asan_fake_stack.h revision b1173c27c2791aef27304e68911a11648401064d
1//===-- asan_fake_stack.h ---------------------------------------*- C++ -*-===// 2// 3// The LLVM Compiler Infrastructure 4// 5// This file is distributed under the University of Illinois Open Source 6// License. See LICENSE.TXT for details. 7// 8//===----------------------------------------------------------------------===// 9// 10// This file is a part of AddressSanitizer, an address sanity checker. 11// 12// ASan-private header for asan_fake_stack.cc, implements FakeStack. 13//===----------------------------------------------------------------------===// 14 15#ifndef ASAN_FAKE_STACK_H 16#define ASAN_FAKE_STACK_H 17 18#include "sanitizer_common/sanitizer_common.h" 19 20namespace __asan { 21 22// Fake stack frame contains local variables of one function. 23struct FakeFrame { 24 uptr magic; // Modified by the instrumented code. 25 uptr descr; // Modified by the instrumented code. 26 uptr pc; // Modified by the instrumented code. 27 u64 real_stack : 48; 28 u64 class_id : 16; 29}; 30 31// For each thread we create a fake stack and place stack objects on this fake 32// stack instead of the real stack. The fake stack is not really a stack but 33// a fast malloc-like allocator so that when a function exits the fake stack 34// is not popped but remains there for quite some time until gets used again. 35// So, we poison the objects on the fake stack when function returns. 36// It helps us find use-after-return bugs. 37// 38// The FakeStack objects is allocated by a single mmap call and has no other 39// pointers. The size of the fake stack depends on the actual thread stack size 40// and thus can not be a constant. 41// stack_size is a power of two greater or equal to the thread's stack size; 42// we store it as its logarithm (stack_size_log). 43// FakeStack has kNumberOfSizeClasses (11) size classes, each size class 44// is a power of two, starting from 64 bytes. Each size class occupies 45// stack_size bytes and thus can allocate 46// NumberOfFrames=(stack_size/BytesInSizeClass) fake frames (also a power of 2). 47// For each size class we have NumberOfFrames allocation flags, 48// each flag indicates whether the given frame is currently allocated. 49// All flags for size classes 0 .. 10 are stored in a single contiguous region 50// followed by another contiguous region which contains the actual memory for 51// size classes. The addresses are computed by GetFlags and GetFrame without 52// any memory accesses solely based on 'this' and stack_size_log. 53// Allocate() flips the appropriate allocation flag atomically, thus achieving 54// async-signal safety. 55// This allocator does not have quarantine per se, but it tries to allocate the 56// frames in round robin fasion to maximize the delay between a deallocation 57// and the next allocation. 58class FakeStack { 59 static const uptr kMinStackFrameSizeLog = 6; // Min frame is 64B. 60 static const uptr kMaxStackFrameSizeLog = 16; // Max stack frame is 64K. 61 62 public: 63 static const uptr kNumberOfSizeClasses = 64 kMaxStackFrameSizeLog - kMinStackFrameSizeLog + 1; 65 66 // CTOR: create the FakeStack as a single mmap-ed object. 67 static FakeStack *Create(uptr stack_size_log) { 68 static uptr kMinStackSizeLog = 16; 69 static uptr kMaxStackSizeLog = FIRST_32_SECOND_64(23, 26); 70 if (stack_size_log < kMinStackSizeLog) 71 stack_size_log = kMinStackSizeLog; 72 if (stack_size_log > kMaxStackSizeLog) 73 stack_size_log = kMaxStackSizeLog; 74 FakeStack *res = reinterpret_cast<FakeStack *>( 75 MmapOrDie(RequiredSize(stack_size_log), "FakeStack")); 76 res->stack_size_log_ = stack_size_log; 77 return res; 78 } 79 80 void Destroy() { 81 UnmapOrDie(this, RequiredSize(stack_size_log_)); 82 } 83 84 // stack_size_log is at least 15 (stack_size >= 32K). 85 static uptr SizeRequiredForFlags(uptr stack_size_log) { 86 return 1UL << (stack_size_log + 1 - kMinStackFrameSizeLog); 87 } 88 89 // Each size class occupies stack_size bytes. 90 static uptr SizeRequiredForFrames(uptr stack_size_log) { 91 return (1ULL << stack_size_log) * kNumberOfSizeClasses; 92 } 93 94 // Number of bytes requires for the whole object. 95 static uptr RequiredSize(uptr stack_size_log) { 96 return kFlagsOffset + SizeRequiredForFlags(stack_size_log) + 97 SizeRequiredForFrames(stack_size_log); 98 } 99 100 // Offset of the given flag from the first flag. 101 // The flags for class 0 begin at offset 000000000 102 // The flags for class 1 begin at offset 100000000 103 // ....................2................ 110000000 104 // ....................3................ 111000000 105 // and so on. 106 static uptr FlagsOffset(uptr stack_size_log, uptr class_id) { 107 uptr t = kNumberOfSizeClasses - 1 - class_id; 108 const uptr all_ones = (1 << (kNumberOfSizeClasses - 1)) - 1; 109 return ((all_ones >> t) << t) << (stack_size_log - 15); 110 } 111 112 static uptr NumberOfFrames(uptr stack_size_log, uptr class_id) { 113 return 1UL << (stack_size_log - kMinStackFrameSizeLog - class_id); 114 } 115 116 // Divide n by the numbe of frames in size class. 117 static uptr ModuloNumberOfFrames(uptr stack_size_log, uptr class_id, uptr n) { 118 return n & (NumberOfFrames(stack_size_log, class_id) - 1); 119 } 120 121 // The the pointer to the flags of the given class_id. 122 u8 *GetFlags(uptr stack_size_log, uptr class_id) { 123 return reinterpret_cast<u8 *>(this) + kFlagsOffset + 124 FlagsOffset(stack_size_log, class_id); 125 } 126 127 // Get frame by class_id and pos. 128 u8 *GetFrame(uptr stack_size_log, uptr class_id, uptr pos) { 129 return reinterpret_cast<u8 *>(this) + kFlagsOffset + 130 SizeRequiredForFlags(stack_size_log) + 131 (1 << stack_size_log) * class_id + BytesInSizeClass(class_id) * pos; 132 } 133 134 // Allocate the fake frame. 135 FakeFrame *Allocate(uptr stack_size_log, uptr class_id, uptr real_stack); 136 137 // Deallocate the fake frame. 138 void Deallocate(FakeFrame *ff, uptr stack_size_log, uptr class_id, 139 uptr real_stack); 140 141 // Poison the entire FakeStack's shadow with the magic value. 142 void PoisonAll(u8 magic); 143 144 // Return the beginning of the FakeFrame or 0 if the address is not ours. 145 uptr AddrIsInFakeStack(uptr addr); 146 147 // Number of bytes in a fake frame of this size class. 148 static uptr BytesInSizeClass(uptr class_id) { 149 return 1UL << (class_id + kMinStackFrameSizeLog); 150 } 151 152 uptr stack_size_log() const { return stack_size_log_; } 153 154 void HandleNoReturn(); 155 void GC(uptr real_stack); 156 157 private: 158 FakeStack() { } 159 static const uptr kFlagsOffset = 4096; // This is were the flags begin. 160 // Must match the number of uses of DEFINE_STACK_MALLOC_FREE_WITH_CLASS_ID 161 COMPILER_CHECK(kNumberOfSizeClasses == 11); 162 static const uptr kMaxStackMallocSize = 1 << kMaxStackFrameSizeLog; 163 164 uptr hint_position_[kNumberOfSizeClasses]; 165 uptr stack_size_log_; 166 // a bit is set if something was allocated from the corresponding size class. 167 uptr allocated_from_size_class_mask_; 168 bool needs_gc_; 169}; 170 171} // namespace __asan 172 173#endif // ASAN_FAKE_STACK_H 174