This is an archive of the discontinued LLVM Phabricator instance.

sanitizer_common/symbolizer: fix crashes during exit
ClosedPublic

Authored by dvyukov on May 14 2021, 12:28 AM.

Download Raw Diff

Details

Reviewers

vitalybuka
kda

Commits

rG00a1007545ba: sanitizer_common/symbolizer: fix crashes during exit

Summary

Override __cxa_atexit and ignore callbacks.
This prevents crashes in a configuration when the symbolizer
is built into sanitizer runtime and consequently into the test process.
LLVM libraries have some global objects destroyed during exit,
so if the test process triggers any bugs after that, the symbolizer crashes.
An example stack trace of such crash:

For the standalone llvm-symbolizer this does not hurt,
we just don't destroy few global objects on exit.

Diff Detail

Repository: rG LLVM Github Monorepo

Event Timeline

dvyukov requested review of this revision.May 14 2021, 12:28 AM

dvyukov created this revision.

Herald added a project: Restricted Project. · View Herald TranscriptMay 14 2021, 12:28 AM

Herald added a subscriber: Restricted Project. · View Herald Transcript

fix commit message to include stack

Harbormaster completed remote builds in B104441: Diff 345360.May 14 2021, 1:12 AM

LGTM, but I don't know if I know enough to see something bad.

This revision is now accepted and ready to land.May 14 2021, 10:34 AM

This revision was landed with ongoing or failed builds.May 17 2021, 11:58 PM

Closed by commit rG00a1007545ba: sanitizer_common/symbolizer: fix crashes during exit (authored by dvyukov). · Explain Why

This revision was automatically updated to reflect the committed changes.

dvyukov added a commit: rG00a1007545ba: sanitizer_common/symbolizer: fix crashes during exit.

vitalybuka added inline comments.Jun 10 2021, 11:42 PM

compiler-rt/test/tsan/atexit4.cpp
2	another solution is to build LLVM_ENABLE_THREADS=0 I assume this test triggers nothing in upstream, as upstream build is already with LLVM_ENABLE_THREADS=0?

vitalybuka added inline comments.Jun 10 2021, 11:45 PM

compiler-rt/lib/sanitizer_common/symbolizer/sanitizer_symbolize.cpp
134	I think more appropriate place is sanitizer_wrappers.cpp as here we keep interface and there libc hacks

dvyukov added inline comments.Jun 11 2021, 12:01 AM

compiler-rt/test/tsan/atexit4.cpp
2	another solution is to build LLVM_ENABLE_THREADS=0 But won't globals still registered for destruction at exit? I assume this test triggers nothing in upstream, as upstream build is already with LLVM_ENABLE_THREADS=0? This is not triggered upstream, because upstream we don't compile symbolizer into sanitizers. Symbolizer as standalone process is not affected by the problem entirely.

vitalybuka added inline comments.Jun 11 2021, 12:33 AM

compiler-rt/test/tsan/atexit4.cpp
2	another solution is to build LLVM_ENABLE_THREADS=0 But won't globals still registered for destruction at exit? Yes, they would, LLVM_ENABLE_THREADS will avoid recursive_mutex and this crash. I like you solution, it's more future proof then just LLVM_ENABLE_THREADS. I assume this test triggers nothing in upstream, as upstream build is already with LLVM_ENABLE_THREADS=0? This is not triggered upstream, because upstream we don't compile symbolizer into sanitizers. Symbolizer as standalone process is not affected by the problem entirely. We do https://lab.llvm.org/buildbot/#/builders/37/builds/4500 "with symbolizer" tests, but they are LLVM_ENABLE_THREADS=0

Revision Contents

Path

Size

compiler-rt/

lib/

sanitizer_common/

symbolizer/

sanitizer_symbolize.cpp

28 lines

test/

tsan/

atexit4.cpp

29 lines

Diff 346057

compiler-rt/lib/sanitizer_common/symbolizer/sanitizer_symbolize.cpp

Show First 20 Lines • Show All 99 Lines • ▼ Show 20 Lines	int __sanitizer_symbolize_demangle(const char Name, char Buffer,
std::string Result =		std::string Result =
llvm::symbolize::LLVMSymbolizer::DemangleName(Name, nullptr);		llvm::symbolize::LLVMSymbolizer::DemangleName(Name, nullptr);
return __sanitizer::internal_snprintf(Buffer, MaxLength, "%s",		return __sanitizer::internal_snprintf(Buffer, MaxLength, "%s",
Result.c_str()) < MaxLength		Result.c_str()) < MaxLength
? static_cast<int>(Result.size() + 1)		? static_cast<int>(Result.size() + 1)
: 0;		: 0;
}		}

		// Override __cxa_atexit and ignore callbacks.
		// This prevents crashes in a configuration when the symbolizer
		// is built into sanitizer runtime and consequently into the test process.
		// LLVM libraries have some global objects destroyed during exit,
		// so if the test process triggers any bugs after that, the symbolizer crashes.
		// An example stack trace of such crash:
		//
		// #1 __cxa_throw
		// #2 std::__u::__throw_system_error
		// #3 std::__u::recursive_mutex::lock
		// #4 __sanitizer_llvm::ManagedStaticBase::RegisterManagedStatic
		// #5 __sanitizer_llvm::errorToErrorCode
		// #6 __sanitizer_llvm::getFileAux
		// #7 __sanitizer_llvm::MemoryBuffer::getFileOrSTDIN
		// #10 __sanitizer_llvm::symbolize::LLVMSymbolizer::getOrCreateModuleInfo
		// #13 __sanitizer::Symbolizer::SymbolizeData
		// #14 __tsan::SymbolizeData
		// #16 __tsan::ReportRace
		// #18 __tsan_write4
		// #19 race() () at test/tsan/atexit4.cpp
		// #20 cxa_at_exit_wrapper
		// #21 __cxa_finalize
		// #22 __do_fini
		//
		// For the standalone llvm-symbolizer this does not hurt,
		// we just don't destroy few global objects on exit.
		int __cxa_atexit(void (f)(void a), void arg, void dso) { return 0; }
		vitalybukaUnsubmitted Not Done Reply Inline Actions I think more appropriate place is sanitizer_wrappers.cpp as here we keep interface and there libc hacks vitalybuka: I think more appropriate place is sanitizer_wrappers.cpp as here we keep interface and there…

} // extern "C"		} // extern "C"

compiler-rt/test/tsan/atexit4.cpp

This file was added.

				// RUN: %clang_tsan -O1 %s -o %t && %deflake %run %t \| FileCheck %s
				#include "test.h"
				vitalybukaUnsubmitted Not Done Reply Inline Actions another solution is to build LLVM_ENABLE_THREADS=0 I assume this test triggers nothing in upstream, as upstream build is already with LLVM_ENABLE_THREADS=0? vitalybuka: another solution is to build LLVM_ENABLE_THREADS=0 I assume this test triggers nothing in…
				dvyukovAuthorUnsubmitted Done Reply Inline Actions another solution is to build LLVM_ENABLE_THREADS=0 But won't globals still registered for destruction at exit? I assume this test triggers nothing in upstream, as upstream build is already with LLVM_ENABLE_THREADS=0? This is not triggered upstream, because upstream we don't compile symbolizer into sanitizers. Symbolizer as standalone process is not affected by the problem entirely. dvyukov: > another solution is to build LLVM_ENABLE_THREADS=0 But won't globals still registered for…
				vitalybukaUnsubmitted Not Done Reply Inline Actions another solution is to build LLVM_ENABLE_THREADS=0 But won't globals still registered for destruction at exit? Yes, they would, LLVM_ENABLE_THREADS will avoid recursive_mutex and this crash. I like you solution, it's more future proof then just LLVM_ENABLE_THREADS. I assume this test triggers nothing in upstream, as upstream build is already with LLVM_ENABLE_THREADS=0? This is not triggered upstream, because upstream we don't compile symbolizer into sanitizers. Symbolizer as standalone process is not affected by the problem entirely. We do https://lab.llvm.org/buildbot/#/builders/37/builds/4500 "with symbolizer" tests, but they are LLVM_ENABLE_THREADS=0 vitalybuka: > > another solution is to build LLVM_ENABLE_THREADS=0 > > But won't globals still registered…

				void thread(void x) {
				barrier_wait(&barrier);
				static_cast<int >(x) = 2;
				return nullptr;
				}

				static void race() {
				int data = 0;
				pthread_t t;
				pthread_create(&t, nullptr, thread, &data);
				data = 1;
				barrier_wait(&barrier);
				pthread_join(t, nullptr);
				}

				struct X {
				X() { atexit(race); }
				} x;

				int main() {
				barrier_init(&barrier, 2);
				fprintf(stderr, "DONE\n");
				}

				// CHECK: DONE
				// CHECK: WARNING: ThreadSanitizer: data race