This is an archive of the discontinued LLVM Phabricator instance.

Differential D85292

[tsan] Fix "failed to intercept sysctlnametomib" on FreeBSD
ClosedPublic

Authored by arichardson on Aug 5 2020, 4:44 AM.

Details

Reviewers
emaste
dim
bsdjhb
vitalybuka
Group Reviewers
Restricted Project
Commits
rG7be868292166: [tsan] Fix "failed to intercept sysctlnametomib" on FreeBSD
Summary

The sysctlnametomib function is called from tsan::Initialize via
sanitizer::internal_sysctlbyname (see stack trace below). This results
in a fatal error since sysctlnametomib has not been intercepted yet.
This patch allows internal_sysctlbyname to be called before
__tsan::Initialize() has completed. On FreeBSD >= 1300045 sysctlbyname()
is a real syscall, but for older versions it calls sysctlnametomib()
followed by sysctl(). To avoid calling the intercepted version, look up
the real sysctlnametomib() followed by internal_sysctl() if the
syscall is not available.

This reduces check-sanitizer failures from 62 to 11 for me.

34433==FATAL: ThreadSanitizer: failed to intercept sysctlnametomib

#0 __sanitizer::Die ()

at /exports/users/alr48/sources/upstream-llvm-project/compiler-rt/lib/sanitizer_common/sanitizer_termination.cpp:51

#1 0x00000000002a2de6 in __interceptor_sysctlnametomib (sname=0x2146cb "kern.elf64.aslr.pie_enable",

name=0x7fffffffce10, namelenp=0x7fffffffce08)
at /exports/users/alr48/sources/upstream-llvm-project/compiler-rt/lib/tsan/../sanitizer_common/sanitizer_common_interceptors.inc:7908

#2 0x000000080061ea0d in sysctlbyname () from /lib/libc.so.7
#3 0x00000000002515a0 in __sanitizer::internal_sysctlbyname (sname=0x2146cb "kern.elf64.aslr.pie_enable",

oldp=0x7fffffffcf2c, oldlenp=0x7fffffffcf20, newp=0x0, newlen=0)
at /exports/users/alr48/sources/upstream-llvm-project/compiler-rt/lib/sanitizer_common/sanitizer_linux.cpp:803

#4 0x0000000000252823 in __sanitizer::CheckASLR ()

at /exports/users/alr48/sources/upstream-llvm-project/compiler-rt/lib/sanitizer_common/sanitizer_linux.cpp:2152

#5 0x00000000002dd2ea in __tsan::Initialize (thr=0x800901980)

at /exports/users/alr48/sources/upstream-llvm-project/compiler-rt/lib/tsan/rtl/tsan_rtl.cpp:367

#6 0x000000000027cdd0 in __tsan::ScopedInterceptor::ScopedInterceptor (this=0x7fffffffd030, thr=0x800901980,

fname=0x21c731 "readlink", pc=34366042556)
at /exports/users/alr48/sources/upstream-llvm-project/compiler-rt/lib/tsan/rtl/tsan_interceptors_posix.cpp:255

#7 0x00000000002a0055 in __interceptor_readlink (path=0x80051d509 "/etc/malloc.conf", buf=0x7fffffffd0b0 "",

bufsiz=1024)
at /exports/users/alr48/sources/upstream-llvm-project/compiler-rt/lib/tsan/../sanitizer_common/sanitizer_common_interceptors.inc:7151

#8 0x00000008006031bc in ?? () from /lib/libc.so.7
#9 0x0000000800602b08 in ?? () from /lib/libc.so.7
#10 0x000000080032646e in ?? () from /libexec/ld-elf.so.1
#11 0x0000000000000000 in ?? ()

Diff Detail

Event Timeline

arichardson created this revision.Aug 5 2020, 4:44 AM
Herald added a project: Restricted Project. · View Herald TranscriptAug 5 2020, 4:44 AM
Herald added a subscriber: krytarowski. · View Herald Transcript
arichardson requested review of this revision.Aug 5 2020, 4:44 AM
arichardson edited the summary of this revision. (Show Details)Aug 5 2020, 4:59 AM
arichardson added a reviewer: bsdjhb.
Harbormaster completed remote builds in B67075: Diff 283196.Aug 5 2020, 5:26 AM
arichardson added a comment.Aug 25 2020, 7:50 AM

ping.

vitalybuka resigned from this revision.Aug 25 2020, 6:04 PM
vitalybuka added a subscriber: vitalybuka.
vitalybuka added inline comments.
compiler-rt/lib/sanitizer_common/sanitizer_linux.cpp
813–826

Why not like this?

vitalybuka accepted this revision as: vitalybuka.Aug 25 2020, 6:05 PM
This revision is now accepted and ready to land.Aug 25 2020, 6:05 PM
vitalybuka requested changes to this revision.Aug 25 2020, 6:05 PM

Accepted by mistake

This revision now requires changes to proceed.Aug 25 2020, 6:05 PM
arichardson added inline comments.Aug 27 2020, 2:22 AM
compiler-rt/lib/sanitizer_common/sanitizer_linux.cpp
813–826

Yeah that's probably better. I initially wanted to fall through to doing the old way on ENOSYS, but it turns out that we get a SIGSYS instead. Just returning the error code seems better unless we really want to support building the sanitizer runtime on a new OS and running it on an old kernel.

vitalybuka accepted this revision.Aug 27 2020, 7:16 PM
This revision is now accepted and ready to land.Aug 27 2020, 7:16 PM
Closed by commit rG7be868292166: [tsan] Fix "failed to intercept sysctlnametomib" on FreeBSD (authored by arichardson). · Explain WhySep 1 2020, 10:25 AM
This revision was automatically updated to reflect the committed changes.
arichardson added a commit: rG7be868292166: [tsan] Fix "failed to intercept sysctlnametomib" on FreeBSD.

Revision Contents

PathSize
compiler-rt/
lib/
sanitizer_common/
28 lines

Diff 289216

compiler-rt/lib/sanitizer_common/sanitizer_linux.cpp

Show First 20 LinesShow All 794 Lines▼ Show 20 Lines#else
return internal_syscall(SYSCALL(__sysctl), name, namelen, oldp, return internal_syscall(SYSCALL(__sysctl), name, namelen, oldp,
(size_t *)oldlenp, newp, (size_t)newlen); (size_t *)oldlenp, newp, (size_t)newlen);
#endif #endif
} }
#if SANITIZER_FREEBSD #if SANITIZER_FREEBSD
int internal_sysctlbyname(const char *sname, void *oldp, uptr *oldlenp, int internal_sysctlbyname(const char *sname, void *oldp, uptr *oldlenp,
const void *newp, uptr newlen) { const void *newp, uptr newlen) {
static decltype(sysctlbyname) *real = nullptr; // Note: this function can be called during startup, so we need to avoid
if (!real) // calling any interceptable functions. On FreeBSD >= 1300045 sysctlbyname()
real = (decltype(sysctlbyname) *)dlsym(RTLD_NEXT, "sysctlbyname"); // is a real syscall, but for older versions it calls sysctlnametomib()
CHECK(real); // followed by sysctl(). To avoid calling the intercepted version and
return real(sname, oldp, (size_t *)oldlenp, newp, (size_t)newlen); // asserting if this happens during startup, call the real sysctlnametomib()
// followed by internal_sysctl() if the syscall is not available.
#ifdef SYS___sysctlbyname
return internal_syscall(SYSCALL(__sysctlbyname), sname,
internal_strlen(sname), oldp, (size_t *)oldlenp, newp,
(size_t)newlen);
#else
static decltype(sysctlnametomib) *real_sysctlnametomib = nullptr;
if (!real_sysctlnametomib)
real_sysctlnametomib =
(decltype(sysctlnametomib) *)dlsym(RTLD_NEXT, "sysctlnametomib");
CHECK(real_sysctlnametomib);
int oid[CTL_MAXNAME];
size_t len = CTL_MAXNAME;
if (real_sysctlnametomib(sname, oid, &len) == -1)
return (-1);
return internal_sysctl(oid, len, oldp, oldlenp, newp, newlen);
#endif
} }
vitalybukaUnsubmitted
Not Done
ReplyInline Actions
oldp, (size_t *)oldlenp, newp, (size_t)newlen);
- if (!internal_iserror(ret))
- return ret;
- #endif
+ return ret;
+ #else
static decltype(sysctlnametomib) *real_sysctlnametomib = nullptr;
if (!real_sysctlnametomib)
real_sysctlnametomib =
(decltype(sysctlnametomib) *)dlsym(RTLD_NEXT, "sysctlnametomib");
CHECK(real_sysctlnametomib);
int oid[CTL_MAXNAME];
size_t len = CTL_MAXNAME;
if (real_sysctlnametomib(sname, oid, &len) == -1)
return (-1);
return internal_sysctl(oid, len, oldp, oldlenp, newp, newlen);
+ #endif
}
#endif

Why not like this?

vitalybuka: Why not like this?
arichardsonAuthorUnsubmitted
Done
ReplyInline Actions

Yeah that's probably better. I initially wanted to fall through to doing the old way on ENOSYS, but it turns out that we get a SIGSYS instead. Just returning the error code seems better unless we really want to support building the sanitizer runtime on a new OS and running it on an old kernel.

arichardson: Yeah that's probably better. I initially wanted to fall through to doing the old way on ENOSYS…
#endif #endif
#endif #endif
#if SANITIZER_LINUX #if SANITIZER_LINUX
#define SA_RESTORER 0x04000000 #define SA_RESTORER 0x04000000
// Doesn't set sa_restorer if the caller did not set it, so use with caution // Doesn't set sa_restorer if the caller did not set it, so use with caution
//(see below). //(see below).
int internal_sigaction_norestorer(int signum, const void *act, void *oldact) { int internal_sigaction_norestorer(int signum, const void *act, void *oldact) {
▲ Show 20 LinesShow All 1,457 LinesShow Last 20 Lines