diff --git a/compiler-rt/lib/tsan/rtl/tsan_mman.cpp b/compiler-rt/lib/tsan/rtl/tsan_mman.cpp
--- a/compiler-rt/lib/tsan/rtl/tsan_mman.cpp
+++ b/compiler-rt/lib/tsan/rtl/tsan_mman.cpp
@@ -364,7 +364,7 @@
 }
 
 uptr user_alloc_usable_size(const void *p) {
-  if (p == 0)
+  if (p == 0 || !IsAppMem((uptr)p))
     return 0;
   MBlock *b = ctx->metamap.GetBlock((uptr)p);
   if (!b)
diff --git a/compiler-rt/test/tsan/Darwin/malloc_size.mm b/compiler-rt/test/tsan/Darwin/malloc_size.mm
--- a/compiler-rt/test/tsan/Darwin/malloc_size.mm
+++ b/compiler-rt/test/tsan/Darwin/malloc_size.mm
@@ -1,4 +1,5 @@
 // Test that malloc_zone_from_ptr returns a valid zone for a 0-sized allocation.
+// Test that malloc_size does not crash for an invalid pointer.
 
 // RUN: %clang_tsan %s -o %t -framework Foundation
 // RUN: %run %t 2>&1 | FileCheck %s
@@ -54,4 +55,13 @@
   // CHECK: size = 0x0
   describe_zone(p);
   // CHECK: zone = no zone
+
+  p = (void *)0x42;  // invalid pointer
+  s = malloc_size(p);
+  fprintf(stderr, "size = 0x%zx\n", s);
+  // CHECK: size = 0x0
+  describe_zone(p);
+  // CHECK: zone = no zone
+
+  return 0;
 }