Skip to content

[lldb] Fix use-after-free in SBMutexTest #133840

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 1 commit into from
Apr 1, 2025
Merged

[lldb] Fix use-after-free in SBMutexTest #133840

merged 1 commit into from
Apr 1, 2025

Conversation

JDevlieghere
Copy link
Member

The locked variable can be accessed from the asynchronous thread until the call to f.wait() completes. However, the variable is scoped in a lexical block that ends before that, leading to a use-after-free.

@JDevlieghere
[lldb] Fix use-after-free in SBMutexTest
1891a00 
The `locked` variable can be accessed from the asynchronous thread until
the call to f.wait() completes. However, the variable is scoped in a
lexical block that ends before that, leading to a use-after-free.
@JDevlieghere JDevlieghere requested a review from slackito April 1, 2025 02:35
@JDevlieghere JDevlieghere merged commit 0b8c8ed into llvm:main Apr 1, 2025
6 of 9 checks passed
@llvmbot llvmbot added the lldb label Apr 1, 2025
@JDevlieghere JDevlieghere mentioned this pull request Apr 1, 2025
Merged
@llvmbot
Copy link
Member

llvmbot commented Apr 1, 2025

@llvm/pr-subscribers-lldb

Author: Jonas Devlieghere (JDevlieghere)

Changes

The locked variable can be accessed from the asynchronous thread until the call to f.wait() completes. However, the variable is scoped in a lexical block that ends before that, leading to a use-after-free.

Full diff: https://github.com/llvm/llvm-project/pull/133840.diff

1 Files Affected:

  • (modified) lldb/unittests/API/SBMutexTest.cpp (+1-2)
diff --git a/lldb/unittests/API/SBMutexTest.cpp b/lldb/unittests/API/SBMutexTest.cpp
index 0b888c2725aa9..aafad59d58c17 100644
--- a/lldb/unittests/API/SBMutexTest.cpp
+++ b/lldb/unittests/API/SBMutexTest.cpp
@@ -32,10 +32,9 @@ class SBMutexTest : public testing::Test {
 
 TEST_F(SBMutexTest, LockTest) {
   lldb::SBTarget target = debugger.GetDummyTarget();
-
+  std::atomic<bool> locked = false;
   std::future<void> f;
   {
-    std::atomic<bool> locked = false;
     lldb::SBMutex lock = target.GetAPIMutex();
     std::lock_guard<lldb::SBMutex> lock_guard(lock);
     ASSERT_FALSE(locked.exchange(true));

slackito
slackito reviewed Apr 1, 2025
View reviewed changes
Copy link
Collaborator

@slackito slackito left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Looks good to me, thanks!

@JDevlieghere JDevlieghere deleted the sblock-use-after-free branch April 1, 2025 21:44
JDevlieghere added a commit to swiftlang/llvm-project that referenced this pull request Apr 8, 2025
@JDevlieghere
[lldb] Fix use-after-free in SBMutexTest (llvm#133840)
5250a07 
The `locked` variable can be accessed from the asynchronous thread until
the call to f.wait() completes. However, the variable is scoped in a
lexical block that ends before that, leading to a use-after-free.

(cherry picked from commit 0b8c8ed)
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@slackito slackito slackito left review comments

Assignees
No one assigned
Labels
lldb
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@JDevlieghere @llvmbot @slackito