Blame - lib/asan/asan_allocator.cc - platform/external/compiler-rt

blob: 352cce00fbee1ce713e7fc9f3275e1d401bb8a79 [file] [log] [blame]

Alexey Samsonov	e5f5895	2012-06-04 13:50:10 +0000	[diff] [blame]	1	//===-- asan_allocator.cc -------------------------------------------------===//
Kostya Serebryany	1e172b4	2011-11-30 01:07:02 +0000	[diff] [blame]	2	//
				3	// The LLVM Compiler Infrastructure
				4	//
				5	// This file is distributed under the University of Illinois Open Source
				6	// License. See LICENSE.TXT for details.
				7	//
				8	//===----------------------------------------------------------------------===//
				9	//
				10	// This file is a part of AddressSanitizer, an address sanity checker.
				11	//
				12	// Implementation of ASan's memory allocator.
				13	// Evey piece of memory (AsanChunk) allocated by the allocator
				14	// has a left redzone of REDZONE bytes and
				15	// a right redzone such that the end of the chunk is aligned by REDZONE
				16	// (i.e. the right redzone is between 0 and REDZONE-1).
				17	// The left redzone is always poisoned.
				18	// The right redzone is poisoned on malloc, the body is poisoned on free.
				19	// Once freed, a chunk is moved to a quarantine (fifo list).
				20	// After quarantine, a chunk is returned to freelists.
				21	//
				22	// The left redzone contains ASan's internal data and the stack trace of
				23	// the malloc call.
				24	// Once freed, the body of the chunk contains the stack trace of the free call.
				25	//
				26	//===----------------------------------------------------------------------===//
				27
				28	#include "asan_allocator.h"
				29	#include "asan_interceptors.h"
				30	#include "asan_interface.h"
				31	#include "asan_internal.h"
				32	#include "asan_lock.h"
				33	#include "asan_mapping.h"
				34	#include "asan_stats.h"
				35	#include "asan_thread.h"
				36	#include "asan_thread_registry.h"
Dmitry Vyukov	fce5bd4	2012-06-29 16:58:33 +0000	[diff] [blame]	37	#include "sanitizer_common/sanitizer_atomic.h"
Kostya Serebryany	1e172b4	2011-11-30 01:07:02 +0000	[diff] [blame]	38
Timur Iskhodzhanov	8c505ef	2012-05-21 14:25:36 +0000	[diff] [blame]	39	#if defined(_WIN32) && !defined(__clang__)
Kostya Serebryany	8582208	2012-01-30 20:55:02 +0000	[diff] [blame]	40	#include <intrin.h>
				41	#endif
				42
Kostya Serebryany	1e172b4	2011-11-30 01:07:02 +0000	[diff] [blame]	43	namespace __asan {
				44
Alexey Samsonov	63201b1	2012-07-23 09:11:58 +0000	[diff] [blame^]	45	#define REDZONE ((uptr)(flags()->redzone))
Kostya Serebryany	3f4c387	2012-05-31 14:35:53 +0000	[diff] [blame]	46	static const uptr kMinAllocSize = REDZONE * 2;
Kostya Serebryany	ee39255	2012-05-31 15:02:07 +0000	[diff] [blame]	47	static const u64 kMaxAvailableRam = 128ULL << 30; // 128G
Kostya Serebryany	3f4c387	2012-05-31 14:35:53 +0000	[diff] [blame]	48	static const uptr kMaxThreadLocalQuarantine = 1 << 20; // 1M
Evgeniy Stepanov	788e1d7	2012-02-16 13:35:11 +0000	[diff] [blame]	49
Kostya Serebryany	3f4c387	2012-05-31 14:35:53 +0000	[diff] [blame]	50	static const uptr kMinMmapSize = (ASAN_LOW_MEMORY) ? 4UL << 17 : 4UL << 20;
				51	static const uptr kMaxSizeForThreadLocalFreeList =
Evgeniy Stepanov	8ae44ac	2012-02-27 13:07:29 +0000	[diff] [blame]	52	(ASAN_LOW_MEMORY) ? 1 << 15 : 1 << 17;
Kostya Serebryany	1e172b4	2011-11-30 01:07:02 +0000	[diff] [blame]	53
				54	// Size classes less than kMallocSizeClassStep are powers of two.
				55	// All other size classes are multiples of kMallocSizeClassStep.
Kostya Serebryany	3f4c387	2012-05-31 14:35:53 +0000	[diff] [blame]	56	static const uptr kMallocSizeClassStepLog = 26;
				57	static const uptr kMallocSizeClassStep = 1UL << kMallocSizeClassStepLog;
Kostya Serebryany	1e172b4	2011-11-30 01:07:02 +0000	[diff] [blame]	58
Kostya Serebryany	9aead37	2012-05-31 14:11:07 +0000	[diff] [blame]	59	static const uptr kMaxAllowedMallocSize =
Evgeniy Stepanov	8ae44ac	2012-02-27 13:07:29 +0000	[diff] [blame]	60	(__WORDSIZE == 32) ? 3UL << 30 : 8UL << 30;
Kostya Serebryany	1e172b4	2011-11-30 01:07:02 +0000	[diff] [blame]	61
Kostya Serebryany	3f4c387	2012-05-31 14:35:53 +0000	[diff] [blame]	62	static inline bool IsAligned(uptr a, uptr alignment) {
Kostya Serebryany	1e172b4	2011-11-30 01:07:02 +0000	[diff] [blame]	63	return (a & (alignment - 1)) == 0;
				64	}
				65
Kostya Serebryany	3f4c387	2012-05-31 14:35:53 +0000	[diff] [blame]	66	static inline uptr Log2(uptr x) {
Kostya Serebryany	1e172b4	2011-11-30 01:07:02 +0000	[diff] [blame]	67	CHECK(IsPowerOfTwo(x));
Timur Iskhodzhanov	8c505ef	2012-05-21 14:25:36 +0000	[diff] [blame]	68	#if !defined(_WIN32) \|\| defined(__clang__)
				69	return __builtin_ctzl(x);
				70	#elif defined(_WIN64)
Alexander Potapenko	6f04529	2012-01-27 15:15:04 +0000	[diff] [blame]	71	unsigned long ret; // NOLINT
				72	_BitScanForward64(&ret, x);
				73	return ret;
Timur Iskhodzhanov	8c505ef	2012-05-21 14:25:36 +0000	[diff] [blame]	74	#else
Alexander Potapenko	6f04529	2012-01-27 15:15:04 +0000	[diff] [blame]	75	unsigned long ret; // NOLINT
				76	_BitScanForward(&ret, x);
				77	return ret;
Alexander Potapenko	6f04529	2012-01-27 15:15:04 +0000	[diff] [blame]	78	#endif
				79	}
				80
Kostya Serebryany	3f4c387	2012-05-31 14:35:53 +0000	[diff] [blame]	81	static inline uptr RoundUpToPowerOfTwo(uptr size) {
Kostya Serebryany	1e172b4	2011-11-30 01:07:02 +0000	[diff] [blame]	82	CHECK(size);
				83	if (IsPowerOfTwo(size)) return size;
Alexander Potapenko	6f04529	2012-01-27 15:15:04 +0000	[diff] [blame]	84
Alexey Samsonov	f927ddc	2012-02-03 08:50:16 +0000	[diff] [blame]	85	unsigned long up; // NOLINT
Timur Iskhodzhanov	8c505ef	2012-05-21 14:25:36 +0000	[diff] [blame]	86	#if !defined(_WIN32) \|\| defined(__clang__)
Alexey Samsonov	f927ddc	2012-02-03 08:50:16 +0000	[diff] [blame]	87	up = __WORDSIZE - 1 - __builtin_clzl(size);
Timur Iskhodzhanov	8c505ef	2012-05-21 14:25:36 +0000	[diff] [blame]	88	#elif defined(_WIN64)
				89	_BitScanReverse64(&up, size);
				90	#else
				91	_BitScanReverse(&up, size);
Alexey Samsonov	f927ddc	2012-02-03 08:50:16 +0000	[diff] [blame]	92	#endif
				93	CHECK(size < (1ULL << (up + 1)));
				94	CHECK(size > (1ULL << up));
				95	return 1UL << (up + 1);
Kostya Serebryany	1e172b4	2011-11-30 01:07:02 +0000	[diff] [blame]	96	}
				97
Kostya Serebryany	ee39255	2012-05-31 15:02:07 +0000	[diff] [blame]	98	static inline uptr SizeClassToSize(u8 size_class) {
Kostya Serebryany	1e172b4	2011-11-30 01:07:02 +0000	[diff] [blame]	99	CHECK(size_class < kNumberOfSizeClasses);
				100	if (size_class <= kMallocSizeClassStepLog) {
				101	return 1UL << size_class;
				102	} else {
				103	return (size_class - kMallocSizeClassStepLog) * kMallocSizeClassStep;
				104	}
				105	}
				106
Kostya Serebryany	ee39255	2012-05-31 15:02:07 +0000	[diff] [blame]	107	static inline u8 SizeToSizeClass(uptr size) {
				108	u8 res = 0;
Kostya Serebryany	1e172b4	2011-11-30 01:07:02 +0000	[diff] [blame]	109	if (size <= kMallocSizeClassStep) {
Kostya Serebryany	3f4c387	2012-05-31 14:35:53 +0000	[diff] [blame]	110	uptr rounded = RoundUpToPowerOfTwo(size);
Kostya Serebryany	1e172b4	2011-11-30 01:07:02 +0000	[diff] [blame]	111	res = Log2(rounded);
				112	} else {
				113	res = ((size + kMallocSizeClassStep - 1) / kMallocSizeClassStep)
				114	+ kMallocSizeClassStepLog;
				115	}
				116	CHECK(res < kNumberOfSizeClasses);
				117	CHECK(size <= SizeClassToSize(res));
				118	return res;
				119	}
				120
Kostya Serebryany	1e172b4	2011-11-30 01:07:02 +0000	[diff] [blame]	121	// Given REDZONE bytes, we need to mark first size bytes
				122	// as addressable and the rest REDZONE-size bytes as unaddressable.
Kostya Serebryany	3f4c387	2012-05-31 14:35:53 +0000	[diff] [blame]	123	static void PoisonHeapPartialRightRedzone(uptr mem, uptr size) {
Kostya Serebryany	1e172b4	2011-11-30 01:07:02 +0000	[diff] [blame]	124	CHECK(size <= REDZONE);
				125	CHECK(IsAligned(mem, REDZONE));
				126	CHECK(IsPowerOfTwo(SHADOW_GRANULARITY));
				127	CHECK(IsPowerOfTwo(REDZONE));
				128	CHECK(REDZONE >= SHADOW_GRANULARITY);
Kostya Serebryany	218a9b7	2011-11-30 18:50:23 +0000	[diff] [blame]	129	PoisonShadowPartialRightRedzone(mem, size, REDZONE,
Kostya Serebryany	1e172b4	2011-11-30 01:07:02 +0000	[diff] [blame]	130	kAsanHeapRightRedzoneMagic);
				131	}
				132
Kostya Serebryany	ee39255	2012-05-31 15:02:07 +0000	[diff] [blame]	133	static u8 *MmapNewPagesAndPoisonShadow(uptr size) {
Kostya Serebryany	1e172b4	2011-11-30 01:07:02 +0000	[diff] [blame]	134	CHECK(IsAligned(size, kPageSize));
Alexey Samsonov	a25b346	2012-06-06 16:15:07 +0000	[diff] [blame]	135	u8 res = (u8)MmapOrDie(size, __FUNCTION__);
Kostya Serebryany	3f4c387	2012-05-31 14:35:53 +0000	[diff] [blame]	136	PoisonShadow((uptr)res, size, kAsanHeapLeftRedzoneMagic);
Alexey Samsonov	cb8c4dc	2012-07-09 14:36:04 +0000	[diff] [blame]	137	if (flags()->debug) {
Kostya Serebryany	1e172b4	2011-11-30 01:07:02 +0000	[diff] [blame]	138	Printf("ASAN_MMAP: [%p, %p)\n", res, res + size);
				139	}
				140	return res;
				141	}
				142
				143	// Every chunk of memory allocated by this allocator can be in one of 3 states:
				144	// CHUNK_AVAILABLE: the chunk is in the free list and ready to be allocated.
				145	// CHUNK_ALLOCATED: the chunk is allocated and not yet freed.
				146	// CHUNK_QUARANTINE: the chunk was freed and put into quarantine zone.
				147	//
				148	// The pseudo state CHUNK_MEMALIGN is used to mark that the address is not
Kostya Serebryany	1607160	2012-06-06 16:58:21 +0000	[diff] [blame]	149	// the beginning of a AsanChunk (in which the actual chunk resides at
				150	// this - this->used_size).
Kostya Serebryany	1e172b4	2011-11-30 01:07:02 +0000	[diff] [blame]	151	//
				152	// The magic numbers for the enum values are taken randomly.
				153	enum {
Kostya Serebryany	7ebac95	2012-06-06 14:46:38 +0000	[diff] [blame]	154	CHUNK_AVAILABLE = 0x57,
				155	CHUNK_ALLOCATED = 0x32,
				156	CHUNK_QUARANTINE = 0x19,
Alexey Samsonov	b4fefa7	2012-06-28 08:27:24 +0000	[diff] [blame]	157	CHUNK_MEMALIGN = 0xDC
Kostya Serebryany	1e172b4	2011-11-30 01:07:02 +0000	[diff] [blame]	158	};
				159
				160	struct ChunkBase {
Kostya Serebryany	6dc48dd	2012-06-06 16:33:46 +0000	[diff] [blame]	161	// First 8 bytes.
Kostya Serebryany	f4a4d5a	2012-06-06 15:30:55 +0000	[diff] [blame]	162	uptr chunk_state : 8;
Kostya Serebryany	f4a4d5a	2012-06-06 15:30:55 +0000	[diff] [blame]	163	uptr alloc_tid : 24;
Dmitry Vyukov	fce5bd4	2012-06-29 16:58:33 +0000	[diff] [blame]	164	uptr size_class : 8;
Kostya Serebryany	f4a4d5a	2012-06-06 15:30:55 +0000	[diff] [blame]	165	uptr free_tid : 24;
Kostya Serebryany	6dc48dd	2012-06-06 16:33:46 +0000	[diff] [blame]	166
				167	// Second 8 bytes.
				168	uptr alignment_log : 8;
				169	uptr used_size : FIRST_32_SECOND_64(32, 56); // Size requested by the user.
				170
Kostya Serebryany	1607160	2012-06-06 16:58:21 +0000	[diff] [blame]	171	// This field may overlap with the user area and thus should not
				172	// be used while the chunk is in CHUNK_ALLOCATED state.
Kostya Serebryany	1e172b4	2011-11-30 01:07:02 +0000	[diff] [blame]	173	AsanChunk *next;
				174
Kostya Serebryany	6dc48dd	2012-06-06 16:33:46 +0000	[diff] [blame]	175	// Typically the beginning of the user-accessible memory is 'this'+REDZONE
				176	// and is also aligned by REDZONE. However, if the memory is allocated
				177	// by memalign, the alignment might be higher and the user-accessible memory
Kostya Serebryany	0334fc8	2012-06-07 09:15:48 +0000	[diff] [blame]	178	// starts at the first properly aligned address after 'this'.
				179	uptr Beg() { return RoundUpTo((uptr)this + 1, 1 << alignment_log); }
Kostya Serebryany	3f4c387	2012-05-31 14:35:53 +0000	[diff] [blame]	180	uptr Size() { return SizeClassToSize(size_class); }
Kostya Serebryany	ee39255	2012-05-31 15:02:07 +0000	[diff] [blame]	181	u8 SizeClass() { return size_class; }
Kostya Serebryany	1e172b4	2011-11-30 01:07:02 +0000	[diff] [blame]	182	};
				183
				184	struct AsanChunk: public ChunkBase {
Kostya Serebryany	ee39255	2012-05-31 15:02:07 +0000	[diff] [blame]	185	u32 *compressed_alloc_stack() {
Kostya Serebryany	ee39255	2012-05-31 15:02:07 +0000	[diff] [blame]	186	return (u32*)((uptr)this + sizeof(ChunkBase));
Kostya Serebryany	1e172b4	2011-11-30 01:07:02 +0000	[diff] [blame]	187	}
Kostya Serebryany	ee39255	2012-05-31 15:02:07 +0000	[diff] [blame]	188	u32 *compressed_free_stack() {
Alexey Samsonov	cb8c4dc	2012-07-09 14:36:04 +0000	[diff] [blame]	189	return (u32*)((uptr)this + Max((uptr)REDZONE, (uptr)sizeof(ChunkBase)));
Kostya Serebryany	1e172b4	2011-11-30 01:07:02 +0000	[diff] [blame]	190	}
				191
				192	// The left redzone after the ChunkBase is given to the alloc stack trace.
Kostya Serebryany	3f4c387	2012-05-31 14:35:53 +0000	[diff] [blame]	193	uptr compressed_alloc_stack_size() {
Kostya Serebryany	0334fc8	2012-06-07 09:15:48 +0000	[diff] [blame]	194	if (REDZONE < sizeof(ChunkBase)) return 0;
Kostya Serebryany	ee39255	2012-05-31 15:02:07 +0000	[diff] [blame]	195	return (REDZONE - sizeof(ChunkBase)) / sizeof(u32);
Kostya Serebryany	1e172b4	2011-11-30 01:07:02 +0000	[diff] [blame]	196	}
Kostya Serebryany	3f4c387	2012-05-31 14:35:53 +0000	[diff] [blame]	197	uptr compressed_free_stack_size() {
Kostya Serebryany	0334fc8	2012-06-07 09:15:48 +0000	[diff] [blame]	198	if (REDZONE < sizeof(ChunkBase)) return 0;
Kostya Serebryany	ee39255	2012-05-31 15:02:07 +0000	[diff] [blame]	199	return (REDZONE) / sizeof(u32);
Kostya Serebryany	1e172b4	2011-11-30 01:07:02 +0000	[diff] [blame]	200	}
				201
Kostya Serebryany	3f4c387	2012-05-31 14:35:53 +0000	[diff] [blame]	202	bool AddrIsInside(uptr addr, uptr access_size, uptr *offset) {
Kostya Serebryany	6dc48dd	2012-06-06 16:33:46 +0000	[diff] [blame]	203	if (addr >= Beg() && (addr + access_size) <= (Beg() + used_size)) {
				204	*offset = addr - Beg();
Kostya Serebryany	1e172b4	2011-11-30 01:07:02 +0000	[diff] [blame]	205	return true;
				206	}
				207	return false;
				208	}
				209
Kostya Serebryany	3f4c387	2012-05-31 14:35:53 +0000	[diff] [blame]	210	bool AddrIsAtLeft(uptr addr, uptr access_size, uptr *offset) {
Kostya Serebryany	6dc48dd	2012-06-06 16:33:46 +0000	[diff] [blame]	211	if (addr < Beg()) {
				212	*offset = Beg() - addr;
Kostya Serebryany	1e172b4	2011-11-30 01:07:02 +0000	[diff] [blame]	213	return true;
				214	}
				215	return false;
				216	}
				217
Kostya Serebryany	3f4c387	2012-05-31 14:35:53 +0000	[diff] [blame]	218	bool AddrIsAtRight(uptr addr, uptr access_size, uptr *offset) {
Kostya Serebryany	6dc48dd	2012-06-06 16:33:46 +0000	[diff] [blame]	219	if (addr + access_size >= Beg() + used_size) {
				220	if (addr <= Beg() + used_size)
Kostya Serebryany	1e172b4	2011-11-30 01:07:02 +0000	[diff] [blame]	221	*offset = 0;
				222	else
Kostya Serebryany	6dc48dd	2012-06-06 16:33:46 +0000	[diff] [blame]	223	*offset = addr - (Beg() + used_size);
Kostya Serebryany	1e172b4	2011-11-30 01:07:02 +0000	[diff] [blame]	224	return true;
				225	}
				226	return false;
				227	}
				228
Kostya Serebryany	3f4c387	2012-05-31 14:35:53 +0000	[diff] [blame]	229	void DescribeAddress(uptr addr, uptr access_size) {
				230	uptr offset;
Alexey Samsonov	e954101	2012-06-06 13:11:29 +0000	[diff] [blame]	231	AsanPrintf("%p is located ", (void*)addr);
Kostya Serebryany	1e172b4	2011-11-30 01:07:02 +0000	[diff] [blame]	232	if (AddrIsInside(addr, access_size, &offset)) {
Alexey Samsonov	e954101	2012-06-06 13:11:29 +0000	[diff] [blame]	233	AsanPrintf("%zu bytes inside of", offset);
Kostya Serebryany	1e172b4	2011-11-30 01:07:02 +0000	[diff] [blame]	234	} else if (AddrIsAtLeft(addr, access_size, &offset)) {
Alexey Samsonov	e954101	2012-06-06 13:11:29 +0000	[diff] [blame]	235	AsanPrintf("%zu bytes to the left of", offset);
Kostya Serebryany	1e172b4	2011-11-30 01:07:02 +0000	[diff] [blame]	236	} else if (AddrIsAtRight(addr, access_size, &offset)) {
Alexey Samsonov	e954101	2012-06-06 13:11:29 +0000	[diff] [blame]	237	AsanPrintf("%zu bytes to the right of", offset);
Kostya Serebryany	1e172b4	2011-11-30 01:07:02 +0000	[diff] [blame]	238	} else {
Alexey Samsonov	e954101	2012-06-06 13:11:29 +0000	[diff] [blame]	239	AsanPrintf(" somewhere around (this is AddressSanitizer bug!)");
Kostya Serebryany	1e172b4	2011-11-30 01:07:02 +0000	[diff] [blame]	240	}
Alexey Samsonov	e954101	2012-06-06 13:11:29 +0000	[diff] [blame]	241	AsanPrintf(" %zu-byte region [%p,%p)\n",
Kostya Serebryany	6dc48dd	2012-06-06 16:33:46 +0000	[diff] [blame]	242	used_size, (void)Beg(), (void)(Beg() + used_size));
Kostya Serebryany	1e172b4	2011-11-30 01:07:02 +0000	[diff] [blame]	243	}
				244	};
				245
Kostya Serebryany	3f4c387	2012-05-31 14:35:53 +0000	[diff] [blame]	246	static AsanChunk *PtrToChunk(uptr ptr) {
Kostya Serebryany	1e172b4	2011-11-30 01:07:02 +0000	[diff] [blame]	247	AsanChunk m = (AsanChunk)(ptr - REDZONE);
				248	if (m->chunk_state == CHUNK_MEMALIGN) {
Kostya Serebryany	1607160	2012-06-06 16:58:21 +0000	[diff] [blame]	249	m = (AsanChunk*)((uptr)m - m->used_size);
Kostya Serebryany	1e172b4	2011-11-30 01:07:02 +0000	[diff] [blame]	250	}
				251	return m;
				252	}
				253
				254
				255	void AsanChunkFifoList::PushList(AsanChunkFifoList *q) {
Alexey Samsonov	e046066	2012-02-27 09:06:10 +0000	[diff] [blame]	256	CHECK(q->size() > 0);
Kostya Serebryany	1e172b4	2011-11-30 01:07:02 +0000	[diff] [blame]	257	if (last_) {
				258	CHECK(first_);
				259	CHECK(!last_->next);
				260	last_->next = q->first_;
				261	last_ = q->last_;
				262	} else {
				263	CHECK(!first_);
				264	last_ = q->last_;
				265	first_ = q->first_;
Alexey Samsonov	e046066	2012-02-27 09:06:10 +0000	[diff] [blame]	266	CHECK(first_);
Kostya Serebryany	1e172b4	2011-11-30 01:07:02 +0000	[diff] [blame]	267	}
Alexey Samsonov	e046066	2012-02-27 09:06:10 +0000	[diff] [blame]	268	CHECK(last_);
				269	CHECK(!last_->next);
Kostya Serebryany	1e172b4	2011-11-30 01:07:02 +0000	[diff] [blame]	270	size_ += q->size();
				271	q->clear();
				272	}
				273
				274	void AsanChunkFifoList::Push(AsanChunk *n) {
Kostya Serebryany	3f4c387	2012-05-31 14:35:53 +0000	[diff] [blame]	275	CHECK(n->next == 0);
Kostya Serebryany	1e172b4	2011-11-30 01:07:02 +0000	[diff] [blame]	276	if (last_) {
				277	CHECK(first_);
				278	CHECK(!last_->next);
				279	last_->next = n;
				280	last_ = n;
				281	} else {
				282	CHECK(!first_);
				283	last_ = first_ = n;
				284	}
				285	size_ += n->Size();
				286	}
				287
				288	// Interesting performance observation: this function takes up to 15% of overal
				289	// allocator time. That's because *first_ has been evicted from cache long time
				290	// ago. Not sure if we can or want to do anything with this.
				291	AsanChunk *AsanChunkFifoList::Pop() {
				292	CHECK(first_);
				293	AsanChunk *res = first_;
				294	first_ = first_->next;
Kostya Serebryany	3f4c387	2012-05-31 14:35:53 +0000	[diff] [blame]	295	if (first_ == 0)
				296	last_ = 0;
Kostya Serebryany	1e172b4	2011-11-30 01:07:02 +0000	[diff] [blame]	297	CHECK(size_ >= res->Size());
				298	size_ -= res->Size();
				299	if (last_) {
				300	CHECK(!last_->next);
				301	}
				302	return res;
				303	}
				304
				305	// All pages we ever allocated.
				306	struct PageGroup {
Kostya Serebryany	3f4c387	2012-05-31 14:35:53 +0000	[diff] [blame]	307	uptr beg;
				308	uptr end;
				309	uptr size_of_chunk;
				310	uptr last_chunk;
				311	bool InRange(uptr addr) {
Kostya Serebryany	1e172b4	2011-11-30 01:07:02 +0000	[diff] [blame]	312	return addr >= beg && addr < end;
				313	}
				314	};
				315
				316	class MallocInfo {
				317	public:
				318
				319	explicit MallocInfo(LinkerInitialized x) : mu_(x) { }
				320
Kostya Serebryany	ee39255	2012-05-31 15:02:07 +0000	[diff] [blame]	321	AsanChunk *AllocateChunks(u8 size_class, uptr n_chunks) {
Kostya Serebryany	3f4c387	2012-05-31 14:35:53 +0000	[diff] [blame]	322	AsanChunk *m = 0;
Kostya Serebryany	1e172b4	2011-11-30 01:07:02 +0000	[diff] [blame]	323	AsanChunk **fl = &free_lists_[size_class];
				324	{
				325	ScopedLock lock(&mu_);
Kostya Serebryany	3f4c387	2012-05-31 14:35:53 +0000	[diff] [blame]	326	for (uptr i = 0; i < n_chunks; i++) {
Kostya Serebryany	1e172b4	2011-11-30 01:07:02 +0000	[diff] [blame]	327	if (!(*fl)) {
				328	*fl = GetNewChunks(size_class);
				329	}
				330	AsanChunk t = fl;
				331	*fl = t->next;
				332	t->next = m;
				333	CHECK(t->chunk_state == CHUNK_AVAILABLE);
				334	m = t;
				335	}
				336	}
				337	return m;
				338	}
				339
				340	void SwallowThreadLocalMallocStorage(AsanThreadLocalMallocStorage *x,
				341	bool eat_free_lists) {
Alexey Samsonov	cb8c4dc	2012-07-09 14:36:04 +0000	[diff] [blame]	342	CHECK(flags()->quarantine_size > 0);
Kostya Serebryany	1e172b4	2011-11-30 01:07:02 +0000	[diff] [blame]	343	ScopedLock lock(&mu_);
				344	AsanChunkFifoList *q = &x->quarantine_;
				345	if (q->size() > 0) {
				346	quarantine_.PushList(q);
Alexey Samsonov	63201b1	2012-07-23 09:11:58 +0000	[diff] [blame^]	347	while (quarantine_.size() > (uptr)flags()->quarantine_size) {
Kostya Serebryany	1e172b4	2011-11-30 01:07:02 +0000	[diff] [blame]	348	QuarantinePop();
				349	}
				350	}
				351	if (eat_free_lists) {
Kostya Serebryany	3f4c387	2012-05-31 14:35:53 +0000	[diff] [blame]	352	for (uptr size_class = 0; size_class < kNumberOfSizeClasses;
Kostya Serebryany	1e172b4	2011-11-30 01:07:02 +0000	[diff] [blame]	353	size_class++) {
				354	AsanChunk *m = x->free_lists_[size_class];
				355	while (m) {
				356	AsanChunk *t = m->next;
				357	m->next = free_lists_[size_class];
				358	free_lists_[size_class] = m;
				359	m = t;
				360	}
				361	x->free_lists_[size_class] = 0;
				362	}
				363	}
				364	}
				365
				366	void BypassThreadLocalQuarantine(AsanChunk *chunk) {
				367	ScopedLock lock(&mu_);
				368	quarantine_.Push(chunk);
				369	}
				370
Kostya Serebryany	3f4c387	2012-05-31 14:35:53 +0000	[diff] [blame]	371	AsanChunk *FindMallocedOrFreed(uptr addr, uptr access_size) {
Kostya Serebryany	1e172b4	2011-11-30 01:07:02 +0000	[diff] [blame]	372	ScopedLock lock(&mu_);
				373	return FindChunkByAddr(addr);
				374	}
				375
Kostya Serebryany	3f4c387	2012-05-31 14:35:53 +0000	[diff] [blame]	376	uptr AllocationSize(uptr ptr) {
Alexey Samsonov	ca2278d	2012-01-18 15:26:55 +0000	[diff] [blame]	377	if (!ptr) return 0;
Kostya Serebryany	1e172b4	2011-11-30 01:07:02 +0000	[diff] [blame]	378	ScopedLock lock(&mu_);
				379
				380	// first, check if this is our memory
				381	PageGroup *g = FindPageGroupUnlocked(ptr);
				382	if (!g) return 0;
				383	AsanChunk *m = PtrToChunk(ptr);
				384	if (m->chunk_state == CHUNK_ALLOCATED) {
				385	return m->used_size;
				386	} else {
				387	return 0;
				388	}
				389	}
				390
				391	void ForceLock() {
				392	mu_.Lock();
				393	}
				394
				395	void ForceUnlock() {
				396	mu_.Unlock();
				397	}
				398
				399	void PrintStatus() {
				400	ScopedLock lock(&mu_);
Kostya Serebryany	3f4c387	2012-05-31 14:35:53 +0000	[diff] [blame]	401	uptr malloced = 0;
Kostya Serebryany	1e172b4	2011-11-30 01:07:02 +0000	[diff] [blame]	402
Evgeniy Stepanov	739eb79	2012-03-21 11:32:46 +0000	[diff] [blame]	403	Printf(" MallocInfo: in quarantine: %zu malloced: %zu; ",
Kostya Serebryany	1e172b4	2011-11-30 01:07:02 +0000	[diff] [blame]	404	quarantine_.size() >> 20, malloced >> 20);
Kostya Serebryany	3f4c387	2012-05-31 14:35:53 +0000	[diff] [blame]	405	for (uptr j = 1; j < kNumberOfSizeClasses; j++) {
Kostya Serebryany	1e172b4	2011-11-30 01:07:02 +0000	[diff] [blame]	406	AsanChunk *i = free_lists_[j];
				407	if (!i) continue;
Kostya Serebryany	3f4c387	2012-05-31 14:35:53 +0000	[diff] [blame]	408	uptr t = 0;
Kostya Serebryany	1e172b4	2011-11-30 01:07:02 +0000	[diff] [blame]	409	for (; i; i = i->next) {
				410	t += i->Size();
				411	}
Evgeniy Stepanov	739eb79	2012-03-21 11:32:46 +0000	[diff] [blame]	412	Printf("%zu:%zu ", j, t >> 20);
Kostya Serebryany	1e172b4	2011-11-30 01:07:02 +0000	[diff] [blame]	413	}
				414	Printf("\n");
				415	}
				416
Kostya Serebryany	3f4c387	2012-05-31 14:35:53 +0000	[diff] [blame]	417	PageGroup *FindPageGroup(uptr addr) {
Kostya Serebryany	1e172b4	2011-11-30 01:07:02 +0000	[diff] [blame]	418	ScopedLock lock(&mu_);
				419	return FindPageGroupUnlocked(addr);
				420	}
				421
				422	private:
Kostya Serebryany	3f4c387	2012-05-31 14:35:53 +0000	[diff] [blame]	423	PageGroup *FindPageGroupUnlocked(uptr addr) {
Dmitry Vyukov	fce5bd4	2012-06-29 16:58:33 +0000	[diff] [blame]	424	int n = atomic_load(&n_page_groups_, memory_order_relaxed);
Kostya Serebryany	25c7178	2012-03-10 01:30:01 +0000	[diff] [blame]	425	// If the page groups are not sorted yet, sort them.
Alexey Samsonov	9bdf065	2012-03-13 06:46:32 +0000	[diff] [blame]	426	if (n_sorted_page_groups_ < n) {
Kostya Serebryany	3f4c387	2012-05-31 14:35:53 +0000	[diff] [blame]	427	SortArray((uptr*)page_groups_, n);
Alexey Samsonov	9bdf065	2012-03-13 06:46:32 +0000	[diff] [blame]	428	n_sorted_page_groups_ = n;
Kostya Serebryany	25c7178	2012-03-10 01:30:01 +0000	[diff] [blame]	429	}
Alexey Samsonov	9bdf065	2012-03-13 06:46:32 +0000	[diff] [blame]	430	// Binary search over the page groups.
Kostya Serebryany	25c7178	2012-03-10 01:30:01 +0000	[diff] [blame]	431	int beg = 0, end = n;
				432	while (beg < end) {
				433	int med = (beg + end) / 2;
Kostya Serebryany	3f4c387	2012-05-31 14:35:53 +0000	[diff] [blame]	434	uptr g = (uptr)page_groups_[med];
Kostya Serebryany	25c7178	2012-03-10 01:30:01 +0000	[diff] [blame]	435	if (addr > g) {
				436	// 'g' points to the end of the group, so 'addr'
				437	// may not belong to page_groups_[med] or any previous group.
				438	beg = med + 1;
				439	} else {
				440	// 'addr' may belong to page_groups_[med] or a previous group.
				441	end = med;
Kostya Serebryany	1e172b4	2011-11-30 01:07:02 +0000	[diff] [blame]	442	}
				443	}
Kostya Serebryany	25c7178	2012-03-10 01:30:01 +0000	[diff] [blame]	444	if (beg >= n)
Kostya Serebryany	3f4c387	2012-05-31 14:35:53 +0000	[diff] [blame]	445	return 0;
Kostya Serebryany	25c7178	2012-03-10 01:30:01 +0000	[diff] [blame]	446	PageGroup *g = page_groups_[beg];
				447	CHECK(g);
				448	if (g->InRange(addr))
				449	return g;
Kostya Serebryany	3f4c387	2012-05-31 14:35:53 +0000	[diff] [blame]	450	return 0;
Kostya Serebryany	1e172b4	2011-11-30 01:07:02 +0000	[diff] [blame]	451	}
				452
				453	// We have an address between two chunks, and we want to report just one.
Kostya Serebryany	3f4c387	2012-05-31 14:35:53 +0000	[diff] [blame]	454	AsanChunk *ChooseChunk(uptr addr,
Kostya Serebryany	1e172b4	2011-11-30 01:07:02 +0000	[diff] [blame]	455	AsanChunk left_chunk, AsanChunk right_chunk) {
				456	// Prefer an allocated chunk or a chunk from quarantine.
				457	if (left_chunk->chunk_state == CHUNK_AVAILABLE &&
				458	right_chunk->chunk_state != CHUNK_AVAILABLE)
				459	return right_chunk;
				460	if (right_chunk->chunk_state == CHUNK_AVAILABLE &&
				461	left_chunk->chunk_state != CHUNK_AVAILABLE)
				462	return left_chunk;
				463	// Choose based on offset.
Kostya Serebryany	3f4c387	2012-05-31 14:35:53 +0000	[diff] [blame]	464	uptr l_offset = 0, r_offset = 0;
Kostya Serebryany	1e172b4	2011-11-30 01:07:02 +0000	[diff] [blame]	465	CHECK(left_chunk->AddrIsAtRight(addr, 1, &l_offset));
				466	CHECK(right_chunk->AddrIsAtLeft(addr, 1, &r_offset));
				467	if (l_offset < r_offset)
				468	return left_chunk;
				469	return right_chunk;
				470	}
				471
Kostya Serebryany	3f4c387	2012-05-31 14:35:53 +0000	[diff] [blame]	472	AsanChunk *FindChunkByAddr(uptr addr) {
Kostya Serebryany	1e172b4	2011-11-30 01:07:02 +0000	[diff] [blame]	473	PageGroup *g = FindPageGroupUnlocked(addr);
				474	if (!g) return 0;
				475	CHECK(g->size_of_chunk);
Kostya Serebryany	3f4c387	2012-05-31 14:35:53 +0000	[diff] [blame]	476	uptr offset_from_beg = addr - g->beg;
				477	uptr this_chunk_addr = g->beg +
Kostya Serebryany	1e172b4	2011-11-30 01:07:02 +0000	[diff] [blame]	478	(offset_from_beg / g->size_of_chunk) * g->size_of_chunk;
				479	CHECK(g->InRange(this_chunk_addr));
				480	AsanChunk m = (AsanChunk)this_chunk_addr;
				481	CHECK(m->chunk_state == CHUNK_ALLOCATED \|\|
				482	m->chunk_state == CHUNK_AVAILABLE \|\|
				483	m->chunk_state == CHUNK_QUARANTINE);
Kostya Serebryany	3f4c387	2012-05-31 14:35:53 +0000	[diff] [blame]	484	uptr offset = 0;
Kostya Serebryany	1e172b4	2011-11-30 01:07:02 +0000	[diff] [blame]	485	if (m->AddrIsInside(addr, 1, &offset))
				486	return m;
				487
				488	if (m->AddrIsAtRight(addr, 1, &offset)) {
				489	if (this_chunk_addr == g->last_chunk) // rightmost chunk
				490	return m;
Kostya Serebryany	3f4c387	2012-05-31 14:35:53 +0000	[diff] [blame]	491	uptr right_chunk_addr = this_chunk_addr + g->size_of_chunk;
Kostya Serebryany	1e172b4	2011-11-30 01:07:02 +0000	[diff] [blame]	492	CHECK(g->InRange(right_chunk_addr));
				493	return ChooseChunk(addr, m, (AsanChunk*)right_chunk_addr);
				494	} else {
				495	CHECK(m->AddrIsAtLeft(addr, 1, &offset));
				496	if (this_chunk_addr == g->beg) // leftmost chunk
				497	return m;
Kostya Serebryany	3f4c387	2012-05-31 14:35:53 +0000	[diff] [blame]	498	uptr left_chunk_addr = this_chunk_addr - g->size_of_chunk;
Kostya Serebryany	1e172b4	2011-11-30 01:07:02 +0000	[diff] [blame]	499	CHECK(g->InRange(left_chunk_addr));
				500	return ChooseChunk(addr, (AsanChunk*)left_chunk_addr, m);
				501	}
				502	}
				503
				504	void QuarantinePop() {
				505	CHECK(quarantine_.size() > 0);
				506	AsanChunk *m = quarantine_.Pop();
				507	CHECK(m);
				508	// if (F_v >= 2) Printf("MallocInfo::pop %p\n", m);
				509
				510	CHECK(m->chunk_state == CHUNK_QUARANTINE);
				511	m->chunk_state = CHUNK_AVAILABLE;
Kostya Serebryany	3f4c387	2012-05-31 14:35:53 +0000	[diff] [blame]	512	PoisonShadow((uptr)m, m->Size(), kAsanHeapLeftRedzoneMagic);
Kostya Serebryany	1e172b4	2011-11-30 01:07:02 +0000	[diff] [blame]	513	CHECK(m->alloc_tid >= 0);
				514	CHECK(m->free_tid >= 0);
				515
Kostya Serebryany	3f4c387	2012-05-31 14:35:53 +0000	[diff] [blame]	516	uptr size_class = m->SizeClass();
Kostya Serebryany	1e172b4	2011-11-30 01:07:02 +0000	[diff] [blame]	517	m->next = free_lists_[size_class];
				518	free_lists_[size_class] = m;
				519
Kostya Serebryany	3074314	2011-12-05 19:17:53 +0000	[diff] [blame]	520	// Statistics.
				521	AsanStats &thread_stats = asanThreadRegistry().GetCurrentThreadStats();
				522	thread_stats.real_frees++;
				523	thread_stats.really_freed += m->used_size;
				524	thread_stats.really_freed_redzones += m->Size() - m->used_size;
				525	thread_stats.really_freed_by_size[m->SizeClass()]++;
Kostya Serebryany	1e172b4	2011-11-30 01:07:02 +0000	[diff] [blame]	526	}
				527
				528	// Get a list of newly allocated chunks.
Kostya Serebryany	ee39255	2012-05-31 15:02:07 +0000	[diff] [blame]	529	AsanChunk *GetNewChunks(u8 size_class) {
Kostya Serebryany	3f4c387	2012-05-31 14:35:53 +0000	[diff] [blame]	530	uptr size = SizeClassToSize(size_class);
Kostya Serebryany	1e172b4	2011-11-30 01:07:02 +0000	[diff] [blame]	531	CHECK(IsPowerOfTwo(kMinMmapSize));
				532	CHECK(size < kMinMmapSize \|\| (size % kMinMmapSize) == 0);
Kostya Serebryany	3f4c387	2012-05-31 14:35:53 +0000	[diff] [blame]	533	uptr mmap_size = Max(size, kMinMmapSize);
				534	uptr n_chunks = mmap_size / size;
Kostya Serebryany	1e172b4	2011-11-30 01:07:02 +0000	[diff] [blame]	535	CHECK(n_chunks * size == mmap_size);
				536	if (size < kPageSize) {
				537	// Size is small, just poison the last chunk.
				538	n_chunks--;
				539	} else {
				540	// Size is large, allocate an extra page at right and poison it.
				541	mmap_size += kPageSize;
				542	}
				543	CHECK(n_chunks > 0);
Kostya Serebryany	ee39255	2012-05-31 15:02:07 +0000	[diff] [blame]	544	u8 *mem = MmapNewPagesAndPoisonShadow(mmap_size);
Kostya Serebryany	3074314	2011-12-05 19:17:53 +0000	[diff] [blame]	545
				546	// Statistics.
				547	AsanStats &thread_stats = asanThreadRegistry().GetCurrentThreadStats();
				548	thread_stats.mmaps++;
				549	thread_stats.mmaped += mmap_size;
				550	thread_stats.mmaped_by_size[size_class] += n_chunks;
				551
Kostya Serebryany	3f4c387	2012-05-31 14:35:53 +0000	[diff] [blame]	552	AsanChunk *res = 0;
				553	for (uptr i = 0; i < n_chunks; i++) {
Kostya Serebryany	1e172b4	2011-11-30 01:07:02 +0000	[diff] [blame]	554	AsanChunk m = (AsanChunk)(mem + i * size);
				555	m->chunk_state = CHUNK_AVAILABLE;
				556	m->size_class = size_class;
				557	m->next = res;
				558	res = m;
				559	}
				560	PageGroup pg = (PageGroup)(mem + n_chunks * size);
				561	// This memory is already poisoned, no need to poison it again.
Kostya Serebryany	3f4c387	2012-05-31 14:35:53 +0000	[diff] [blame]	562	pg->beg = (uptr)mem;
Kostya Serebryany	1e172b4	2011-11-30 01:07:02 +0000	[diff] [blame]	563	pg->end = pg->beg + mmap_size;
				564	pg->size_of_chunk = size;
Kostya Serebryany	3f4c387	2012-05-31 14:35:53 +0000	[diff] [blame]	565	pg->last_chunk = (uptr)(mem + size * (n_chunks - 1));
Dmitry Vyukov	fce5bd4	2012-06-29 16:58:33 +0000	[diff] [blame]	566	int idx = atomic_fetch_add(&n_page_groups_, 1, memory_order_relaxed);
				567	CHECK(idx < (int)ASAN_ARRAY_SIZE(page_groups_));
				568	page_groups_[idx] = pg;
Kostya Serebryany	1e172b4	2011-11-30 01:07:02 +0000	[diff] [blame]	569	return res;
				570	}
				571
				572	AsanChunk *free_lists_[kNumberOfSizeClasses];
				573	AsanChunkFifoList quarantine_;
				574	AsanLock mu_;
				575
				576	PageGroup *page_groups_[kMaxAvailableRam / kMinMmapSize];
Dmitry Vyukov	fce5bd4	2012-06-29 16:58:33 +0000	[diff] [blame]	577	atomic_uint32_t n_page_groups_;
Alexey Samsonov	9bdf065	2012-03-13 06:46:32 +0000	[diff] [blame]	578	int n_sorted_page_groups_;
Kostya Serebryany	1e172b4	2011-11-30 01:07:02 +0000	[diff] [blame]	579	};
				580
				581	static MallocInfo malloc_info(LINKER_INITIALIZED);
				582
				583	void AsanThreadLocalMallocStorage::CommitBack() {
				584	malloc_info.SwallowThreadLocalMallocStorage(this, true);
				585	}
				586
Kostya Serebryany	3f4c387	2012-05-31 14:35:53 +0000	[diff] [blame]	587	static void Describe(uptr addr, uptr access_size) {
Kostya Serebryany	1e172b4	2011-11-30 01:07:02 +0000	[diff] [blame]	588	AsanChunk *m = malloc_info.FindMallocedOrFreed(addr, access_size);
				589	if (!m) return;
				590	m->DescribeAddress(addr, access_size);
				591	CHECK(m->alloc_tid >= 0);
				592	AsanThreadSummary *alloc_thread =
				593	asanThreadRegistry().FindByTid(m->alloc_tid);
				594	AsanStackTrace alloc_stack;
				595	AsanStackTrace::UncompressStack(&alloc_stack, m->compressed_alloc_stack(),
				596	m->compressed_alloc_stack_size());
				597	AsanThread *t = asanThreadRegistry().GetCurrent();
				598	CHECK(t);
Kostya Serebryany	e0cff0b	2012-06-06 15:06:58 +0000	[diff] [blame]	599	if (m->free_tid != kInvalidTid) {
Kostya Serebryany	1e172b4	2011-11-30 01:07:02 +0000	[diff] [blame]	600	AsanThreadSummary *free_thread =
				601	asanThreadRegistry().FindByTid(m->free_tid);
Alexey Samsonov	e954101	2012-06-06 13:11:29 +0000	[diff] [blame]	602	AsanPrintf("freed by thread T%d here:\n", free_thread->tid());
Kostya Serebryany	1e172b4	2011-11-30 01:07:02 +0000	[diff] [blame]	603	AsanStackTrace free_stack;
				604	AsanStackTrace::UncompressStack(&free_stack, m->compressed_free_stack(),
				605	m->compressed_free_stack_size());
				606	free_stack.PrintStack();
Alexey Samsonov	e954101	2012-06-06 13:11:29 +0000	[diff] [blame]	607	AsanPrintf("previously allocated by thread T%d here:\n",
				608	alloc_thread->tid());
Kostya Serebryany	1e172b4	2011-11-30 01:07:02 +0000	[diff] [blame]	609
				610	alloc_stack.PrintStack();
				611	t->summary()->Announce();
				612	free_thread->Announce();
				613	alloc_thread->Announce();
				614	} else {
Alexey Samsonov	e954101	2012-06-06 13:11:29 +0000	[diff] [blame]	615	AsanPrintf("allocated by thread T%d here:\n", alloc_thread->tid());
Kostya Serebryany	1e172b4	2011-11-30 01:07:02 +0000	[diff] [blame]	616	alloc_stack.PrintStack();
				617	t->summary()->Announce();
				618	alloc_thread->Announce();
				619	}
				620	}
				621
Kostya Serebryany	ee39255	2012-05-31 15:02:07 +0000	[diff] [blame]	622	static u8 Allocate(uptr alignment, uptr size, AsanStackTrace stack) {
Kostya Serebryany	1e172b4	2011-11-30 01:07:02 +0000	[diff] [blame]	623	__asan_init();
				624	CHECK(stack);
				625	if (size == 0) {
				626	size = 1; // TODO(kcc): do something smarter
				627	}
				628	CHECK(IsPowerOfTwo(alignment));
Kostya Serebryany	3f4c387	2012-05-31 14:35:53 +0000	[diff] [blame]	629	uptr rounded_size = RoundUpTo(size, REDZONE);
				630	uptr needed_size = rounded_size + REDZONE;
Kostya Serebryany	1e172b4	2011-11-30 01:07:02 +0000	[diff] [blame]	631	if (alignment > REDZONE) {
				632	needed_size += alignment;
				633	}
				634	CHECK(IsAligned(needed_size, REDZONE));
				635	if (size > kMaxAllowedMallocSize \|\| needed_size > kMaxAllowedMallocSize) {
Alexey Samsonov	5bcca4e	2012-06-06 10:46:00 +0000	[diff] [blame]	636	Report("WARNING: AddressSanitizer failed to allocate %p bytes\n",
				637	(void*)size);
Kostya Serebryany	1e172b4	2011-11-30 01:07:02 +0000	[diff] [blame]	638	return 0;
				639	}
				640
Kostya Serebryany	ee39255	2012-05-31 15:02:07 +0000	[diff] [blame]	641	u8 size_class = SizeToSizeClass(needed_size);
Kostya Serebryany	3f4c387	2012-05-31 14:35:53 +0000	[diff] [blame]	642	uptr size_to_allocate = SizeClassToSize(size_class);
Kostya Serebryany	1e172b4	2011-11-30 01:07:02 +0000	[diff] [blame]	643	CHECK(size_to_allocate >= kMinAllocSize);
				644	CHECK(size_to_allocate >= needed_size);
				645	CHECK(IsAligned(size_to_allocate, REDZONE));
				646
Alexey Samsonov	cb8c4dc	2012-07-09 14:36:04 +0000	[diff] [blame]	647	if (flags()->verbosity >= 3) {
Evgeniy Stepanov	739eb79	2012-03-21 11:32:46 +0000	[diff] [blame]	648	Printf("Allocate align: %zu size: %zu class: %u real: %zu\n",
Kostya Serebryany	1e172b4	2011-11-30 01:07:02 +0000	[diff] [blame]	649	alignment, size, size_class, size_to_allocate);
				650	}
				651
				652	AsanThread *t = asanThreadRegistry().GetCurrent();
				653	AsanStats &thread_stats = asanThreadRegistry().GetCurrentThreadStats();
Kostya Serebryany	3074314	2011-12-05 19:17:53 +0000	[diff] [blame]	654	// Statistics
				655	thread_stats.mallocs++;
				656	thread_stats.malloced += size;
				657	thread_stats.malloced_redzones += size_to_allocate - size;
				658	thread_stats.malloced_by_size[size_class]++;
Kostya Serebryany	1e172b4	2011-11-30 01:07:02 +0000	[diff] [blame]	659
Kostya Serebryany	3f4c387	2012-05-31 14:35:53 +0000	[diff] [blame]	660	AsanChunk *m = 0;
Kostya Serebryany	1e172b4	2011-11-30 01:07:02 +0000	[diff] [blame]	661	if (!t \|\| size_to_allocate >= kMaxSizeForThreadLocalFreeList) {
				662	// get directly from global storage.
				663	m = malloc_info.AllocateChunks(size_class, 1);
Kostya Serebryany	3074314	2011-12-05 19:17:53 +0000	[diff] [blame]	664	thread_stats.malloc_large++;
Kostya Serebryany	1e172b4	2011-11-30 01:07:02 +0000	[diff] [blame]	665	} else {
				666	// get from the thread-local storage.
				667	AsanChunk **fl = &t->malloc_storage().free_lists_[size_class];
				668	if (!*fl) {
Kostya Serebryany	3f4c387	2012-05-31 14:35:53 +0000	[diff] [blame]	669	uptr n_new_chunks = kMaxSizeForThreadLocalFreeList / size_to_allocate;
Kostya Serebryany	1e172b4	2011-11-30 01:07:02 +0000	[diff] [blame]	670	*fl = malloc_info.AllocateChunks(size_class, n_new_chunks);
Kostya Serebryany	3074314	2011-12-05 19:17:53 +0000	[diff] [blame]	671	thread_stats.malloc_small_slow++;
Kostya Serebryany	1e172b4	2011-11-30 01:07:02 +0000	[diff] [blame]	672	}
				673	m = *fl;
				674	fl = (fl)->next;
				675	}
				676	CHECK(m);
				677	CHECK(m->chunk_state == CHUNK_AVAILABLE);
				678	m->chunk_state = CHUNK_ALLOCATED;
Kostya Serebryany	3f4c387	2012-05-31 14:35:53 +0000	[diff] [blame]	679	m->next = 0;
Kostya Serebryany	1e172b4	2011-11-30 01:07:02 +0000	[diff] [blame]	680	CHECK(m->Size() == size_to_allocate);
Kostya Serebryany	3f4c387	2012-05-31 14:35:53 +0000	[diff] [blame]	681	uptr addr = (uptr)m + REDZONE;
Kostya Serebryany	0334fc8	2012-06-07 09:15:48 +0000	[diff] [blame]	682	CHECK(addr <= (uptr)m->compressed_free_stack());
Kostya Serebryany	1e172b4	2011-11-30 01:07:02 +0000	[diff] [blame]	683
				684	if (alignment > REDZONE && (addr & (alignment - 1))) {
				685	addr = RoundUpTo(addr, alignment);
				686	CHECK((addr & (alignment - 1)) == 0);
				687	AsanChunk p = (AsanChunk)(addr - REDZONE);
				688	p->chunk_state = CHUNK_MEMALIGN;
Kostya Serebryany	1607160	2012-06-06 16:58:21 +0000	[diff] [blame]	689	p->used_size = (uptr)p - (uptr)m;
Kostya Serebryany	6dc48dd	2012-06-06 16:33:46 +0000	[diff] [blame]	690	m->alignment_log = Log2(alignment);
				691	CHECK(m->Beg() == addr);
				692	} else {
				693	m->alignment_log = Log2(REDZONE);
Kostya Serebryany	1e172b4	2011-11-30 01:07:02 +0000	[diff] [blame]	694	}
				695	CHECK(m == PtrToChunk(addr));
				696	m->used_size = size;
Kostya Serebryany	6dc48dd	2012-06-06 16:33:46 +0000	[diff] [blame]	697	CHECK(m->Beg() == addr);
Kostya Serebryany	1e172b4	2011-11-30 01:07:02 +0000	[diff] [blame]	698	m->alloc_tid = t ? t->tid() : 0;
Kostya Serebryany	e0cff0b	2012-06-06 15:06:58 +0000	[diff] [blame]	699	m->free_tid = kInvalidTid;
Kostya Serebryany	1e172b4	2011-11-30 01:07:02 +0000	[diff] [blame]	700	AsanStackTrace::CompressStack(stack, m->compressed_alloc_stack(),
				701	m->compressed_alloc_stack_size());
				702	PoisonShadow(addr, rounded_size, 0);
				703	if (size < rounded_size) {
Kostya Serebryany	218a9b7	2011-11-30 18:50:23 +0000	[diff] [blame]	704	PoisonHeapPartialRightRedzone(addr + rounded_size - REDZONE,
				705	size & (REDZONE - 1));
Kostya Serebryany	1e172b4	2011-11-30 01:07:02 +0000	[diff] [blame]	706	}
Alexey Samsonov	63201b1	2012-07-23 09:11:58 +0000	[diff] [blame^]	707	if (size <= (uptr)(flags()->max_malloc_fill_size)) {
Alexey Samsonov	09672ca	2012-02-08 13:45:31 +0000	[diff] [blame]	708	REAL(memset)((void*)addr, 0, rounded_size);
Kostya Serebryany	1e172b4	2011-11-30 01:07:02 +0000	[diff] [blame]	709	}
Kostya Serebryany	ee39255	2012-05-31 15:02:07 +0000	[diff] [blame]	710	return (u8*)addr;
Kostya Serebryany	1e172b4	2011-11-30 01:07:02 +0000	[diff] [blame]	711	}
				712
Kostya Serebryany	ee39255	2012-05-31 15:02:07 +0000	[diff] [blame]	713	static void Deallocate(u8 ptr, AsanStackTrace stack) {
Kostya Serebryany	1e172b4	2011-11-30 01:07:02 +0000	[diff] [blame]	714	if (!ptr) return;
				715	CHECK(stack);
				716
Alexey Samsonov	cb8c4dc	2012-07-09 14:36:04 +0000	[diff] [blame]	717	if (flags()->debug) {
Kostya Serebryany	3f4c387	2012-05-31 14:35:53 +0000	[diff] [blame]	718	CHECK(malloc_info.FindPageGroup((uptr)ptr));
Kostya Serebryany	1e172b4	2011-11-30 01:07:02 +0000	[diff] [blame]	719	}
				720
				721	// Printf("Deallocate %p\n", ptr);
Kostya Serebryany	3f4c387	2012-05-31 14:35:53 +0000	[diff] [blame]	722	AsanChunk *m = PtrToChunk((uptr)ptr);
Kostya Serebryany	f1e82b8	2012-04-05 15:55:09 +0000	[diff] [blame]	723
Kostya Serebryany	f4a4d5a	2012-06-06 15:30:55 +0000	[diff] [blame]	724	// Flip the chunk_state atomically to avoid race on double-free.
Dmitry Vyukov	fce5bd4	2012-06-29 16:58:33 +0000	[diff] [blame]	725	u8 old_chunk_state = atomic_exchange((atomic_uint8_t*)m, CHUNK_QUARANTINE,
				726	memory_order_acq_rel);
Kostya Serebryany	f1e82b8	2012-04-05 15:55:09 +0000	[diff] [blame]	727
				728	if (old_chunk_state == CHUNK_QUARANTINE) {
Alexey Samsonov	e954101	2012-06-06 13:11:29 +0000	[diff] [blame]	729	AsanReport("ERROR: AddressSanitizer attempting double-free on %p:\n", ptr);
Kostya Serebryany	1e172b4	2011-11-30 01:07:02 +0000	[diff] [blame]	730	stack->PrintStack();
Kostya Serebryany	3f4c387	2012-05-31 14:35:53 +0000	[diff] [blame]	731	Describe((uptr)ptr, 1);
Kostya Serebryany	1e172b4	2011-11-30 01:07:02 +0000	[diff] [blame]	732	ShowStatsAndAbort();
Kostya Serebryany	f1e82b8	2012-04-05 15:55:09 +0000	[diff] [blame]	733	} else if (old_chunk_state != CHUNK_ALLOCATED) {
Alexey Samsonov	e954101	2012-06-06 13:11:29 +0000	[diff] [blame]	734	AsanReport("ERROR: AddressSanitizer attempting free on address "
				735	"which was not malloc()-ed: %p\n", ptr);
Kostya Serebryany	1e172b4	2011-11-30 01:07:02 +0000	[diff] [blame]	736	stack->PrintStack();
				737	ShowStatsAndAbort();
				738	}
Kostya Serebryany	f1e82b8	2012-04-05 15:55:09 +0000	[diff] [blame]	739	CHECK(old_chunk_state == CHUNK_ALLOCATED);
Kostya Serebryany	1607160	2012-06-06 16:58:21 +0000	[diff] [blame]	740	// With REDZONE==16 m->next is in the user area, otherwise it should be 0.
				741	CHECK(REDZONE <= 16 \|\| !m->next);
Kostya Serebryany	e0cff0b	2012-06-06 15:06:58 +0000	[diff] [blame]	742	CHECK(m->free_tid == kInvalidTid);
Kostya Serebryany	1e172b4	2011-11-30 01:07:02 +0000	[diff] [blame]	743	CHECK(m->alloc_tid >= 0);
				744	AsanThread *t = asanThreadRegistry().GetCurrent();
				745	m->free_tid = t ? t->tid() : 0;
				746	AsanStackTrace::CompressStack(stack, m->compressed_free_stack(),
				747	m->compressed_free_stack_size());
Kostya Serebryany	3f4c387	2012-05-31 14:35:53 +0000	[diff] [blame]	748	uptr rounded_size = RoundUpTo(m->used_size, REDZONE);
				749	PoisonShadow((uptr)ptr, rounded_size, kAsanHeapFreeMagic);
Kostya Serebryany	1e172b4	2011-11-30 01:07:02 +0000	[diff] [blame]	750
Kostya Serebryany	3074314	2011-12-05 19:17:53 +0000	[diff] [blame]	751	// Statistics.
				752	AsanStats &thread_stats = asanThreadRegistry().GetCurrentThreadStats();
				753	thread_stats.frees++;
				754	thread_stats.freed += m->used_size;
				755	thread_stats.freed_by_size[m->SizeClass()]++;
Kostya Serebryany	1e172b4	2011-11-30 01:07:02 +0000	[diff] [blame]	756
Kostya Serebryany	f1e82b8	2012-04-05 15:55:09 +0000	[diff] [blame]	757	CHECK(m->chunk_state == CHUNK_QUARANTINE);
Kostya Serebryany	1607160	2012-06-06 16:58:21 +0000	[diff] [blame]	758
Kostya Serebryany	1e172b4	2011-11-30 01:07:02 +0000	[diff] [blame]	759	if (t) {
				760	AsanThreadLocalMallocStorage *ms = &t->malloc_storage();
Kostya Serebryany	1e172b4	2011-11-30 01:07:02 +0000	[diff] [blame]	761	ms->quarantine_.Push(m);
				762
				763	if (ms->quarantine_.size() > kMaxThreadLocalQuarantine) {
				764	malloc_info.SwallowThreadLocalMallocStorage(ms, false);
				765	}
				766	} else {
Kostya Serebryany	1e172b4	2011-11-30 01:07:02 +0000	[diff] [blame]	767	malloc_info.BypassThreadLocalQuarantine(m);
				768	}
				769	}
				770
Kostya Serebryany	ee39255	2012-05-31 15:02:07 +0000	[diff] [blame]	771	static u8 Reallocate(u8 old_ptr, uptr new_size,
Kostya Serebryany	1e172b4	2011-11-30 01:07:02 +0000	[diff] [blame]	772	AsanStackTrace *stack) {
				773	CHECK(old_ptr && new_size);
Kostya Serebryany	3074314	2011-12-05 19:17:53 +0000	[diff] [blame]	774
				775	// Statistics.
				776	AsanStats &thread_stats = asanThreadRegistry().GetCurrentThreadStats();
				777	thread_stats.reallocs++;
				778	thread_stats.realloced += new_size;
				779
Kostya Serebryany	3f4c387	2012-05-31 14:35:53 +0000	[diff] [blame]	780	AsanChunk *m = PtrToChunk((uptr)old_ptr);
Kostya Serebryany	1e172b4	2011-11-30 01:07:02 +0000	[diff] [blame]	781	CHECK(m->chunk_state == CHUNK_ALLOCATED);
Kostya Serebryany	3f4c387	2012-05-31 14:35:53 +0000	[diff] [blame]	782	uptr old_size = m->used_size;
				783	uptr memcpy_size = Min(new_size, old_size);
Kostya Serebryany	ee39255	2012-05-31 15:02:07 +0000	[diff] [blame]	784	u8 *new_ptr = Allocate(0, new_size, stack);
Kostya Serebryany	1e172b4	2011-11-30 01:07:02 +0000	[diff] [blame]	785	if (new_ptr) {
Kostya Serebryany	3f4c387	2012-05-31 14:35:53 +0000	[diff] [blame]	786	CHECK(REAL(memcpy) != 0);
Alexey Samsonov	09672ca	2012-02-08 13:45:31 +0000	[diff] [blame]	787	REAL(memcpy)(new_ptr, old_ptr, memcpy_size);
Kostya Serebryany	1e172b4	2011-11-30 01:07:02 +0000	[diff] [blame]	788	Deallocate(old_ptr, stack);
				789	}
				790	return new_ptr;
				791	}
				792
				793	} // namespace __asan
				794
				795	// Malloc hooks declaration.
				796	// ASAN_NEW_HOOK(ptr, size) is called immediately after
				797	// allocation of "size" bytes, which returned "ptr".
				798	// ASAN_DELETE_HOOK(ptr) is called immediately before
				799	// deallocation of "ptr".
				800	// If ASAN_NEW_HOOK or ASAN_DELETE_HOOK is defined, user
				801	// program must provide implementation of this hook.
				802	// If macro is undefined, the hook is no-op.
				803	#ifdef ASAN_NEW_HOOK
Kostya Serebryany	3f4c387	2012-05-31 14:35:53 +0000	[diff] [blame]	804	extern "C" void ASAN_NEW_HOOK(void *ptr, uptr size);
Kostya Serebryany	1e172b4	2011-11-30 01:07:02 +0000	[diff] [blame]	805	#else
Kostya Serebryany	3f4c387	2012-05-31 14:35:53 +0000	[diff] [blame]	806	static inline void ASAN_NEW_HOOK(void *ptr, uptr size) { }
Kostya Serebryany	1e172b4	2011-11-30 01:07:02 +0000	[diff] [blame]	807	#endif
				808
				809	#ifdef ASAN_DELETE_HOOK
				810	extern "C" void ASAN_DELETE_HOOK(void *ptr);
				811	#else
				812	static inline void ASAN_DELETE_HOOK(void *ptr) { }
				813	#endif
				814
				815	namespace __asan {
				816
Kostya Serebryany	3f4c387	2012-05-31 14:35:53 +0000	[diff] [blame]	817	void asan_memalign(uptr alignment, uptr size, AsanStackTrace stack) {
Kostya Serebryany	1e172b4	2011-11-30 01:07:02 +0000	[diff] [blame]	818	void ptr = (void)Allocate(alignment, size, stack);
				819	ASAN_NEW_HOOK(ptr, size);
				820	return ptr;
				821	}
				822
				823	void asan_free(void ptr, AsanStackTrace stack) {
				824	ASAN_DELETE_HOOK(ptr);
Kostya Serebryany	ee39255	2012-05-31 15:02:07 +0000	[diff] [blame]	825	Deallocate((u8*)ptr, stack);
Kostya Serebryany	1e172b4	2011-11-30 01:07:02 +0000	[diff] [blame]	826	}
				827
Kostya Serebryany	3f4c387	2012-05-31 14:35:53 +0000	[diff] [blame]	828	void asan_malloc(uptr size, AsanStackTrace stack) {
Kostya Serebryany	1e172b4	2011-11-30 01:07:02 +0000	[diff] [blame]	829	void ptr = (void)Allocate(0, size, stack);
				830	ASAN_NEW_HOOK(ptr, size);
				831	return ptr;
				832	}
				833
Kostya Serebryany	3f4c387	2012-05-31 14:35:53 +0000	[diff] [blame]	834	void asan_calloc(uptr nmemb, uptr size, AsanStackTrace stack) {
Kostya Serebryany	1e172b4	2011-11-30 01:07:02 +0000	[diff] [blame]	835	void ptr = (void)Allocate(0, nmemb * size, stack);
				836	if (ptr)
Alexey Samsonov	09672ca	2012-02-08 13:45:31 +0000	[diff] [blame]	837	REAL(memset)(ptr, 0, nmemb * size);
Kostya Serebryany	1e172b4	2011-11-30 01:07:02 +0000	[diff] [blame]	838	ASAN_NEW_HOOK(ptr, nmemb * size);
				839	return ptr;
				840	}
				841
Kostya Serebryany	3f4c387	2012-05-31 14:35:53 +0000	[diff] [blame]	842	void asan_realloc(void p, uptr size, AsanStackTrace *stack) {
				843	if (p == 0) {
Kostya Serebryany	1e172b4	2011-11-30 01:07:02 +0000	[diff] [blame]	844	void ptr = (void)Allocate(0, size, stack);
				845	ASAN_NEW_HOOK(ptr, size);
				846	return ptr;
				847	} else if (size == 0) {
				848	ASAN_DELETE_HOOK(p);
Kostya Serebryany	ee39255	2012-05-31 15:02:07 +0000	[diff] [blame]	849	Deallocate((u8*)p, stack);
Kostya Serebryany	3f4c387	2012-05-31 14:35:53 +0000	[diff] [blame]	850	return 0;
Kostya Serebryany	1e172b4	2011-11-30 01:07:02 +0000	[diff] [blame]	851	}
Kostya Serebryany	ee39255	2012-05-31 15:02:07 +0000	[diff] [blame]	852	return Reallocate((u8*)p, size, stack);
Kostya Serebryany	1e172b4	2011-11-30 01:07:02 +0000	[diff] [blame]	853	}
				854
Kostya Serebryany	3f4c387	2012-05-31 14:35:53 +0000	[diff] [blame]	855	void asan_valloc(uptr size, AsanStackTrace stack) {
Kostya Serebryany	1e172b4	2011-11-30 01:07:02 +0000	[diff] [blame]	856	void ptr = (void)Allocate(kPageSize, size, stack);
				857	ASAN_NEW_HOOK(ptr, size);
				858	return ptr;
				859	}
				860
Kostya Serebryany	3f4c387	2012-05-31 14:35:53 +0000	[diff] [blame]	861	void asan_pvalloc(uptr size, AsanStackTrace stack) {
Kostya Serebryany	1e172b4	2011-11-30 01:07:02 +0000	[diff] [blame]	862	size = RoundUpTo(size, kPageSize);
				863	if (size == 0) {
				864	// pvalloc(0) should allocate one page.
				865	size = kPageSize;
				866	}
				867	void ptr = (void)Allocate(kPageSize, size, stack);
				868	ASAN_NEW_HOOK(ptr, size);
				869	return ptr;
				870	}
				871
Kostya Serebryany	3f4c387	2012-05-31 14:35:53 +0000	[diff] [blame]	872	int asan_posix_memalign(void **memptr, uptr alignment, uptr size,
Kostya Serebryany	1e172b4	2011-11-30 01:07:02 +0000	[diff] [blame]	873	AsanStackTrace *stack) {
				874	void *ptr = Allocate(alignment, size, stack);
Kostya Serebryany	3f4c387	2012-05-31 14:35:53 +0000	[diff] [blame]	875	CHECK(IsAligned((uptr)ptr, alignment));
Kostya Serebryany	1e172b4	2011-11-30 01:07:02 +0000	[diff] [blame]	876	ASAN_NEW_HOOK(ptr, size);
				877	*memptr = ptr;
				878	return 0;
				879	}
				880
Kostya Serebryany	3f4c387	2012-05-31 14:35:53 +0000	[diff] [blame]	881	uptr asan_malloc_usable_size(void ptr, AsanStackTrace stack) {
Alexey Samsonov	ca2278d	2012-01-18 15:26:55 +0000	[diff] [blame]	882	CHECK(stack);
Kostya Serebryany	3f4c387	2012-05-31 14:35:53 +0000	[diff] [blame]	883	if (ptr == 0) return 0;
				884	uptr usable_size = malloc_info.AllocationSize((uptr)ptr);
Alexey Samsonov	cb8c4dc	2012-07-09 14:36:04 +0000	[diff] [blame]	885	if (flags()->check_malloc_usable_size && (usable_size == 0)) {
Alexey Samsonov	e954101	2012-06-06 13:11:29 +0000	[diff] [blame]	886	AsanReport("ERROR: AddressSanitizer attempting to call "
				887	"malloc_usable_size() for pointer which is "
				888	"not owned: %p\n", ptr);
Alexey Samsonov	4fd95f1	2012-01-17 06:39:10 +0000	[diff] [blame]	889	stack->PrintStack();
Kostya Serebryany	3f4c387	2012-05-31 14:35:53 +0000	[diff] [blame]	890	Describe((uptr)ptr, 1);
Alexey Samsonov	4fd95f1	2012-01-17 06:39:10 +0000	[diff] [blame]	891	ShowStatsAndAbort();
				892	}
				893	return usable_size;
				894	}
				895
Kostya Serebryany	3f4c387	2012-05-31 14:35:53 +0000	[diff] [blame]	896	uptr asan_mz_size(const void *ptr) {
				897	return malloc_info.AllocationSize((uptr)ptr);
Kostya Serebryany	1e172b4	2011-11-30 01:07:02 +0000	[diff] [blame]	898	}
				899
Kostya Serebryany	3f4c387	2012-05-31 14:35:53 +0000	[diff] [blame]	900	void DescribeHeapAddress(uptr addr, uptr access_size) {
Kostya Serebryany	1e172b4	2011-11-30 01:07:02 +0000	[diff] [blame]	901	Describe(addr, access_size);
				902	}
				903
Alexey Samsonov	4fd95f1	2012-01-17 06:39:10 +0000	[diff] [blame]	904	void asan_mz_force_lock() {
Kostya Serebryany	1e172b4	2011-11-30 01:07:02 +0000	[diff] [blame]	905	malloc_info.ForceLock();
				906	}
				907
Alexey Samsonov	4fd95f1	2012-01-17 06:39:10 +0000	[diff] [blame]	908	void asan_mz_force_unlock() {
Kostya Serebryany	1e172b4	2011-11-30 01:07:02 +0000	[diff] [blame]	909	malloc_info.ForceUnlock();
				910	}
				911
				912	// ---------------------- Fake stack-------------------- {{{1
				913	FakeStack::FakeStack() {
Kostya Serebryany	3f4c387	2012-05-31 14:35:53 +0000	[diff] [blame]	914	CHECK(REAL(memset) != 0);
Alexey Samsonov	09672ca	2012-02-08 13:45:31 +0000	[diff] [blame]	915	REAL(memset)(this, 0, sizeof(*this));
Kostya Serebryany	1e172b4	2011-11-30 01:07:02 +0000	[diff] [blame]	916	}
				917
Kostya Serebryany	3f4c387	2012-05-31 14:35:53 +0000	[diff] [blame]	918	bool FakeStack::AddrIsInSizeClass(uptr addr, uptr size_class) {
				919	uptr mem = allocated_size_classes_[size_class];
				920	uptr size = ClassMmapSize(size_class);
Kostya Serebryany	1e172b4	2011-11-30 01:07:02 +0000	[diff] [blame]	921	bool res = mem && addr >= mem && addr < mem + size;
				922	return res;
				923	}
				924
Kostya Serebryany	3f4c387	2012-05-31 14:35:53 +0000	[diff] [blame]	925	uptr FakeStack::AddrIsInFakeStack(uptr addr) {
				926	for (uptr i = 0; i < kNumberOfSizeClasses; i++) {
Kostya Serebryany	1e172b4	2011-11-30 01:07:02 +0000	[diff] [blame]	927	if (AddrIsInSizeClass(addr, i)) return allocated_size_classes_[i];
				928	}
				929	return 0;
				930	}
				931
				932	// We may want to compute this during compilation.
Kostya Serebryany	3f4c387	2012-05-31 14:35:53 +0000	[diff] [blame]	933	inline uptr FakeStack::ComputeSizeClass(uptr alloc_size) {
				934	uptr rounded_size = RoundUpToPowerOfTwo(alloc_size);
				935	uptr log = Log2(rounded_size);
Kostya Serebryany	1e172b4	2011-11-30 01:07:02 +0000	[diff] [blame]	936	CHECK(alloc_size <= (1UL << log));
				937	if (!(alloc_size > (1UL << (log-1)))) {
Evgeniy Stepanov	739eb79	2012-03-21 11:32:46 +0000	[diff] [blame]	938	Printf("alloc_size %zu log %zu\n", alloc_size, log);
Kostya Serebryany	1e172b4	2011-11-30 01:07:02 +0000	[diff] [blame]	939	}
				940	CHECK(alloc_size > (1UL << (log-1)));
Kostya Serebryany	3f4c387	2012-05-31 14:35:53 +0000	[diff] [blame]	941	uptr res = log < kMinStackFrameSizeLog ? 0 : log - kMinStackFrameSizeLog;
Kostya Serebryany	1e172b4	2011-11-30 01:07:02 +0000	[diff] [blame]	942	CHECK(res < kNumberOfSizeClasses);
				943	CHECK(ClassSize(res) >= rounded_size);
				944	return res;
				945	}
				946
				947	void FakeFrameFifo::FifoPush(FakeFrame *node) {
				948	CHECK(node);
				949	node->next = 0;
				950	if (first_ == 0 && last_ == 0) {
				951	first_ = last_ = node;
				952	} else {
				953	CHECK(first_);
				954	CHECK(last_);
				955	last_->next = node;
				956	last_ = node;
				957	}
				958	}
				959
				960	FakeFrame *FakeFrameFifo::FifoPop() {
				961	CHECK(first_ && last_ && "Exhausted fake stack");
				962	FakeFrame *res = 0;
				963	if (first_ == last_) {
				964	res = first_;
				965	first_ = last_ = 0;
				966	} else {
				967	res = first_;
				968	first_ = first_->next;
				969	}
				970	return res;
				971	}
				972
Kostya Serebryany	3f4c387	2012-05-31 14:35:53 +0000	[diff] [blame]	973	void FakeStack::Init(uptr stack_size) {
Kostya Serebryany	1e172b4	2011-11-30 01:07:02 +0000	[diff] [blame]	974	stack_size_ = stack_size;
				975	alive_ = true;
				976	}
				977
				978	void FakeStack::Cleanup() {
				979	alive_ = false;
Kostya Serebryany	3f4c387	2012-05-31 14:35:53 +0000	[diff] [blame]	980	for (uptr i = 0; i < kNumberOfSizeClasses; i++) {
				981	uptr mem = allocated_size_classes_[i];
Kostya Serebryany	1e172b4	2011-11-30 01:07:02 +0000	[diff] [blame]	982	if (mem) {
				983	PoisonShadow(mem, ClassMmapSize(i), 0);
				984	allocated_size_classes_[i] = 0;
Alexey Samsonov	a25b346	2012-06-06 16:15:07 +0000	[diff] [blame]	985	UnmapOrDie((void*)mem, ClassMmapSize(i));
Kostya Serebryany	1e172b4	2011-11-30 01:07:02 +0000	[diff] [blame]	986	}
				987	}
				988	}
				989
Kostya Serebryany	3f4c387	2012-05-31 14:35:53 +0000	[diff] [blame]	990	uptr FakeStack::ClassMmapSize(uptr size_class) {
Kostya Serebryany	1e172b4	2011-11-30 01:07:02 +0000	[diff] [blame]	991	return RoundUpToPowerOfTwo(stack_size_);
				992	}
				993
Kostya Serebryany	3f4c387	2012-05-31 14:35:53 +0000	[diff] [blame]	994	void FakeStack::AllocateOneSizeClass(uptr size_class) {
Kostya Serebryany	1e172b4	2011-11-30 01:07:02 +0000	[diff] [blame]	995	CHECK(ClassMmapSize(size_class) >= kPageSize);
Alexey Samsonov	a25b346	2012-06-06 16:15:07 +0000	[diff] [blame]	996	uptr new_mem = (uptr)MmapOrDie(
Kostya Serebryany	de496f4	2011-12-28 22:58:01 +0000	[diff] [blame]	997	ClassMmapSize(size_class), __FUNCTION__);
Evgeniy Stepanov	739eb79	2012-03-21 11:32:46 +0000	[diff] [blame]	998	// Printf("T%d new_mem[%zu]: %p-%p mmap %zu\n",
Kostya Serebryany	1e172b4	2011-11-30 01:07:02 +0000	[diff] [blame]	999	// asanThreadRegistry().GetCurrent()->tid(),
				1000	// size_class, new_mem, new_mem + ClassMmapSize(size_class),
				1001	// ClassMmapSize(size_class));
Kostya Serebryany	3f4c387	2012-05-31 14:35:53 +0000	[diff] [blame]	1002	uptr i;
Kostya Serebryany	1e172b4	2011-11-30 01:07:02 +0000	[diff] [blame]	1003	for (i = 0; i < ClassMmapSize(size_class);
				1004	i += ClassSize(size_class)) {
				1005	size_classes_[size_class].FifoPush((FakeFrame*)(new_mem + i));
				1006	}
				1007	CHECK(i == ClassMmapSize(size_class));
				1008	allocated_size_classes_[size_class] = new_mem;
				1009	}
				1010
Kostya Serebryany	3f4c387	2012-05-31 14:35:53 +0000	[diff] [blame]	1011	uptr FakeStack::AllocateStack(uptr size, uptr real_stack) {
Kostya Serebryany	c4b34d9	2011-12-09 01:49:31 +0000	[diff] [blame]	1012	if (!alive_) return real_stack;
Kostya Serebryany	1e172b4	2011-11-30 01:07:02 +0000	[diff] [blame]	1013	CHECK(size <= kMaxStackMallocSize && size > 1);
Kostya Serebryany	3f4c387	2012-05-31 14:35:53 +0000	[diff] [blame]	1014	uptr size_class = ComputeSizeClass(size);
Kostya Serebryany	1e172b4	2011-11-30 01:07:02 +0000	[diff] [blame]	1015	if (!allocated_size_classes_[size_class]) {
				1016	AllocateOneSizeClass(size_class);
				1017	}
				1018	FakeFrame *fake_frame = size_classes_[size_class].FifoPop();
				1019	CHECK(fake_frame);
				1020	fake_frame->size_minus_one = size - 1;
				1021	fake_frame->real_stack = real_stack;
				1022	while (FakeFrame *top = call_stack_.top()) {
				1023	if (top->real_stack > real_stack) break;
				1024	call_stack_.LifoPop();
				1025	DeallocateFrame(top);
				1026	}
				1027	call_stack_.LifoPush(fake_frame);
Kostya Serebryany	3f4c387	2012-05-31 14:35:53 +0000	[diff] [blame]	1028	uptr ptr = (uptr)fake_frame;
Kostya Serebryany	1e172b4	2011-11-30 01:07:02 +0000	[diff] [blame]	1029	PoisonShadow(ptr, size, 0);
				1030	return ptr;
				1031	}
				1032
				1033	void FakeStack::DeallocateFrame(FakeFrame *fake_frame) {
				1034	CHECK(alive_);
Kostya Serebryany	3f4c387	2012-05-31 14:35:53 +0000	[diff] [blame]	1035	uptr size = fake_frame->size_minus_one + 1;
				1036	uptr size_class = ComputeSizeClass(size);
Kostya Serebryany	1e172b4	2011-11-30 01:07:02 +0000	[diff] [blame]	1037	CHECK(allocated_size_classes_[size_class]);
Kostya Serebryany	3f4c387	2012-05-31 14:35:53 +0000	[diff] [blame]	1038	uptr ptr = (uptr)fake_frame;
Kostya Serebryany	1e172b4	2011-11-30 01:07:02 +0000	[diff] [blame]	1039	CHECK(AddrIsInSizeClass(ptr, size_class));
				1040	CHECK(AddrIsInSizeClass(ptr + size - 1, size_class));
				1041	size_classes_[size_class].FifoPush(fake_frame);
				1042	}
				1043
Kostya Serebryany	3f4c387	2012-05-31 14:35:53 +0000	[diff] [blame]	1044	void FakeStack::OnFree(uptr ptr, uptr size, uptr real_stack) {
Kostya Serebryany	1e172b4	2011-11-30 01:07:02 +0000	[diff] [blame]	1045	FakeFrame fake_frame = (FakeFrame)ptr;
				1046	CHECK(fake_frame->magic = kRetiredStackFrameMagic);
				1047	CHECK(fake_frame->descr != 0);
				1048	CHECK(fake_frame->size_minus_one == size - 1);
				1049	PoisonShadow(ptr, size, kAsanStackAfterReturnMagic);
				1050	}
				1051
				1052	} // namespace __asan
				1053
				1054	// ---------------------- Interface ---------------- {{{1
				1055	using namespace __asan; // NOLINT
				1056
Kostya Serebryany	3f4c387	2012-05-31 14:35:53 +0000	[diff] [blame]	1057	uptr __asan_stack_malloc(uptr size, uptr real_stack) {
Alexey Samsonov	cb8c4dc	2012-07-09 14:36:04 +0000	[diff] [blame]	1058	if (!flags()->use_fake_stack) return real_stack;
Kostya Serebryany	1e172b4	2011-11-30 01:07:02 +0000	[diff] [blame]	1059	AsanThread *t = asanThreadRegistry().GetCurrent();
				1060	if (!t) {
				1061	// TSD is gone, use the real stack.
				1062	return real_stack;
				1063	}
Kostya Serebryany	3f4c387	2012-05-31 14:35:53 +0000	[diff] [blame]	1064	uptr ptr = t->fake_stack().AllocateStack(size, real_stack);
Evgeniy Stepanov	739eb79	2012-03-21 11:32:46 +0000	[diff] [blame]	1065	// Printf("__asan_stack_malloc %p %zu %p\n", ptr, size, real_stack);
Kostya Serebryany	1e172b4	2011-11-30 01:07:02 +0000	[diff] [blame]	1066	return ptr;
				1067	}
				1068
Kostya Serebryany	3f4c387	2012-05-31 14:35:53 +0000	[diff] [blame]	1069	void __asan_stack_free(uptr ptr, uptr size, uptr real_stack) {
Alexey Samsonov	cb8c4dc	2012-07-09 14:36:04 +0000	[diff] [blame]	1070	if (!flags()->use_fake_stack) return;
Kostya Serebryany	1e172b4	2011-11-30 01:07:02 +0000	[diff] [blame]	1071	if (ptr != real_stack) {
				1072	FakeStack::OnFree(ptr, size, real_stack);
				1073	}
				1074	}
				1075
				1076	// ASan allocator doesn't reserve extra bytes, so normally we would
				1077	// just return "size".
Kostya Serebryany	9aead37	2012-05-31 14:11:07 +0000	[diff] [blame]	1078	uptr __asan_get_estimated_allocated_size(uptr size) {
Kostya Serebryany	1e172b4	2011-11-30 01:07:02 +0000	[diff] [blame]	1079	if (size == 0) return 1;
Kostya Serebryany	2d8b3bd	2011-12-02 18:42:04 +0000	[diff] [blame]	1080	return Min(size, kMaxAllowedMallocSize);
Kostya Serebryany	1e172b4	2011-11-30 01:07:02 +0000	[diff] [blame]	1081	}
				1082
				1083	bool __asan_get_ownership(const void *p) {
Kostya Serebryany	3f4c387	2012-05-31 14:35:53 +0000	[diff] [blame]	1084	return malloc_info.AllocationSize((uptr)p) > 0;
Kostya Serebryany	1e172b4	2011-11-30 01:07:02 +0000	[diff] [blame]	1085	}
				1086
Kostya Serebryany	9aead37	2012-05-31 14:11:07 +0000	[diff] [blame]	1087	uptr __asan_get_allocated_size(const void *p) {
Kostya Serebryany	3f4c387	2012-05-31 14:35:53 +0000	[diff] [blame]	1088	if (p == 0) return 0;
				1089	uptr allocated_size = malloc_info.AllocationSize((uptr)p);
Kostya Serebryany	1e172b4	2011-11-30 01:07:02 +0000	[diff] [blame]	1090	// Die if p is not malloced or if it is already freed.
Alexey Samsonov	ca2278d	2012-01-18 15:26:55 +0000	[diff] [blame]	1091	if (allocated_size == 0) {
Alexey Samsonov	e954101	2012-06-06 13:11:29 +0000	[diff] [blame]	1092	AsanReport("ERROR: AddressSanitizer attempting to call "
				1093	"__asan_get_allocated_size() for pointer which is "
				1094	"not owned: %p\n", p);
Kostya Serebryany	1e172b4	2011-11-30 01:07:02 +0000	[diff] [blame]	1095	PRINT_CURRENT_STACK();
Kostya Serebryany	3f4c387	2012-05-31 14:35:53 +0000	[diff] [blame]	1096	Describe((uptr)p, 1);
Kostya Serebryany	1e172b4	2011-11-30 01:07:02 +0000	[diff] [blame]	1097	ShowStatsAndAbort();
				1098	}
				1099	return allocated_size;
				1100	}