|
150
|
1 //===-- common.h ------------------------------------------------*- C++ -*-===//
|
|
|
2 //
|
|
|
3 // Part of the LLVM Project, under the Apache License v2.0 with LLVM Exceptions.
|
|
|
4 // See https://llvm.org/LICENSE.txt for license information.
|
|
|
5 // SPDX-License-Identifier: Apache-2.0 WITH LLVM-exception
|
|
|
6 //
|
|
|
7 //===----------------------------------------------------------------------===//
|
|
|
8
|
|
|
9 // This file contains code that is common between the crash handler and the
|
|
|
10 // GuardedPoolAllocator.
|
|
|
11
|
|
|
12 #ifndef GWP_ASAN_COMMON_H_
|
|
|
13 #define GWP_ASAN_COMMON_H_
|
|
|
14
|
|
|
15 #include "gwp_asan/definitions.h"
|
|
|
16 #include "gwp_asan/options.h"
|
|
|
17
|
|
|
18 #include <stddef.h>
|
|
|
19 #include <stdint.h>
|
|
|
20
|
|
|
21 namespace gwp_asan {
|
|
236
|
22
|
|
|
23 // Magic header that resides in the AllocatorState so that GWP-ASan bugreports
|
|
|
24 // can be understood by tools at different versions. Out-of-process crash
|
|
|
25 // handlers, like crashpad on Fuchsia, take the raw contents of the
|
|
|
26 // AllocationMetatada array and the AllocatorState, and shove them into the
|
|
|
27 // minidump. Online unpacking of these structs needs to know from which version
|
|
|
28 // of GWP-ASan it's extracting the information, as the structures are not
|
|
|
29 // stable.
|
|
|
30 struct AllocatorVersionMagic {
|
|
|
31 // The values are copied into the structure at runtime, during
|
|
|
32 // `GuardedPoolAllocator::init()` so that GWP-ASan remains completely in the
|
|
|
33 // `.bss` segment.
|
|
|
34 static constexpr uint8_t kAllocatorVersionMagic[4] = {'A', 'S', 'A', 'N'};
|
|
|
35 uint8_t Magic[4] = {};
|
|
|
36 // Update the version number when the AllocatorState or AllocationMetadata
|
|
|
37 // change.
|
|
|
38 static constexpr uint16_t kAllocatorVersion = 1;
|
|
|
39 uint16_t Version = 0;
|
|
|
40 uint16_t Reserved = 0;
|
|
|
41 };
|
|
|
42
|
|
|
43 enum class Error : uint8_t {
|
|
150
|
44 UNKNOWN,
|
|
|
45 USE_AFTER_FREE,
|
|
|
46 DOUBLE_FREE,
|
|
|
47 INVALID_FREE,
|
|
|
48 BUFFER_OVERFLOW,
|
|
|
49 BUFFER_UNDERFLOW
|
|
|
50 };
|
|
|
51
|
|
|
52 const char *ErrorToString(const Error &E);
|
|
|
53
|
|
|
54 static constexpr uint64_t kInvalidThreadID = UINT64_MAX;
|
|
|
55 // Get the current thread ID, or kInvalidThreadID if failure. Note: This
|
|
|
56 // implementation is platform-specific.
|
|
|
57 uint64_t getThreadID();
|
|
|
58
|
|
|
59 // This struct contains all the metadata recorded about a single allocation made
|
|
|
60 // by GWP-ASan. If `AllocationMetadata.Addr` is zero, the metadata is non-valid.
|
|
|
61 struct AllocationMetadata {
|
|
|
62 // The number of bytes used to store a compressed stack frame. On 64-bit
|
|
|
63 // platforms, assuming a compression ratio of 50%, this should allow us to
|
|
|
64 // store ~64 frames per trace.
|
|
|
65 static constexpr size_t kStackFrameStorageBytes = 256;
|
|
|
66
|
|
|
67 // Maximum number of stack frames to collect on allocation/deallocation. The
|
|
|
68 // actual number of collected frames may be less than this as the stack
|
|
|
69 // frames are compressed into a fixed memory range.
|
|
|
70 static constexpr size_t kMaxTraceLengthToCollect = 128;
|
|
|
71
|
|
|
72 // Records the given allocation metadata into this struct.
|
|
221
|
73 void RecordAllocation(uintptr_t Addr, size_t RequestedSize);
|
|
150
|
74 // Record that this allocation is now deallocated.
|
|
|
75 void RecordDeallocation();
|
|
|
76
|
|
|
77 struct CallSiteInfo {
|
|
|
78 // Record the current backtrace to this callsite.
|
|
|
79 void RecordBacktrace(options::Backtrace_t Backtrace);
|
|
|
80
|
|
|
81 // The compressed backtrace to the allocation/deallocation.
|
|
|
82 uint8_t CompressedTrace[kStackFrameStorageBytes];
|
|
|
83 // The thread ID for this trace, or kInvalidThreadID if not available.
|
|
|
84 uint64_t ThreadID = kInvalidThreadID;
|
|
|
85 // The size of the compressed trace (in bytes). Zero indicates that no
|
|
|
86 // trace was collected.
|
|
|
87 size_t TraceSize = 0;
|
|
|
88 };
|
|
|
89
|
|
|
90 // The address of this allocation. If zero, the rest of this struct isn't
|
|
|
91 // valid, as the allocation has never occurred.
|
|
|
92 uintptr_t Addr = 0;
|
|
|
93 // Represents the actual size of the allocation.
|
|
221
|
94 size_t RequestedSize = 0;
|
|
150
|
95
|
|
|
96 CallSiteInfo AllocationTrace;
|
|
|
97 CallSiteInfo DeallocationTrace;
|
|
|
98
|
|
|
99 // Whether this allocation has been deallocated yet.
|
|
|
100 bool IsDeallocated = false;
|
|
|
101 };
|
|
|
102
|
|
|
103 // This holds the state that's shared between the GWP-ASan allocator and the
|
|
|
104 // crash handler. This, in conjunction with the Metadata array, forms the entire
|
|
|
105 // set of information required for understanding a GWP-ASan crash.
|
|
|
106 struct AllocatorState {
|
|
221
|
107 constexpr AllocatorState() {}
|
|
236
|
108 AllocatorVersionMagic VersionMagic{};
|
|
221
|
109
|
|
150
|
110 // Returns whether the provided pointer is a current sampled allocation that
|
|
|
111 // is owned by this pool.
|
|
|
112 GWP_ASAN_ALWAYS_INLINE bool pointerIsMine(const void *Ptr) const {
|
|
|
113 uintptr_t P = reinterpret_cast<uintptr_t>(Ptr);
|
|
|
114 return P < GuardedPagePoolEnd && GuardedPagePool <= P;
|
|
|
115 }
|
|
|
116
|
|
|
117 // Returns the address of the N-th guarded slot.
|
|
|
118 uintptr_t slotToAddr(size_t N) const;
|
|
|
119
|
|
|
120 // Returns the largest allocation that is supported by this pool.
|
|
|
121 size_t maximumAllocationSize() const;
|
|
|
122
|
|
|
123 // Gets the nearest slot to the provided address.
|
|
|
124 size_t getNearestSlot(uintptr_t Ptr) const;
|
|
|
125
|
|
|
126 // Returns whether the provided pointer is a guard page or not. The pointer
|
|
|
127 // must be within memory owned by this pool, else the result is undefined.
|
|
|
128 bool isGuardPage(uintptr_t Ptr) const;
|
|
|
129
|
|
|
130 // The number of guarded slots that this pool holds.
|
|
|
131 size_t MaxSimultaneousAllocations = 0;
|
|
|
132
|
|
|
133 // Pointer to the pool of guarded slots. Note that this points to the start of
|
|
|
134 // the pool (which is a guard page), not a pointer to the first guarded page.
|
|
|
135 uintptr_t GuardedPagePool = 0;
|
|
|
136 uintptr_t GuardedPagePoolEnd = 0;
|
|
|
137
|
|
|
138 // Cached page size for this system in bytes.
|
|
|
139 size_t PageSize = 0;
|
|
|
140
|
|
|
141 // The type and address of an internally-detected failure. For INVALID_FREE
|
|
|
142 // and DOUBLE_FREE, these errors are detected in GWP-ASan, which will set
|
|
|
143 // these values and terminate the process.
|
|
|
144 Error FailureType = Error::UNKNOWN;
|
|
|
145 uintptr_t FailureAddress = 0;
|
|
|
146 };
|
|
|
147
|
|
236
|
148 // Below are various compile-time checks that the layout of the internal
|
|
|
149 // GWP-ASan structures are undisturbed. If they are disturbed, the version magic
|
|
|
150 // number needs to be increased by one, and the asserts need to be updated.
|
|
|
151 // Out-of-process crash handlers, like breakpad/crashpad, may copy the internal
|
|
|
152 // GWP-ASan structures into a minidump for offline reconstruction of the crash.
|
|
|
153 // In order to accomplish this, the offline reconstructor needs to know the
|
|
|
154 // version of GWP-ASan internal structures that it's unpacking (along with the
|
|
|
155 // architecture-specific layout info, which is left as an exercise to the crash
|
|
|
156 // handler).
|
|
|
157 static_assert(offsetof(AllocatorState, VersionMagic) == 0, "");
|
|
|
158 static_assert(sizeof(AllocatorVersionMagic) == 8, "");
|
|
|
159 #if defined(__x86_64__)
|
|
|
160 static_assert(sizeof(AllocatorState) == 56, "");
|
|
|
161 static_assert(offsetof(AllocatorState, FailureAddress) == 48, "");
|
|
|
162 static_assert(sizeof(AllocationMetadata) == 568, "");
|
|
|
163 static_assert(offsetof(AllocationMetadata, IsDeallocated) == 560, "");
|
|
|
164 #elif defined(__aarch64__)
|
|
|
165 static_assert(sizeof(AllocatorState) == 56, "");
|
|
|
166 static_assert(offsetof(AllocatorState, FailureAddress) == 48, "");
|
|
|
167 static_assert(sizeof(AllocationMetadata) == 568, "");
|
|
|
168 static_assert(offsetof(AllocationMetadata, IsDeallocated) == 560, "");
|
|
|
169 #elif defined(__i386__)
|
|
|
170 static_assert(sizeof(AllocatorState) == 32, "");
|
|
|
171 static_assert(offsetof(AllocatorState, FailureAddress) == 28, "");
|
|
|
172 static_assert(sizeof(AllocationMetadata) == 548, "");
|
|
|
173 static_assert(offsetof(AllocationMetadata, IsDeallocated) == 544, "");
|
|
|
174 #elif defined(__arm__)
|
|
|
175 static_assert(sizeof(AllocatorState) == 32, "");
|
|
|
176 static_assert(offsetof(AllocatorState, FailureAddress) == 28, "");
|
|
|
177 static_assert(sizeof(AllocationMetadata) == 560, "");
|
|
|
178 static_assert(offsetof(AllocationMetadata, IsDeallocated) == 552, "");
|
|
|
179 #endif // defined($ARCHITECTURE)
|
|
|
180
|
|
150
|
181 } // namespace gwp_asan
|
|
|
182 #endif // GWP_ASAN_COMMON_H_
|
