-
ager@chromium.org authored
We poison the heap object headers because only our code should ever be able to access them and only from a handful of methods. Poisoning the headers lets us catch stray read/writes that end up in our headers and we use the NO_SANITIZE_ADDRESS annotation on the handful of methods that operate on the headers. The ASan NO_SANITIZE_ADDRESS annotation does not propagate to acquireLoad. Our first attempt to fix that was to unpoison the address accessed. However, that does not work because we are using this code from multiple threads without locking (which is the reason for using atomic ops). Therefore, the threads will have races when it comes to poisoning. This change fixes the issue by introducing asan aware asanAcquireLoad/asanReleaseStore which will work on poisoned memory when you know what you are doing. Kostya, do you have any alternative suggestions? R=erik.corry@gmail.com, kcc@chromium.org, oilpan-reviews@chromium.org, zerny@chromium.org BUG=411712 Review URL: https://codereview.chromium.org/556443003 git-svn-id: svn://svn.chromium.org/blink/trunk@181638 bbb929c8-8fbe-4397-9dbb-9b2b20218538
2edf134b
