[compiler-rt] r183647 - [asan] fix the bug with memalign and malloc_usable_size (http://code.google.com/p/address-sanitizer/issues/detail?id=193); also fix lint
Bill Wendling
isanbard at gmail.com
Mon Jun 10 11:21:49 PDT 2013
3.3 is finished. We are accepting no new patches.
-bw
On Jun 10, 2013, at 7:04 AM, Kostya Serebryany <kcc at google.com> wrote:
> I don't see why not (It should go with r183651).
>
> --kcc
>
>
> On Mon, Jun 10, 2013 at 5:51 PM, Nathan Froyd <froydnj at mozilla.com> wrote:
> Hi Kostya, Bill,
>
> Can this patch be backported to 3.3? It fixes a regression from 3.2.
>
> -Nathan
>
> ----- Original Message -----
> > Author: kcc
> > Date: Mon Jun 10 05:46:27 2013
> > New Revision: 183647
> >
> > URL: http://llvm.org/viewvc/llvm-project?rev=183647&view=rev
> > Log:
> > [asan] fix the bug with memalign and malloc_usable_size
> > (http://code.google.com/p/address-sanitizer/issues/detail?id=193);
> > also fix lint
> >
> > Modified:
> > compiler-rt/trunk/lib/asan/asan_allocator2.cc
> > compiler-rt/trunk/lib/asan/tests/asan_noinst_test.cc
> > compiler-rt/trunk/lib/sanitizer_common/sanitizer_common_interceptors_ioctl.inc
> >
> > Modified: compiler-rt/trunk/lib/asan/asan_allocator2.cc
> > URL:
> > http://llvm.org/viewvc/llvm-project/compiler-rt/trunk/lib/asan/asan_allocator2.cc?rev=183647&r1=183646&r2=183647&view=diff
> > ==============================================================================
> > --- compiler-rt/trunk/lib/asan/asan_allocator2.cc (original)
> > +++ compiler-rt/trunk/lib/asan/asan_allocator2.cc Mon Jun 10 05:46:27
> > 2013
> > @@ -146,14 +146,15 @@ static uptr ComputeRZLog(uptr user_reque
> > // ChunkBase consists of ChunkHeader and other bytes that overlap
> > with user
> > // memory.
> >
> > -// If a memory chunk is allocated by memalign and we had to increase
> > the
> > -// allocation size to achieve the proper alignment, then we store
> > this magic
> > +// If the left redzone is greater than the ChunkHeader size we store
> > a magic
> > // value in the first uptr word of the memory block and store the
> > address of
> > // ChunkBase in the next uptr.
> > -// M B ? ? ? L L L L L L H H U U U U U U
> > -// M -- magic value kMemalignMagic
> > +// M B L L L L L L L L L H H U U U U U U
> > +// | ^
> > +// ---------------------|
> > +// M -- magic value kAllocBegMagic
> > // B -- address of ChunkHeader pointing to the first 'H'
> > -static const uptr kMemalignMagic = 0xCC6E96B9;
> > +static const uptr kAllocBegMagic = 0xCC6E96B9;
> >
> > struct ChunkHeader {
> > // 1-st 8 bytes.
> > @@ -276,10 +277,10 @@ struct QuarantineCallback {
> > RoundUpTo(m->UsedSize(), SHADOW_GRANULARITY),
> > kAsanHeapLeftRedzoneMagic);
> > void *p = reinterpret_cast<void *>(m->AllocBeg());
> > - if (m->from_memalign) {
> > - uptr *memalign_magic = reinterpret_cast<uptr *>(p);
> > - CHECK_EQ(memalign_magic[0], kMemalignMagic);
> > - CHECK_EQ(memalign_magic[1], reinterpret_cast<uptr>(m));
> > + if (p != m) {
> > + uptr *alloc_magic = reinterpret_cast<uptr *>(p);
> > + CHECK_EQ(alloc_magic[0], kAllocBegMagic);
> > + CHECK_EQ(alloc_magic[1], reinterpret_cast<uptr>(m));
> > }
> >
> > // Statistics.
> > @@ -355,8 +356,6 @@ static void *Allocate(uptr size, uptr al
> > allocated = allocator.Allocate(cache, needed_size, 8, false);
> > }
> > uptr alloc_beg = reinterpret_cast<uptr>(allocated);
> > - // Clear the first allocated word (an old kMemalignMagic may still
> > be there).
> > - reinterpret_cast<uptr *>(alloc_beg)[0] = 0;
> > uptr alloc_end = alloc_beg + needed_size;
> > uptr beg_plus_redzone = alloc_beg + rz_size;
> > uptr user_beg = beg_plus_redzone;
> > @@ -373,11 +372,10 @@ static void *Allocate(uptr size, uptr al
> > CHECK_EQ(alloc_tid, m->alloc_tid); // Does alloc_tid fit into the
> > bitfield?
> > m->free_tid = kInvalidTid;
> > m->from_memalign = user_beg != beg_plus_redzone;
> > - if (m->from_memalign) {
> > - CHECK_LE(beg_plus_redzone + 2 * sizeof(uptr), user_beg);
> > - uptr *memalign_magic = reinterpret_cast<uptr *>(alloc_beg);
> > - memalign_magic[0] = kMemalignMagic;
> > - memalign_magic[1] = chunk_beg;
> > + if (alloc_beg != chunk_beg) {
> > + CHECK_LE(alloc_beg+ 2 * sizeof(uptr), chunk_beg);
> > + reinterpret_cast<uptr *>(alloc_beg)[0] = kAllocBegMagic;
> > + reinterpret_cast<uptr *>(alloc_beg)[1] = chunk_beg;
> > }
> > if (using_primary_allocator) {
> > CHECK(size);
> > @@ -533,31 +531,15 @@ static void *Reallocate(void *old_ptr, u
> > // Assumes alloc_beg == allocator.GetBlockBegin(alloc_beg).
> > static AsanChunk *GetAsanChunk(void *alloc_beg) {
> > if (!alloc_beg) return 0;
> > - uptr *memalign_magic = reinterpret_cast<uptr *>(alloc_beg);
> > - if (memalign_magic[0] == kMemalignMagic) {
> > - AsanChunk *m = reinterpret_cast<AsanChunk *>(memalign_magic[1]);
> > - CHECK(m->from_memalign);
> > - return m;
> > - }
> > if (!allocator.FromPrimary(alloc_beg)) {
> > uptr *meta = reinterpret_cast<uptr
> > *>(allocator.GetMetaData(alloc_beg));
> > AsanChunk *m = reinterpret_cast<AsanChunk *>(meta[1]);
> > return m;
> > }
> > - uptr actual_size =
> > - allocator.GetActuallyAllocatedSize(alloc_beg);
> > - CHECK_LE(actual_size, SizeClassMap::kMaxSize);
> > - // We know the actually allocted size, but we don't know the
> > redzone size.
> > - // Just try all possible redzone sizes.
> > - for (u32 rz_log = 0; rz_log < 8; rz_log++) {
> > - u32 rz_size = RZLog2Size(rz_log);
> > - uptr max_possible_size = actual_size - rz_size;
> > - if (ComputeRZLog(max_possible_size) != rz_log)
> > - continue;
> > - return reinterpret_cast<AsanChunk *>(
> > - reinterpret_cast<uptr>(alloc_beg) + rz_size -
> > kChunkHeaderSize);
> > - }
> > - return 0;
> > + uptr *alloc_magic = reinterpret_cast<uptr *>(alloc_beg);
> > + if (alloc_magic[0] == kAllocBegMagic)
> > + return reinterpret_cast<AsanChunk *>(alloc_magic[1]);
> > + return reinterpret_cast<AsanChunk *>(alloc_beg);
> > }
> >
> > static AsanChunk *GetAsanChunkByAddr(uptr p) {
> >
> > Modified: compiler-rt/trunk/lib/asan/tests/asan_noinst_test.cc
> > URL:
> > http://llvm.org/viewvc/llvm-project/compiler-rt/trunk/lib/asan/tests/asan_noinst_test.cc?rev=183647&r1=183646&r2=183647&view=diff
> > ==============================================================================
> > --- compiler-rt/trunk/lib/asan/tests/asan_noinst_test.cc (original)
> > +++ compiler-rt/trunk/lib/asan/tests/asan_noinst_test.cc Mon Jun 10
> > 05:46:27 2013
> > @@ -66,6 +66,7 @@ static void MallocStress(size_t n) {
> > size_t alignment = 1 << (my_rand_r(&seed) % 10 + 1);
> > char *ptr = (char*)__asan::asan_memalign(alignment, size,
> > &stack2,
> > __asan::FROM_MALLOC);
> > + EXPECT_EQ(size, __asan::asan_malloc_usable_size(ptr,
> > &stack2));
> > vec.push_back(ptr);
> > ptr[0] = 0;
> > ptr[size-1] = 0;
> >
> > Modified:
> > compiler-rt/trunk/lib/sanitizer_common/sanitizer_common_interceptors_ioctl.inc
> > URL:
> > http://llvm.org/viewvc/llvm-project/compiler-rt/trunk/lib/sanitizer_common/sanitizer_common_interceptors_ioctl.inc?rev=183647&r1=183646&r2=183647&view=diff
> > ==============================================================================
> > ---
> > compiler-rt/trunk/lib/sanitizer_common/sanitizer_common_interceptors_ioctl.inc
> > (original)
> > +++
> > compiler-rt/trunk/lib/sanitizer_common/sanitizer_common_interceptors_ioctl.inc
> > Mon Jun 10 05:46:27 2013
> > @@ -179,8 +179,8 @@ static void ioctl_table_fill() {
> > _(0x00005315, READ, struct_cdrom_msf_sz); //
> > CDROMREADCOOKED
> > _(0x00005316, READ, struct_cdrom_msf_sz); // CDROMSEEK
> > // Conflicting request id.
> > - // _(0x00005382, NONE, 0); //
> > CDROMAUDIOBUFSIZ
> > - // _(0x00005382, WRITE, 2 * sizeof(int)); //
> > SCSI_IOCTL_GET_IDLUN
> > + // _(0x00005382, NONE, 0); //
> > CDROMAUDIOBUFSIZ
> > + // _(0x00005382, WRITE, 2 * sizeof(int)); //
> > SCSI_IOCTL_GET_IDLUN
> > _(0x00005383, NONE, 0); //
> > SCSI_IOCTL_TAGGED_ENABLE
> > _(0x00005384, NONE, 0); //
> > SCSI_IOCTL_TAGGED_DISABLE
> > _(0x00005385, READ, sizeof(int)); //
> > SCSI_IOCTL_PROBE_HOST
> >
> >
> > _______________________________________________
> > llvm-commits mailing list
> > llvm-commits at cs.uiuc.edu
> > http://lists.cs.uiuc.edu/mailman/listinfo/llvm-commits
> >
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.llvm.org/pipermail/llvm-commits/attachments/20130610/6e652c3c/attachment.html>
More information about the llvm-commits
mailing list