Path: blob/main/contrib/llvm-project/compiler-rt/lib/gwp_asan/common.h
35236 views
//===-- common.h ------------------------------------------------*- C++ -*-===//1//2// Part of the LLVM Project, under the Apache License v2.0 with LLVM Exceptions.3// See https://llvm.org/LICENSE.txt for license information.4// SPDX-License-Identifier: Apache-2.0 WITH LLVM-exception5//6//===----------------------------------------------------------------------===//78// This file contains code that is common between the crash handler and the9// GuardedPoolAllocator.1011#ifndef GWP_ASAN_COMMON_H_12#define GWP_ASAN_COMMON_H_1314#include "gwp_asan/definitions.h"15#include "gwp_asan/options.h"1617#include <stddef.h>18#include <stdint.h>1920namespace gwp_asan {2122// Magic header that resides in the AllocatorState so that GWP-ASan bugreports23// can be understood by tools at different versions. Out-of-process crash24// handlers, like crashpad on Fuchsia, take the raw contents of the25// AllocationMetatada array and the AllocatorState, and shove them into the26// minidump. Online unpacking of these structs needs to know from which version27// of GWP-ASan it's extracting the information, as the structures are not28// stable.29struct AllocatorVersionMagic {30// The values are copied into the structure at runtime, during31// `GuardedPoolAllocator::init()` so that GWP-ASan remains completely in the32// `.bss` segment.33static constexpr uint8_t kAllocatorVersionMagic[4] = {'A', 'S', 'A', 'N'};34uint8_t Magic[4] = {};35// Update the version number when the AllocatorState or AllocationMetadata36// change.37static constexpr uint16_t kAllocatorVersion = 2;38uint16_t Version = 0;39uint16_t Reserved = 0;40};4142enum class Error : uint8_t {43UNKNOWN,44USE_AFTER_FREE,45DOUBLE_FREE,46INVALID_FREE,47BUFFER_OVERFLOW,48BUFFER_UNDERFLOW49};5051const char *ErrorToString(const Error &E);5253static constexpr uint64_t kInvalidThreadID = UINT64_MAX;54// Get the current thread ID, or kInvalidThreadID if failure. Note: This55// implementation is platform-specific.56uint64_t getThreadID();5758// This struct contains all the metadata recorded about a single allocation made59// by GWP-ASan. If `AllocationMetadata.Addr` is zero, the metadata is non-valid.60struct AllocationMetadata {61// The number of bytes used to store a compressed stack frame. On 64-bit62// platforms, assuming a compression ratio of 50%, this should allow us to63// store ~64 frames per trace.64static constexpr size_t kStackFrameStorageBytes = 256;6566// Maximum number of stack frames to collect on allocation/deallocation. The67// actual number of collected frames may be less than this as the stack68// frames are compressed into a fixed memory range.69static constexpr size_t kMaxTraceLengthToCollect = 128;7071// Records the given allocation metadata into this struct.72void RecordAllocation(uintptr_t Addr, size_t RequestedSize);73// Record that this allocation is now deallocated.74void RecordDeallocation();7576struct CallSiteInfo {77// Record the current backtrace to this callsite.78void RecordBacktrace(options::Backtrace_t Backtrace);7980// The compressed backtrace to the allocation/deallocation.81uint8_t CompressedTrace[kStackFrameStorageBytes];82// The thread ID for this trace, or kInvalidThreadID if not available.83uint64_t ThreadID = kInvalidThreadID;84// The size of the compressed trace (in bytes). Zero indicates that no85// trace was collected.86size_t TraceSize = 0;87};8889// The address of this allocation. If zero, the rest of this struct isn't90// valid, as the allocation has never occurred.91uintptr_t Addr = 0;92// Represents the actual size of the allocation.93size_t RequestedSize = 0;9495CallSiteInfo AllocationTrace;96CallSiteInfo DeallocationTrace;9798// Whether this allocation has been deallocated yet.99bool IsDeallocated = false;100101// In recoverable mode, whether this allocation has had a crash associated102// with it. This has certain side effects, like meaning this allocation will103// permanently occupy a slot, and won't ever have another crash reported from104// it.105bool HasCrashed = false;106};107108// This holds the state that's shared between the GWP-ASan allocator and the109// crash handler. This, in conjunction with the Metadata array, forms the entire110// set of information required for understanding a GWP-ASan crash.111struct AllocatorState {112constexpr AllocatorState() {}113AllocatorVersionMagic VersionMagic{};114115// Returns whether the provided pointer is a current sampled allocation that116// is owned by this pool.117GWP_ASAN_ALWAYS_INLINE bool pointerIsMine(const void *Ptr) const {118uintptr_t P = reinterpret_cast<uintptr_t>(Ptr);119return P < GuardedPagePoolEnd && GuardedPagePool <= P;120}121122// Returns the address of the N-th guarded slot.123uintptr_t slotToAddr(size_t N) const;124125// Returns the largest allocation that is supported by this pool.126size_t maximumAllocationSize() const;127128// Gets the nearest slot to the provided address.129size_t getNearestSlot(uintptr_t Ptr) const;130131// Returns whether the provided pointer is a guard page or not. The pointer132// must be within memory owned by this pool, else the result is undefined.133bool isGuardPage(uintptr_t Ptr) const;134135// Returns the address that's used by __gwp_asan_get_internal_crash_address()136// and GPA::raiseInternallyDetectedError() to communicate that the SEGV in137// question comes from an internally-detected error.138uintptr_t internallyDetectedErrorFaultAddress() const;139140// The number of guarded slots that this pool holds.141size_t MaxSimultaneousAllocations = 0;142143// Pointer to the pool of guarded slots. Note that this points to the start of144// the pool (which is a guard page), not a pointer to the first guarded page.145uintptr_t GuardedPagePool = 0;146uintptr_t GuardedPagePoolEnd = 0;147148// Cached page size for this system in bytes.149size_t PageSize = 0;150151// The type and address of an internally-detected failure. For INVALID_FREE152// and DOUBLE_FREE, these errors are detected in GWP-ASan, which will set153// these values and terminate the process.154Error FailureType = Error::UNKNOWN;155uintptr_t FailureAddress = 0;156};157158// Below are various compile-time checks that the layout of the internal159// GWP-ASan structures are undisturbed. If they are disturbed, the version magic160// number needs to be increased by one, and the asserts need to be updated.161// Out-of-process crash handlers, like breakpad/crashpad, may copy the internal162// GWP-ASan structures into a minidump for offline reconstruction of the crash.163// In order to accomplish this, the offline reconstructor needs to know the164// version of GWP-ASan internal structures that it's unpacking (along with the165// architecture-specific layout info, which is left as an exercise to the crash166// handler).167static_assert(offsetof(AllocatorState, VersionMagic) == 0, "");168static_assert(sizeof(AllocatorVersionMagic) == 8, "");169#if defined(__x86_64__)170static_assert(sizeof(AllocatorState) == 56, "");171static_assert(offsetof(AllocatorState, FailureAddress) == 48, "");172static_assert(sizeof(AllocationMetadata) == 568, "");173static_assert(offsetof(AllocationMetadata, IsDeallocated) == 560, "");174#elif defined(__aarch64__)175static_assert(sizeof(AllocatorState) == 56, "");176static_assert(offsetof(AllocatorState, FailureAddress) == 48, "");177static_assert(sizeof(AllocationMetadata) == 568, "");178static_assert(offsetof(AllocationMetadata, IsDeallocated) == 560, "");179#elif defined(__i386__)180static_assert(sizeof(AllocatorState) == 32, "");181static_assert(offsetof(AllocatorState, FailureAddress) == 28, "");182static_assert(sizeof(AllocationMetadata) == 548, "");183static_assert(offsetof(AllocationMetadata, IsDeallocated) == 544, "");184#elif defined(__arm__)185static_assert(sizeof(AllocatorState) == 32, "");186static_assert(offsetof(AllocatorState, FailureAddress) == 28, "");187static_assert(sizeof(AllocationMetadata) == 560, "");188static_assert(offsetof(AllocationMetadata, IsDeallocated) == 552, "");189#endif // defined($ARCHITECTURE)190191} // namespace gwp_asan192#endif // GWP_ASAN_COMMON_H_193194195