1 //===-- msan.cc -----------------------------------------------------------===//
2 //
3 // The LLVM Compiler Infrastructure
4 //
5 // This file is distributed under the University of Illinois Open Source
6 // License. See LICENSE.TXT for details.
7 //
8 //===----------------------------------------------------------------------===//
9 //
10 // This file is a part of MemorySanitizer.
11 //
12 // MemorySanitizer runtime.
13 //===----------------------------------------------------------------------===//
14
15 #include "msan.h"
16 #include "msan_chained_origin_depot.h"
17 #include "msan_origin.h"
18 #include "msan_thread.h"
19 #include "sanitizer_common/sanitizer_atomic.h"
20 #include "sanitizer_common/sanitizer_common.h"
21 #include "sanitizer_common/sanitizer_flags.h"
22 #include "sanitizer_common/sanitizer_libc.h"
23 #include "sanitizer_common/sanitizer_procmaps.h"
24 #include "sanitizer_common/sanitizer_stacktrace.h"
25 #include "sanitizer_common/sanitizer_symbolizer.h"
26 #include "sanitizer_common/sanitizer_stackdepot.h"
27
28
29 // ACHTUNG! No system header includes in this file.
30
31 using namespace __sanitizer;
32
33 // Globals.
34 static THREADLOCAL int msan_expect_umr = 0;
35 static THREADLOCAL int msan_expected_umr_found = 0;
36
37 static bool msan_running_under_dr;
38
39 // Function argument shadow. Each argument starts at the next available 8-byte
40 // aligned address.
41 SANITIZER_INTERFACE_ATTRIBUTE
42 THREADLOCAL u64 __msan_param_tls[kMsanParamTlsSizeInWords];
43
44 // Function argument origin. Each argument starts at the same offset as the
45 // corresponding shadow in (__msan_param_tls). Slightly weird, but changing this
46 // would break compatibility with older prebuilt binaries.
47 SANITIZER_INTERFACE_ATTRIBUTE
48 THREADLOCAL u32 __msan_param_origin_tls[kMsanParamTlsSizeInWords];
49
50 SANITIZER_INTERFACE_ATTRIBUTE
51 THREADLOCAL u64 __msan_retval_tls[kMsanRetvalTlsSizeInWords];
52
53 SANITIZER_INTERFACE_ATTRIBUTE
54 THREADLOCAL u32 __msan_retval_origin_tls;
55
56 SANITIZER_INTERFACE_ATTRIBUTE
57 THREADLOCAL u64 __msan_va_arg_tls[kMsanParamTlsSizeInWords];
58
59 SANITIZER_INTERFACE_ATTRIBUTE
60 THREADLOCAL u64 __msan_va_arg_overflow_size_tls;
61
62 SANITIZER_INTERFACE_ATTRIBUTE
63 THREADLOCAL u32 __msan_origin_tls;
64
65 static THREADLOCAL int is_in_symbolizer;
66 static THREADLOCAL int is_in_loader;
67
68 extern "C" SANITIZER_WEAK_ATTRIBUTE const int __msan_track_origins;
69
__msan_get_track_origins()70 int __msan_get_track_origins() {
71 return &__msan_track_origins ? __msan_track_origins : 0;
72 }
73
74 extern "C" SANITIZER_WEAK_ATTRIBUTE const int __msan_keep_going;
75
76 namespace __msan {
77
EnterSymbolizer()78 void EnterSymbolizer() { ++is_in_symbolizer; }
ExitSymbolizer()79 void ExitSymbolizer() { --is_in_symbolizer; }
IsInSymbolizer()80 bool IsInSymbolizer() { return is_in_symbolizer; }
81
EnterLoader()82 void EnterLoader() { ++is_in_loader; }
ExitLoader()83 void ExitLoader() { --is_in_loader; }
84
85 extern "C" {
86 SANITIZER_INTERFACE_ATTRIBUTE
__msan_is_in_loader()87 bool __msan_is_in_loader() { return is_in_loader; }
88 }
89
90 static Flags msan_flags;
91
flags()92 Flags *flags() {
93 return &msan_flags;
94 }
95
96 int msan_inited = 0;
97 bool msan_init_is_running;
98
99 int msan_report_count = 0;
100
101 void (*death_callback)(void);
102
103 // Array of stack origins.
104 // FIXME: make it resizable.
105 static const uptr kNumStackOriginDescrs = 1024 * 1024;
106 static const char *StackOriginDescr[kNumStackOriginDescrs];
107 static uptr StackOriginPC[kNumStackOriginDescrs];
108 static atomic_uint32_t NumStackOriginDescrs;
109
ParseFlagsFromString(Flags * f,const char * str)110 static void ParseFlagsFromString(Flags *f, const char *str) {
111 CommonFlags *cf = common_flags();
112 ParseCommonFlagsFromString(cf, str);
113 ParseFlag(str, &f->poison_heap_with_zeroes, "poison_heap_with_zeroes", "");
114 ParseFlag(str, &f->poison_stack_with_zeroes, "poison_stack_with_zeroes", "");
115 ParseFlag(str, &f->poison_in_malloc, "poison_in_malloc", "");
116 ParseFlag(str, &f->poison_in_free, "poison_in_free", "");
117 ParseFlag(str, &f->exit_code, "exit_code", "");
118 if (f->exit_code < 0 || f->exit_code > 127) {
119 Printf("Exit code not in [0, 128) range: %d\n", f->exit_code);
120 Die();
121 }
122 ParseFlag(str, &f->origin_history_size, "origin_history_size", "");
123 if (f->origin_history_size < 0 ||
124 f->origin_history_size > Origin::kMaxDepth) {
125 Printf(
126 "Origin history size invalid: %d. Must be 0 (unlimited) or in [1, %d] "
127 "range.\n",
128 f->origin_history_size, Origin::kMaxDepth);
129 Die();
130 }
131 ParseFlag(str, &f->origin_history_per_stack_limit,
132 "origin_history_per_stack_limit", "");
133 // Limiting to kStackDepotMaxUseCount / 2 to avoid overflow in
134 // StackDepotHandle::inc_use_count_unsafe.
135 if (f->origin_history_per_stack_limit < 0 ||
136 f->origin_history_per_stack_limit > kStackDepotMaxUseCount / 2) {
137 Printf(
138 "Origin per-stack limit invalid: %d. Must be 0 (unlimited) or in [1, "
139 "%d] range.\n",
140 f->origin_history_per_stack_limit, kStackDepotMaxUseCount / 2);
141 Die();
142 }
143
144 ParseFlag(str, &f->report_umrs, "report_umrs", "");
145 ParseFlag(str, &f->wrap_signals, "wrap_signals", "");
146 ParseFlag(str, &f->print_stats, "print_stats", "");
147 ParseFlag(str, &f->atexit, "atexit", "");
148 ParseFlag(str, &f->store_context_size, "store_context_size", "");
149 if (f->store_context_size < 1) f->store_context_size = 1;
150
151 // keep_going is an old name for halt_on_error,
152 // and it has inverse meaning.
153 f->halt_on_error = !f->halt_on_error;
154 ParseFlag(str, &f->halt_on_error, "keep_going", "");
155 f->halt_on_error = !f->halt_on_error;
156 ParseFlag(str, &f->halt_on_error, "halt_on_error", "");
157 }
158
InitializeFlags(Flags * f,const char * options)159 static void InitializeFlags(Flags *f, const char *options) {
160 CommonFlags *cf = common_flags();
161 SetCommonFlagsDefaults(cf);
162 cf->external_symbolizer_path = GetEnv("MSAN_SYMBOLIZER_PATH");
163 cf->malloc_context_size = 20;
164 cf->handle_ioctl = true;
165 // FIXME: test and enable.
166 cf->check_printf = false;
167 cf->intercept_tls_get_addr = true;
168
169 internal_memset(f, 0, sizeof(*f));
170 f->poison_heap_with_zeroes = false;
171 f->poison_stack_with_zeroes = false;
172 f->poison_in_malloc = true;
173 f->poison_in_free = true;
174 f->exit_code = 77;
175 f->origin_history_size = Origin::kMaxDepth;
176 f->origin_history_per_stack_limit = 20000;
177 f->report_umrs = true;
178 f->wrap_signals = true;
179 f->print_stats = false;
180 f->atexit = false;
181 f->halt_on_error = !&__msan_keep_going;
182 f->store_context_size = 20;
183
184 // Override from user-specified string.
185 if (__msan_default_options)
186 ParseFlagsFromString(f, __msan_default_options());
187 ParseFlagsFromString(f, options);
188 }
189
GetStackTrace(StackTrace * stack,uptr max_s,uptr pc,uptr bp,bool request_fast_unwind)190 void GetStackTrace(StackTrace *stack, uptr max_s, uptr pc, uptr bp,
191 bool request_fast_unwind) {
192 MsanThread *t = GetCurrentThread();
193 if (!t || !StackTrace::WillUseFastUnwind(request_fast_unwind)) {
194 // Block reports from our interceptors during _Unwind_Backtrace.
195 SymbolizerScope sym_scope;
196 return stack->Unwind(max_s, pc, bp, 0, 0, 0, request_fast_unwind);
197 }
198 stack->Unwind(max_s, pc, bp, 0, t->stack_top(), t->stack_bottom(),
199 request_fast_unwind);
200 }
201
PrintWarning(uptr pc,uptr bp)202 void PrintWarning(uptr pc, uptr bp) {
203 PrintWarningWithOrigin(pc, bp, __msan_origin_tls);
204 }
205
PrintWarningWithOrigin(uptr pc,uptr bp,u32 origin)206 void PrintWarningWithOrigin(uptr pc, uptr bp, u32 origin) {
207 if (msan_expect_umr) {
208 // Printf("Expected UMR\n");
209 __msan_origin_tls = origin;
210 msan_expected_umr_found = 1;
211 return;
212 }
213
214 ++msan_report_count;
215
216 GET_FATAL_STACK_TRACE_PC_BP(pc, bp);
217
218 u32 report_origin =
219 (__msan_get_track_origins() && Origin(origin).isValid()) ? origin : 0;
220 ReportUMR(&stack, report_origin);
221
222 if (__msan_get_track_origins() && !Origin(origin).isValid()) {
223 Printf(
224 " ORIGIN: invalid (%x). Might be a bug in MemorySanitizer origin "
225 "tracking.\n This could still be a bug in your code, too!\n",
226 origin);
227 }
228 }
229
UnpoisonParam(uptr n)230 void UnpoisonParam(uptr n) {
231 internal_memset(__msan_param_tls, 0, n * sizeof(*__msan_param_tls));
232 }
233
234 // Backup MSan runtime TLS state.
235 // Implementation must be async-signal-safe.
236 // Instances of this class may live on the signal handler stack, and data size
237 // may be an issue.
Backup()238 void ScopedThreadLocalStateBackup::Backup() {
239 va_arg_overflow_size_tls = __msan_va_arg_overflow_size_tls;
240 }
241
Restore()242 void ScopedThreadLocalStateBackup::Restore() {
243 // A lame implementation that only keeps essential state and resets the rest.
244 __msan_va_arg_overflow_size_tls = va_arg_overflow_size_tls;
245
246 internal_memset(__msan_param_tls, 0, sizeof(__msan_param_tls));
247 internal_memset(__msan_retval_tls, 0, sizeof(__msan_retval_tls));
248 internal_memset(__msan_va_arg_tls, 0, sizeof(__msan_va_arg_tls));
249
250 if (__msan_get_track_origins()) {
251 internal_memset(&__msan_retval_origin_tls, 0,
252 sizeof(__msan_retval_origin_tls));
253 internal_memset(__msan_param_origin_tls, 0,
254 sizeof(__msan_param_origin_tls));
255 }
256 }
257
UnpoisonThreadLocalState()258 void UnpoisonThreadLocalState() {
259 }
260
GetStackOriginDescr(u32 id,uptr * pc)261 const char *GetStackOriginDescr(u32 id, uptr *pc) {
262 CHECK_LT(id, kNumStackOriginDescrs);
263 if (pc) *pc = StackOriginPC[id];
264 return StackOriginDescr[id];
265 }
266
ChainOrigin(u32 id,StackTrace * stack)267 u32 ChainOrigin(u32 id, StackTrace *stack) {
268 MsanThread *t = GetCurrentThread();
269 if (t && t->InSignalHandler())
270 return id;
271
272 Origin o(id);
273 int depth = o.depth();
274 // 0 means unlimited depth.
275 if (flags()->origin_history_size > 0 && depth > 0) {
276 if (depth >= flags()->origin_history_size) {
277 return id;
278 } else {
279 ++depth;
280 }
281 }
282
283 StackDepotHandle h = StackDepotPut_WithHandle(stack->trace, stack->size);
284 if (!h.valid()) return id;
285 int use_count = h.use_count();
286 if (use_count > flags()->origin_history_per_stack_limit)
287 return id;
288
289 u32 chained_id;
290 bool inserted = ChainedOriginDepotPut(h.id(), o.id(), &chained_id);
291
292 if (inserted) h.inc_use_count_unsafe();
293
294 return Origin(chained_id, depth).raw_id();
295 }
296
297 } // namespace __msan
298
299 // Interface.
300
301 using namespace __msan;
302
303 #define MSAN_MAYBE_WARNING(type, size) \
304 void __msan_maybe_warning_##size(type s, u32 o) { \
305 GET_CALLER_PC_BP_SP; \
306 (void) sp; \
307 if (UNLIKELY(s)) { \
308 PrintWarningWithOrigin(pc, bp, o); \
309 if (__msan::flags()->halt_on_error) { \
310 Printf("Exiting\n"); \
311 Die(); \
312 } \
313 } \
314 }
315
316 MSAN_MAYBE_WARNING(u8, 1)
317 MSAN_MAYBE_WARNING(u16, 2)
318 MSAN_MAYBE_WARNING(u32, 4)
319 MSAN_MAYBE_WARNING(u64, 8)
320
321 #define MSAN_MAYBE_STORE_ORIGIN(type, size) \
322 void __msan_maybe_store_origin_##size(type s, void *p, u32 o) { \
323 if (UNLIKELY(s)) { \
324 if (__msan_get_track_origins() > 1) { \
325 GET_CALLER_PC_BP_SP; \
326 (void) sp; \
327 GET_STORE_STACK_TRACE_PC_BP(pc, bp); \
328 o = ChainOrigin(o, &stack); \
329 } \
330 *(u32 *)MEM_TO_ORIGIN((uptr)p & ~3UL) = o; \
331 } \
332 }
333
334 MSAN_MAYBE_STORE_ORIGIN(u8, 1)
335 MSAN_MAYBE_STORE_ORIGIN(u16, 2)
336 MSAN_MAYBE_STORE_ORIGIN(u32, 4)
337 MSAN_MAYBE_STORE_ORIGIN(u64, 8)
338
__msan_warning()339 void __msan_warning() {
340 GET_CALLER_PC_BP_SP;
341 (void)sp;
342 PrintWarning(pc, bp);
343 if (__msan::flags()->halt_on_error) {
344 if (__msan::flags()->print_stats)
345 ReportStats();
346 Printf("Exiting\n");
347 Die();
348 }
349 }
350
__msan_warning_noreturn()351 void __msan_warning_noreturn() {
352 GET_CALLER_PC_BP_SP;
353 (void)sp;
354 PrintWarning(pc, bp);
355 if (__msan::flags()->print_stats)
356 ReportStats();
357 Printf("Exiting\n");
358 Die();
359 }
360
__msan_init()361 void __msan_init() {
362 CHECK(!msan_init_is_running);
363 if (msan_inited) return;
364 msan_init_is_running = 1;
365 SanitizerToolName = "MemorySanitizer";
366
367 SetDieCallback(MsanDie);
368 InitTlsSize();
369
370 const char *msan_options = GetEnv("MSAN_OPTIONS");
371 InitializeFlags(&msan_flags, msan_options);
372 if (common_flags()->help) PrintFlagDescriptions();
373 __sanitizer_set_report_path(common_flags()->log_path);
374
375 InitializeInterceptors();
376 InstallAtExitHandler(); // Needs __cxa_atexit interceptor.
377
378 if (MSAN_REPLACE_OPERATORS_NEW_AND_DELETE)
379 ReplaceOperatorsNewAndDelete();
380 if (StackSizeIsUnlimited()) {
381 VPrintf(1, "Unlimited stack, doing reexec\n");
382 // A reasonably large stack size. It is bigger than the usual 8Mb, because,
383 // well, the program could have been run with unlimited stack for a reason.
384 SetStackSizeLimitInBytes(32 * 1024 * 1024);
385 ReExec();
386 }
387
388 VPrintf(1, "MSAN_OPTIONS: %s\n", msan_options ? msan_options : "<empty>");
389
390 __msan_clear_on_return();
391 if (__msan_get_track_origins())
392 VPrintf(1, "msan_track_origins\n");
393 if (!InitShadow(/* prot1 */ !msan_running_under_dr, /* prot2 */ true,
394 /* map_shadow */ true, __msan_get_track_origins())) {
395 Printf("FATAL: MemorySanitizer can not mmap the shadow memory.\n");
396 Printf("FATAL: Make sure to compile with -fPIE and to link with -pie.\n");
397 Printf("FATAL: Disabling ASLR is known to cause this error.\n");
398 Printf("FATAL: If running under GDB, try "
399 "'set disable-randomization off'.\n");
400 DumpProcessMap();
401 Die();
402 }
403
404 Symbolizer::Init(common_flags()->external_symbolizer_path);
405 Symbolizer::Get()->AddHooks(EnterSymbolizer, ExitSymbolizer);
406
407 MsanTSDInit(MsanTSDDtor);
408
409 MsanThread *main_thread = MsanThread::Create(0, 0);
410 SetCurrentThread(main_thread);
411 main_thread->ThreadStart();
412
413 VPrintf(1, "MemorySanitizer init done\n");
414
415 msan_init_is_running = 0;
416 msan_inited = 1;
417 }
418
__msan_set_exit_code(int exit_code)419 void __msan_set_exit_code(int exit_code) {
420 flags()->exit_code = exit_code;
421 }
422
__msan_set_keep_going(int keep_going)423 void __msan_set_keep_going(int keep_going) {
424 flags()->halt_on_error = !keep_going;
425 }
426
__msan_set_expect_umr(int expect_umr)427 void __msan_set_expect_umr(int expect_umr) {
428 if (expect_umr) {
429 msan_expected_umr_found = 0;
430 } else if (!msan_expected_umr_found) {
431 GET_CALLER_PC_BP_SP;
432 (void)sp;
433 GET_FATAL_STACK_TRACE_PC_BP(pc, bp);
434 ReportExpectedUMRNotFound(&stack);
435 Die();
436 }
437 msan_expect_umr = expect_umr;
438 }
439
__msan_print_shadow(const void * x,uptr size)440 void __msan_print_shadow(const void *x, uptr size) {
441 if (!MEM_IS_APP(x)) {
442 Printf("Not a valid application address: %p\n", x);
443 return;
444 }
445
446 DescribeMemoryRange(x, size);
447 }
448
__msan_dump_shadow(const void * x,uptr size)449 void __msan_dump_shadow(const void *x, uptr size) {
450 if (!MEM_IS_APP(x)) {
451 Printf("Not a valid application address: %p\n", x);
452 return;
453 }
454
455 unsigned char *s = (unsigned char*)MEM_TO_SHADOW(x);
456 for (uptr i = 0; i < size; i++) {
457 #if __BYTE_ORDER__ == __ORDER_LITTLE_ENDIAN__
458 Printf("%x%x ", s[i] & 0xf, s[i] >> 4);
459 #else
460 Printf("%x%x ", s[i] >> 4, s[i] & 0xf);
461 #endif
462 }
463 Printf("\n");
464 }
465
__msan_test_shadow(const void * x,uptr size)466 sptr __msan_test_shadow(const void *x, uptr size) {
467 if (!MEM_IS_APP(x)) return -1;
468 unsigned char *s = (unsigned char *)MEM_TO_SHADOW((uptr)x);
469 for (uptr i = 0; i < size; ++i)
470 if (s[i])
471 return i;
472 return -1;
473 }
474
__msan_check_mem_is_initialized(const void * x,uptr size)475 void __msan_check_mem_is_initialized(const void *x, uptr size) {
476 if (!__msan::flags()->report_umrs) return;
477 sptr offset = __msan_test_shadow(x, size);
478 if (offset < 0)
479 return;
480
481 GET_CALLER_PC_BP_SP;
482 (void)sp;
483 ReportUMRInsideAddressRange(__func__, x, size, offset);
484 __msan::PrintWarningWithOrigin(pc, bp,
485 __msan_get_origin(((char *)x) + offset));
486 if (__msan::flags()->halt_on_error) {
487 Printf("Exiting\n");
488 Die();
489 }
490 }
491
__msan_set_poison_in_malloc(int do_poison)492 int __msan_set_poison_in_malloc(int do_poison) {
493 int old = flags()->poison_in_malloc;
494 flags()->poison_in_malloc = do_poison;
495 return old;
496 }
497
__msan_has_dynamic_component()498 int __msan_has_dynamic_component() {
499 return msan_running_under_dr;
500 }
501
502 NOINLINE
__msan_clear_on_return()503 void __msan_clear_on_return() {
504 __msan_param_tls[0] = 0;
505 }
506
get_tls_base()507 static void* get_tls_base() {
508 u64 p;
509 asm("mov %%fs:0, %0"
510 : "=r"(p) ::);
511 return (void*)p;
512 }
513
__msan_get_retval_tls_offset()514 int __msan_get_retval_tls_offset() {
515 // volatile here is needed to avoid UB, because the compiler thinks that we
516 // are doing address arithmetics on unrelated pointers, and takes some
517 // shortcuts
518 volatile sptr retval_tls_p = (sptr)&__msan_retval_tls;
519 volatile sptr tls_base_p = (sptr)get_tls_base();
520 return retval_tls_p - tls_base_p;
521 }
522
__msan_get_param_tls_offset()523 int __msan_get_param_tls_offset() {
524 // volatile here is needed to avoid UB, because the compiler thinks that we
525 // are doing address arithmetics on unrelated pointers, and takes some
526 // shortcuts
527 volatile sptr param_tls_p = (sptr)&__msan_param_tls;
528 volatile sptr tls_base_p = (sptr)get_tls_base();
529 return param_tls_p - tls_base_p;
530 }
531
__msan_partial_poison(const void * data,void * shadow,uptr size)532 void __msan_partial_poison(const void* data, void* shadow, uptr size) {
533 internal_memcpy((void*)MEM_TO_SHADOW((uptr)data), shadow, size);
534 }
535
__msan_load_unpoisoned(void * src,uptr size,void * dst)536 void __msan_load_unpoisoned(void *src, uptr size, void *dst) {
537 internal_memcpy(dst, src, size);
538 __msan_unpoison(dst, size);
539 }
540
__msan_set_origin(const void * a,uptr size,u32 origin)541 void __msan_set_origin(const void *a, uptr size, u32 origin) {
542 // Origin mapping is 4 bytes per 4 bytes of application memory.
543 // Here we extend the range such that its left and right bounds are both
544 // 4 byte aligned.
545 if (!__msan_get_track_origins()) return;
546 uptr x = MEM_TO_ORIGIN((uptr)a);
547 uptr beg = x & ~3UL; // align down.
548 uptr end = (x + size + 3) & ~3UL; // align up.
549 u64 origin64 = ((u64)origin << 32) | origin;
550 // This is like memset, but the value is 32-bit. We unroll by 2 to write
551 // 64 bits at once. May want to unroll further to get 128-bit stores.
552 if (beg & 7ULL) {
553 *(u32*)beg = origin;
554 beg += 4;
555 }
556 for (uptr addr = beg; addr < (end & ~7UL); addr += 8)
557 *(u64*)addr = origin64;
558 if (end & 7ULL)
559 *(u32*)(end - 4) = origin;
560 }
561
562 // 'descr' is created at compile time and contains '----' in the beginning.
563 // When we see descr for the first time we replace '----' with a uniq id
564 // and set the origin to (id | (31-th bit)).
__msan_set_alloca_origin(void * a,uptr size,const char * descr)565 void __msan_set_alloca_origin(void *a, uptr size, const char *descr) {
566 __msan_set_alloca_origin4(a, size, descr, 0);
567 }
568
__msan_set_alloca_origin4(void * a,uptr size,const char * descr,uptr pc)569 void __msan_set_alloca_origin4(void *a, uptr size, const char *descr, uptr pc) {
570 static const u32 dash = '-';
571 static const u32 first_timer =
572 dash + (dash << 8) + (dash << 16) + (dash << 24);
573 u32 *id_ptr = (u32*)descr;
574 bool print = false; // internal_strstr(descr + 4, "AllocaTOTest") != 0;
575 u32 id = *id_ptr;
576 if (id == first_timer) {
577 u32 idx = atomic_fetch_add(&NumStackOriginDescrs, 1, memory_order_relaxed);
578 CHECK_LT(idx, kNumStackOriginDescrs);
579 StackOriginDescr[idx] = descr + 4;
580 StackOriginPC[idx] = pc;
581 ChainedOriginDepotPut(idx, Origin::kStackRoot, &id);
582 *id_ptr = id;
583 if (print)
584 Printf("First time: idx=%d id=%d %s %p \n", idx, id, descr + 4, pc);
585 }
586 if (print)
587 Printf("__msan_set_alloca_origin: descr=%s id=%x\n", descr + 4, id);
588 __msan_set_origin(a, size, Origin(id, 1).raw_id());
589 }
590
__msan_chain_origin(u32 id)591 u32 __msan_chain_origin(u32 id) {
592 GET_CALLER_PC_BP_SP;
593 (void)sp;
594 GET_STORE_STACK_TRACE_PC_BP(pc, bp);
595 return ChainOrigin(id, &stack);
596 }
597
__msan_get_origin(const void * a)598 u32 __msan_get_origin(const void *a) {
599 if (!__msan_get_track_origins()) return 0;
600 uptr x = (uptr)a;
601 uptr aligned = x & ~3ULL;
602 uptr origin_ptr = MEM_TO_ORIGIN(aligned);
603 return *(u32*)origin_ptr;
604 }
605
__msan_get_umr_origin()606 u32 __msan_get_umr_origin() {
607 return __msan_origin_tls;
608 }
609
__sanitizer_unaligned_load16(const uu16 * p)610 u16 __sanitizer_unaligned_load16(const uu16 *p) {
611 __msan_retval_tls[0] = *(uu16 *)MEM_TO_SHADOW((uptr)p);
612 if (__msan_get_track_origins())
613 __msan_retval_origin_tls = GetOriginIfPoisoned((uptr)p, sizeof(*p));
614 return *p;
615 }
__sanitizer_unaligned_load32(const uu32 * p)616 u32 __sanitizer_unaligned_load32(const uu32 *p) {
617 __msan_retval_tls[0] = *(uu32 *)MEM_TO_SHADOW((uptr)p);
618 if (__msan_get_track_origins())
619 __msan_retval_origin_tls = GetOriginIfPoisoned((uptr)p, sizeof(*p));
620 return *p;
621 }
__sanitizer_unaligned_load64(const uu64 * p)622 u64 __sanitizer_unaligned_load64(const uu64 *p) {
623 __msan_retval_tls[0] = *(uu64 *)MEM_TO_SHADOW((uptr)p);
624 if (__msan_get_track_origins())
625 __msan_retval_origin_tls = GetOriginIfPoisoned((uptr)p, sizeof(*p));
626 return *p;
627 }
__sanitizer_unaligned_store16(uu16 * p,u16 x)628 void __sanitizer_unaligned_store16(uu16 *p, u16 x) {
629 u16 s = __msan_param_tls[1];
630 *(uu16 *)MEM_TO_SHADOW((uptr)p) = s;
631 if (s && __msan_get_track_origins())
632 if (uu32 o = __msan_param_origin_tls[2])
633 SetOriginIfPoisoned((uptr)p, (uptr)&s, sizeof(s), o);
634 *p = x;
635 }
__sanitizer_unaligned_store32(uu32 * p,u32 x)636 void __sanitizer_unaligned_store32(uu32 *p, u32 x) {
637 u32 s = __msan_param_tls[1];
638 *(uu32 *)MEM_TO_SHADOW((uptr)p) = s;
639 if (s && __msan_get_track_origins())
640 if (uu32 o = __msan_param_origin_tls[2])
641 SetOriginIfPoisoned((uptr)p, (uptr)&s, sizeof(s), o);
642 *p = x;
643 }
__sanitizer_unaligned_store64(uu64 * p,u64 x)644 void __sanitizer_unaligned_store64(uu64 *p, u64 x) {
645 u64 s = __msan_param_tls[1];
646 *(uu64 *)MEM_TO_SHADOW((uptr)p) = s;
647 if (s && __msan_get_track_origins())
648 if (uu32 o = __msan_param_origin_tls[2])
649 SetOriginIfPoisoned((uptr)p, (uptr)&s, sizeof(s), o);
650 *p = x;
651 }
652
__msan_set_death_callback(void (* callback)(void))653 void __msan_set_death_callback(void (*callback)(void)) {
654 death_callback = callback;
655 }
656
__msan_wrap_indirect_call(void * target)657 void *__msan_wrap_indirect_call(void *target) {
658 return IndirectExternCall(target);
659 }
660
__msan_dr_is_initialized()661 void __msan_dr_is_initialized() {
662 msan_running_under_dr = true;
663 }
664
__msan_set_indirect_call_wrapper(uptr wrapper)665 void __msan_set_indirect_call_wrapper(uptr wrapper) {
666 SetIndirectCallWrapper(wrapper);
667 }
668
669 #if !SANITIZER_SUPPORTS_WEAK_HOOKS
670 extern "C" {
671 SANITIZER_INTERFACE_ATTRIBUTE SANITIZER_WEAK_ATTRIBUTE
__msan_default_options()672 const char* __msan_default_options() { return ""; }
673 } // extern "C"
674 #endif
675
676 extern "C" {
677 SANITIZER_INTERFACE_ATTRIBUTE
__sanitizer_print_stack_trace()678 void __sanitizer_print_stack_trace() {
679 GET_FATAL_STACK_TRACE_PC_BP(StackTrace::GetCurrentPc(), GET_CURRENT_FRAME());
680 stack.Print();
681 }
682 } // extern "C"
683