[scudo] Apply filling when realloc shrinks and re-grows a block in-place (#93212)

fabio-d · web-flow · commit 760d880ea602 · 2024-06-10T10:39:17.000+02:00
diff --git a/compiler-rt/lib/scudo/standalone/combined.h b/compiler-rt/lib/scudo/standalone/combined.h
@@ -565,6 +565,20 @@ class Allocator {
             storeSecondaryAllocationStackMaybe(Options, OldPtr, NewSize);
           }
         }
+
+        // If we have reduced the size, set the extra bytes to the fill value
+        // so that we are ready to grow it again in the future.
+        if (NewSize < OldSize) {
+          const FillContentsMode FillContents =
+              TSDRegistry.getDisableMemInit() ? NoFill
+                                              : Options.getFillContentsMode();
+          if (FillContents != NoFill) {
+            memset(reinterpret_cast<char *>(OldTaggedPtr) + NewSize,
+                   FillContents == ZeroFill ? 0 : PatternFillByte,
+                   OldSize - NewSize);
+          }
+        }
+
         return OldTaggedPtr;
       }
     }
diff --git a/compiler-rt/lib/scudo/standalone/tests/combined_test.cpp b/compiler-rt/lib/scudo/standalone/tests/combined_test.cpp
@@ -447,19 +447,32 @@ SCUDO_TYPED_TEST(ScudoCombinedDeathTest, ReallocateSame) {
   // returns the same chunk. This requires that all the sizes we iterate on use
   // the same block size, but that should be the case for MaxSize - 64 with our
   // default class size maps.
-  constexpr scudo::uptr ReallocSize =
+  constexpr scudo::uptr InitialSize =
       TypeParam::Primary::SizeClassMap::MaxSize - 64;
-  void *P = Allocator->allocate(ReallocSize, Origin);
   const char Marker = 'A';
-  memset(P, Marker, ReallocSize);
+  Allocator->setFillContents(scudo::PatternOrZeroFill);
+
+  void *P = Allocator->allocate(InitialSize, Origin);
+  scudo::uptr CurrentSize = InitialSize;
   for (scudo::sptr Delta = -32; Delta < 32; Delta += 8) {
+    memset(P, Marker, CurrentSize);
     const scudo::uptr NewSize =
-        static_cast<scudo::uptr>(static_cast<scudo::sptr>(ReallocSize) + Delta);
+        static_cast<scudo::uptr>(static_cast<scudo::sptr>(InitialSize) + Delta);
     void *NewP = Allocator->reallocate(P, NewSize);
     EXPECT_EQ(NewP, P);
-    for (scudo::uptr I = 0; I < ReallocSize - 32; I++)
+
+    // Verify that existing contents have been preserved.
+    for (scudo::uptr I = 0; I < scudo::Min(CurrentSize, NewSize); I++)
       EXPECT_EQ((reinterpret_cast<char *>(NewP))[I], Marker);
+
+    // Verify that new bytes are set according to FillContentsMode.
+    for (scudo::uptr I = CurrentSize; I < NewSize; I++) {
+      EXPECT_EQ((reinterpret_cast<unsigned char *>(NewP))[I],
+                scudo::PatternFillByte);
+    }
+
     checkMemoryTaggingMaybe(Allocator, NewP, NewSize, 0);
+    CurrentSize = NewSize;
   }
   Allocator->deallocate(P, Origin);
 }

Original file line number	Diff line number	Diff line change
`@@ -565,6 +565,20 @@ class Allocator {`
`565`	`565`	`storeSecondaryAllocationStackMaybe(Options, OldPtr, NewSize);`
`566`	`566`	`}`
`567`	`567`	`}`
	`568`	`+`
	`569`	`+ // If we have reduced the size, set the extra bytes to the fill value`
	`570`	`+ // so that we are ready to grow it again in the future.`
	`571`	`+ if (NewSize < OldSize) {`
	`572`	`+ const FillContentsMode FillContents =`
	`573`	`+ TSDRegistry.getDisableMemInit() ? NoFill`
	`574`	`+ : Options.getFillContentsMode();`
	`575`	`+ if (FillContents != NoFill) {`
	`576`	`+ memset(reinterpret_cast<char *>(OldTaggedPtr) + NewSize,`
	`577`	`+ FillContents == ZeroFill ? 0 : PatternFillByte,`
	`578`	`+ OldSize - NewSize);`
	`579`	`+ }`
	`580`	`+ }`
	`581`	`+`
`568`	`582`	`return OldTaggedPtr;`
`569`	`583`	`}`
`570`	`584`	`}`