This is an archive of the discontinued LLVM Phabricator instance.

[asan/lsan] Avoid possible deadlock in dynamic ASan runtime thread initialization.
ClosedPublic

Authored by m.ostapenko on Oct 27 2016, 4:57 AM.

Download Raw Diff

Details

Reviewers

kcc
dvyukov
eugenis

Commits

rG984f42eed525: [asan/lsan] Avoid possible deadlock in dynamic ASan runtime thread…
rCRT285385: [asan/lsan] Avoid possible deadlock in dynamic ASan runtime thread…
rL285385: [asan/lsan] Avoid possible deadlock in dynamic ASan runtime thread…

Summary

As was reported in https://gcc.gnu.org/bugzilla/show_bug.cgi?id=77982, there is possible deadlock in dynamic ASan runtime when we dlopen() shared lib which creates a thread at the global initialization stage. Here is the scenario:

dlopen grabs a GI_pthread_mutex_lock in main thread.
main thread calls pthread_create, ASan intercepts it, calls real pthread_create and waits for the second thread to be "fully initialized".
Newly created thread tries to access a thread local disable_counter in LSan (to complete its "full initialization") and hangs in tls_get_addr_tail, because it also tries to acquire GI_pthread_mutex_lock.

The issue doesn't reproduce on older Glibc (e.g. 2.19 on my Ubuntu box) because tls_get_addr_tail doesn't try to acquire GI_pthread_mutex_lock there, but reproducible on more recent ones, e.g. Glibc 2.23.

The deadlock doesn't occur with ASan static linkage because in this case disable_counter resides in static tls, thus tls_get_addr_tail isn't called.

The simple fix would be just using attribute((tls_model("initial-exec"))) for disable_counter in LSan. This should be fine since nobody would dlopen {A, L}San runtime in any case.

Diff Detail

Repository: rL LLVM

Event Timeline

m.ostapenko updated this revision to Diff 76006.Oct 27 2016, 4:57 AM

m.ostapenko retitled this revision from to [asan/lsan] Avoid possible deadlock in dynamic ASan runtime thread initialization..

m.ostapenko updated this object.

m.ostapenko added reviewers: kcc, dvyukov, eugenis.

m.ostapenko set the repository for this revision to rL LLVM.

m.ostapenko added a project: Restricted Project.

m.ostapenko added subscribers: llvm-commits, ygribov.

Herald added subscribers: kubamracek, srhines, danalbert, tberghammer. · View Herald TranscriptOct 27 2016, 4:57 AM

LGTM
Thanks for investigation and the fix!

This revision is now accepted and ready to land.Oct 27 2016, 9:40 AM

Closed by commit rL285385: [asan/lsan] Avoid possible deadlock in dynamic ASan runtime thread… (authored by chefmax). · Explain WhyOct 27 2016, 11:59 PM

This revision was automatically updated to reflect the committed changes.

Revision Contents

Path

Size

compiler-rt/

trunk/

lib/

lsan/

lsan_common.cc

1 line

test/

asan/

TestCases/

Linux/

pthread_create_from_constructor.cc

48 lines

Diff 76168

compiler-rt/trunk/lib/lsan/lsan_common.cc

	Show All 26 Lines

	#if CAN_SANITIZE_LEAKS			#if CAN_SANITIZE_LEAKS
	namespace __lsan {			namespace __lsan {

	// This mutex is used to prevent races between DoLeakCheck and IgnoreObject, and			// This mutex is used to prevent races between DoLeakCheck and IgnoreObject, and
	// also to protect the global list of root regions.			// also to protect the global list of root regions.
	BlockingMutex global_mutex(LINKER_INITIALIZED);			BlockingMutex global_mutex(LINKER_INITIALIZED);

				__attribute__((tls_model("initial-exec")))
	THREADLOCAL int disable_counter;			THREADLOCAL int disable_counter;
	bool DisabledInThisThread() { return disable_counter > 0; }			bool DisabledInThisThread() { return disable_counter > 0; }
	void DisableInThisThread() { disable_counter++; }			void DisableInThisThread() { disable_counter++; }
	void EnableInThisThread() {			void EnableInThisThread() {
	if (!disable_counter && common_flags()->detect_leaks) {			if (!disable_counter && common_flags()->detect_leaks) {
	Report("Unmatched call to __lsan_enable().\n");			Report("Unmatched call to __lsan_enable().\n");
	Die();			Die();
	}			}
	▲ Show 20 Lines • Show All 719 Lines • Show Last 20 Lines

compiler-rt/trunk/test/asan/TestCases/Linux/pthread_create_from_constructor.cc

				// Test that ASan doesn't deadlock in __interceptor_pthread_create called
				// from dlopened shared library constructor. The deadlock happens only in shared
				// ASan runtime with recent Glibc (2.23 fits) when __interceptor_pthread_create
				// grabs global Glibc's GL(dl_load_lock) and waits for tls_get_addr_tail that
				// also tries to acquire it.
				//
				// RUN: %clangxx_asan -DBUILD_SO=1 -fPIC -shared %s -o %t-so.so
				// RUN: %clangxx_asan %s -o %t
				// RUN: %run %t 2>&1

				// dlopen() can not be intercepted on Android
				// UNSUPPORTED: android

				#ifdef BUILD_SO

				#include <stdio.h>
				#include <pthread.h>
				#include <unistd.h>

				void threadFn(void ) {
				fprintf(stderr, "thread started\n");
				while (true) {
				usleep(100000);
				}
				return 0;
				}

				void __attribute__((constructor)) startPolling() {
				fprintf(stderr, "initializing library\n");
				pthread_t t;
				pthread_create(&t, 0, &threadFn, 0);
				fprintf(stderr, "done\n");
				}

				#else

				#include <dlfcn.h>
				#include <stdlib.h>
				#include <string>

				int main(int argc, char **argv) {
				std::string path = std::string(argv[0]) + "-so.so";
				void *handle = dlopen(path.c_str(), RTLD_LAZY);
				if (!handle)
				abort();
				return 0;
				}
				#endif