xref: /freebsd/contrib/llvm-project/compiler-rt/lib/msan/msan_report.cpp (revision 5f757f3ff9144b609b3c433dfd370cc6bdc191ad) 
1 //===-- msan_report.cpp ---------------------------------------------------===//
2 //
3 // Part of the LLVM Project, under the Apache License v2.0 with LLVM Exceptions.
4 // See https://llvm.org/LICENSE.txt for license information.
5 // SPDX-License-Identifier: Apache-2.0 WITH LLVM-exception
6 //
7 //===----------------------------------------------------------------------===//
8 //
9 // This file is a part of MemorySanitizer.
10 //
11 // Error reporting.
12 //===----------------------------------------------------------------------===//
13 
14 #include "msan_report.h"
15 
16 #include "msan.h"
17 #include "msan_chained_origin_depot.h"
18 #include "msan_origin.h"
19 #include "sanitizer_common/sanitizer_allocator_internal.h"
20 #include "sanitizer_common/sanitizer_common.h"
21 #include "sanitizer_common/sanitizer_flags.h"
22 #include "sanitizer_common/sanitizer_mutex.h"
23 #include "sanitizer_common/sanitizer_report_decorator.h"
24 #include "sanitizer_common/sanitizer_stackdepot.h"
25 #include "sanitizer_common/sanitizer_stacktrace_printer.h"
26 #include "sanitizer_common/sanitizer_symbolizer.h"
27 
28 using namespace __sanitizer;
29 
30 namespace __msan {
31 
32 class Decorator: public __sanitizer::SanitizerCommonDecorator {
33  public:
34   Decorator() : SanitizerCommonDecorator() { }
35   const char *Origin() const { return Magenta(); }
36   const char *Name() const { return Green(); }
37 };
38 
39 static void DescribeStackOrigin(const char *so, uptr pc) {
40   Decorator d;
41   Printf("%s", d.Origin());
42   if (so) {
43     Printf(
44         "  %sUninitialized value was created by an allocation of '%s%s%s'"
45         " in the stack frame%s\n",
46         d.Origin(), d.Name(), so, d.Origin(), d.Default());
47   } else {
48     Printf("  %sUninitialized value was created in the stack frame%s\n",
49            d.Origin(), d.Default());
50   }
51 
52   if (pc)
53     StackTrace(&pc, 1).Print();
54 }
55 
56 static void DescribeOrigin(u32 id) {
57   VPrintf(1, "  raw origin id: %d\n", id);
58   Decorator d;
59   Origin o = Origin::FromRawId(id);
60   while (o.isChainedOrigin()) {
61     StackTrace stack;
62     o = o.getNextChainedOrigin(&stack);
63     Printf("  %sUninitialized value was stored to memory at%s\n", d.Origin(),
64            d.Default());
65     stack.Print();
66   }
67   if (o.isStackOrigin()) {
68     uptr pc;
69     const char *so = GetStackOriginDescr(o.getStackId(), &pc);
70     DescribeStackOrigin(so, pc);
71   } else {
72     StackTrace stack = o.getStackTraceForHeapOrigin();
73     switch (stack.tag) {
74       case StackTrace::TAG_ALLOC:
75         Printf("  %sUninitialized value was created by a heap allocation%s\n",
76                d.Origin(), d.Default());
77         break;
78       case StackTrace::TAG_DEALLOC:
79         Printf("  %sUninitialized value was created by a heap deallocation%s\n",
80                d.Origin(), d.Default());
81         break;
82       case STACK_TRACE_TAG_POISON:
83         Printf("  %sMemory was marked as uninitialized%s\n", d.Origin(),
84                d.Default());
85         break;
86       case STACK_TRACE_TAG_FIELDS:
87         Printf("  %sMember fields were destroyed%s\n", d.Origin(), d.Default());
88         break;
89       case STACK_TRACE_TAG_VPTR:
90         Printf("  %sVirtual table ptr was destroyed%s\n", d.Origin(),
91                d.Default());
92         break;
93       default:
94         Printf("  %sUninitialized value was created%s\n", d.Origin(),
95                d.Default());
96         break;
97     }
98     stack.Print();
99   }
100 }
101 
102 void ReportUMR(StackTrace *stack, u32 origin) {
103   if (!__msan::flags()->report_umrs) return;
104 
105   ScopedErrorReportLock l;
106 
107   Decorator d;
108   Printf("%s", d.Warning());
109   Report("WARNING: MemorySanitizer: use-of-uninitialized-value\n");
110   Printf("%s", d.Default());
111   stack->Print();
112   if (origin) {
113     DescribeOrigin(origin);
114   }
115   ReportErrorSummary("use-of-uninitialized-value", stack);
116 }
117 
118 void ReportExpectedUMRNotFound(StackTrace *stack) {
119   ScopedErrorReportLock l;
120 
121   Printf("WARNING: Expected use of uninitialized value not found\n");
122   stack->Print();
123 }
124 
125 void ReportStats() {
126   ScopedErrorReportLock l;
127 
128   if (__msan_get_track_origins() > 0) {
129     StackDepotStats stack_depot_stats = StackDepotGetStats();
130     // FIXME: we want this at normal exit, too!
131     // FIXME: but only with verbosity=1 or something
132     Printf("Unique heap origins: %zu\n", stack_depot_stats.n_uniq_ids);
133     Printf("Stack depot allocated bytes: %zu\n", stack_depot_stats.allocated);
134 
135     StackDepotStats chained_origin_depot_stats = ChainedOriginDepotGetStats();
136     Printf("Unique origin histories: %zu\n",
137            chained_origin_depot_stats.n_uniq_ids);
138     Printf("History depot allocated bytes: %zu\n",
139            chained_origin_depot_stats.allocated);
140   }
141 }
142 
143 void ReportAtExitStatistics() {
144   ScopedErrorReportLock l;
145 
146   if (msan_report_count > 0) {
147     Decorator d;
148     Printf("%s", d.Warning());
149     Printf("MemorySanitizer: %d warnings reported.\n", msan_report_count);
150     Printf("%s", d.Default());
151   }
152 }
153 
154 class OriginSet {
155  public:
156   OriginSet() : next_id_(0) {}
157   int insert(u32 o) {
158     // Scan from the end for better locality.
159     for (int i = next_id_ - 1; i >= 0; --i)
160       if (origins_[i] == o) return i;
161     if (next_id_ == kMaxSize_) return OVERFLOW;
162     int id = next_id_++;
163     origins_[id] = o;
164     return id;
165   }
166   int size() { return next_id_; }
167   u32 get(int id) { return origins_[id]; }
168   static char asChar(int id) {
169     switch (id) {
170       case MISSING:
171         return '.';
172       case OVERFLOW:
173         return '*';
174       default:
175         return 'A' + id;
176     }
177   }
178   static const int OVERFLOW = -1;
179   static const int MISSING = -2;
180 
181  private:
182   static const int kMaxSize_ = 'Z' - 'A' + 1;
183   u32 origins_[kMaxSize_];
184   int next_id_;
185 };
186 
187 void DescribeMemoryRange(const void *x, uptr size) {
188   // Real limits.
189   uptr start = MEM_TO_SHADOW(x);
190   uptr end = start + size;
191   // Scan limits: align start down to 4; align size up to 16.
192   uptr s = start & ~3UL;
193   size = end - s;
194   size = (size + 15) & ~15UL;
195   uptr e = s + size;
196 
197   // Single letter names to origin id mapping.
198   OriginSet origin_set;
199 
200   uptr pos = 0;  // Offset from aligned start.
201   bool with_origins = __msan_get_track_origins();
202   // True if there is at least 1 poisoned bit in the last 4-byte group.
203   bool last_quad_poisoned;
204   int origin_ids[4];  // Single letter origin ids for the current line.
205 
206   Decorator d;
207   Printf("%s", d.Warning());
208   uptr start_x = reinterpret_cast<uptr>(x);
209   Printf("Shadow map [%p, %p) of [%p, %p), %zu bytes:\n",
210          reinterpret_cast<void *>(start), reinterpret_cast<void *>(end),
211          reinterpret_cast<void *>(start_x),
212          reinterpret_cast<void *>(start_x + end - start), end - start);
213   Printf("%s", d.Default());
214   while (s < e) {
215     // Line start.
216     if (pos % 16 == 0) {
217       for (int i = 0; i < 4; ++i) origin_ids[i] = -1;
218       Printf("%p[%p]:", reinterpret_cast<void *>(s),
219              reinterpret_cast<void *>(start_x - start + s));
220     }
221     // Group start.
222     if (pos % 4 == 0) {
223       Printf(" ");
224       last_quad_poisoned = false;
225     }
226     // Print shadow byte.
227     if (s < start || s >= end) {
228       Printf("..");
229     } else {
230       unsigned char v = *(unsigned char *)s;
231       if (v) last_quad_poisoned = true;
232       Printf("%x%x", v >> 4, v & 0xf);
233     }
234     // Group end.
235     if (pos % 4 == 3 && with_origins) {
236       int id = OriginSet::MISSING;
237       if (last_quad_poisoned) {
238         u32 o = *(u32 *)SHADOW_TO_ORIGIN(s - 3);
239         id = origin_set.insert(o);
240       }
241       origin_ids[(pos % 16) / 4] = id;
242     }
243     // Line end.
244     if (pos % 16 == 15) {
245       if (with_origins) {
246         Printf("  |");
247         for (int i = 0; i < 4; ++i) {
248           char c = OriginSet::asChar(origin_ids[i]);
249           Printf("%c", c);
250           if (i != 3) Printf(" ");
251         }
252         Printf("|");
253       }
254       Printf("\n");
255     }
256     size--;
257     s++;
258     pos++;
259   }
260 
261   Printf("\n");
262 
263   for (int i = 0; i < origin_set.size(); ++i) {
264     u32 o = origin_set.get(i);
265     Printf("Origin %c (origin_id %x):\n", OriginSet::asChar(i), o);
266     DescribeOrigin(o);
267   }
268 }
269 
270 void ReportUMRInsideAddressRange(const char *function, const void *start,
271                                  uptr size, uptr offset) {
272   function = StackTracePrinter::GetOrInit()->StripFunctionName(function);
273   Decorator d;
274   Printf("%s", d.Warning());
275   Printf("%sUninitialized bytes in %s%s%s at offset %zu inside [%p, %zu)%s\n",
276          d.Warning(), d.Name(), function, d.Warning(), offset, start, size,
277          d.Default());
278   if (__sanitizer::Verbosity())
279     DescribeMemoryRange(start, size);
280 }
281 
282 }  // namespace __msan
283