diff options
| author | Dmitry Vyukov <dvyukov@google.com> | 2013-03-22 17:06:22 +0000 |
|---|---|---|
| committer | Dmitry Vyukov <dvyukov@google.com> | 2013-03-22 17:06:22 +0000 |
| commit | 9af68719ed44e34972b73d7ae1761faeb7ab30f5 (patch) | |
| tree | 19ebd8bd9a7231cbe9bf264bc7c9c117f24735cb | |
| parent | dd9276e464e4f15a0f46b46d3df182e9cf58e6d1 (diff) | |
| download | bcm5719-llvm-9af68719ed44e34972b73d7ae1761faeb7ab30f5.tar.gz bcm5719-llvm-9af68719ed44e34972b73d7ae1761faeb7ab30f5.zip | |
tsan: return 0 on malloc() failure instead of crashing
llvm-svn: 177741
| -rw-r--r-- | compiler-rt/lib/tsan/lit_tests/malloc_overflow.cc | 22 | ||||
| -rw-r--r-- | compiler-rt/lib/tsan/rtl/tsan_interceptors.cc | 3 | ||||
| -rw-r--r-- | compiler-rt/lib/tsan/rtl/tsan_mman.cc | 2 |
3 files changed, 26 insertions, 1 deletions
diff --git a/compiler-rt/lib/tsan/lit_tests/malloc_overflow.cc b/compiler-rt/lib/tsan/lit_tests/malloc_overflow.cc new file mode 100644 index 00000000000..19423c5f93f --- /dev/null +++ b/compiler-rt/lib/tsan/lit_tests/malloc_overflow.cc @@ -0,0 +1,22 @@ +// RUN: %clangxx_tsan -O1 %s -o %t && %t 2>&1 | FileCheck %s +#include <stdio.h> +#include <stdlib.h> + +int main() { + void *p = malloc((size_t)-1); + if (p != 0) + printf("FAIL malloc(-1) = %p\n", p); + p = malloc((size_t)-1 / 2); + if (p != 0) + printf("FAIL malloc(-1/2) = %p\n", p); + p = calloc((size_t)-1, (size_t)-1); + if (p != 0) + printf("FAIL calloc(-1, -1) = %p\n", p); + p = calloc((size_t)-1 / 2, (size_t)-1 / 2); + if (p != 0) + printf("FAIL calloc(-1/2, -1/2) = %p\n", p); + printf("OK\n"); +} + +// CHECK-NOT: FAIL +// CHECK-NOT: failed to allocate diff --git a/compiler-rt/lib/tsan/rtl/tsan_interceptors.cc b/compiler-rt/lib/tsan/rtl/tsan_interceptors.cc index 01848a41a9b..f32b666d514 100644 --- a/compiler-rt/lib/tsan/rtl/tsan_interceptors.cc +++ b/compiler-rt/lib/tsan/rtl/tsan_interceptors.cc @@ -356,7 +356,8 @@ TSAN_INTERCEPTOR(void*, calloc, uptr size, uptr n) { { SCOPED_INTERCEPTOR_RAW(calloc, size, n); p = user_alloc(thr, pc, n * size); - if (p) internal_memset(p, 0, n * size); + if (p) + internal_memset(p, 0, n * size); } invoke_malloc_hook(p, n * size); return p; diff --git a/compiler-rt/lib/tsan/rtl/tsan_mman.cc b/compiler-rt/lib/tsan/rtl/tsan_mman.cc index 35cf43d1934..76e406c65ee 100644 --- a/compiler-rt/lib/tsan/rtl/tsan_mman.cc +++ b/compiler-rt/lib/tsan/rtl/tsan_mman.cc @@ -101,6 +101,8 @@ static void SignalUnsafeCall(ThreadState *thr, uptr pc) { void *user_alloc(ThreadState *thr, uptr pc, uptr sz, uptr align) { CHECK_GT(thr->in_rtl, 0); + if ((sz >= (1ull << 40)) || (align >= (1ull << 40))) + return 0; void *p = allocator()->Allocate(&thr->alloc_cache, sz, align); if (p == 0) return 0; |
