[PATCH] D14014: Checker of proper vfork usage
Yury Gribov via cfe-commits
cfe-commits at lists.llvm.org
Fri Oct 23 02:12:52 PDT 2015
ygribov created this revision.
ygribov added reviewers: zaks.anna, dcoughlin, jordan_rose, krememek.
ygribov added a subscriber: cfe-commits.
ygribov set the repository for this revision to rL LLVM.
This checker verifies that vfork is used safely. Vforked process shared stack with parent process so it's range of actions is significantly limited (can't write variables, can't call functions not in whitelist, etc.).
The patch grew out of complicated 2-day debugging of production SW caused by well-known vfork bug in xtables (see http://lists.netfilter.org/pipermail/netfilter-buglog/2014-October/003280.html).
Is something like this interesting for upstream?
-------------- next part --------------
A non-text attachment was scrubbed...
Size: 12524 bytes
Desc: not available
More information about the cfe-commits