[all-commits] [llvm/llvm-project] e1a432: [dfsan] Clean TLS after sigaction callbacks

Z via All-commits all-commits at lists.llvm.org
Tue Feb 2 14:08:17 PST 2021


  Branch: refs/heads/main
  Home:   https://github.com/llvm/llvm-project
  Commit: e1a4322f8136788228d915a7384c5679b39dfeed
      https://github.com/llvm/llvm-project/commit/e1a4322f8136788228d915a7384c5679b39dfeed
  Author: Jianzhou Zhao <jianzhouzh at google.com>
  Date:   2021-02-02 (Tue, 02 Feb 2021)

  Changed paths:
    M compiler-rt/lib/dfsan/dfsan.cpp
    M compiler-rt/lib/dfsan/dfsan.h
    M compiler-rt/lib/dfsan/dfsan_custom.cpp
    M compiler-rt/test/dfsan/custom.cpp
    A compiler-rt/test/dfsan/sigaction.c
    A compiler-rt/test/dfsan/sigaction_stress_test.c

  Log Message:
  -----------
  [dfsan] Clean TLS after sigaction callbacks

DFSan uses TLS to pass metadata of arguments and return values. When an
instrumented function accesses the TLS, if a signal callback happens, and
the callback calls other instrumented functions with updating the same TLS,
the TLS is in an inconsistent state after the callback ends. This may cause
either under-tainting or over-tainting.

This fix follows MSan's workaround.
  https://github.com/llvm/llvm-project/commit/cb22c67a21e4b5e1ade65141117a70be318be072
It simply resets TLS at restore. This prevents from over-tainting. Although
under-tainting may still happen, a taint flow can be found eventually if we
run a DFSan-instrumented program multiple times. The alternative option is
saving the entire TLS. However the TLS storage takes 2k bytes, and signal calls
could be nested. So it does not seem worth.

This diff fixes sigaction. A following diff will be fixing signal.

Reviewed-by: morehouse

Differential Revision: https://reviews.llvm.org/D95642




More information about the All-commits mailing list