diff --git a/compiler-rt/lib/msan/msan_interceptors.cc b/compiler-rt/lib/msan/msan_interceptors.cc --- a/compiler-rt/lib/msan/msan_interceptors.cc +++ b/compiler-rt/lib/msan/msan_interceptors.cc @@ -1118,8 +1118,12 @@ void MSanCxaAtExitWrapper(void *arg) { UnpoisonParam(1); MSanAtExitRecord *r = (MSanAtExitRecord *)arg; + // libc before 2.27 had race which caused occasional double handler execution + // https://sourceware.org/ml/libc-alpha/2017-08/msg01204.html + if (!r->func) + return; r->func(r->arg); - InternalFree(r); + r->func = nullptr; } static int setup_at_exit_wrapper(void(*f)(), void *arg, void *dso); diff --git a/compiler-rt/test/msan/cxa_atexit_race.cc b/compiler-rt/test/msan/cxa_atexit_race.cc new file mode 100644 --- /dev/null +++ b/compiler-rt/test/msan/cxa_atexit_race.cc @@ -0,0 +1,34 @@ +// RUN: %clang_msan %s -o %t && %run %t 2>&1 | FileCheck %s + +#include +#include +#include +#include + +extern "C" int +__cxa_atexit(void (*func)(void *), void *arg, void *d); + +void handler(void *) { +} + +int handlers; + +void *thread(void *) { + for (int i = 0; i < 10000; ++i) { + __cxa_atexit(&handler, 0, (void *)&handler); + ++handlers; + } + return 0; +} + +int main(void) { + printf("TEST_MAIN\n"); + pthread_t pt; + for (int i = 0; i < 2; ++i) + pthread_create(&pt, 0, &thread, 0); + while (handlers < 1000) { + }; + return 0; +} +// CHECK: TEST_MAIN +// CHECK-NOT: MemorySanitizer