[compiler-rt] 023f18b - [hwasan] do not check if freed pointer belonged to allocator.

Florian Mayer via llvm-commits llvm-commits at lists.llvm.org
Wed Aug 25 01:31:42 PDT 2021 

Author: Florian Mayer
Date: 2021-08-25T09:31:01+01:00
New Revision: 023f18bbaf67ee7255309fac102ec6e2dc876961

URL: https://github.com/llvm/llvm-project/commit/023f18bbaf67ee7255309fac102ec6e2dc876961
DIFF: https://github.com/llvm/llvm-project/commit/023f18bbaf67ee7255309fac102ec6e2dc876961.diff

LOG: [hwasan] do not check if freed pointer belonged to allocator.

In that case it is very likely that there will be a tag mismatch anyway.

We handle the case that the pointer belongs to neither of the allocators
by getting a nullptr from allocator.GetBlockBegin.

Reviewed By: hctim, eugenis

Differential Revision: https://reviews.llvm.org/D108383

Added: 
    

Modified: 
    compiler-rt/lib/hwasan/hwasan_allocator.cpp
    compiler-rt/lib/hwasan/hwasan_linux.cpp
    compiler-rt/test/hwasan/TestCases/wild-free-realloc.c
    compiler-rt/test/hwasan/TestCases/wild-free.c

Removed: 
    


################################################################################
diff  --git a/compiler-rt/lib/hwasan/hwasan_allocator.cpp b/compiler-rt/lib/hwasan/hwasan_allocator.cpp
index 78f66d6c8c394..9e1729964e277 100644
--- a/compiler-rt/lib/hwasan/hwasan_allocator.cpp
+++ b/compiler-rt/lib/hwasan/hwasan_allocator.cpp
@@ -211,7 +211,7 @@ static bool PointerAndMemoryTagsMatch(void *tagged_ptr) {
 static bool CheckInvalidFree(StackTrace *stack, void *untagged_ptr,
                              void *tagged_ptr) {
   // This function can return true if halt_on_error is false.
-  if (!allocator.PointerIsMine(untagged_ptr) ||
+  if (!MemIsApp(reinterpret_cast<uptr>(untagged_ptr)) ||
       !PointerAndMemoryTagsMatch(tagged_ptr)) {
     ReportInvalidFree(stack, reinterpret_cast<uptr>(tagged_ptr));
     return true;

diff  --git a/compiler-rt/lib/hwasan/hwasan_linux.cpp b/compiler-rt/lib/hwasan/hwasan_linux.cpp
index 1319db6e2d1b0..a86ec28507f30 100644
--- a/compiler-rt/lib/hwasan/hwasan_linux.cpp
+++ b/compiler-rt/lib/hwasan/hwasan_linux.cpp
@@ -241,7 +241,8 @@ bool MemIsApp(uptr p) {
   CHECK(GetTagFromPointer(p) == 0);
 #  endif
 
-  return p >= kHighMemStart || (p >= kLowMemStart && p <= kLowMemEnd);
+  return (p >= kHighMemStart && p <= kHighMemEnd) ||
+         (p >= kLowMemStart && p <= kLowMemEnd);
 }
 
 void InstallAtExitHandler() { atexit(HwasanAtExit); }

diff  --git a/compiler-rt/test/hwasan/TestCases/wild-free-realloc.c b/compiler-rt/test/hwasan/TestCases/wild-free-realloc.c
index 1bbbb73add5c4..19d2943e4c51c 100644
--- a/compiler-rt/test/hwasan/TestCases/wild-free-realloc.c
+++ b/compiler-rt/test/hwasan/TestCases/wild-free-realloc.c
@@ -1,8 +1,10 @@
 // RUN: %clang_hwasan %s -o %t && not %run %t 2>&1 | FileCheck %s
 
+#include <sanitizer/hwasan_interface.h>
 #include <stdlib.h>
 
 int main() {
+  __hwasan_enable_allocator_tagging();
   char *p = (char *)malloc(1);
   realloc(p + 0x10000000000, 2);
   // CHECK: ERROR: HWAddressSanitizer: invalid-free on address {{.*}} at pc {{[0x]+}}[[PC:.*]] on thread T{{[0-9]+}}

diff  --git a/compiler-rt/test/hwasan/TestCases/wild-free.c b/compiler-rt/test/hwasan/TestCases/wild-free.c
index 523d915b2ec86..a38822c2f8609 100644
--- a/compiler-rt/test/hwasan/TestCases/wild-free.c
+++ b/compiler-rt/test/hwasan/TestCases/wild-free.c
@@ -1,8 +1,10 @@
 // RUN: %clang_hwasan %s -o %t && not %run %t 2>&1 | FileCheck %s
 
+#include <sanitizer/hwasan_interface.h>
 #include <stdlib.h>
 
 int main() {
+  __hwasan_enable_allocator_tagging();
   char *p = (char *)malloc(1);
   free(p + 0x10000000000);
   // CHECK: ERROR: HWAddressSanitizer: invalid-free on address {{.*}} at pc {{[0x]+}}[[PC:.*]] on thread T{{[0-9]+}}

More information about the llvm-commits mailing list