[compiler-rt] r304858 - [tsan]: Fix GNU version of strerror_r interceptor

Vitaly Buka via llvm-commits llvm-commits at lists.llvm.org
Wed Jun 7 10:58:10 PDT 2017 

Differential Revision: https://reviews.llvm.org/D27062

On Tue, Jun 6, 2017 at 6:53 PM, Vitaly Buka via llvm-commits <
llvm-commits at lists.llvm.org> wrote:

> Author: vitalybuka
> Date: Tue Jun  6 20:53:38 2017
> New Revision: 304858
>
> URL: http://llvm.org/viewvc/llvm-project?rev=304858&view=rev
> Log:
> [tsan]: Fix GNU version of strerror_r interceptor
>
> GNU version of strerror_r returns a result pointer that doesn't match the
> input
> buffer. The result pointer is in fact a pointer to some internal storage.
> TSAN was recording a write to this location, which was incorrect.
>
> Fixed https://github.com/google/sanitizers/issues/696
>
> Added:
>     compiler-rt/trunk/test/msan/Linux/strerror_r.cc
>     compiler-rt/trunk/test/tsan/strerror_r.cc
> Modified:
>     compiler-rt/trunk/lib/sanitizer_common/sanitizer_
> common_interceptors.inc
>     compiler-rt/trunk/lib/tsan/rtl/tsan_rtl_thread.cc
>
> Modified: compiler-rt/trunk/lib/sanitizer_common/sanitizer_
> common_interceptors.inc
> URL: http://llvm.org/viewvc/llvm-project/compiler-rt/trunk/lib/
> sanitizer_common/sanitizer_common_interceptors.inc?rev=
> 304858&r1=304857&r2=304858&view=diff
> ============================================================
> ==================
> --- compiler-rt/trunk/lib/sanitizer_common/sanitizer_common_interceptors.inc
> (original)
> +++ compiler-rt/trunk/lib/sanitizer_common/sanitizer_common_interceptors.inc
> Tue Jun  6 20:53:38 2017
> @@ -3395,7 +3395,10 @@ INTERCEPTOR(char *, strerror_r, int errn
>    // its metadata. See
>    // https://github.com/google/sanitizers/issues/321.
>    char *res = REAL(strerror_r)(errnum, buf, buflen);
> -  COMMON_INTERCEPTOR_WRITE_RANGE(ctx, res, REAL(strlen)(res) + 1);
> +  if (res == buf)
> +    COMMON_INTERCEPTOR_WRITE_RANGE(ctx, res, REAL(strlen)(res) + 1);
> +  else
> +    COMMON_INTERCEPTOR_INITIALIZE_RANGE(res, REAL(strlen)(res) + 1);
>    return res;
>  }
>  #endif //(_POSIX_C_SOURCE >= 200112L || _XOPEN_SOURCE >= 600) &&
> !_GNU_SOURCE ||
>
> Modified: compiler-rt/trunk/lib/tsan/rtl/tsan_rtl_thread.cc
> URL: http://llvm.org/viewvc/llvm-project/compiler-rt/trunk/lib/
> tsan/rtl/tsan_rtl_thread.cc?rev=304858&r1=304857&r2=304858&view=diff
> ============================================================
> ==================
> --- compiler-rt/trunk/lib/tsan/rtl/tsan_rtl_thread.cc (original)
> +++ compiler-rt/trunk/lib/tsan/rtl/tsan_rtl_thread.cc Tue Jun  6 20:53:38
> 2017
> @@ -345,6 +345,7 @@ void MemoryAccessRange(ThreadState *thr,
>    StatInc(thr, StatMopRange);
>
>    if (*shadow_mem == kShadowRodata) {
> +    DCHECK(!is_write);
>      // Access to .rodata section, no races here.
>      // Measurements show that it can be 10-20% of all memory accesses.
>      StatInc(thr, StatMopRangeRodata);
>
> Added: compiler-rt/trunk/test/msan/Linux/strerror_r.cc
> URL: http://llvm.org/viewvc/llvm-project/compiler-rt/trunk/
> test/msan/Linux/strerror_r.cc?rev=304858&view=auto
> ============================================================
> ==================
> --- compiler-rt/trunk/test/msan/Linux/strerror_r.cc (added)
> +++ compiler-rt/trunk/test/msan/Linux/strerror_r.cc Tue Jun  6 20:53:38
> 2017
> @@ -0,0 +1,18 @@
> +// RUN: %clang_msan -O0 -g %s -o %t && %run %t
> +
> +#include <assert.h>
> +#include <errno.h>
> +#include <string.h>
> +
> +int main() {
> +  char buf[1000];
> +  char *res = strerror_r(EINVAL, buf, sizeof(buf));
> +  assert(res);
> +  volatile int z = strlen(res);
> +
> +  res = strerror_r(-1, buf, sizeof(buf));
> +  assert(res);
> +  z = strlen(res);
> +
> +  return 0;
> +}
>
> Added: compiler-rt/trunk/test/tsan/strerror_r.cc
> URL: http://llvm.org/viewvc/llvm-project/compiler-rt/trunk/
> test/tsan/strerror_r.cc?rev=304858&view=auto
> ============================================================
> ==================
> --- compiler-rt/trunk/test/tsan/strerror_r.cc (added)
> +++ compiler-rt/trunk/test/tsan/strerror_r.cc Tue Jun  6 20:53:38 2017
> @@ -0,0 +1,28 @@
> +// RUN: %clangxx_tsan -O1 -DTEST_ERROR=ERANGE %s -o %t && %run %t 2>&1 |
> FileCheck --check-prefixes=CHECK,CHECK-SYS %s
> +// RUN: %clangxx_tsan -O1 -DTEST_ERROR=-1 %s -o %t && not %run %t 2>&1 |
> FileCheck --check-prefixes=CHECK,CHECK-USER %s
> +
> +#include <assert.h>
> +#include <errno.h>
> +#include <pthread.h>
> +#include <stdio.h>
> +#include <string.h>
> +
> +char buffer[1000];
> +
> +void *Thread(void *p) {
> +  return strerror_r(TEST_ERROR, buffer, sizeof(buffer));
> +}
> +
> +int main() {
> +  pthread_t th[2];
> +  pthread_create(&th[0], 0, Thread, 0);
> +  pthread_create(&th[1], 0, Thread, 0);
> +  pthread_join(th[0], 0);
> +  pthread_join(th[1], 0);
> +  fprintf(stderr, "DONE\n");
> +}
> +
> +// CHECK-USER: WARNING: ThreadSanitizer: data race
> +// CHECK-SYS-NOT: WARNING: ThreadSanitizer: data race
> +
> +// CHECK: DONE
>
>
> _______________________________________________
> llvm-commits mailing list
> llvm-commits at lists.llvm.org
> http://lists.llvm.org/cgi-bin/mailman/listinfo/llvm-commits
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.llvm.org/pipermail/llvm-commits/attachments/20170607/446b94e7/attachment.html>

More information about the llvm-commits mailing list