asan_malloc_mac.cc revision cb8c4dce691097718d5af41b36899b72ef4b1d84
1e5f5895bda30f374b0b51412fd4d837fa59aed66Alexey Samsonov//===-- asan_rtl.cc -------------------------------------------------------===// 21e172b4bdec57329bf904f063a29f99cddf2d85fKostya Serebryany// 31e172b4bdec57329bf904f063a29f99cddf2d85fKostya Serebryany// The LLVM Compiler Infrastructure 41e172b4bdec57329bf904f063a29f99cddf2d85fKostya Serebryany// 51e172b4bdec57329bf904f063a29f99cddf2d85fKostya Serebryany// This file is distributed under the University of Illinois Open Source 61e172b4bdec57329bf904f063a29f99cddf2d85fKostya Serebryany// License. See LICENSE.TXT for details. 71e172b4bdec57329bf904f063a29f99cddf2d85fKostya Serebryany// 81e172b4bdec57329bf904f063a29f99cddf2d85fKostya Serebryany//===----------------------------------------------------------------------===// 91e172b4bdec57329bf904f063a29f99cddf2d85fKostya Serebryany// 101e172b4bdec57329bf904f063a29f99cddf2d85fKostya Serebryany// This file is a part of AddressSanitizer, an address sanity checker. 111e172b4bdec57329bf904f063a29f99cddf2d85fKostya Serebryany// 121e172b4bdec57329bf904f063a29f99cddf2d85fKostya Serebryany// Mac-specific malloc interception. 131e172b4bdec57329bf904f063a29f99cddf2d85fKostya Serebryany//===----------------------------------------------------------------------===// 141e172b4bdec57329bf904f063a29f99cddf2d85fKostya Serebryany 15d6567c5166412f6acdde851e767c26f332d51d3dKostya Serebryany#ifdef __APPLE__ 16d6567c5166412f6acdde851e767c26f332d51d3dKostya Serebryany 171e172b4bdec57329bf904f063a29f99cddf2d85fKostya Serebryany#include <AvailabilityMacros.h> 181e172b4bdec57329bf904f063a29f99cddf2d85fKostya Serebryany#include <CoreFoundation/CFBase.h> 19d079db6dfbf3b0ec5fa1cc8d093e0dae6f970bf8Alexander Potapenko#include <dlfcn.h> 201e172b4bdec57329bf904f063a29f99cddf2d85fKostya Serebryany#include <malloc/malloc.h> 211e172b4bdec57329bf904f063a29f99cddf2d85fKostya Serebryany#include <setjmp.h> 221e172b4bdec57329bf904f063a29f99cddf2d85fKostya Serebryany 231e172b4bdec57329bf904f063a29f99cddf2d85fKostya Serebryany#include "asan_allocator.h" 241e172b4bdec57329bf904f063a29f99cddf2d85fKostya Serebryany#include "asan_interceptors.h" 251e172b4bdec57329bf904f063a29f99cddf2d85fKostya Serebryany#include "asan_internal.h" 26d079db6dfbf3b0ec5fa1cc8d093e0dae6f970bf8Alexander Potapenko#include "asan_mac.h" 271e172b4bdec57329bf904f063a29f99cddf2d85fKostya Serebryany#include "asan_stack.h" 281e172b4bdec57329bf904f063a29f99cddf2d85fKostya Serebryany 291e172b4bdec57329bf904f063a29f99cddf2d85fKostya Serebryany// Similar code is used in Google Perftools, 301e172b4bdec57329bf904f063a29f99cddf2d85fKostya Serebryany// http://code.google.com/p/google-perftools. 311e172b4bdec57329bf904f063a29f99cddf2d85fKostya Serebryany 321e172b4bdec57329bf904f063a29f99cddf2d85fKostya Serebryany// ---------------------- Replacement functions ---------------- {{{1 331e172b4bdec57329bf904f063a29f99cddf2d85fKostya Serebryanyusing namespace __asan; // NOLINT 341e172b4bdec57329bf904f063a29f99cddf2d85fKostya Serebryany 35e205a9daec9ec4afed956cf5455889725b9192fbAlexander Potapenko// TODO(glider): do we need both zones? 36e205a9daec9ec4afed956cf5455889725b9192fbAlexander Potapenkostatic malloc_zone_t *system_malloc_zone = 0; 37e205a9daec9ec4afed956cf5455889725b9192fbAlexander Potapenkostatic malloc_zone_t *system_purgeable_zone = 0; 3823a3b760646aab699d29896d4feaf2fc84ec3955Alexander Potapenkostatic malloc_zone_t asan_zone; 39e205a9daec9ec4afed956cf5455889725b9192fbAlexander PotapenkoCFAllocatorRef cf_asan = 0; 40e205a9daec9ec4afed956cf5455889725b9192fbAlexander Potapenko 411e172b4bdec57329bf904f063a29f99cddf2d85fKostya Serebryany// The free() implementation provided by OS X calls malloc_zone_from_ptr() 423f4c3875c42078e22c7e5356c5746fd18756d958Kostya Serebryany// to find the owner of |ptr|. If the result is 0, an invalid free() is 431e172b4bdec57329bf904f063a29f99cddf2d85fKostya Serebryany// reported. Our implementation falls back to asan_free() in this case 441e172b4bdec57329bf904f063a29f99cddf2d85fKostya Serebryany// in order to print an ASan-style report. 45e205a9daec9ec4afed956cf5455889725b9192fbAlexander Potapenko// 46e205a9daec9ec4afed956cf5455889725b9192fbAlexander Potapenko// For the objects created by _CFRuntimeCreateInstance a CFAllocatorRef is 47e205a9daec9ec4afed956cf5455889725b9192fbAlexander Potapenko// placed at the beginning of the allocated chunk and the pointer returned by 48e205a9daec9ec4afed956cf5455889725b9192fbAlexander Potapenko// our allocator is off by sizeof(CFAllocatorRef). This pointer can be then 49e205a9daec9ec4afed956cf5455889725b9192fbAlexander Potapenko// passed directly to free(), which will lead to errors. 50e205a9daec9ec4afed956cf5455889725b9192fbAlexander Potapenko// To overcome this we're checking whether |ptr-sizeof(CFAllocatorRef)| 51e205a9daec9ec4afed956cf5455889725b9192fbAlexander Potapenko// contains a pointer to our CFAllocator (assuming no other allocator is used). 52e205a9daec9ec4afed956cf5455889725b9192fbAlexander Potapenko// See http://code.google.com/p/address-sanitizer/issues/detail?id=70 for more 53e205a9daec9ec4afed956cf5455889725b9192fbAlexander Potapenko// info. 54e205a9daec9ec4afed956cf5455889725b9192fbAlexander PotapenkoINTERCEPTOR(void, free, void *ptr) { 551e172b4bdec57329bf904f063a29f99cddf2d85fKostya Serebryany malloc_zone_t *zone = malloc_zone_from_ptr(ptr); 561e172b4bdec57329bf904f063a29f99cddf2d85fKostya Serebryany if (zone) { 571e172b4bdec57329bf904f063a29f99cddf2d85fKostya Serebryany#if defined(MAC_OS_X_VERSION_10_6) && \ 581e172b4bdec57329bf904f063a29f99cddf2d85fKostya Serebryany MAC_OS_X_VERSION_MAX_ALLOWED >= MAC_OS_X_VERSION_10_6 591e172b4bdec57329bf904f063a29f99cddf2d85fKostya Serebryany if ((zone->version >= 6) && (zone->free_definite_size)) { 601e172b4bdec57329bf904f063a29f99cddf2d85fKostya Serebryany zone->free_definite_size(zone, ptr, malloc_size(ptr)); 611e172b4bdec57329bf904f063a29f99cddf2d85fKostya Serebryany } else { 621e172b4bdec57329bf904f063a29f99cddf2d85fKostya Serebryany malloc_zone_free(zone, ptr); 631e172b4bdec57329bf904f063a29f99cddf2d85fKostya Serebryany } 641e172b4bdec57329bf904f063a29f99cddf2d85fKostya Serebryany#else 651e172b4bdec57329bf904f063a29f99cddf2d85fKostya Serebryany malloc_zone_free(zone, ptr); 661e172b4bdec57329bf904f063a29f99cddf2d85fKostya Serebryany#endif 671e172b4bdec57329bf904f063a29f99cddf2d85fKostya Serebryany } else { 68cb8c4dce691097718d5af41b36899b72ef4b1d84Alexey Samsonov if (flags()->replace_cfallocator) { 69e205a9daec9ec4afed956cf5455889725b9192fbAlexander Potapenko // Make sure we're not hitting the previous page. This may be incorrect 70e205a9daec9ec4afed956cf5455889725b9192fbAlexander Potapenko // if ASan's malloc returns an address ending with 0xFF8, which will be 71e205a9daec9ec4afed956cf5455889725b9192fbAlexander Potapenko // then padded to a page boundary with a CFAllocatorRef. 72e205a9daec9ec4afed956cf5455889725b9192fbAlexander Potapenko uptr arith_ptr = (uptr)ptr; 73e205a9daec9ec4afed956cf5455889725b9192fbAlexander Potapenko if ((arith_ptr & 0xFFF) > sizeof(CFAllocatorRef)) { 74e205a9daec9ec4afed956cf5455889725b9192fbAlexander Potapenko CFAllocatorRef *saved = 75e205a9daec9ec4afed956cf5455889725b9192fbAlexander Potapenko (CFAllocatorRef*)(arith_ptr - sizeof(CFAllocatorRef)); 76e205a9daec9ec4afed956cf5455889725b9192fbAlexander Potapenko if ((*saved == cf_asan) && asan_mz_size(saved)) ptr = (void*)saved; 77e205a9daec9ec4afed956cf5455889725b9192fbAlexander Potapenko } 78e205a9daec9ec4afed956cf5455889725b9192fbAlexander Potapenko } 791e172b4bdec57329bf904f063a29f99cddf2d85fKostya Serebryany GET_STACK_TRACE_HERE_FOR_FREE(ptr); 801e172b4bdec57329bf904f063a29f99cddf2d85fKostya Serebryany asan_free(ptr, &stack); 811e172b4bdec57329bf904f063a29f99cddf2d85fKostya Serebryany } 821e172b4bdec57329bf904f063a29f99cddf2d85fKostya Serebryany} 831e172b4bdec57329bf904f063a29f99cddf2d85fKostya Serebryany 8423a3b760646aab699d29896d4feaf2fc84ec3955Alexander Potapenkonamespace __asan { 8523a3b760646aab699d29896d4feaf2fc84ec3955Alexander Potapenko void ReplaceCFAllocator(); 8623a3b760646aab699d29896d4feaf2fc84ec3955Alexander Potapenko} 8723a3b760646aab699d29896d4feaf2fc84ec3955Alexander Potapenko 88decaec9ee3177b5e81e358ad8e93ab70b38a1cc0Alexander Potapenko// We can't always replace the default CFAllocator with cf_asan right in 89decaec9ee3177b5e81e358ad8e93ab70b38a1cc0Alexander Potapenko// ReplaceSystemMalloc(), because it is sometimes called before 90decaec9ee3177b5e81e358ad8e93ab70b38a1cc0Alexander Potapenko// __CFInitialize(), when the default allocator is invalid and replacing it may 91decaec9ee3177b5e81e358ad8e93ab70b38a1cc0Alexander Potapenko// crash the program. Instead we wait for the allocator to initialize and jump 92decaec9ee3177b5e81e358ad8e93ab70b38a1cc0Alexander Potapenko// in just after __CFInitialize(). Nobody is going to allocate memory using 93decaec9ee3177b5e81e358ad8e93ab70b38a1cc0Alexander Potapenko// CFAllocators before that, so we won't miss anything. 94decaec9ee3177b5e81e358ad8e93ab70b38a1cc0Alexander Potapenko// 95decaec9ee3177b5e81e358ad8e93ab70b38a1cc0Alexander Potapenko// See http://code.google.com/p/address-sanitizer/issues/detail?id=87 96decaec9ee3177b5e81e358ad8e93ab70b38a1cc0Alexander Potapenko// and http://opensource.apple.com/source/CF/CF-550.43/CFRuntime.c 97decaec9ee3177b5e81e358ad8e93ab70b38a1cc0Alexander PotapenkoINTERCEPTOR(void, __CFInitialize) { 98cb8c4dce691097718d5af41b36899b72ef4b1d84Alexey Samsonov CHECK(flags()->replace_cfallocator); 9923a3b760646aab699d29896d4feaf2fc84ec3955Alexander Potapenko CHECK(asan_inited); 100decaec9ee3177b5e81e358ad8e93ab70b38a1cc0Alexander Potapenko REAL(__CFInitialize)(); 1010fedcd5abe8e9d51dc7177cf2fa239d9b83e270bAlexander Potapenko if (!cf_asan) ReplaceCFAllocator(); 102decaec9ee3177b5e81e358ad8e93ab70b38a1cc0Alexander Potapenko} 103decaec9ee3177b5e81e358ad8e93ab70b38a1cc0Alexander Potapenko 1041e172b4bdec57329bf904f063a29f99cddf2d85fKostya Serebryanynamespace { 10523a3b760646aab699d29896d4feaf2fc84ec3955Alexander Potapenko 1061e172b4bdec57329bf904f063a29f99cddf2d85fKostya Serebryany// TODO(glider): the mz_* functions should be united with the Linux wrappers, 1071e172b4bdec57329bf904f063a29f99cddf2d85fKostya Serebryany// as they are basically copied from there. 1081e172b4bdec57329bf904f063a29f99cddf2d85fKostya Serebryanysize_t mz_size(malloc_zone_t* zone, const void* ptr) { 1094fd95f141f78906570c15a8a3b4cf0a7b50a201dAlexey Samsonov return asan_mz_size(ptr); 1101e172b4bdec57329bf904f063a29f99cddf2d85fKostya Serebryany} 1111e172b4bdec57329bf904f063a29f99cddf2d85fKostya Serebryany 1121e172b4bdec57329bf904f063a29f99cddf2d85fKostya Serebryanyvoid *mz_malloc(malloc_zone_t *zone, size_t size) { 1131e172b4bdec57329bf904f063a29f99cddf2d85fKostya Serebryany if (!asan_inited) { 1141e172b4bdec57329bf904f063a29f99cddf2d85fKostya Serebryany CHECK(system_malloc_zone); 1151e172b4bdec57329bf904f063a29f99cddf2d85fKostya Serebryany return malloc_zone_malloc(system_malloc_zone, size); 1161e172b4bdec57329bf904f063a29f99cddf2d85fKostya Serebryany } 1171e172b4bdec57329bf904f063a29f99cddf2d85fKostya Serebryany GET_STACK_TRACE_HERE_FOR_MALLOC; 1181e172b4bdec57329bf904f063a29f99cddf2d85fKostya Serebryany return asan_malloc(size, &stack); 1191e172b4bdec57329bf904f063a29f99cddf2d85fKostya Serebryany} 1201e172b4bdec57329bf904f063a29f99cddf2d85fKostya Serebryany 1211e172b4bdec57329bf904f063a29f99cddf2d85fKostya Serebryanyvoid *cf_malloc(CFIndex size, CFOptionFlags hint, void *info) { 1221e172b4bdec57329bf904f063a29f99cddf2d85fKostya Serebryany if (!asan_inited) { 1231e172b4bdec57329bf904f063a29f99cddf2d85fKostya Serebryany CHECK(system_malloc_zone); 1241e172b4bdec57329bf904f063a29f99cddf2d85fKostya Serebryany return malloc_zone_malloc(system_malloc_zone, size); 1251e172b4bdec57329bf904f063a29f99cddf2d85fKostya Serebryany } 1261e172b4bdec57329bf904f063a29f99cddf2d85fKostya Serebryany GET_STACK_TRACE_HERE_FOR_MALLOC; 1271e172b4bdec57329bf904f063a29f99cddf2d85fKostya Serebryany return asan_malloc(size, &stack); 1281e172b4bdec57329bf904f063a29f99cddf2d85fKostya Serebryany} 1291e172b4bdec57329bf904f063a29f99cddf2d85fKostya Serebryany 1301e172b4bdec57329bf904f063a29f99cddf2d85fKostya Serebryanyvoid *mz_calloc(malloc_zone_t *zone, size_t nmemb, size_t size) { 1311e172b4bdec57329bf904f063a29f99cddf2d85fKostya Serebryany if (!asan_inited) { 13209672caefb5694f1981a1712fdefa44840a95e67Alexey Samsonov // Hack: dlsym calls calloc before REAL(calloc) is retrieved from dlsym. 1331e172b4bdec57329bf904f063a29f99cddf2d85fKostya Serebryany const size_t kCallocPoolSize = 1024; 1343f4c3875c42078e22c7e5356c5746fd18756d958Kostya Serebryany static uptr calloc_memory_for_dlsym[kCallocPoolSize]; 1351e172b4bdec57329bf904f063a29f99cddf2d85fKostya Serebryany static size_t allocated; 1361e172b4bdec57329bf904f063a29f99cddf2d85fKostya Serebryany size_t size_in_words = ((nmemb * size) + kWordSize - 1) / kWordSize; 1371e172b4bdec57329bf904f063a29f99cddf2d85fKostya Serebryany void *mem = (void*)&calloc_memory_for_dlsym[allocated]; 1381e172b4bdec57329bf904f063a29f99cddf2d85fKostya Serebryany allocated += size_in_words; 1391e172b4bdec57329bf904f063a29f99cddf2d85fKostya Serebryany CHECK(allocated < kCallocPoolSize); 1401e172b4bdec57329bf904f063a29f99cddf2d85fKostya Serebryany return mem; 1411e172b4bdec57329bf904f063a29f99cddf2d85fKostya Serebryany } 1421e172b4bdec57329bf904f063a29f99cddf2d85fKostya Serebryany GET_STACK_TRACE_HERE_FOR_MALLOC; 1431e172b4bdec57329bf904f063a29f99cddf2d85fKostya Serebryany return asan_calloc(nmemb, size, &stack); 1441e172b4bdec57329bf904f063a29f99cddf2d85fKostya Serebryany} 1451e172b4bdec57329bf904f063a29f99cddf2d85fKostya Serebryany 1461e172b4bdec57329bf904f063a29f99cddf2d85fKostya Serebryanyvoid *mz_valloc(malloc_zone_t *zone, size_t size) { 1471e172b4bdec57329bf904f063a29f99cddf2d85fKostya Serebryany if (!asan_inited) { 1481e172b4bdec57329bf904f063a29f99cddf2d85fKostya Serebryany CHECK(system_malloc_zone); 1491e172b4bdec57329bf904f063a29f99cddf2d85fKostya Serebryany return malloc_zone_valloc(system_malloc_zone, size); 1501e172b4bdec57329bf904f063a29f99cddf2d85fKostya Serebryany } 1511e172b4bdec57329bf904f063a29f99cddf2d85fKostya Serebryany GET_STACK_TRACE_HERE_FOR_MALLOC; 1521e172b4bdec57329bf904f063a29f99cddf2d85fKostya Serebryany return asan_memalign(kPageSize, size, &stack); 1531e172b4bdec57329bf904f063a29f99cddf2d85fKostya Serebryany} 1541e172b4bdec57329bf904f063a29f99cddf2d85fKostya Serebryany 1551e172b4bdec57329bf904f063a29f99cddf2d85fKostya Serebryanyvoid print_zone_for_ptr(void *ptr) { 1561e172b4bdec57329bf904f063a29f99cddf2d85fKostya Serebryany malloc_zone_t *orig_zone = malloc_zone_from_ptr(ptr); 1571e172b4bdec57329bf904f063a29f99cddf2d85fKostya Serebryany if (orig_zone) { 1581e172b4bdec57329bf904f063a29f99cddf2d85fKostya Serebryany if (orig_zone->zone_name) { 159e954101f6602ac181a2c3accfbbad0ae51b0bf7cAlexey Samsonov AsanPrintf("malloc_zone_from_ptr(%p) = %p, which is %s\n", 160e954101f6602ac181a2c3accfbbad0ae51b0bf7cAlexey Samsonov ptr, orig_zone, orig_zone->zone_name); 1611e172b4bdec57329bf904f063a29f99cddf2d85fKostya Serebryany } else { 162e954101f6602ac181a2c3accfbbad0ae51b0bf7cAlexey Samsonov AsanPrintf("malloc_zone_from_ptr(%p) = %p, which doesn't have a name\n", 163e954101f6602ac181a2c3accfbbad0ae51b0bf7cAlexey Samsonov ptr, orig_zone); 1641e172b4bdec57329bf904f063a29f99cddf2d85fKostya Serebryany } 1651e172b4bdec57329bf904f063a29f99cddf2d85fKostya Serebryany } else { 166e954101f6602ac181a2c3accfbbad0ae51b0bf7cAlexey Samsonov AsanPrintf("malloc_zone_from_ptr(%p) = 0\n", ptr); 1671e172b4bdec57329bf904f063a29f99cddf2d85fKostya Serebryany } 1681e172b4bdec57329bf904f063a29f99cddf2d85fKostya Serebryany} 1691e172b4bdec57329bf904f063a29f99cddf2d85fKostya Serebryany 1700aa794d78fbb6359f81025217559f1b03ff07999Alexander Potapenkovoid ALWAYS_INLINE free_common(void *context, void *ptr) { 1711e172b4bdec57329bf904f063a29f99cddf2d85fKostya Serebryany if (!ptr) return; 172cb8c4dce691097718d5af41b36899b72ef4b1d84Alexey Samsonov if (!flags()->mac_ignore_invalid_free || asan_mz_size(ptr)) { 1731e172b4bdec57329bf904f063a29f99cddf2d85fKostya Serebryany GET_STACK_TRACE_HERE_FOR_FREE(ptr); 1741e172b4bdec57329bf904f063a29f99cddf2d85fKostya Serebryany asan_free(ptr, &stack); 1751e172b4bdec57329bf904f063a29f99cddf2d85fKostya Serebryany } else { 1761e172b4bdec57329bf904f063a29f99cddf2d85fKostya Serebryany // Let us just leak this memory for now. 1770aa794d78fbb6359f81025217559f1b03ff07999Alexander Potapenko AsanPrintf("free_common(%p) -- attempting to free unallocated memory.\n" 178e954101f6602ac181a2c3accfbbad0ae51b0bf7cAlexey Samsonov "AddressSanitizer is ignoring this error on Mac OS now.\n", 179e954101f6602ac181a2c3accfbbad0ae51b0bf7cAlexey Samsonov ptr); 1801e172b4bdec57329bf904f063a29f99cddf2d85fKostya Serebryany print_zone_for_ptr(ptr); 1811e172b4bdec57329bf904f063a29f99cddf2d85fKostya Serebryany GET_STACK_TRACE_HERE_FOR_FREE(ptr); 1821e172b4bdec57329bf904f063a29f99cddf2d85fKostya Serebryany stack.PrintStack(); 1831e172b4bdec57329bf904f063a29f99cddf2d85fKostya Serebryany return; 1841e172b4bdec57329bf904f063a29f99cddf2d85fKostya Serebryany } 1851e172b4bdec57329bf904f063a29f99cddf2d85fKostya Serebryany} 1861e172b4bdec57329bf904f063a29f99cddf2d85fKostya Serebryany 1870aa794d78fbb6359f81025217559f1b03ff07999Alexander Potapenko// TODO(glider): the allocation callbacks need to be refactored. 1880aa794d78fbb6359f81025217559f1b03ff07999Alexander Potapenkovoid mz_free(malloc_zone_t *zone, void *ptr) { 1890aa794d78fbb6359f81025217559f1b03ff07999Alexander Potapenko free_common(zone, ptr); 1900aa794d78fbb6359f81025217559f1b03ff07999Alexander Potapenko} 1910aa794d78fbb6359f81025217559f1b03ff07999Alexander Potapenko 1921e172b4bdec57329bf904f063a29f99cddf2d85fKostya Serebryanyvoid cf_free(void *ptr, void *info) { 1930aa794d78fbb6359f81025217559f1b03ff07999Alexander Potapenko free_common(info, ptr); 1941e172b4bdec57329bf904f063a29f99cddf2d85fKostya Serebryany} 1951e172b4bdec57329bf904f063a29f99cddf2d85fKostya Serebryany 1961e172b4bdec57329bf904f063a29f99cddf2d85fKostya Serebryanyvoid *mz_realloc(malloc_zone_t *zone, void *ptr, size_t size) { 1971e172b4bdec57329bf904f063a29f99cddf2d85fKostya Serebryany if (!ptr) { 1981e172b4bdec57329bf904f063a29f99cddf2d85fKostya Serebryany GET_STACK_TRACE_HERE_FOR_MALLOC; 1991e172b4bdec57329bf904f063a29f99cddf2d85fKostya Serebryany return asan_malloc(size, &stack); 2001e172b4bdec57329bf904f063a29f99cddf2d85fKostya Serebryany } else { 2014fd95f141f78906570c15a8a3b4cf0a7b50a201dAlexey Samsonov if (asan_mz_size(ptr)) { 2021e172b4bdec57329bf904f063a29f99cddf2d85fKostya Serebryany GET_STACK_TRACE_HERE_FOR_MALLOC; 2031e172b4bdec57329bf904f063a29f99cddf2d85fKostya Serebryany return asan_realloc(ptr, size, &stack); 2041e172b4bdec57329bf904f063a29f99cddf2d85fKostya Serebryany } else { 2051e172b4bdec57329bf904f063a29f99cddf2d85fKostya Serebryany // We can't recover from reallocating an unknown address, because 2061e172b4bdec57329bf904f063a29f99cddf2d85fKostya Serebryany // this would require reading at most |size| bytes from 2071e172b4bdec57329bf904f063a29f99cddf2d85fKostya Serebryany // potentially unaccessible memory. 208e954101f6602ac181a2c3accfbbad0ae51b0bf7cAlexey Samsonov AsanPrintf("mz_realloc(%p) -- attempting to realloc unallocated memory.\n" 209e954101f6602ac181a2c3accfbbad0ae51b0bf7cAlexey Samsonov "This is an unrecoverable problem, exiting now.\n", 210e954101f6602ac181a2c3accfbbad0ae51b0bf7cAlexey Samsonov ptr); 2111e172b4bdec57329bf904f063a29f99cddf2d85fKostya Serebryany print_zone_for_ptr(ptr); 2121e172b4bdec57329bf904f063a29f99cddf2d85fKostya Serebryany GET_STACK_TRACE_HERE_FOR_FREE(ptr); 2131e172b4bdec57329bf904f063a29f99cddf2d85fKostya Serebryany stack.PrintStack(); 2141e172b4bdec57329bf904f063a29f99cddf2d85fKostya Serebryany ShowStatsAndAbort(); 2153f4c3875c42078e22c7e5356c5746fd18756d958Kostya Serebryany return 0; // unreachable 2161e172b4bdec57329bf904f063a29f99cddf2d85fKostya Serebryany } 2171e172b4bdec57329bf904f063a29f99cddf2d85fKostya Serebryany } 2181e172b4bdec57329bf904f063a29f99cddf2d85fKostya Serebryany} 2191e172b4bdec57329bf904f063a29f99cddf2d85fKostya Serebryany 2201e172b4bdec57329bf904f063a29f99cddf2d85fKostya Serebryanyvoid *cf_realloc(void *ptr, CFIndex size, CFOptionFlags hint, void *info) { 2211e172b4bdec57329bf904f063a29f99cddf2d85fKostya Serebryany if (!ptr) { 2221e172b4bdec57329bf904f063a29f99cddf2d85fKostya Serebryany GET_STACK_TRACE_HERE_FOR_MALLOC; 2231e172b4bdec57329bf904f063a29f99cddf2d85fKostya Serebryany return asan_malloc(size, &stack); 2241e172b4bdec57329bf904f063a29f99cddf2d85fKostya Serebryany } else { 2254fd95f141f78906570c15a8a3b4cf0a7b50a201dAlexey Samsonov if (asan_mz_size(ptr)) { 2261e172b4bdec57329bf904f063a29f99cddf2d85fKostya Serebryany GET_STACK_TRACE_HERE_FOR_MALLOC; 2271e172b4bdec57329bf904f063a29f99cddf2d85fKostya Serebryany return asan_realloc(ptr, size, &stack); 2281e172b4bdec57329bf904f063a29f99cddf2d85fKostya Serebryany } else { 2291e172b4bdec57329bf904f063a29f99cddf2d85fKostya Serebryany // We can't recover from reallocating an unknown address, because 2301e172b4bdec57329bf904f063a29f99cddf2d85fKostya Serebryany // this would require reading at most |size| bytes from 2311e172b4bdec57329bf904f063a29f99cddf2d85fKostya Serebryany // potentially unaccessible memory. 232e954101f6602ac181a2c3accfbbad0ae51b0bf7cAlexey Samsonov AsanPrintf("cf_realloc(%p) -- attempting to realloc unallocated memory.\n" 233e954101f6602ac181a2c3accfbbad0ae51b0bf7cAlexey Samsonov "This is an unrecoverable problem, exiting now.\n", 234e954101f6602ac181a2c3accfbbad0ae51b0bf7cAlexey Samsonov ptr); 2351e172b4bdec57329bf904f063a29f99cddf2d85fKostya Serebryany print_zone_for_ptr(ptr); 2361e172b4bdec57329bf904f063a29f99cddf2d85fKostya Serebryany GET_STACK_TRACE_HERE_FOR_FREE(ptr); 2371e172b4bdec57329bf904f063a29f99cddf2d85fKostya Serebryany stack.PrintStack(); 2381e172b4bdec57329bf904f063a29f99cddf2d85fKostya Serebryany ShowStatsAndAbort(); 2393f4c3875c42078e22c7e5356c5746fd18756d958Kostya Serebryany return 0; // unreachable 2401e172b4bdec57329bf904f063a29f99cddf2d85fKostya Serebryany } 2411e172b4bdec57329bf904f063a29f99cddf2d85fKostya Serebryany } 2421e172b4bdec57329bf904f063a29f99cddf2d85fKostya Serebryany} 2431e172b4bdec57329bf904f063a29f99cddf2d85fKostya Serebryany 2441e172b4bdec57329bf904f063a29f99cddf2d85fKostya Serebryanyvoid mz_destroy(malloc_zone_t* zone) { 2451e172b4bdec57329bf904f063a29f99cddf2d85fKostya Serebryany // A no-op -- we will not be destroyed! 246e954101f6602ac181a2c3accfbbad0ae51b0bf7cAlexey Samsonov AsanPrintf("mz_destroy() called -- ignoring\n"); 2471e172b4bdec57329bf904f063a29f99cddf2d85fKostya Serebryany} 2481e172b4bdec57329bf904f063a29f99cddf2d85fKostya Serebryany // from AvailabilityMacros.h 2491e172b4bdec57329bf904f063a29f99cddf2d85fKostya Serebryany#if defined(MAC_OS_X_VERSION_10_6) && \ 2501e172b4bdec57329bf904f063a29f99cddf2d85fKostya Serebryany MAC_OS_X_VERSION_MAX_ALLOWED >= MAC_OS_X_VERSION_10_6 2511e172b4bdec57329bf904f063a29f99cddf2d85fKostya Serebryanyvoid *mz_memalign(malloc_zone_t *zone, size_t align, size_t size) { 2521e172b4bdec57329bf904f063a29f99cddf2d85fKostya Serebryany if (!asan_inited) { 2531e172b4bdec57329bf904f063a29f99cddf2d85fKostya Serebryany CHECK(system_malloc_zone); 2541e172b4bdec57329bf904f063a29f99cddf2d85fKostya Serebryany return malloc_zone_memalign(system_malloc_zone, align, size); 2551e172b4bdec57329bf904f063a29f99cddf2d85fKostya Serebryany } 2561e172b4bdec57329bf904f063a29f99cddf2d85fKostya Serebryany GET_STACK_TRACE_HERE_FOR_MALLOC; 2571e172b4bdec57329bf904f063a29f99cddf2d85fKostya Serebryany return asan_memalign(align, size, &stack); 2581e172b4bdec57329bf904f063a29f99cddf2d85fKostya Serebryany} 2591e172b4bdec57329bf904f063a29f99cddf2d85fKostya Serebryany 260c1ef2a0b8022f200f8bbb36641df866c4369876dDaniel Dunbar// This function is currently unused, and we build with -Werror. 261c1ef2a0b8022f200f8bbb36641df866c4369876dDaniel Dunbar#if 0 2621e172b4bdec57329bf904f063a29f99cddf2d85fKostya Serebryanyvoid mz_free_definite_size(malloc_zone_t* zone, void *ptr, size_t size) { 2631e172b4bdec57329bf904f063a29f99cddf2d85fKostya Serebryany // TODO(glider): check that |size| is valid. 2641e172b4bdec57329bf904f063a29f99cddf2d85fKostya Serebryany UNIMPLEMENTED(); 2651e172b4bdec57329bf904f063a29f99cddf2d85fKostya Serebryany} 2661e172b4bdec57329bf904f063a29f99cddf2d85fKostya Serebryany#endif 267c1ef2a0b8022f200f8bbb36641df866c4369876dDaniel Dunbar#endif 2681e172b4bdec57329bf904f063a29f99cddf2d85fKostya Serebryany 2691e172b4bdec57329bf904f063a29f99cddf2d85fKostya Serebryany// malloc_introspection callbacks. I'm not clear on what all of these do. 2701e172b4bdec57329bf904f063a29f99cddf2d85fKostya Serebryanykern_return_t mi_enumerator(task_t task, void *, 2711e172b4bdec57329bf904f063a29f99cddf2d85fKostya Serebryany unsigned type_mask, vm_address_t zone_address, 2721e172b4bdec57329bf904f063a29f99cddf2d85fKostya Serebryany memory_reader_t reader, 2731e172b4bdec57329bf904f063a29f99cddf2d85fKostya Serebryany vm_range_recorder_t recorder) { 2741e172b4bdec57329bf904f063a29f99cddf2d85fKostya Serebryany // Should enumerate all the pointers we have. Seems like a lot of work. 2751e172b4bdec57329bf904f063a29f99cddf2d85fKostya Serebryany return KERN_FAILURE; 2761e172b4bdec57329bf904f063a29f99cddf2d85fKostya Serebryany} 2771e172b4bdec57329bf904f063a29f99cddf2d85fKostya Serebryany 2781e172b4bdec57329bf904f063a29f99cddf2d85fKostya Serebryanysize_t mi_good_size(malloc_zone_t *zone, size_t size) { 2791e172b4bdec57329bf904f063a29f99cddf2d85fKostya Serebryany // I think it's always safe to return size, but we maybe could do better. 2801e172b4bdec57329bf904f063a29f99cddf2d85fKostya Serebryany return size; 2811e172b4bdec57329bf904f063a29f99cddf2d85fKostya Serebryany} 2821e172b4bdec57329bf904f063a29f99cddf2d85fKostya Serebryany 2831e172b4bdec57329bf904f063a29f99cddf2d85fKostya Serebryanyboolean_t mi_check(malloc_zone_t *zone) { 2841e172b4bdec57329bf904f063a29f99cddf2d85fKostya Serebryany UNIMPLEMENTED(); 2851e172b4bdec57329bf904f063a29f99cddf2d85fKostya Serebryany return true; 2861e172b4bdec57329bf904f063a29f99cddf2d85fKostya Serebryany} 2871e172b4bdec57329bf904f063a29f99cddf2d85fKostya Serebryany 2881e172b4bdec57329bf904f063a29f99cddf2d85fKostya Serebryanyvoid mi_print(malloc_zone_t *zone, boolean_t verbose) { 2891e172b4bdec57329bf904f063a29f99cddf2d85fKostya Serebryany UNIMPLEMENTED(); 2901e172b4bdec57329bf904f063a29f99cddf2d85fKostya Serebryany return; 2911e172b4bdec57329bf904f063a29f99cddf2d85fKostya Serebryany} 2921e172b4bdec57329bf904f063a29f99cddf2d85fKostya Serebryany 2931e172b4bdec57329bf904f063a29f99cddf2d85fKostya Serebryanyvoid mi_log(malloc_zone_t *zone, void *address) { 2941e172b4bdec57329bf904f063a29f99cddf2d85fKostya Serebryany // I don't think we support anything like this 2951e172b4bdec57329bf904f063a29f99cddf2d85fKostya Serebryany} 2961e172b4bdec57329bf904f063a29f99cddf2d85fKostya Serebryany 2971e172b4bdec57329bf904f063a29f99cddf2d85fKostya Serebryanyvoid mi_force_lock(malloc_zone_t *zone) { 2984fd95f141f78906570c15a8a3b4cf0a7b50a201dAlexey Samsonov asan_mz_force_lock(); 2991e172b4bdec57329bf904f063a29f99cddf2d85fKostya Serebryany} 3001e172b4bdec57329bf904f063a29f99cddf2d85fKostya Serebryany 3011e172b4bdec57329bf904f063a29f99cddf2d85fKostya Serebryanyvoid mi_force_unlock(malloc_zone_t *zone) { 3024fd95f141f78906570c15a8a3b4cf0a7b50a201dAlexey Samsonov asan_mz_force_unlock(); 3031e172b4bdec57329bf904f063a29f99cddf2d85fKostya Serebryany} 3041e172b4bdec57329bf904f063a29f99cddf2d85fKostya Serebryany 305c1ef2a0b8022f200f8bbb36641df866c4369876dDaniel Dunbar// This function is currently unused, and we build with -Werror. 306c1ef2a0b8022f200f8bbb36641df866c4369876dDaniel Dunbar#if 0 3071e172b4bdec57329bf904f063a29f99cddf2d85fKostya Serebryanyvoid mi_statistics(malloc_zone_t *zone, malloc_statistics_t *stats) { 3081e172b4bdec57329bf904f063a29f99cddf2d85fKostya Serebryany // TODO(csilvers): figure out how to fill these out 3091e172b4bdec57329bf904f063a29f99cddf2d85fKostya Serebryany // TODO(glider): port this from tcmalloc when ready. 3101e172b4bdec57329bf904f063a29f99cddf2d85fKostya Serebryany stats->blocks_in_use = 0; 3111e172b4bdec57329bf904f063a29f99cddf2d85fKostya Serebryany stats->size_in_use = 0; 3121e172b4bdec57329bf904f063a29f99cddf2d85fKostya Serebryany stats->max_size_in_use = 0; 3131e172b4bdec57329bf904f063a29f99cddf2d85fKostya Serebryany stats->size_allocated = 0; 3141e172b4bdec57329bf904f063a29f99cddf2d85fKostya Serebryany} 315c1ef2a0b8022f200f8bbb36641df866c4369876dDaniel Dunbar#endif 3161e172b4bdec57329bf904f063a29f99cddf2d85fKostya Serebryany 317eeb719154538f38ffd54d8d3bfd8e113b97fe6a1Eli Friedman#if defined(MAC_OS_X_VERSION_10_6) && \ 318eeb719154538f38ffd54d8d3bfd8e113b97fe6a1Eli Friedman MAC_OS_X_VERSION_MAX_ALLOWED >= MAC_OS_X_VERSION_10_6 3191e172b4bdec57329bf904f063a29f99cddf2d85fKostya Serebryanyboolean_t mi_zone_locked(malloc_zone_t *zone) { 3201e172b4bdec57329bf904f063a29f99cddf2d85fKostya Serebryany // UNIMPLEMENTED(); 3211e172b4bdec57329bf904f063a29f99cddf2d85fKostya Serebryany return false; 3221e172b4bdec57329bf904f063a29f99cddf2d85fKostya Serebryany} 323eeb719154538f38ffd54d8d3bfd8e113b97fe6a1Eli Friedman#endif 3241e172b4bdec57329bf904f063a29f99cddf2d85fKostya Serebryany 3251e172b4bdec57329bf904f063a29f99cddf2d85fKostya Serebryany} // unnamed namespace 3261e172b4bdec57329bf904f063a29f99cddf2d85fKostya Serebryany 327decaec9ee3177b5e81e358ad8e93ab70b38a1cc0Alexander Potapenkoextern int __CFRuntimeClassTableSize; 3281e172b4bdec57329bf904f063a29f99cddf2d85fKostya Serebryany 3291e172b4bdec57329bf904f063a29f99cddf2d85fKostya Serebryanynamespace __asan { 33023a3b760646aab699d29896d4feaf2fc84ec3955Alexander Potapenkovoid ReplaceCFAllocator() { 33123a3b760646aab699d29896d4feaf2fc84ec3955Alexander Potapenko static CFAllocatorContext asan_context = { 33223a3b760646aab699d29896d4feaf2fc84ec3955Alexander Potapenko /*version*/ 0, /*info*/ &asan_zone, 33323a3b760646aab699d29896d4feaf2fc84ec3955Alexander Potapenko /*retain*/ 0, /*release*/ 0, 33423a3b760646aab699d29896d4feaf2fc84ec3955Alexander Potapenko /*copyDescription*/0, 33523a3b760646aab699d29896d4feaf2fc84ec3955Alexander Potapenko /*allocate*/ &cf_malloc, 33623a3b760646aab699d29896d4feaf2fc84ec3955Alexander Potapenko /*reallocate*/ &cf_realloc, 33723a3b760646aab699d29896d4feaf2fc84ec3955Alexander Potapenko /*deallocate*/ &cf_free, 33823a3b760646aab699d29896d4feaf2fc84ec3955Alexander Potapenko /*preferredSize*/ 0 }; 33923a3b760646aab699d29896d4feaf2fc84ec3955Alexander Potapenko cf_asan = CFAllocatorCreate(kCFAllocatorUseContext, &asan_context); 34023a3b760646aab699d29896d4feaf2fc84ec3955Alexander Potapenko CFAllocatorSetDefault(cf_asan); 34123a3b760646aab699d29896d4feaf2fc84ec3955Alexander Potapenko} 34223a3b760646aab699d29896d4feaf2fc84ec3955Alexander Potapenko 3431e172b4bdec57329bf904f063a29f99cddf2d85fKostya Serebryanyvoid ReplaceSystemMalloc() { 3441e172b4bdec57329bf904f063a29f99cddf2d85fKostya Serebryany static malloc_introspection_t asan_introspection; 345ebb9702cff96192c6a6ea963037929ca7ed60eaeAlexander Potapenko // Ok to use internal_memset, these places are not performance-critical. 346ebb9702cff96192c6a6ea963037929ca7ed60eaeAlexander Potapenko internal_memset(&asan_introspection, 0, sizeof(asan_introspection)); 3471e172b4bdec57329bf904f063a29f99cddf2d85fKostya Serebryany 3481e172b4bdec57329bf904f063a29f99cddf2d85fKostya Serebryany asan_introspection.enumerator = &mi_enumerator; 3491e172b4bdec57329bf904f063a29f99cddf2d85fKostya Serebryany asan_introspection.good_size = &mi_good_size; 3501e172b4bdec57329bf904f063a29f99cddf2d85fKostya Serebryany asan_introspection.check = &mi_check; 3511e172b4bdec57329bf904f063a29f99cddf2d85fKostya Serebryany asan_introspection.print = &mi_print; 3521e172b4bdec57329bf904f063a29f99cddf2d85fKostya Serebryany asan_introspection.log = &mi_log; 3531e172b4bdec57329bf904f063a29f99cddf2d85fKostya Serebryany asan_introspection.force_lock = &mi_force_lock; 3541e172b4bdec57329bf904f063a29f99cddf2d85fKostya Serebryany asan_introspection.force_unlock = &mi_force_unlock; 3551e172b4bdec57329bf904f063a29f99cddf2d85fKostya Serebryany 356ebb9702cff96192c6a6ea963037929ca7ed60eaeAlexander Potapenko internal_memset(&asan_zone, 0, sizeof(malloc_zone_t)); 3571e172b4bdec57329bf904f063a29f99cddf2d85fKostya Serebryany 3581e172b4bdec57329bf904f063a29f99cddf2d85fKostya Serebryany // Start with a version 4 zone which is used for OS X 10.4 and 10.5. 3591e172b4bdec57329bf904f063a29f99cddf2d85fKostya Serebryany asan_zone.version = 4; 3601e172b4bdec57329bf904f063a29f99cddf2d85fKostya Serebryany asan_zone.zone_name = "asan"; 3611e172b4bdec57329bf904f063a29f99cddf2d85fKostya Serebryany asan_zone.size = &mz_size; 3621e172b4bdec57329bf904f063a29f99cddf2d85fKostya Serebryany asan_zone.malloc = &mz_malloc; 3631e172b4bdec57329bf904f063a29f99cddf2d85fKostya Serebryany asan_zone.calloc = &mz_calloc; 3641e172b4bdec57329bf904f063a29f99cddf2d85fKostya Serebryany asan_zone.valloc = &mz_valloc; 3651e172b4bdec57329bf904f063a29f99cddf2d85fKostya Serebryany asan_zone.free = &mz_free; 3661e172b4bdec57329bf904f063a29f99cddf2d85fKostya Serebryany asan_zone.realloc = &mz_realloc; 3671e172b4bdec57329bf904f063a29f99cddf2d85fKostya Serebryany asan_zone.destroy = &mz_destroy; 3683f4c3875c42078e22c7e5356c5746fd18756d958Kostya Serebryany asan_zone.batch_malloc = 0; 3693f4c3875c42078e22c7e5356c5746fd18756d958Kostya Serebryany asan_zone.batch_free = 0; 3701e172b4bdec57329bf904f063a29f99cddf2d85fKostya Serebryany asan_zone.introspect = &asan_introspection; 3711e172b4bdec57329bf904f063a29f99cddf2d85fKostya Serebryany 3721e172b4bdec57329bf904f063a29f99cddf2d85fKostya Serebryany // from AvailabilityMacros.h 3731e172b4bdec57329bf904f063a29f99cddf2d85fKostya Serebryany#if defined(MAC_OS_X_VERSION_10_6) && \ 3741e172b4bdec57329bf904f063a29f99cddf2d85fKostya Serebryany MAC_OS_X_VERSION_MAX_ALLOWED >= MAC_OS_X_VERSION_10_6 3751e172b4bdec57329bf904f063a29f99cddf2d85fKostya Serebryany // Switch to version 6 on OSX 10.6 to support memalign. 3761e172b4bdec57329bf904f063a29f99cddf2d85fKostya Serebryany asan_zone.version = 6; 3771e172b4bdec57329bf904f063a29f99cddf2d85fKostya Serebryany asan_zone.free_definite_size = 0; 3781e172b4bdec57329bf904f063a29f99cddf2d85fKostya Serebryany asan_zone.memalign = &mz_memalign; 3791e172b4bdec57329bf904f063a29f99cddf2d85fKostya Serebryany asan_introspection.zone_locked = &mi_zone_locked; 3801e172b4bdec57329bf904f063a29f99cddf2d85fKostya Serebryany 3811e172b4bdec57329bf904f063a29f99cddf2d85fKostya Serebryany // Request the default purgable zone to force its creation. The 3821e172b4bdec57329bf904f063a29f99cddf2d85fKostya Serebryany // current default zone is registered with the purgable zone for 3831e172b4bdec57329bf904f063a29f99cddf2d85fKostya Serebryany // doing tiny and small allocs. Sadly, it assumes that the default 3841e172b4bdec57329bf904f063a29f99cddf2d85fKostya Serebryany // zone is the szone implementation from OS X and will crash if it 3851e172b4bdec57329bf904f063a29f99cddf2d85fKostya Serebryany // isn't. By creating the zone now, this will be true and changing 3861e172b4bdec57329bf904f063a29f99cddf2d85fKostya Serebryany // the default zone won't cause a problem. (OS X 10.6 and higher.) 3871e172b4bdec57329bf904f063a29f99cddf2d85fKostya Serebryany system_purgeable_zone = malloc_default_purgeable_zone(); 3881e172b4bdec57329bf904f063a29f99cddf2d85fKostya Serebryany#endif 3891e172b4bdec57329bf904f063a29f99cddf2d85fKostya Serebryany 3901e172b4bdec57329bf904f063a29f99cddf2d85fKostya Serebryany // Register the ASan zone. At this point, it will not be the 3911e172b4bdec57329bf904f063a29f99cddf2d85fKostya Serebryany // default zone. 3921e172b4bdec57329bf904f063a29f99cddf2d85fKostya Serebryany malloc_zone_register(&asan_zone); 3931e172b4bdec57329bf904f063a29f99cddf2d85fKostya Serebryany 3941e172b4bdec57329bf904f063a29f99cddf2d85fKostya Serebryany // Unregister and reregister the default zone. Unregistering swaps 3951e172b4bdec57329bf904f063a29f99cddf2d85fKostya Serebryany // the specified zone with the last one registered which for the 3961e172b4bdec57329bf904f063a29f99cddf2d85fKostya Serebryany // default zone makes the more recently registered zone the default 3971e172b4bdec57329bf904f063a29f99cddf2d85fKostya Serebryany // zone. The default zone is then re-registered to ensure that 3981e172b4bdec57329bf904f063a29f99cddf2d85fKostya Serebryany // allocations made from it earlier will be handled correctly. 3991e172b4bdec57329bf904f063a29f99cddf2d85fKostya Serebryany // Things are not guaranteed to work that way, but it's how they work now. 4001e172b4bdec57329bf904f063a29f99cddf2d85fKostya Serebryany system_malloc_zone = malloc_default_zone(); 4011e172b4bdec57329bf904f063a29f99cddf2d85fKostya Serebryany malloc_zone_unregister(system_malloc_zone); 4021e172b4bdec57329bf904f063a29f99cddf2d85fKostya Serebryany malloc_zone_register(system_malloc_zone); 4031e172b4bdec57329bf904f063a29f99cddf2d85fKostya Serebryany // Make sure the default allocator was replaced. 4041e172b4bdec57329bf904f063a29f99cddf2d85fKostya Serebryany CHECK(malloc_default_zone() == &asan_zone); 4051e172b4bdec57329bf904f063a29f99cddf2d85fKostya Serebryany 406cb8c4dce691097718d5af41b36899b72ef4b1d84Alexey Samsonov if (flags()->replace_cfallocator) { 40723a3b760646aab699d29896d4feaf2fc84ec3955Alexander Potapenko // If __CFInitialize() hasn't been called yet, cf_asan will be created and 40823a3b760646aab699d29896d4feaf2fc84ec3955Alexander Potapenko // installed as the default allocator after __CFInitialize() finishes (see 40923a3b760646aab699d29896d4feaf2fc84ec3955Alexander Potapenko // the interceptor for __CFInitialize() above). Otherwise install cf_asan 41023a3b760646aab699d29896d4feaf2fc84ec3955Alexander Potapenko // right now. On both Snow Leopard and Lion __CFInitialize() calls 411bf9f6fbf015f687784e26f26570924be4ca3924fAlexander Potapenko // __CFAllocatorInitialize(), which initializes the _base._cfisa field of 412bf9f6fbf015f687784e26f26570924be4ca3924fAlexander Potapenko // the default allocators we check here. 413bf9f6fbf015f687784e26f26570924be4ca3924fAlexander Potapenko if (((CFRuntimeBase*)kCFAllocatorSystemDefault)->_cfisa) { 41423a3b760646aab699d29896d4feaf2fc84ec3955Alexander Potapenko ReplaceCFAllocator(); 415d079db6dfbf3b0ec5fa1cc8d093e0dae6f970bf8Alexander Potapenko } 4161e172b4bdec57329bf904f063a29f99cddf2d85fKostya Serebryany } 4171e172b4bdec57329bf904f063a29f99cddf2d85fKostya Serebryany} 4181e172b4bdec57329bf904f063a29f99cddf2d85fKostya Serebryany} // namespace __asan 419d6567c5166412f6acdde851e767c26f332d51d3dKostya Serebryany 420d6567c5166412f6acdde851e767c26f332d51d3dKostya Serebryany#endif // __APPLE__ 421