[compiler-rt] r253530 - [msan] Don't unpoison phdrs on dlopen(NULL, 0)

Reid Kleckner via llvm-commits llvm-commits at lists.llvm.org
Wed Nov 18 16:55:46 PST 2015 

Author: rnk
Date: Wed Nov 18 18:55:45 2015
New Revision: 253530

URL: http://llvm.org/viewvc/llvm-project?rev=253530&view=rev
Log:
[msan] Don't unpoison phdrs on dlopen(NULL, 0)

Summary:
dlopen(NULL, ...) is intended to give you back a handle to the
executable for use with dlsym. Casting it to link_map and using it with
ForEachMappedRegion results in a crash.

We also shouldn't unpoison the globals of a DSO that is already in
memory. This ensures that we don't do it for the executable, but in
general, MSan may have false negatives if the DSO is already loaded.

Reviewers: eugenis

Subscribers: llvm-commits

Differential Revision: http://reviews.llvm.org/D14795

Added:
    compiler-rt/trunk/test/msan/dlopen_executable.cc
Modified:
    compiler-rt/trunk/lib/msan/msan_interceptors.cc

Modified: compiler-rt/trunk/lib/msan/msan_interceptors.cc
URL: http://llvm.org/viewvc/llvm-project/compiler-rt/trunk/lib/msan/msan_interceptors.cc?rev=253530&r1=253529&r2=253530&view=diff
==============================================================================
--- compiler-rt/trunk/lib/msan/msan_interceptors.cc (original)
+++ compiler-rt/trunk/lib/msan/msan_interceptors.cc Wed Nov 18 18:55:45 2015
@@ -1434,10 +1434,11 @@ int OnExit() {
   } while (false)  // FIXME
 #define COMMON_INTERCEPTOR_BLOCK_REAL(name) REAL(name)
 #define COMMON_INTERCEPTOR_ON_EXIT(ctx) OnExit()
-#define COMMON_INTERCEPTOR_LIBRARY_LOADED(filename, handle)  \
-  do {                                                       \
-    link_map *map = GET_LINK_MAP_BY_DLOPEN_HANDLE((handle)); \
-    if (map) ForEachMappedRegion(map, __msan_unpoison);      \
+#define COMMON_INTERCEPTOR_LIBRARY_LOADED(filename, handle)                    \
+  do {                                                                         \
+    link_map *map = GET_LINK_MAP_BY_DLOPEN_HANDLE((handle));                   \
+    if (filename && map)                                                       \
+      ForEachMappedRegion(map, __msan_unpoison);                               \
   } while (false)
 
 #define COMMON_INTERCEPTOR_GET_TLS_RANGE(begin, end)                           \

Added: compiler-rt/trunk/test/msan/dlopen_executable.cc
URL: http://llvm.org/viewvc/llvm-project/compiler-rt/trunk/test/msan/dlopen_executable.cc?rev=253530&view=auto
==============================================================================
--- compiler-rt/trunk/test/msan/dlopen_executable.cc (added)
+++ compiler-rt/trunk/test/msan/dlopen_executable.cc Wed Nov 18 18:55:45 2015
@@ -0,0 +1,17 @@
+// RUN: %clangxx_msan -O0 %s -o %t && not %run %t 2>&1 | FileCheck %s
+
+#include <assert.h>
+#include <dlfcn.h>
+#include <stdlib.h>
+
+static int my_global;
+
+int main(void) {
+  int *uninit = (int*)malloc(sizeof(int));
+  my_global = *uninit;
+  void *p = dlopen(0, RTLD_NOW);
+  assert(p && "failed to get handle to executable");
+  return my_global;
+  // CHECK: MemorySanitizer: use-of-uninitialized-value
+  // CHECK: #0 {{.*}} in main{{.*}}dlopen_executable.cc:[[@LINE-2]]
+}

More information about the llvm-commits mailing list