Home | History | Annotate | Line # | Download | only in ubsan_minimal 
      1 #include "sanitizer_common/sanitizer_atomic.h"
      2 
      3 #include <stdlib.h>
      4 #include <stdint.h>
      5 #include <string.h>
      6 #include <unistd.h>
      7 
      8 #ifdef KERNEL_USE
      9 extern "C" void ubsan_message(const char *msg);
     10 static void message(const char *msg) { ubsan_message(msg); }
     11 #else
     12 static void message(const char *msg) {
     13   write(2, msg, strlen(msg));
     14 }
     15 #endif
     16 
     17 static const int kMaxCallerPcs = 20;
     18 static __sanitizer::atomic_uintptr_t caller_pcs[kMaxCallerPcs];
     19 // Number of elements in caller_pcs. A special value of kMaxCallerPcs + 1 means
     20 // that "too many errors" has already been reported.
     21 static __sanitizer::atomic_uint32_t caller_pcs_sz;
     22 
     23 __attribute__((noinline)) static bool report_this_error(void *caller_p) {
     24   uintptr_t caller = reinterpret_cast<uintptr_t>(caller_p);
     25   if (caller == 0) return false;
     26   while (true) {
     27     unsigned sz = __sanitizer::atomic_load_relaxed(&caller_pcs_sz);
     28     if (sz > kMaxCallerPcs) return false;  // early exit
     29     // when sz==kMaxCallerPcs print "too many errors", but only when cmpxchg
     30     // succeeds in order to not print it multiple times.
     31     if (sz > 0 && sz < kMaxCallerPcs) {
     32       uintptr_t p;
     33       for (unsigned i = 0; i < sz; ++i) {
     34         p = __sanitizer::atomic_load_relaxed(&caller_pcs[i]);
     35         if (p == 0) break;  // Concurrent update.
     36         if (p == caller) return false;
     37       }
     38       if (p == 0) continue;  // FIXME: yield?
     39     }
     40 
     41     if (!__sanitizer::atomic_compare_exchange_strong(
     42             &caller_pcs_sz, &sz, sz + 1, __sanitizer::memory_order_seq_cst))
     43       continue;  // Concurrent update! Try again from the start.
     44 
     45     if (sz == kMaxCallerPcs) {
     46       message("ubsan: too many errors\n");
     47       return false;
     48     }
     49     __sanitizer::atomic_store_relaxed(&caller_pcs[sz], caller);
     50     return true;
     51   }
     52 }
     53 
     54 #if defined(__ANDROID__)
     55 extern "C" __attribute__((weak)) void android_set_abort_message(const char *);
     56 static void abort_with_message(const char *msg) {
     57   if (&android_set_abort_message) android_set_abort_message(msg);
     58   abort();
     59 }
     60 #else
     61 static void abort_with_message(const char *) { abort(); }
     62 #endif
     63 
     64 #if SANITIZER_DEBUG
     65 namespace __sanitizer {
     66 // The DCHECK macro needs this symbol to be defined.
     67 void NORETURN CheckFailed(const char *file, int, const char *cond, u64, u64) {
     68   message("Sanitizer CHECK failed: ");
     69   message(file);
     70   message(":?? : "); // FIXME: Show line number.
     71   message(cond);
     72   abort();
     73 }
     74 } // namespace __sanitizer
     75 #endif
     76 
     77 #define INTERFACE extern "C" __attribute__((visibility("default")))
     78 
     79 // FIXME: add caller pc to the error message (possibly as "ubsan: error-type
     80 // @1234ABCD").
     81 #define HANDLER_RECOVER(name, msg)                               \
     82   INTERFACE void __ubsan_handle_##name##_minimal() {             \
     83     if (!report_this_error(__builtin_return_address(0))) return; \
     84     message("ubsan: " msg "\n");                                 \
     85   }
     86 
     87 #define HANDLER_NORECOVER(name, msg)                             \
     88   INTERFACE void __ubsan_handle_##name##_minimal_abort() {       \
     89     message("ubsan: " msg "\n");                                 \
     90     abort_with_message("ubsan: " msg);                           \
     91   }
     92 
     93 #define HANDLER(name, msg)                                       \
     94   HANDLER_RECOVER(name, msg)                                     \
     95   HANDLER_NORECOVER(name, msg)
     96 
     97 HANDLER(type_mismatch, "type-mismatch")
     98 HANDLER(add_overflow, "add-overflow")
     99 HANDLER(sub_overflow, "sub-overflow")
    100 HANDLER(mul_overflow, "mul-overflow")
    101 HANDLER(negate_overflow, "negate-overflow")
    102 HANDLER(divrem_overflow, "divrem-overflow")
    103 HANDLER(shift_out_of_bounds, "shift-out-of-bounds")
    104 HANDLER(out_of_bounds, "out-of-bounds")
    105 HANDLER_RECOVER(builtin_unreachable, "builtin-unreachable")
    106 HANDLER_RECOVER(missing_return, "missing-return")
    107 HANDLER(vla_bound_not_positive, "vla-bound-not-positive")
    108 HANDLER(float_cast_overflow, "float-cast-overflow")
    109 HANDLER(load_invalid_value, "load-invalid-value")
    110 HANDLER(invalid_builtin, "invalid-builtin")
    111 HANDLER(function_type_mismatch, "function-type-mismatch")
    112 HANDLER(implicit_conversion, "implicit-conversion")
    113 HANDLER(nonnull_arg, "nonnull-arg")
    114 HANDLER(nonnull_return, "nonnull-return")
    115 HANDLER(nullability_arg, "nullability-arg")
    116 HANDLER(nullability_return, "nullability-return")
    117 HANDLER(pointer_overflow, "pointer-overflow")
    118 HANDLER(cfi_check_fail, "cfi-check-fail")
    119