This is an archive of the discontinued LLVM Phabricator instance.

Differential D85870

sanitizer_common: Introduce internal_madvise and start using it.
ClosedPublic

Authored by pcc on Aug 12 2020, 7:56 PM.

Details

Reviewers
eugenis
Commits
rG9f8c4039f202: sanitizer_common: Introduce internal_madvise and start using it.
Summary

A recent change to sanitizer_common caused us to issue the syscall
madvise(MADV_HUGEPAGE) during HWASAN initialization. This may lead to a
problem if madvise is instrumented (e.g. because libc is instrumented
or the user intercepted it). For example, on Android the syscall may
fail if the kernel does not support transparent hugepages, which leads
to an attempt to set errno in a HWASAN instrumented function. Avoid
this problem by introducing a syscall wrapper and using it to issue
this syscall.

Tested only on Linux; includes untested updates for the other
platforms.

Diff Detail

Event Timeline

pcc created this revision.Aug 12 2020, 7:56 PM
Herald added a project: Restricted Project. · View Herald TranscriptAug 12 2020, 7:56 PM
Herald added subscribers: Restricted Project, fedor.sergeev. · View Herald Transcript
pcc requested review of this revision.Aug 12 2020, 7:56 PM
Harbormaster completed remote builds in B68202: Diff 285247.Aug 12 2020, 8:33 PM
eugenis accepted this revision.Aug 13 2020, 12:36 PM

LGTM

This revision is now accepted and ready to land.Aug 13 2020, 12:36 PM
This revision was landed with ongoing or failed builds.Aug 13 2020, 1:10 PM
Closed by commit rG9f8c4039f202: sanitizer_common: Introduce internal_madvise and start using it. (authored by pcc). · Explain Why
This revision was automatically updated to reflect the committed changes.
pcc added a commit: rG9f8c4039f202: sanitizer_common: Introduce internal_madvise and start using it..
ro added a subscriber: ro.Aug 13 2020, 1:49 PM
ro added inline comments.
compiler-rt/lib/sanitizer_common/sanitizer_solaris.cpp
79

I don't know why but you reintroduced an older/broken version of the madvise declaration here. The one you removed from sanitizer_posix_libcdep.cpp had the first arg as void * for a reason.

pcc added inline comments.Aug 13 2020, 4:14 PM
compiler-rt/lib/sanitizer_common/sanitizer_solaris.cpp
79

Oh, I thought that was a mistake and that madvise was supposed to be defined like this on Solaris (according to the comment that I removed on sanitizer_posix_libcdep.cpp lines 70-72, and man pages that I found online, e.g. https://docs.oracle.com/cd/E36784_01/html/E36874/madvise-3c.html). If it's actually defined to take void * on Solaris then I can fix it.

ro added inline comments.Aug 18 2020, 5:03 AM
compiler-rt/lib/sanitizer_common/sanitizer_solaris.cpp
79

On the contrary: I had provided a code snippet using `void *', carefully tested on both Solaris 11.4 and Illumos in D84046. Unfortunately, the author of that patch chose to make the same change as you did, silently and at the last minute and breaking the Solaris build ;-(

I had to restore the build in D84388 and thus was particularly dismayed to see the same change going in again for no apparent reason and without testing.

Strangely, 1-stage builds with gcc 9 or 10 still do work, as can be seen on the Solaris buildbots, but when I tried a 2-stage build last night, it failed again as it had before:

/vol/llvm/src/llvm-project/dist/compiler-rt/lib/sanitizer_common/sanitizer_solaris.cpp:79:16: error: conflicting types for 'madvise'
extern "C" int madvise(caddr_t, size_t, int);
               ^
/usr/include/sys/mman.h:232:12: note: previous declaration is here
extern int madvise(void *, size_t, int);
           ^
1 error generated.

The man page you link is from Solaris 11.2, about 8 years ago. The signature has been changed in 11.4 exactly to avoid unnecessary incompatibilities with other systems.

So yes, please restore the void * version.

pcc added inline comments.Aug 18 2020, 1:11 PM
compiler-rt/lib/sanitizer_common/sanitizer_solaris.cpp
79

Okay, I sent D86166 to fix this.

I have a followup question which I will raise there, since I think the comment really needs to say *why* the declaration is this way, otherwise someone else may come along and "fix" it again.

pcc mentioned this in D86166: sanitizer_common: Use void* for madvise first argument on Solaris..Aug 18 2020, 1:15 PM
ro added inline comments.Aug 18 2020, 1:41 PM
compiler-rt/lib/sanitizer_common/sanitizer_solaris.cpp
79

Okay, I sent D86166 to fix this.

I have a followup question which I will raise there, since I think the comment really needs to say *why* the declaration is this way, otherwise someone else may come along and "fix" it again.

But why on earth do people insist on changing/breaking working code on platforms that by their own admission they know nothing about instead of first asking someone that does for clarification? That's completely beyond me!

I do run Solaris buildbots for a reason.

Revision Contents

Diff 285478

compiler-rt/lib/sanitizer_common/sanitizer_linux.cpp

Show First 20 LinesShow All 181 Lines▼ Show 20 Lines
#if !SANITIZER_OPENBSD #if !SANITIZER_OPENBSD
uptr internal_munmap(void *addr, uptr length) { uptr internal_munmap(void *addr, uptr length) {
return internal_syscall(SYSCALL(munmap), (uptr)addr, length); return internal_syscall(SYSCALL(munmap), (uptr)addr, length);
} }
int internal_mprotect(void *addr, uptr length, int prot) { int internal_mprotect(void *addr, uptr length, int prot) {
return internal_syscall(SYSCALL(mprotect), (uptr)addr, length, prot); return internal_syscall(SYSCALL(mprotect), (uptr)addr, length, prot);
} }
int internal_madvise(uptr addr, uptr length, int advice) {
return internal_syscall(SYSCALL(madvise), addr, length, advice);
}
#endif #endif
uptr internal_close(fd_t fd) { uptr internal_close(fd_t fd) {
return internal_syscall(SYSCALL(close), fd); return internal_syscall(SYSCALL(close), fd);
} }
uptr internal_open(const char *filename, int flags) { uptr internal_open(const char *filename, int flags) {
#if SANITIZER_USES_CANONICAL_LINUX_SYSCALLS #if SANITIZER_USES_CANONICAL_LINUX_SYSCALLS
▲ Show 20 LinesShow All 2,072 LinesShow Last 20 Lines

compiler-rt/lib/sanitizer_common/sanitizer_mac.cpp

Show First 20 LinesShow All 131 Lines▼ Show 20 Linesuptr internal_munmap(void *addr, uptr length) {
if (&__munmap) return __munmap(addr, length); if (&__munmap) return __munmap(addr, length);
return munmap(addr, length); return munmap(addr, length);
} }
int internal_mprotect(void *addr, uptr length, int prot) { int internal_mprotect(void *addr, uptr length, int prot) {
return mprotect(addr, length, prot); return mprotect(addr, length, prot);
} }
int internal_madvise(uptr addr, uptr length, int advice) {
return madvise((void *)addr, length, advice);
}
uptr internal_close(fd_t fd) { uptr internal_close(fd_t fd) {
return close(fd); return close(fd);
} }
uptr internal_open(const char *filename, int flags) { uptr internal_open(const char *filename, int flags) {
return open(filename, flags); return open(filename, flags);
} }
▲ Show 20 LinesShow All 1,187 LinesShow Last 20 Lines

compiler-rt/lib/sanitizer_common/sanitizer_netbsd.cpp

Show First 20 LinesShow All 104 Lines▼ Show 20 Linesuptr internal_munmap(void *addr, uptr length) {
return _REAL(munmap, addr, length); return _REAL(munmap, addr, length);
} }
int internal_mprotect(void *addr, uptr length, int prot) { int internal_mprotect(void *addr, uptr length, int prot) {
DEFINE__REAL(int, mprotect, void *a, uptr b, int c); DEFINE__REAL(int, mprotect, void *a, uptr b, int c);
return _REAL(mprotect, addr, length, prot); return _REAL(mprotect, addr, length, prot);
} }
int internal_madvise(uptr addr, uptr length, int advice) {
DEFINE__REAL(int, madvise, void *a, uptr b, int c);
return _REAL(madvise, (void *)addr, length, advice);
}
uptr internal_close(fd_t fd) { uptr internal_close(fd_t fd) {
CHECK(&_sys_close); CHECK(&_sys_close);
return _sys_close(fd); return _sys_close(fd);
} }
uptr internal_open(const char *filename, int flags) { uptr internal_open(const char *filename, int flags) {
CHECK(&_sys_open); CHECK(&_sys_open);
return _sys_open(filename, flags); return _sys_open(filename, flags);
▲ Show 20 LinesShow All 223 LinesShow Last 20 Lines

compiler-rt/lib/sanitizer_common/sanitizer_openbsd.cpp

Show First 20 LinesShow All 46 Lines▼ Show 20 Lines
} }
uptr internal_munmap(void *addr, uptr length) { return munmap(addr, length); } uptr internal_munmap(void *addr, uptr length) { return munmap(addr, length); }
int internal_mprotect(void *addr, uptr length, int prot) { int internal_mprotect(void *addr, uptr length, int prot) {
return mprotect(addr, length, prot); return mprotect(addr, length, prot);
} }
int internal_madvise(uptr addr, uptr length, int advice) {
return madvise((void *)addr, length, advice);
}
int internal_sysctlbyname(const char *sname, void *oldp, uptr *oldlenp, int internal_sysctlbyname(const char *sname, void *oldp, uptr *oldlenp,
const void *newp, uptr newlen) { const void *newp, uptr newlen) {
Printf("internal_sysctlbyname not implemented for OpenBSD"); Printf("internal_sysctlbyname not implemented for OpenBSD");
Die(); Die();
return 0; return 0;
} }
uptr ReadBinaryName(/*out*/char *buf, uptr buf_len) { uptr ReadBinaryName(/*out*/char *buf, uptr buf_len) {
▲ Show 20 LinesShow All 53 LinesShow Last 20 Lines

compiler-rt/lib/sanitizer_common/sanitizer_posix.h

Show All 36 Lines
uptr internal_read(fd_t fd, void *buf, uptr count); uptr internal_read(fd_t fd, void *buf, uptr count);
uptr internal_write(fd_t fd, const void *buf, uptr count); uptr internal_write(fd_t fd, const void *buf, uptr count);
// Memory // Memory
uptr internal_mmap(void *addr, uptr length, int prot, int flags, uptr internal_mmap(void *addr, uptr length, int prot, int flags,
int fd, u64 offset); int fd, u64 offset);
uptr internal_munmap(void *addr, uptr length); uptr internal_munmap(void *addr, uptr length);
int internal_mprotect(void *addr, uptr length, int prot); int internal_mprotect(void *addr, uptr length, int prot);
int internal_madvise(uptr addr, uptr length, int advice);
// OS // OS
uptr internal_filesize(fd_t fd); // -1 on error. uptr internal_filesize(fd_t fd); // -1 on error.
uptr internal_stat(const char *path, void *buf); uptr internal_stat(const char *path, void *buf);
uptr internal_lstat(const char *path, void *buf); uptr internal_lstat(const char *path, void *buf);
uptr internal_fstat(fd_t fd, void *buf); uptr internal_fstat(fd_t fd, void *buf);
uptr internal_dup(int oldfd); uptr internal_dup(int oldfd);
uptr internal_dup2(int oldfd, int newfd); uptr internal_dup2(int oldfd, int newfd);
▲ Show 20 LinesShow All 73 LinesShow Last 20 Lines

compiler-rt/lib/sanitizer_common/sanitizer_posix_libcdep.cpp

Show All 38 Lines
#if SANITIZER_FREEBSD #if SANITIZER_FREEBSD
// The MAP_NORESERVE define has been removed in FreeBSD 11.x, and even before // The MAP_NORESERVE define has been removed in FreeBSD 11.x, and even before
// that, it was never implemented. So just define it to zero. // that, it was never implemented. So just define it to zero.
#undef MAP_NORESERVE #undef MAP_NORESERVE
#define MAP_NORESERVE 0 #define MAP_NORESERVE 0
#endif #endif
#if SANITIZER_SOLARIS
// Illumos' declaration of madvie cannot be made visible if _XOPEN_SOURCE
// is defined as g++ does on Solaris.
extern "C" int madvise(void *, size_t, int);
#endif
typedef void (*sa_sigaction_t)(int, siginfo_t *, void *); typedef void (*sa_sigaction_t)(int, siginfo_t *, void *);
namespace __sanitizer { namespace __sanitizer {
u32 GetUid() { u32 GetUid() {
return getuid(); return getuid();
} }
uptr GetThreadSelf() { uptr GetThreadSelf() {
return (uptr)pthread_self(); return (uptr)pthread_self();
} }
void ReleaseMemoryPagesToOS(uptr beg, uptr end) { void ReleaseMemoryPagesToOS(uptr beg, uptr end) {
uptr page_size = GetPageSizeCached(); uptr page_size = GetPageSizeCached();
uptr beg_aligned = RoundUpTo(beg, page_size); uptr beg_aligned = RoundUpTo(beg, page_size);
uptr end_aligned = RoundDownTo(end, page_size); uptr end_aligned = RoundDownTo(end, page_size);
if (beg_aligned < end_aligned) if (beg_aligned < end_aligned)
// In the default Solaris compilation environment, madvise() is declared internal_madvise(beg_aligned, end_aligned - beg_aligned,
// to take a caddr_t arg; casting it to void * results in an invalid
// conversion error, so use char * instead.
madvise((char *)beg_aligned, end_aligned - beg_aligned,
SANITIZER_MADVISE_DONTNEED); SANITIZER_MADVISE_DONTNEED);
} }
void SetShadowRegionHugePageMode(uptr addr, uptr size) { void SetShadowRegionHugePageMode(uptr addr, uptr size) {
#ifdef MADV_NOHUGEPAGE // May not be defined on old systems. #ifdef MADV_NOHUGEPAGE // May not be defined on old systems.
if (common_flags()->no_huge_pages_for_shadow) if (common_flags()->no_huge_pages_for_shadow)
madvise((char *)addr, size, MADV_NOHUGEPAGE); internal_madvise(addr, size, MADV_NOHUGEPAGE);
else else
madvise((char *)addr, size, MADV_HUGEPAGE); internal_madvise(addr, size, MADV_HUGEPAGE);
#endif // MADV_NOHUGEPAGE #endif // MADV_NOHUGEPAGE
} }
bool DontDumpShadowMemory(uptr addr, uptr length) { bool DontDumpShadowMemory(uptr addr, uptr length) {
#if defined(MADV_DONTDUMP) #if defined(MADV_DONTDUMP)
return madvise((char *)addr, length, MADV_DONTDUMP) == 0; return internal_madvise(addr, length, MADV_DONTDUMP) == 0;
#elif defined(MADV_NOCORE) #elif defined(MADV_NOCORE)
return madvise((char *)addr, length, MADV_NOCORE) == 0; return internal_madvise(addr, length, MADV_NOCORE) == 0;
#else #else
return true; return true;
#endif // MADV_DONTDUMP #endif // MADV_DONTDUMP
} }
static rlim_t getlim(int res) { static rlim_t getlim(int res) {
rlimit rlim; rlimit rlim;
CHECK_EQ(0, getrlimit(res, &rlim)); CHECK_EQ(0, getrlimit(res, &rlim));
▲ Show 20 LinesShow All 417 LinesShow Last 20 Lines

compiler-rt/lib/sanitizer_common/sanitizer_solaris.cpp

Show First 20 LinesShow All 68 Lines▼ Show 20 Lines
DECLARE__REAL_AND_INTERNAL(uptr, munmap, void *addr, uptr length) { DECLARE__REAL_AND_INTERNAL(uptr, munmap, void *addr, uptr length) {
return _REAL(munmap)(addr, length); return _REAL(munmap)(addr, length);
} }
DECLARE__REAL_AND_INTERNAL(int, mprotect, void *addr, uptr length, int prot) { DECLARE__REAL_AND_INTERNAL(int, mprotect, void *addr, uptr length, int prot) {
return _REAL(mprotect)(addr, length, prot); return _REAL(mprotect)(addr, length, prot);
} }
// Illumos' declaration of madvise cannot be made visible if _XOPEN_SOURCE
// is defined as g++ does on Solaris.
extern "C" int madvise(caddr_t, size_t, int);
roUnsubmitted
Not Done
ReplyInline Actions

I don't know why but you reintroduced an older/broken version of the madvise declaration here. The one you removed from sanitizer_posix_libcdep.cpp had the first arg as void * for a reason.

ro: I don't know why but you reintroduced an older/broken version of the `madvise` declaration here.
pccAuthorUnsubmitted
Done
ReplyInline Actions

Oh, I thought that was a mistake and that madvise was supposed to be defined like this on Solaris (according to the comment that I removed on sanitizer_posix_libcdep.cpp lines 70-72, and man pages that I found online, e.g. https://docs.oracle.com/cd/E36784_01/html/E36874/madvise-3c.html). If it's actually defined to take void * on Solaris then I can fix it.

pcc: Oh, I thought that was a mistake and that madvise was supposed to be defined like this on…
roUnsubmitted
Not Done
ReplyInline Actions

On the contrary: I had provided a code snippet using `void *', carefully tested on both Solaris 11.4 and Illumos in D84046. Unfortunately, the author of that patch chose to make the same change as you did, silently and at the last minute and breaking the Solaris build ;-(

I had to restore the build in D84388 and thus was particularly dismayed to see the same change going in again for no apparent reason and without testing.

Strangely, 1-stage builds with gcc 9 or 10 still do work, as can be seen on the Solaris buildbots, but when I tried a 2-stage build last night, it failed again as it had before:

/vol/llvm/src/llvm-project/dist/compiler-rt/lib/sanitizer_common/sanitizer_solaris.cpp:79:16: error: conflicting types for 'madvise'
extern "C" int madvise(caddr_t, size_t, int);
               ^
/usr/include/sys/mman.h:232:12: note: previous declaration is here
extern int madvise(void *, size_t, int);
           ^
1 error generated.

The man page you link is from Solaris 11.2, about 8 years ago. The signature has been changed in 11.4 exactly to avoid unnecessary incompatibilities with other systems.

So yes, please restore the void * version.

ro: On the contrary: I had provided a code snippet using `void *', carefully tested on both Solaris…
pccAuthorUnsubmitted
Done
ReplyInline Actions

Okay, I sent D86166 to fix this.

I have a followup question which I will raise there, since I think the comment really needs to say *why* the declaration is this way, otherwise someone else may come along and "fix" it again.

pcc: Okay, I sent D86166 to fix this. I have a followup question which I will raise there, since I…
roUnsubmitted
Not Done
ReplyInline Actions

Okay, I sent D86166 to fix this.

I have a followup question which I will raise there, since I think the comment really needs to say *why* the declaration is this way, otherwise someone else may come along and "fix" it again.

But why on earth do people insist on changing/breaking working code on platforms that by their own admission they know nothing about instead of first asking someone that does for clarification? That's completely beyond me!

I do run Solaris buildbots for a reason.

ro: > Okay, I sent D86166 to fix this. > > I have a followup question which I will raise there…
int internal_madvise(uptr addr, uptr length, int advice) {
return madvise((caddr_t)addr, length, advice);
}
DECLARE__REAL_AND_INTERNAL(uptr, close, fd_t fd) { DECLARE__REAL_AND_INTERNAL(uptr, close, fd_t fd) {
return _REAL(close)(fd); return _REAL(close)(fd);
} }
extern "C" int _REAL64(open)(const char *, int, ...); extern "C" int _REAL64(open)(const char *, int, ...);
uptr internal_open(const char *filename, int flags) { uptr internal_open(const char *filename, int flags) {
return _REAL64(open)(filename, flags); return _REAL64(open)(filename, flags);
▲ Show 20 LinesShow All 146 LinesShow Last 20 Lines