Improve HeapReAlloc/HEAP_REALLOC_IN_PLACE_ONLY.

ASAN_OPTIONS='verbosity=0:windows_hook_rtl_allocators=1' WINEDLLOVERRIDES="$F=n;*.dll=n" WINEDEBUG= wine64 z:/home/bernhard/data/entwicklung/2024/wine/wine-build/build-asan-pe/64/obj/dlls/urlmon/tests/x86_64-windows/urlmon_test.exe url

urlmon_test:url

ASAN_OPTIONS='verbosity=0:windows_hook_rtl_allocators=1' WINEDLLOVERRIDES="$F=n;*.dll=n" WINEDEBUG= wine64 z:/home/bernhard/data/entwicklung/2024/wine/wine-build/build-asan-pe/64/obj/dlls/urlmon/tests/x86_64-windows/urlmon_test.exe url
...
url.c:3528: Test marked todo: expected GetWindow_ICodeInstall
url.c:4077: file test (no callback)...
0130:err:secur32:establish_context alloc_buffer=00007FFFFE1FC510, alloc_buffer.pvBuffer=00007F331B4D0800 RtlGetLastWin32Error(): 0x0 :979
0130:err:secur32:establish_context alloc_buffer=00007FFFFE1FC510, alloc_buffer.pvBuffer=00007F331B4D0800 RtlGetLastWin32Error(): 0x0 :982
=================================================================
==300==ERROR: AddressSanitizer: attempting double-free on 0x7f331b4d0800 in thread T0:
022c:fixme:file:server_get_file_info Unsupported info class e
    #0 0x6ffffa60b113 in RtlFreeHeap /home/bernhard/data/entwicklung/2024/llvm-mingw/2024-10-18/llvm-mingw/llvm-project/compiler-rt\lib/asan/asan_malloc_win.cpp:444:3
    #1 0x6ffff346345f in FreeContextBuffer /home/bernhard/data/entwicklung/2024/wine/wine/dlls/secur32\secur32.c:651:5
    #2 0x6ffffc2b6cd3 in netcon_secure_connect_setup /home/bernhard/data/entwicklung/2024/wine/wine/dlls/wininet\netconnection.c:484:13
    #3 0x6ffffc2a8216 in NETCON_secure_connect /home/bernhard/data/entwicklung/2024/wine/wine/dlls/wininet\netconnection.c:612:11
    #4 0x6ffffc295941 in HTTP_HttpSendRequestW /home/bernhard/data/entwicklung/2024/wine/wine/dlls/wininet\http.c:5100:23
    #5 0x6ffffc29b999 in HttpSendRequestW /home/bernhard/data/entwicklung/2024/wine/wine/dlls/wininet\http.c:5759:8
    #6 0x6ffffc29b2ab in HttpSendRequestA /home/bernhard/data/entwicklung/2024/wine/wine/dlls/wininet\http.c:5799:14
    #7 0x0001400dfa52 in can_do_https /home/bernhard/data/entwicklung/2024/wine\wine/dlls/urlmon/tests/url.c:3987:11
    #8 0x0001400dfa52 in func_url /home/bernhard/data/entwicklung/2024/wine\wine/dlls/urlmon/tests/url.c:4080:12
    #9 0x00014011cd90 in run_test /home/bernhard/data/entwicklung/2024/wine\wine/include/wine/test.h:765:5
    #10 0x00014011cd90 in main /home/bernhard/data/entwicklung/2024/wine\wine/include/wine/test.h:884:12
    #11 0x00014011ec3f in mainCRTStartup /home/bernhard/data/entwicklung/2024/wine\wine/dlls/msvcrt/crt_main.c:58:11
    #12 0x6fffffa54808 in BaseThreadInitThunk /home/bernhard/data/entwicklung/2024/wine/wine/dlls/kernel32\thread.c:61:5
    #13 0x6fffffc2fa1a in RtlUserThreadStart (C:\windows\system32\ntdll.dll+0x17000fa1a)

0x7f331b4d0800 is located 0 bytes inside of 65536-byte region [0x7f331b4d0800,0x7f331b4e0800)
freed by thread T0 here:
    #0 0x6ffffa60abc6 in __asan::SharedReAlloc(void* (*)(void*, unsigned long, void*, unsigned long long), unsigned long long (*)(void*, unsigned long, void*), int (*)(void*, unsigned long, void*), void* (*)(void*, unsign
ed long, unsigned long long), void*, unsigned long, void*, unsigned long long) /home/bernhard/data/entwicklung/2024/llvm-mingw/2024-10-18/llvm-mingw/llvm-project/compiler-rt\lib/asan/asan_malloc_win.cpp:269:3
    #1 0x6ffffa60afa4 in HeapReAlloc /home/bernhard/data/entwicklung/2024/llvm-mingw/2024-10-18/llvm-mingw/llvm-project/compiler-rt\lib/asan/asan_malloc_win.cpp:394:10
    #2 0x6ffff346858d in establish_context.constprop.0 /home/bernhard/data/entwicklung/2024/wine/wine/dlls/secur32\schannel.c:980:13
    #3 0x6ffff3464680 in InitializeSecurityContextW /home/bernhard/data/entwicklung/2024/wine/wine/dlls/secur32\wrapper.c:249:19
    #4 0x6ffffc2b6bdf in netcon_secure_connect_setup /home/bernhard/data/entwicklung/2024/wine/wine/dlls/wininet\netconnection.c:464:14
    #5 0x6ffffc2a8216 in NETCON_secure_connect /home/bernhard/data/entwicklung/2024/wine/wine/dlls/wininet\netconnection.c:612:11
    #6 0x6ffffc295941 in HTTP_HttpSendRequestW /home/bernhard/data/entwicklung/2024/wine/wine/dlls/wininet\http.c:5100:23
    #7 0x6ffffc29b999 in HttpSendRequestW /home/bernhard/data/entwicklung/2024/wine/wine/dlls/wininet\http.c:5759:8
    #8 0x6ffffc29b2ab in HttpSendRequestA /home/bernhard/data/entwicklung/2024/wine/wine/dlls/wininet\http.c:5799:14
    #9 0x0001400dfa52 in can_do_https /home/bernhard/data/entwicklung/2024/wine\wine/dlls/urlmon/tests/url.c:3987:11
    #10 0x0001400dfa52 in func_url /home/bernhard/data/entwicklung/2024/wine\wine/dlls/urlmon/tests/url.c:4080:12
    #11 0x00014011cd90 in run_test /home/bernhard/data/entwicklung/2024/wine\wine/include/wine/test.h:765:5
    #12 0x00014011cd90 in main /home/bernhard/data/entwicklung/2024/wine\wine/include/wine/test.h:884:12
    #13 0x00014011ec3f in mainCRTStartup /home/bernhard/data/entwicklung/2024/wine\wine/dlls/msvcrt/crt_main.c:58:11
    #14 0x6fffffa54808 in BaseThreadInitThunk /home/bernhard/data/entwicklung/2024/wine/wine/dlls/kernel32\thread.c:61:5
    #15 0x6fffffc2fa1a in RtlUserThreadStart (C:\windows\system32\ntdll.dll+0x17000fa1a)

previously allocated by thread T0 here:
    #0 0x6ffffa60a8a3 in HeapAlloc /home/bernhard/data/entwicklung/2024/llvm-mingw/2024-10-18/llvm-mingw/llvm-project/compiler-rt\lib/asan/asan_malloc_win.cpp:230:3
    #1 0x6ffff3468098 in establish_context.constprop.0 /home/bernhard/data/entwicklung/2024/wine/wine/dlls/secur32\schannel.c:954:37
    #2 0x6ffff3464680 in InitializeSecurityContextW /home/bernhard/data/entwicklung/2024/wine/wine/dlls/secur32\wrapper.c:249:19
    #3 0x6ffffc2b6bdf in netcon_secure_connect_setup /home/bernhard/data/entwicklung/2024/wine/wine/dlls/wininet\netconnection.c:464:14
    #4 0x6ffffc2a8216 in NETCON_secure_connect /home/bernhard/data/entwicklung/2024/wine/wine/dlls/wininet\netconnection.c:612:11
    #5 0x6ffffc295941 in HTTP_HttpSendRequestW /home/bernhard/data/entwicklung/2024/wine/wine/dlls/wininet\http.c:5100:23
    #6 0x6ffffc29b999 in HttpSendRequestW /home/bernhard/data/entwicklung/2024/wine/wine/dlls/wininet\http.c:5759:8
    #7 0x6ffffc29b2ab in HttpSendRequestA /home/bernhard/data/entwicklung/2024/wine/wine/dlls/wininet\http.c:5799:14
    #8 0x0001400dfa52 in can_do_https /home/bernhard/data/entwicklung/2024/wine\wine/dlls/urlmon/tests/url.c:3987:11
    #9 0x0001400dfa52 in func_url /home/bernhard/data/entwicklung/2024/wine\wine/dlls/urlmon/tests/url.c:4080:12
    #10 0x00014011cd90 in run_test /home/bernhard/data/entwicklung/2024/wine\wine/include/wine/test.h:765:5
    #11 0x00014011cd90 in main /home/bernhard/data/entwicklung/2024/wine\wine/include/wine/test.h:884:12
    #12 0x00014011ec3f in mainCRTStartup /home/bernhard/data/entwicklung/2024/wine\wine/dlls/msvcrt/crt_main.c:58:11
    #13 0x6fffffa54808 in BaseThreadInitThunk /home/bernhard/data/entwicklung/2024/wine/wine/dlls/kernel32\thread.c:61:5
    #14 0x6fffffc2fa1a in RtlUserThreadStart (C:\windows\system32\ntdll.dll+0x17000fa1a)

SUMMARY: AddressSanitizer: double-free /home/bernhard/data/entwicklung/2024/wine/wine/dlls/secur32\secur32.c:651:5 in FreeContextBuffer
==300==ABORTING

Author: bernhardu

compiler-rt/lib/asan/asan_malloc_win.cpp

@@ -323,12 +323,25 @@ void *SharedReAlloc(ReAllocFunction reallocFunc, SizeFunction heapSizeFunc,
     }
 
     if (ownershipState == ASAN && !only_asan_supported_flags) {
+      size_t old_usable_size = 0;
+      old_usable_size = asan_malloc_usable_size(lpMem, pc, bp);
+
+      // asan_realloc will never reallocate in place, so for now this flag is
+      // unsupported until we figure out a way to fake this.
+      if (dwFlags & HEAP_REALLOC_IN_PLACE_ONLY) {
+        if (old_usable_size < dwBytes) {
+          VPrintf(0, "SharedReAlloc: HEAP_REALLOC_IN_PLACE_ONLY not supported, return nullptr to indicate failure.\n");
+          return nullptr;
+        } else {
+          VPrintf(0, "SharedReAlloc: HEAP_REALLOC_IN_PLACE_ONLY not supported, return previous pointer to mimic success\n");
+          return lpMem;
+        }
+      }
+
       // Conversion to unsupported flags allocation,
       // transfer this allocation back to the original allocator.
       void *replacement_alloc = allocFunc(hHeap, dwFlags, dwBytes);
-      size_t old_usable_size = 0;
       if (replacement_alloc) {
-        old_usable_size = asan_malloc_usable_size(lpMem, pc, bp);
         REAL(memcpy)(replacement_alloc, lpMem,
                      Min<size_t>(dwBytes, old_usable_size));
         asan_free(lpMem, &stack, FROM_MALLOC);