Fix ASAN errors when updating call cache

Invalidating call cache walks the heap, so we need to take care to un-poison objects when examining them
ruby · Sep 28, 2020 · 664eeda · 664eeda
1 parent 0767d38
commit 664eeda
Showing 1 changed file with 8 additions and 0 deletions.
diff --git a/gc.c b/gc.c
@@ -2544,15 +2544,23 @@ vm_ccs_free(struct rb_class_cc_entries *ccs, int alive, rb_objspace_t *objspace,
         for (int i=0; i<ccs->len; i++) {
             const struct rb_callcache *cc = ccs->entries[i].cc;
             if (!alive) {
+                void *ptr = asan_poisoned_object_p((VALUE)cc);
+                asan_unpoison_object((VALUE)cc, false);
                 // ccs can be free'ed.
                 if (is_pointer_to_heap(objspace, (void *)cc) &&
                     IMEMO_TYPE_P(cc, imemo_callcache) &&
                     cc->klass == klass) {
                     // OK. maybe target cc.
                 }
                 else {
+                    if (ptr) {
+                        asan_poison_object((VALUE)cc);
+                    }
                     continue;
                 }
+                if (ptr) {
+                    asan_poison_object((VALUE)cc);
+                }
             }
             vm_cc_invalidate(cc);
         }