This is an archive of the discontinued LLVM Phabricator instance.

Differential D70552

[scudo][standalone] Fix for releaseToOS prior to init
ClosedPublic

Authored by cryptoad on Nov 21 2019, 10:59 AM.

Details

Reviewers
hctim
cferris
pcc
eugenis
Commits
rG15664fe2c48b: [scudo][standalone] Fix for releaseToOS prior to init
Summary

cferris@ found an issue where calling releaseToOS prior to any other
heap operation would lead to a crash, due to the allocator not being
properly initialized (it was discovered via mallopt).

The fix is to call initThreadMaybe prior to calling releaseToOS for
the Primary.

Add a test that crashes prior to fix.

Diff Detail

Event Timeline

cryptoad created this revision.Nov 21 2019, 10:59 AM
Herald added projects: Restricted Project, Restricted Project. · View Herald TranscriptNov 21 2019, 10:59 AM
Herald added a subscriber: Restricted Project. · View Herald Transcript
Harbormaster completed remote builds in B41321: Diff 230497.Nov 21 2019, 11:00 AM
hctim accepted this revision.Nov 25 2019, 8:26 AM
This revision is now accepted and ready to land.Nov 25 2019, 8:26 AM
Closed by commit rG15664fe2c48b: [scudo][standalone] Fix for releaseToOS prior to init (authored by cryptoad). · Explain WhyNov 25 2019, 8:43 AM
This revision was automatically updated to reflect the committed changes.
pcc mentioned this in D70760: scudo: Call setCurrentTSD(nullptr) when bringing down the TSD registry in tests..Nov 26 2019, 7:20 PM
pcc mentioned this in rGf30fe16d4902: scudo: Call setCurrentTSD(nullptr) when bringing down the TSD registry in tests..Nov 27 2019, 10:00 AM

Revision Contents

PathSize
compiler-rt/
lib/
scudo/
standalone/
5 lines
tests/
15 lines

Diff 230497

compiler-rt/lib/scudo/standalone/combined.h

Show First 20 LinesShow All 396 Lines▼ Show 20 Linespublic:
void printStats() { void printStats() {
ScopedString Str(1024); ScopedString Str(1024);
disable(); disable();
getStats(&Str); getStats(&Str);
enable(); enable();
Str.output(); Str.output();
} }
void releaseToOS() { Primary.releaseToOS(); } void releaseToOS() {
initThreadMaybe();
Primary.releaseToOS();
}
// Iterate over all chunks and call a callback for all busy chunks located // Iterate over all chunks and call a callback for all busy chunks located
// within the provided memory range. Said callback must not use this allocator // within the provided memory range. Said callback must not use this allocator
// or a deadlock can ensue. This fits Android's malloc_iterate() needs. // or a deadlock can ensue. This fits Android's malloc_iterate() needs.
void iterateOverChunks(uptr Base, uptr Size, iterate_callback Callback, void iterateOverChunks(uptr Base, uptr Size, iterate_callback Callback,
void *Arg) { void *Arg) {
initThreadMaybe(); initThreadMaybe();
const uptr From = Base; const uptr From = Base;
▲ Show 20 LinesShow All 191 LinesShow Last 20 Lines

compiler-rt/lib/scudo/standalone/tests/combined_test.cpp

Show First 20 LinesShow All 273 Lines▼ Show 20 LinesTEST(ScudoCombinedTest, DeathCombined) {
*H ^= 0x420000U; *H ^= 0x420000U;
// Invalid chunk state. // Invalid chunk state.
Allocator->deallocate(P, Origin, Size); Allocator->deallocate(P, Origin, Size);
EXPECT_DEATH(Allocator->deallocate(P, Origin, Size), ""); EXPECT_DEATH(Allocator->deallocate(P, Origin, Size), "");
EXPECT_DEATH(Allocator->reallocate(P, Size * 2U), ""); EXPECT_DEATH(Allocator->reallocate(P, Size * 2U), "");
EXPECT_DEATH(Allocator->getUsableSize(P), ""); EXPECT_DEATH(Allocator->getUsableSize(P), "");
} }
// Ensure that releaseToOS can be called prior to any other allocator
// operation without issue.
TEST(ScudoCombinedTest, ReleaseToOS) {
using AllocatorT = scudo::Allocator<DeathConfig>;
auto Deleter = [](AllocatorT *A) {
A->unmapTestOnly();
delete A;
};
std::unique_ptr<AllocatorT, decltype(Deleter)> Allocator(new AllocatorT,
Deleter);
Allocator->reset();
Allocator->releaseToOS();
}