Make asan_poison_object poison the whole slot

This change poisons the whole slot of the object rather than just the flags. This allows ASAN to find any reads/writes into the slot after it has been freed.
author: Peter Zhu <[email protected]> 2024-12-11 12:18:00 -0500
committer: Peter Zhu <[email protected]> 2024-12-19 09:14:34 -0500
commit: c37bdfa5311be0aa8503b995299fb9547cede0a6 (patch)
tree: bd4a6ea5928cd29a510c41d9328e887783f4bd62 /gc.c
parent: ccded855b6bb2d9ab268c139f8241dcac410155f (diff)
1 files changed, 21 insertions, 0 deletions
diff --git a/gc.c b/gc.c
index 4c32c5a1ed..82bef38bf9 100644
--- a/gc.c
+++ b/gc.c
@@ -4309,6 +4309,27 @@ rb_raw_obj_info_buitin_type(char *const buff, const size_t buff_size, const VALU
 
 #undef C
 
+void
+asan_poison_object(VALUE obj)
+{
+    MAYBE_UNUSED(struct RVALUE *) ptr = (void *)obj;
+    asan_poison_memory_region(ptr, rb_gc_obj_slot_size(obj));
+}
+
+void
+asan_unpoison_object(VALUE obj, bool newobj_p)
+{
+    MAYBE_UNUSED(struct RVALUE *) ptr = (void *)obj;
+    asan_unpoison_memory_region(ptr, rb_gc_obj_slot_size(obj), newobj_p);
+}
+
+void *
+asan_poisoned_object_p(VALUE obj)
+{
+    MAYBE_UNUSED(struct RVALUE *) ptr = (void *)obj;
+    return __asan_region_is_poisoned(ptr, rb_gc_obj_slot_size(obj));
+}
+
 #define asan_unpoisoning_object(obj) \
     for (void *poisoned = asan_unpoison_object_temporary(obj), \
               *unpoisoning = &poisoned; /* flag to loop just once */ \
author	Peter Zhu <[email protected]>	2024-12-11 12:18:00 -0500
committer	Peter Zhu <[email protected]>	2024-12-19 09:14:34 -0500
commit	c37bdfa5311be0aa8503b995299fb9547cede0a6 (patch)
tree	bd4a6ea5928cd29a510c41d9328e887783f4bd62 /gc.c
parent	ccded855b6bb2d9ab268c139f8241dcac410155f (diff)