[compiler-rt] [llvm] scudo: default enabled dealloc_type_mismatch on new platforms (PR #146739)

Justin King via llvm-commits llvm-commits at lists.llvm.org
Wed Jul 2 09:18:31 PDT 2025 

https://github.com/jcking updated https://github.com/llvm/llvm-project/pull/146739

>From 613e1459b95aba83ce3f0477fb2860af2a626a51 Mon Sep 17 00:00:00 2001
From: Justin King <jcking at google.com>
Date: Wed, 2 Jul 2025 09:11:50 -0700
Subject: [PATCH] scudo: default enabled dealloc_type_mismatch on new platforms

Signed-off-by: Justin King <jcking at google.com>
---
 compiler-rt/lib/scudo/standalone/flags.inc | 6 +++++-
 llvm/docs/ScudoHardenedAllocator.rst       | 5 ++++-
 2 files changed, 9 insertions(+), 2 deletions(-)

diff --git a/compiler-rt/lib/scudo/standalone/flags.inc b/compiler-rt/lib/scudo/standalone/flags.inc
index ff0c28e1db7c4..570c1defb23ea 100644
--- a/compiler-rt/lib/scudo/standalone/flags.inc
+++ b/compiler-rt/lib/scudo/standalone/flags.inc
@@ -24,7 +24,11 @@ SCUDO_FLAG(int, quarantine_max_chunk_size, 0,
            "Size (in bytes) up to which chunks will be quarantined (if lower "
            "than or equal to).")
 
-SCUDO_FLAG(bool, dealloc_type_mismatch, false,
+// Historically dealloc_type_mismatch was disabled by default. Mismatching is
+// undefined behavior and software that triggers it should feel bad. To stop the
+// bleeding, we default enable except on Android, Fuchsia, and Trusty.
+SCUDO_FLAG(bool, dealloc_type_mismatch,
+           !SCUDO_ANDROID && !SCUDO_FUCHSIA && !SCUDO_TRUSTY,
            "Terminate on a type mismatch in allocation-deallocation functions, "
            "eg: malloc/delete, new/free, new/delete[], etc.")
 
diff --git a/llvm/docs/ScudoHardenedAllocator.rst b/llvm/docs/ScudoHardenedAllocator.rst
index 328c883bbd5db..bca6f40c09b0f 100644
--- a/llvm/docs/ScudoHardenedAllocator.rst
+++ b/llvm/docs/ScudoHardenedAllocator.rst
@@ -231,8 +231,11 @@ The following "string" options are available:
 |                                 |                | *both* this and quarantine_size_kb to zero will |
 |                                 |                | disable the quarantine entirely.                |
 +---------------------------------+----------------+-------------------------------------------------+
-| dealloc_type_mismatch           | false          | Whether or not we report errors on              |
+| dealloc_type_mismatch           | *              | Whether or not we report errors on              |
 |                                 |                | malloc/delete, new/free, new/delete[], etc.     |
+|                                 |                |                                                 |
+|                                 |                | *: Current false on Android, Fuchsia, and       |
+|                                 |                |  Trusty. True on everything else.               |
 +---------------------------------+----------------+-------------------------------------------------+
 | delete_size_mismatch            | true           | Whether or not we report errors on mismatch     |
 |                                 |                | between sizes of new and delete.                |

More information about the llvm-commits mailing list