-
Notifications
You must be signed in to change notification settings - Fork 12.5k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
[lsan] Fix free(NULL) interception during initialization #106912
Conversation
@llvm/pr-subscribers-compiler-rt-sanitizer Author: None (tmiasko) ChangesPreviously an attempt to free a null pointer during initialization would fail on ENSURE_LSAN_INITED assertion (since a null pointer is not owned by DlsymAlloc). Full diff: https://github.com/llvm/llvm-project/pull/106912.diff 1 Files Affected:
diff --git a/compiler-rt/lib/lsan/lsan_interceptors.cpp b/compiler-rt/lib/lsan/lsan_interceptors.cpp
index b569c337e97641..db27be7d06995f 100644
--- a/compiler-rt/lib/lsan/lsan_interceptors.cpp
+++ b/compiler-rt/lib/lsan/lsan_interceptors.cpp
@@ -77,6 +77,8 @@ INTERCEPTOR(void*, malloc, uptr size) {
}
INTERCEPTOR(void, free, void *p) {
+ if (!p)
+ return;
if (DlsymAlloc::PointerIsMine(p))
return DlsymAlloc::Free(p);
ENSURE_LSAN_INITED;
|
@@ -77,6 +77,8 @@ INTERCEPTOR(void*, malloc, uptr size) { | |||
} | |||
|
|||
INTERCEPTOR(void, free, void *p) { | |||
if (!p) |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
this will fix only lsan
to fix all, I propose to change
DlsymAlloc::PointerIsMine
to return true for NULL
and teach DlsymAlloc::Free
to handle it correctly
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Indeed there are a few more sanitizers that missed this special case.
I would suggest fixing those by considering NULL, since DlsymAlloc owning NULL would be counterproductive for realloc.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I see, you are correct.
Can you please include all other sanitizers here, also cfree, and please use UNLIKELY(!p)
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I updated the patch to include UNLIKELY in the condition.
For lsan cfree interceptor is aliased to free and doesn't need further changes.
I looked a little bit more at other sanitizers and I don't think they actually need any further changes. For those that don't immediately return for null, it is fine if execution just falls through to the main deallocation function, since null case is handled early on there.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Please rebase and include into the patch removal of XFAIL added in #108289
ab1444f
to
6bbc9f9
Compare
Almost all sanitizers already support the test. * Tsan does not use DlsymAlloc yet. * Lsan will support with #106912. memprof,rtsan,nsan are not tested as part of sanitizer_common, but we should keep them here to show up when it happen. --------- Co-authored-by: Xiaofeng Tian <110771974+txff99@users.noreply.github.com>
6bbc9f9
to
9d1db3d
Compare
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
With update test
Previously an attempt to free a null pointer during initialization would fail on ENSURE_LSAN_INITED assertion (since a null pointer is not owned by DlsymAlloc).
9d1db3d
to
d9157c5
Compare
Thanks. Can you merge this for me? |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Thanks!
Will do! |
Almost all sanitizers already support the test. * Tsan does not use DlsymAlloc yet. * Lsan will support with llvm#106912. memprof,rtsan,nsan are not tested as part of sanitizer_common, but we should keep them here to show up when it happen. --------- Co-authored-by: Xiaofeng Tian <110771974+txff99@users.noreply.github.com>
Previously an attempt to free a null pointer during initialization would fail on ENSURE_LSAN_INITED assertion (since a null pointer is not owned by DlsymAlloc).
this seems to have broken the test on mac: https://green.lab.llvm.org/job/llvm.org/job/clang-stage1-RA/2058/ |
With #106912, the test now fails on macos, e.g. https://green.lab.llvm.org/job/llvm.org/job/clang-stage1-RA/2058/.
/pull-request #121100 |
Almost all sanitizers already support the test. * Tsan does not use DlsymAlloc yet. * Lsan will support with llvm#106912. memprof,rtsan,nsan are not tested as part of sanitizer_common, but we should keep them here to show up when it happen. --------- Co-authored-by: Xiaofeng Tian <110771974+txff99@users.noreply.github.com> (cherry picked from commit 1797174)
Previously an attempt to free a null pointer during initialization would fail on ENSURE_LSAN_INITED assertion (since a null pointer is not owned by DlsymAlloc). (cherry picked from commit ae0ed3d)
…108439) With llvm#106912, the test now fails on macos, e.g. https://green.lab.llvm.org/job/llvm.org/job/clang-stage1-RA/2058/. (cherry picked from commit d9ed8b0)
Previously an attempt to free a null pointer during initialization would fail on ENSURE_LSAN_INITED assertion (since a null pointer is not owned by DlsymAlloc).