runtime/cgo: cgo traceback routine can use value that msan thinks is uninitialized #47543
Labels
FrozenDueToAge
NeedsFix
The path to resolution is known, but the work has not been done.
release-blocker
Milestone
When building with
-msan
to use the C memory sanitizer, the cgo traceback routine set byruntime.SetCgoTraceback
can use a value that msan thinks is uninitialized. This can happen because the C functionx_cgo_callers
, in runtime/cgo, is called directly bycgoSigtramp
. The arguments are passed in registers as is normal for C.cgoSigtramp
is written in assembly, and as such does not notify MSAN what it is doing. The effect is that if the signal handler is invoked at a point in the program where one of the argument registers holds uninitialized memory, MSAN will think thatx_cgo_callers
is using an argument register that holds uninitialized memory. To be precise, the first three argument registers are set by the signal handler, and it so happens that MSAN doesn't care about the way thatx_cgo_callers
uses its fourth or sixth argument, but MSAN does care about the use of the fifth argument,cgoCallers
. If the fifth argument register is uninitialized when the signal handler is invoked,x_cgo_callers
can cause thearg.Buf
field of the cgo traceback argument to be uninitialized. If the cgo traceback function tries to usearg.Buf
, as it almost certainly will, then MSAN will report a use of uninitialized memory.This is a fairly complex scenario, but below is a test case that reproduces it reliably when built with
Fortunately the fix is straightforward and safe. I will send a CL.
The text was updated successfully, but these errors were encountered: