[PATCH] D15008: [sanitizer] Fix a crash in SizeClassAllocator32 with an out-of-range pointer
Kuba Brecka via llvm-commits
llvm-commits at lists.llvm.org
Mon Dec 7 03:28:54 PST 2015
kubabrecka added inline comments.
================
Comment at: lib/sanitizer_common/sanitizer_allocator.h:753
@@ +752,3 @@
+ uptr mem = reinterpret_cast<uptr>(p);
+ if (mem < kSpaceBeg || mem >= kSpaceBeg + kSpaceSize)
+ return false;
----------------
dvyukov wrote:
> The condition in GetSizeClass->ComputeRegionId is different. It effectively checks that mem < kSpaceSize.
> At least ComputeRegionId assumes that kSpaceBeg==0. We seem to be missing some tests.
> Kostya?
>
How should this be fixed? All uses of SizeClassAllocator32 currently use "0" as kSpaceBeg, so we could just assume that as a requirement.
http://reviews.llvm.org/D15008
More information about the llvm-commits
mailing list