[hwasan] do not check if freed pointer belonged to allocator.

In that case it is very likely that there will be a tag mismatch anyway. We handle the case that the pointer belongs to neither of the allocators by getting a nullptr from allocator.GetBlockBegin. Reviewed By: hctim, eugenis Differential Revision: https://reviews.llvm.org/D108383
2021-08-23 14:03:16 +01:00 · 2021-08-23 14:03:16 +01:00 · 023f18bbaf
parent 4b4bc1ea16
commit 023f18bbaf
4 changed files with 7 additions and 2 deletions
--- a/compiler-rt/lib/hwasan/hwasan_allocator.cpp
+++ b/compiler-rt/lib/hwasan/hwasan_allocator.cpp
@ -211,7 +211,7 @@ static bool PointerAndMemoryTagsMatch(void *tagged_ptr) {
 static bool CheckInvalidFree(StackTrace *stack, void *untagged_ptr,
                             void *tagged_ptr) {
  // This function can return true if halt_on_error is false.
-  if (!allocator.PointerIsMine(untagged_ptr) ||
+  if (!MemIsApp(reinterpret_cast<uptr>(untagged_ptr)) ||
      !PointerAndMemoryTagsMatch(tagged_ptr)) {
    ReportInvalidFree(stack, reinterpret_cast<uptr>(tagged_ptr));
    return true;
--- a/compiler-rt/lib/hwasan/hwasan_linux.cpp
+++ b/compiler-rt/lib/hwasan/hwasan_linux.cpp
@ -241,7 +241,8 @@ bool MemIsApp(uptr p) {
  CHECK(GetTagFromPointer(p) == 0);
 #  endif

-  return p >= kHighMemStart || (p >= kLowMemStart && p <= kLowMemEnd);
+  return (p >= kHighMemStart && p <= kHighMemEnd) ||
+         (p >= kLowMemStart && p <= kLowMemEnd);
 }

 void InstallAtExitHandler() { atexit(HwasanAtExit); }
--- a/compiler-rt/test/hwasan/TestCases/wild-free-realloc.c
+++ b/compiler-rt/test/hwasan/TestCases/wild-free-realloc.c
@ -1,8 +1,10 @@
 // RUN: %clang_hwasan %s -o %t && not %run %t 2>&1 | FileCheck %s

+#include <sanitizer/hwasan_interface.h>
 #include <stdlib.h>

 int main() {
+  __hwasan_enable_allocator_tagging();
  char *p = (char *)malloc(1);
  realloc(p + 0x10000000000, 2);
  // CHECK: ERROR: HWAddressSanitizer: invalid-free on address {{.*}} at pc {{[0x]+}}[[PC:.*]] on thread T{{[0-9]+}}
--- a/compiler-rt/test/hwasan/TestCases/wild-free.c
+++ b/compiler-rt/test/hwasan/TestCases/wild-free.c
@ -1,8 +1,10 @@
 // RUN: %clang_hwasan %s -o %t && not %run %t 2>&1 | FileCheck %s

+#include <sanitizer/hwasan_interface.h>
 #include <stdlib.h>

 int main() {
+  __hwasan_enable_allocator_tagging();
  char *p = (char *)malloc(1);
  free(p + 0x10000000000);
  // CHECK: ERROR: HWAddressSanitizer: invalid-free on address {{.*}} at pc {{[0x]+}}[[PC:.*]] on thread T{{[0-9]+}}