This is an archive of the discontinued LLVM Phabricator instance.

Differential D120602

[MSAN] add interceptor for timer_create, timer_settime, timer_gettime
ClosedPublic

Authored by kda on Feb 25 2022, 6:17 PM.

Download Raw Diff

Details

Reviewers

vitalybuka
eugenis

Commits

rG0a4dec6cc2bf: [MSAN] add interceptor for timer_create, timer_settime, timer_gettime
rGc2aab0d3808b: [MSAN] add interceptor for timer_create, timer_settime, timer_gettime

Diff Detail

Repository: rG LLVM Github Monorepo

Event Timeline

kda requested review of this revision.Feb 25 2022, 6:17 PM

kda created this revision.

Herald added a project: Restricted Project. · View Herald TranscriptFeb 25 2022, 6:17 PM

Herald added a subscriber: Restricted Project. · View Herald Transcript

kda added inline comments.Feb 25 2022, 6:28 PM

compiler-rt/lib/sanitizer_common/sanitizer_platform_limits_posix.h
516	lint is insisting on these spaces. They seem wrong. How do I bypass the linter here?

Harbormaster completed remote builds in B151577: Diff 411561.Feb 25 2022, 6:33 PM

for sanitizer_common interceptors we usually add trivial lit test just to make sure that it does not crash with any sanitizers
so LGTM with test/sanitizer_common

compiler-rt/lib/sanitizer_common/sanitizer_common_interceptors.inc
10222	man says timerid us not NULL pointer
10224	we don't use {} for one liners
compiler-rt/lib/sanitizer_common/sanitizer_platform_limits_posix.h
516	insisting to add spaces or to remove?

This revision is now accepted and ready to land.Feb 28 2022, 4:30 PM

remove spacing noise

compiler-rt/lib/sanitizer_common/sanitizer_common_interceptors.inc
10224	I stole this from getitimer, which does.
compiler-rt/lib/sanitizer_common/sanitizer_platform_limits_posix.h
516	The linter is insisting on ADDING the spaces. I don't think they belong there and want to remove them.

kda retitled this revision from [WIP] [MSAN] add interceptor for timer_create to [MSAN] add interceptor for timer_create.Feb 28 2022, 7:44 PM

Harbormaster completed remote builds in B151849: Diff 411949.Feb 28 2022, 8:02 PM

vitalybuka added inline comments.Mar 1 2022, 11:58 PM

compiler-rt/lib/sanitizer_common/sanitizer_platform_limits_posix.h
516	it's find, there is a setting in clang-format to add these spaces, we have it ON. Still some files are not reformated yet. Either way is fine, we can reformat in a separate patch.

Herald added a project: Restricted Project. · View Herald TranscriptMar 1 2022, 11:58 PM

add interceptors for timer_settime and timer_gettime

kda retitled this revision from [MSAN] add interceptor for timer_create to [MSAN] add interceptor for timer_create, timer_settime, timer_gettime.Mar 2 2022, 11:19 AM

vitalybuka added inline comments.Mar 2 2022, 11:29 AM

compiler-rt/lib/sanitizer_common/sanitizer_common_interceptors.inc
10222	btw we need COMMON_INTERCEPTOR_READ_RANGE for sevp
10240	COMMON_INTERCEPTOR_READ_RANGE for new_value? before REAL()?

Harbormaster completed remote builds in B152210: Diff 412495.Mar 2 2022, 11:36 AM

add sanitizer_common test, and UMR checks.

Harbormaster completed remote builds in B152288: Diff 412595.Mar 2 2022, 8:59 PM

vitalybuka accepted this revision.Mar 2 2022, 11:39 PM

vitalybuka added inline comments.

compiler-rt/lib/sanitizer_common/sanitizer_common_interceptors.inc
10215	Can you please clang format it?
10219	Sorry, I guess my suggestion does not work here. sigevent is complex structure, and it contains unions. It's not required to be initialized fully. We need to check field by field according to the spec if the functions. Let's just skip it for now.
10239	Sorry, I've read the man page and similar story: If either field in new_value.it_value is nonzero, then the timer is armed to initially expire at the specified time. If both fields in new_value.it_value are zero, then the timer is disarmed. The new_value.it_interval field specifies the new interval for the timer; if both of its subfields are zero, the timer is single-shot. So we don't READ new_value.it_interval if new_value.it_value is ZERO. I propose just drop it for to avoid introducing struct __sanitizer_itimerval
compiler-rt/test/sanitizer_common/TestCases/Linux/timer.cpp
1–40 ↗	(On Diff #412595)

remove read checks and format

remove FileCheck from timer.cpp

kda marked an inline comment as done.Mar 3 2022, 8:06 AM

Harbormaster completed remote builds in B152383: Diff 412729.Mar 3 2022, 8:30 AM

move timer.cpp from Linux to Posix.

vitalybuka accepted this revision.Mar 4 2022, 5:08 PM

Harbormaster completed remote builds in B152694: Diff 413169.Mar 4 2022, 5:19 PM

vitalybuka added inline comments.Mar 4 2022, 7:40 PM

compiler-rt/lib/sanitizer_common/sanitizer_platform_interceptors.h
591–593	OSX does not support it also single define maybe is enough?
compiler-rt/lib/sanitizer_common/sanitizer_platform_limits_posix.h
512	we need to make this timer_create, #define SANITIZER_INTERCEPT_TIMER_CREATE SI_POSIX #define SANITIZER_INTERCEPT_TIMER_SETTIME SI_POSIX #define SANITIZER_INTERCEPT_TIMER_GETTIME SI_POSIX and TestCases/Posix/ or TestCases/Linux/ and TEST(MemorySanitizer, timer_create) { .... consistent Looks like OSX does not support this functions we need this for other platforms: search all "typedef.*__sanitizer_clockid_t"
compiler-rt/test/sanitizer_common/TestCases/Posix/timer.cpp
3	// UNSUPPORTED: darwin

going with LINUX

Herald added a subscriber: fedor.sergeev. · View Herald TranscriptMar 5 2022, 2:34 PM

kda added inline comments.Mar 5 2022, 2:35 PM

compiler-rt/lib/sanitizer_common/sanitizer_platform_limits_posix.h
512	I'm leaving this as is. I'm choosing LINUX.

move test back to Posix, add typedef to solaris, freebsd, netbsd.

Herald added a subscriber: emaste. · View Herald TranscriptMar 8 2022, 2:13 PM

Harbormaster completed remote builds in B153234: Diff 413932.Mar 8 2022, 2:34 PM

vitalybuka accepted this revision.Mar 8 2022, 3:11 PM

vitalybuka added inline comments.

compiler-rt/test/sanitizer_common/TestCases/Posix/timer.cpp
2

add UNSUPPORTED: darwin to test

kda marked an inline comment as done.Mar 8 2022, 3:17 PM

vitalybuka accepted this revision.Mar 8 2022, 3:30 PM

Harbormaster completed remote builds in B153254: Diff 413955.Mar 8 2022, 3:36 PM

This revision was landed with ongoing or failed builds.Mar 8 2022, 4:59 PM

Closed by commit rGc2aab0d3808b: [MSAN] add interceptor for timer_create, timer_settime, timer_gettime (authored by kda). · Explain Why

This revision was automatically updated to reflect the committed changes.

kda added a commit: rGc2aab0d3808b: [MSAN] add interceptor for timer_create, timer_settime, timer_gettime.

The new test is failing on our builders with what appears to be a leak:

Script:
--
: 'RUN: at line 1';      /opt/s/w/ir/x/w/staging/llvm_build/./bin/clang  --driver-mode=g++ -gline-tables-only -fsanitize=leak  --unwindlib=libunwind -static-libgcc -Wthread-safety -Wthread-safety-reference -Wthread-safety-beta  -funwind-tables --sysroot=/opt/s/w/ir/x/w/cipd/linux  -ldl -O0 -g /opt/s/w/ir/x/w/llvm-llvm-project/compiler-rt/test/sanitizer_common/TestCases/Posix/timer.cpp -o /opt/s/w/ir/x/w/staging/llvm_build/runtimes/runtimes-aarch64-unknown-linux-gnu-bins/compiler-rt/test/sanitizer_common/lsan-aarch64-Linux/Posix/Output/timer.cpp.tmp &&  /opt/s/w/ir/x/w/staging/llvm_build/runtimes/runtimes-aarch64-unknown-linux-gnu-bins/compiler-rt/test/sanitizer_common/lsan-aarch64-Linux/Posix/Output/timer.cpp.tmp
--
Exit Code: 23

Command Output (stderr):
--

=================================================================
==16730==ERROR: LeakSanitizer: detected memory leaks

Direct leak of 8 byte(s) in 1 object(s) allocated from:
    #0 0x2510e0 in malloc ../staging/llvm_build/runtimes/runtimes-aarch64-unknown-linux-gnu-bins/../staging/llvm_build/runtimes/runtimes-aarch64-unknown-linux-gnu-bins/compiler-rt/lib/lsan/lsan_interceptors.cpp:75:3
    #1 0xffff819feb50 in timer_create (/lib/aarch64-linux-gnu/librt.so.1+0x3b50) (BuildId: 1aba141af4fa49c86298936e700aa7fd865f5518)
    #2 0x253838 in main /opt/s/w/ir/x/w/llvm-llvm-project/compiler-rt/test/sanitizer_common/TestCases/Posix/timer.cpp:13:3
    #3 0xffff818c26dc in __libc_start_main (/lib/aarch64-linux-gnu/libc.so.6+0x206dc) (BuildId: 53f40c1d2f3739ae017dcdcef1a17314786e3709)
    #4 0x2281d4 in _start (/opt/s/w/ir/x/w/staging/llvm_build/runtimes/runtimes-aarch64-unknown-linux-gnu-bins/compiler-rt/test/sanitizer_common/lsan-aarch64-Linux/Posix/Output/timer.cpp.tmp+0x2281d4) (BuildId: a7e4b66ead191fc7)

SUMMARY: LeakSanitizer: 8 byte(s) leaked in 1 allocation(s).

--

Would it be possible to take a look and revert the change if necessary?

This commit also causes our bots fail https://lab.llvm.org/buildbot/#/builders/105/builds/22623

******************** TEST 'SanitizerCommon-lsan-powerpc64le-Linux :: Posix/timer.cpp' FAILED ********************
Script:
--
: 'RUN: at line 1';      /home/buildbots/ppc64le-clang-lnt-test/clang-ppc64le-lnt/stage1/./bin/clang  --driver-mode=g++ -gline-tables-only -fsanitize=leak  -m64 -fno-function-sections -funwind-tables  -ldl -O0 -g /home/buildbots/ppc64le-clang-lnt-test/clang-ppc64le-lnt/llvm/compiler-rt/test/sanitizer_common/TestCases/Posix/timer.cpp -o /home/buildbots/ppc64le-clang-lnt-test/clang-ppc64le-lnt/stage1/projects/compiler-rt/test/sanitizer_common/lsan-powerpc64le-Linux/Posix/Output/timer.cpp.tmp &&  /home/buildbots/ppc64le-clang-lnt-test/clang-ppc64le-lnt/stage1/projects/compiler-rt/test/sanitizer_common/lsan-powerpc64le-Linux/Posix/Output/timer.cpp.tmp
--
Exit Code: 23
Command Output (stderr):
--
=================================================================
==151261==ERROR: LeakSanitizer: detected memory leaks
Direct leak of 8 byte(s) in 1 object(s) allocated from:
    #0 0x1005410c in __interceptor_malloc.part.10 /home/buildbots/ppc64le-clang-lnt-test/clang-ppc64le-lnt/llvm/compiler-rt/lib/lsan/lsan_interceptors.cpp:75:3
    #1 0x7fff81a649a8 in .annobin_timer_create.c timer_create.c
    #2 0x10058c24 in main /home/buildbots/ppc64le-clang-lnt-test/clang-ppc64le-lnt/llvm/compiler-rt/test/sanitizer_common/TestCases/Posix/timer.cpp:13:3
    #3 0x7fff818249f4 in .annobin_libc_start.c libc-start.c
    #4 0x7fff81824be0 in __libc_start_main (/lib64/libc.so.6+0x24be0) (BuildId: 3f510e433e7682fc2680148fe7836ab789f8084b)
SUMMARY: LeakSanitizer: 8 byte(s) leaked in 1 allocation(s).

******************** TEST 'SanitizerCommon-lsan-powerpc64le-Linux :: Posix/timer.cpp' FAILED ********************
Script:
--
: 'RUN: at line 1';      /home/buildbots/ppc64le-clang-lnt-test/clang-ppc64le-lnt/stage1/./bin/clang  --driver-mode=g++ -gline-tables-only -fsanitize=leak  -m64 -fno-function-sections -funwind-tables  -ldl -O0 -g /home/buildbots/ppc64le-clang-lnt-test/clang-ppc64le-lnt/llvm/compiler-rt/test/sanitizer_common/TestCases/Posix/timer.cpp -o /home/buildbots/ppc64le-clang-lnt-test/clang-ppc64le-lnt/stage1/projects/compiler-rt/test/sanitizer_common/lsan-powerpc64le-Linux/Posix/Output/timer.cpp.tmp &&  /home/buildbots/ppc64le-clang-lnt-test/clang-ppc64le-lnt/stage1/projects/compiler-rt/test/sanitizer_common/lsan-powerpc64le-Linux/Posix/Output/timer.cpp.tmp
--
Exit Code: 23
Command Output (stderr):
--
=================================================================
==151261==ERROR: LeakSanitizer: detected memory leaks
Direct leak of 8 byte(s) in 1 object(s) allocated from:
    #0 0x1005410c in __interceptor_malloc.part.10 /home/buildbots/ppc64le-clang-lnt-test/clang-ppc64le-lnt/llvm/compiler-rt/lib/lsan/lsan_interceptors.cpp:75:3
    #1 0x7fff81a649a8 in .annobin_timer_create.c timer_create.c
    #2 0x10058c24 in main /home/buildbots/ppc64le-clang-lnt-test/clang-ppc64le-lnt/llvm/compiler-rt/test/sanitizer_common/TestCases/Posix/timer.cpp:13:3
    #3 0x7fff818249f4 in .annobin_libc_start.c libc-start.c
    #4 0x7fff81824be0 in __libc_start_main (/lib64/libc.so.6+0x24be0) (BuildId: 3f510e433e7682fc2680148fe7836ab789f8084b)
SUMMARY: LeakSanitizer: 8 byte(s) leaked in 1 allocation(s).

This also failing on all our bots:
https://lab.llvm.org/buildbot/#/builders/105/builds/22623
https://lab.llvm.org/buildbot/#/builders/100/builds/13530

******************** TEST 'SanitizerCommon-lsan-powerpc64le-Linux :: Posix/timer.cpp' FAILED ********************
Script:
--
: 'RUN: at line 1';      /home/buildbots/ppc64le-clang-lnt-test/clang-ppc64le-lnt/stage1/./bin/clang  --driver-mode=g++ -gline-tables-only -fsanitize=leak  -m64 -fno-function-sections -funwind-tables  -ldl -O0 -g /home/buildbots/ppc64le-clang-lnt-test/clang-ppc64le-lnt/llvm/compiler-rt/test/sanitizer_common/TestCases/Posix/timer.cpp -o /home/buildbots/ppc64le-clang-lnt-test/clang-ppc64le-lnt/stage1/projects/compiler-rt/test/sanitizer_common/lsan-powerpc64le-Linux/Posix/Output/timer.cpp.tmp &&  /home/buildbots/ppc64le-clang-lnt-test/clang-ppc64le-lnt/stage1/projects/compiler-rt/test/sanitizer_common/lsan-powerpc64le-Linux/Posix/Output/timer.cpp.tmp
--
Exit Code: 23
Command Output (stderr):
--
=================================================================
==151261==ERROR: LeakSanitizer: detected memory leaks
Direct leak of 8 byte(s) in 1 object(s) allocated from:
    #0 0x1005410c in __interceptor_malloc.part.10 /home/buildbots/ppc64le-clang-lnt-test/clang-ppc64le-lnt/llvm/compiler-rt/lib/lsan/lsan_interceptors.cpp:75:3
    #1 0x7fff81a649a8 in .annobin_timer_create.c timer_create.c
    #2 0x10058c24 in main /home/buildbots/ppc64le-clang-lnt-test/clang-ppc64le-lnt/llvm/compiler-rt/test/sanitizer_common/TestCases/Posix/timer.cpp:13:3
    #3 0x7fff818249f4 in .annobin_libc_start.c libc-start.c
    #4 0x7fff81824be0 in __libc_start_main (/lib64/libc.so.6+0x24be0) (BuildId: 3f510e433e7682fc2680148fe7836ab789f8084b)
SUMMARY: LeakSanitizer: 8 byte(s) leaked in 1 allocation(s).
--
********************
******************** TEST 'SanitizerCommon-asan-powerpc64le-Linux :: Posix/timer.cpp' FAILED ********************
Script:
--
: 'RUN: at line 1';      /home/buildbots/ppc64le-clang-lnt-test/clang-ppc64le-lnt/stage1/./bin/clang  --driver-mode=g++ -gline-tables-only -fsanitize=address  -m64 -fno-function-sections -funwind-tables  -ldl -O0 -g /home/buildbots/ppc64le-clang-lnt-test/clang-ppc64le-lnt/llvm/compiler-rt/test/sanitizer_common/TestCases/Posix/timer.cpp -o /home/buildbots/ppc64le-clang-lnt-test/clang-ppc64le-lnt/stage1/projects/compiler-rt/test/sanitizer_common/asan-powerpc64le-Linux/Posix/Output/timer.cpp.tmp &&  /home/buildbots/ppc64le-clang-lnt-test/clang-ppc64le-lnt/stage1/projects/compiler-rt/test/sanitizer_common/asan-powerpc64le-Linux/Posix/Output/timer.cpp.tmp
--
Exit Code: 1
Command Output (stderr):
--
=================================================================
==151451==ERROR: LeakSanitizer: detected memory leaks
Direct leak of 8 byte(s) in 1 object(s) allocated from:
    #0 0x100e7e84 in __interceptor_malloc.part.10 /home/buildbots/ppc64le-clang-lnt-test/clang-ppc64le-lnt/llvm/compiler-rt/lib/asan/asan_malloc_linux.cpp:69:3
    #1 0x7ffff7b649a8 in .annobin_timer_create.c timer_create.c
    #2 0x1007075c in __interceptor_timer_create.part.331 /home/buildbots/ppc64le-clang-lnt-test/clang-ppc64le-lnt/llvm/compiler-rt/lib/asan/../sanitizer_common/sanitizer_common_interceptors.inc:10222:31
    #3 0x10151d68 in main /home/buildbots/ppc64le-clang-lnt-test/clang-ppc64le-lnt/llvm/compiler-rt/test/sanitizer_common/TestCases/Posix/timer.cpp:13:3
    #4 0x7ffff79249f4 in .annobin_libc_start.c libc-start.c
    #5 0x7ffff7924be0 in __libc_start_main (/lib64/libc.so.6+0x24be0) (BuildId: 3f510e433e7682fc2680148fe7836ab789f8084b)
SUMMARY: AddressSanitizer: 8 byte(s) leaked in 1 allocation(s).
--
********************

The test is failing on s390x as well:

******************** TEST 'SanitizerCommon-asan-s390x-Linux :: Posix/timer.cpp' FAILED ********************
Script:
--
: 'RUN: at line 1';      /home/uweigand/sandbox/buildbot/clang-s390x-linux/stage1/./bin/clang  --driver-mode=g++ -gline-tables-only -fsanitize=address  -funwind-tables  -ldl -O0 -g /home/uweigand/sandbox/buildbot/clang-s390x-linux/llvm/compiler-rt/test/sanitizer_common/TestCases/Posix/timer.cpp -o /home/uweigand/sandbox/buildbot/clang-s390x-linux/stage1/projects/compiler-rt/test/sanitizer_common/asan-s390x-Linux/Posix/Output/timer.cpp.tmp &&  /home/uweigand/sandbox/buildbot/clang-s390x-linux/stage1/projects/compiler-rt/test/sanitizer_common/asan-s390x-Linux/Posix/Output/timer.cpp.tmp
--
Exit Code: 1
Command Output (stderr):
--
AddressSanitizer:DEADLYSIGNAL
=================================================================
==3181575==ERROR: AddressSanitizer: SEGV on unknown address 0x0403cb561000 (pc 0x03ff88104914 bp 0x000000000000 sp 0x03fffd7fe028 T0)
==3181575==The signal is caused by a UNKNOWN memory access.
    #0 0x3ff88104914 in timer_settime /build/glibc-8YaO6T/glibc-2.31/rt/../sysdeps/unix/sysv/linux/x86_64/timer_settime.c:41:10
    #1 0x10436a7 in timer_settime /home/uweigand/sandbox/buildbot/clang-s390x-linux/llvm/compiler-rt/lib/asan/../sanitizer_common/sanitizer_common_interceptors.inc:10235:32
    #2 0x1110fbb in main /home/uweigand/sandbox/buildbot/clang-s390x-linux/llvm/compiler-rt/test/sanitizer_common/TestCases/Posix/timer.cpp:21:3
    #3 0x3ff87ea4409 in __libc_start_main /build/glibc-8YaO6T/glibc-2.31/csu/libc-start.c:308:16
    #4 0x1022173 in _start (/home/uweigand/sandbox/buildbot/clang-s390x-linux/stage1/projects/compiler-rt/test/sanitizer_common/asan-s390x-Linux/Posix/Output/timer.cpp.tmp+0x1022173)
AddressSanitizer can not provide additional info.
SUMMARY: AddressSanitizer: SEGV /build/glibc-8YaO6T/glibc-2.31/rt/../sysdeps/unix/sysv/linux/x86_64/timer_settime.c:41:10 in timer_settime
==3181575==ABORTING
--
********************

phosek added a reverting change: rGb0e369501fac: Revert "[MSAN] add interceptor for timer_create, timer_settime, timer_gettime".Mar 9 2022, 10:46 AM

kda reopened this revision.Mar 9 2022, 11:04 AM

This revision is now accepted and ready to land.Mar 9 2022, 11:04 AM

fix memory leak and SEGV in timer.cpp

This revision was landed with ongoing or failed builds.Mar 9 2022, 11:21 AM

Closed by commit rG0a4dec6cc2bf: [MSAN] add interceptor for timer_create, timer_settime, timer_gettime (authored by kda). · Explain Why

This revision was automatically updated to reflect the committed changes.

kda added a commit: rG0a4dec6cc2bf: [MSAN] add interceptor for timer_create, timer_settime, timer_gettime.

Harbormaster completed remote builds in B153401: Diff 414164.Mar 9 2022, 11:46 AM

kda added a reverting change: rGfc9e07873f0c: Revert "[MSAN] add interceptor for timer_create, timer_settime, timer_gettime".Mar 9 2022, 2:57 PM

Revision Contents

Path

Size

compiler-rt/

lib/

msan/

tests/

msan_test.cpp

34 lines

sanitizer_common/

sanitizer_common_interceptors.inc

46 lines

sanitizer_platform_interceptors.h

2 lines

sanitizer_platform_limits_freebsd.h

1 line

sanitizer_platform_limits_netbsd.h

1 line

sanitizer_platform_limits_posix.h

1 line

sanitizer_platform_limits_solaris.h

1 line

test/

sanitizer_common/

TestCases/

Posix/

timer.cpp

38 lines

Diff 414165

compiler-rt/lib/msan/tests/msan_test.cpp

Show First 20 Lines • Show All 4,673 Lines • ▼ Show 20 Lines	TEST(MemorySanitizer, LargeAllocatorUnpoisonsOnFree) {

EXPECT_NOT_POISONED(q[0]);		EXPECT_NOT_POISONED(q[0]);
EXPECT_NOT_POISONED(q[10]);		EXPECT_NOT_POISONED(q[10]);
EXPECT_NOT_POISONED(q[100]);		EXPECT_NOT_POISONED(q[100]);

munmap(q, 4096);		munmap(q, 4096);
}		}

		TEST(MemorySanitizer, timer_create) {
		struct sigevent sev {};
		sev.sigev_notify = SIGEV_NONE;
		timer_t timerid;
		EXPECT_POISONED(timerid);
		ASSERT_EQ(0, timer_create(CLOCK_REALTIME, &sev, &timerid));
		EXPECT_NOT_POISONED(timerid);
		}

		TEST(MemorySanitizer, timer_settime) {
		struct sigevent sev {};
		sev.sigev_notify = SIGEV_NONE;
		timer_t timerid;
		ASSERT_EQ(0, timer_create(CLOCK_REALTIME, &sev, &timerid));
		struct itimerspec new_value {};
		new_value.it_interval.tv_sec = 10;
		new_value.it_value.tv_sec = 10;
		struct itimerspec old_value;
		EXPECT_POISONED(old_value);
		ASSERT_EQ(0, timer_settime(timerid, 0, &new_value, &old_value));
		EXPECT_NOT_POISONED(old_value);
		}

		TEST(MemorySanitizer, timer_gettime) {
		struct sigevent sev {};
		sev.sigev_notify = SIGEV_NONE;
		timer_t timerid;
		ASSERT_EQ(0, timer_create(CLOCK_REALTIME, &sev, &timerid));
		struct itimerspec curr_value;
		EXPECT_POISONED(curr_value);
		ASSERT_EQ(0, timer_gettime(timerid, &curr_value));
		EXPECT_NOT_POISONED(curr_value);
		}

#if SANITIZER_TEST_HAS_MALLOC_USABLE_SIZE		#if SANITIZER_TEST_HAS_MALLOC_USABLE_SIZE
TEST(MemorySanitizer, MallocUsableSizeTest) {		TEST(MemorySanitizer, MallocUsableSizeTest) {
const size_t kArraySize = 100;		const size_t kArraySize = 100;
char array = Ident((char)malloc(kArraySize));		char array = Ident((char)malloc(kArraySize));
int *int_ptr = Ident(new int);		int *int_ptr = Ident(new int);
EXPECT_EQ(0U, malloc_usable_size(NULL));		EXPECT_EQ(0U, malloc_usable_size(NULL));
EXPECT_EQ(kArraySize, malloc_usable_size(array));		EXPECT_EQ(kArraySize, malloc_usable_size(array));
EXPECT_EQ(sizeof(int), malloc_usable_size(int_ptr));		EXPECT_EQ(sizeof(int), malloc_usable_size(int_ptr));
▲ Show 20 Lines • Show All 177 Lines • Show Last 20 Lines

compiler-rt/lib/sanitizer_common/sanitizer_common_interceptors.inc

This file is larger than 256 KB, so syntax highlighting is disabled by default.

Show First 20 Lines • Show All 10,205 Lines • ▼ Show 20 Lines

COMMON_INTERCEPTOR_WRITE_RANGE(ctx, utsname,

__sanitizer::struct_utsname_sz);

return res;

}

#define INIT___XUNAME COMMON_INTERCEPT_FUNCTION(__xuname)

#else

#define INIT___XUNAME

#endif

#if SANITIZER_INTERCEPT_TIMER

INTERCEPTOR(int, timer_create, __sanitizer_clockid_t clockid,

vitalybukaUnsubmitted

Done

Can you please clang format it?

vitalybuka: Can you please clang format it?

struct sigevent *sevp, __sanitizer_timer_t *timerid) {

void *ctx;

COMMON_INTERCEPTOR_ENTER(ctx, timer_create, clockid, sevp, timerid);

// FIXME: under ASan the call below may write to freed memory and corrupt

vitalybukaUnsubmitted

Done

COMMON_INTERCEPTOR_ENTER(ctx, timer_create, clockid, sevp, timerid);

- COMMON_INTERCEPTOR_READ_RANGE(ctx, sevp, struct_sigevent_sz);

// FIXME: under ASan the call below may write to freed memory and corrupt

Sorry, I guess my suggestion does not work here.
sigevent is complex structure, and it contains unions.
It's not required to be initialized fully. We need to check field by field according to the spec if the functions.
Let's just skip it for now.

vitalybuka: Sorry, I guess my suggestion does not work here. sigevent is complex structure, and it contains…

// its metadata. See

// https://github.com/google/sanitizers/issues/321.

int res = REAL(timer_create)(clockid, sevp, timerid);

vitalybukaUnsubmitted

Done

man says timerid us not NULL pointer

vitalybuka: man says timerid us not NULL pointer

vitalybukaUnsubmitted

Not Done

btw we need COMMON_INTERCEPTOR_READ_RANGE for sevp

vitalybuka: btw we need COMMON_INTERCEPTOR_READ_RANGE for sevp

if (!res)

COMMON_INTERCEPTOR_WRITE_RANGE(ctx, timerid, sizeof(*timerid));

vitalybukaUnsubmitted

Done

we don't use {} for one liners

vitalybuka: we don't use {} for one liners

kdaAuthorUnsubmitted

Done

I stole this from getitimer, which does.

kda: I stole this from getitimer, which does.

return res;

}

INTERCEPTOR(int, timer_settime, __sanitizer_timer_t timerid, int flags,

const void *new_value, void *old_value) {

void *ctx;

COMMON_INTERCEPTOR_ENTER(ctx, timer_settime, timerid, flags, new_value,

old_value);

// FIXME: under ASan the call below may write to freed memory and corrupt

// its metadata. See

// https://github.com/google/sanitizers/issues/321.

int res = REAL(timer_settime)(timerid, flags, new_value, old_value);

if (!res && old_value)

COMMON_INTERCEPTOR_WRITE_RANGE(ctx, old_value, struct_itimerval_sz);

return res;

}

vitalybukaUnsubmitted

Done

old_value);

- COMMON_INTERCEPTOR_READ_RANGE(ctx, new_value, struct_itimerval_sz);

// FIXME: under ASan the call below may write to freed memory and corrupt

Sorry, I've read the man page and similar story:

If either field in new_value.it_value is nonzero, then the timer

is armed to initially expire at the specified time.  If both
fields in new_value.it_value are zero, then the timer is
disarmed.

The new_value.it_interval field specifies the new interval for
the timer; if both of its subfields are zero, the timer is
single-shot.

So we don't READ new_value.it_interval if new_value.it_value is ZERO.
I propose just drop it for to avoid introducing struct __sanitizer_itimerval

vitalybuka: Sorry, I've read the man page and similar story: > If either field in new_value.it_value is…

INTERCEPTOR(int, timer_gettime, __sanitizer_timer_t timerid, void *curr_value) {

vitalybukaUnsubmitted

Not Done

COMMON_INTERCEPTOR_READ_RANGE for new_value?
before REAL()?

vitalybuka: COMMON_INTERCEPTOR_READ_RANGE for new_value? before REAL()?

void *ctx;

COMMON_INTERCEPTOR_ENTER(ctx, timer_gettime, timerid, curr_value);

// FIXME: under ASan the call below may write to freed memory and corrupt

// its metadata. See

// https://github.com/google/sanitizers/issues/321.

int res = REAL(timer_gettime)(timerid, curr_value);

if (!res)

COMMON_INTERCEPTOR_WRITE_RANGE(ctx, curr_value, struct_itimerval_sz);

return res;

}

#define INIT_TIMER \

COMMON_INTERCEPT_FUNCTION(timer_create); \

COMMON_INTERCEPT_FUNCTION(timer_settime); \

COMMON_INTERCEPT_FUNCTION(timer_gettime);

#else

#define INIT_TIMER

#endif

#include "sanitizer_common_interceptors_netbsd_compat.inc"

static void InitializeCommonInterceptors() {

#if SI_POSIX

static u64 metadata_mem[sizeof(MetadataHashMap) / sizeof(u64) + 1];

interceptor_metadata_map = new ((void *)&metadata_mem) MetadataHashMap();

#endif

▲ Show 20 Lines • Show All 302 Lines • ▼ Show 20 Lines

#endif

INIT_CRYPT_R;

INIT_GETENTROPY;

INIT_QSORT;

INIT_QSORT_R;

INIT_BSEARCH;

INIT_SIGALTSTACK;

INIT_UNAME;

INIT___XUNAME;

INIT_TIMER;

INIT___PRINTF_CHK;

}

compiler-rt/lib/sanitizer_common/sanitizer_platform_interceptors.h

Show First 20 Lines • Show All 582 Lines • ▼ Show 20 Lines

#define SANITIZER_INTERCEPT_BSEARCH \

(SI_POSIX && !SI_IOSSIM && !SI_WATCHOS && !SI_TVOS && !SI_ANDROID)

// sigaltstack on i386 macOS cannot be intercepted due to setjmp()

// calling it and assuming that it does not clobber registers.

#define SANITIZER_INTERCEPT_SIGALTSTACK \

(SI_POSIX && !(SANITIZER_MAC && SANITIZER_I386))

#define SANITIZER_INTERCEPT_UNAME (SI_POSIX && !SI_FREEBSD)

#define SANITIZER_INTERCEPT___XUNAME SI_FREEBSD

#define SANITIZER_INTERCEPT_TIMER \

(SI_FREEBSD || SI_NETBSD || SI_LINUX || SI_SOLARIS)

#define SANITIZER_INTERCEPT_FLOPEN SI_FREEBSD

vitalybukaUnsubmitted

Done

#define SANITIZER_INTERCEPT___XUNAME SI_FREEBSD

- #define SANITIZER_INTERCEPT_TIMER_CREATE SI_POSIX

- #define SANITIZER_INTERCEPT_TIMER_SETTIME SI_POSIX

- #define SANITIZER_INTERCEPT_TIMER_GETTIME SI_POSIX

+ #define SANITIZER_INTERCEPT_TIMER (SI_FREEBSD || SI_NETBSD || SI_LINUX || SI_SOLARIS)

#define SANITIZER_INTERCEPT_FLOPEN SI_FREEBSD

OSX does not support it

also single define maybe is enough?

vitalybuka: OSX does not support it also single define maybe is enough?

// This macro gives a way for downstream users to override the above

// interceptor macros irrespective of the platform they are on. They have

// to do two things:

// 1. Build compiler-rt with -DSANITIZER_OVERRIDE_INTERCEPTORS.

// 2. Provide a header file named sanitizer_intercept_overriders.h in the

// include path for their compiler-rt build.

// An example of an overrider for strlen interceptor that one can list in

Show All 15 Lines

compiler-rt/lib/sanitizer_common/sanitizer_platform_limits_freebsd.h

	Show First 20 Lines • Show All 249 Lines • ▼ Show 20 Lines
	# endif			# endif
	unsigned short d_reclen;			unsigned short d_reclen;
	// more fields that we don't care about			// more fields that we don't care about
	};			};

	// 'clock_t' is 32 bits wide on x64 FreeBSD			// 'clock_t' is 32 bits wide on x64 FreeBSD
	typedef int __sanitizer_clock_t;			typedef int __sanitizer_clock_t;
	typedef int __sanitizer_clockid_t;			typedef int __sanitizer_clockid_t;
				typedef void *__sanitizer_timer_t;

	# if defined(_LP64) \|\| defined(__x86_64__) \|\| defined(__powerpc__) \|\| \			# if defined(_LP64) \|\| defined(__x86_64__) \|\| defined(__powerpc__) \|\| \
	defined(__mips__)			defined(__mips__)
	typedef unsigned __sanitizer___kernel_uid_t;			typedef unsigned __sanitizer___kernel_uid_t;
	typedef unsigned __sanitizer___kernel_gid_t;			typedef unsigned __sanitizer___kernel_gid_t;
	# else			# else
	typedef unsigned short __sanitizer___kernel_uid_t;			typedef unsigned short __sanitizer___kernel_uid_t;
	typedef unsigned short __sanitizer___kernel_gid_t;			typedef unsigned short __sanitizer___kernel_gid_t;
	▲ Show 20 Lines • Show All 433 Lines • Show Last 20 Lines

compiler-rt/lib/sanitizer_common/sanitizer_platform_limits_netbsd.h

	Show First 20 Lines • Show All 253 Lines • ▼ Show 20 Lines
	struct __sanitizer_dirent {			struct __sanitizer_dirent {
	u64 d_fileno;			u64 d_fileno;
	u16 d_reclen;			u16 d_reclen;
	// more fields that we don't care about			// more fields that we don't care about
	};			};

	typedef int __sanitizer_clock_t;			typedef int __sanitizer_clock_t;
	typedef int __sanitizer_clockid_t;			typedef int __sanitizer_clockid_t;
				typedef void *__sanitizer_timer_t;

	typedef u32 __sanitizer___kernel_uid_t;			typedef u32 __sanitizer___kernel_uid_t;
	typedef u32 __sanitizer___kernel_gid_t;			typedef u32 __sanitizer___kernel_gid_t;
	typedef u64 __sanitizer___kernel_off_t;			typedef u64 __sanitizer___kernel_off_t;
	typedef struct {			typedef struct {
	u32 fds_bits[8];			u32 fds_bits[8];
	} __sanitizer___kernel_fd_set;			} __sanitizer___kernel_fd_set;

	▲ Show 20 Lines • Show All 2,152 Lines • Show Last 20 Lines

compiler-rt/lib/sanitizer_common/sanitizer_platform_limits_posix.h

	Show First 20 Lines • Show All 503 Lines • ▼ Show 20 Lines
	#endif			#endif

	#if defined(__x86_64__) && !defined(_LP64)			#if defined(__x86_64__) && !defined(_LP64)
	typedef long long __sanitizer_clock_t;			typedef long long __sanitizer_clock_t;
	#else			#else
	typedef long __sanitizer_clock_t;			typedef long __sanitizer_clock_t;
	#endif			#endif

	#if SANITIZER_LINUX			#if SANITIZER_LINUX
				vitalybukaUnsubmitted Not Done Reply Inline Actions we need to make this timer_create, #define SANITIZER_INTERCEPT_TIMER_CREATE SI_POSIX #define SANITIZER_INTERCEPT_TIMER_SETTIME SI_POSIX #define SANITIZER_INTERCEPT_TIMER_GETTIME SI_POSIX and TestCases/Posix/ or TestCases/Linux/ and TEST(MemorySanitizer, timer_create) { .... consistent Looks like OSX does not support this functions we need this for other platforms: search all "typedef.__sanitizer_clockid_t" vitalybuka:* we need to make this timer_create, #define SANITIZER_INTERCEPT_TIMER_CREATE SI_POSIX #define…
				kdaAuthorUnsubmitted Done Reply Inline Actions I'm leaving this as is. I'm choosing LINUX. kda: I'm leaving this as is. I'm choosing LINUX.
	typedef int __sanitizer_clockid_t;			typedef int __sanitizer_clockid_t;
				typedef void *__sanitizer_timer_t;
	#endif			#endif

				kdaAuthorUnsubmitted Done Reply Inline Actions lint is insisting on these spaces. They seem wrong. How do I bypass the linter here? kda: lint is insisting on these spaces. They seem wrong. How do I bypass the linter here?
				vitalybukaUnsubmitted Not Done Reply Inline Actions insisting to add spaces or to remove? vitalybuka: insisting to add spaces or to remove?
				kdaAuthorUnsubmitted Done Reply Inline Actions The linter is insisting on ADDING the spaces. I don't think they belong there and want to remove them. kda: The linter is insisting on ADDING the spaces. I don't think they belong there and want to…
				vitalybukaUnsubmitted Not Done Reply Inline Actions it's find, there is a setting in clang-format to add these spaces, we have it ON. Still some files are not reformated yet. Either way is fine, we can reformat in a separate patch. vitalybuka: it's find, there is a setting in clang-format to add these spaces, we have it ON. Still some…
	#if SANITIZER_LINUX			#if SANITIZER_LINUX
	# if defined(_LP64) \|\| defined(__x86_64__) \|\| defined(__powerpc__) \|\| \			# if defined(_LP64) \|\| defined(__x86_64__) \|\| defined(__powerpc__) \|\| \
	defined(__mips__) \|\| defined(__hexagon__)			defined(__mips__) \|\| defined(__hexagon__)
	typedef unsigned __sanitizer___kernel_uid_t;			typedef unsigned __sanitizer___kernel_uid_t;
	typedef unsigned __sanitizer___kernel_gid_t;			typedef unsigned __sanitizer___kernel_gid_t;
	#else			#else
	typedef unsigned short __sanitizer___kernel_uid_t;			typedef unsigned short __sanitizer___kernel_uid_t;
	typedef unsigned short __sanitizer___kernel_gid_t;			typedef unsigned short __sanitizer___kernel_gid_t;
	▲ Show 20 Lines • Show All 944 Lines • Show Last 20 Lines

compiler-rt/lib/sanitizer_common/sanitizer_platform_limits_solaris.h

Show First 20 Lines • Show All 229 Lines • ▼ Show 20 Lines	struct __sanitizer_dirent64 {
unsigned long long d_ino;		unsigned long long d_ino;
unsigned long long d_off;		unsigned long long d_off;
unsigned short d_reclen;		unsigned short d_reclen;
// more fields that we don't care about		// more fields that we don't care about
};		};

typedef long __sanitizer_clock_t;		typedef long __sanitizer_clock_t;
typedef int __sanitizer_clockid_t;		typedef int __sanitizer_clockid_t;
		typedef void *__sanitizer_timer_t;

// This thing depends on the platform. We are only interested in the upper		// This thing depends on the platform. We are only interested in the upper
// limit. Verified with a compiler assert in .cpp.		// limit. Verified with a compiler assert in .cpp.
union __sanitizer_pthread_attr_t {		union __sanitizer_pthread_attr_t {
char size[128];		char size[128];
void *align;		void *align;
};		};

▲ Show 20 Lines • Show All 251 Lines • Show Last 20 Lines

compiler-rt/test/sanitizer_common/TestCases/Posix/timer.cpp

This file was added.

// RUN: %clangxx -O0 -g %s -o %t && %run %t

// UNSUPPORTED: darwin

vitalybukaUnsubmitted

Done

// RUN: %clangxx -O0 -g %s -o %t && %run %t

+ // UNSUPPORTED: darwin

#include <assert.h>

vitalybuka:

#include <assert.h>

vitalybukaUnsubmitted

Not Done

// UNSUPPORTED: darwin

vitalybuka: // UNSUPPORTED: darwin

#include <signal.h>

#include <stdio.h>

#include <string.h>

#include <time.h>

int main(int argc, char **argv) {

struct sigevent sev {};

sev.sigev_notify = SIGEV_NONE;

timer_t timerid;

assert(timer_create(CLOCK_REALTIME, &sev, &timerid) == 0);

struct itimerspec new_value {};

new_value.it_value.tv_sec = 10;

new_value.it_value.tv_nsec = 1000000;

new_value.it_interval.tv_sec = new_value.it_value.tv_sec;

new_value.it_interval.tv_nsec = new_value.it_value.tv_nsec;

struct itimerspec old_value;

assert(timer_settime(timerid, 0, &new_value, &old_value) == 0);

assert(old_value.it_interval.tv_sec == new_value.it_interval.tv_sec);

assert(old_value.it_interval.tv_nsec == new_value.it_interval.tv_nsec);

assert(old_value.it_value.tv_sec <= new_value.it_value.tv_sec);

assert(old_value.it_value.tv_nsec <= new_value.it_value.tv_nsec);

struct itimerspec curr_value;

assert(timer_gettime(timerid, &curr_value) == 0);

assert(curr_value.it_interval.tv_sec == new_value.it_interval.tv_sec);

assert(curr_value.it_interval.tv_nsec == new_value.it_interval.tv_nsec);

assert(curr_value.it_value.tv_sec <= new_value.it_value.tv_sec);

assert(curr_value.it_value.tv_nsec <= new_value.it_value.tv_nsec);

assert(timer_delete(timerid) == 0);

return 0;

}

This is an archive of the discontinued LLVM Phabricator instance.

[MSAN] add interceptor for timer_create, timer_settime, timer_gettimeClosedPublic

Details

Diff Detail

Event Timeline

Revision Contents

Diff 414165

compiler-rt/lib/msan/tests/msan_test.cpp

compiler-rt/lib/sanitizer_common/sanitizer_common_interceptors.inc

compiler-rt/lib/sanitizer_common/sanitizer_platform_interceptors.h

compiler-rt/lib/sanitizer_common/sanitizer_platform_limits_freebsd.h

compiler-rt/lib/sanitizer_common/sanitizer_platform_limits_netbsd.h

compiler-rt/lib/sanitizer_common/sanitizer_platform_limits_posix.h

compiler-rt/lib/sanitizer_common/sanitizer_platform_limits_solaris.h

compiler-rt/test/sanitizer_common/TestCases/Posix/timer.cpp

[MSAN] add interceptor for timer_create, timer_settime, timer_gettime
ClosedPublic