[TSan][Darwin] Make malloc_size interceptor more robust

Previously we would crash in the TSan runtime if the user program passes a pointer to `malloc_size()` that doesn't point into app memory. In these cases, `malloc_size()` should return 0. For ASan, we fixed a similar issue here: https://reviews.llvm.org/D15008 Radar-Id: rdar://problem/86213149 Differential Revision: https://reviews.llvm.org/D115947
llvm · Dec 17, 2021 · 4399f3b · 4399f3b
1 parent 96aa1e7
commit 4399f3b
Show file tree

Hide file tree

Showing 2 changed files with 11 additions and 1 deletion.
diff --git a/compiler-rt/lib/tsan/rtl/tsan_mman.cpp b/compiler-rt/lib/tsan/rtl/tsan_mman.cpp
@@ -364,7 +364,7 @@ void *user_pvalloc(ThreadState *thr, uptr pc, uptr sz) {
 }
 
 uptr user_alloc_usable_size(const void *p) {
-  if (p == 0)
+  if (p == 0 || !IsAppMem((uptr)p))
     return 0;
   MBlock *b = ctx->metamap.GetBlock((uptr)p);
   if (!b)

diff --git a/compiler-rt/test/tsan/Darwin/malloc_size.mm b/compiler-rt/test/tsan/Darwin/malloc_size.mm
@@ -1,4 +1,5 @@
 // Test that malloc_zone_from_ptr returns a valid zone for a 0-sized allocation.
+// Test that malloc_size does not crash for an invalid pointer.
 
 // RUN: %clang_tsan %s -o %t -framework Foundation
 // RUN: %run %t 2>&1 | FileCheck %s
@@ -54,4 +55,13 @@ int main() {
   // CHECK: size = 0x0
   describe_zone(p);
   // CHECK: zone = no zone
+
+  p = (void *)0x42;  // invalid pointer
+  s = malloc_size(p);
+  fprintf(stderr, "size = 0x%zx\n", s);
+  // CHECK: size = 0x0
+  describe_zone(p);
+  // CHECK: zone = no zone
+
+  return 0;
 }