1 //===-- sanitizer_win.cpp -------------------------------------------------===// 2 // 3 // Part of the LLVM Project, under the Apache License v2.0 with LLVM Exceptions. 4 // See https://llvm.org/LICENSE.txt for license information. 5 // SPDX-License-Identifier: Apache-2.0 WITH LLVM-exception 6 // 7 //===----------------------------------------------------------------------===// 8 // 9 // This file is shared between AddressSanitizer and ThreadSanitizer 10 // run-time libraries and implements windows-specific functions from 11 // sanitizer_libc.h. 12 //===----------------------------------------------------------------------===// 13 14 #include "sanitizer_platform.h" 15 #if SANITIZER_WINDOWS 16 17 #define WIN32_LEAN_AND_MEAN 18 #define NOGDI 19 #include <windows.h> 20 #include <io.h> 21 #include <psapi.h> 22 #include <stdlib.h> 23 24 #include "sanitizer_common.h" 25 #include "sanitizer_file.h" 26 #include "sanitizer_libc.h" 27 #include "sanitizer_mutex.h" 28 #include "sanitizer_placement_new.h" 29 #include "sanitizer_win_defs.h" 30 31 #if defined(PSAPI_VERSION) && PSAPI_VERSION == 1 32 #pragma comment(lib, "psapi") 33 #endif 34 #if SANITIZER_WIN_TRACE 35 #include <traceloggingprovider.h> 36 // Windows trace logging provider init 37 #pragma comment(lib, "advapi32.lib") 38 TRACELOGGING_DECLARE_PROVIDER(g_asan_provider); 39 // GUID must be the same in utils/AddressSanitizerLoggingProvider.wprp 40 TRACELOGGING_DEFINE_PROVIDER(g_asan_provider, "AddressSanitizerLoggingProvider", 41 (0x6c6c766d, 0x3846, 0x4e6a, 0xa4, 0xfb, 0x5b, 42 0x53, 0x0b, 0xd0, 0xf3, 0xfa)); 43 #else 44 #define TraceLoggingUnregister(x) 45 #endif 46 47 // For WaitOnAddress 48 # pragma comment(lib, "synchronization.lib") 49 50 // A macro to tell the compiler that this part of the code cannot be reached, 51 // if the compiler supports this feature. Since we're using this in 52 // code that is called when terminating the process, the expansion of the 53 // macro should not terminate the process to avoid infinite recursion. 54 #if defined(__clang__) 55 # define BUILTIN_UNREACHABLE() __builtin_unreachable() 56 #elif defined(__GNUC__) && \ 57 (__GNUC__ > 4 || (__GNUC__ == 4 && __GNUC_MINOR__ >= 5)) 58 # define BUILTIN_UNREACHABLE() __builtin_unreachable() 59 #elif defined(_MSC_VER) 60 # define BUILTIN_UNREACHABLE() __assume(0) 61 #else 62 # define BUILTIN_UNREACHABLE() 63 #endif 64 65 namespace __sanitizer { 66 67 #include "sanitizer_syscall_generic.inc" 68 69 // --------------------- sanitizer_common.h 70 uptr GetPageSize() { 71 SYSTEM_INFO si; 72 GetSystemInfo(&si); 73 return si.dwPageSize; 74 } 75 76 uptr GetMmapGranularity() { 77 SYSTEM_INFO si; 78 GetSystemInfo(&si); 79 return si.dwAllocationGranularity; 80 } 81 82 uptr GetMaxUserVirtualAddress() { 83 SYSTEM_INFO si; 84 GetSystemInfo(&si); 85 return (uptr)si.lpMaximumApplicationAddress; 86 } 87 88 uptr GetMaxVirtualAddress() { 89 return GetMaxUserVirtualAddress(); 90 } 91 92 bool FileExists(const char *filename) { 93 return ::GetFileAttributesA(filename) != INVALID_FILE_ATTRIBUTES; 94 } 95 96 bool DirExists(const char *path) { 97 auto attr = ::GetFileAttributesA(path); 98 return (attr != INVALID_FILE_ATTRIBUTES) && (attr & FILE_ATTRIBUTE_DIRECTORY); 99 } 100 101 uptr internal_getpid() { 102 return GetProcessId(GetCurrentProcess()); 103 } 104 105 int internal_dlinfo(void *handle, int request, void *p) { 106 UNIMPLEMENTED(); 107 } 108 109 // In contrast to POSIX, on Windows GetCurrentThreadId() 110 // returns a system-unique identifier. 111 tid_t GetTid() { 112 return GetCurrentThreadId(); 113 } 114 115 uptr GetThreadSelf() { 116 return GetTid(); 117 } 118 119 #if !SANITIZER_GO 120 void GetThreadStackTopAndBottom(bool at_initialization, uptr *stack_top, 121 uptr *stack_bottom) { 122 CHECK(stack_top); 123 CHECK(stack_bottom); 124 MEMORY_BASIC_INFORMATION mbi; 125 CHECK_NE(VirtualQuery(&mbi /* on stack */, &mbi, sizeof(mbi)), 0); 126 // FIXME: is it possible for the stack to not be a single allocation? 127 // Are these values what ASan expects to get (reserved, not committed; 128 // including stack guard page) ? 129 *stack_top = (uptr)mbi.BaseAddress + mbi.RegionSize; 130 *stack_bottom = (uptr)mbi.AllocationBase; 131 } 132 #endif // #if !SANITIZER_GO 133 134 bool ErrorIsOOM(error_t err) { 135 // TODO: This should check which `err`s correspond to OOM. 136 return false; 137 } 138 139 void *MmapOrDie(uptr size, const char *mem_type, bool raw_report) { 140 void *rv = VirtualAlloc(0, size, MEM_RESERVE | MEM_COMMIT, PAGE_READWRITE); 141 if (rv == 0) 142 ReportMmapFailureAndDie(size, mem_type, "allocate", 143 GetLastError(), raw_report); 144 return rv; 145 } 146 147 void UnmapOrDie(void *addr, uptr size) { 148 if (!size || !addr) 149 return; 150 151 MEMORY_BASIC_INFORMATION mbi; 152 CHECK(VirtualQuery(addr, &mbi, sizeof(mbi))); 153 154 // MEM_RELEASE can only be used to unmap whole regions previously mapped with 155 // VirtualAlloc. So we first try MEM_RELEASE since it is better, and if that 156 // fails try MEM_DECOMMIT. 157 if (VirtualFree(addr, 0, MEM_RELEASE) == 0) { 158 if (VirtualFree(addr, size, MEM_DECOMMIT) == 0) { 159 Report("ERROR: %s failed to " 160 "deallocate 0x%zx (%zd) bytes at address %p (error code: %d)\n", 161 SanitizerToolName, size, size, addr, GetLastError()); 162 CHECK("unable to unmap" && 0); 163 } 164 } 165 } 166 167 static void *ReturnNullptrOnOOMOrDie(uptr size, const char *mem_type, 168 const char *mmap_type) { 169 error_t last_error = GetLastError(); 170 if (last_error == ERROR_NOT_ENOUGH_MEMORY) 171 return nullptr; 172 ReportMmapFailureAndDie(size, mem_type, mmap_type, last_error); 173 } 174 175 void *MmapOrDieOnFatalError(uptr size, const char *mem_type) { 176 void *rv = VirtualAlloc(0, size, MEM_RESERVE | MEM_COMMIT, PAGE_READWRITE); 177 if (rv == 0) 178 return ReturnNullptrOnOOMOrDie(size, mem_type, "allocate"); 179 return rv; 180 } 181 182 // We want to map a chunk of address space aligned to 'alignment'. 183 void *MmapAlignedOrDieOnFatalError(uptr size, uptr alignment, 184 const char *mem_type) { 185 CHECK(IsPowerOfTwo(size)); 186 CHECK(IsPowerOfTwo(alignment)); 187 188 // Windows will align our allocations to at least 64K. 189 alignment = Max(alignment, GetMmapGranularity()); 190 191 uptr mapped_addr = 192 (uptr)VirtualAlloc(0, size, MEM_RESERVE | MEM_COMMIT, PAGE_READWRITE); 193 if (!mapped_addr) 194 return ReturnNullptrOnOOMOrDie(size, mem_type, "allocate aligned"); 195 196 // If we got it right on the first try, return. Otherwise, unmap it and go to 197 // the slow path. 198 if (IsAligned(mapped_addr, alignment)) 199 return (void*)mapped_addr; 200 if (VirtualFree((void *)mapped_addr, 0, MEM_RELEASE) == 0) 201 ReportMmapFailureAndDie(size, mem_type, "deallocate", GetLastError()); 202 203 // If we didn't get an aligned address, overallocate, find an aligned address, 204 // unmap, and try to allocate at that aligned address. 205 int retries = 0; 206 const int kMaxRetries = 10; 207 for (; retries < kMaxRetries && 208 (mapped_addr == 0 || !IsAligned(mapped_addr, alignment)); 209 retries++) { 210 // Overallocate size + alignment bytes. 211 mapped_addr = 212 (uptr)VirtualAlloc(0, size + alignment, MEM_RESERVE, PAGE_NOACCESS); 213 if (!mapped_addr) 214 return ReturnNullptrOnOOMOrDie(size, mem_type, "allocate aligned"); 215 216 // Find the aligned address. 217 uptr aligned_addr = RoundUpTo(mapped_addr, alignment); 218 219 // Free the overallocation. 220 if (VirtualFree((void *)mapped_addr, 0, MEM_RELEASE) == 0) 221 ReportMmapFailureAndDie(size, mem_type, "deallocate", GetLastError()); 222 223 // Attempt to allocate exactly the number of bytes we need at the aligned 224 // address. This may fail for a number of reasons, in which case we continue 225 // the loop. 226 mapped_addr = (uptr)VirtualAlloc((void *)aligned_addr, size, 227 MEM_RESERVE | MEM_COMMIT, PAGE_READWRITE); 228 } 229 230 // Fail if we can't make this work quickly. 231 if (retries == kMaxRetries && mapped_addr == 0) 232 return ReturnNullptrOnOOMOrDie(size, mem_type, "allocate aligned"); 233 234 return (void *)mapped_addr; 235 } 236 237 // ZeroMmapFixedRegion zero's out a region of memory previously returned from a 238 // call to one of the MmapFixed* helpers. On non-windows systems this would be 239 // done with another mmap, but on windows remapping is not an option. 240 // VirtualFree(DECOMMIT)+VirtualAlloc(RECOMMIT) would also be a way to zero the 241 // memory, but we can't do this atomically, so instead we fall back to using 242 // internal_memset. 243 bool ZeroMmapFixedRegion(uptr fixed_addr, uptr size) { 244 internal_memset((void*) fixed_addr, 0, size); 245 return true; 246 } 247 248 bool MmapFixedNoReserve(uptr fixed_addr, uptr size, const char *name) { 249 // FIXME: is this really "NoReserve"? On Win32 this does not matter much, 250 // but on Win64 it does. 251 (void)name; // unsupported 252 #if !SANITIZER_GO && SANITIZER_WINDOWS64 253 // On asan/Windows64, use MEM_COMMIT would result in error 254 // 1455:ERROR_COMMITMENT_LIMIT. 255 // Asan uses exception handler to commit page on demand. 256 void *p = VirtualAlloc((LPVOID)fixed_addr, size, MEM_RESERVE, PAGE_READWRITE); 257 #else 258 void *p = VirtualAlloc((LPVOID)fixed_addr, size, MEM_RESERVE | MEM_COMMIT, 259 PAGE_READWRITE); 260 #endif 261 if (p == 0) { 262 Report("ERROR: %s failed to " 263 "allocate %p (%zd) bytes at %p (error code: %d)\n", 264 SanitizerToolName, size, size, fixed_addr, GetLastError()); 265 return false; 266 } 267 return true; 268 } 269 270 bool MmapFixedSuperNoReserve(uptr fixed_addr, uptr size, const char *name) { 271 // FIXME: Windows support large pages too. Might be worth checking 272 return MmapFixedNoReserve(fixed_addr, size, name); 273 } 274 275 // Memory space mapped by 'MmapFixedOrDie' must have been reserved by 276 // 'MmapFixedNoAccess'. 277 void *MmapFixedOrDie(uptr fixed_addr, uptr size, const char *name) { 278 void *p = VirtualAlloc((LPVOID)fixed_addr, size, 279 MEM_COMMIT, PAGE_READWRITE); 280 if (p == 0) { 281 char mem_type[30]; 282 internal_snprintf(mem_type, sizeof(mem_type), "memory at address 0x%zx", 283 fixed_addr); 284 ReportMmapFailureAndDie(size, mem_type, "allocate", GetLastError()); 285 } 286 return p; 287 } 288 289 // Uses fixed_addr for now. 290 // Will use offset instead once we've implemented this function for real. 291 uptr ReservedAddressRange::Map(uptr fixed_addr, uptr size, const char *name) { 292 return reinterpret_cast<uptr>(MmapFixedOrDieOnFatalError(fixed_addr, size)); 293 } 294 295 uptr ReservedAddressRange::MapOrDie(uptr fixed_addr, uptr size, 296 const char *name) { 297 return reinterpret_cast<uptr>(MmapFixedOrDie(fixed_addr, size)); 298 } 299 300 void ReservedAddressRange::Unmap(uptr addr, uptr size) { 301 // Only unmap if it covers the entire range. 302 CHECK((addr == reinterpret_cast<uptr>(base_)) && (size == size_)); 303 // We unmap the whole range, just null out the base. 304 base_ = nullptr; 305 size_ = 0; 306 UnmapOrDie(reinterpret_cast<void*>(addr), size); 307 } 308 309 void *MmapFixedOrDieOnFatalError(uptr fixed_addr, uptr size, const char *name) { 310 void *p = VirtualAlloc((LPVOID)fixed_addr, size, 311 MEM_COMMIT, PAGE_READWRITE); 312 if (p == 0) { 313 char mem_type[30]; 314 internal_snprintf(mem_type, sizeof(mem_type), "memory at address 0x%zx", 315 fixed_addr); 316 return ReturnNullptrOnOOMOrDie(size, mem_type, "allocate"); 317 } 318 return p; 319 } 320 321 void *MmapNoReserveOrDie(uptr size, const char *mem_type) { 322 // FIXME: make this really NoReserve? 323 return MmapOrDie(size, mem_type); 324 } 325 326 uptr ReservedAddressRange::Init(uptr size, const char *name, uptr fixed_addr) { 327 base_ = fixed_addr ? MmapFixedNoAccess(fixed_addr, size) : MmapNoAccess(size); 328 size_ = size; 329 name_ = name; 330 (void)os_handle_; // unsupported 331 return reinterpret_cast<uptr>(base_); 332 } 333 334 335 void *MmapFixedNoAccess(uptr fixed_addr, uptr size, const char *name) { 336 (void)name; // unsupported 337 void *res = VirtualAlloc((LPVOID)fixed_addr, size, 338 MEM_RESERVE, PAGE_NOACCESS); 339 if (res == 0) 340 Report("WARNING: %s failed to " 341 "mprotect %p (%zd) bytes at %p (error code: %d)\n", 342 SanitizerToolName, size, size, fixed_addr, GetLastError()); 343 return res; 344 } 345 346 void *MmapNoAccess(uptr size) { 347 void *res = VirtualAlloc(nullptr, size, MEM_RESERVE, PAGE_NOACCESS); 348 if (res == 0) 349 Report("WARNING: %s failed to " 350 "mprotect %p (%zd) bytes (error code: %d)\n", 351 SanitizerToolName, size, size, GetLastError()); 352 return res; 353 } 354 355 bool MprotectNoAccess(uptr addr, uptr size) { 356 DWORD old_protection; 357 return VirtualProtect((LPVOID)addr, size, PAGE_NOACCESS, &old_protection); 358 } 359 360 bool MprotectReadOnly(uptr addr, uptr size) { 361 DWORD old_protection; 362 return VirtualProtect((LPVOID)addr, size, PAGE_READONLY, &old_protection); 363 } 364 365 void ReleaseMemoryPagesToOS(uptr beg, uptr end) { 366 uptr beg_aligned = RoundDownTo(beg, GetPageSizeCached()), 367 end_aligned = RoundDownTo(end, GetPageSizeCached()); 368 CHECK(beg < end); // make sure the region is sane 369 if (beg_aligned == end_aligned) // make sure we're freeing at least 1 page; 370 return; 371 UnmapOrDie((void *)beg, end_aligned - beg_aligned); 372 } 373 374 void SetShadowRegionHugePageMode(uptr addr, uptr size) { 375 // FIXME: probably similar to ReleaseMemoryToOS. 376 } 377 378 bool DontDumpShadowMemory(uptr addr, uptr length) { 379 // This is almost useless on 32-bits. 380 // FIXME: add madvise-analog when we move to 64-bits. 381 return true; 382 } 383 384 uptr MapDynamicShadow(uptr shadow_size_bytes, uptr shadow_scale, 385 uptr min_shadow_base_alignment, 386 UNUSED uptr &high_mem_end) { 387 const uptr granularity = GetMmapGranularity(); 388 const uptr alignment = 389 Max<uptr>(granularity << shadow_scale, 1ULL << min_shadow_base_alignment); 390 const uptr left_padding = 391 Max<uptr>(granularity, 1ULL << min_shadow_base_alignment); 392 uptr space_size = shadow_size_bytes + left_padding; 393 uptr shadow_start = FindAvailableMemoryRange(space_size, alignment, 394 granularity, nullptr, nullptr); 395 CHECK_NE((uptr)0, shadow_start); 396 CHECK(IsAligned(shadow_start, alignment)); 397 return shadow_start; 398 } 399 400 uptr FindAvailableMemoryRange(uptr size, uptr alignment, uptr left_padding, 401 uptr *largest_gap_found, 402 uptr *max_occupied_addr) { 403 uptr address = 0; 404 while (true) { 405 MEMORY_BASIC_INFORMATION info; 406 if (!::VirtualQuery((void*)address, &info, sizeof(info))) 407 return 0; 408 409 if (info.State == MEM_FREE) { 410 uptr shadow_address = RoundUpTo((uptr)info.BaseAddress + left_padding, 411 alignment); 412 if (shadow_address + size < (uptr)info.BaseAddress + info.RegionSize) 413 return shadow_address; 414 } 415 416 // Move to the next region. 417 address = (uptr)info.BaseAddress + info.RegionSize; 418 } 419 return 0; 420 } 421 422 uptr MapDynamicShadowAndAliases(uptr shadow_size, uptr alias_size, 423 uptr num_aliases, uptr ring_buffer_size) { 424 CHECK(false && "HWASan aliasing is unimplemented on Windows"); 425 return 0; 426 } 427 428 bool MemoryRangeIsAvailable(uptr range_start, uptr range_end) { 429 MEMORY_BASIC_INFORMATION mbi; 430 CHECK(VirtualQuery((void *)range_start, &mbi, sizeof(mbi))); 431 return mbi.Protect == PAGE_NOACCESS && 432 (uptr)mbi.BaseAddress + mbi.RegionSize >= range_end; 433 } 434 435 void *MapFileToMemory(const char *file_name, uptr *buff_size) { 436 UNIMPLEMENTED(); 437 } 438 439 void *MapWritableFileToMemory(void *addr, uptr size, fd_t fd, OFF_T offset) { 440 UNIMPLEMENTED(); 441 } 442 443 static const int kMaxEnvNameLength = 128; 444 static const DWORD kMaxEnvValueLength = 32767; 445 446 namespace { 447 448 struct EnvVariable { 449 char name[kMaxEnvNameLength]; 450 char value[kMaxEnvValueLength]; 451 }; 452 453 } // namespace 454 455 static const int kEnvVariables = 5; 456 static EnvVariable env_vars[kEnvVariables]; 457 static int num_env_vars; 458 459 const char *GetEnv(const char *name) { 460 // Note: this implementation caches the values of the environment variables 461 // and limits their quantity. 462 for (int i = 0; i < num_env_vars; i++) { 463 if (0 == internal_strcmp(name, env_vars[i].name)) 464 return env_vars[i].value; 465 } 466 CHECK_LT(num_env_vars, kEnvVariables); 467 DWORD rv = GetEnvironmentVariableA(name, env_vars[num_env_vars].value, 468 kMaxEnvValueLength); 469 if (rv > 0 && rv < kMaxEnvValueLength) { 470 CHECK_LT(internal_strlen(name), kMaxEnvNameLength); 471 internal_strncpy(env_vars[num_env_vars].name, name, kMaxEnvNameLength); 472 num_env_vars++; 473 return env_vars[num_env_vars - 1].value; 474 } 475 return 0; 476 } 477 478 const char *GetPwd() { 479 UNIMPLEMENTED(); 480 } 481 482 u32 GetUid() { 483 UNIMPLEMENTED(); 484 } 485 486 namespace { 487 struct ModuleInfo { 488 const char *filepath; 489 uptr base_address; 490 uptr end_address; 491 }; 492 493 #if !SANITIZER_GO 494 int CompareModulesBase(const void *pl, const void *pr) { 495 const ModuleInfo *l = (const ModuleInfo *)pl, *r = (const ModuleInfo *)pr; 496 if (l->base_address < r->base_address) 497 return -1; 498 return l->base_address > r->base_address; 499 } 500 #endif 501 } // namespace 502 503 #if !SANITIZER_GO 504 void DumpProcessMap() { 505 Report("Dumping process modules:\n"); 506 ListOfModules modules; 507 modules.init(); 508 uptr num_modules = modules.size(); 509 510 InternalMmapVector<ModuleInfo> module_infos(num_modules); 511 for (size_t i = 0; i < num_modules; ++i) { 512 module_infos[i].filepath = modules[i].full_name(); 513 module_infos[i].base_address = modules[i].ranges().front()->beg; 514 module_infos[i].end_address = modules[i].ranges().back()->end; 515 } 516 qsort(module_infos.data(), num_modules, sizeof(ModuleInfo), 517 CompareModulesBase); 518 519 for (size_t i = 0; i < num_modules; ++i) { 520 const ModuleInfo &mi = module_infos[i]; 521 if (mi.end_address != 0) { 522 Printf("\t%p-%p %s\n", mi.base_address, mi.end_address, 523 mi.filepath[0] ? mi.filepath : "[no name]"); 524 } else if (mi.filepath[0]) { 525 Printf("\t??\?-??? %s\n", mi.filepath); 526 } else { 527 Printf("\t???\n"); 528 } 529 } 530 } 531 #endif 532 533 void DisableCoreDumperIfNecessary() { 534 // Do nothing. 535 } 536 537 void ReExec() { 538 UNIMPLEMENTED(); 539 } 540 541 void PlatformPrepareForSandboxing(void *args) {} 542 543 bool StackSizeIsUnlimited() { 544 UNIMPLEMENTED(); 545 } 546 547 void SetStackSizeLimitInBytes(uptr limit) { 548 UNIMPLEMENTED(); 549 } 550 551 bool AddressSpaceIsUnlimited() { 552 UNIMPLEMENTED(); 553 } 554 555 void SetAddressSpaceUnlimited() { 556 UNIMPLEMENTED(); 557 } 558 559 bool IsPathSeparator(const char c) { 560 return c == '\\' || c == '/'; 561 } 562 563 static bool IsAlpha(char c) { 564 c = ToLower(c); 565 return c >= 'a' && c <= 'z'; 566 } 567 568 bool IsAbsolutePath(const char *path) { 569 return path != nullptr && IsAlpha(path[0]) && path[1] == ':' && 570 IsPathSeparator(path[2]); 571 } 572 573 void internal_usleep(u64 useconds) { Sleep(useconds / 1000); } 574 575 u64 NanoTime() { 576 static LARGE_INTEGER frequency = {}; 577 LARGE_INTEGER counter; 578 if (UNLIKELY(frequency.QuadPart == 0)) { 579 QueryPerformanceFrequency(&frequency); 580 CHECK_NE(frequency.QuadPart, 0); 581 } 582 QueryPerformanceCounter(&counter); 583 counter.QuadPart *= 1000ULL * 1000000ULL; 584 counter.QuadPart /= frequency.QuadPart; 585 return counter.QuadPart; 586 } 587 588 u64 MonotonicNanoTime() { return NanoTime(); } 589 590 void Abort() { 591 internal__exit(3); 592 } 593 594 bool CreateDir(const char *pathname) { 595 return CreateDirectoryA(pathname, nullptr) != 0; 596 } 597 598 #if !SANITIZER_GO 599 // Read the file to extract the ImageBase field from the PE header. If ASLR is 600 // disabled and this virtual address is available, the loader will typically 601 // load the image at this address. Therefore, we call it the preferred base. Any 602 // addresses in the DWARF typically assume that the object has been loaded at 603 // this address. 604 static uptr GetPreferredBase(const char *modname, char *buf, size_t buf_size) { 605 fd_t fd = OpenFile(modname, RdOnly, nullptr); 606 if (fd == kInvalidFd) 607 return 0; 608 FileCloser closer(fd); 609 610 // Read just the DOS header. 611 IMAGE_DOS_HEADER dos_header; 612 uptr bytes_read; 613 if (!ReadFromFile(fd, &dos_header, sizeof(dos_header), &bytes_read) || 614 bytes_read != sizeof(dos_header)) 615 return 0; 616 617 // The file should start with the right signature. 618 if (dos_header.e_magic != IMAGE_DOS_SIGNATURE) 619 return 0; 620 621 // The layout at e_lfanew is: 622 // "PE\0\0" 623 // IMAGE_FILE_HEADER 624 // IMAGE_OPTIONAL_HEADER 625 // Seek to e_lfanew and read all that data. 626 if (::SetFilePointer(fd, dos_header.e_lfanew, nullptr, FILE_BEGIN) == 627 INVALID_SET_FILE_POINTER) 628 return 0; 629 if (!ReadFromFile(fd, buf, buf_size, &bytes_read) || bytes_read != buf_size) 630 return 0; 631 632 // Check for "PE\0\0" before the PE header. 633 char *pe_sig = &buf[0]; 634 if (internal_memcmp(pe_sig, "PE\0\0", 4) != 0) 635 return 0; 636 637 // Skip over IMAGE_FILE_HEADER. We could do more validation here if we wanted. 638 IMAGE_OPTIONAL_HEADER *pe_header = 639 (IMAGE_OPTIONAL_HEADER *)(pe_sig + 4 + sizeof(IMAGE_FILE_HEADER)); 640 641 // Check for more magic in the PE header. 642 if (pe_header->Magic != IMAGE_NT_OPTIONAL_HDR_MAGIC) 643 return 0; 644 645 // Finally, return the ImageBase. 646 return (uptr)pe_header->ImageBase; 647 } 648 649 void ListOfModules::init() { 650 clearOrInit(); 651 HANDLE cur_process = GetCurrentProcess(); 652 653 // Query the list of modules. Start by assuming there are no more than 256 654 // modules and retry if that's not sufficient. 655 HMODULE *hmodules = 0; 656 uptr modules_buffer_size = sizeof(HMODULE) * 256; 657 DWORD bytes_required; 658 while (!hmodules) { 659 hmodules = (HMODULE *)MmapOrDie(modules_buffer_size, __FUNCTION__); 660 CHECK(EnumProcessModules(cur_process, hmodules, modules_buffer_size, 661 &bytes_required)); 662 if (bytes_required > modules_buffer_size) { 663 // Either there turned out to be more than 256 hmodules, or new hmodules 664 // could have loaded since the last try. Retry. 665 UnmapOrDie(hmodules, modules_buffer_size); 666 hmodules = 0; 667 modules_buffer_size = bytes_required; 668 } 669 } 670 671 InternalMmapVector<char> buf(4 + sizeof(IMAGE_FILE_HEADER) + 672 sizeof(IMAGE_OPTIONAL_HEADER)); 673 InternalMmapVector<wchar_t> modname_utf16(kMaxPathLength); 674 InternalMmapVector<char> module_name(kMaxPathLength); 675 // |num_modules| is the number of modules actually present, 676 size_t num_modules = bytes_required / sizeof(HMODULE); 677 for (size_t i = 0; i < num_modules; ++i) { 678 HMODULE handle = hmodules[i]; 679 MODULEINFO mi; 680 if (!GetModuleInformation(cur_process, handle, &mi, sizeof(mi))) 681 continue; 682 683 // Get the UTF-16 path and convert to UTF-8. 684 int modname_utf16_len = 685 GetModuleFileNameW(handle, &modname_utf16[0], kMaxPathLength); 686 if (modname_utf16_len == 0) 687 modname_utf16[0] = '\0'; 688 int module_name_len = ::WideCharToMultiByte( 689 CP_UTF8, 0, &modname_utf16[0], modname_utf16_len + 1, &module_name[0], 690 kMaxPathLength, NULL, NULL); 691 module_name[module_name_len] = '\0'; 692 693 uptr base_address = (uptr)mi.lpBaseOfDll; 694 uptr end_address = (uptr)mi.lpBaseOfDll + mi.SizeOfImage; 695 696 // Adjust the base address of the module so that we get a VA instead of an 697 // RVA when computing the module offset. This helps llvm-symbolizer find the 698 // right DWARF CU. In the common case that the image is loaded at it's 699 // preferred address, we will now print normal virtual addresses. 700 uptr preferred_base = 701 GetPreferredBase(&module_name[0], &buf[0], buf.size()); 702 uptr adjusted_base = base_address - preferred_base; 703 704 modules_.push_back(LoadedModule()); 705 LoadedModule &cur_module = modules_.back(); 706 cur_module.set(&module_name[0], adjusted_base); 707 // We add the whole module as one single address range. 708 cur_module.addAddressRange(base_address, end_address, /*executable*/ true, 709 /*writable*/ true); 710 } 711 UnmapOrDie(hmodules, modules_buffer_size); 712 } 713 714 void ListOfModules::fallbackInit() { clear(); } 715 716 // We can't use atexit() directly at __asan_init time as the CRT is not fully 717 // initialized at this point. Place the functions into a vector and use 718 // atexit() as soon as it is ready for use (i.e. after .CRT$XIC initializers). 719 InternalMmapVectorNoCtor<void (*)(void)> atexit_functions; 720 721 int Atexit(void (*function)(void)) { 722 atexit_functions.push_back(function); 723 return 0; 724 } 725 726 static int RunAtexit() { 727 TraceLoggingUnregister(g_asan_provider); 728 int ret = 0; 729 for (uptr i = 0; i < atexit_functions.size(); ++i) { 730 ret |= atexit(atexit_functions[i]); 731 } 732 return ret; 733 } 734 735 #pragma section(".CRT$XID", long, read) 736 __declspec(allocate(".CRT$XID")) int (*__run_atexit)() = RunAtexit; 737 #endif 738 739 // ------------------ sanitizer_libc.h 740 fd_t OpenFile(const char *filename, FileAccessMode mode, error_t *last_error) { 741 // FIXME: Use the wide variants to handle Unicode filenames. 742 fd_t res; 743 if (mode == RdOnly) { 744 res = CreateFileA(filename, GENERIC_READ, 745 FILE_SHARE_READ | FILE_SHARE_WRITE | FILE_SHARE_DELETE, 746 nullptr, OPEN_EXISTING, FILE_ATTRIBUTE_NORMAL, nullptr); 747 } else if (mode == WrOnly) { 748 res = CreateFileA(filename, GENERIC_WRITE, 0, nullptr, CREATE_ALWAYS, 749 FILE_ATTRIBUTE_NORMAL, nullptr); 750 } else { 751 UNIMPLEMENTED(); 752 } 753 CHECK(res != kStdoutFd || kStdoutFd == kInvalidFd); 754 CHECK(res != kStderrFd || kStderrFd == kInvalidFd); 755 if (res == kInvalidFd && last_error) 756 *last_error = GetLastError(); 757 return res; 758 } 759 760 void CloseFile(fd_t fd) { 761 CloseHandle(fd); 762 } 763 764 bool ReadFromFile(fd_t fd, void *buff, uptr buff_size, uptr *bytes_read, 765 error_t *error_p) { 766 CHECK(fd != kInvalidFd); 767 768 // bytes_read can't be passed directly to ReadFile: 769 // uptr is unsigned long long on 64-bit Windows. 770 unsigned long num_read_long; 771 772 bool success = ::ReadFile(fd, buff, buff_size, &num_read_long, nullptr); 773 if (!success && error_p) 774 *error_p = GetLastError(); 775 if (bytes_read) 776 *bytes_read = num_read_long; 777 return success; 778 } 779 780 bool SupportsColoredOutput(fd_t fd) { 781 // FIXME: support colored output. 782 return false; 783 } 784 785 bool WriteToFile(fd_t fd, const void *buff, uptr buff_size, uptr *bytes_written, 786 error_t *error_p) { 787 CHECK(fd != kInvalidFd); 788 789 // Handle null optional parameters. 790 error_t dummy_error; 791 error_p = error_p ? error_p : &dummy_error; 792 uptr dummy_bytes_written; 793 bytes_written = bytes_written ? bytes_written : &dummy_bytes_written; 794 795 // Initialize output parameters in case we fail. 796 *error_p = 0; 797 *bytes_written = 0; 798 799 // Map the conventional Unix fds 1 and 2 to Windows handles. They might be 800 // closed, in which case this will fail. 801 if (fd == kStdoutFd || fd == kStderrFd) { 802 fd = GetStdHandle(fd == kStdoutFd ? STD_OUTPUT_HANDLE : STD_ERROR_HANDLE); 803 if (fd == 0) { 804 *error_p = ERROR_INVALID_HANDLE; 805 return false; 806 } 807 } 808 809 DWORD bytes_written_32; 810 if (!WriteFile(fd, buff, buff_size, &bytes_written_32, 0)) { 811 *error_p = GetLastError(); 812 return false; 813 } else { 814 *bytes_written = bytes_written_32; 815 return true; 816 } 817 } 818 819 uptr internal_sched_yield() { 820 Sleep(0); 821 return 0; 822 } 823 824 void internal__exit(int exitcode) { 825 TraceLoggingUnregister(g_asan_provider); 826 // ExitProcess runs some finalizers, so use TerminateProcess to avoid that. 827 // The debugger doesn't stop on TerminateProcess like it does on ExitProcess, 828 // so add our own breakpoint here. 829 if (::IsDebuggerPresent()) 830 __debugbreak(); 831 TerminateProcess(GetCurrentProcess(), exitcode); 832 BUILTIN_UNREACHABLE(); 833 } 834 835 uptr internal_ftruncate(fd_t fd, uptr size) { 836 UNIMPLEMENTED(); 837 } 838 839 uptr GetRSS() { 840 PROCESS_MEMORY_COUNTERS counters; 841 if (!GetProcessMemoryInfo(GetCurrentProcess(), &counters, sizeof(counters))) 842 return 0; 843 return counters.WorkingSetSize; 844 } 845 846 void *internal_start_thread(void *(*func)(void *arg), void *arg) { return 0; } 847 void internal_join_thread(void *th) { } 848 849 void FutexWait(atomic_uint32_t *p, u32 cmp) { 850 WaitOnAddress(p, &cmp, sizeof(cmp), INFINITE); 851 } 852 853 void FutexWake(atomic_uint32_t *p, u32 count) { 854 if (count == 1) 855 WakeByAddressSingle(p); 856 else 857 WakeByAddressAll(p); 858 } 859 860 uptr GetTlsSize() { 861 return 0; 862 } 863 864 void InitTlsSize() { 865 } 866 867 void GetThreadStackAndTls(bool main, uptr *stk_addr, uptr *stk_size, 868 uptr *tls_addr, uptr *tls_size) { 869 #if SANITIZER_GO 870 *stk_addr = 0; 871 *stk_size = 0; 872 *tls_addr = 0; 873 *tls_size = 0; 874 #else 875 uptr stack_top, stack_bottom; 876 GetThreadStackTopAndBottom(main, &stack_top, &stack_bottom); 877 *stk_addr = stack_bottom; 878 *stk_size = stack_top - stack_bottom; 879 *tls_addr = 0; 880 *tls_size = 0; 881 #endif 882 } 883 884 void ReportFile::Write(const char *buffer, uptr length) { 885 SpinMutexLock l(mu); 886 ReopenIfNecessary(); 887 if (!WriteToFile(fd, buffer, length)) { 888 // stderr may be closed, but we may be able to print to the debugger 889 // instead. This is the case when launching a program from Visual Studio, 890 // and the following routine should write to its console. 891 OutputDebugStringA(buffer); 892 } 893 } 894 895 void SetAlternateSignalStack() { 896 // FIXME: Decide what to do on Windows. 897 } 898 899 void UnsetAlternateSignalStack() { 900 // FIXME: Decide what to do on Windows. 901 } 902 903 void InstallDeadlySignalHandlers(SignalHandlerType handler) { 904 (void)handler; 905 // FIXME: Decide what to do on Windows. 906 } 907 908 HandleSignalMode GetHandleSignalMode(int signum) { 909 // FIXME: Decide what to do on Windows. 910 return kHandleSignalNo; 911 } 912 913 // Check based on flags if we should handle this exception. 914 bool IsHandledDeadlyException(DWORD exceptionCode) { 915 switch (exceptionCode) { 916 case EXCEPTION_ACCESS_VIOLATION: 917 case EXCEPTION_ARRAY_BOUNDS_EXCEEDED: 918 case EXCEPTION_STACK_OVERFLOW: 919 case EXCEPTION_DATATYPE_MISALIGNMENT: 920 case EXCEPTION_IN_PAGE_ERROR: 921 return common_flags()->handle_segv; 922 case EXCEPTION_ILLEGAL_INSTRUCTION: 923 case EXCEPTION_PRIV_INSTRUCTION: 924 case EXCEPTION_BREAKPOINT: 925 return common_flags()->handle_sigill; 926 case EXCEPTION_FLT_DENORMAL_OPERAND: 927 case EXCEPTION_FLT_DIVIDE_BY_ZERO: 928 case EXCEPTION_FLT_INEXACT_RESULT: 929 case EXCEPTION_FLT_INVALID_OPERATION: 930 case EXCEPTION_FLT_OVERFLOW: 931 case EXCEPTION_FLT_STACK_CHECK: 932 case EXCEPTION_FLT_UNDERFLOW: 933 case EXCEPTION_INT_DIVIDE_BY_ZERO: 934 case EXCEPTION_INT_OVERFLOW: 935 return common_flags()->handle_sigfpe; 936 } 937 return false; 938 } 939 940 bool IsAccessibleMemoryRange(uptr beg, uptr size) { 941 SYSTEM_INFO si; 942 GetNativeSystemInfo(&si); 943 uptr page_size = si.dwPageSize; 944 uptr page_mask = ~(page_size - 1); 945 946 for (uptr page = beg & page_mask, end = (beg + size - 1) & page_mask; 947 page <= end;) { 948 MEMORY_BASIC_INFORMATION info; 949 if (VirtualQuery((LPCVOID)page, &info, sizeof(info)) != sizeof(info)) 950 return false; 951 952 if (info.Protect == 0 || info.Protect == PAGE_NOACCESS || 953 info.Protect == PAGE_EXECUTE) 954 return false; 955 956 if (info.RegionSize == 0) 957 return false; 958 959 page += info.RegionSize; 960 } 961 962 return true; 963 } 964 965 bool SignalContext::IsStackOverflow() const { 966 return (DWORD)GetType() == EXCEPTION_STACK_OVERFLOW; 967 } 968 969 void SignalContext::InitPcSpBp() { 970 EXCEPTION_RECORD *exception_record = (EXCEPTION_RECORD *)siginfo; 971 CONTEXT *context_record = (CONTEXT *)context; 972 973 pc = (uptr)exception_record->ExceptionAddress; 974 # if SANITIZER_WINDOWS64 975 # if SANITIZER_ARM64 976 bp = (uptr)context_record->Fp; 977 sp = (uptr)context_record->Sp; 978 # else 979 bp = (uptr)context_record->Rbp; 980 sp = (uptr)context_record->Rsp; 981 # endif 982 # else 983 bp = (uptr)context_record->Ebp; 984 sp = (uptr)context_record->Esp; 985 # endif 986 } 987 988 uptr SignalContext::GetAddress() const { 989 EXCEPTION_RECORD *exception_record = (EXCEPTION_RECORD *)siginfo; 990 if (exception_record->ExceptionCode == EXCEPTION_ACCESS_VIOLATION) 991 return exception_record->ExceptionInformation[1]; 992 return (uptr)exception_record->ExceptionAddress; 993 } 994 995 bool SignalContext::IsMemoryAccess() const { 996 return ((EXCEPTION_RECORD *)siginfo)->ExceptionCode == 997 EXCEPTION_ACCESS_VIOLATION; 998 } 999 1000 bool SignalContext::IsTrueFaultingAddress() const { return true; } 1001 1002 SignalContext::WriteFlag SignalContext::GetWriteFlag() const { 1003 EXCEPTION_RECORD *exception_record = (EXCEPTION_RECORD *)siginfo; 1004 1005 // The write flag is only available for access violation exceptions. 1006 if (exception_record->ExceptionCode != EXCEPTION_ACCESS_VIOLATION) 1007 return SignalContext::Unknown; 1008 1009 // The contents of this array are documented at 1010 // https://docs.microsoft.com/en-us/windows/win32/api/winnt/ns-winnt-exception_record 1011 // The first element indicates read as 0, write as 1, or execute as 8. The 1012 // second element is the faulting address. 1013 switch (exception_record->ExceptionInformation[0]) { 1014 case 0: 1015 return SignalContext::Read; 1016 case 1: 1017 return SignalContext::Write; 1018 case 8: 1019 return SignalContext::Unknown; 1020 } 1021 return SignalContext::Unknown; 1022 } 1023 1024 void SignalContext::DumpAllRegisters(void *context) { 1025 // FIXME: Implement this. 1026 } 1027 1028 int SignalContext::GetType() const { 1029 return static_cast<const EXCEPTION_RECORD *>(siginfo)->ExceptionCode; 1030 } 1031 1032 const char *SignalContext::Describe() const { 1033 unsigned code = GetType(); 1034 // Get the string description of the exception if this is a known deadly 1035 // exception. 1036 switch (code) { 1037 case EXCEPTION_ACCESS_VIOLATION: 1038 return "access-violation"; 1039 case EXCEPTION_ARRAY_BOUNDS_EXCEEDED: 1040 return "array-bounds-exceeded"; 1041 case EXCEPTION_STACK_OVERFLOW: 1042 return "stack-overflow"; 1043 case EXCEPTION_DATATYPE_MISALIGNMENT: 1044 return "datatype-misalignment"; 1045 case EXCEPTION_IN_PAGE_ERROR: 1046 return "in-page-error"; 1047 case EXCEPTION_ILLEGAL_INSTRUCTION: 1048 return "illegal-instruction"; 1049 case EXCEPTION_PRIV_INSTRUCTION: 1050 return "priv-instruction"; 1051 case EXCEPTION_BREAKPOINT: 1052 return "breakpoint"; 1053 case EXCEPTION_FLT_DENORMAL_OPERAND: 1054 return "flt-denormal-operand"; 1055 case EXCEPTION_FLT_DIVIDE_BY_ZERO: 1056 return "flt-divide-by-zero"; 1057 case EXCEPTION_FLT_INEXACT_RESULT: 1058 return "flt-inexact-result"; 1059 case EXCEPTION_FLT_INVALID_OPERATION: 1060 return "flt-invalid-operation"; 1061 case EXCEPTION_FLT_OVERFLOW: 1062 return "flt-overflow"; 1063 case EXCEPTION_FLT_STACK_CHECK: 1064 return "flt-stack-check"; 1065 case EXCEPTION_FLT_UNDERFLOW: 1066 return "flt-underflow"; 1067 case EXCEPTION_INT_DIVIDE_BY_ZERO: 1068 return "int-divide-by-zero"; 1069 case EXCEPTION_INT_OVERFLOW: 1070 return "int-overflow"; 1071 } 1072 return "unknown exception"; 1073 } 1074 1075 uptr ReadBinaryName(/*out*/char *buf, uptr buf_len) { 1076 if (buf_len == 0) 1077 return 0; 1078 1079 // Get the UTF-16 path and convert to UTF-8. 1080 InternalMmapVector<wchar_t> binname_utf16(kMaxPathLength); 1081 int binname_utf16_len = 1082 GetModuleFileNameW(NULL, &binname_utf16[0], kMaxPathLength); 1083 if (binname_utf16_len == 0) { 1084 buf[0] = '\0'; 1085 return 0; 1086 } 1087 int binary_name_len = 1088 ::WideCharToMultiByte(CP_UTF8, 0, &binname_utf16[0], binname_utf16_len, 1089 buf, buf_len, NULL, NULL); 1090 if ((unsigned)binary_name_len == buf_len) 1091 --binary_name_len; 1092 buf[binary_name_len] = '\0'; 1093 return binary_name_len; 1094 } 1095 1096 uptr ReadLongProcessName(/*out*/char *buf, uptr buf_len) { 1097 return ReadBinaryName(buf, buf_len); 1098 } 1099 1100 void CheckVMASize() { 1101 // Do nothing. 1102 } 1103 1104 void InitializePlatformEarly() { 1105 // Do nothing. 1106 } 1107 1108 void CheckASLR() { 1109 // Do nothing 1110 } 1111 1112 void CheckMPROTECT() { 1113 // Do nothing 1114 } 1115 1116 char **GetArgv() { 1117 // FIXME: Actually implement this function. 1118 return 0; 1119 } 1120 1121 char **GetEnviron() { 1122 // FIXME: Actually implement this function. 1123 return 0; 1124 } 1125 1126 pid_t StartSubprocess(const char *program, const char *const argv[], 1127 const char *const envp[], fd_t stdin_fd, fd_t stdout_fd, 1128 fd_t stderr_fd) { 1129 // FIXME: implement on this platform 1130 // Should be implemented based on 1131 // SymbolizerProcess::StarAtSymbolizerSubprocess 1132 // from lib/sanitizer_common/sanitizer_symbolizer_win.cpp. 1133 return -1; 1134 } 1135 1136 bool IsProcessRunning(pid_t pid) { 1137 // FIXME: implement on this platform. 1138 return false; 1139 } 1140 1141 int WaitForProcess(pid_t pid) { return -1; } 1142 1143 // FIXME implement on this platform. 1144 void GetMemoryProfile(fill_profile_f cb, uptr *stats) {} 1145 1146 void CheckNoDeepBind(const char *filename, int flag) { 1147 // Do nothing. 1148 } 1149 1150 // FIXME: implement on this platform. 1151 bool GetRandom(void *buffer, uptr length, bool blocking) { 1152 UNIMPLEMENTED(); 1153 } 1154 1155 u32 GetNumberOfCPUs() { 1156 SYSTEM_INFO sysinfo = {}; 1157 GetNativeSystemInfo(&sysinfo); 1158 return sysinfo.dwNumberOfProcessors; 1159 } 1160 1161 #if SANITIZER_WIN_TRACE 1162 // TODO(mcgov): Rename this project-wide to PlatformLogInit 1163 void AndroidLogInit(void) { 1164 HRESULT hr = TraceLoggingRegister(g_asan_provider); 1165 if (!SUCCEEDED(hr)) 1166 return; 1167 } 1168 1169 void SetAbortMessage(const char *) {} 1170 1171 void LogFullErrorReport(const char *buffer) { 1172 if (common_flags()->log_to_syslog) { 1173 InternalMmapVector<wchar_t> filename; 1174 DWORD filename_length = 0; 1175 do { 1176 filename.resize(filename.size() + 0x100); 1177 filename_length = 1178 GetModuleFileNameW(NULL, filename.begin(), filename.size()); 1179 } while (filename_length >= filename.size()); 1180 TraceLoggingWrite(g_asan_provider, "AsanReportEvent", 1181 TraceLoggingValue(filename.begin(), "ExecutableName"), 1182 TraceLoggingValue(buffer, "AsanReportContents")); 1183 } 1184 } 1185 #endif // SANITIZER_WIN_TRACE 1186 1187 void InitializePlatformCommonFlags(CommonFlags *cf) {} 1188 1189 } // namespace __sanitizer 1190 1191 #endif // _WIN32 1192