From patchwork Thu Mar 11 17:57:21 2021 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Szabolcs Nagy X-Patchwork-Id: 1451434 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Authentication-Results: ozlabs.org; spf=pass (sender SPF authorized) smtp.mailfrom=sourceware.org (client-ip=8.43.85.97; helo=sourceware.org; envelope-from=libc-alpha-bounces@sourceware.org; receiver=) Authentication-Results: ozlabs.org; dkim=pass (1024-bit key; secure) header.d=sourceware.org header.i=@sourceware.org header.a=rsa-sha256 header.s=default header.b=KdsleA44; dkim-atps=neutral Received: from sourceware.org (unknown [8.43.85.97]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (No client certificate requested) by ozlabs.org (Postfix) with ESMTPS id 4DxGrB25tSz9sVt for ; Fri, 12 Mar 2021 04:57:46 +1100 (AEDT) Received: from server2.sourceware.org (localhost [IPv6:::1]) by sourceware.org (Postfix) with ESMTP id DAFDA3897813; Thu, 11 Mar 2021 17:57:40 +0000 (GMT) DKIM-Filter: OpenDKIM Filter v2.11.0 sourceware.org DAFDA3897813 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=sourceware.org; s=default; t=1615485460; bh=Q5g9NZQSYNi4XgQgbJqe4aNOYNht5oFjs4J34rc9bjQ=; h=To:Subject:Date:In-Reply-To:References:List-Id:List-Unsubscribe: List-Archive:List-Post:List-Help:List-Subscribe:From:Reply-To: From; b=KdsleA44eulkS2NKiN8E39BybJ3I0q3tjF3uZgyuzOUqUwn41poOslYYvkcwqUwmP NG5jq8AUrXHWPb+Mv86luA0f5iTaUxNeUxPB4ETVRO4yFi7bFPSeqJFE4wBQMsUl74 1JUOA3kLqc3P3EwfpXbBbhxYwgPisB7/0j8RKsu8= X-Original-To: libc-alpha@sourceware.org Delivered-To: libc-alpha@sourceware.org Received: from EUR01-HE1-obe.outbound.protection.outlook.com (mail-eopbgr130070.outbound.protection.outlook.com [40.107.13.70]) by sourceware.org (Postfix) with ESMTPS id CC7703896828 for ; Thu, 11 Mar 2021 17:57:37 +0000 (GMT) DMARC-Filter: OpenDMARC Filter v1.3.2 sourceware.org CC7703896828 Received: from AS8PR04CA0154.eurprd04.prod.outlook.com (2603:10a6:20b:331::9) by AM0PR08MB5443.eurprd08.prod.outlook.com (2603:10a6:208:183::11) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.3912.17; Thu, 11 Mar 2021 17:57:36 +0000 Received: from AM5EUR03FT026.eop-EUR03.prod.protection.outlook.com (2603:10a6:20b:331:cafe::86) by AS8PR04CA0154.outlook.office365.com (2603:10a6:20b:331::9) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.3912.17 via Frontend Transport; Thu, 11 Mar 2021 17:57:36 +0000 X-MS-Exchange-Authentication-Results: spf=pass (sender IP is 63.35.35.123) smtp.mailfrom=arm.com; sourceware.org; dkim=pass (signature was verified) header.d=armh.onmicrosoft.com;sourceware.org; dmarc=pass action=none header.from=arm.com; Received-SPF: Pass (protection.outlook.com: domain of arm.com designates 63.35.35.123 as permitted sender) receiver=protection.outlook.com; client-ip=63.35.35.123; helo=64aa7808-outbound-1.mta.getcheckrecipient.com; Received: from 64aa7808-outbound-1.mta.getcheckrecipient.com (63.35.35.123) by AM5EUR03FT026.mail.protection.outlook.com (10.152.16.155) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.3933.31 via Frontend Transport; Thu, 11 Mar 2021 17:57:36 +0000 Received: ("Tessian outbound bbad306dbec1:v71"); Thu, 11 Mar 2021 17:57:35 +0000 X-CheckRecipientChecked: true X-CR-MTA-CID: 2393ee169c6addf5 X-CR-MTA-TID: 64aa7808 Received: from f80b3600c790.1 by 64aa7808-outbound-1.mta.getcheckrecipient.com id D035C840-A967-42BD-9388-FAADA97C6CEF.1; Thu, 11 Mar 2021 17:57:30 +0000 Received: from EUR02-VE1-obe.outbound.protection.outlook.com by 64aa7808-outbound-1.mta.getcheckrecipient.com with ESMTPS id f80b3600c790.1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384); Thu, 11 Mar 2021 17:57:29 +0000 ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=d3xtAt7iuxVW04GIzXITCYi8pMvV8o1QzZQdy4emVwAQH5DQpsWqcKGSxjK42nMqCAsNnM4uOymPxvTdiUu5uAVZGGjeLKupA7HZ9YIWSFHm5kMsX8Uzlhu650iTWvIX4QO8lAw1F3WTGbOGEyatLu5r02TixTdXCECGnbih1Kwev363LvR3lXflkK1tx9FvZmXcVkSjNY5MMEE3Htm7i/OdfjK2gq1rrt1/uyL393f6kRF3ptk5FexV9kWLMk8vB5r9z+8rGSb4pV4xET4zo5WBeaJR3V3+50srn6DiWkaf76DbSuRTDb8B8wozae6uMXcyGLuhb4/ebA8LhRY5qQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=Q5g9NZQSYNi4XgQgbJqe4aNOYNht5oFjs4J34rc9bjQ=; b=ifbSl+6fZQECocTnZllW6RrqWTCsTbmXk+IzX1u1Ocf4Oucv1NzYVK633arAndJ6Ea8FYdIvDDHI9jwJIIrIX5ySo7J0Tt4J5IOPRTUoEnnZL4rzYQCfQRsfrYuig0We2QT9+cSLzV8gS7sBlC8sVASXan1TvehOTw/SLIAUrjh8T8GHLtfd/ep3w3icz8pQRm3en1SAh05caMLprYXQKM6Q3NknozO+9zqYXGiOEQmx2ZcmSUniDYaCAewsQsx3VHSWueC3sTbpb27nTW7CLDcZ+bQ2Ah8iS54bnCGq+zMc3K/NBaGogBC6+r8ua6FaLqXCxzCE95oI74Nsg5FlvQ== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=arm.com; dmarc=pass action=none header.from=arm.com; dkim=pass header.d=arm.com; arc=none Authentication-Results-Original: sourceware.org; dkim=none (message not signed) header.d=none;sourceware.org; dmarc=none action=none header.from=arm.com; Received: from PA4PR08MB6320.eurprd08.prod.outlook.com (2603:10a6:102:e5::9) by PAXPR08MB6557.eurprd08.prod.outlook.com (2603:10a6:102:de::14) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.3912.17; Thu, 11 Mar 2021 17:57:28 +0000 Received: from PA4PR08MB6320.eurprd08.prod.outlook.com ([fe80::60f0:3773:69b8:e336]) by PA4PR08MB6320.eurprd08.prod.outlook.com ([fe80::60f0:3773:69b8:e336%2]) with mapi id 15.20.3912.031; Thu, 11 Mar 2021 17:57:27 +0000 To: libc-alpha@sourceware.org, DJ Delorie Subject: [PATCH v2 2/2] malloc: Fix a potential realloc issue with memory tagging Date: Thu, 11 Mar 2021 17:57:21 +0000 Message-Id: X-Mailer: git-send-email 2.17.1 In-Reply-To: References: X-Originating-IP: [217.140.106.49] X-ClientProxiedBy: LO2P265CA0361.GBRP265.PROD.OUTLOOK.COM (2603:10a6:600:a3::13) To PA4PR08MB6320.eurprd08.prod.outlook.com (2603:10a6:102:e5::9) MIME-Version: 1.0 X-MS-Exchange-MessageSentRepresentingType: 1 Received: from localhost.localdomain (217.140.106.49) by LO2P265CA0361.GBRP265.PROD.OUTLOOK.COM (2603:10a6:600:a3::13) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.3912.26 via Frontend Transport; Thu, 11 Mar 2021 17:57:27 +0000 X-MS-PublicTrafficType: Email X-MS-Office365-Filtering-HT: Tenant X-MS-Office365-Filtering-Correlation-Id: 36514a65-ccad-494f-062b-08d8e4b72733 X-MS-TrafficTypeDiagnostic: PAXPR08MB6557:|AM0PR08MB5443: X-Microsoft-Antispam-PRVS: x-checkrecipientrouted: true NoDisclaimer: true X-MS-Oob-TLC-OOBClassifiers: OLM:8882;OLM:8882; X-MS-Exchange-SenderADCheck: 1 X-Microsoft-Antispam-Untrusted: BCL:0; X-Microsoft-Antispam-Message-Info-Original: KbE6Pcx/c6BrfEtvQy3zAU2ugYLMx3UxJHxvs47q0mLIVkjRfY6IM8XxRvTdRDBTe1hnFB62Oif1+/rQRlQrp02xyQh4OSlpcuzIh0QrtALeky8WKM1IIsx1vhmYFxtvBwe9rkxHYGzT2TRhBFYF0MAwRFxErSA9ROqFWLNYM0phOciV99PIO9lakASRKOLDFfLeH3Y5uh8pXVYErdekcRTeD4zaZqga7M4ZznPJeCUVoJCkVdxrIObPqm4QvASNnP452dxvTCPtJk/lTiz5f0u2V4RxFZALI5R/o237atsmX5iWYvrVhHe/Ql60n6m8owApjRkVNS7959jiuaDycIGMV9qSAq0J86pBx5ezqcikHUc4HLI2iy1CPyA1XK/fVpUQsUlEo9V+4oGO+YO7nXT0t/g435z15hsEVC4Wiw3uDScfOKBIPjWsBFdziOgluXRIh0Ny7EaT73U5JL0miCnmI14Cit2KSyCfXTUwUBKgrMSFfZ5/0yG4zefSbXq8w4EQzjcuNdURX5/NwrhPjuoB62ZKZOB4+lOq0iNhv5vxxn5vyMr0UCjsaMRL9zV6HqVgqF9L1AiaTE2LisQ+Lw== X-Forefront-Antispam-Report-Untrusted: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:PA4PR08MB6320.eurprd08.prod.outlook.com; PTR:; CAT:NONE; SFS:(4636009)(136003)(396003)(376002)(346002)(39860400002)(366004)(36756003)(86362001)(69590400012)(66556008)(2616005)(186003)(956004)(6486002)(83380400001)(44832011)(16526019)(26005)(316002)(6916009)(6506007)(478600001)(52116002)(8936002)(8676002)(6512007)(66946007)(2906002)(66476007)(6666004)(5660300002); DIR:OUT; SFP:1101; X-MS-Exchange-AntiSpam-MessageData: beTfIT4z0blBda9qVZc1icJHkSk+qrVD+vIsGpWwm1Y1A0c78j/mOHfUFBrthjI/yMp67kGzJOKSk9Klq5BdxnpQsshD6K+f/xcLhNI7ynSWL3EJtCdXYDNv2GGE16yqPnzrspdGQrZJHmm/lUWLgboLVIdn+3cu7dPs32Oq21n+jXv6M6aGYH728I1l59d94JuWWdA3a6kzUmKCDK7wZdUo02eibvJ2dvOM7nNtE92a4oPNhDPNaw8B0rcy5YWjts6dydJ43umuBpIjrHqTUYUOhE96/fbzVH8w3FakzatVUGh1nWSvh4X2m4NZNp939zdd+fz0X4d498SopzVV4RHoetlDPfMGOhDAycFCe6iGAeWX4tLZ9LK7ZVkjK4576Iaqu1kIzkh7/vn4abJBNgVIUXicRbgagXuAaGysdVsf5U/5aRlXnTNpxlNjXwFCMxUo2SlP2yvNlBcIIpaXZq1OG9N5Cay+iIGkyrF1S1L9v00/gz6oBZbcTODiKov3+HXNZ+eeOFOuMFVNgJXfOwNFCbXwju9SVAo85NDd1lZ96RlzfNaqjlLjiZJU73J9X6OYqAWcLFUyw/wOKaxsxMd85s6Aj1ndFShVkBmNlmyrLBpkm3XcJhkBMdFJBy+NOurXulJz5GmagmnjFTIHTgZ/YhNz0Hb+IyDBwH8bjHHfvy0Dd85r5h0gjh1wXzf+FyjM2/ZrHYfz/F5SFaaeijaYiz2k3JcmfU4mOKAMZR4b03s/3z/8IE6dbXNQZEtOM03RB9NqWwVcA48tgdzjTIn93eyA2itVE/zz9TlHCU+LMfNFv+p2Q6GuYImXcpaZ0tNeu0hU4xXu7+KHM+d941HCY1Pmux4Z3h1XBZ3XrnC/rYfxW7hpBep/odsFnLCiN5rA3ntuO2nT9PqlubtzvOZA42iZeaU8OZ3GF5WrCQxPQLTkKyPIPAJRprGo5STwG83UOHX+vwaxApOufkiowmpymYR3etQXguj/ACsDDw0+m/bEKYTfTsiRG3bQcOM9OAXRezFOOOOtItLTrLti7EWiEDTuGlq0AFd/vAnDSiZ4SjMQGDZYeb486y9/iOxBeQKN2A2LFGrUClLD6ZPOv6KZCTG9t2jVohx3ky4EpkzNRJLScHzh4R86zz+eRYMs65oNRY/aSR3lo/Z/ScwXfBJH8I4xtepVMue/JeuE6Ex9deUxQbbh5eHxQgPyylnSYS5Lki/Y8KOzy5b5YNKolzOnze3rw0VBp/1o/o0n8MLmCYH6Ohuwi2p37OIvGGBakJBsHU0h6D21tOvyzneSLhcHUQKWC34jusGGl/zDka672iwWKxvl6SE36kjUgvey X-MS-Exchange-Transport-CrossTenantHeadersStamped: PAXPR08MB6557 Original-Authentication-Results: sourceware.org; dkim=none (message not signed) header.d=none; sourceware.org; dmarc=none action=none header.from=arm.com; X-EOPAttributedMessage: 0 X-MS-Exchange-Transport-CrossTenantHeadersStripped: AM5EUR03FT026.eop-EUR03.prod.protection.outlook.com X-MS-Office365-Filtering-Correlation-Id-Prvs: d2ef39c1-78c9-422f-50fc-08d8e4b72229 X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: XFG/qw549kNdfDZjl2Hnud+rVHw5pNRaeC+qAlGLNTQwDmhu67UBN/OCXgSWg7i1yrEEOsfrp5E9JkP7VK/6NUoJOcwXuMdgl1HLSTlS2XdYzl4bfbssxKLUSs2n+jz17lDfrVS2MOeQUiUD/ceqhJN0NuNaYybddzcji5gOLcQGYuGtjqawiRbm4SAauVu6XqNPt2Nhl8d9QCrorO7Y0VYn/Xn+k1IrxQgfGGw4SYsbD2+Bi4XhGpT4Pz+/FHNpdUbjEEdCgENdDppLNyz/fMltpCuVgN5iJYkb7Fv4MYFtoznODWTPt75l2/0LR+HFShkEz3lUWHSrq9gJe6Vpt4wvHCUAKKmncWGINRKlKTFCmDs5YpJj/t5kRcMutkDp02os+8iqMxob0YHJNW/fSDvswOaQeY3Y/N65PTSvZjvgvRdQk4MHlOlhvhIQYnCUuHd0haNA10Dk40O0IaJ2Gyc4/lFVNkzXv1HVx4H3HbayEVRdk/ML9PB7bK3iSdx1abG9C5tTQ2vTCWPpDCt5DwrK84hR61wUV0JbNABlOfwkUbws0m44eS4fGRRF9sABFLRi882UHG7ej0hDSMXuQoJ1U66bIJI+flV/nAP2i9cL2+rJwz8hbxLYwHm9gV+QLuu+50xQBBNNwrE53K1iZB8qq7F0WxSRdF+aJneMGpdxOEjZUd+WEcz1Fv5NMo20 X-Forefront-Antispam-Report: CIP:63.35.35.123; CTRY:IE; LANG:en; SCL:1; SRV:; IPV:CAL; SFV:NSPM; H:64aa7808-outbound-1.mta.getcheckrecipient.com; PTR:ec2-63-35-35-123.eu-west-1.compute.amazonaws.com; CAT:NONE; SFS:(4636009)(346002)(376002)(396003)(136003)(39860400002)(46966006)(36840700001)(6506007)(86362001)(356005)(2616005)(316002)(70206006)(956004)(47076005)(6666004)(36756003)(82310400003)(83380400001)(44832011)(26005)(6862004)(8936002)(69590400012)(82740400003)(16526019)(6486002)(186003)(36860700001)(70586007)(2906002)(336012)(5660300002)(8676002)(478600001)(81166007)(6512007); DIR:OUT; SFP:1101; X-OriginatorOrg: arm.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 11 Mar 2021 17:57:36.0169 (UTC) X-MS-Exchange-CrossTenant-Network-Message-Id: 36514a65-ccad-494f-062b-08d8e4b72733 X-MS-Exchange-CrossTenant-Id: f34e5979-57d9-4aaa-ad4d-b122a662184d X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=f34e5979-57d9-4aaa-ad4d-b122a662184d; Ip=[63.35.35.123]; Helo=[64aa7808-outbound-1.mta.getcheckrecipient.com] X-MS-Exchange-CrossTenant-AuthSource: AM5EUR03FT026.eop-EUR03.prod.protection.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Anonymous X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem X-MS-Exchange-Transport-CrossTenantHeadersStamped: AM0PR08MB5443 X-Spam-Status: No, score=-14.2 required=5.0 tests=BAYES_00, DKIM_SIGNED, DKIM_VALID, GIT_PATCH_0, MSGID_FROM_MTA_HEADER, RCVD_IN_DNSWL_LOW, RCVD_IN_MSPIKE_H2, SPF_HELO_PASS, SPF_PASS, TXREP, UNPARSEABLE_RELAY autolearn=ham autolearn_force=no version=3.4.2 X-Spam-Checker-Version: SpamAssassin 3.4.2 (2018-09-13) on server2.sourceware.org X-BeenThere: libc-alpha@sourceware.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: Libc-alpha mailing list List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-Patchwork-Original-From: Szabolcs Nagy via Libc-alpha From: Szabolcs Nagy Reply-To: Szabolcs Nagy Errors-To: libc-alpha-bounces@sourceware.org Sender: "Libc-alpha" At an _int_free call site in realloc the wrong size was used for tag clearing: the chunk header of the next chunk was also cleared which in practice may work, but logically wrong. The tag clearing is moved before the memcpy to save a tag computation, this avoids a chunk2mem. Another chunk2mem is removed because newmem does not have to be recomputed. Whitespaces got fixed too. --- malloc/malloc.c | 14 +++++++------- 1 file changed, 7 insertions(+), 7 deletions(-) diff --git a/malloc/malloc.c b/malloc/malloc.c index 8f8f12c276..51cec67e55 100644 --- a/malloc/malloc.c +++ b/malloc/malloc.c @@ -4851,14 +4851,14 @@ _int_realloc(mstate av, mchunkptr oldp, INTERNAL_SIZE_T oldsize, } else { - void *oldmem = chunk2mem (oldp); + void *oldmem = chunk2rawmem (oldp); + size_t sz = CHUNK_AVAILABLE_SIZE (oldp) - CHUNK_HDR_SZ; + (void) TAG_REGION (oldmem, sz); newmem = TAG_NEW_USABLE (newmem); - memcpy (newmem, oldmem, - CHUNK_AVAILABLE_SIZE (oldp) - CHUNK_HDR_SZ); - (void) TAG_REGION (chunk2rawmem (oldp), oldsize); - _int_free (av, oldp, 1); - check_inuse_chunk (av, newp); - return chunk2mem (newp); + memcpy (newmem, oldmem, sz); + _int_free (av, oldp, 1); + check_inuse_chunk (av, newp); + return newmem; } } }