projects / platform / upstream / llvm.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 07ba066) | patch
[hwasan] Fix Thread reuse.
authorEvgenii Stepanov <eugenis@google.com>
Tue, 10 Nov 2020 22:15:47 +0000 (14:15 -0800)
committerEvgenii Stepanov <eugenis@google.com>
Wed, 11 Nov 2020 01:24:24 +0000 (17:24 -0800)
commite1eeb026e66c38add2a1f8f1271e1f618c2f7a72
tree4df43e6ae54b6b6306dae7269b7755dabd3f8ac6tree | snapshot
parent07ba0662da5caf2e926b9cb82e9d89265dbdf144commit | diff
[hwasan] Fix Thread reuse.

HwasanThreadList::DontNeedThread clobbers Thread::next_, breaking the
freelist. As a result, only the top of the freelist ever gets reused,
and the rest of it is lost.

Since the Thread object its associated ring buffer is only 8Kb, this is
typically only noticable in long running processes, such as fuzzers.

Fix the problem by switching from an intrusive linked list to a vector.

Differential Revision: https://reviews.llvm.org/D91208
compiler-rt/lib/hwasan/hwasan_thread.h diff | blob | history
compiler-rt/lib/hwasan/hwasan_thread_list.h diff | blob | history
compiler-rt/lib/sanitizer_common/sanitizer_common.h diff | blob | history
compiler-rt/lib/sanitizer_common/tests/sanitizer_common_test.cpp diff | blob | history
compiler-rt/test/hwasan/TestCases/Linux/reuse-threads.cpp [new file with mode: 0644] blob
compiler-rt/test/hwasan/TestCases/thread-uaf.c diff | blob | history
Domain: System / Toolchain;