This is an archive of the discontinued LLVM Phabricator instance.

Differential D149085

[HWASAN] Fix TLS + signal handling related crash
ClosedPublic

Authored by kstoimenov on Apr 24 2023, 12:27 PM.

Download Raw Diff

Details

Reviewers

vitalybuka

Commits

rG7d5e6b4bc7f8: [HWASAN] Fix TLS + signal handling related crash

Summary

When a signal is raised before HWASAN has a chance to initialize it's TLS entry the program crashes. This only happens when hwasan-with-tls is true, which is default value. This patch fixes the problem by disabling signals during thread initialization time.

Diff Detail

Repository: rG LLVM Github Monorepo

Event Timeline

kstoimenov created this revision.Apr 24 2023, 12:27 PM

Herald added a project: Restricted Project. · View Herald TranscriptApr 24 2023, 12:27 PM

Herald added a subscriber: Enna1. · View Herald Transcript

kstoimenov requested review of this revision.Apr 24 2023, 12:27 PM

Herald added a project: Restricted Project. · View Herald TranscriptApr 24 2023, 12:27 PM

Herald added a subscriber: Restricted Project. · View Herald Transcript

kstoimenov added a reviewer: vitalybuka.Apr 24 2023, 12:28 PM

Harbormaster completed remote builds in B227792: Diff 516496.Apr 24 2023, 12:45 PM

It would be awesome to have a test, but here D113328 I failed to make reproducer for the similar patch.

compiler-rt/lib/hwasan/hwasan_interceptors.cpp
48–49	Up to you, but I guess you still can keep *A = {callback, param}; it should zero initialize the tail
48–49	for consistency, as it makes no difference with the current state of code I'd either remove { }, or move block under {}

This revision is now accepted and ready to land.Apr 24 2023, 1:57 PM

the description formatting as is will not look good in "git log"

vitalybuka added inline comments.Apr 24 2023, 2:06 PM

compiler-rt/lib/hwasan/hwasan_interceptors.cpp
47–48	unrelated to the patch, but this could be a source of subtle leaks Imagine: caller allocate param on head pass it into pthread_create forget the pointer Lsan checks for leaks HwasanThreadStartFunc executed so if lsan checks in the step 4, heap allocated param pointer is only in the mapped region, which lsan can't see, and before __hwasan_thread_enter the new thread is not visible to lsan as well

Addressed comments.

vitalybuka accepted this revision.Apr 24 2023, 4:40 PM

kstoimenov retitled this revision from [HWASAN] Fix a crash when a singal is raised before HWASAN TLS is initialized by disabling singals at thread start time. to [HWASAN] Fix signal handling related HWASAN crash.Apr 24 2023, 4:40 PM

kstoimenov edited the summary of this revision. (Show Details)

kstoimenov retitled this revision from [HWASAN] Fix signal handling related HWASAN crash to [HWASAN] Fix TLS + signal handling related crash.

Harbormaster completed remote builds in B227849: Diff 516575.Apr 24 2023, 4:58 PM

Closed by commit rG7d5e6b4bc7f8: [HWASAN] Fix TLS + signal handling related crash (authored by kstoimenov). · Explain WhyApr 26 2023, 11:08 AM

This revision was automatically updated to reflect the committed changes.

kstoimenov marked an inline comment as done.

kstoimenov added a commit: rG7d5e6b4bc7f8: [HWASAN] Fix TLS + signal handling related crash.

Revision Contents

Path

Size

compiler-rt/

lib/

hwasan/

hwasan_interceptors.cpp

19 lines

Diff 517245

compiler-rt/lib/hwasan/hwasan_interceptors.cpp

	//===-- hwasan_interceptors.cpp -------------------------------------------===//			//===-- hwasan_interceptors.cpp -------------------------------------------===//
	//			//
	// Part of the LLVM Project, under the Apache License v2.0 with LLVM Exceptions.			// Part of the LLVM Project, under the Apache License v2.0 with LLVM Exceptions.
	// See https://llvm.org/LICENSE.txt for license information.			// See https://llvm.org/LICENSE.txt for license information.
	// SPDX-License-Identifier: Apache-2.0 WITH LLVM-exception			// SPDX-License-Identifier: Apache-2.0 WITH LLVM-exception
	//			//
	//===----------------------------------------------------------------------===//			//===----------------------------------------------------------------------===//
	//			//
	// This file is a part of HWAddressSanitizer.			// This file is a part of HWAddressSanitizer.
	//			//
	// Interceptors for standard library functions.			// Interceptors for standard library functions.
	//			//
	// FIXME: move as many interceptors as possible into			// FIXME: move as many interceptors as possible into
	// sanitizer_common/sanitizer_common_interceptors.h			// sanitizer_common/sanitizer_common_interceptors.h
	//===----------------------------------------------------------------------===//			//===----------------------------------------------------------------------===//

	#include "interception/interception.h"
	#include "hwasan.h"			#include "hwasan.h"
	#include "hwasan_thread.h"			#include "hwasan_thread.h"
				#include "interception/interception.h"
				#include "sanitizer_common/sanitizer_linux.h"
	#include "sanitizer_common/sanitizer_stackdepot.h"			#include "sanitizer_common/sanitizer_stackdepot.h"

	#if !SANITIZER_FUCHSIA			#if !SANITIZER_FUCHSIA

	using namespace __hwasan;			using namespace __hwasan;

	#if HWASAN_WITH_INTERCEPTORS			#if HWASAN_WITH_INTERCEPTORS

	struct ThreadStartArg {			struct ThreadStartArg {
	thread_callback_t callback;			thread_callback_t callback;
	void *param;			void *param;
				__sanitizer_sigset_t starting_sigset_;
	};			};

	static void HwasanThreadStartFunc(void arg) {			static void HwasanThreadStartFunc(void arg) {
	__hwasan_thread_enter();			__hwasan_thread_enter();
	ThreadStartArg A = reinterpret_cast<ThreadStartArg>(arg);			ThreadStartArg A = reinterpret_cast<ThreadStartArg>(arg);
				SetSigProcMask(&A.starting_sigset_, nullptr);
	UnmapOrDie(arg, GetPageSizeCached());			UnmapOrDie(arg, GetPageSizeCached());
	return A.callback(A.param);			return A.callback(A.param);
	}			}

	INTERCEPTOR(int, pthread_create, void th, void attr, void (callback)(void*),			INTERCEPTOR(int, pthread_create, void th, void attr, void (callback)(void*),
	void * param) {			void * param) {
	EnsureMainThreadIDIsCorrect();			EnsureMainThreadIDIsCorrect();
	ScopedTaggingDisabler tagging_disabler;			ScopedTaggingDisabler tagging_disabler;
	ThreadStartArg A = reinterpret_cast<ThreadStartArg > (MmapOrDie(			ThreadStartArg A = reinterpret_cast<ThreadStartArg > (MmapOrDie(
	GetPageSizeCached(), "pthread_create"));			GetPageSizeCached(), "pthread_create"));
				vitalybukaUnsubmitted Not Done Reply Inline Actions unrelated to the patch, but this could be a source of subtle leaks Imagine: caller allocate param on head pass it into pthread_create forget the pointer Lsan checks for leaks HwasanThreadStartFunc executed so if lsan checks in the step 4, heap allocated param pointer is only in the mapped region, which lsan can't see, and before __hwasan_thread_enter the new thread is not visible to lsan as well vitalybuka: unrelated to the patch, but this could be a source of subtle leaks Imagine: 1. caller allocate…
	*A = {callback, param};			A->callback = callback;
				vitalybukaUnsubmitted Not Done Reply Inline Actions Up to you, but I guess you still can keep A = {callback, param}; it should zero initialize the tail vitalybuka:* Up to you, but I guess you still can keep *A = {callback, param}; it should zero initialize the…
				vitalybukaUnsubmitted Done Reply Inline Actions for consistency, as it makes no difference with the current state of code I'd either remove { }, or move block under {} vitalybuka: for consistency, as it makes no difference with the current state of code I'd either remove { }…
	int res;			A->param = param;
	{			ScopedBlockSignals block(&A->starting_sigset_);
	// ASAN uses the same approach to disable leaks from pthread_create.			// ASAN uses the same approach to disable leaks from pthread_create.
	# if CAN_SANITIZE_LEAKS			# if CAN_SANITIZE_LEAKS
	__lsan::ScopedInterceptorDisabler lsan_disabler;			__lsan::ScopedInterceptorDisabler lsan_disabler;
	# endif			# endif
	res = REAL(pthread_create)(th, attr, &HwasanThreadStartFunc, A);			return REAL(pthread_create)(th, attr, &HwasanThreadStartFunc, A);
	}
	return res;
	}			}

	INTERCEPTOR(int, pthread_join, void t, void *arg) {			INTERCEPTOR(int, pthread_join, void t, void *arg) {
	return REAL(pthread_join)(t, arg);			return REAL(pthread_join)(t, arg);
	}			}

	DEFINE_REAL_PTHREAD_FUNCTIONS			DEFINE_REAL_PTHREAD_FUNCTIONS

	▲ Show 20 Lines • Show All 199 Lines • Show Last 20 Lines