Chandler Carruth | d865fec | 2012-08-29 02:27:54 +0000 | [diff] [blame] | 1 | //===-- sanitizer/common_interface_defs.h -----------------------*- C++ -*-===// |
Alexey Samsonov | 0a4c906 | 2012-06-05 13:50:57 +0000 | [diff] [blame] | 2 | // |
| 3 | // The LLVM Compiler Infrastructure |
| 4 | // |
| 5 | // This file is distributed under the University of Illinois Open Source |
| 6 | // License. See LICENSE.TXT for details. |
| 7 | // |
| 8 | //===----------------------------------------------------------------------===// |
| 9 | // |
Evgeniy Stepanov | 250f221 | 2013-01-30 13:12:08 +0000 | [diff] [blame] | 10 | // Common part of the public sanitizer interface. |
Alexey Samsonov | 0a4c906 | 2012-06-05 13:50:57 +0000 | [diff] [blame] | 11 | //===----------------------------------------------------------------------===// |
| 12 | |
Chandler Carruth | d865fec | 2012-08-29 02:27:54 +0000 | [diff] [blame] | 13 | #ifndef SANITIZER_COMMON_INTERFACE_DEFS_H |
| 14 | #define SANITIZER_COMMON_INTERFACE_DEFS_H |
Alexey Samsonov | 0a4c906 | 2012-06-05 13:50:57 +0000 | [diff] [blame] | 15 | |
Evgeniy Stepanov | 250f221 | 2013-01-30 13:12:08 +0000 | [diff] [blame] | 16 | #include <stddef.h> |
| 17 | #include <stdint.h> |
Alexey Samsonov | 0a4c906 | 2012-06-05 13:50:57 +0000 | [diff] [blame] | 18 | |
Kostya Serebryany | e31eca9 | 2013-02-15 12:00:24 +0000 | [diff] [blame] | 19 | // GCC does not understand __has_feature. |
| 20 | #if !defined(__has_feature) |
| 21 | # define __has_feature(x) 0 |
| 22 | #endif |
| 23 | |
Evgeniy Stepanov | 250f221 | 2013-01-30 13:12:08 +0000 | [diff] [blame] | 24 | #ifdef __cplusplus |
Kostya Serebryany | 81dfbb7 | 2012-09-14 04:35:14 +0000 | [diff] [blame] | 25 | extern "C" { |
Evgeniy Stepanov | 250f221 | 2013-01-30 13:12:08 +0000 | [diff] [blame] | 26 | #endif |
Stephen Hines | 2d1fdb2 | 2014-05-28 23:58:16 -0700 | [diff] [blame] | 27 | // Arguments for __sanitizer_sandbox_on_notify() below. |
| 28 | typedef struct { |
| 29 | // Enable sandbox support in sanitizer coverage. |
| 30 | int coverage_sandboxed; |
| 31 | // File descriptor to write coverage data to. If -1 is passed, a file will |
| 32 | // be pre-opened by __sanitizer_sandobx_on_notify(). This field has no |
| 33 | // effect if coverage_sandboxed == 0. |
| 34 | intptr_t coverage_fd; |
| 35 | // If non-zero, split the coverage data into well-formed blocks. This is |
| 36 | // useful when coverage_fd is a socket descriptor. Each block will contain |
| 37 | // a header, allowing data from multiple processes to be sent over the same |
| 38 | // socket. |
| 39 | unsigned int coverage_max_block_size; |
| 40 | } __sanitizer_sandbox_arguments; |
| 41 | |
Kostya Serebryany | 81dfbb7 | 2012-09-14 04:35:14 +0000 | [diff] [blame] | 42 | // Tell the tools to write their reports to "path.<pid>" instead of stderr. |
Evgeniy Stepanov | 250f221 | 2013-01-30 13:12:08 +0000 | [diff] [blame] | 43 | void __sanitizer_set_report_path(const char *path); |
Alexey Samsonov | ac8564e | 2012-11-02 09:23:36 +0000 | [diff] [blame] | 44 | |
Alexander Potapenko | 2574257 | 2012-12-10 13:10:40 +0000 | [diff] [blame] | 45 | // Notify the tools that the sandbox is going to be turned on. The reserved |
| 46 | // parameter will be used in the future to hold a structure with functions |
| 47 | // that the tools may call to bypass the sandbox. |
Stephen Hines | 2d1fdb2 | 2014-05-28 23:58:16 -0700 | [diff] [blame] | 48 | void __sanitizer_sandbox_on_notify(__sanitizer_sandbox_arguments *args); |
Evgeniy Stepanov | 250f221 | 2013-01-30 13:12:08 +0000 | [diff] [blame] | 49 | |
Kostya Serebryany | 2673fd8 | 2013-02-06 12:36:49 +0000 | [diff] [blame] | 50 | // This function is called by the tool when it has just finished reporting |
| 51 | // an error. 'error_summary' is a one-line string that summarizes |
| 52 | // the error message. This function can be overridden by the client. |
| 53 | void __sanitizer_report_error_summary(const char *error_summary); |
| 54 | |
Kostya Serebryany | dc0d179 | 2013-04-10 13:59:32 +0000 | [diff] [blame] | 55 | // Some of the sanitizers (e.g. asan/tsan) may miss bugs that happen |
| 56 | // in unaligned loads/stores. In order to find such bugs reliably one needs |
| 57 | // to replace plain unaligned loads/stores with these calls. |
| 58 | uint16_t __sanitizer_unaligned_load16(const void *p); |
| 59 | uint32_t __sanitizer_unaligned_load32(const void *p); |
| 60 | uint64_t __sanitizer_unaligned_load64(const void *p); |
| 61 | void __sanitizer_unaligned_store16(void *p, uint16_t x); |
| 62 | void __sanitizer_unaligned_store32(void *p, uint32_t x); |
| 63 | void __sanitizer_unaligned_store64(void *p, uint64_t x); |
| 64 | |
Kostya Serebryany | 2991200 | 2013-11-18 14:02:05 +0000 | [diff] [blame] | 65 | // Annotate the current state of a contiguous container, such as |
| 66 | // std::vector, std::string or similar. |
| 67 | // A contiguous container is a container that keeps all of its elements |
| 68 | // in a contiguous region of memory. The container owns the region of memory |
| 69 | // [beg, end); the memory [beg, mid) is used to store the current elements |
| 70 | // and the memory [mid, end) is reserved for future elements; |
Stephen Hines | 2d1fdb2 | 2014-05-28 23:58:16 -0700 | [diff] [blame] | 71 | // beg <= mid <= end. For example, in "std::vector<> v" |
Kostya Serebryany | 2991200 | 2013-11-18 14:02:05 +0000 | [diff] [blame] | 72 | // beg = &v[0]; |
| 73 | // end = beg + v.capacity() * sizeof(v[0]); |
| 74 | // mid = beg + v.size() * sizeof(v[0]); |
| 75 | // |
| 76 | // This annotation tells the Sanitizer tool about the current state of the |
| 77 | // container so that the tool can report errors when memory from [mid, end) |
| 78 | // is accessed. Insert this annotation into methods like push_back/pop_back. |
| 79 | // Supply the old and the new values of mid (old_mid/new_mid). |
| 80 | // In the initial state mid == end and so should be the final |
| 81 | // state when the container is destroyed or when it reallocates the storage. |
| 82 | // |
| 83 | // Use with caution and don't use for anything other than vector-like classes. |
| 84 | // |
Stephen Hines | 2d1fdb2 | 2014-05-28 23:58:16 -0700 | [diff] [blame] | 85 | // For AddressSanitizer, 'beg' should be 8-aligned and 'end' should |
| 86 | // be either 8-aligned or it should point to the end of a separate heap-, |
| 87 | // stack-, or global- allocated buffer. I.e. the following will not work: |
| 88 | // int64_t x[2]; // 16 bytes, 8-aligned. |
| 89 | // char *beg = (char *)&x[0]; |
| 90 | // char *end = beg + 12; // Not 8 aligned, not the end of the buffer. |
| 91 | // This however will work fine: |
| 92 | // int32_t x[3]; // 12 bytes, but 8-aligned under AddressSanitizer. |
| 93 | // char *beg = (char*)&x[0]; |
| 94 | // char *end = beg + 12; // Not 8-aligned, but is the end of the buffer. |
| 95 | void __sanitizer_annotate_contiguous_container(const void *beg, |
| 96 | const void *end, |
| 97 | const void *old_mid, |
| 98 | const void *new_mid); |
Stephen Hines | 6d18623 | 2014-11-26 17:56:19 -0800 | [diff] [blame] | 99 | // Returns true if the contiguous container [beg, end) is properly poisoned |
Stephen Hines | 2d1fdb2 | 2014-05-28 23:58:16 -0700 | [diff] [blame] | 100 | // (e.g. with __sanitizer_annotate_contiguous_container), i.e. if |
| 101 | // - [beg, mid) is addressable, |
| 102 | // - [mid, end) is unaddressable. |
| 103 | // Full verification requires O(end-beg) time; this function tries to avoid |
| 104 | // such complexity by touching only parts of the container around beg/mid/end. |
| 105 | int __sanitizer_verify_contiguous_container(const void *beg, const void *mid, |
| 106 | const void *end); |
| 107 | |
Pirama Arumuga Nainar | 799172d | 2016-03-03 15:50:30 -0800 | [diff] [blame^] | 108 | // Similar to __sanitizer_verify_contiguous_container but returns the address |
| 109 | // of the first improperly poisoned byte otherwise. Returns null if the area |
| 110 | // is poisoned properly. |
| 111 | const void *__sanitizer_contiguous_container_find_bad_address( |
| 112 | const void *beg, const void *mid, const void *end); |
| 113 | |
Stephen Hines | 2d1fdb2 | 2014-05-28 23:58:16 -0700 | [diff] [blame] | 114 | // Print the stack trace leading to this call. Useful for debugging user code. |
| 115 | void __sanitizer_print_stack_trace(); |
Kostya Serebryany | 2991200 | 2013-11-18 14:02:05 +0000 | [diff] [blame] | 116 | |
Stephen Hines | 86277eb | 2015-03-23 12:06:32 -0700 | [diff] [blame] | 117 | // Sets the callback to be called right before death on error. |
| 118 | // Passing 0 will unset the callback. |
| 119 | void __sanitizer_set_death_callback(void (*callback)(void)); |
Pirama Arumuga Nainar | 799172d | 2016-03-03 15:50:30 -0800 | [diff] [blame^] | 120 | |
| 121 | // Interceptor hooks. |
| 122 | // Whenever a libc function interceptor is called it checks if the |
| 123 | // corresponding weak hook is defined, and it so -- calls it. |
| 124 | // The primary use case is data-flow-guided fuzzing, where the fuzzer needs |
| 125 | // to know what is being passed to libc functions, e.g. memcmp. |
| 126 | // FIXME: implement more hooks. |
| 127 | void __sanitizer_weak_hook_memcmp(void *called_pc, const void *s1, |
| 128 | const void *s2, size_t n); |
| 129 | void __sanitizer_weak_hook_strncmp(void *called_pc, const char *s1, |
| 130 | const char *s2, size_t n); |
Evgeniy Stepanov | 250f221 | 2013-01-30 13:12:08 +0000 | [diff] [blame] | 131 | #ifdef __cplusplus |
Kostya Serebryany | 81dfbb7 | 2012-09-14 04:35:14 +0000 | [diff] [blame] | 132 | } // extern "C" |
Evgeniy Stepanov | 250f221 | 2013-01-30 13:12:08 +0000 | [diff] [blame] | 133 | #endif |
Kostya Serebryany | 81dfbb7 | 2012-09-14 04:35:14 +0000 | [diff] [blame] | 134 | |
Chandler Carruth | d865fec | 2012-08-29 02:27:54 +0000 | [diff] [blame] | 135 | #endif // SANITIZER_COMMON_INTERFACE_DEFS_H |