//===-- asan_fake_stack.h ---------------------------------------*- C++ -*-===// // // Part of the LLVM Project, under the Apache License v2.0 with LLVM Exceptions. // See https://llvm.org/LICENSE.txt for license information. // SPDX-License-Identifier: Apache-2.0 WITH LLVM-exception // //===----------------------------------------------------------------------===// // // This file is a part of AddressSanitizer, an address sanity checker. // // ASan-private header for asan_fake_stack.cpp, implements FakeStack. //===----------------------------------------------------------------------===// #ifndef ASAN_FAKE_STACK_H #define ASAN_FAKE_STACK_H #include "sanitizer_common/sanitizer_common.h" namespace __asan { // Fake stack frame contains local variables of one function. struct FakeFrame { … }; // For each thread we create a fake stack and place stack objects on this fake // stack instead of the real stack. The fake stack is not really a stack but // a fast malloc-like allocator so that when a function exits the fake stack // is not popped but remains there for quite some time until gets used again. // So, we poison the objects on the fake stack when function returns. // It helps us find use-after-return bugs. // // The FakeStack objects is allocated by a single mmap call and has no other // pointers. The size of the fake stack depends on the actual thread stack size // and thus can not be a constant. // stack_size is a power of two greater or equal to the thread's stack size; // we store it as its logarithm (stack_size_log). // FakeStack has kNumberOfSizeClasses (11) size classes, each size class // is a power of two, starting from 64 bytes. Each size class occupies // stack_size bytes and thus can allocate // NumberOfFrames=(stack_size/BytesInSizeClass) fake frames (also a power of 2). // For each size class we have NumberOfFrames allocation flags, // each flag indicates whether the given frame is currently allocated. // All flags for size classes 0 .. 10 are stored in a single contiguous region // followed by another contiguous region which contains the actual memory for // size classes. The addresses are computed by GetFlags and GetFrame without // any memory accesses solely based on 'this' and stack_size_log. // Allocate() flips the appropriate allocation flag atomically, thus achieving // async-signal safety. // This allocator does not have quarantine per se, but it tries to allocate the // frames in round robin fashion to maximize the delay between a deallocation // and the next allocation. class FakeStack { … }; FakeStack *GetTLSFakeStack(); void SetTLSFakeStack(FakeStack *fs); } // namespace __asan #endif // ASAN_FAKE_STACK_H
Codebase Browser
llvm