Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(55)

Side by Side Diff: syzygy/agent/asan/heap_managers/block_heap_manager.h

Issue 2383793003: [SyzyAsan] More careful handling when freeing corrupt blocks. (Closed)
Patch Set: Created 4 years, 2 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch
« no previous file with comments | « no previous file | syzygy/agent/asan/heap_managers/block_heap_manager.cc » ('j') | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 // Copyright 2014 Google Inc. All Rights Reserved. 1 // Copyright 2014 Google Inc. All Rights Reserved.
2 // 2 //
3 // Licensed under the Apache License, Version 2.0 (the "License"); 3 // Licensed under the Apache License, Version 2.0 (the "License");
4 // you may not use this file except in compliance with the License. 4 // you may not use this file except in compliance with the License.
5 // You may obtain a copy of the License at 5 // You may obtain a copy of the License at
6 // 6 //
7 // http://www.apache.org/licenses/LICENSE-2.0 7 // http://www.apache.org/licenses/LICENSE-2.0
8 // 8 //
9 // Unless required by applicable law or agreed to in writing, software 9 // Unless required by applicable law or agreed to in writing, software
10 // distributed under the License is distributed on an "AS IS" BASIS, 10 // distributed under the License is distributed on an "AS IS" BASIS,
(...skipping 276 matching lines...) Expand 10 before | Expand all | Expand 10 after
287 bool FreePristineBlock(BlockInfo* block_info); 287 bool FreePristineBlock(BlockInfo* block_info);
288 288
289 // Free an unguarded allocation. 289 // Free an unguarded allocation.
290 // @param heap_id A hint about the heap that might contain this allocation. 290 // @param heap_id A hint about the heap that might contain this allocation.
291 // @param alloc The allocation to be freed. 291 // @param alloc The allocation to be freed.
292 // @returns true if the allocation has been successfully freed, false 292 // @returns true if the allocation has been successfully freed, false
293 // otherwise. 293 // otherwise.
294 bool FreeUnguardedAlloc(HeapId heap_id, void* alloc); 294 bool FreeUnguardedAlloc(HeapId heap_id, void* alloc);
295 295
296 // Clears the metadata of a corrupt block. After calling this function the 296 // Clears the metadata of a corrupt block. After calling this function the
297 // block can safely be passed to FreeBlock. 297 // block can safely be passed to FreeBlock, but only if heap_id is non-zero.
298 // @param block_info The information about this block. 298 // @param block_info The information about this block.
299 void ClearCorruptBlockMetadata(BlockInfo* block_info); 299 void ClearCorruptBlockMetadata(BlockInfo* block_info);
300 300
301 // Reports a heap error via the heap error callback. This is for originating 301 // Reports a heap error via the heap error callback. This is for originating
302 // errors that are detected while performing operations on a heap metadata. 302 // errors that are detected while performing operations on a heap metadata.
303 // Read/write errors are detected outside of the manager, and query the heap 303 // Read/write errors are detected outside of the manager, and query the heap
304 // for information about the error itself. 304 // for information about the error itself.
305 // @param address The address that was being accessed/manipulating when the 305 // @param address The address that was being accessed/manipulating when the
306 // error was detected. 306 // error was detected.
307 // @param kind The type of error encountered. 307 // @param kind The type of error encountered.
(...skipping 47 matching lines...) Expand 10 before | Expand all | Expand 10 after
355 // also by tests to override the callback. 355 // also by tests to override the callback.
356 // @param deferred_free_callback The callback. 356 // @param deferred_free_callback The callback.
357 void EnableDeferredFreeThreadWithCallback( 357 void EnableDeferredFreeThreadWithCallback(
358 DeferredFreeThread::Callback deferred_free_callback); 358 DeferredFreeThread::Callback deferred_free_callback);
359 359
360 // Returns the ID of the deferred free thread. Must not be called if the 360 // Returns the ID of the deferred free thread. Must not be called if the
361 // thread is not running. 361 // thread is not running.
362 // @returns the thread ID. 362 // @returns the thread ID.
363 base::PlatformThreadId GetDeferredFreeThreadId(); 363 base::PlatformThreadId GetDeferredFreeThreadId();
364 364
365 // Helper function for finding the heap ID associated with a corrupt block.
366 // This is best effort, and can return 0 when no heap can be found with
367 // certainty.
368 HeapId GetCorruptBlockHeapId(const BlockInfo* block_info);
369
365 // The shadow memory that is notified by all activity in this heap manager. 370 // The shadow memory that is notified by all activity in this heap manager.
366 Shadow* shadow_; 371 Shadow* shadow_;
367 372
368 // The stack cache used to store the stack traces. 373 // The stack cache used to store the stack traces.
369 StackCaptureCache* stack_cache_; 374 StackCaptureCache* stack_cache_;
370 375
371 // The memory notifier to use. 376 // The memory notifier to use.
372 MemoryNotifierInterface* memory_notifier_; 377 MemoryNotifierInterface* memory_notifier_;
373 378
374 // Protects concurrent access to the heap manager internals. 379 // Protects concurrent access to the heap manager internals.
(...skipping 70 matching lines...) Expand 10 before | Expand all | Expand 10 after
445 std::unique_ptr<DeferredFreeThread> deferred_free_thread_; 450 std::unique_ptr<DeferredFreeThread> deferred_free_thread_;
446 451
447 DISALLOW_COPY_AND_ASSIGN(BlockHeapManager); 452 DISALLOW_COPY_AND_ASSIGN(BlockHeapManager);
448 }; 453 };
449 454
450 } // namespace heap_managers 455 } // namespace heap_managers
451 } // namespace asan 456 } // namespace asan
452 } // namespace agent 457 } // namespace agent
453 458
454 #endif // SYZYGY_AGENT_ASAN_HEAP_MANAGERS_BLOCK_HEAP_MANAGER_H_ 459 #endif // SYZYGY_AGENT_ASAN_HEAP_MANAGERS_BLOCK_HEAP_MANAGER_H_
OLDNEW
« no previous file with comments | « no previous file | syzygy/agent/asan/heap_managers/block_heap_manager.cc » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698