This is an archive of the discontinued LLVM Phabricator instance.

[asan] Correctly release memory allocated during early startup.
ClosedPublic

Authored by ygribov on Nov 25 2015, 2:55 AM.

Details

Summary

Inspired by https://github.com/google/sanitizers/issues/626

Calloc interceptor initially allocates memory from temp buffer (to serve dlsyms called during asan_init). There is a chance that some non-instrumented library (or executable) has allocated memory with calloc before asan_init and got pointer from the same temporary buffer which later caused problems with free.

Diff Detail

Repository
rL LLVM

Event Timeline

ygribov updated this revision to Diff 41121.Nov 25 2015, 2:55 AM
ygribov retitled this revision from to [asan] Correctly release memory allocated during early startup..
ygribov updated this object.
ygribov added reviewers: kcc, samsonov.
ygribov set the repository for this revision to rL LLVM.
ygribov added subscribers: eugenis, dvyukov, llvm-commits.
ygribov updated this revision to Diff 41122.Nov 25 2015, 2:57 AM
ygribov removed rL LLVM as the repository for this revision.

Added UNLIKELY hints.

samsonov added inline comments.Nov 25 2015, 11:25 AM
lib/asan/asan_malloc_linux.cc
33 ↗(On Diff #41122)

Wait, why is it not ptr - calloc_memory_for_dlsym?

74 ↗(On Diff #41122)

It's not that hard to keep sizes of the allocations from calloc_memory_for_dlsym. E.g. when you return &calloc_memory_for_dlsym[allocated] you can store size_in_words in calloc_memory_for_dlsym_sizes[allocated].

test/asan/TestCases/Linux/calloc-preload.c
10 ↗(On Diff #41122)

UNSUPPORTED: android
?

ygribov updated this revision to Diff 41210.Nov 25 2015, 11:09 PM

Fixed Alexey's remarks.

ygribov added inline comments.Nov 25 2015, 11:13 PM
lib/asan/asan_malloc_linux.cc
33 ↗(On Diff #41210)

Right, shame on me. This worked because ptr was equal to calloc_memory_for_dlsym.

74 ↗(On Diff #41210)

Sure, but is it worth it? We do not expect pool pointers to sneak into normal allocator very often.

test/asan/TestCases/Linux/calloc-preload.c
11 ↗(On Diff #41210)

That's Evgeniy's code, also used in other tests. Perhaps fix this in separate commit?

ygribov marked 4 inline comments as done.Nov 25 2015, 11:13 PM
eugenis added inline comments.Nov 30 2015, 11:18 AM
test/asan/TestCases/Linux/calloc-preload.c
11 ↗(On Diff #41210)

Yes, this should be replaced with UNSUPPORTED. Other occurrencies could be fixed in a separate commit, but there no reason to use not-android in newly added tests.

samsonov accepted this revision.Nov 30 2015, 11:37 AM
samsonov edited edge metadata.

Looks OK, but please fix the bug pointed out below.

lib/asan/asan_malloc_linux.cc
73 ↗(On Diff #41210)

ptr - calloc_memory_for_dlsym here as well

74 ↗(On Diff #41210)

Okay

This revision is now accepted and ready to land.Nov 30 2015, 11:37 AM
This revision was automatically updated to reflect the committed changes.
ygribov marked 3 inline comments as done.Dec 1 2015, 1:26 AM
ygribov added inline comments.
lib/asan/asan_malloc_linux.cc
73 ↗(On Diff #41210)

Done.