1 //===-- sanitizer/common_interface_defs.h -----------------------*- C++ -*-===//
3 // The LLVM Compiler Infrastructure
5 // This file is distributed under the University of Illinois Open Source
6 // License. See LICENSE.TXT for details.
8 //===----------------------------------------------------------------------===//
10 // Common part of the public sanitizer interface.
11 //===----------------------------------------------------------------------===//
13 #ifndef SANITIZER_COMMON_INTERFACE_DEFS_H
14 #define SANITIZER_COMMON_INTERFACE_DEFS_H
19 // GCC does not understand __has_feature.
20 #if !defined(__has_feature)
21 # define __has_feature(x) 0
27 // Arguments for __sanitizer_sandbox_on_notify() below.
29 // Enable sandbox support in sanitizer coverage.
30 int coverage_sandboxed;
31 // File descriptor to write coverage data to. If -1 is passed, a file will
32 // be pre-opened by __sanitizer_sandobx_on_notify(). This field has no
33 // effect if coverage_sandboxed == 0.
35 // If non-zero, split the coverage data into well-formed blocks. This is
36 // useful when coverage_fd is a socket descriptor. Each block will contain
37 // a header, allowing data from multiple processes to be sent over the same
39 unsigned int coverage_max_block_size;
40 } __sanitizer_sandbox_arguments;
42 // Tell the tools to write their reports to "path.<pid>" instead of stderr.
43 void __sanitizer_set_report_path(const char *path);
45 // Notify the tools that the sandbox is going to be turned on. The reserved
46 // parameter will be used in the future to hold a structure with functions
47 // that the tools may call to bypass the sandbox.
48 void __sanitizer_sandbox_on_notify(__sanitizer_sandbox_arguments *args);
50 // This function is called by the tool when it has just finished reporting
51 // an error. 'error_summary' is a one-line string that summarizes
52 // the error message. This function can be overridden by the client.
53 void __sanitizer_report_error_summary(const char *error_summary);
55 // Some of the sanitizers (e.g. asan/tsan) may miss bugs that happen
56 // in unaligned loads/stores. In order to find such bugs reliably one needs
57 // to replace plain unaligned loads/stores with these calls.
58 uint16_t __sanitizer_unaligned_load16(const void *p);
59 uint32_t __sanitizer_unaligned_load32(const void *p);
60 uint64_t __sanitizer_unaligned_load64(const void *p);
61 void __sanitizer_unaligned_store16(void *p, uint16_t x);
62 void __sanitizer_unaligned_store32(void *p, uint32_t x);
63 void __sanitizer_unaligned_store64(void *p, uint64_t x);
65 // Initialize coverage.
66 void __sanitizer_cov_init();
67 // Record and dump coverage info.
68 void __sanitizer_cov_dump();
69 // Open <name>.sancov.packed in the coverage directory and return the file
70 // descriptor. Returns -1 on failure, or if coverage dumping is disabled.
71 // This is intended for use by sandboxing code.
72 intptr_t __sanitizer_maybe_open_cov_file(const char *name);
73 // Get the number of total unique covered entities (blocks, edges, calls).
74 // This can be useful for coverage-directed in-process fuzzers.
75 uintptr_t __sanitizer_get_total_unique_coverage();
77 // Annotate the current state of a contiguous container, such as
78 // std::vector, std::string or similar.
79 // A contiguous container is a container that keeps all of its elements
80 // in a contiguous region of memory. The container owns the region of memory
81 // [beg, end); the memory [beg, mid) is used to store the current elements
82 // and the memory [mid, end) is reserved for future elements;
83 // beg <= mid <= end. For example, in "std::vector<> v"
85 // end = beg + v.capacity() * sizeof(v[0]);
86 // mid = beg + v.size() * sizeof(v[0]);
88 // This annotation tells the Sanitizer tool about the current state of the
89 // container so that the tool can report errors when memory from [mid, end)
90 // is accessed. Insert this annotation into methods like push_back/pop_back.
91 // Supply the old and the new values of mid (old_mid/new_mid).
92 // In the initial state mid == end and so should be the final
93 // state when the container is destroyed or when it reallocates the storage.
95 // Use with caution and don't use for anything other than vector-like classes.
97 // For AddressSanitizer, 'beg' should be 8-aligned and 'end' should
98 // be either 8-aligned or it should point to the end of a separate heap-,
99 // stack-, or global- allocated buffer. I.e. the following will not work:
100 // int64_t x[2]; // 16 bytes, 8-aligned.
101 // char *beg = (char *)&x[0];
102 // char *end = beg + 12; // Not 8 aligned, not the end of the buffer.
103 // This however will work fine:
104 // int32_t x[3]; // 12 bytes, but 8-aligned under AddressSanitizer.
105 // char *beg = (char*)&x[0];
106 // char *end = beg + 12; // Not 8-aligned, but is the end of the buffer.
107 void __sanitizer_annotate_contiguous_container(const void *beg,
110 const void *new_mid);
111 // Returns true if the contiguous container [beg, end) is properly poisoned
112 // (e.g. with __sanitizer_annotate_contiguous_container), i.e. if
113 // - [beg, mid) is addressable,
114 // - [mid, end) is unaddressable.
115 // Full verification requires O(end-beg) time; this function tries to avoid
116 // such complexity by touching only parts of the container around beg/mid/end.
117 int __sanitizer_verify_contiguous_container(const void *beg, const void *mid,
120 // Print the stack trace leading to this call. Useful for debugging user code.
121 void __sanitizer_print_stack_trace();
127 #endif // SANITIZER_COMMON_INTERFACE_DEFS_H