This is an archive of the discontinued LLVM Phabricator instance.

Differential D40159

Correct handling of the TLS/NetBSD block of the main program
ClosedPublic

Authored by krytarowski on Nov 16 2017, 4:41 PM.

Details

Reviewers
dvyukov
joerg
vitalybuka
Commits
rGf6510a01a663: Correct handling of the TLS/NetBSD block of the main program
rL320234: Correct handling of the TLS/NetBSD block of the main program
rCRT320234: Correct handling of the TLS/NetBSD block of the main program
Summary

Include <sys/tls.h> for:

  • struct tls_tcb - thread control block structure
  • HAVE_LWP_GETTCB_FAST - __lwp_gettcb_fast() is available
  • HAVE_LWP_GETPRIVATE_FAST - __lwp_getprivate_fast() is available
  • __HAVE_TLS_VARIANT_I - TLS Variant I for this architecture
  • __HAVE_TLS_VARIANT_II - TLS Variant II for this architecture

Rename ThreadSelfSegbase() to ThreadSelfTlsTcb and switch it
to retrieve in a portable way TCB.

Switch ThreadSelf() to retrieve pthread from struct tcb_tls.

Use dl_iterate_phdr() to find out the size of TLS block of
the main program.

Correct the index of the TLS block of the main program
(dlpi_tls_modid); it's 1, not 2.

New NetBSD code is now CPU (NetBSD port) agnostic.

Stop sharing the same code with FreeBSD.

Sponsored by <The NetBSD Foundation>

Diff Detail

Repository
rL LLVM

Event Timeline

krytarowski created this revision.Nov 16 2017, 4:41 PM
Herald added subscribers: kubamracek, emaste. · View Herald TranscriptNov 16 2017, 4:41 PM
krytarowski mentioned this in D40105: Implement GetTls() for NetBSD.Nov 16 2017, 5:40 PM
dvyukov edited edge metadata.Nov 17 2017, 12:02 AM

Joerg, please review.

joerg added inline comments.Nov 17 2017, 7:10 AM
lib/sanitizer_common/sanitizer_linux_libcdep.cc
347 ↗(On Diff #123270)

The fallback is just using _lwp_getprivate() directly. No need to error out.

404 ↗(On Diff #123270)

What is this code trying to do in first place? It doesn't really make sense to me. Handling variant I and II differently doesn't make sense either.

krytarowski added inline comments.Nov 17 2017, 12:35 PM
lib/sanitizer_common/sanitizer_linux_libcdep.cc
347 ↗(On Diff #123270)

I wanted to stop rotting and don't fallback to else when there is no included <sys/tls.h>.. however it would fail anyway. I will adjust it. I think I will also rename ThreadSelfSegbase() to ThreadSelfTLS()

404 ↗(On Diff #123270)

Retrieve allocated TLS vector, address and size. How to handle it differently? How to add Variant I support? Is there a way to use a generic solution for both Variations?

krytarowski added a comment.Nov 18 2017, 11:43 PM

It looks like the proper TLS vector should be in a form of std::vector<std::pair<uptr,uptr>>, as there might be multiple regions mapped (true for DSO).

The problem is that there is no public interface to retrieve this and with introspecting exported symbols in /usr/libexec/ld.elf_so this is untrivial.

If there are more users of this use-case (beyond sanitizers) it's a legitimate reason to develop a dedicated API.

krytarowski added a comment.Nov 19 2017, 12:07 AM

It seems like Linux uses __libc_memalign() interceptor to catch dynamically allocated TLS blocks.

a thread's static TLS area can be found using the internal glibc function _dl_get_tls_static_info() (like in TSan). On x86 and x86-64 this area includes the thread descriptor, which contains pointers to thread-specific data. On the other hand, dynamically allocated TLS blocks can't always be reached easily through the thread descriptor. We handle them by intercepting the __libc_memalign calls that the linker uses to allocate dynamic TLS space, and considering all blocks allocated from the linker to be live.

joerg edited edge metadata.Nov 19 2017, 7:50 AM

The public interface for obtaining the TLS storage is the combination of reading the DTV vector of a thread in combination with dl_iterate_phdr to find the size of the TLS block of a specific module. That gives you all that you need to know. It is important to keep in mind that the vector can be initialized lazily, so __tls_get_addr and friends will have to be intercepted to update the global view.

krytarowski planned changes to this revision.Nov 19 2017, 8:41 AM

I will be back to it once I will fix other bugs, unrelated to TLS in TSan.

krytarowski added a comment.Dec 4 2017, 2:42 PM

Back to it as required for MSan.

krytarowski updated this revision to Diff 125503.Dec 5 2017, 5:35 AM
krytarowski edited the summary of this revision. (Show Details)
  • Fix bug with static TLS vector index.
  • Reuse dl_iterate_phdr().
  • Simplify code.
krytarowski retitled this revision from Make TLS/NetBSD handling more generic to Make static TLS/NetBSD handling more generic.EditedDec 5 2017, 5:37 AM

@joerg done. I will improve handling of dynamically allocated vectors in another revision.

joerg added inline comments.Dec 5 2017, 7:44 AM
lib/sanitizer_common/sanitizer_linux_libcdep.cc
421 ↗(On Diff #125503)

The index 1 is not used for the static vector, but the TLS block of the main program. It will be unset of the main program has no TLS segment.

krytarowski updated this revision to Diff 125532.Dec 5 2017, 8:21 AM
krytarowski retitled this revision from Make static TLS/NetBSD handling more generic to Correct handling of the TLS/NetBSD block of the main program.
krytarowski edited the summary of this revision. (Show Details)
krytarowski marked 5 inline comments as done.
krytarowski added a comment.Dec 6 2017, 2:12 PM

I've addressed the comments in review.

krytarowski added a reviewer: vitalybuka.Dec 8 2017, 8:22 AM
krytarowski added a comment.Dec 8 2017, 6:09 PM

As discussed with Joerg, this TLS handling is questionable by design, but the proposed NetBSD code is not worse than any other OS.

I'm going to commit it as it is now (without click 'accepted').

vitalybuka accepted this revision.Dec 8 2017, 6:19 PM
vitalybuka added inline comments.
lib/sanitizer_common/sanitizer_linux_libcdep.cc
49 ↗(On Diff #125532)

please combine two #if SANITIZER_NETBSD blocks

This revision is now accepted and ready to land.Dec 8 2017, 6:19 PM
Closed by commit rCRT320234: Correct handling of the TLS/NetBSD block of the main program (authored by kamil). · Explain WhyDec 8 2017, 6:24 PM
Closed by commit rL320234: Correct handling of the TLS/NetBSD block of the main program (authored by kamil). · Explain Why
This revision was automatically updated to reflect the committed changes.
This revision was automatically updated to reflect the committed changes.
MaskRay added a subscriber: MaskRay.Jan 1 2021, 8:28 PM

@krytarowski I think this patch may be incorrect.

On TLS Variant I (i386, x86-64), static TLS blocks ... tp tcb

Notable users of GetTls:

  • asan calls ClearShadowForThreadStackAndTLS to mark the TLS block addressable.
  • lsan calls ScanRangeForPointers on the TLS block to find reachable chunks.
  • msan and tsan's __tls_get_addr interceptors unpoison/reset dtv ranges to avoid false positives
  • A glibc workaround (D93866): I suspect it is no longer needed, but I'll confirm with glibc dev.

The size should be the total size of static TLS blocks (including the sizeof of TCB, (struct pthread on musl), (including tcbhead_t on glibc))), not just p_memsz of the executable PT_TLS.

The FreeBSD definition is quite correct, though it does not include the sizeof of TCB. For the users of GetTls, not including the sizeof of TCB probably does not matter (writes of the TCB members are not instrumented by asan/lsan/msan/tsan).

Herald added subscribers: delcypher, arichardson. · View Herald TranscriptJan 1 2021, 8:28 PM

Revision Contents

PathSize
compiler-rt/
trunk/
lib/
sanitizer_common/
50 lines

Diff 126256

compiler-rt/trunk/lib/sanitizer_common/sanitizer_linux_libcdep.cc

Show All 37 Lines
#include <pthread_np.h> #include <pthread_np.h>
#include <osreldate.h> #include <osreldate.h>
#include <sys/sysctl.h> #include <sys/sysctl.h>
#define pthread_getattr_np pthread_attr_get_np #define pthread_getattr_np pthread_attr_get_np
#endif #endif
#if SANITIZER_NETBSD #if SANITIZER_NETBSD
#include <sys/sysctl.h> #include <sys/sysctl.h>
#include <sys/tls.h>
#endif #endif
#if SANITIZER_LINUX #if SANITIZER_LINUX
#include <sys/prctl.h> #include <sys/prctl.h>
#endif #endif
#if SANITIZER_ANDROID #if SANITIZER_ANDROID
#include <android/api-level.h> #include <android/api-level.h>
▲ Show 20 LinesShow All 268 Lines▼ Show 20 Lines# elif defined(__powerpc64__)
descr_addr = thread_pointer - TlsPreTcbSize(); descr_addr = thread_pointer - TlsPreTcbSize();
# else # else
# error "unsupported CPU arch" # error "unsupported CPU arch"
# endif # endif
return descr_addr; return descr_addr;
} }
#endif // (x86_64 || i386 || MIPS) && SANITIZER_LINUX #endif // (x86_64 || i386 || MIPS) && SANITIZER_LINUX
#if SANITIZER_FREEBSD || SANITIZER_NETBSD #if SANITIZER_FREEBSD
static void **ThreadSelfSegbase() { static void **ThreadSelfSegbase() {
void **segbase = 0; void **segbase = 0;
# if defined(__i386__) # if defined(__i386__)
// sysarch(I386_GET_GSBASE, segbase); // sysarch(I386_GET_GSBASE, segbase);
__asm __volatile("mov %%gs:0, %0" : "=r" (segbase)); __asm __volatile("mov %%gs:0, %0" : "=r" (segbase));
# elif defined(__x86_64__) # elif defined(__x86_64__)
// sysarch(AMD64_GET_FSBASE, segbase); // sysarch(AMD64_GET_FSBASE, segbase);
__asm __volatile("movq %%fs:0, %0" : "=r" (segbase)); __asm __volatile("movq %%fs:0, %0" : "=r" (segbase));
# else # else
# error "unsupported CPU arch" # error "unsupported CPU arch"
# endif # endif
return segbase; return segbase;
} }
uptr ThreadSelf() { uptr ThreadSelf() {
return (uptr)ThreadSelfSegbase()[2]; return (uptr)ThreadSelfSegbase()[2];
} }
#endif // SANITIZER_FREEBSD || SANITIZER_NETBSD #endif // SANITIZER_FREEBSD
#if SANITIZER_NETBSD
static struct tls_tcb * ThreadSelfTlsTcb() {
struct tls_tcb * tcb;
# ifdef __HAVE___LWP_GETTCB_FAST
tcb = (struct tls_tcb *)__lwp_gettcb_fast();
# elif defined(__HAVE___LWP_GETPRIVATE_FAST)
tcb = (struct tls_tcb *)__lwp_getprivate_fast();
# endif
return tcb;
}
uptr ThreadSelf() {
return (uptr)ThreadSelfTlsTcb()->tcb_pthread;
}
int GetSizeFromHdr(struct dl_phdr_info *info, size_t size, void *data) {
const Elf_Phdr *hdr = info->dlpi_phdr;
const Elf_Phdr *last_hdr = hdr + info->dlpi_phnum;
for (; hdr != last_hdr; ++hdr) {
if (hdr->p_type == PT_TLS && info->dlpi_tls_modid == 1) {
*(uptr*)data = hdr->p_memsz;
break;
}
}
return 0;
}
#endif // SANITIZER_NETBSD
#if !SANITIZER_GO #if !SANITIZER_GO
static void GetTls(uptr *addr, uptr *size) { static void GetTls(uptr *addr, uptr *size) {
#if SANITIZER_LINUX && !SANITIZER_ANDROID #if SANITIZER_LINUX && !SANITIZER_ANDROID
# if defined(__x86_64__) || defined(__i386__) || defined(__s390__) # if defined(__x86_64__) || defined(__i386__) || defined(__s390__)
*addr = ThreadSelf(); *addr = ThreadSelf();
*size = GetTlsSize(); *size = GetTlsSize();
*addr -= *size; *addr -= *size;
*addr += ThreadDescriptorSize(); *addr += ThreadDescriptorSize();
# elif defined(__mips__) || defined(__aarch64__) || defined(__powerpc64__) \ # elif defined(__mips__) || defined(__aarch64__) || defined(__powerpc64__) \
|| defined(__arm__) || defined(__arm__)
*addr = ThreadSelf(); *addr = ThreadSelf();
*size = GetTlsSize(); *size = GetTlsSize();
# else # else
*addr = 0; *addr = 0;
*size = 0; *size = 0;
# endif # endif
#elif SANITIZER_FREEBSD || SANITIZER_NETBSD #elif SANITIZER_FREEBSD
void** segbase = ThreadSelfSegbase(); void** segbase = ThreadSelfSegbase();
*addr = 0; *addr = 0;
*size = 0; *size = 0;
if (segbase != 0) { if (segbase != 0) {
// tcbalign = 16 // tcbalign = 16
// tls_size = round(tls_static_space, tcbalign); // tls_size = round(tls_static_space, tcbalign);
// dtv = segbase[1]; // dtv = segbase[1];
// dtv[2] = segbase - tls_static_space; // dtv[2] = segbase - tls_static_space;
void **dtv = (void**) segbase[1]; void **dtv = (void**) segbase[1];
*addr = (uptr) dtv[2]; *addr = (uptr) dtv[2];
*size = (*addr == 0) ? 0 : ((uptr) segbase[0] - (uptr) dtv[2]); *size = (*addr == 0) ? 0 : ((uptr) segbase[0] - (uptr) dtv[2]);
} }
#elif SANITIZER_NETBSD
struct tls_tcb * const tcb = ThreadSelfTlsTcb();
*addr = 0;
*size = 0;
if (tcb != 0) {
// Find size (p_memsz) of dlpi_tls_modid 1 (TLS block of the main program).
// ld.elf_so hardcodes the index 1.
dl_iterate_phdr(GetSizeFromHdr, size);
if (*size != 0) {
// The block has been found and tcb_dtv[1] contains the base address
*addr = (uptr)tcb->tcb_dtv[1];
}
}
#elif SANITIZER_ANDROID #elif SANITIZER_ANDROID
*addr = 0; *addr = 0;
*size = 0; *size = 0;
#else #else
# error "Unknown OS" # error "Unknown OS"
#endif #endif
} }
#endif #endif
▲ Show 20 LinesShow All 282 LinesShow Last 20 Lines