This is an archive of the discontinued LLVM Phabricator instance.

Differential D111984

[msan] Add stat-family interceptors on Linux
ClosedPublic

Authored by foobarrior on Oct 18 2021, 4:03 AM.

Details

Reviewers
eugenis
kcc
Commits
rG4e1a6c07052b: [msan] Add stat-family interceptors on Linux
Summary

Add following interceptors on Linux: stat, lstat, fstat, fstatat.

This fixes use-of-uninitialized value on platforms with GLIBC 2.33+.
In particular: Arch Linux, Ubuntu hirsute/impish.

The tests should have also been failing during the release on the mentioned platforms, but I cannot find any related discussion.

Most likely, the regression was introduced by glibc commit 8ed005daf0ab03e14250032:
all stat-family functions are now exported as shared functions.

Before, some of them (namely stat, lstat, fstat, fstatat) were provided as a part of libc_noshared.a and called their __xstat dopplegangers. This is still true for Debian Sid and earlier Ubuntu's. stat interceptors may be safely provided for them, no problem with that.

Closes https://github.com/google/sanitizers/issues/1452.
See also https://jira.mariadb.org/browse/MDEV-24841

Diff Detail

Event Timeline

foobarrior created this revision.Oct 18 2021, 4:03 AM
Herald added subscribers: fedor.sergeev, krytarowski. · View Herald TranscriptOct 18 2021, 4:03 AM
foobarrior requested review of this revision.Oct 18 2021, 4:03 AM
Herald added a project: Restricted Project. · View Herald TranscriptOct 18 2021, 4:03 AM
Herald added a subscriber: Restricted Project. · View Herald Transcript
Harbormaster completed remote builds in B129300: Diff 380336.Oct 18 2021, 4:21 AM
foobarrior edited the summary of this revision. (Show Details)Oct 18 2021, 5:08 AM
eugenis added inline comments.Oct 18 2021, 2:04 PM
compiler-rt/lib/msan/msan_interceptors.cpp
713

Shouldn't this be "!SANITIZER_FREEBSD && !SANITIZER_NETBSD" ?

foobarrior updated this revision to Diff 380689.EditedOct 19 2021, 7:22 AM

Fix debian build.

__fxstatat interceptor now resides together with fstatat (just like fstat/__fxstat)

INTERCEPT_FUNCTION -> MSAN_INTERCEPT_FUNC to report interception errors

foobarrior updated this revision to Diff 380690.Oct 19 2021, 7:22 AM

MSAN_INTERCEPT_FUNC(__fxstatat64)

foobarrior added inline comments.Oct 19 2021, 7:27 AM
compiler-rt/lib/msan/msan_interceptors.cpp
713

yes, stupid mistake, sorry

Harbormaster completed remote builds in B129550: Diff 380690.Oct 19 2021, 8:01 AM
eugenis added a comment.Oct 19 2021, 4:01 PM

Please apply the clang-format lint changes in the comments.

compiler-rt/lib/msan/msan_interceptors.cpp
710

Please add _MAYBE_ to the macro name for consistency.

compiler-rt/test/msan/fstat.cpp
1 ↗(On Diff #380690)

why is -fPIC necessary?

foobarrior updated this revision to Diff 380911.Oct 20 2021, 5:31 AM

Add _MAYBE_ where necessary.
Remove accidentally added -fPIC

foobarrior added a comment.Oct 20 2021, 5:33 AM

Should I fix lint checks from the review? They seem to be incorrect from my point of view

compiler-rt/test/msan/fstat.cpp
1 ↗(On Diff #380690)

That snuck in accidentally, while i was testing. Removing

foobarrior updated this revision to Diff 380914.Oct 20 2021, 5:42 AM

Reformat the code after eugenis comment is noticed

foobarrior updated this revision to Diff 380918.Oct 20 2021, 5:46 AM

Reformat the code a bit less (no newlines after if's)

foobarrior edited the summary of this revision. (Show Details)Oct 20 2021, 6:01 AM
Harbormaster completed remote builds in B129710: Diff 380918.Oct 20 2021, 6:05 AM
eugenis accepted this revision.Oct 20 2021, 4:30 PM
In D111984#3074929, @foobarrior wrote:

Should I fix lint checks from the review? They seem to be incorrect from my point of view

Yes please. Otherwise they will simply pop up in someone else's patch. We do what clang-format tell us to do :)

LGTM. Do you need me to land this change for you? I can reformat before commit, too.

This revision is now accepted and ready to land.Oct 20 2021, 4:30 PM
foobarrior added a comment.Oct 20 2021, 4:46 PM

Yes, please. I have no commit rights.

eugenis added a subscriber: llvm-commits.Oct 20 2021, 4:55 PM

+llvm-commits

Closed by commit rG4e1a6c07052b: [msan] Add stat-family interceptors on Linux (authored by foobarrior, committed by eugenis). · Explain WhyOct 20 2021, 5:16 PM
This revision was automatically updated to reflect the committed changes.
eugenis added a commit: rG4e1a6c07052b: [msan] Add stat-family interceptors on Linux.
vitalybuka added a subscriber: vitalybuka.Dec 14 2021, 8:12 PM
vitalybuka added inline comments.
compiler-rt/lib/msan/msan_interceptors.cpp
662–663

This condition is inconvenient
I have false msan reports on 2.33 because it's compiled on older glibc

foobarrior added inline comments.Dec 14 2021, 8:25 PM
compiler-rt/lib/msan/msan_interceptors.cpp
662–663

Hi Vitaly!
What's your setup?
And can you provide an exmple of false positive?

vitalybuka added inline comments.Dec 14 2021, 9:31 PM
compiler-rt/lib/msan/msan_interceptors.cpp
662–663

https://lab.llvm.org/staging/#/builders/72/builds/1685/steps/9/logs/stdio

MaskRay added subscribers: thesamesam, MaskRay.Jan 27 2022, 3:38 PM
MaskRay added inline comments.
compiler-rt/lib/msan/msan_interceptors.cpp
662–663

If __GLIBC_PREREQ is not defined (e.g. Linux musl), there will be a preprocessor error like:

  • Clang: error: function-like macro '__GLIBC_PREREQ' is not defined
  • GCC: error: missing binary operator before token "("

Looks like @thesamesam is trying to fix this for Linux musl.

manojgupta mentioned this in D121652: [msan] Add interceptors for Linux 64-bit stat variants.Mar 14 2022, 4:54 PM
manojgupta mentioned this in rG1f82d0f795d1: [msan] Add interceptors for Linux 64-bit stat variants.Mar 15 2022, 8:23 PM

Revision Contents

PathSize
compiler-rt/
lib/
msan/
39 lines
sanitizer_common/
9 lines

Diff 380914

compiler-rt/lib/msan/msan_interceptors.cpp

Show First 20 LinesShow All 648 Lines▼ Show 20 LinesINTERCEPTOR(int, setenv, const char *name, const char *value, int overwrite) {
int res = REAL(setenv)(name, value, overwrite); int res = REAL(setenv)(name, value, overwrite);
if (!res) UnpoisonEnviron(); if (!res) UnpoisonEnviron();
return res; return res;
} }
INTERCEPTOR(int, putenv, char *string) { INTERCEPTOR(int, putenv, char *string) {
ENSURE_MSAN_INITED(); ENSURE_MSAN_INITED();
int res = REAL(putenv)(string); int res = REAL(putenv)(string);
if (!res) UnpoisonEnviron(); if (!res)
UnpoisonEnviron();
return res; return res;
} }
#if SANITIZER_FREEBSD || SANITIZER_NETBSD #define SANITIZER_STAT_LINUX (SANITIZER_LINUX && __GLIBC_PREREQ(2, 33))
#if SANITIZER_FREEBSD || SANITIZER_NETBSD || SANITIZER_STAT_LINUX
vitalybukaUnsubmitted
Not Done
ReplyInline Actions

This condition is inconvenient
I have false msan reports on 2.33 because it's compiled on older glibc

vitalybuka: This condition is inconvenient I have false msan reports on 2.33 because it's compiled on older…
foobarriorAuthorUnsubmitted
Not Done
ReplyInline Actions

Hi Vitaly!
What's your setup?
And can you provide an exmple of false positive?

foobarrior: Hi Vitaly! What's your setup? And can you provide an exmple of false positive?
vitalybukaUnsubmitted
Not Done
ReplyInline Actions

https://lab.llvm.org/staging/#/builders/72/builds/1685/steps/9/logs/stdio

vitalybuka: https://lab.llvm.org/staging/#/builders/72/builds/1685/steps/9/logs/stdio
MaskRayUnsubmitted
Not Done
ReplyInline Actions

If __GLIBC_PREREQ is not defined (e.g. Linux musl), there will be a preprocessor error like:

  • Clang: error: function-like macro '__GLIBC_PREREQ' is not defined
  • GCC: error: missing binary operator before token "("

Looks like @thesamesam is trying to fix this for Linux musl.

MaskRay: If `__GLIBC_PREREQ` is not defined (e.g. Linux musl), there will be a preprocessor error like…
INTERCEPTOR(int, fstat, int fd, void *buf) { INTERCEPTOR(int, fstat, int fd, void *buf) {
ENSURE_MSAN_INITED(); ENSURE_MSAN_INITED();
int res = REAL(fstat)(fd, buf); int res = REAL(fstat)(fd, buf);
if (!res) if (!res)
__msan_unpoison(buf, __sanitizer::struct_stat_sz); __msan_unpoison(buf, __sanitizer::struct_stat_sz);
return res; return res;
} }
#define MSAN_MAYBE_INTERCEPT_FSTAT INTERCEPT_FUNCTION(fstat) # define MSAN_MAYBE_INTERCEPT_FSTAT MSAN_INTERCEPT_FUNC(fstat)
#else #else
#define MSAN_MAYBE_INTERCEPT_FSTAT #define MSAN_MAYBE_INTERCEPT_FSTAT
#endif #endif
#if !SANITIZER_FREEBSD && !SANITIZER_NETBSD #if !SANITIZER_FREEBSD && !SANITIZER_NETBSD
INTERCEPTOR(int, __fxstat, int magic, int fd, void *buf) { INTERCEPTOR(int, __fxstat, int magic, int fd, void *buf) {
ENSURE_MSAN_INITED(); ENSURE_MSAN_INITED();
int res = REAL(__fxstat)(magic, fd, buf); int res = REAL(__fxstat)(magic, fd, buf);
if (!res) if (!res)
__msan_unpoison(buf, __sanitizer::struct_stat_sz); __msan_unpoison(buf, __sanitizer::struct_stat_sz);
return res; return res;
} }
#define MSAN_MAYBE_INTERCEPT___FXSTAT INTERCEPT_FUNCTION(__fxstat) # define MSAN_MAYBE_INTERCEPT___FXSTAT MSAN_INTERCEPT_FUNC(__fxstat)
#else #else
#define MSAN_MAYBE_INTERCEPT___FXSTAT #define MSAN_MAYBE_INTERCEPT___FXSTAT
#endif #endif
#if !SANITIZER_FREEBSD && !SANITIZER_NETBSD #if !SANITIZER_FREEBSD && !SANITIZER_NETBSD
INTERCEPTOR(int, __fxstat64, int magic, int fd, void *buf) { INTERCEPTOR(int, __fxstat64, int magic, int fd, void *buf) {
ENSURE_MSAN_INITED(); ENSURE_MSAN_INITED();
int res = REAL(__fxstat64)(magic, fd, buf); int res = REAL(__fxstat64)(magic, fd, buf);
if (!res) if (!res)
__msan_unpoison(buf, __sanitizer::struct_stat64_sz); __msan_unpoison(buf, __sanitizer::struct_stat64_sz);
return res; return res;
} }
#define MSAN_MAYBE_INTERCEPT___FXSTAT64 INTERCEPT_FUNCTION(__fxstat64) # define MSAN_MAYBE_INTERCEPT___FXSTAT64 MSAN_INTERCEPT_FUNC(__fxstat64)
#else #else
#define MSAN_MAYBE_INTERCEPT___FXSTAT64 # define MSAN_MAYBE_INTERCEPT___FXSTAT64
#endif #endif
#if SANITIZER_FREEBSD || SANITIZER_NETBSD #if SANITIZER_FREEBSD || SANITIZER_NETBSD || SANITIZER_STAT_LINUX
INTERCEPTOR(int, fstatat, int fd, char *pathname, void *buf, int flags) { INTERCEPTOR(int, fstatat, int fd, char *pathname, void *buf, int flags) {
ENSURE_MSAN_INITED(); ENSURE_MSAN_INITED();
int res = REAL(fstatat)(fd, pathname, buf, flags); int res = REAL(fstatat)(fd, pathname, buf, flags);
if (!res) __msan_unpoison(buf, __sanitizer::struct_stat_sz); if (!res)
__msan_unpoison(buf, __sanitizer::struct_stat_sz);
return res; return res;
} }
# define MSAN_INTERCEPT_FSTATAT INTERCEPT_FUNCTION(fstatat) # define MSAN_MAYBE_INTERCEPT_FSTATAT MSAN_INTERCEPT_FUNC(fstatat)
eugenisUnsubmitted
Not Done
ReplyInline Actions

Please add _MAYBE_ to the macro name for consistency.

eugenis: Please add _MAYBE_ to the macro name for consistency.
#else #else
# define MSAN_MAYBE_INTERCEPT_FSTATAT
#endif
eugenisUnsubmitted
Not Done
ReplyInline Actions

Shouldn't this be "!SANITIZER_FREEBSD && !SANITIZER_NETBSD" ?

eugenis: Shouldn't this be "!SANITIZER_FREEBSD && !SANITIZER_NETBSD" ?
foobarriorAuthorUnsubmitted
Done
ReplyInline Actions

yes, stupid mistake, sorry

foobarrior: yes, stupid mistake, sorry
#if !SANITIZER_FREEBSD && !SANITIZER_NETBSD
INTERCEPTOR(int, __fxstatat, int magic, int fd, char *pathname, void *buf, INTERCEPTOR(int, __fxstatat, int magic, int fd, char *pathname, void *buf,
int flags) { int flags) {
ENSURE_MSAN_INITED(); ENSURE_MSAN_INITED();
int res = REAL(__fxstatat)(magic, fd, pathname, buf, flags); int res = REAL(__fxstatat)(magic, fd, pathname, buf, flags);
if (!res) __msan_unpoison(buf, __sanitizer::struct_stat_sz); if (!res)
__msan_unpoison(buf, __sanitizer::struct_stat_sz);
return res; return res;
} }
# define MSAN_INTERCEPT_FSTATAT INTERCEPT_FUNCTION(__fxstatat) # define MSAN_MAYBE_INTERCEPT___FXSTATAT MSAN_INTERCEPT_FUNC(__fxstatat)
#else
# define MSAN_MAYBE_INTERCEPT___FXSTATAT
#endif #endif
#if !SANITIZER_FREEBSD && !SANITIZER_NETBSD #if !SANITIZER_FREEBSD && !SANITIZER_NETBSD
INTERCEPTOR(int, __fxstatat64, int magic, int fd, char *pathname, void *buf, INTERCEPTOR(int, __fxstatat64, int magic, int fd, char *pathname, void *buf,
int flags) { int flags) {
ENSURE_MSAN_INITED(); ENSURE_MSAN_INITED();
int res = REAL(__fxstatat64)(magic, fd, pathname, buf, flags); int res = REAL(__fxstatat64)(magic, fd, pathname, buf, flags);
if (!res) __msan_unpoison(buf, __sanitizer::struct_stat64_sz); if (!res) __msan_unpoison(buf, __sanitizer::struct_stat64_sz);
return res; return res;
} }
#define MSAN_MAYBE_INTERCEPT___FXSTATAT64 INTERCEPT_FUNCTION(__fxstatat64) # define MSAN_MAYBE_INTERCEPT___FXSTATAT64 MSAN_INTERCEPT_FUNC(__fxstatat64)
#else #else
#define MSAN_MAYBE_INTERCEPT___FXSTATAT64 # define MSAN_MAYBE_INTERCEPT___FXSTATAT64
#endif #endif
INTERCEPTOR(int, pipe, int pipefd[2]) { INTERCEPTOR(int, pipe, int pipefd[2]) {
if (msan_init_is_running) if (msan_init_is_running)
return REAL(pipe)(pipefd); return REAL(pipe)(pipefd);
ENSURE_MSAN_INITED(); ENSURE_MSAN_INITED();
int res = REAL(pipe)(pipefd); int res = REAL(pipe)(pipefd);
if (!res) if (!res)
▲ Show 20 LinesShow All 947 Lines▼ Show 20 Lines#endif
INTERCEPT_FUNCTION(wcscmp); INTERCEPT_FUNCTION(wcscmp);
INTERCEPT_FUNCTION(getenv); INTERCEPT_FUNCTION(getenv);
INTERCEPT_FUNCTION(setenv); INTERCEPT_FUNCTION(setenv);
INTERCEPT_FUNCTION(putenv); INTERCEPT_FUNCTION(putenv);
INTERCEPT_FUNCTION(gettimeofday); INTERCEPT_FUNCTION(gettimeofday);
MSAN_MAYBE_INTERCEPT_FCVT; MSAN_MAYBE_INTERCEPT_FCVT;
MSAN_MAYBE_INTERCEPT_FSTAT; MSAN_MAYBE_INTERCEPT_FSTAT;
MSAN_MAYBE_INTERCEPT___FXSTAT; MSAN_MAYBE_INTERCEPT___FXSTAT;
MSAN_INTERCEPT_FSTATAT; MSAN_MAYBE_INTERCEPT_FSTATAT;
MSAN_MAYBE_INTERCEPT___FXSTATAT;
MSAN_MAYBE_INTERCEPT___FXSTAT64; MSAN_MAYBE_INTERCEPT___FXSTAT64;
MSAN_MAYBE_INTERCEPT___FXSTATAT64; MSAN_MAYBE_INTERCEPT___FXSTATAT64;
INTERCEPT_FUNCTION(pipe); INTERCEPT_FUNCTION(pipe);
INTERCEPT_FUNCTION(pipe2); INTERCEPT_FUNCTION(pipe2);
INTERCEPT_FUNCTION(socketpair); INTERCEPT_FUNCTION(socketpair);
MSAN_MAYBE_INTERCEPT_FGETS_UNLOCKED; MSAN_MAYBE_INTERCEPT_FGETS_UNLOCKED;
INTERCEPT_FUNCTION(getrlimit); INTERCEPT_FUNCTION(getrlimit);
MSAN_MAYBE_INTERCEPT___GETRLIMIT; MSAN_MAYBE_INTERCEPT___GETRLIMIT;
Show All 33 Lines

compiler-rt/lib/sanitizer_common/sanitizer_platform_interceptors.h

Show First 20 LinesShow All 454 Lines▼ Show 20 Lines
#define SANITIZER_INTERCEPT_CTERMID_R (SI_MAC || SI_FREEBSD || SI_SOLARIS) #define SANITIZER_INTERCEPT_CTERMID_R (SI_MAC || SI_FREEBSD || SI_SOLARIS)
#define SANITIZER_INTERCEPTOR_HOOKS \ #define SANITIZER_INTERCEPTOR_HOOKS \
(SI_LINUX || SI_MAC || SI_WINDOWS || SI_FREEBSD || SI_NETBSD || SI_SOLARIS) (SI_LINUX || SI_MAC || SI_WINDOWS || SI_FREEBSD || SI_NETBSD || SI_SOLARIS)
#define SANITIZER_INTERCEPT_RECV_RECVFROM SI_POSIX #define SANITIZER_INTERCEPT_RECV_RECVFROM SI_POSIX
#define SANITIZER_INTERCEPT_SEND_SENDTO SI_POSIX #define SANITIZER_INTERCEPT_SEND_SENDTO SI_POSIX
#define SANITIZER_INTERCEPT_EVENTFD_READ_WRITE SI_LINUX #define SANITIZER_INTERCEPT_EVENTFD_READ_WRITE SI_LINUX
#define SI_STAT_LINUX (SI_LINUX && __GLIBC_PREREQ(2, 33))
#define SANITIZER_INTERCEPT_STAT \ #define SANITIZER_INTERCEPT_STAT \
(SI_FREEBSD || SI_MAC || SI_ANDROID || SI_NETBSD || SI_SOLARIS) (SI_FREEBSD || SI_MAC || SI_ANDROID || SI_NETBSD || SI_SOLARIS || \
SI_STAT_LINUX)
#define SANITIZER_INTERCEPT_LSTAT (SI_NETBSD || SI_FREEBSD) #define SANITIZER_INTERCEPT_LSTAT (SI_NETBSD || SI_FREEBSD)
#define SANITIZER_INTERCEPT___XSTAT (!SANITIZER_INTERCEPT_STAT && SI_POSIX) #define SANITIZER_INTERCEPT___XSTAT \
(!SANITIZER_INTERCEPT_STAT && SI_POSIX) || SI_STAT_LINUX
#define SANITIZER_INTERCEPT___XSTAT64 SI_LINUX_NOT_ANDROID #define SANITIZER_INTERCEPT___XSTAT64 SI_LINUX_NOT_ANDROID
#define SANITIZER_INTERCEPT___LXSTAT SANITIZER_INTERCEPT___XSTAT #define SANITIZER_INTERCEPT___LXSTAT SANITIZER_INTERCEPT___XSTAT
#define SANITIZER_INTERCEPT___LXSTAT64 SI_LINUX_NOT_ANDROID #define SANITIZER_INTERCEPT___LXSTAT64 SI_LINUX_NOT_ANDROID
#define SANITIZER_INTERCEPT_UTMP \ #define SANITIZER_INTERCEPT_UTMP \
(SI_POSIX && !SI_MAC && !SI_FREEBSD && !SI_NETBSD) (SI_POSIX && !SI_MAC && !SI_FREEBSD && !SI_NETBSD)
#define SANITIZER_INTERCEPT_UTMPX \ #define SANITIZER_INTERCEPT_UTMPX \
(SI_LINUX_NOT_ANDROID || SI_MAC || SI_FREEBSD || SI_NETBSD) (SI_LINUX_NOT_ANDROID || SI_MAC || SI_FREEBSD || SI_NETBSD)
▲ Show 20 LinesShow All 136 LinesShow Last 20 Lines