1 /* Implementation header for mudflap runtime library.
2 Mudflap: narrow-pointer bounds-checking by tree rewriting.
3 Copyright (C) 2002-2013 Free Software Foundation, Inc.
4 Contributed by Frank Ch. Eigler <fche@redhat.com>
5 and Graydon Hoare <graydon@redhat.com>
6
7 This file is part of GCC.
8
9 GCC is free software; you can redistribute it and/or modify it under
10 the terms of the GNU General Public License as published by the Free
11 Software Foundation; either version 3, or (at your option) any later
12 version.
13
14 GCC is distributed in the hope that it will be useful, but WITHOUT ANY
15 WARRANTY; without even the implied warranty of MERCHANTABILITY or
16 FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
17 for more details.
18
19 Under Section 7 of GPL version 3, you are granted additional
20 permissions described in the GCC Runtime Library Exception, version
21 3.1, as published by the Free Software Foundation.
22
23 You should have received a copy of the GNU General Public License and
24 a copy of the GCC Runtime Library Exception along with this program;
25 see the files COPYING3 and COPYING.RUNTIME respectively. If not, see
26 <http://www.gnu.org/licenses/>. */
27
28 #ifndef __MF_IMPL_H
29 #define __MF_IMPL_H
30
31 #ifdef _MUDFLAP
32 #error "Do not compile this file with -fmudflap!"
33 #endif
34
35 #if HAVE_PTHREAD_H
36 #include <pthread.h>
37 #elif LIBMUDFLAPTH
38 #error "Cannot build libmudflapth without pthread.h."
39 #endif
40
41 #if HAVE_STDINT_H
42 #include <stdint.h>
43 #else
44 typedef __mf_uintptr_t uintptr_t;
45 #endif
46
47 /* Private definitions related to mf-runtime.h */
48
49 #define __MF_TYPE_MAX_CEM __MF_TYPE_STACK /* largest type# for the cemetery */
50 #define __MF_TYPE_MAX __MF_TYPE_GUESS
51
52
53 #ifndef max
54 #define max(a,b) ((a) > (b) ? (a) : (b))
55 #endif
56
57 #ifndef min
58 #define min(a,b) ((a) < (b) ? (a) : (b))
59 #endif
60
61 /* Address calculation macros. */
62
63 #define MINPTR ((uintptr_t) 0)
64 #define MAXPTR (~ (uintptr_t) 0)
65
66 /* Clamp the addition/subtraction of uintptr_t's to [MINPTR,MAXPTR] */
67 #define CLAMPSUB(ptr,offset) (((uintptr_t) ptr) >= (offset) ? ((uintptr_t) ptr)-((uintptr_t) offset) : MINPTR)
68 #define CLAMPADD(ptr,offset) (((uintptr_t) ptr) <= MAXPTR-(offset) ? ((uintptr_t) ptr)+((uintptr_t) offset) : MAXPTR)
69 #define CLAMPSZ(ptr,size) ((size) ? (((uintptr_t) ptr) <= MAXPTR-(size)+1 ? ((uintptr_t) ptr)+((uintptr_t) size) - 1 : MAXPTR) : ((uintptr_t) ptr))
70
71 #define __MF_CACHE_INDEX(ptr) ((((uintptr_t) (ptr)) >> __mf_lc_shift) & __mf_lc_mask)
72 #define __MF_CACHE_MISS_P(ptr,sz) ({ \
73 struct __mf_cache *elem = & __mf_lookup_cache[__MF_CACHE_INDEX((ptr))]; \
74 ((elem->low > (uintptr_t) (ptr)) || \
75 (elem->high < (CLAMPADD((uintptr_t) (ptr), (uintptr_t) CLAMPSUB(sz,1) )))); })
76 /* XXX: the above should use CLAMPSZ () */
77
78
79
80 /* Private functions. */
81
82 extern void __mf_violation (void *ptr, size_t sz,
83 uintptr_t pc, const char *location,
84 int type);
85 extern size_t __mf_backtrace (char ***, void *, unsigned);
86 extern int __mf_heuristic_check (uintptr_t, uintptr_t);
87
88 /* ------------------------------------------------------------------------ */
89 /* Type definitions. */
90 /* ------------------------------------------------------------------------ */
91
92 /* The mf_state type codes describe recursion and initialization order.
93
94 reentrant means we are inside a mf-runtime support routine, such as
95 __mf_register, and thus there should be no calls to any wrapped functions,
96 such as the wrapped malloc. This indicates a bug if it occurs.
97 in_malloc means we are inside a real malloc call inside a wrapped malloc
98 call, and thus there should be no calls to any wrapped functions like the
99 wrapped mmap. This happens on some systems due to how the system libraries
100 are constructed. */
101
102 enum __mf_state_enum { active, reentrant, in_malloc };
103
104 /* The __mf_options structure records optional or tunable aspects of the
105 mudflap library's behavior. There is a single global instance of this
106 structure which is populated from user input (in an environment variable)
107 when the library initializes. */
108
109 struct __mf_options
110 {
111 /* Emit a trace message for each call. */
112 unsigned trace_mf_calls;
113
114 /* Collect and emit statistics. */
115 unsigned collect_stats;
116
117 /* Set up a SIGUSR1 -> __mf_report handler. */
118 unsigned sigusr1_report;
119
120 /* Execute internal checking code. */
121 unsigned internal_checking;
122
123 /* Age object liveness periodically. */
124 unsigned tree_aging;
125
126 /* Adapt the lookup cache to working set. */
127 unsigned adapt_cache;
128
129 /* Print list of leaked heap objects on shutdown. */
130 unsigned print_leaks;
131
132 #ifdef HAVE___LIBC_FREERES
133 /* Call __libc_freeres before leak analysis. */
134 unsigned call_libc_freeres;
135 #endif
136
137 /* Detect reads of uninitialized objects. */
138 unsigned check_initialization;
139
140 /* Print verbose description of violations. */
141 unsigned verbose_violations;
142
143 /* Abbreviate duplicate object descriptions. */
144 unsigned abbreviate;
145
146 /* Emit internal tracing message. */
147 unsigned verbose_trace;
148
149 /* Wipe stack/heap objects upon unwind. */
150 unsigned wipe_stack;
151 unsigned wipe_heap;
152
153 /* Maintain a queue of this many deferred free()s,
154 to trap use of freed memory. */
155 unsigned free_queue_length;
156
157 /* Maintain a history of this many past unregistered objects. */
158 unsigned persistent_count;
159
160 /* Pad allocated extents by this many bytes on either side. */
161 unsigned crumple_zone;
162
163 /* Maintain this many stack frames for contexts. */
164 unsigned backtrace;
165
166 /* Ignore read operations even if mode_check is in effect. */
167 unsigned ignore_reads;
168
169 /* Collect register/unregister timestamps. */
170 unsigned timestamps;
171
172 #ifdef LIBMUDFLAPTH
173 /* Thread stack size. */
174 unsigned thread_stack;
175 #endif
176
177 /* Major operation mode */
178 #define mode_nop 0 /* Do nothing. */
179 #define mode_populate 1 /* Populate tree but do not check for violations. */
180 #define mode_check 2 /* Populate and check for violations (normal). */
181 #define mode_violate 3 /* Trigger a violation on every call (diagnostic). */
182 unsigned mudflap_mode;
183
184 /* How to handle a violation. */
185 #define viol_nop 0 /* Return control to application. */
186 #define viol_segv 1 /* Signal self with segv. */
187 #define viol_abort 2 /* Call abort (). */
188 #define viol_gdb 3 /* Fork a debugger on self */
189 unsigned violation_mode;
190
191 /* Violation heuristics selection. */
192 unsigned heur_stack_bound; /* allow current stack region */
193 unsigned heur_proc_map; /* allow & cache /proc/self/map regions. */
194 unsigned heur_start_end; /* allow _start .. _end */
195 unsigned heur_std_data; /* allow & cache stdlib data */
196 };
197
198
199 #ifdef PIC
200
201 /* This is a table of dynamically resolved function pointers. */
202
203 struct __mf_dynamic_entry
204 {
205 void *pointer;
206 char *name;
207 char *version;
208 };
209
210 /* The definition of the array (mf-runtime.c) must match the enums! */
211 extern struct __mf_dynamic_entry __mf_dynamic[];
212 enum __mf_dynamic_index
213 {
214 dyn_calloc, dyn_free, dyn_malloc, dyn_mmap,
215 #ifdef HAVE_MMAP64
216 dyn_mmap64,
217 #endif
218 dyn_munmap, dyn_realloc,
219 dyn_INITRESOLVE, /* Marker for last init-time resolution. */
220 #ifdef LIBMUDFLAPTH
221 dyn_pthread_create
222 #endif
223 };
224
225 #endif /* PIC */
226
227 /* ------------------------------------------------------------------------ */
228 /* Private global variables. */
229 /* ------------------------------------------------------------------------ */
230
231 #ifdef LIBMUDFLAPTH
232 extern pthread_mutex_t __mf_biglock;
233 #define LOCKTH() do { extern unsigned long __mf_lock_contention; \
234 int rc = pthread_mutex_trylock (& __mf_biglock); \
235 if (rc) { __mf_lock_contention ++; \
236 rc = pthread_mutex_lock (& __mf_biglock); } \
237 assert (rc==0); } while (0)
238 #define UNLOCKTH() do { int rc = pthread_mutex_unlock (& __mf_biglock); \
239 assert (rc==0); } while (0)
240 #else
241 #define LOCKTH() do {} while (0)
242 #define UNLOCKTH() do {} while (0)
243 #endif
244
245 #if defined(LIBMUDFLAPTH) && (!defined(HAVE_TLS) || defined(USE_EMUTLS))
246 extern enum __mf_state_enum __mf_get_state (void);
247 extern void __mf_set_state (enum __mf_state_enum);
248 #else
249 # ifdef LIBMUDFLAPTH
250 extern __thread enum __mf_state_enum __mf_state_1;
251 # else
252 extern enum __mf_state_enum __mf_state_1;
253 # endif
__mf_get_state(void)254 static inline enum __mf_state_enum __mf_get_state (void)
255 {
256 return __mf_state_1;
257 }
__mf_set_state(enum __mf_state_enum s)258 static inline void __mf_set_state (enum __mf_state_enum s)
259 {
260 __mf_state_1 = s;
261 }
262 #endif
263
264 extern int __mf_starting_p;
265 extern struct __mf_options __mf_opts;
266
267 /* ------------------------------------------------------------------------ */
268 /* Utility macros. */
269 /* ------------------------------------------------------------------------ */
270
271 #define UNLIKELY(e) (__builtin_expect (!!(e), 0))
272 #define LIKELY(e) (__builtin_expect (!!(e), 1))
273 #define STRINGIFY2(e) #e
274 #define STRINGIFY(e) STRINGIFY2(e)
275
276 #ifdef LIBMUDFLAPTH
277 #define VERBOSE_TRACE(...) \
278 do { if (UNLIKELY (__mf_opts.verbose_trace)) { \
279 fprintf (stderr, "mf(%u): ", (unsigned) pthread_self ()); \
280 fprintf (stderr, __VA_ARGS__); \
281 } } while (0)
282 #define TRACE(...) \
283 do { if (UNLIKELY (__mf_opts.trace_mf_calls)) { \
284 fprintf (stderr, "mf(%u): ", (unsigned) pthread_self ()); \
285 fprintf (stderr, __VA_ARGS__); \
286 } } while (0)
287 #else
288 #define VERBOSE_TRACE(...) \
289 do { if (UNLIKELY (__mf_opts.verbose_trace)) { \
290 fprintf (stderr, "mf: "); \
291 fprintf (stderr, __VA_ARGS__); \
292 } } while (0)
293 #define TRACE(...) \
294 do { if (UNLIKELY (__mf_opts.trace_mf_calls)) { \
295 fprintf (stderr, "mf: "); \
296 fprintf (stderr, __VA_ARGS__); \
297 } } while (0)
298 #endif
299
300
301 #define __MF_PERSIST_MAX 256
302 #define __MF_FREEQ_MAX 256
303
304 /*
305 Wrapping and redirection:
306
307 Mudflap redirects a number of libc functions into itself, for "cheap"
308 verification (eg. strcpy, bzero, memcpy) and also to register /
309 unregister regions of memory as they are manipulated by the program
310 (eg. malloc/free, mmap/munmap).
311
312 There are two methods of wrapping.
313
314 (1) The static method involves a list of -wrap=foo flags being passed to
315 the linker, which then links references to "foo" to the symbol
316 "__wrap_foo", and links references to "__real_foo" to the symbol "foo".
317 When compiled without -DPIC, libmudflap.a contains such __wrap_foo
318 functions which delegate to __real_foo functions in libc to get their
319 work done.
320
321 (2) The dynamic method involves providing a definition of symbol foo in
322 libmudflap.so and linking it earlier in the compiler command line,
323 before libc.so. The function "foo" in libmudflap must then call
324 dlsym(RTLD_NEXT, "foo") to acquire a pointer to the "real" libc foo, or
325 at least the "next" foo in the dynamic link resolution order.
326
327 We switch between these two techniques by the presence of the -DPIC
328 #define passed in by libtool when building libmudflap.
329 */
330
331
332 #ifdef PIC
333
334 extern void __mf_resolve_single_dynamic (struct __mf_dynamic_entry *);
335
336 #define _GNU_SOURCE
337 #include <dlfcn.h>
338
339 #define WRAPPER(ret, fname, ...) \
340 ret __wrap_ ## fname (__VA_ARGS__) \
341 __attribute__ (( alias (#fname) )); \
342 ret __real_ ## fname (__VA_ARGS__) \
343 __attribute__ (( alias (#fname) )); \
344 ret fname (__VA_ARGS__)
345 #define DECLARE(ty, fname, ...) \
346 typedef ty (*__mf_fn_ ## fname) (__VA_ARGS__); \
347 extern ty __mf_0fn_ ## fname (__VA_ARGS__);
348 #define CALL_REAL(fname, ...) \
349 ({__mf_starting_p \
350 ? __mf_0fn_ ## fname (__VA_ARGS__) \
351 : (__mf_resolve_single_dynamic (& __mf_dynamic[dyn_ ## fname]), \
352 (((__mf_fn_ ## fname)(__mf_dynamic[dyn_ ## fname].pointer)) (__VA_ARGS__)));})
353 #define CALL_BACKUP(fname, ...) \
354 __mf_0fn_ ## fname(__VA_ARGS__)
355
356 #else /* not PIC --> static library */
357
358 #define WRAPPER(ret, fname, ...) \
359 ret __wrap_ ## fname (__VA_ARGS__)
360 #define DECLARE(ty, fname, ...) \
361 extern ty __real_ ## fname (__VA_ARGS__)
362 #define CALL_REAL(fname, ...) \
363 __real_ ## fname (__VA_ARGS__)
364 #define CALL_BACKUP(fname, ...) \
365 __real_ ## fname(__VA_ARGS__)
366
367 #endif /* PIC */
368
369 /* WRAPPER2 is for functions intercepted via macros at compile time. */
370 #define WRAPPER2(ret, fname, ...) \
371 ret __mfwrap_ ## fname (__VA_ARGS__)
372
373
374 /* Utility macros for mf-hooks*.c */
375
376 #define MF_VALIDATE_EXTENT(value,size,acc,context) \
377 do { \
378 if (UNLIKELY (size > 0 && __MF_CACHE_MISS_P (value, size))) \
379 if (acc == __MF_CHECK_WRITE || ! __mf_opts.ignore_reads) \
380 __mf_check ((void *) (value), (size), acc, "(" context ")"); \
381 } while (0)
382 #define BEGIN_PROTECT(fname, ...) \
383 if (UNLIKELY (__mf_starting_p)) \
384 { \
385 return CALL_BACKUP(fname, __VA_ARGS__); \
386 } \
387 else if (UNLIKELY (__mf_get_state () == reentrant)) \
388 { \
389 extern unsigned long __mf_reentrancy; \
390 __mf_reentrancy ++; \
391 return CALL_REAL(fname, __VA_ARGS__); \
392 } \
393 else if (UNLIKELY (__mf_get_state () == in_malloc)) \
394 { \
395 return CALL_REAL(fname, __VA_ARGS__); \
396 } \
397 else \
398 { \
399 TRACE ("%s\n", __PRETTY_FUNCTION__); \
400 }
401
402 /* There is an assumption here that these will only be called in routines
403 that call BEGIN_PROTECT at the start, and hence the state must always
404 be active when BEGIN_MALLOC_PROTECT is called. */
405 #define BEGIN_MALLOC_PROTECT() \
406 __mf_set_state (in_malloc)
407
408 #define END_MALLOC_PROTECT() \
409 __mf_set_state (active)
410
411 /* Unlocked variants of main entry points from mf-runtime.h. */
412 extern void __mfu_check (void *ptr, size_t sz, int type, const char *location);
413 extern void __mfu_register (void *ptr, size_t sz, int type, const char *name);
414 extern void __mfu_unregister (void *ptr, size_t sz, int type);
415 extern void __mfu_report ();
416 extern int __mfu_set_options (const char *opts);
417
418
419 #endif /* __MF_IMPL_H */
420