This is an archive of the discontinued LLVM Phabricator instance.

[sanitizer][esan] Add internal_sigaction_syscall
ClosedPublic

Authored by bruening on Jun 7 2016, 10:01 AM.

Download Raw Diff

Details

Reviewers

Commits

Summary

Adds a version of sigaction that uses a raw system call, to avoid circular
dependencies and support calling sigaction prior to setting up
interceptors. The new sigaction relies on an assembly sigreturn routine
for its restorer, which is Linux x86_64-only for now.

Uses the new sigaction to initialize the working set tool's shadow fault
handler prior to libc interceptor being set up. This is required to
support instrumentation invoked during interceptor setup, which happens
with tcmalloc.

Diff Detail

Repository: rL LLVM

Event Timeline

bruening updated this revision to Diff 59903.Jun 7 2016, 10:01 AM

bruening retitled this revision from to [sanitizer][esan] Add internal_sigaction_syscall.

bruening updated this object.

bruening added a reviewer: aizatsky.

bruening added subscribers: llvm-commits, eugenis, kcc and 2 others.

Herald added subscribers: kubamracek, srhines, danalbert, tberghammer. · View Herald TranscriptJun 7 2016, 10:01 AM

Derek,

I feel that this definitely needs a test. Can you craft something up?

lib/sanitizer_common/sanitizer_linux.cc
683 ↗	(On Diff #59903)	replace #ifs with ifs.

aizatsky requested changes to this revision.Jun 7 2016, 1:54 PM

aizatsky edited edge metadata.

This revision now requires changes to proceed.Jun 7 2016, 1:54 PM

I feel that this definitely needs a test. Can you craft something up?

Agreed, these changes to handle various native allocators are getting complex and messy. I do not want to pull tcmalloc into compiler-rt so I will see what I can do with a targeted test.

Add a test that emulates an instrumented allocator.

bruening added inline comments.Jun 8 2016, 10:31 AM

lib/sanitizer_common/sanitizer_linux.cc
683 ↗	(On Diff #60063)	Please elaborate: you're saying there are variables available to get the platform and that's preferable to the preprocessor defines? These preprocessor defines are what all the surrounding routines are using for this same type of code, so I'm not sure what other method you're suggesting.

aizatsky added inline comments.Jun 9 2016, 3:23 PM

lib/sanitizer_common/sanitizer_linux.cc
670 ↗	(On Diff #60063)	Is the only difference between this and internal_sigaction_norestorer the handling of sa_restorer? Can you eliminate this duplication and reuse the code?
683 ↗	(On Diff #60063)	Please disregard my comment. #ifs clearly guard fields access for undefined fields I guess.

Shares code between the two sigaction routines.

PTAL

aizatsky accepted this revision.Jun 10 2016, 4:06 PM

aizatsky edited edge metadata.

This revision is now accepted and ready to land.Jun 10 2016, 4:06 PM

Closed by commit rL272553: [sanitizer][esan] Add internal_sigaction_syscall (authored by bruening). · Explain WhyJun 13 2016, 8:49 AM

This revision was automatically updated to reflect the committed changes.

Revision Contents

Path

Size

compiler-rt/

trunk/

lib/

esan/

esan.cpp

3 lines

esan_interceptors.cpp

6 lines

working_set.h

1 line

working_set.cpp

5 lines

sanitizer_common/

CMakeLists.txt

12 lines

sanitizer_linux.h

4 lines

sanitizer_linux.cc

26 lines

sanitizer_linux_x86_64.S

25 lines

test/

esan/

TestCases/

workingset-early-fault.c

33 lines

Diff 60538

compiler-rt/trunk/lib/esan/esan.cpp

Show First 20 Lines • Show All 191 Lines • ▼ Show 20 Lines	void initializeLibrary(ToolType Tool) {

VPrintf(1, "in esan::%s\n", __FUNCTION__);		VPrintf(1, "in esan::%s\n", __FUNCTION__);
if (__esan_which_tool <= ESAN_None \|\| __esan_which_tool >= ESAN_Max) {		if (__esan_which_tool <= ESAN_None \|\| __esan_which_tool >= ESAN_Max) {
Printf("ERROR: unknown tool %d requested\n", __esan_which_tool);		Printf("ERROR: unknown tool %d requested\n", __esan_which_tool);
Die();		Die();
}		}

initializeShadow();		initializeShadow();
		if (__esan_which_tool == ESAN_WorkingSet)
		initializeShadowWorkingSet();

initializeInterceptors();		initializeInterceptors();

if (__esan_which_tool == ESAN_CacheFrag) {		if (__esan_which_tool == ESAN_CacheFrag) {
initializeCacheFrag();		initializeCacheFrag();
} else if (__esan_which_tool == ESAN_WorkingSet) {		} else if (__esan_which_tool == ESAN_WorkingSet) {
initializeWorkingSet();		initializeWorkingSet();
}		}

Show All 37 Lines

compiler-rt/trunk/lib/esan/esan_interceptors.cpp

Show All 11 Lines
// Interception routines for the esan run-time.		// Interception routines for the esan run-time.
//===----------------------------------------------------------------------===//		//===----------------------------------------------------------------------===//

#include "esan.h"		#include "esan.h"
#include "esan_shadow.h"		#include "esan_shadow.h"
#include "interception/interception.h"		#include "interception/interception.h"
#include "sanitizer_common/sanitizer_common.h"		#include "sanitizer_common/sanitizer_common.h"
#include "sanitizer_common/sanitizer_libc.h"		#include "sanitizer_common/sanitizer_libc.h"
		#include "sanitizer_common/sanitizer_linux.h"
#include "sanitizer_common/sanitizer_stacktrace.h"		#include "sanitizer_common/sanitizer_stacktrace.h"

using namespace __esan; // NOLINT		using namespace __esan; // NOLINT

#define CUR_PC() (StackTrace::GetCurrentPc())		#define CUR_PC() (StackTrace::GetCurrentPc())

//===----------------------------------------------------------------------===//		//===----------------------------------------------------------------------===//
// Interception via sanitizer common interceptors		// Interception via sanitizer common interceptors
▲ Show 20 Lines • Show All 364 Lines • ▼ Show 20 Lines	if (!processSigaction(signum, act, oldact))
return 0;		return 0;
else		else
return REAL(sigaction)(signum, act, oldact);		return REAL(sigaction)(signum, act, oldact);
}		}

// This is required to properly use internal_sigaction.		// This is required to properly use internal_sigaction.
namespace __sanitizer {		namespace __sanitizer {
int real_sigaction(int signum, const void act, void oldact) {		int real_sigaction(int signum, const void act, void oldact) {
		if (REAL(sigaction) == nullptr) {
		// With an instrumented allocator, this is called during interceptor init
		// and we need a raw syscall solution.
		return internal_sigaction_syscall(signum, act, oldact);
		}
return REAL(sigaction)(signum, (const struct sigaction *)act,		return REAL(sigaction)(signum, (const struct sigaction *)act,
(struct sigaction *)oldact);		(struct sigaction *)oldact);
}		}
} // namespace __sanitizer		} // namespace __sanitizer

#define ESAN_MAYBE_INTERCEPT_SIGACTION INTERCEPT_FUNCTION(sigaction)		#define ESAN_MAYBE_INTERCEPT_SIGACTION INTERCEPT_FUNCTION(sigaction)
#else		#else
#error Platform not supported		#error Platform not supported
▲ Show 20 Lines • Show All 89 Lines • Show Last 20 Lines

compiler-rt/trunk/lib/esan/working_set.h

	Show All 15 Lines
	#define WORKING_SET_H			#define WORKING_SET_H

	#include "interception/interception.h"			#include "interception/interception.h"
	#include "sanitizer_common/sanitizer_internal_defs.h"			#include "sanitizer_common/sanitizer_internal_defs.h"

	namespace __esan {			namespace __esan {

	void initializeWorkingSet();			void initializeWorkingSet();
				void initializeShadowWorkingSet();
	int finalizeWorkingSet();			int finalizeWorkingSet();
	void processRangeAccessWorkingSet(uptr PC, uptr Addr, SIZE_T Size,			void processRangeAccessWorkingSet(uptr PC, uptr Addr, SIZE_T Size,
	bool IsWrite);			bool IsWrite);

	// Platform-dependent.			// Platform-dependent.
	void registerMemoryFaultHandler();			void registerMemoryFaultHandler();
	bool processWorkingSetSignal(int SigNum, void (*Handler)(int),			bool processWorkingSetSignal(int SigNum, void (*Handler)(int),
	void (**Result)(int));			void (**Result)(int));
	bool processWorkingSetSigaction(int SigNum, const void Act, void OldAct);			bool processWorkingSetSigaction(int SigNum, const void Act, void OldAct);

	} // namespace __esan			} // namespace __esan

	#endif // WORKING_SET_H			#endif // WORKING_SET_H

compiler-rt/trunk/lib/esan/working_set.cpp

Show First 20 Lines • Show All 176 Lines • ▼ Show 20 Lines	while (BitIdx <= MaxAccumBitIdx && (SnapshotNum % Freq) == 0) {
VReport(1, "%s: snapshot #%5d bit %d freq %4d: %8u\n", SanitizerToolName,		VReport(1, "%s: snapshot #%5d bit %d freq %4d: %8u\n", SanitizerToolName,
SnapshotNum, BitIdx, Freq, NumLines);		SnapshotNum, BitIdx, Freq, NumLines);
SizePerFreq[BitIdx].push_back(NumLines);		SizePerFreq[BitIdx].push_back(NumLines);
Freq = Freq << getFlags()->snapshot_step;		Freq = Freq << getFlags()->snapshot_step;
BitIdx++;		BitIdx++;
}		}
}		}

void initializeWorkingSet() {		// Initialization that must be done before any instrumented code is executed.
		void initializeShadowWorkingSet() {
CHECK(getFlags()->cache_line_size == CacheLineSize);		CHECK(getFlags()->cache_line_size == CacheLineSize);
registerMemoryFaultHandler();		registerMemoryFaultHandler();
		}

		void initializeWorkingSet() {
if (getFlags()->record_snapshots) {		if (getFlags()->record_snapshots) {
for (u32 i = 0; i < NumFreq; ++i)		for (u32 i = 0; i < NumFreq; ++i)
SizePerFreq[i].initialize(CircularBufferSizes[i]);		SizePerFreq[i].initialize(CircularBufferSizes[i]);
Thread.launchThread(takeSample, nullptr, getFlags()->sample_freq);		Thread.launchThread(takeSample, nullptr, getFlags()->sample_freq);
}		}
}		}

static u32 getPeriodForPrinting(u32 MilliSec, const char *&Unit) {		static u32 getPeriodForPrinting(u32 MilliSec, const char *&Unit) {
▲ Show 20 Lines • Show All 59 Lines • Show Last 20 Lines

compiler-rt/trunk/lib/sanitizer_common/CMakeLists.txt

	# Build system for the common Sanitizer runtime support library components.			# Build system for the common Sanitizer runtime support library components.
	# These components are shared between AddressSanitizer and ThreadSanitizer.			# These components are shared between AddressSanitizer and ThreadSanitizer.

	set(SANITIZER_SOURCES_NOTERMINATION			set(SANITIZER_SOURCES_NOTERMINATION
	sanitizer_allocator.cc			sanitizer_allocator.cc
	sanitizer_common.cc			sanitizer_common.cc
	sanitizer_deadlock_detector1.cc			sanitizer_deadlock_detector1.cc
	sanitizer_deadlock_detector2.cc			sanitizer_deadlock_detector2.cc
	sanitizer_flags.cc			sanitizer_flags.cc
	sanitizer_flag_parser.cc			sanitizer_flag_parser.cc
	sanitizer_libc.cc			sanitizer_libc.cc
	sanitizer_libignore.cc			sanitizer_libignore.cc
	sanitizer_linux.cc			sanitizer_linux.cc
	sanitizer_linux_s390.cc			sanitizer_linux_s390.cc
				sanitizer_linux_x86_64.S
	sanitizer_mac.cc			sanitizer_mac.cc
	sanitizer_persistent_allocator.cc			sanitizer_persistent_allocator.cc
	sanitizer_platform_limits_linux.cc			sanitizer_platform_limits_linux.cc
	sanitizer_platform_limits_posix.cc			sanitizer_platform_limits_posix.cc
	sanitizer_posix.cc			sanitizer_posix.cc
	sanitizer_printf.cc			sanitizer_printf.cc
	sanitizer_procmaps_common.cc			sanitizer_procmaps_common.cc
	sanitizer_procmaps_freebsd.cc			sanitizer_procmaps_freebsd.cc
	▲ Show 20 Lines • Show All 105 Lines • ▼ Show 20 Lines
	set(SANITIZER_CFLAGS ${SANITIZER_COMMON_CFLAGS})			set(SANITIZER_CFLAGS ${SANITIZER_COMMON_CFLAGS})
	append_rtti_flag(OFF SANITIZER_CFLAGS)			append_rtti_flag(OFF SANITIZER_CFLAGS)

	append_list_if(SANITIZER_LIMIT_FRAME_SIZE -Wframe-larger-than=570			append_list_if(SANITIZER_LIMIT_FRAME_SIZE -Wframe-larger-than=570
	SANITIZER_CFLAGS)			SANITIZER_CFLAGS)
	append_list_if(COMPILER_RT_HAS_WGLOBAL_CONSTRUCTORS_FLAG -Wglobal-constructors			append_list_if(COMPILER_RT_HAS_WGLOBAL_CONSTRUCTORS_FLAG -Wglobal-constructors
	SANITIZER_CFLAGS)			SANITIZER_CFLAGS)

				if (LLVM_ENABLE_PEDANTIC)
				# With -pedantic, our .S files raise warnings about empty macro arguments
				# from __USER_LABEL_PREFIX__ being an empty arg to GLUE(). Unfortunately,
				# there is no simple way to test for an empty define, nor to disable just
				# that warning or to disable -pedantic. There is also no simple way to
				# remove -pedantic from just this file (we'd have to remove from
				# CMAKE_C*_FLAGS and re-add as a source property to all the non-.S files).
				set_source_files_properties(sanitizer_linux_x86_64.S
				PROPERTIES COMPILE_FLAGS "-w")
				endif ()

	if(APPLE)			if(APPLE)
	set(OS_OPTION OS ${SANITIZER_COMMON_SUPPORTED_OS})			set(OS_OPTION OS ${SANITIZER_COMMON_SUPPORTED_OS})
	endif()			endif()

	add_compiler_rt_object_libraries(RTSanitizerCommon			add_compiler_rt_object_libraries(RTSanitizerCommon
	${OS_OPTION}			${OS_OPTION}
	ARCHS ${SANITIZER_COMMON_SUPPORTED_ARCH}			ARCHS ${SANITIZER_COMMON_SUPPORTED_ARCH}
	SOURCES ${SANITIZER_SOURCES}			SOURCES ${SANITIZER_SOURCES}
	Show All 25 Lines

compiler-rt/trunk/lib/sanitizer_common/sanitizer_linux.h

	Show All 36 Lines

	// Linux-only syscalls.			// Linux-only syscalls.
	#if SANITIZER_LINUX			#if SANITIZER_LINUX
	uptr internal_prctl(int option, uptr arg2, uptr arg3, uptr arg4, uptr arg5);			uptr internal_prctl(int option, uptr arg2, uptr arg3, uptr arg4, uptr arg5);
	// Used only by sanitizer_stoptheworld. Signal handlers that are actually used			// Used only by sanitizer_stoptheworld. Signal handlers that are actually used
	// (like the process-wide error reporting SEGV handler) must use			// (like the process-wide error reporting SEGV handler) must use
	// internal_sigaction instead.			// internal_sigaction instead.
	int internal_sigaction_norestorer(int signum, const void act, void oldact);			int internal_sigaction_norestorer(int signum, const void act, void oldact);
				#if defined(__x86_64__) && !SANITIZER_GO
				// Uses a raw system call to avoid interceptors.
				int internal_sigaction_syscall(int signum, const void act, void oldact);
				#endif
	void internal_sigdelset(__sanitizer_sigset_t *set, int signum);			void internal_sigdelset(__sanitizer_sigset_t *set, int signum);
	#if defined(__x86_64__) \|\| defined(__mips__) \|\| defined(__aarch64__) \			#if defined(__x86_64__) \|\| defined(__mips__) \|\| defined(__aarch64__) \
	\|\| defined(__powerpc64__) \|\| defined(__s390__)			\|\| defined(__powerpc64__) \|\| defined(__s390__)
	uptr internal_clone(int (fn)(void ), void child_stack, int flags, void arg,			uptr internal_clone(int (fn)(void ), void child_stack, int flags, void arg,
	int parent_tidptr, void newtls, int *child_tidptr);			int parent_tidptr, void newtls, int *child_tidptr);
	#endif			#endif
	#endif // SANITIZER_LINUX			#endif // SANITIZER_LINUX

	Show All 37 Lines

compiler-rt/trunk/lib/sanitizer_common/sanitizer_linux.cc

Show First 20 Lines • Show All 93 Lines • ▼ Show 20 Lines
// but it still needs to use 64-bit syscalls.		// but it still needs to use 64-bit syscalls.
#if SANITIZER_LINUX && (defined(__x86_64__) \|\| defined(__powerpc64__) \|\| \		#if SANITIZER_LINUX && (defined(__x86_64__) \|\| defined(__powerpc64__) \|\| \
SANITIZER_WORDSIZE == 64)		SANITIZER_WORDSIZE == 64)
# define SANITIZER_LINUX_USES_64BIT_SYSCALLS 1		# define SANITIZER_LINUX_USES_64BIT_SYSCALLS 1
#else		#else
# define SANITIZER_LINUX_USES_64BIT_SYSCALLS 0		# define SANITIZER_LINUX_USES_64BIT_SYSCALLS 0
#endif		#endif

		#if defined(__x86_64__)
		extern "C" {
		extern void internal_sigreturn();
		}
		#endif

namespace __sanitizer {		namespace __sanitizer {

#if SANITIZER_LINUX && defined(__x86_64__)		#if SANITIZER_LINUX && defined(__x86_64__)
#include "sanitizer_syscall_linux_x86_64.inc"		#include "sanitizer_syscall_linux_x86_64.inc"
#elif SANITIZER_LINUX && defined(__aarch64__)		#elif SANITIZER_LINUX && defined(__aarch64__)
#include "sanitizer_syscall_linux_aarch64.inc"		#include "sanitizer_syscall_linux_aarch64.inc"
#else		#else
#include "sanitizer_syscall_generic.inc"		#include "sanitizer_syscall_generic.inc"
▲ Show 20 Lines • Show All 501 Lines • ▼ Show 20 Lines	#if SANITIZER_USES_CANONICAL_LINUX_SYSCALLS
return internal_syscall(SYSCALL(clone), SIGCHLD, 0);		return internal_syscall(SYSCALL(clone), SIGCHLD, 0);
#else		#else
return internal_syscall(SYSCALL(fork));		return internal_syscall(SYSCALL(fork));
#endif		#endif
}		}

#if SANITIZER_LINUX		#if SANITIZER_LINUX
#define SA_RESTORER 0x04000000		#define SA_RESTORER 0x04000000
// Doesn't set sa_restorer, use with caution (see below).		// Doesn't set sa_restorer if the caller did not set it, so use with caution
		//(see below).
int internal_sigaction_norestorer(int signum, const void act, void oldact) {		int internal_sigaction_norestorer(int signum, const void act, void oldact) {
__sanitizer_kernel_sigaction_t k_act, k_oldact;		__sanitizer_kernel_sigaction_t k_act, k_oldact;
internal_memset(&k_act, 0, sizeof(__sanitizer_kernel_sigaction_t));		internal_memset(&k_act, 0, sizeof(__sanitizer_kernel_sigaction_t));
internal_memset(&k_oldact, 0, sizeof(__sanitizer_kernel_sigaction_t));		internal_memset(&k_oldact, 0, sizeof(__sanitizer_kernel_sigaction_t));
const __sanitizer_sigaction u_act = (const __sanitizer_sigaction )act;		const __sanitizer_sigaction u_act = (const __sanitizer_sigaction )act;
__sanitizer_sigaction u_oldact = (__sanitizer_sigaction )oldact;		__sanitizer_sigaction u_oldact = (__sanitizer_sigaction )oldact;
if (u_act) {		if (u_act) {
k_act.handler = u_act->handler;		k_act.handler = u_act->handler;
Show All 27 Lines	internal_memcpy(&u_oldact->sa_mask, &k_oldact.sa_mask,
sizeof(__sanitizer_kernel_sigset_t));		sizeof(__sanitizer_kernel_sigset_t));
u_oldact->sa_flags = k_oldact.sa_flags;		u_oldact->sa_flags = k_oldact.sa_flags;
#if !SANITIZER_ANDROID \|\| !SANITIZER_MIPS32		#if !SANITIZER_ANDROID \|\| !SANITIZER_MIPS32
u_oldact->sa_restorer = k_oldact.sa_restorer;		u_oldact->sa_restorer = k_oldact.sa_restorer;
#endif		#endif
}		}
return result;		return result;
}		}

		// Invokes sigaction via a raw syscall with a restorer, but does not support
		// all platforms yet.
		// We disable for Go simply because we have not yet added to buildgo.sh.
		#if defined(__x86_64__) && !SANITIZER_GO
		int internal_sigaction_syscall(int signum, const void act, void oldact) {
		__sanitizer_sigaction u_adjust;
		internal_memcpy(&u_adjust, act, sizeof(u_adjust));
		#if !SANITIZER_ANDROID \|\| !SANITIZER_MIPS32
		if (u_adjust.sa_restorer == nullptr) {
		u_adjust.sa_restorer = internal_sigreturn;
		}
		#endif
		return internal_sigaction_norestorer(signum, (const void *)&u_adjust,
		oldact);
		}
		#endif // defined(__x86_64__) && !SANITIZER_GO
#endif // SANITIZER_LINUX		#endif // SANITIZER_LINUX

uptr internal_sigprocmask(int how, __sanitizer_sigset_t *set,		uptr internal_sigprocmask(int how, __sanitizer_sigset_t *set,
__sanitizer_sigset_t *oldset) {		__sanitizer_sigset_t *oldset) {
#if SANITIZER_FREEBSD		#if SANITIZER_FREEBSD
return internal_syscall(SYSCALL(sigprocmask), how, set, oldset);		return internal_syscall(SYSCALL(sigprocmask), how, set, oldset);
#else		#else
__sanitizer_kernel_sigset_t k_set = (__sanitizer_kernel_sigset_t )set;		__sanitizer_kernel_sigset_t k_set = (__sanitizer_kernel_sigset_t )set;
▲ Show 20 Lines • Show All 687 Lines • Show Last 20 Lines

compiler-rt/trunk/lib/sanitizer_common/sanitizer_linux_x86_64.S

				// This file is dual licensed under the MIT and the University of Illinois Open
				// Source Licenses. See LICENSE.TXT for details.

				// Avoid being marked as needing an executable stack:
				#if defined(__linux__) && defined(__ELF__)
				.section .note.GNU-stack,"",%progbits
				#endif

				// Further contents are x86_64-only:
				#if defined(__linux__) && defined(__x86_64__)

				#include "../builtins/assembly.h"

				// If the "naked" function attribute were supported for x86 we could
				// do this via inline asm.
				.text
				.balign 4
				DEFINE_COMPILERRT_FUNCTION(internal_sigreturn)
				mov $0xf, %eax // 0xf == SYS_rt_sigreturn
				mov %rcx, %r10
				syscall
				ret // Won't normally reach here.
				END_COMPILERRT_FUNCTION(internal_sigreturn)

				#endif // defined(__linux__) && defined(__x86_64__)

compiler-rt/trunk/test/esan/TestCases/workingset-early-fault.c

Property	Old Value	New Value
svn:eol-style	null	LF

				// Test shadow faults during esan initialization as well as
				// faults during dlsym's calloc during interceptor init.
				//
				// RUN: %clang_esan_wset %s -o %t
				// RUN: %run %t 2>&1 \| FileCheck %s

				#include <stdio.h>
				#include <stdlib.h>
				#include <string.h>

				// Our goal is to emulate an instrumented allocator, whose calloc
				// invoked from dlsym will trigger shadow faults, to test an
				// early shadow fault during esan interceptor init.
				// We do this by replacing calloc:
				void *calloc(size_t size, size_t n) {
				// Unfortunately we can't print anything to make the test
				// ensure we got here b/c the sanitizer interceptors can't
				// handle that during interceptor init.

				// Ensure we trigger a shadow write fault:
				int x[16];
				x[0] = size;
				// Now just emulate calloc.
				void res = malloc(sizen);
				memset(res, 0, size*n);
				return res;
				}

				int main(int argc, char **argv) {
				printf("all done\n");
				return 0;
				}
				// CHECK: all done