This is an archive of the discontinued LLVM Phabricator instance.

[scudo] Replace eraseHeader with compareExchangeHeader for Quarantined chunks
ClosedPublic

Authored by cryptoad on Aug 24 2018, 10:25 AM.

Details

Summary

The reason for the existence of eraseHeader was that it was deemed faster
to null-out a chunk header, effectively making it invalid, rather than marking
it as available, which incurred a checksum computation and a cmpxchg.

A previous use of eraseHeader was removed with D50655 due to a race.

Now we remove the second use of it in the Quarantine deallocation path and
replace is with a compareExchangeHeader.

The reason for this is that greatly helps debugging some heap bugs as the chunk
header is now valid and the chunk marked available, as opposed to the header
being invalid. Eg: we get an invalid state error, instead of an invalid header
error, which reduces the possibilities. The computational penalty is negligible.

Event Timeline

cryptoad created this revision.Aug 24 2018, 10:25 AM
Herald added subscribers: Restricted Project, jfb, delcypher. · View Herald TranscriptAug 24 2018, 10:25 AM
eugenis accepted this revision.Aug 24 2018, 10:46 AM
This revision is now accepted and ready to land.Aug 24 2018, 10:46 AM
This revision was automatically updated to reflect the committed changes.