diff options
| author | Vitaly Buka <vitalybuka@google.com> | 2023-09-22 13:35:35 -0700 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2023-09-22 13:35:35 -0700 |
| commit | 43aa6e6bf3d5ca1dde3e839f4c6ebd0e524055a1 (patch) | |
| tree | 395c9f404906c2770132a3b0911459c59b2e9af1 /llvm/lib/CodeGen/TargetLoweringObjectFileImpl.cpp | |
| parent | 7ca8c21af36acb117529e797b3d36e85a286ca47 (diff) | |
| download | llvm-43aa6e6bf3d5ca1dde3e839f4c6ebd0e524055a1.zip llvm-43aa6e6bf3d5ca1dde3e839f4c6ebd0e524055a1.tar.gz llvm-43aa6e6bf3d5ca1dde3e839f4c6ebd0e524055a1.tar.bz2 | |
[hwasan] Fixing false invalid-free with disabled tagging (#67169)
This problem was accidentally discovered by the internal symbolizer, but
it's relevant for external one as well, see the test.
If we just disable tagging, there may still be tagged allocations that
have already been freed. After disabling tagging, these tagged
allocations can be released to the user as-is, which would later break
the "invalid-free" check.
We cannot just disable the "invalid-free" check with disabled tagging,
because if we re-enable tagging, the issue still applies to allocations
created when it was disabled.
The fix is to continue tagging with zero even if tagging is disabled.
This makes the "disabled" mode less efficient, but this is not the
primary use case.
Diffstat (limited to 'llvm/lib/CodeGen/TargetLoweringObjectFileImpl.cpp')
0 files changed, 0 insertions, 0 deletions