forked from OSchip/llvm-project
![]() DFSan at store does store shadow data; store app data; and at load does load shadow data; load app data. When an application data is atomic, one overtainting case is thread A: load shadow thread B: store shadow thread B: store app thread A: load app If the application address had been used by other flows, thread A reads previous shadow, causing overtainting. The change is similar to MSan's solution. 1) enforce ordering of app load/store 2) load shadow after load app; store shadow before shadow app 3) do not track atomic store by reseting its shadow to be 0. The last one is to address a case like this. Thread A: load app Thread B: store shadow Thread A: load shadow Thread B: store app This approach eliminates overtainting as a trade-off between undertainting flows via shadow data race. Note that this change addresses only native atomic instructions, but does not support builtin libcalls yet. https://llvm.org/docs/Atomics.html#libcalls-atomic Reviewed-by: morehouse Differential Revision: https://reviews.llvm.org/D97310 |
||
---|---|---|
.. | ||
Analysis | ||
Assembler | ||
Bindings | ||
Bitcode | ||
BugPoint | ||
CodeGen | ||
DebugInfo | ||
Demangle | ||
Examples | ||
ExecutionEngine | ||
Feature | ||
FileCheck | ||
Instrumentation | ||
Integer | ||
JitListener | ||
LTO | ||
Linker | ||
MC | ||
MachineVerifier | ||
Object | ||
ObjectYAML | ||
Other | ||
Reduce | ||
SafepointIRVerifier | ||
Support | ||
SymbolRewriter | ||
TableGen | ||
ThinLTO/X86 | ||
Transforms | ||
Unit | ||
Verifier | ||
YAMLParser | ||
tools | ||
.clang-format | ||
CMakeLists.txt | ||
TestRunner.sh | ||
lit.cfg.py | ||
lit.site.cfg.py.in |