[PATCH] D27083: [sanitizer] Handle malloc_destroy_zone() on Darwin
Kuba (Brecka) Mracek via llvm-commits
llvm-commits at lists.llvm.org
Wed Nov 23 17:41:18 PST 2016
kubabrecka created this revision.
kubabrecka added reviewers: filcab, zaks.anna, dvyukov, rnk, eugenis.
kubabrecka added a subscriber: llvm-commits.
kubabrecka set the repository for this revision to rL LLVM.
kubabrecka added a project: Sanitizers.
We currently have a interceptor for malloc_create_zone, which returns a new zone that redirects all the zone requests to our sanitizer zone. However, calling malloc_destroy_zone on that zone will cause libmalloc to print out some warning messages, because the zone is not registered in the list of zones. This patch handles this and adds a testcase for that.
Secondly, in certain OS versions, it was possible that libmalloc replaced the sanitizer zone from being the default zone (i.e. being in `malloc_zones[0]`). This patch also introduces a failsafe that makes sure we always stay the default zone. No testcase for this, because this doesn't reproduce under normal circumstances.
Repository:
rL LLVM
https://reviews.llvm.org/D27083
Files:
lib/sanitizer_common/sanitizer_malloc_mac.inc
test/asan/TestCases/Darwin/malloc_destroy_zone.cc
Index: test/asan/TestCases/Darwin/malloc_destroy_zone.cc
===================================================================
--- test/asan/TestCases/Darwin/malloc_destroy_zone.cc
+++ test/asan/TestCases/Darwin/malloc_destroy_zone.cc
@@ -0,0 +1,21 @@
+// RUN: %clangxx_asan %s -o %t && %run %t 2>&1 | FileCheck %s
+
+#include <malloc/malloc.h>
+#include <stdlib.h>
+#include <stdio.h>
+
+int main() {
+ fprintf(stderr, "start\n");
+ malloc_zone_t *zone = malloc_create_zone(0, 0);
+ fprintf(stderr, "zone = %p\n", zone);
+ malloc_set_zone_name(zone, "myzone");
+ fprintf(stderr, "name changed\n");
+ malloc_destroy_zone(zone);
+ fprintf(stderr, "done\n");
+ return 0;
+}
+
+// CHECK: start
+// CHECK-NEXT: zone = 0x{{.*}}
+// CHECK-NEXT: name changed
+// CHECK-NEXT: done
Index: lib/sanitizer_common/sanitizer_malloc_mac.inc
===================================================================
--- lib/sanitizer_common/sanitizer_malloc_mac.inc
+++ lib/sanitizer_common/sanitizer_malloc_mac.inc
@@ -46,9 +46,44 @@
// This matches the behavior of malloc_create_zone() on OSX 10.7 and higher.
mprotect(new_zone, allocated_size, PROT_READ);
}
+ // We're explicitly *NOT* registering the zone.
return new_zone;
}
+INTERCEPTOR(void, malloc_destroy_zone, malloc_zone_t *zone) {
+ COMMON_MALLOC_ENTER();
+ // We don't need to do anything here. We're not registering new zones, so we
+ // don't to unregister. Just un-mprotect and free() the zone.
+ if (GetMacosVersion() >= MACOS_VERSION_LION) {
+ uptr page_size = GetPageSizeCached();
+ uptr allocated_size = RoundUpTo(sizeof(sanitizer_zone), page_size);
+ mprotect(zone, allocated_size, PROT_READ | PROT_WRITE);
+ }
+ COMMON_MALLOC_FREE(zone);
+}
+
+extern unsigned malloc_num_zones;
+extern malloc_zone_t **malloc_zones;
+
+// If libmalloc tries to set up a different zone as malloc_zones[0], it will
+// call mprotect(malloc_zones, ..., PROT_READ). This interceptor will catch
+// that and make sure we are still the first (default) zone.
+INTERCEPTOR(int, mprotect, void *addr, size_t len, int prot) {
+ if (addr == malloc_zones && prot == PROT_READ) {
+ if (malloc_num_zones > 0 && malloc_zones[0] != &sanitizer_zone) {
+ for (unsigned i = 0; i < malloc_num_zones; i++) {
+ if (malloc_zones[i] == &sanitizer_zone) {
+ malloc_zone_t *tmp = malloc_zones[0];
+ malloc_zones[0] = malloc_zones[i];
+ malloc_zones[i] = tmp;
+ break;
+ }
+ }
+ }
+ }
+ return REAL(mprotect)(addr, len, prot);
+}
+
INTERCEPTOR(malloc_zone_t *, malloc_default_zone, void) {
COMMON_MALLOC_ENTER();
return &sanitizer_zone;
-------------- next part --------------
A non-text attachment was scrubbed...
Name: D27083.79179.patch
Type: text/x-patch
Size: 2663 bytes
Desc: not available
URL: <http://lists.llvm.org/pipermail/llvm-commits/attachments/20161124/21dbdefe/attachment.bin>
More information about the llvm-commits
mailing list