[PATCH] D106903: [dfsan][NFC] Describe how origin trace tracking works

George Balatsouras via Phabricator via cfe-commits cfe-commits at lists.llvm.org
Tue Jul 27 12:04:45 PDT 2021


gbalats added inline comments.


================
Comment at: clang/docs/DataFlowSanitizerDesign.rst:142
+Every four 4-bytes aligned application bytes share a 4-byte origin value. A
+4-byte origin contains a 4-bit depth and a 28-bit hash ID of a chain.
+
----------------
What is a chain? It's not yet explained at this point.


================
Comment at: clang/docs/DataFlowSanitizerDesign.rst:152
+
+A chain starts by `dfsan_set_label` with non-zero labels. A new chain is added
+at stores or memory-transfer when ``-dfsan-track-origins`` is 1. Memory transfers
----------------
Do you mean that the chain is extended?


================
Comment at: clang/docs/DataFlowSanitizerDesign.rst:155
+include LLVM memory transfer instructions and wrapped glibc memcpy and memmove.
+When ``-dfsan-track-origins`` is 2, a new chain is also added at loads.
+
----------------
same here


================
Comment at: clang/docs/DataFlowSanitizerDesign.rst:157
+
+Other instructions do not create new chains, but simply propagate origin values.
+If an instruction has more than one operands with non-zero labels, the origin
----------------
I'm not sure I understand the definition of a chain. What are the links? When you say, "create a new chain" you mean adding a new link to an existing chain? I think you might be using this expression to reflect the implementation (e.g., chain has a pointer to its tail) but it doesn't help when explaining.


Repository:
  rG LLVM Github Monorepo

CHANGES SINCE LAST ACTION
  https://reviews.llvm.org/D106903/new/

https://reviews.llvm.org/D106903



More information about the cfe-commits mailing list