This is an archive of the discontinued LLVM Phabricator instance.

[msan] Prevent initialization failure with newer (2.23+) glibc in use.
ClosedPublic

Authored by m.ostapenko on Sep 19 2016, 10:55 AM.

Download Raw Diff

Details

Reviewers

kcc
zatrazz
eugenis

Commits

rGf42c138470e8: [msan] Prevent initialization failure with newer (2.23+) glibc in use.
rCRT282232: [msan] Prevent initialization failure with newer (2.23+) glibc in use.
rL282232: [msan] Prevent initialization failure with newer (2.23+) glibc in use.

Summary

This patch is pretty the same as http://reviews.llvm.org/D20235 that we used for ASan. Using the same hack for MSan fixes its initialization with newer Glibc in use.

Diff Detail

Repository: rL LLVM

Event Timeline

m.ostapenko updated this revision to Diff 71849.Sep 19 2016, 10:55 AM

m.ostapenko retitled this revision from to [lsan] Prevent initialization failure with newer (2.23+) glibc in use..

m.ostapenko updated this object.

m.ostapenko added reviewers: kcc, eugenis.

m.ostapenko set the repository for this revision to rL LLVM.

m.ostapenko added a project: Restricted Project.

m.ostapenko added subscribers: llvm-commits, ygribov.

LGTM

This revision is now accepted and ready to land.Sep 19 2016, 10:59 AM

There are reports that MSan initialization fails on newer libc. Do we need the same change there?

In D24736#546554, @eugenis wrote:

There are reports that MSan initialization fails on newer libc. Do we need the same change there?

Hm, I'll check this tomorrow.

In D24736#546611, @m.ostapenko wrote:

In D24736#546554, @eugenis wrote:

There are reports that MSan initialization fails on newer libc. Do we need the same change there?

Hm, I'll check this tomorrow.

Oh, it seems that LSan actually doesn't need this stuff, because the error with malloc occurs only when dlsym fails to find a symbol (and this is not the case for LSan, because it intercepts only well-known symbols).

However, this is the case for MSan, running trivial program with trunk Glibc causes segfault:

(gdb) r
Starting program: /home/max/build/llvm/a.out 
warning: Could not load shared library symbols for linux-vdso.so.1.
Do you need "set solib-search-path" or "set sysroot"?
warning: File "/home/max/install/glibc/lib/libthread_db-1.0.so" auto-loading has been declined by your `auto-load safe-path' set to "$debugdir:$datadir/auto-load".
To enable execution of this file add
	add-auto-load-safe-path /home/max/install/glibc/lib/libthread_db-1.0.so
line to your configuration file "/home/max/.gdbinit".
To completely disable this security protection add
	set auto-load safe-path /
line to your configuration file "/home/max/.gdbinit".
For more information about this security protection see the
"Auto-loading safe path" section in the GDB manual.  E.g., run from the shell:
	info "(gdb)Auto-loading safe path"
warning: Unable to find libthread_db matching inferior's thread library, thread debugging will not be available.

Program received signal SIGSEGV, Segmentation fault.
0x0000000000472c61 in Lock () at /home/max/src/llvm/projects/compiler-rt/lib/sanitizer_common/sanitizer_linux.cc:523
523	  CHECK_EQ(owner_, 0);
(gdb) bt
#0  0x0000000000472c61 in Lock () at /home/max/src/llvm/projects/compiler-rt/lib/sanitizer_common/sanitizer_linux.cc:523
#1  0x000000000041d389 in GenericScopedLock () at /home/max/src/llvm/projects/compiler-rt/lib/msan/../sanitizer_common/sanitizer_mutex.h:179
#2  GetFromAllocator () at /home/max/src/llvm/projects/compiler-rt/lib/msan/../sanitizer_common/sanitizer_allocator_primary64.h:122
#3  0x000000000041d333 in Refill () at /home/max/src/llvm/projects/compiler-rt/lib/msan/../sanitizer_common/sanitizer_allocator_local_cache.h:106
#4  0x000000000041cf21 in Allocate () at /home/max/src/llvm/projects/compiler-rt/lib/msan/../sanitizer_common/sanitizer_allocator_local_cache.h:51
#5  0x000000000041ce0d in Allocate () at /home/max/src/llvm/projects/compiler-rt/lib/msan/../sanitizer_common/sanitizer_allocator_combined.h:58
#6  0x000000000041c78e in MsanAllocate () at /home/max/src/llvm/projects/compiler-rt/lib/msan/msan_allocator.cc:134
#7  0x00000000004254c6 in __interceptor_malloc () at /home/max/src/llvm/projects/compiler-rt/lib/msan/msan_interceptors.cc:931
#8  0x00007ffff7de9a61 in _dl_signal_error (errcode=errcode@entry=0, objname=objname@entry=0x7fffffffe2e3 "/home/max/build/llvm/a.out", occation=occation@entry=0x7ffff7df7413 "symbol lookup error", 
    errstring=errstring@entry=0x7fffffffd900 "undefined symbol: __isoc99_printf") at dl-error.c:90
#9  0x00007ffff7de9c1e in _dl_signal_cerror (errcode=0, objname=0x7fffffffe2e3 "/home/max/build/llvm/a.out", occation=0x7ffff7df7413 "symbol lookup error", errstring=0x7fffffffd900 "undefined symbol: __isoc99_printf") at dl-error.c:155
#10 0x00007ffff7de52e2 in _dl_lookup_symbol_x (undef_name=0x48ba5e "__isoc99_printf", undef_map=0x7ffff7ffe170, ref=0x7fffffffda78, symbol_scope=0x7ffff7ffe4f8, version=<optimised out>, type_class=<optimised out>, flags=0, skip_map=0x7ffff7ffe170) at dl-lookup.c:874
#11 0x00007ffff701a0ba in do_sym (handle=0xffffffffffffffff, name=0x48ba5e "__isoc99_printf", who=<optimised out>, vers=vers@entry=0x0, flags=flags@entry=2) at dl-sym.c:161
#12 0x00007ffff701a4bd in _dl_sym (handle=<optimised out>, name=<optimised out>, who=<optimised out>) at dl-sym.c:273
#13 0x00007ffff74af0a4 in dlsym_doit (a=a@entry=0x7fffffffdc80) at dlsym.c:50
#14 0x00007ffff7de9c94 in _dl_catch_error (objname=0x20bdc10 <__interceptor_calloc::calloc_memory_for_dlsym+16>, errstring=0x20bdc18 <__interceptor_calloc::calloc_memory_for_dlsym+24>, mallocedp=0x20bdc08 <__interceptor_calloc::calloc_memory_for_dlsym+8>, 
    operate=0x7ffff74af090 <dlsym_doit>, args=0x7fffffffdc80) at dl-error.c:187
#15 0x00007ffff74af53d in _dlerror_run (operate=operate@entry=0x7ffff74af090 <dlsym_doit>, args=args@entry=0x7fffffffdc80) at dlerror.c:163
#16 0x00007ffff74af0f8 in __dlsym (handle=<optimised out>, name=<optimised out>) at dlsym.c:70
#17 0x0000000000469010 in __interception::GetRealFunctionAddress(char const*, unsigned long*, unsigned long, unsigned long) () at /home/max/src/llvm/projects/compiler-rt/lib/interception/interception_linux.cc:23
#18 0x0000000000457621 in InitializeCommonInterceptors () at /home/max/src/llvm/projects/compiler-rt/lib/msan/../sanitizer_common/sanitizer_common_interceptors.inc:5925
#19 0x0000000000454fd3 in __msan::InitializeInterceptors() () at /home/max/src/llvm/projects/compiler-rt/lib/msan/msan_interceptors.cc:1471
#20 0x000000000041b2e1 in __msan_init () at /home/max/src/llvm/projects/compiler-rt/lib/msan/msan.cc:386
#21 0x00000000004876b6 in msan.module_ctor ()
#22 0x000000000048770d in __libc_csu_init ()
#23 0x00007ffff6f20cc5 in __libc_start_main (main=0x487550 <main>, argc=1, argv=0x7fffffffdf88, init=0x4876c0 <__libc_csu_init>, fini=<optimised out>, rtld_fini=<optimised out>, stack_end=0x7fffffffdf78) at ../csu/libc-start.c:245
#24 0x000000000041a09f in _start ()

Thus, I'm removing LSan changes and adding MSan ones that fix this issue.

m.ostapenko updated this revision to Diff 71948.Sep 20 2016, 9:42 AM

m.ostapenko retitled this revision from [lsan] Prevent initialization failure with newer (2.23+) glibc in use. to [msan] Prevent initialization failure with newer (2.23+) glibc in use..

m.ostapenko updated this object.

m.ostapenko edited edge metadata.

eugenis added inline comments.Sep 20 2016, 4:07 PM

lib/msan/msan_interceptors.cc
938 ↗	(On Diff #71948)	Should this go to AllocateFromLocalPool if msan is still not initialized?

rengolin added a reviewer: zatrazz.Sep 20 2016, 9:05 PM

Right, MsanAllocatorInit is called after InitializeInterceptors. Perhaps we need the same change for ASan.

m.ostapenko updated this revision to Diff 72017.Sep 21 2016, 2:44 AM

Herald added a subscriber: kubamracek. · View Herald TranscriptSep 21 2016, 2:44 AM

LGTM w/ nit

lib/asan/asan_malloc_linux.cc
81 ↗	(On Diff #72017)	if (UNLIKELY(!asan_inited)) AllocateFromLocalPool else asan_malloc This probably does not matter in practice, but we should not keep reallocating in the local pool when the main allocator is available.

Closed by commit rL282232: [msan] Prevent initialization failure with newer (2.23+) glibc in use. (authored by chefmax). · Explain WhySep 23 2016, 12:49 AM

This revision was automatically updated to reflect the committed changes.

eugenis added inline comments.Sep 23 2016, 1:22 PM

compiler-rt/trunk/lib/asan/asan_malloc_linux.cc
82	Could you do the same in MSan?

Revision Contents

Path

Size

compiler-rt/

trunk/

lib/

asan/

asan_malloc_linux.cc

6 lines

msan/

msan_interceptors.cc

43 lines

Diff 72238

compiler-rt/trunk/lib/asan/asan_malloc_linux.cc

Show First 20 Lines • Show All 72 Lines • ▼ Show 20 Lines	INTERCEPTOR(void*, calloc, uptr nmemb, uptr size) {
return asan_calloc(nmemb, size, &stack);		return asan_calloc(nmemb, size, &stack);
}		}

INTERCEPTOR(void, realloc, void ptr, uptr size) {		INTERCEPTOR(void, realloc, void ptr, uptr size) {
GET_STACK_TRACE_MALLOC;		GET_STACK_TRACE_MALLOC;
if (UNLIKELY(IsInDlsymAllocPool(ptr))) {		if (UNLIKELY(IsInDlsymAllocPool(ptr))) {
uptr offset = (uptr)ptr - (uptr)alloc_memory_for_dlsym;		uptr offset = (uptr)ptr - (uptr)alloc_memory_for_dlsym;
uptr copy_size = Min(size, kDlsymAllocPoolSize - offset);		uptr copy_size = Min(size, kDlsymAllocPoolSize - offset);
void *new_ptr = asan_malloc(size, &stack);		void *new_ptr;
		if (UNLIKELY(!asan_inited))
		eugenisUnsubmitted Not Done Reply Inline Actions Could you do the same in MSan? eugenis: Could you do the same in MSan?
		new_ptr = AllocateFromLocalPool(size);
		else
		new_ptr = asan_malloc(size, &stack);
internal_memcpy(new_ptr, ptr, copy_size);		internal_memcpy(new_ptr, ptr, copy_size);
return new_ptr;		return new_ptr;
}		}
return asan_realloc(ptr, size, &stack);		return asan_realloc(ptr, size, &stack);
}		}

INTERCEPTOR(void*, memalign, uptr boundary, uptr size) {		INTERCEPTOR(void*, memalign, uptr boundary, uptr size) {
GET_STACK_TRACE_MALLOC;		GET_STACK_TRACE_MALLOC;
▲ Show 20 Lines • Show All 120 Lines • Show Last 20 Lines

compiler-rt/trunk/lib/msan/msan_interceptors.cc

Show First 20 Lines • Show All 58 Lines • ▼ Show 20 Lines	struct InterceptorScope {
InterceptorScope() { ++in_interceptor_scope; }		InterceptorScope() { ++in_interceptor_scope; }
~InterceptorScope() { --in_interceptor_scope; }		~InterceptorScope() { --in_interceptor_scope; }
};		};

bool IsInInterceptorScope() {		bool IsInInterceptorScope() {
return in_interceptor_scope;		return in_interceptor_scope;
}		}

		static uptr allocated_for_dlsym;
		static const uptr kDlsymAllocPoolSize = 1024;
		static uptr alloc_memory_for_dlsym[kDlsymAllocPoolSize];

		static bool IsInDlsymAllocPool(const void *ptr) {
		uptr off = (uptr)ptr - (uptr)alloc_memory_for_dlsym;
		return off < sizeof(alloc_memory_for_dlsym);
		}

		static void *AllocateFromLocalPool(uptr size_in_bytes) {
		uptr size_in_words = RoundUpTo(size_in_bytes, kWordSize) / kWordSize;
		void mem = (void )&alloc_memory_for_dlsym[allocated_for_dlsym];
		allocated_for_dlsym += size_in_words;
		CHECK_LT(allocated_for_dlsym, kDlsymAllocPoolSize);
		return mem;
		}

#define ENSURE_MSAN_INITED() do { \		#define ENSURE_MSAN_INITED() do { \
CHECK(!msan_init_is_running); \		CHECK(!msan_init_is_running); \
if (!msan_inited) { \		if (!msan_inited) { \
__msan_init(); \		__msan_init(); \
} \		} \
} while (0)		} while (0)

// Check that [x, x+n) range is unpoisoned.		// Check that [x, x+n) range is unpoisoned.
▲ Show 20 Lines • Show All 147 Lines • ▼ Show 20 Lines
}		}
#define MSAN_MAYBE_INTERCEPT_PVALLOC INTERCEPT_FUNCTION(pvalloc)		#define MSAN_MAYBE_INTERCEPT_PVALLOC INTERCEPT_FUNCTION(pvalloc)
#else		#else
#define MSAN_MAYBE_INTERCEPT_PVALLOC		#define MSAN_MAYBE_INTERCEPT_PVALLOC
#endif		#endif

INTERCEPTOR(void, free, void *ptr) {		INTERCEPTOR(void, free, void *ptr) {
GET_MALLOC_STACK_TRACE;		GET_MALLOC_STACK_TRACE;
if (!ptr) return;		if (!ptr \|\| UNLIKELY(IsInDlsymAllocPool(ptr))) return;
MsanDeallocate(&stack, ptr);		MsanDeallocate(&stack, ptr);
}		}

#if !SANITIZER_FREEBSD		#if !SANITIZER_FREEBSD
INTERCEPTOR(void, cfree, void *ptr) {		INTERCEPTOR(void, cfree, void *ptr) {
GET_MALLOC_STACK_TRACE;		GET_MALLOC_STACK_TRACE;
if (!ptr) return;		if (!ptr \|\| UNLIKELY(IsInDlsymAllocPool(ptr))) return;
MsanDeallocate(&stack, ptr);		MsanDeallocate(&stack, ptr);
}		}
#define MSAN_MAYBE_INTERCEPT_CFREE INTERCEPT_FUNCTION(cfree)		#define MSAN_MAYBE_INTERCEPT_CFREE INTERCEPT_FUNCTION(cfree)
#else		#else
#define MSAN_MAYBE_INTERCEPT_CFREE		#define MSAN_MAYBE_INTERCEPT_CFREE
#endif		#endif

INTERCEPTOR(uptr, malloc_usable_size, void *ptr) {		INTERCEPTOR(uptr, malloc_usable_size, void *ptr) {
▲ Show 20 Lines • Show All 656 Lines • ▼ Show 20 Lines
}		}
#define MSAN_MAYBE_INTERCEPT_EPOLL_PWAIT INTERCEPT_FUNCTION(epoll_pwait)		#define MSAN_MAYBE_INTERCEPT_EPOLL_PWAIT INTERCEPT_FUNCTION(epoll_pwait)
#else		#else
#define MSAN_MAYBE_INTERCEPT_EPOLL_PWAIT		#define MSAN_MAYBE_INTERCEPT_EPOLL_PWAIT
#endif		#endif

INTERCEPTOR(void *, calloc, SIZE_T nmemb, SIZE_T size) {		INTERCEPTOR(void *, calloc, SIZE_T nmemb, SIZE_T size) {
GET_MALLOC_STACK_TRACE;		GET_MALLOC_STACK_TRACE;
if (UNLIKELY(!msan_inited)) {		if (UNLIKELY(!msan_inited))
// Hack: dlsym calls calloc before REAL(calloc) is retrieved from dlsym.		// Hack: dlsym calls calloc before REAL(calloc) is retrieved from dlsym.
const SIZE_T kCallocPoolSize = 1024;		return AllocateFromLocalPool(nmemb * size);
static uptr calloc_memory_for_dlsym[kCallocPoolSize];
static SIZE_T allocated;
SIZE_T size_in_words = ((nmemb * size) + kWordSize - 1) / kWordSize;
void mem = (void)&calloc_memory_for_dlsym[allocated];
allocated += size_in_words;
CHECK(allocated < kCallocPoolSize);
return mem;
}
return MsanCalloc(&stack, nmemb, size);		return MsanCalloc(&stack, nmemb, size);
}		}

INTERCEPTOR(void , realloc, void ptr, SIZE_T size) {		INTERCEPTOR(void , realloc, void ptr, SIZE_T size) {
GET_MALLOC_STACK_TRACE;		GET_MALLOC_STACK_TRACE;
		if (UNLIKELY(IsInDlsymAllocPool(ptr))) {
		uptr offset = (uptr)ptr - (uptr)alloc_memory_for_dlsym;
		uptr copy_size = Min(size, kDlsymAllocPoolSize - offset);
		void *new_ptr = AllocateFromLocalPool(size);
		internal_memcpy(new_ptr, ptr, copy_size);
		return new_ptr;
		}
return MsanReallocate(&stack, ptr, size, sizeof(u64), false);		return MsanReallocate(&stack, ptr, size, sizeof(u64), false);
}		}

INTERCEPTOR(void *, malloc, SIZE_T size) {		INTERCEPTOR(void *, malloc, SIZE_T size) {
GET_MALLOC_STACK_TRACE;		GET_MALLOC_STACK_TRACE;
		if (UNLIKELY(!msan_inited))
		// Hack: dlsym calls malloc before REAL(malloc) is retrieved from dlsym.
		return AllocateFromLocalPool(size);
return MsanReallocate(&stack, nullptr, size, sizeof(u64), false);		return MsanReallocate(&stack, nullptr, size, sizeof(u64), false);
}		}

void __msan_allocated_memory(const void *data, uptr size) {		void __msan_allocated_memory(const void *data, uptr size) {
GET_MALLOC_STACK_TRACE;		GET_MALLOC_STACK_TRACE;
if (flags()->poison_in_malloc) {		if (flags()->poison_in_malloc) {
stack.tag = STACK_TRACE_TAG_POISON;		stack.tag = STACK_TRACE_TAG_POISON;
PoisonMemory(data, size, &stack);		PoisonMemory(data, size, &stack);
▲ Show 20 Lines • Show All 653 Lines • Show Last 20 Lines