[compiler-rt] r343606 - Reland r342652 "[winasan] Unpoison the stack in NtTerminateThread"

Reid Kleckner via llvm-commits llvm-commits at lists.llvm.org
Thu Nov 29 16:04:40 PST 2018 

I spent some time reproducing and debugging the problem the other day, but
I wasn't able to make progress. I went ahead and reverted this again in
r347933 to get back to green now that I've figured out how to reproduce the
problem.

On Tue, Nov 20, 2018 at 2:48 PM Reid Kleckner <rnk at google.com> wrote:

> The change seems to be causing these failures:
> https://ci.chromium.org/buildbot/chromium.clang/CrWinAsan/1785
>
> I haven't had time to debug them, but we'll need to do something about
> them before we push clang for chromium again.
>
> On Thu, Nov 8, 2018 at 4:46 PM Reid Kleckner <rnk at google.com> wrote:
>
>> The problem exhibited itself in nacl browser_tests, which is probably the
>> hardest part of Chrome to debug:
>> https://ci.chromium.org/p/chromium/builders/luci.chromium.ci/win-asan/1584
>>
>> I reapplied your change and tried to reproduce the failure, we'll see how
>> it goes.
>>
>> On Wed, Nov 7, 2018 at 9:14 AM David Major <dmajor at mozilla.com> wrote:
>>
>>> Hi Reid, is there anything I can do to help get this patch unstuck?
>>> Thanks!
>>>
>>> On Fri, Oct 5, 2018 at 2:30 PM Reid Kleckner <rnk at google.com> wrote:
>>> >
>>> > This looks like it's still breaking a pile of pnacl tests:
>>> > https://ci.chromium.org/buildbot/chromium.clang/CrWinAsan/1411
>>> >
>>> > This revision is in the compiler revision range for two separate bots
>>> causing the same set of tests to fail for multiple asan configs, so I'm
>>> confident that it's related. I'm going to revert for now and then try to
>>> come up with a test case for it that we can commit upstream. That will
>>> likely happen next week.
>>> >
>>> > On Tue, Oct 2, 2018 at 10:18 AM David Major via llvm-commits <
>>> llvm-commits at lists.llvm.org> wrote:
>>> >>
>>> >> Author: dmajor
>>> >> Date: Tue Oct  2 10:17:12 2018
>>> >> New Revision: 343606
>>> >>
>>> >> URL: http://llvm.org/viewvc/llvm-project?rev=343606&view=rev
>>> >> Log:
>>> >> Reland r342652 "[winasan] Unpoison the stack in NtTerminateThread"
>>> >>
>>> >> In long-running builds we've seen some ASan complaints during thread
>>> creation that we suspect are due to leftover poisoning from previous
>>> threads whose stacks occupied that memory. This patch adds a hook that
>>> unpoisons the stack just before the NtTerminateThread syscall.
>>> >>
>>> >> Differential Revision: https://reviews.llvm.org/D52091
>>> >>
>>> >>
>>> >> Modified:
>>> >>     compiler-rt/trunk/lib/asan/asan_win.cc
>>> >>     compiler-rt/trunk/test/asan/TestCases/Windows/dll_host.cc
>>> >>
>>> >> Modified: compiler-rt/trunk/lib/asan/asan_win.cc
>>> >> URL:
>>> http://llvm.org/viewvc/llvm-project/compiler-rt/trunk/lib/asan/asan_win.cc?rev=343606&r1=343605&r2=343606&view=diff
>>> >>
>>> ==============================================================================
>>> >> --- compiler-rt/trunk/lib/asan/asan_win.cc (original)
>>> >> +++ compiler-rt/trunk/lib/asan/asan_win.cc Tue Oct  2 10:17:12 2018
>>> >> @@ -154,6 +154,14 @@ INTERCEPTOR_WINAPI(DWORD, CreateThread,
>>> >>                              asan_thread_start, t, thr_flags, tid);
>>> >>  }
>>> >>
>>> >> +INTERCEPTOR_WINAPI(LONG, NtTerminateThread, HANDLE handle, LONG
>>> status) {
>>> >> +  // Unpoison the terminating thread's stack because the memory may
>>> be re-used.
>>> >> +  NT_TIB *tib = (NT_TIB *)NtCurrentTeb();
>>> >> +  uptr stackSize = (uptr)tib->StackBase - (uptr)tib->StackLimit;
>>> >> +  __asan_unpoison_memory_region(tib->StackLimit, stackSize);
>>> >> +  return REAL(NtTerminateThread(handle, status));
>>> >> +}
>>> >> +
>>> >>  // }}}
>>> >>
>>> >>  namespace __asan {
>>> >> @@ -169,7 +177,9 @@ void InitializePlatformInterceptors() {
>>> >>
>>> >>    ASAN_INTERCEPT_FUNC(CreateThread);
>>> >>    ASAN_INTERCEPT_FUNC(SetUnhandledExceptionFilter);
>>> >> -
>>> >> +  CHECK(::__interception::OverrideFunction("NtTerminateThread",
>>> >> +
>>>  (uptr)WRAP(NtTerminateThread),
>>> >> +                                           (uptr
>>> *)&REAL(NtTerminateThread)));
>>> >>  #ifdef _WIN64
>>> >>    ASAN_INTERCEPT_FUNC(__C_specific_handler);
>>> >>  #else
>>> >>
>>> >> Modified: compiler-rt/trunk/test/asan/TestCases/Windows/dll_host.cc
>>> >> URL:
>>> http://llvm.org/viewvc/llvm-project/compiler-rt/trunk/test/asan/TestCases/Windows/dll_host.cc?rev=343606&r1=343605&r2=343606&view=diff
>>> >>
>>> ==============================================================================
>>> >> --- compiler-rt/trunk/test/asan/TestCases/Windows/dll_host.cc
>>> (original)
>>> >> +++ compiler-rt/trunk/test/asan/TestCases/Windows/dll_host.cc Tue
>>> Oct  2 10:17:12 2018
>>> >> @@ -29,6 +29,7 @@
>>> >>  // IMPORT: __asan_wrap_HeapReAlloc
>>> >>  // IMPORT: __asan_wrap_HeapSize
>>> >>  // IMPORT: __asan_wrap_CreateThread
>>> >> +// IMPORT: __asan_wrap_NtTerminateThread
>>> >>  // IMPORT: __asan_wrap_RaiseException
>>> >>  // IMPORT: __asan_wrap_RtlRaiseException
>>> >>  // IMPORT: __asan_wrap_SetUnhandledExceptionFilter
>>> >>
>>> >>
>>> >> _______________________________________________
>>> >> llvm-commits mailing list
>>> >> llvm-commits at lists.llvm.org
>>> >> http://lists.llvm.org/cgi-bin/mailman/listinfo/llvm-commits
>>>
>>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.llvm.org/pipermail/llvm-commits/attachments/20181129/2f9db58e/attachment.html>

More information about the llvm-commits mailing list