Add safety check on sdallocx slow / sampled path.

This commit is contained in:
Qi Wang 2020-01-30 14:35:54 -08:00 committed by Qi Wang
parent 88d9eca848
commit 974222c626
4 changed files with 19 additions and 5 deletions

View File

@ -1,6 +1,7 @@
#ifndef JEMALLOC_INTERNAL_SAFETY_CHECK_H
#define JEMALLOC_INTERNAL_SAFETY_CHECK_H
void safety_check_fail_sized_dealloc(bool current_dealloc);
void safety_check_fail(const char *format, ...);
/* Can set to NULL for a default. */
void safety_check_set_abort(void (*abort_fn)(const char *));

View File

@ -2632,7 +2632,11 @@ isfree(tsd_t *tsd, void *ptr, size_t usize, tcache_t *tcache, bool slow_path) {
rtree_szind_slab_read(tsd_tsdn(tsd), &extents_rtree,
rtree_ctx, (uintptr_t)ptr, true, &ctx->szind,
&ctx->slab);
assert(ctx->szind == sz_size2index(usize));
/* Small alloc may have !slab (sampled). */
bool sz_correct = (ctx->szind == sz_size2index(usize));
if (config_opt_safety_checks && !sz_correct) {
safety_check_fail_sized_dealloc(true);
}
} else {
ctx = NULL;
}

View File

@ -3,6 +3,18 @@
static void (*safety_check_abort)(const char *message);
void safety_check_fail_sized_dealloc(bool current_dealloc) {
assert(config_opt_safety_checks);
char *src = current_dealloc ? "the current pointer being freed" :
"in thread cache, possibly from previous deallocations";
safety_check_fail("<jemalloc>: size mismatch detected, likely caused by"
" application sized deallocation bugs (source: %s). Suggest building"
"with --enable-debug or address sanitizer for debugging. Abort.\n",
src);
abort();
}
void safety_check_set_abort(void (*abort_fn)(const char *)) {
safety_check_abort = abort_fn;
}

View File

@ -135,10 +135,7 @@ tbin_edatas_lookup_size_check(tsdn_t *tsdn, cache_bin_t *tbin, szind_t binind,
sz_sum -= szind;
}
if (sz_sum != 0) {
safety_check_fail("<jemalloc>: size mismatch in thread cache "
"detected, likely caused by sized deallocation bugs by "
"application. Abort.\n");
abort();
safety_check_fail_sized_dealloc(false);
}
}