fix this by acquiring the lock before
  // suspending threads.
  dl_iterate_phdr(ProcessGlobalRegionsCallback, frontier);
}

static uptr GetCallerPC(u32 stack_id, StackDepotReverseMap *map) {
  CHECK(stack_id);
  uptr size = 0;
  const uptr *trace = map->Get(stack_id, &size);
  // The top frame is our malloc/calloc/etc. The next frame is the caller.
  if (size >= 2)
    return trace[1];
  return 0;
}

struct ProcessPlatformAllocParam {
  Frontier *frontier;
  StackDepotReverseMap *stack_depot_reverse_map;
};

// ForEachChunk callback. Identifies unreachable chunks which must be treated as
// reachable. Marks them as reachable and adds them to the frontier.
static void ProcessPlatformSpecificAllocationsCb(uptr chunk, void *arg) {
  CHECK(arg);
  ProcessPlatformAllocParam *param =
      reinterpret_cast<ProcessPlatformAllocParam *>(arg);
  chunk = GetUserBegin(chunk);
  LsanMetadata m(chunk);
  if (m.allocated() && m.tag() != kReachable) {
    u32 stack_id = m.stack_trace_id();
    uptr caller_pc = 0;
    if (stack_id > 0)
      caller_pc = GetCallerPC(stack_id, param->stack_depot_reverse_map);
    // If caller_pc is unknown, this chunk may be allocated in a coroutine. Mark
    // it as reachable, as we can't properly report its allocation stack anyway.
    if (caller_pc == 0 || linker->containsAddress(caller_pc)) {
      m.set_tag(kReachable);
      param->frontier->push_back(chunk);
    }
  }
}

// Handles dynamically allocated TLS blocks by treating all chunks allocated
// from ld-linux.so as reachable.
void ProcessPlatformSpecificAllocations(Frontier *frontier) {
  if (!flags()->use_tls) return;
  if (!linker) return;
  StackDepotReverseMap stack_depot_reverse_map;
  ProcessPlatformAllocParam arg = {frontier, &stack_depot_reverse_map};
  ForEachChunk(ProcessPlatformSpecificAllocationsCb, &arg);
}

}  // namespace __lsan
#endif  // CAN_SANITIZE_LEAKS && SANITIZER_LINUX
OpenPOWER on IntegriCloud