Check stack pointer to be inside stack when unwinding.

base/debug/stack_trace.h

 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 
 #ifndef BASE_DEBUG_STACK_TRACE_H_
 #define BASE_DEBUG_STACK_TRACE_H_
 
 #include <stddef.h>
 
 #include <iosfwd>
@@ skipping 84 matching lines @@
   // doesn't give much more information.
   static const int kMaxTraces = 62;
 
   void* trace_[kMaxTraces];
 
   // The number of valid frames in |trace_|.
   size_t count_;
 };
 
 #if HAVE_TRACE_STACK_FRAME_POINTERS
+
+// Used by TraceStackFramePointers() to store info about the stack.
+struct BASE_EXPORT PerThreadStackInfo {

[Primiano Tucci (use gerrit), 2016/05/31 16:13:07]

maybe s/PerThreadStackInfo/ThreadStackLimits/

[Dmitry Skiba, 2016/05/31 21:52:18]

Acknowledged.

+  PerThreadStackInfo();
+  uintptr_t start_address;
+  bool start_address_final;
+};
+
 // Traces the stack by using frame pointers. This function is faster but less
 // reliable than StackTrace. It should work for debug and profiling builds,
 // but not for release builds (although there are some exceptions).
 //
 // Writes at most |max_depth| frames (instruction pointers) into |out_trace|
 // after skipping |skip_initial| frames. Note that the function itself is not
 // added to the trace so |skip_initial| should be 0 in most cases.
 // Returns number of frames written.
-BASE_EXPORT size_t TraceStackFramePointers(const void** out_trace,
-                                           size_t max_depth,
-                                           size_t skip_initial);
+//
+// Note on |stack_info|. By default the function relies on heuristics to check

[Primiano Tucci (use gerrit), 2016/05/31 16:13:07]

IMHO this comment is a bit too apologetic. I'd just say:
|stack_info| is an optional cache that avoids recomputing the stack limits on
each invocation. The caller is supposed to just keep it in a TLS and pass it
back.

[Dmitry Skiba, 2016/05/31 21:52:18]

Hmm, I don't see it that way. I think it explains motivation behind stack_info,
which can help deciding whether or not need you need it.

+// whether a stack pointer is within the stack before dereferencing it. That
+// works, but is not very reliable. Proper way to check that is to ask the OS
+// for the stack info, but that is costly thing to do on each call.
+// This is what |stack_info| is for - it provides a place where function
+// caches info about the stack. Put it in your per-thread data structure, pass
+// into the function, and voila - stack pointers are properly checked without
+// any runtime overhead.
+BASE_EXPORT size_t TraceStackFramePointers(
+    const void** out_trace,
+    size_t max_depth,
+    size_t skip_initial,
+    PerThreadStackInfo* stack_info = nullptr);
+
 #endif  // HAVE_TRACE_STACK_FRAME_POINTERS
 
 namespace internal {
 
 #if defined(OS_POSIX) && !defined(OS_ANDROID)
 // POSIX doesn't define any async-signal safe function for converting
 // an integer to ASCII. We'll have to define our own version.
 // itoa_r() converts a (signed) integer to ASCII. It returns "buf", if the
 // conversion was successful or NULL otherwise. It never writes more than "sz"
 // bytes. Output will be truncated as needed, and a NUL character is always
 // appended.
 BASE_EXPORT char *itoa_r(intptr_t i,
                          char *buf,
                          size_t sz,
                          int base,
                          size_t padding);
 #endif  // defined(OS_POSIX) && !defined(OS_ANDROID)
 
 }  // namespace internal
 
 }  // namespace debug
 }  // namespace base
 
 #endif  // BASE_DEBUG_STACK_TRACE_H_