[compiler-rt] r193405 - [sanitizer] Intercept pthread_attr_get*.
Sergey Matveev
earthdok at google.com
Thu Nov 7 04:34:40 PST 2013
We're using pthread_attr_getstack() in sanitizer code! Ouch!
=================================================================
==31121==ERROR: AddressSanitizer: stack-buffer-overflow on address
0x7f0303db7ad8 at pc 0x452cfb bp 0x7f0303db7ab0 sp 0x7f0303db7a88
WRITE of size 8 at 0x7f0303db7ad8 thread T2
#0 0x452cfa in __interceptor_pthread_attr_getstack
llvm/projects/compiler-rt/lib/asan/../sanitizer_common/sanitizer_common_interceptors.inc:2589
#1 0x47d7af in __sanitizer::GetThreadStackTopAndBottom(bool, unsigned
long*, unsigned long*)
llvm/projects/compiler-rt/lib/sanitizer_common/sanitizer_linux_libcdep.cc:77
#2 0x47dc4d in
__sanitizer::GetThreadStackAndTls(bool, unsigned long*, unsigned long*,
unsigned long*, unsigned long*)
llvm/projects/compiler-rt/lib/sanitizer_common/sanitizer_linux_libcdep.cc:255
#3 0x474a65 in SetThreadStackAndTls
llvm/projects/compiler-rt/lib/asan/asan_thread.cc:184
#4 0x474a65 in __asan::AsanThread::Init()
llvm/projects/compiler-rt/lib/asan/asan_thread.cc:140
#5 0x474caf in __asan::AsanThread::ThreadStart(unsigned long)
llvm/projects/compiler-rt/lib/asan/asan_thread.cc:155
#6 0x7f0313855e99 in start_thread
/build/buildd/eglibc-2.15/nptl/pthread_create.c:308
#7 0x7f030d5c03fc (/lib/x86_64-linux-gnu/libc.so.6+0xf43fc)
This is breaking several Chrome tests for me, but looks like it could break
a lot of other code...
On Fri, Oct 25, 2013 at 5:01 PM, Evgeniy Stepanov <eugeni.stepanov at gmail.com
> wrote:
> Author: eugenis
> Date: Fri Oct 25 08:01:31 2013
> New Revision: 193405
>
> URL: http://llvm.org/viewvc/llvm-project?rev=193405&view=rev
> Log:
> [sanitizer] Intercept pthread_attr_get*.
>
> Modified:
> compiler-rt/trunk/lib/asan/asan_interceptors.cc
> compiler-rt/trunk/lib/msan/msan_interceptors.cc
> compiler-rt/trunk/lib/msan/tests/CMakeLists.txt
> compiler-rt/trunk/lib/msan/tests/msan_test.cc
>
> compiler-rt/trunk/lib/sanitizer_common/sanitizer_common_interceptors.inc
>
> compiler-rt/trunk/lib/sanitizer_common/sanitizer_platform_interceptors.h
> compiler-rt/trunk/lib/tsan/rtl/tsan_interceptors.cc
> compiler-rt/trunk/lib/tsan/rtl/tsan_stat.cc
> compiler-rt/trunk/lib/tsan/rtl/tsan_stat.h
>
> Modified: compiler-rt/trunk/lib/asan/asan_interceptors.cc
> URL:
> http://llvm.org/viewvc/llvm-project/compiler-rt/trunk/lib/asan/asan_interceptors.cc?rev=193405&r1=193404&r2=193405&view=diff
>
> ==============================================================================
> --- compiler-rt/trunk/lib/asan/asan_interceptors.cc (original)
> +++ compiler-rt/trunk/lib/asan/asan_interceptors.cc Fri Oct 25 08:01:31
> 2013
> @@ -151,8 +151,6 @@ static thread_return_t THREAD_CALLING_CO
> }
>
> #if ASAN_INTERCEPT_PTHREAD_CREATE
> -extern "C" int pthread_attr_getdetachstate(void *attr, int *v);
> -
> INTERCEPTOR(int, pthread_create, void *thread,
> void *attr, void *(*start_routine)(void*), void *arg) {
> EnsureMainThreadIDIsCorrect();
>
> Modified: compiler-rt/trunk/lib/msan/msan_interceptors.cc
> URL:
> http://llvm.org/viewvc/llvm-project/compiler-rt/trunk/lib/msan/msan_interceptors.cc?rev=193405&r1=193404&r2=193405&view=diff
>
> ==============================================================================
> --- compiler-rt/trunk/lib/msan/msan_interceptors.cc (original)
> +++ compiler-rt/trunk/lib/msan/msan_interceptors.cc Fri Oct 25 08:01:31
> 2013
> @@ -1040,8 +1040,6 @@ INTERCEPTOR(int, signal, int signo, uptr
>
> extern "C" int pthread_attr_init(void *attr);
> extern "C" int pthread_attr_destroy(void *attr);
> -extern "C" int pthread_attr_setstacksize(void *attr, uptr stacksize);
> -extern "C" int pthread_attr_getstack(void *attr, uptr *stack, uptr
> *stacksize);
> extern "C" int pthread_setspecific(unsigned key, const void *v);
> extern "C" int pthread_yield();
>
>
> Modified: compiler-rt/trunk/lib/msan/tests/CMakeLists.txt
> URL:
> http://llvm.org/viewvc/llvm-project/compiler-rt/trunk/lib/msan/tests/CMakeLists.txt?rev=193405&r1=193404&r2=193405&view=diff
>
> ==============================================================================
> --- compiler-rt/trunk/lib/msan/tests/CMakeLists.txt (original)
> +++ compiler-rt/trunk/lib/msan/tests/CMakeLists.txt Fri Oct 25 08:01:31
> 2013
> @@ -51,6 +51,7 @@ set(MSAN_UNITTEST_COMMON_CFLAGS
> -fno-exceptions
> -fno-omit-frame-pointer
> -mno-omit-leaf-frame-pointer
> + -Wno-deprecated-declarations
> )
> set(MSAN_UNITTEST_INSTRUMENTED_CFLAGS
> ${MSAN_UNITTEST_COMMON_CFLAGS}
>
> Modified: compiler-rt/trunk/lib/msan/tests/msan_test.cc
> URL:
> http://llvm.org/viewvc/llvm-project/compiler-rt/trunk/lib/msan/tests/msan_test.cc?rev=193405&r1=193404&r2=193405&view=diff
>
> ==============================================================================
> --- compiler-rt/trunk/lib/msan/tests/msan_test.cc (original)
> +++ compiler-rt/trunk/lib/msan/tests/msan_test.cc Fri Oct 25 08:01:31 2013
> @@ -2504,6 +2504,77 @@ TEST(MemorySanitizer, PreAllocatedStackT
> ASSERT_EQ(0, res);
> }
>
> +TEST(MemorySanitizer, pthread_attr_get) {
> + pthread_attr_t attr;
> + int res;
> + res = pthread_attr_init(&attr);
> + ASSERT_EQ(0, res);
> + {
> + int v;
> + res = pthread_attr_getdetachstate(&attr, &v);
> + ASSERT_EQ(0, res);
> + EXPECT_NOT_POISONED(v);
> + }
> + {
> + size_t v;
> + res = pthread_attr_getguardsize(&attr, &v);
> + ASSERT_EQ(0, res);
> + EXPECT_NOT_POISONED(v);
> + }
> + {
> + struct sched_param v;
> + res = pthread_attr_getschedparam(&attr, &v);
> + ASSERT_EQ(0, res);
> + EXPECT_NOT_POISONED(v);
> + }
> + {
> + int v;
> + res = pthread_attr_getschedpolicy(&attr, &v);
> + ASSERT_EQ(0, res);
> + EXPECT_NOT_POISONED(v);
> + }
> + {
> + int v;
> + res = pthread_attr_getinheritsched(&attr, &v);
> + ASSERT_EQ(0, res);
> + EXPECT_NOT_POISONED(v);
> + }
> + {
> + int v;
> + res = pthread_attr_getscope(&attr, &v);
> + ASSERT_EQ(0, res);
> + EXPECT_NOT_POISONED(v);
> + }
> + {
> + void *v;
> + res = pthread_attr_getstackaddr(&attr, &v);
> + ASSERT_EQ(0, res);
> + EXPECT_NOT_POISONED(v);
> + }
> + {
> + size_t v;
> + res = pthread_attr_getstacksize(&attr, &v);
> + ASSERT_EQ(0, res);
> + EXPECT_NOT_POISONED(v);
> + }
> + {
> + void *v;
> + size_t w;
> + res = pthread_attr_getstack(&attr, &v, &w);
> + ASSERT_EQ(0, res);
> + EXPECT_NOT_POISONED(v);
> + EXPECT_NOT_POISONED(w);
> + }
> + {
> + cpu_set_t v;
> + res = pthread_attr_getaffinity_np(&attr, sizeof(v), &v);
> + ASSERT_EQ(0, res);
> + EXPECT_NOT_POISONED(v);
> + }
> + res = pthread_attr_destroy(&attr);
> + ASSERT_EQ(0, res);
> +}
> +
> TEST(MemorySanitizer, pthread_getschedparam) {
> int policy;
> struct sched_param param;
>
> Modified:
> compiler-rt/trunk/lib/sanitizer_common/sanitizer_common_interceptors.inc
> URL:
> http://llvm.org/viewvc/llvm-project/compiler-rt/trunk/lib/sanitizer_common/sanitizer_common_interceptors.inc?rev=193405&r1=193404&r2=193405&view=diff
>
> ==============================================================================
> ---
> compiler-rt/trunk/lib/sanitizer_common/sanitizer_common_interceptors.inc
> (original)
> +++
> compiler-rt/trunk/lib/sanitizer_common/sanitizer_common_interceptors.inc
> Fri Oct 25 08:01:31 2013
> @@ -2540,6 +2540,79 @@ INTERCEPTOR(int, random_r, void *buf, u3
> #define INIT_RANDOM_R
> #endif
>
> +#if SANITIZER_INTERCEPT_PTHREAD_ATTR_GET || \
> + SANITIZER_INTERCEPT_PTHREAD_ATTR_GETINHERITSSCHED
> +#define INTERCEPTOR_PTHREAD_ATTR_GET(what, sz) \
> + INTERCEPTOR(int, pthread_attr_get##what, void *attr, void *r) { \
> + void *ctx; \
> + COMMON_INTERCEPTOR_ENTER(ctx, pthread_attr_get##what, attr, r); \
> + int res = REAL(pthread_attr_get##what)(attr, r); \
> + if (!res && r) COMMON_INTERCEPTOR_WRITE_RANGE(ctx, r, sz); \
> + return res; \
> + }
> +#endif
> +
> +#if SANITIZER_INTERCEPT_PTHREAD_ATTR_GET
> +INTERCEPTOR_PTHREAD_ATTR_GET(detachstate, sizeof(int))
> +INTERCEPTOR_PTHREAD_ATTR_GET(guardsize, sizeof(SIZE_T))
> +INTERCEPTOR_PTHREAD_ATTR_GET(schedparam, struct_sched_param_sz)
> +INTERCEPTOR_PTHREAD_ATTR_GET(schedpolicy, sizeof(int))
> +INTERCEPTOR_PTHREAD_ATTR_GET(scope, sizeof(int))
> +INTERCEPTOR_PTHREAD_ATTR_GET(stackaddr, sizeof(void *))
> +INTERCEPTOR_PTHREAD_ATTR_GET(stacksize, sizeof(SIZE_T))
> +INTERCEPTOR(int, pthread_attr_getstack, void *attr, void **addr, SIZE_T
> *size) {
> + void *ctx;
> + COMMON_INTERCEPTOR_ENTER(ctx, pthread_attr_getstack, attr, addr, size);
> + int res = REAL(pthread_attr_getstack)(attr, addr, size);
> + if (!res) {
> + if (addr) COMMON_INTERCEPTOR_WRITE_RANGE(ctx, addr, sizeof(*addr));
> + if (size) COMMON_INTERCEPTOR_WRITE_RANGE(ctx, size, sizeof(*size));
> + }
> + return res;
> +}
> +
> +#define INIT_PTHREAD_ATTR_GET \
> + INTERCEPT_FUNCTION(pthread_attr_getdetachstate); \
> + INTERCEPT_FUNCTION(pthread_attr_getguardsize); \
> + INTERCEPT_FUNCTION(pthread_attr_getschedparam); \
> + INTERCEPT_FUNCTION(pthread_attr_getschedpolicy); \
> + INTERCEPT_FUNCTION(pthread_attr_getinheritsched); \
> + INTERCEPT_FUNCTION(pthread_attr_getscope); \
> + INTERCEPT_FUNCTION(pthread_attr_getstackaddr); \
> + INTERCEPT_FUNCTION(pthread_attr_getstacksize); \
> + INTERCEPT_FUNCTION(pthread_attr_getstack); \
> + INTERCEPT_FUNCTION(pthread_attr_getaffinity_np);
> +#else
> +#define INIT_PTHREAD_ATTR_GET
> +#endif
> +
> +#if SANITIZER_INTERCEPT_PTHREAD_ATTR_GETINHERITSCHED
> +INTERCEPTOR_PTHREAD_ATTR_GET(inheritsched, sizeof(int))
> +
> +#define INIT_PTHREAD_ATTR_GETINHERITSCHED \
> + INTERCEPT_FUNCTION(pthread_attr_getinheritsched);
> +#else
> +#define INIT_PTHREAD_ATTR_GETINHERITSCHED
> +#endif
> +
> +#if SANITIZER_INTERCEPT_PTHREAD_ATTR_GETAFFINITY_NP
> +INTERCEPTOR(int, pthread_attr_getaffinity_np, void *attr, SIZE_T
> cpusetsize,
> + void *cpuset) {
> + void *ctx;
> + COMMON_INTERCEPTOR_ENTER(ctx, pthread_attr_getaffinity_np, attr,
> cpusetsize,
> + cpuset);
> + int res = REAL(pthread_attr_getaffinity_np)(attr, cpusetsize, cpuset);
> + if (!res && cpusetsize && cpuset)
> + COMMON_INTERCEPTOR_WRITE_RANGE(ctx, cpuset, cpusetsize);
> + return res;
> +}
> +
> +#define INIT_PTHREAD_ATTR_GETAFFINITY_NP \
> + INTERCEPT_FUNCTION(pthread_attr_getaffinity_np);
> +#else
> +#define INIT_PTHREAD_ATTR_GETAFFINITY_NP
> +#endif
> +
> #define SANITIZER_COMMON_INTERCEPTORS_INIT \
> INIT_STRCMP; \
> INIT_STRNCMP; \
> @@ -2635,4 +2708,7 @@ INTERCEPTOR(int, random_r, void *buf, u3
> INIT_ETHER_R; \
> INIT_SHMCTL; \
> INIT_RANDOM_R; \
> + INIT_PTHREAD_ATTR_GET; \
> + INIT_PTHREAD_ATTR_GETINHERITSCHED; \
> + INIT_PTHREAD_ATTR_GETAFFINITY_NP; \
> /**/
>
> Modified:
> compiler-rt/trunk/lib/sanitizer_common/sanitizer_platform_interceptors.h
> URL:
> http://llvm.org/viewvc/llvm-project/compiler-rt/trunk/lib/sanitizer_common/sanitizer_platform_interceptors.h?rev=193405&r1=193404&r2=193405&view=diff
>
> ==============================================================================
> ---
> compiler-rt/trunk/lib/sanitizer_common/sanitizer_platform_interceptors.h
> (original)
> +++
> compiler-rt/trunk/lib/sanitizer_common/sanitizer_platform_interceptors.h
> Fri Oct 25 08:01:31 2013
> @@ -137,6 +137,10 @@
> # define SANITIZER_INTERCEPT_ETHER_R SI_LINUX_NOT_ANDROID
> # define SANITIZER_INTERCEPT_SHMCTL SI_LINUX_NOT_ANDROID
> # define SANITIZER_INTERCEPT_RANDOM_R SI_LINUX_NOT_ANDROID
> +# define SANITIZER_INTERCEPT_PTHREAD_ATTR_GET SI_NOT_WINDOWS
> +# define SANITIZER_INTERCEPT_PTHREAD_ATTR_GETINHERITSCHED \
> + SI_MAC || SI_LINUX_NOT_ANDROID
> +# define SANITIZER_INTERCEPT_PTHREAD_ATTR_GETAFFINITY_NP
> SI_LINUX_NOT_ANDROID
>
> # define SANITIZER_INTERCEPT__EXIT SI_LINUX
>
>
> Modified: compiler-rt/trunk/lib/tsan/rtl/tsan_interceptors.cc
> URL:
> http://llvm.org/viewvc/llvm-project/compiler-rt/trunk/lib/tsan/rtl/tsan_interceptors.cc?rev=193405&r1=193404&r2=193405&view=diff
>
> ==============================================================================
> --- compiler-rt/trunk/lib/tsan/rtl/tsan_interceptors.cc (original)
> +++ compiler-rt/trunk/lib/tsan/rtl/tsan_interceptors.cc Fri Oct 25
> 08:01:31 2013
> @@ -43,9 +43,8 @@ struct ucontext_t {
>
> extern "C" int pthread_attr_init(void *attr);
> extern "C" int pthread_attr_destroy(void *attr);
> -extern "C" int pthread_attr_getdetachstate(void *attr, int *v);
> +DECLARE_REAL(int, pthread_attr_getdetachstate, void *, void *)
> extern "C" int pthread_attr_setstacksize(void *attr, uptr stacksize);
> -extern "C" int pthread_attr_getstacksize(void *attr, uptr *stacksize);
> extern "C" int pthread_key_create(unsigned *key, void (*destructor)(void*
> v));
> extern "C" int pthread_setspecific(unsigned key, const void *v);
> extern "C" int pthread_mutexattr_gettype(void *a, int *type);
> @@ -881,7 +880,7 @@ TSAN_INTERCEPTOR(int, pthread_create,
> attr = &myattr;
> }
> int detached = 0;
> - pthread_attr_getdetachstate(attr, &detached);
> + REAL(pthread_attr_getdetachstate)(attr, &detached);
> AdjustStackSizeLinux(attr);
>
> ThreadParam p;
>
> Modified: compiler-rt/trunk/lib/tsan/rtl/tsan_stat.cc
> URL:
> http://llvm.org/viewvc/llvm-project/compiler-rt/trunk/lib/tsan/rtl/tsan_stat.cc?rev=193405&r1=193404&r2=193405&view=diff
>
> ==============================================================================
> --- compiler-rt/trunk/lib/tsan/rtl/tsan_stat.cc (original)
> +++ compiler-rt/trunk/lib/tsan/rtl/tsan_stat.cc Fri Oct 25 08:01:31 2013
> @@ -395,6 +395,17 @@ void StatOutput(u64 *stat) {
> name[StatInt_shmctl] = " shmctl
> ";
> name[StatInt_random_r] = " random_r
> ";
>
> + name[StatInt_pthread_attr_getdetachstate] = "
> pthread_addr_getdetachstate "; // NOLINT
> + name[StatInt_pthread_attr_getguardsize] = "
> pthread_addr_getguardsize "; // NOLINT
> + name[StatInt_pthread_attr_getschedparam] = "
> pthread_addr_getschedparam "; // NOLINT
> + name[StatInt_pthread_attr_getschedpolicy] = "
> pthread_addr_getschedpolicy "; // NOLINT
> + name[StatInt_pthread_attr_getinheritsched] = "
> pthread_addr_getinheritsched "; // NOLINT
> + name[StatInt_pthread_attr_getscope] = " pthread_addr_getscope
> "; // NOLINT
> + name[StatInt_pthread_attr_getstackaddr] = "
> pthread_addr_getstackaddr "; // NOLINT
> + name[StatInt_pthread_attr_getstacksize] = "
> pthread_addr_getstacksize "; // NOLINT
> + name[StatInt_pthread_attr_getstack] = " pthread_addr_getstack
> "; // NOLINT
> + name[StatInt_pthread_attr_getaffinity_np] = "
> pthread_addr_getaffinity_np "; // NOLINT
> +
> name[StatAnnotation] = "Dynamic annotations
> ";
> name[StatAnnotateHappensBefore] = " HappensBefore
> ";
> name[StatAnnotateHappensAfter] = " HappensAfter
> ";
>
> Modified: compiler-rt/trunk/lib/tsan/rtl/tsan_stat.h
> URL:
> http://llvm.org/viewvc/llvm-project/compiler-rt/trunk/lib/tsan/rtl/tsan_stat.h?rev=193405&r1=193404&r2=193405&view=diff
>
> ==============================================================================
> --- compiler-rt/trunk/lib/tsan/rtl/tsan_stat.h (original)
> +++ compiler-rt/trunk/lib/tsan/rtl/tsan_stat.h Fri Oct 25 08:01:31 2013
> @@ -389,6 +389,16 @@ enum StatType {
> StatInt_ether_line,
> StatInt_shmctl,
> StatInt_random_r,
> + StatInt_pthread_attr_getdetachstate,
> + StatInt_pthread_attr_getguardsize,
> + StatInt_pthread_attr_getschedparam,
> + StatInt_pthread_attr_getschedpolicy,
> + StatInt_pthread_attr_getinheritsched,
> + StatInt_pthread_attr_getscope,
> + StatInt_pthread_attr_getstackaddr,
> + StatInt_pthread_attr_getstacksize,
> + StatInt_pthread_attr_getstack,
> + StatInt_pthread_attr_getaffinity_np,
>
> // Dynamic annotations.
> StatAnnotation,
>
>
> _______________________________________________
> llvm-commits mailing list
> llvm-commits at cs.uiuc.edu
> http://lists.cs.uiuc.edu/mailman/listinfo/llvm-commits
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.llvm.org/pipermail/llvm-commits/attachments/20131107/77f23949/attachment.html>
More information about the llvm-commits
mailing list