1//===-- asan_malloc_linux.cpp ---------------------------------------------===// 2// 3// Part of the LLVM Project, under the Apache License v2.0 with LLVM Exceptions. 4// See https://llvm.org/LICENSE.txt for license information. 5// SPDX-License-Identifier: Apache-2.0 WITH LLVM-exception 6// 7//===----------------------------------------------------------------------===// 8// 9// This file is a part of AddressSanitizer, an address sanity checker. 10// 11// Linux-specific malloc interception. 12// We simply define functions like malloc, free, realloc, etc. 13// They will replace the corresponding libc functions automagically. 14//===----------------------------------------------------------------------===// 15 16#include "sanitizer_common/sanitizer_platform.h" 17#if SANITIZER_FREEBSD || SANITIZER_FUCHSIA || SANITIZER_LINUX || \ 18 SANITIZER_NETBSD || SANITIZER_SOLARIS 19 20# include "asan_allocator.h" 21# include "asan_interceptors.h" 22# include "asan_internal.h" 23# include "asan_stack.h" 24# include "lsan/lsan_common.h" 25# include "sanitizer_common/sanitizer_allocator_checks.h" 26# include "sanitizer_common/sanitizer_allocator_dlsym.h" 27# include "sanitizer_common/sanitizer_errno.h" 28# include "sanitizer_common/sanitizer_tls_get_addr.h" 29 30// ---------------------- Replacement functions ---------------- {{{1 31using namespace __asan; 32 33struct DlsymAlloc : public DlSymAllocator<DlsymAlloc> { 34 static bool UseImpl() { return !TryAsanInitFromRtl(); } 35 static void OnAllocate(const void *ptr, uptr size) { 36# if CAN_SANITIZE_LEAKS 37 // Suppress leaks from dlerror(). Previously dlsym hack on global array was 38 // used by leak sanitizer as a root region. 39 __lsan_register_root_region(ptr, size); 40# endif 41 } 42 static void OnFree(const void *ptr, uptr size) { 43# if CAN_SANITIZE_LEAKS 44 __lsan_unregister_root_region(ptr, size); 45# endif 46 } 47}; 48 49INTERCEPTOR(void, free, void *ptr) { 50 if (DlsymAlloc::PointerIsMine(ptr)) 51 return DlsymAlloc::Free(ptr); 52 GET_STACK_TRACE_FREE; 53 asan_free(ptr, &stack, FROM_MALLOC); 54} 55 56#if SANITIZER_INTERCEPT_CFREE 57INTERCEPTOR(void, cfree, void *ptr) { 58 if (DlsymAlloc::PointerIsMine(ptr)) 59 return DlsymAlloc::Free(ptr); 60 GET_STACK_TRACE_FREE; 61 asan_free(ptr, &stack, FROM_MALLOC); 62} 63#endif // SANITIZER_INTERCEPT_CFREE 64 65INTERCEPTOR(void*, malloc, uptr size) { 66 if (DlsymAlloc::Use()) 67 return DlsymAlloc::Allocate(size); 68 GET_STACK_TRACE_MALLOC; 69 return asan_malloc(size, &stack); 70} 71 72INTERCEPTOR(void*, calloc, uptr nmemb, uptr size) { 73 if (DlsymAlloc::Use()) 74 return DlsymAlloc::Callocate(nmemb, size); 75 GET_STACK_TRACE_MALLOC; 76 return asan_calloc(nmemb, size, &stack); 77} 78 79INTERCEPTOR(void*, realloc, void *ptr, uptr size) { 80 if (DlsymAlloc::Use() || DlsymAlloc::PointerIsMine(ptr)) 81 return DlsymAlloc::Realloc(ptr, size); 82 GET_STACK_TRACE_MALLOC; 83 return asan_realloc(ptr, size, &stack); 84} 85 86#if SANITIZER_INTERCEPT_REALLOCARRAY 87INTERCEPTOR(void*, reallocarray, void *ptr, uptr nmemb, uptr size) { 88 AsanInitFromRtl(); 89 GET_STACK_TRACE_MALLOC; 90 return asan_reallocarray(ptr, nmemb, size, &stack); 91} 92#endif // SANITIZER_INTERCEPT_REALLOCARRAY 93 94#if SANITIZER_INTERCEPT_MEMALIGN 95INTERCEPTOR(void*, memalign, uptr boundary, uptr size) { 96 GET_STACK_TRACE_MALLOC; 97 return asan_memalign(boundary, size, &stack, FROM_MALLOC); 98} 99 100INTERCEPTOR(void*, __libc_memalign, uptr boundary, uptr size) { 101 GET_STACK_TRACE_MALLOC; 102 void *res = asan_memalign(boundary, size, &stack, FROM_MALLOC); 103 DTLS_on_libc_memalign(res, size); 104 return res; 105} 106#endif // SANITIZER_INTERCEPT_MEMALIGN 107 108#if SANITIZER_INTERCEPT_ALIGNED_ALLOC 109INTERCEPTOR(void*, aligned_alloc, uptr boundary, uptr size) { 110 GET_STACK_TRACE_MALLOC; 111 return asan_aligned_alloc(boundary, size, &stack); 112} 113#endif // SANITIZER_INTERCEPT_ALIGNED_ALLOC 114 115INTERCEPTOR(uptr, malloc_usable_size, void *ptr) { 116 GET_CURRENT_PC_BP_SP; 117 (void)sp; 118 return asan_malloc_usable_size(ptr, pc, bp); 119} 120 121#if SANITIZER_INTERCEPT_MALLOPT_AND_MALLINFO 122// We avoid including malloc.h for portability reasons. 123// man mallinfo says the fields are "long", but the implementation uses int. 124// It doesn't matter much -- we just need to make sure that the libc's mallinfo 125// is not called. 126struct fake_mallinfo { 127 int x[10]; 128}; 129 130INTERCEPTOR(struct fake_mallinfo, mallinfo, void) { 131 struct fake_mallinfo res; 132 REAL(memset)(&res, 0, sizeof(res)); 133 return res; 134} 135 136INTERCEPTOR(int, mallopt, int cmd, int value) { 137 return 0; 138} 139#endif // SANITIZER_INTERCEPT_MALLOPT_AND_MALLINFO 140 141INTERCEPTOR(int, posix_memalign, void **memptr, uptr alignment, uptr size) { 142 GET_STACK_TRACE_MALLOC; 143 return asan_posix_memalign(memptr, alignment, size, &stack); 144} 145 146INTERCEPTOR(void*, valloc, uptr size) { 147 GET_STACK_TRACE_MALLOC; 148 return asan_valloc(size, &stack); 149} 150 151#if SANITIZER_INTERCEPT_PVALLOC 152INTERCEPTOR(void*, pvalloc, uptr size) { 153 GET_STACK_TRACE_MALLOC; 154 return asan_pvalloc(size, &stack); 155} 156#endif // SANITIZER_INTERCEPT_PVALLOC 157 158INTERCEPTOR(void, malloc_stats, void) { 159 __asan_print_accumulated_stats(); 160} 161 162#if SANITIZER_ANDROID 163// Format of __libc_malloc_dispatch has changed in Android L. 164// While we are moving towards a solution that does not depend on bionic 165// internals, here is something to support both K* and L releases. 166struct MallocDebugK { 167 void *(*malloc)(uptr bytes); 168 void (*free)(void *mem); 169 void *(*calloc)(uptr n_elements, uptr elem_size); 170 void *(*realloc)(void *oldMem, uptr bytes); 171 void *(*memalign)(uptr alignment, uptr bytes); 172 uptr (*malloc_usable_size)(void *mem); 173}; 174 175struct MallocDebugL { 176 void *(*calloc)(uptr n_elements, uptr elem_size); 177 void (*free)(void *mem); 178 fake_mallinfo (*mallinfo)(void); 179 void *(*malloc)(uptr bytes); 180 uptr (*malloc_usable_size)(void *mem); 181 void *(*memalign)(uptr alignment, uptr bytes); 182 int (*posix_memalign)(void **memptr, uptr alignment, uptr size); 183 void* (*pvalloc)(uptr size); 184 void *(*realloc)(void *oldMem, uptr bytes); 185 void* (*valloc)(uptr size); 186}; 187 188ALIGNED(32) const MallocDebugK asan_malloc_dispatch_k = { 189 WRAP(malloc), WRAP(free), WRAP(calloc), 190 WRAP(realloc), WRAP(memalign), WRAP(malloc_usable_size)}; 191 192ALIGNED(32) const MallocDebugL asan_malloc_dispatch_l = { 193 WRAP(calloc), WRAP(free), WRAP(mallinfo), 194 WRAP(malloc), WRAP(malloc_usable_size), WRAP(memalign), 195 WRAP(posix_memalign), WRAP(pvalloc), WRAP(realloc), 196 WRAP(valloc)}; 197 198namespace __asan { 199void ReplaceSystemMalloc() { 200 void **__libc_malloc_dispatch_p = 201 (void **)AsanDlSymNext("__libc_malloc_dispatch"); 202 if (__libc_malloc_dispatch_p) { 203 // Decide on K vs L dispatch format by the presence of 204 // __libc_malloc_default_dispatch export in libc. 205 void *default_dispatch_p = AsanDlSymNext("__libc_malloc_default_dispatch"); 206 if (default_dispatch_p) 207 *__libc_malloc_dispatch_p = (void *)&asan_malloc_dispatch_k; 208 else 209 *__libc_malloc_dispatch_p = (void *)&asan_malloc_dispatch_l; 210 } 211} 212} // namespace __asan 213 214#else // SANITIZER_ANDROID 215 216namespace __asan { 217void ReplaceSystemMalloc() { 218} 219} // namespace __asan 220#endif // SANITIZER_ANDROID 221 222#endif // SANITIZER_FREEBSD || SANITIZER_FUCHSIA || SANITIZER_LINUX || 223 // SANITIZER_NETBSD || SANITIZER_SOLARIS 224