wasmer_vm/probestack/
mod.rs

1// This file contains code from external sources.
2// Attributions: https://github.com/wasmerio/wasmer/blob/main/docs/ATTRIBUTIONS.md
3
4//! This section defines the `PROBESTACK` intrinsic which is used in the
5//! implementation of "stack probes" on certain platforms.
6//!
7//! The purpose of a stack probe is to provide a static guarantee that if a
8//! thread has a guard page then a stack overflow is guaranteed to hit that
9//! guard page. If a function did not have a stack probe then there's a risk of
10//! having a stack frame *larger* than the guard page, so a function call could
11//! skip over the guard page entirely and then later hit maybe the heap or
12//! another thread, possibly leading to security vulnerabilities such as [The
13//! Stack Clash], for example.
14//!
15//! [The Stack Clash]: https://blog.qualys.com/securitylabs/2017/06/19/the-stack-clash
16
17// Based on `compiler-builtins` crate with changes in `#[cfg(...)]`:
18// https://raw.githubusercontent.com/rust-lang/compiler-builtins/319637f544d9dda8fc3dd482d9979e0da135a258/compiler-builtins/src/probestack.rs
19mod compiler_builtins;
20
21// A declaration for the stack probe function in Rust's standard library, for
22// catching callstack overflow.
23cfg_if::cfg_if! {
24    if #[cfg(all(
25            target_os = "windows",
26            target_env = "msvc",
27            target_pointer_width = "64"
28            ))] {
29        unsafe extern "C" {
30            pub fn __chkstk();
31        }
32        /// The probestack for 64bit Windows when compiled with MSVC (note the double underscore)
33        pub const PROBESTACK: unsafe extern "C" fn() = __chkstk;
34    } else if #[cfg(all(
35            target_os = "windows",
36            target_env = "msvc",
37            target_pointer_width = "32"
38            ))] {
39        unsafe extern "C" {
40            pub fn _chkstk();
41        }
42        /// The probestack for 32bit Windows when compiled with MSVC (note the singular underscore)
43        pub const PROBESTACK: unsafe extern "C" fn() = _chkstk;
44    } else if #[cfg(all(target_os = "windows", target_env = "gnu"))] {
45        unsafe extern "C" {
46            // ___chkstk (note the triple underscore) is implemented in compiler-builtins/src/x86_64.rs
47            // by the Rust compiler for the MinGW target
48            #[cfg(all(target_os = "windows", target_env = "gnu"))]
49            pub fn ___chkstk_ms();
50        }
51        /// The probestack for Windows when compiled with GNU
52        pub const PROBESTACK: unsafe extern "C" fn() = ___chkstk_ms;
53    } else if #[cfg(not(any(target_arch = "x86_64", target_arch = "x86")))] {
54        // As per
55        // https://github.com/rust-lang/compiler-builtins/blob/cae3e6ea23739166504f9f9fb50ec070097979d4/src/probestack.rs#L39,
56        // LLVM only has stack-probe support on x86-64 and x86. Thus, on any other CPU
57        // architecture, we simply use an empty stack-probe function.
58        extern "C" fn empty_probestack() {}
59        /// A default probestack for other architectures
60        pub const PROBESTACK: unsafe extern "C" fn() = empty_probestack;
61    } else {
62        /// The probestack based on the Rust probestack
63        pub static PROBESTACK: unsafe extern "C" fn() = compiler_builtins::__rust_probestack;
64    }
65}