RGBCube/serenity
1
Fork 0
mirror of https://github.com/RGBCube/serenity synced 2025-07-26 19:27:45 +00:00
Code Issues Activity Actions

LibJS: Poison unused heap blocks until they are re-allocated

Browse source 
This is the coarsest grained ASAN instrumentation possible for the LibJS
heap. Future instrumentation could add red-zones to heap block
allocations, and poison the entire heap block and only un-poison used
cells at the CellAllocator level.
This commit is contained in:
Andrew Kaster 2021-05-27 17:52:18 -06:00 committed by Andreas Kling
parent 212365130d
commit 1ecf2dad4b
1 changed files with 8 additions and 0 deletions
Download patch file Download diff file Expand all files Collapse all files

8
Userland/Libraries/LibJS/Heap/BlockAllocator.cpp
View file

@ -4,6 +4,7 @@
* SPDX-License-Identifier: BSD-2-Clause * SPDX-License-Identifier: BSD-2-Clause
*/ */
#include <AK/Platform.h>
#include <AK/Vector.h> #include <AK/Vector.h>
#include <LibJS/Forward.h> #include <LibJS/Forward.h>
#include <LibJS/Heap/BlockAllocator.h> #include <LibJS/Heap/BlockAllocator.h>
@ -11,6 +12,10 @@
#include <stdlib.h> #include <stdlib.h>
#include <sys/mman.h> #include <sys/mman.h>
#ifdef HAS_ADDRESS_SANITIZER
# include <sanitizer/asan_interface.h>
#endif
namespace JS { namespace JS {
BlockAllocator::BlockAllocator() BlockAllocator::BlockAllocator()
@ -20,6 +25,7 @@ BlockAllocator::BlockAllocator()
BlockAllocator::~BlockAllocator() BlockAllocator::~BlockAllocator()
{ {
for (auto* block : m_blocks) { for (auto* block : m_blocks) {
ASAN_UNPOISON_MEMORY_REGION(block, HeapBlock::block_size);
#ifdef __serenity__ #ifdef __serenity__
if (munmap(block, HeapBlock::block_size) < 0) { if (munmap(block, HeapBlock::block_size) < 0) {
perror("munmap"); perror("munmap");
@ -35,6 +41,7 @@ void* BlockAllocator::allocate_block([[maybe_unused]] char const* name)
{ {
if (!m_blocks.is_empty()) { if (!m_blocks.is_empty()) {
auto* block = m_blocks.take_last(); auto* block = m_blocks.take_last();
ASAN_UNPOISON_MEMORY_REGION(block, HeapBlock::block_size);
#ifdef __serenity__ #ifdef __serenity__
if (set_mmap_name(block, HeapBlock::block_size, name) < 0) { if (set_mmap_name(block, HeapBlock::block_size, name) < 0) {
perror("set_mmap_name"); perror("set_mmap_name");
@ -69,6 +76,7 @@ void BlockAllocator::deallocate_block(void* block)
return; return;
} }
ASAN_POISON_MEMORY_REGION(block, HeapBlock::block_size);
m_blocks.append(block); m_blocks.append(block);
} }