Fix ASAN errors when updating call cache

Invalidating call cache walks the heap, so we need to take care to
un-poison objects when examining them
This commit is contained in:
Aaron Patterson 2020-09-28 08:37:09 -07:00
parent 0767d387ec
commit 664eeda66e
No known key found for this signature in database
GPG Key ID: 953170BCB4FFAFC6

8
gc.c
View File

@ -2544,6 +2544,8 @@ vm_ccs_free(struct rb_class_cc_entries *ccs, int alive, rb_objspace_t *objspace,
for (int i=0; i<ccs->len; i++) {
const struct rb_callcache *cc = ccs->entries[i].cc;
if (!alive) {
void *ptr = asan_poisoned_object_p((VALUE)cc);
asan_unpoison_object((VALUE)cc, false);
// ccs can be free'ed.
if (is_pointer_to_heap(objspace, (void *)cc) &&
IMEMO_TYPE_P(cc, imemo_callcache) &&
@ -2551,8 +2553,14 @@ vm_ccs_free(struct rb_class_cc_entries *ccs, int alive, rb_objspace_t *objspace,
// OK. maybe target cc.
}
else {
if (ptr) {
asan_poison_object((VALUE)cc);
}
continue;
}
if (ptr) {
asan_poison_object((VALUE)cc);
}
}
vm_cc_invalidate(cc);
}