This is an archive of the discontinued LLVM Phabricator instance.

Differential D147413

[sanitizer][win] Fix `Atexit()` on MinGW asan_dynamic runtime
ClosedPublic

Authored by alvinhochun on Apr 2 2023, 8:41 AM.

Details

Reviewers
mstorsjo
vitalybuka
glider
kcc
Commits
rGa54b6b33184f: [sanitizer][win] Fix `Atexit()` on MinGW asan_dynamic runtime
Summary

Some functions of asan depends on Atexit() handlers. On Windows, this
is implemented in ad3ec82bb1c7217b0187a1e16bb22642e194ce94 to queue the
handlers in a vector then register them with atexit() only after the
CRT is fully initialized. However, this is broken on MinGW with
asan_dynamic runtime due to different initialization order. This change
fixes the issue by making sure that Atexit() can call atexit()
directly past the pre-initialization phase.

This fixes two asan test cases on MinGW.

Diff Detail

Event Timeline

alvinhochun created this revision.Apr 2 2023, 8:41 AM
Herald added a project: Restricted Project. · View Herald TranscriptApr 2 2023, 8:41 AM
Herald added a subscriber: Enna1. · View Herald Transcript
alvinhochun requested review of this revision.Apr 2 2023, 8:41 AM
Herald added a project: Restricted Project. · View Herald TranscriptApr 2 2023, 8:41 AM
Herald added a subscriber: Restricted Project. · View Herald Transcript
Harbormaster completed remote builds in B223256: Diff 510355.Apr 2 2023, 8:59 AM
mstorsjo added inline comments.Apr 2 2023, 2:48 PM
compiler-rt/lib/sanitizer_common/sanitizer_win.cpp
731

So... is the root issue that C++ global constructors are executed after the .CRT$XID initializer in MSVC environments, but before in mingw environments? I believe they're supposed to be compatible, so if there's such a discrepancy, maybe we should also consider trying to fix it in mingw-w64 crt?

alvinhochun added inline comments.Apr 3 2023, 2:08 AM
compiler-rt/lib/sanitizer_common/sanitizer_win.cpp
731

No, C++ global constructors are called after .CRT$XID initializer on MinGW too. This is what I got from stepping through it:

  1. RunAtexit is called quite early.
  2. The AsanInitializer constructor is called quite late by __main -> __do_global_ctors (gccmain.c). This constructor calls AsanInitFromRtl -> AsanInitInternal -> Atexit(asan_atexit).

I do suspect on MSVC target there is something else other than the C++ global constructor that calls __asan_init early. Perhaps it may have something to do with linking with static vs dynamic CRT? (Static asan has other initializers.)

alvinhochun updated this revision to Diff 510443.Apr 3 2023, 3:35 AM

Reformat

Harbormaster completed remote builds in B223315: Diff 510443.Apr 3 2023, 3:55 AM
vitalybuka accepted this revision.Apr 3 2023, 2:02 PM
This revision is now accepted and ready to land.Apr 3 2023, 2:02 PM
Closed by commit rGa54b6b33184f: [sanitizer][win] Fix `Atexit()` on MinGW asan_dynamic runtime (authored by alvinhochun). · Explain WhyApr 10 2023, 8:21 AM
This revision was automatically updated to reflect the committed changes.
alvinhochun added a commit: rGa54b6b33184f: [sanitizer][win] Fix `Atexit()` on MinGW asan_dynamic runtime.

Revision Contents

PathSize
compiler-rt/
lib/
sanitizer_common/
13 lines
test/
asan/
TestCases/
Windows/
3 lines
3 lines

Diff 512153

compiler-rt/lib/sanitizer_common/sanitizer_win.cpp

Show First 20 LinesShow All 712 Lines▼ Show 20 Lines
void ListOfModules::fallbackInit() { clear(); } void ListOfModules::fallbackInit() { clear(); }
// We can't use atexit() directly at __asan_init time as the CRT is not fully // We can't use atexit() directly at __asan_init time as the CRT is not fully
// initialized at this point. Place the functions into a vector and use // initialized at this point. Place the functions into a vector and use
// atexit() as soon as it is ready for use (i.e. after .CRT$XIC initializers). // atexit() as soon as it is ready for use (i.e. after .CRT$XIC initializers).
InternalMmapVectorNoCtor<void (*)(void)> atexit_functions; InternalMmapVectorNoCtor<void (*)(void)> atexit_functions;
int Atexit(void (*function)(void)) { static int queueAtexit(void (*function)(void)) {
atexit_functions.push_back(function); atexit_functions.push_back(function);
return 0; return 0;
} }
// If Atexit() is being called after RunAtexit() has already been run, it needs
// to be able to call atexit() directly. Here we use a function ponter to
// switch out its behaviour.
// An example of where this is needed is the asan_dynamic runtime on MinGW-w64.
// On this environment, __asan_init is called during global constructor phase,
// way after calling the .CRT$XID initializer.
mstorsjoUnsubmitted
Not Done
ReplyInline Actions

So... is the root issue that C++ global constructors are executed after the .CRT$XID initializer in MSVC environments, but before in mingw environments? I believe they're supposed to be compatible, so if there's such a discrepancy, maybe we should also consider trying to fix it in mingw-w64 crt?

mstorsjo: So... is the root issue that C++ global constructors are executed after the `.CRT$XID`…
alvinhochunAuthorUnsubmitted
Done
ReplyInline Actions

No, C++ global constructors are called after .CRT$XID initializer on MinGW too. This is what I got from stepping through it:

  1. RunAtexit is called quite early.
  2. The AsanInitializer constructor is called quite late by __main -> __do_global_ctors (gccmain.c). This constructor calls AsanInitFromRtl -> AsanInitInternal -> Atexit(asan_atexit).

I do suspect on MSVC target there is something else other than the C++ global constructor that calls __asan_init early. Perhaps it may have something to do with linking with static vs dynamic CRT? (Static asan has other initializers.)

alvinhochun: No, C++ global constructors are called after `.CRT$XID` initializer on MinGW too. This is what…
static int (*volatile queueOrCallAtExit)(void (*)(void)) = &queueAtexit;
int Atexit(void (*function)(void)) { return queueOrCallAtExit(function); }
static int RunAtexit() { static int RunAtexit() {
TraceLoggingUnregister(g_asan_provider); TraceLoggingUnregister(g_asan_provider);
queueOrCallAtExit = &atexit;
int ret = 0; int ret = 0;
for (uptr i = 0; i < atexit_functions.size(); ++i) { for (uptr i = 0; i < atexit_functions.size(); ++i) {
ret |= atexit(atexit_functions[i]); ret |= atexit(atexit_functions[i]);
} }
return ret; return ret;
} }
#pragma section(".CRT$XID", long, read) #pragma section(".CRT$XID", long, read)
▲ Show 20 LinesShow All 456 LinesShow Last 20 Lines

compiler-rt/test/asan/TestCases/Windows/coverage-basic.cpp

// RUN: rm -rf %t-dir // RUN: rm -rf %t-dir
// RUN: mkdir %t-dir && cd %t-dir // RUN: mkdir %t-dir && cd %t-dir
// RUN: %clangxx_asan -fsanitize-coverage=func,trace-pc-guard %s -o test.exe // RUN: %clangxx_asan -fsanitize-coverage=func,trace-pc-guard %s -o test.exe
// RUN: %env_asan_opts=coverage=1 %run ./test.exe // RUN: %env_asan_opts=coverage=1 %run ./test.exe
// //
// RUN: %sancov print *.sancov | FileCheck %s // RUN: %sancov print *.sancov | FileCheck %s
// FIXME: Investigate failure on MinGW.
// XFAIL: target={{.*-windows-gnu}}
#include <stdio.h> #include <stdio.h>
void foo() { fputs("FOO", stderr); } void foo() { fputs("FOO", stderr); }
void bar() { fputs("BAR", stderr); } void bar() { fputs("BAR", stderr); }
int main(int argc, char **argv) { int main(int argc, char **argv) {
if (argc == 2) { if (argc == 2) {
foo(); foo();
Show All 11 Lines

compiler-rt/test/asan/TestCases/atexit_stats.cpp

// Make sure we report atexit stats. // Make sure we report atexit stats.
// RUN: %clangxx_asan -O3 %s -o %t // RUN: %clangxx_asan -O3 %s -o %t
// RUN: %env_asan_opts=atexit=1:print_stats=1 %run %t 2>&1 | FileCheck %s // RUN: %env_asan_opts=atexit=1:print_stats=1 %run %t 2>&1 | FileCheck %s
// //
// No atexit output in older versions of Android due to // No atexit output in older versions of Android due to
// https://code.google.com/p/address-sanitizer/issues/detail?id=263 // https://code.google.com/p/address-sanitizer/issues/detail?id=263
// UNSUPPORTED: android // UNSUPPORTED: android
// FIXME: Investigate failure on MinGW.
// XFAIL: target={{.*-windows-gnu}}
#include <stdlib.h> #include <stdlib.h>
#if !defined(__APPLE__) && !defined(__FreeBSD__) && !defined(__NetBSD__) #if !defined(__APPLE__) && !defined(__FreeBSD__) && !defined(__NetBSD__)
#include <malloc.h> #include <malloc.h>
#endif #endif
int *p1 = (int*)malloc(900); int *p1 = (int*)malloc(900);
int *p2 = (int*)malloc(90000); int *p2 = (int*)malloc(90000);
int *p3 = (int*)malloc(9000000); int *p3 = (int*)malloc(9000000);
int main() { } int main() { }
// CHECK: AddressSanitizer exit stats: // CHECK: AddressSanitizer exit stats: