[llvm-commits] tsan: detect use-after-free (issue 6214052)

[kcc at google.com]

Great idea!
But I don't like to hide the "freed" bit inside TID.
can we make this bit more explicit?


http://codereview.appspot.com/6214052/diff/1/output_tests/free_race2.c
File output_tests/free_race2.c (right):

http://codereview.appspot.com/6214052/diff/1/output_tests/free_race2.c#newcode3
output_tests/free_race2.c:3: void foo(int *mem) {
you will need to disable inlining.
This can be done later once we star running all tests with -O2

http://codereview.appspot.com/6214052/diff/1/rtl/tsan_clock.h
File rtl/tsan_clock.h (right):

http://codereview.appspot.com/6214052/diff/1/rtl/tsan_clock.h#newcode75
rtl/tsan_clock.h:75: u64 clk_[kMaxTid * 2];
Maybe we can use another kSomething?

http://codereview.appspot.com/6214052/diff/1/rtl/tsan_defs.h
File rtl/tsan_defs.h (right):

http://codereview.appspot.com/6214052/diff/1/rtl/tsan_defs.h#newcode32
rtl/tsan_defs.h:32: const int kTidBits = 16;
I don't really like this.
Can we have a separate free-ed bit.
It can bit adjacent to tid so that the rest of the logic works.

http://codereview.appspot.com/6214052/diff/1/rtl/tsan_report.cc
File rtl/tsan_report.cc (right):

http://codereview.appspot.com/6214052/diff/1/rtl/tsan_report.cc#newcode36
rtl/tsan_report.cc:36: Printf("use after free");
maybe print "heap-use-after-free" to match asan's output?

http://codereview.appspot.com/6214052/diff/1/rtl/tsan_rtl.h
File rtl/tsan_rtl.h (right):

http://codereview.appspot.com/6214052/diff/1/rtl/tsan_rtl.h#newcode94
rtl/tsan_rtl.h:94: // will race with it.
Too hackish. I'd prefer a separate bit.

http://codereview.appspot.com/6214052/