[flang-commits] [flang] [flang][runtime] Validate pointer DEALLOCATE (PR #78612)

[via flang-commits]

================
@@ -163,6 +178,18 @@ int RTDEF(PointerDeallocate)(Descriptor &pointer, bool hasStat,
   if (!pointer.IsAllocated()) {
     return ReturnError(terminator, StatBaseNull, errMsg, hasStat);
   }
+  // Validate the footer.  This should fail if the pointer doesn't
+  // span the entire object, or the object was not allocated as a
+  // pointer.
+  std::size_t byteSize{pointer.Elements() * pointer.ElementBytes()};
+  constexpr std::size_t align{sizeof(std::uintptr_t)};
+  byteSize = ((byteSize + align - 1) / align) * align;
+  void *p{pointer.raw().base_addr};
+  std::uintptr_t *footer{
+      reinterpret_cast<std::uintptr_t *>(static_cast<char *>(p) + byteSize)};
+  if (*footer != ~reinterpret_cast<std::uintptr_t>(p)) {
----------------
jeanPerier wrote:

Playing the devil's advocate here, there is a slight chance for this `*footer` read to crash if this is a POINTER pointing to something like a whole allocatable (the read would be after the allocated memory for the allocatable), or pointing some array target that is neither an allocatable/pointer (the read could be outside of the stack/data memory).

But the only safe way I can think of to do the check your patch is adding without this issue would be to maintain some runtime pointer allocation table, and this may be overkill/no very parallelism friendly.

https://github.com/llvm/llvm-project/pull/78612