[compiler-rt] c2a3fb3 - [msan] Don't track origns in signal handlers

Vitaly Buka via llvm-commits llvm-commits at lists.llvm.org
Thu Aug 5 13:53:32 PDT 2021 

Author: Vitaly Buka
Date: 2021-08-05T13:53:20-07:00
New Revision: c2a3fb303f1fffeb0856863cc5eff1529e1db5e7

URL: https://github.com/llvm/llvm-project/commit/c2a3fb303f1fffeb0856863cc5eff1529e1db5e7
DIFF: https://github.com/llvm/llvm-project/commit/c2a3fb303f1fffeb0856863cc5eff1529e1db5e7.diff

LOG: [msan] Don't track origns in signal handlers

Origin::CreateHeapOrigin is not async-signal-safe and can deadlock.

Differential Revision: https://reviews.llvm.org/D107431

Added: 
    compiler-rt/test/msan/poison_in_signal.cpp

Modified: 
    compiler-rt/lib/msan/msan_poisoning.cpp

Removed: 
    


################################################################################
diff  --git a/compiler-rt/lib/msan/msan_poisoning.cpp b/compiler-rt/lib/msan/msan_poisoning.cpp
index 15892392f74a3..af01aa69f78f6 100644
--- a/compiler-rt/lib/msan/msan_poisoning.cpp
+++ b/compiler-rt/lib/msan/msan_poisoning.cpp
@@ -14,6 +14,7 @@
 
 #include "interception/interception.h"
 #include "msan_origin.h"
+#include "msan_thread.h"
 #include "sanitizer_common/sanitizer_common.h"
 
 DECLARE_REAL(void *, memset, void *dest, int c, uptr n)
@@ -241,6 +242,9 @@ void PoisonMemory(const void *dst, uptr size, StackTrace *stack) {
   SetShadow(dst, size, (u8)-1);
 
   if (__msan_get_track_origins()) {
+    MsanThread *t = GetCurrentThread();
+    if (t && t->InSignalHandler())
+      return;
     Origin o = Origin::CreateHeapOrigin(stack);
     SetOrigin(dst, size, o.raw_id());
   }

diff  --git a/compiler-rt/test/msan/poison_in_signal.cpp b/compiler-rt/test/msan/poison_in_signal.cpp
new file mode 100644
index 0000000000000..1f341b7652798
--- /dev/null
+++ b/compiler-rt/test/msan/poison_in_signal.cpp
@@ -0,0 +1,63 @@
+// Stress test of poisoning from signal handler.
+
+// RUN: %clangxx_msan -std=c++11 -O2 %s -o %t && %run %t
+// RUN: %clangxx_msan -fsanitize-memory-track-origins=2 -std=c++11 -O2 %s -o %t && %run %t
+// RUN: %clangxx_msan -fsanitize-memory-track-origins=2 -fsanitize-memory-use-after-dtor -std=c++11 -O2 %s -o %t && MSAN_OPTIONS=poison_in_dtor=1 %run %t
+
+#include <assert.h>
+#include <atomic>
+#include <pthread.h>
+#include <signal.h>
+#include <sys/time.h>
+
+#include <sanitizer/msan_interface.h>
+
+std::atomic<int> n = {1000};
+
+struct Tmp {
+  char buff[1];
+  ~Tmp() {}
+};
+
+__attribute__((noinline, optnone)) void Poison() {
+  // use-after-dtor.
+  volatile Tmp t;
+  // Regular poisoning.
+  __msan_poison(&t, sizeof(t));
+}
+
+void *thr(void *p) {
+  for (; n >= 0;) {
+    for (int i = 0; i < 1000; i++) {
+      Poison();
+    }
+  }
+  return 0;
+}
+
+void handler(int) {
+  Poison();
+  --n;
+}
+
+int main(int argc, char **argv) {
+  const int kThreads = 10;
+  pthread_t th[kThreads];
+  for (int i = 0; i < kThreads; i++)
+    pthread_create(&th[i], 0, thr, 0);
+
+  struct sigaction sa = {};
+  sa.sa_handler = handler;
+  assert(!sigaction(SIGPROF, &sa, 0));
+
+  itimerval t;
+  t.it_value.tv_sec = 0;
+  t.it_value.tv_usec = 10;
+  t.it_interval = t.it_value;
+  assert(!setitimer(ITIMER_PROF, &t, 0));
+
+  for (int i = 0; i < kThreads; i++)
+    pthread_join(th[i], 0);
+
+  return 0;
+}

More information about the llvm-commits mailing list