[compiler-rt] e5a28e1 - scudo: Fix quarantine allocation when MTE enabled.
Peter Collingbourne via llvm-commits
llvm-commits at lists.llvm.org
Wed Dec 9 11:49:08 PST 2020
Author: Peter Collingbourne
Date: 2020-12-09T11:48:41-08:00
New Revision: e5a28e1261a0c42821cb3bd4dc40092c458fadfb
URL: https://github.com/llvm/llvm-project/commit/e5a28e1261a0c42821cb3bd4dc40092c458fadfb
DIFF: https://github.com/llvm/llvm-project/commit/e5a28e1261a0c42821cb3bd4dc40092c458fadfb.diff
LOG: scudo: Fix quarantine allocation when MTE enabled.
Quarantines have always been broken when MTE is enabled because the
quarantine batch allocator fails to reset tags that may have been
left behind by a user allocation.
This was only noticed when running the Scudo unit tests with Scudo
as the system allocator because quarantines are turned off by
default on Android and the test binary turns them on by defining
__scudo_default_options, which affects the system allocator as well.
Differential Revision: https://reviews.llvm.org/D92881
Added:
Modified:
compiler-rt/lib/scudo/standalone/combined.h
Removed:
################################################################################
diff --git a/compiler-rt/lib/scudo/standalone/combined.h b/compiler-rt/lib/scudo/standalone/combined.h
index 2a891e44579a..95988443d5b3 100644
--- a/compiler-rt/lib/scudo/standalone/combined.h
+++ b/compiler-rt/lib/scudo/standalone/combined.h
@@ -98,6 +98,12 @@ class Allocator {
Header.State = Chunk::State::Allocated;
Chunk::storeHeader(Allocator.Cookie, Ptr, &Header);
+ // Reset tag to 0 as this chunk may have been previously used for a tagged
+ // user allocation.
+ if (UNLIKELY(Allocator.useMemoryTagging()))
+ storeTags(reinterpret_cast<uptr>(Ptr),
+ reinterpret_cast<uptr>(Ptr) + sizeof(QuarantineBatch));
+
return Ptr;
}
More information about the llvm-commits
mailing list