ruby-changes:63187
From: Aaron <ko1@a...>
Date: Tue, 29 Sep 2020 01:45:45 +0900 (JST)
Subject: [ruby-changes:63187] 664eeda66e (master): Fix ASAN errors when updating call cache
https://git.ruby-lang.org/ruby.git/commit/?id=664eeda66e From 664eeda66e1f64d09e0d321e681f2c21916f9c13 Mon Sep 17 00:00:00 2001 From: Aaron Patterson <tenderlove@r...> Date: Mon, 28 Sep 2020 08:37:09 -0700 Subject: Fix ASAN errors when updating call cache Invalidating call cache walks the heap, so we need to take care to un-poison objects when examining them diff --git a/gc.c b/gc.c index fcb9c64..075019a 100644 --- a/gc.c +++ b/gc.c @@ -2544,6 +2544,8 @@ vm_ccs_free(struct rb_class_cc_entries *ccs, int alive, rb_objspace_t *objspace, https://github.com/ruby/ruby/blob/trunk/gc.c#L2544 for (int i=0; i<ccs->len; i++) { const struct rb_callcache *cc = ccs->entries[i].cc; if (!alive) { + void *ptr = asan_poisoned_object_p((VALUE)cc); + asan_unpoison_object((VALUE)cc, false); // ccs can be free'ed. if (is_pointer_to_heap(objspace, (void *)cc) && IMEMO_TYPE_P(cc, imemo_callcache) && @@ -2551,8 +2553,14 @@ vm_ccs_free(struct rb_class_cc_entries *ccs, int alive, rb_objspace_t *objspace, https://github.com/ruby/ruby/blob/trunk/gc.c#L2553 // OK. maybe target cc. } else { + if (ptr) { + asan_poison_object((VALUE)cc); + } continue; } + if (ptr) { + asan_poison_object((VALUE)cc); + } } vm_cc_invalidate(cc); } -- cgit v0.10.2 -- ML: ruby-changes@q... Info: http://www.atdot.net/~ko1/quickml/