Do not call malloc_zone_from_ptr() for the pointers passed to mz_size() and mz_free().
These callbacks assume that the memory belongs to asan_zone, so it's incorrect to pass it to another one.
If a need for this appears (e.g. system libraries free the memory using wrong zone), it should be documented.
git-svn-id: https://llvm.org/svn/llvm-project/compiler-rt/trunk@159713 91177308-0d34-0410-b5e6-96231b3b80d8
diff --git a/lib/asan/asan_malloc_mac.cc b/lib/asan/asan_malloc_mac.cc
index f70bc85..0f510bf 100644
--- a/lib/asan/asan_malloc_mac.cc
+++ b/lib/asan/asan_malloc_mac.cc
@@ -82,12 +82,6 @@
// TODO(glider): the mz_* functions should be united with the Linux wrappers,
// as they are basically copied from there.
size_t mz_size(malloc_zone_t* zone, const void* ptr) {
- // Fast path: check whether this pointer belongs to the original malloc zone.
- // We cannot just call malloc_zone_from_ptr(), because it in turn
- // calls our mz_size().
- if (system_malloc_zone) {
- if ((system_malloc_zone->size)(system_malloc_zone, ptr)) return 0;
- }
return asan_mz_size(ptr);
}
@@ -151,14 +145,6 @@
void ALWAYS_INLINE free_common(void *context, void *ptr) {
if (!ptr) return;
- malloc_zone_t *orig_zone = malloc_zone_from_ptr(ptr);
- // For some reason Chromium calls mz_free() for pointers that belong to
- // DefaultPurgeableMallocZone instead of asan_zone. We might want to
- // fix this someday.
- if (orig_zone == system_purgeable_zone) {
- system_purgeable_zone->free(system_purgeable_zone, ptr);
- return;
- }
if (!FLAG_mac_ignore_invalid_free || asan_mz_size(ptr)) {
GET_STACK_TRACE_HERE_FOR_FREE(ptr);
asan_free(ptr, &stack);