Page MenuHomePhabricator

[asan] Check if the memory is readable before using the AsanChunk in free() and realloc()
AbandonedPublic

Authored by filcab on Feb 28 2016, 1:39 AM.

Details

Summary

This allows us to better diagnose free() and realloc() with a bad
pointer, instead of SIGSEGV.

Diff Detail

Event Timeline

filcab updated this revision to Diff 49313.Feb 28 2016, 1:39 AM
filcab retitled this revision from to [asan] Check if the memory is readable before using the AsanChunk in free() and realloc().
filcab updated this object.
filcab added reviewers: kcc, samsonov, earthdok.
filcab added a subscriber: llvm-commits.
samsonov edited edge metadata.Feb 29 2016, 10:45 AM

I'm somewhat worried about the performance implications of this. IsAccessibleMemoryRange is a syscall after all, not sure it would be nice to call it on every malloc/free. We do run non-trivial operations on these calls though, like collecting stack traces.

kcc edited edge metadata.Feb 29 2016, 10:49 AM

Thanks for doing this!
One comment for the test.

test/asan/TestCases/Posix/bad-free-no-segv.cc
15

I'd prefer the test to use a separate mprotec-ted chunk, not the shadow gap.

kcc added inline comments.Feb 29 2016, 10:53 AM
lib/asan/asan_allocator.cc
527

Oh, yes, I've totally missed this. For some reason I thought this is on the error-reporting path.
Thanks Alexey.
Yes, on the main path we can't do this.

filcab abandoned this revision.Mar 2 2016, 8:38 AM

That is totally true. I didn't think of the pipe()+write().
Thank you.