This is an archive of the discontinued LLVM Phabricator instance.

Differential D95184

[ASan] Stop blocking child thread progress from parent thread in `pthread_create` interceptor.
ClosedPublic

Authored by delcypher on Jan 21 2021, 4:19 PM.

Details

Reviewers
kubamracek
yln
kcc
dvyukov
eugenis
vitalybuka
cryptoad
earthdok
Commits
rG596d534ac352: [ASan] Stop blocking child thread progress from parent thread in…
Summary

Previously in ASan's pthread_create interceptor we would block in the
pthread_create interceptor waiting for the child thread to start.

Unfortunately this has bad performance characteristics because the OS
scheduler doesn't know the relationship between the parent and child
thread (i.e. the parent thread cannot make progress until the child
thread makes progress) and may make the wrong scheduling decision which
stalls progress.

It turns out that ASan didn't use to block in this interceptor but was
changed to do so to try to address
http://llvm.org/bugs/show_bug.cgi?id=21621/.

In that bug the problem being addressed was a LeakSanitizer false
positive. That bug concerns a heap object being passed
as arg to pthread_create. If:

  • The calling thread loses a live reference to the object (e.g. pthread_create finishes and the thread no longer has a live reference to the object).
  • Leak checking is triggered.
  • The child thread has not yet started (once it starts it will have a live reference).

then the heap object will incorrectly appear to be leaked.

This bug is covered by the lsan/TestCases/leak_check_before_thread_started.cpp test case.

In b029c5101fb49b3577a1c322f42ef9fc616f25bf ASan was changed to block
in pthread_create() until the child thread starts so that arg is
kept alive for the purposes of leaking check.

While this change "works" its problematic due to the performance
problems it causes. The change is also completely unnecessary if leak
checking is disabled (via detect_leaks runtime option or
CAN_SANITIZE_LEAKS compile time config).

This patch does two things:

  1. Takes a different approach to solving the leak false positive by making LSan's leak checking mechanism treat the arg pointer of created but not started threads as reachable. This is done by implementing the ForEachRegisteredThreadContextCb callback for ASan.
  1. Removes the blocking behaviour in the ASan pthread_create interceptor.

rdar://problem/63537240

Diff Detail

Event Timeline

delcypher created this revision.Jan 21 2021, 4:19 PM
Herald added a subscriber: jfb. · View Herald TranscriptJan 21 2021, 4:19 PM
delcypher requested review of this revision.Jan 21 2021, 4:19 PM
Herald added a project: Restricted Project. · View Herald TranscriptJan 21 2021, 4:19 PM
Herald added a subscriber: Restricted Project. · View Herald Transcript
Harbormaster completed remote builds in B86188: Diff 318349.Jan 21 2021, 4:19 PM
delcypher added a parent revision: D95183: [LSan] Introduce a callback mechanism to allow adding data reachable from ThreadContexts to the frontier..Jan 21 2021, 4:19 PM
delcypher mentioned this in D94210: [ASan] Stop blocking child thread progress from parent thread in `pthread_create` interceptor..
delcypher added a comment.Jan 21 2021, 4:26 PM

@vitalybuka This patch implements the "update the frontier" approach you outlined in the https://reviews.llvm.org/D94210 . The patch depends on https://reviews.llvm.org/D95183 .

delcypher updated this revision to Diff 318353.Jan 21 2021, 4:36 PM

Tweak condition to make it easier to read.

Harbormaster completed remote builds in B86192: Diff 318353.Jan 21 2021, 7:39 PM
vitalybuka added inline comments.Jan 21 2021, 8:55 PM
compiler-rt/lib/asan/asan_allocator.cpp
1141

if we at asan_thread.cpp:260 arg is still invisible to lsan, and we can report false leak. So ThreadStatusRunning should be covered as well.

1152–1167

I would prefer we keep this logic in lsan

compiler-rt/lib/asan/asan_interceptors.cpp
224

if (result != 0) {

// destroy t;

}

delcypher added inline comments.Jan 22 2021, 12:57 PM
compiler-rt/lib/asan/asan_allocator.cpp
1141

Good catch.

1152–1167

Yep. Your suggestion in https://reviews.llvm.org/D95183 should resolve this. One downside though is when producing log output is that we won't be able to print the thread ID. That's a pretty small downside so I'm okay with that.

1155

Hmm. It just occurred to me we aren't checking m.allocated() is true before changing the tag and adding it to the frontier. This could lead to bad behaviour if the chunk gets freed at some point (e.g. the created thread frees it). Adding a freed chunk to the frontier could be especially bad because later on when doing the flood fill in LSan we'll scan the freed memory for pointers.

I'll add a check here to prevent this.

compiler-rt/lib/asan/asan_interceptors.cpp
224

Good catch. Isn't this a separate bug though? It looks like the old code didn't handle this either. I'm happy to fix it but I think it should be in a separate patch.

delcypher added inline comments.Jan 22 2021, 5:35 PM
compiler-rt/lib/asan/asan_interceptors.cpp
224

Wait.. no the bug isn't the old code because I've reserved the creation order so I've introduced a new bug. I'll fix this in this patch.

delcypher updated this revision to Diff 318713.Jan 22 2021, 6:12 PM

Address first round of feedback.

delcypher marked 3 inline comments as done.Jan 22 2021, 6:13 PM
delcypher added inline comments.Jan 22 2021, 6:29 PM
compiler-rt/lib/asan/asan_interceptors.cpp
226

@vitalybuka Is AsanThread::Destroy() safe to call from this thread and in this context where the corresponding thread was never started.? I wasn't really sure.

I see that calling this will call DTLS_Destroy() and I'm not sure if that needs to be called from a different thread (i.e. called from the thread before its destroyed). It looks like this function is a no-op on macOS which is where I'm testing.

Harbormaster completed remote builds in B86382: Diff 318713.Jan 22 2021, 7:03 PM
vitalybuka accepted this revision.Jan 22 2021, 7:31 PM
vitalybuka added inline comments.
compiler-rt/lib/asan/asan_allocator.cpp
1239

historically sanitizers use snake case for local variable, from Google coding style

1244–1246
if (atctx->status != ThreadStatusCreated && atctx->status != ThreadStatusRunning)
  return;
compiler-rt/lib/asan/asan_interceptors.cpp
226

I think DTLS_Destroy should be fine here. I assume this thread will never showup in suspended_threads so lsan will not try to scan it.

As I understand Ctx is not leaked but pushed into quarantine by ThreadRegistry::FinishThread

This revision is now accepted and ready to land.Jan 22 2021, 7:31 PM
delcypher updated this revision to Diff 318721.Jan 22 2021, 7:43 PM

Address second round of feedback.

delcypher marked an inline comment as done.Jan 22 2021, 7:43 PM
delcypher added inline comments.
compiler-rt/lib/asan/asan_allocator.cpp
1239

Okay. I'll change the style.

1244–1246

Sure. I'll rewrite it that way.

compiler-rt/lib/asan/asan_interceptors.cpp
226

Sorry "leaks" is a poor choice of words. What I meant is we've wasted an AsanThreadContext because created it but then never used it. Because in ASan we never re-use AsanThreadContexts its wasted.

I'll update the comment.

delcypher marked 3 inline comments as done.Jan 22 2021, 7:44 PM
Harbormaster completed remote builds in B86387: Diff 318721.Jan 22 2021, 8:23 PM
This revision was landed with ongoing or failed builds.Jan 22 2021, 11:35 PM
Closed by commit rG596d534ac352: [ASan] Stop blocking child thread progress from parent thread in… (authored by delcypher). · Explain Why
This revision was automatically updated to reflect the committed changes.
delcypher added a commit: rG596d534ac352: [ASan] Stop blocking child thread progress from parent thread in….
clemenswasser added a subscriber: clemenswasser.Jan 23 2021, 6:43 AM

You should also change compiler-rt/lib/asan/asan_win.cpp like this:

diff --git a/compiler-rt/lib/asan/asan_win.cpp b/compiler-rt/lib/asan/asan_win.cpp
index 8044ae16ff9b..1577c83cf994 100644
--- a/compiler-rt/lib/asan/asan_win.cpp
+++ b/compiler-rt/lib/asan/asan_win.cpp
@@ -134,7 +134,7 @@ INTERCEPTOR(int, _except_handler4, void *a, void *b, void *c, void *d) {
 static thread_return_t THREAD_CALLING_CONV asan_thread_start(void *arg) {
   AsanThread *t = (AsanThread *)arg;
   SetCurrentThread(t);
-  return t->ThreadStart(GetTid(), /* signal_thread_is_registered */ nullptr);
+  return t->ThreadStart(GetTid());
 }

 INTERCEPTOR_WINAPI(HANDLE, CreateThread, LPSECURITY_ATTRIBUTES security,
delcypher added a comment.Jan 23 2021, 9:13 AM
In D95184#2517508, @clemenswasser wrote:

You should also change compiler-rt/lib/asan/asan_win.cpp like this:

diff --git a/compiler-rt/lib/asan/asan_win.cpp b/compiler-rt/lib/asan/asan_win.cpp
index 8044ae16ff9b..1577c83cf994 100644
--- a/compiler-rt/lib/asan/asan_win.cpp
+++ b/compiler-rt/lib/asan/asan_win.cpp
@@ -134,7 +134,7 @@ INTERCEPTOR(int, _except_handler4, void *a, void *b, void *c, void *d) {
 static thread_return_t THREAD_CALLING_CONV asan_thread_start(void *arg) {
   AsanThread *t = (AsanThread *)arg;
   SetCurrentThread(t);
-  return t->ThreadStart(GetTid(), /* signal_thread_is_registered */ nullptr);
+  return t->ThreadStart(GetTid());
 }

 INTERCEPTOR_WINAPI(HANDLE, CreateThread, LPSECURITY_ATTRIBUTES security,

Thanks. Sorry for breaking the Windows build. This should be resolved by 757b93bb7b384038a8dec35433f78f5c7c2ef8b0

vitalybuka mentioned this in D95731: [asan] Fix pthread_create interceptor.Jan 30 2021, 12:44 AM
vitalybuka mentioned this in rG9da05cf6ed16: [asan] Fix pthread_create interceptor.Feb 3 2021, 12:58 PM

Revision Contents

PathSize
compiler-rt/
lib/
asan/
48 lines
37 lines
5 lines
8 lines

Diff 318349

compiler-rt/lib/asan/asan_allocator.cpp

Show First 20 LinesShow All 1,119 Lines▼ Show 20 Linesuptr PointsIntoChunk(void *p) {
if (m->AddrIsInside(addr)) if (m->AddrIsInside(addr))
return chunk; return chunk;
if (IsSpecialCaseOfOperatorNew0(chunk, m->UsedSize(), addr)) if (IsSpecialCaseOfOperatorNew0(chunk, m->UsedSize(), addr))
return chunk; return chunk;
return 0; return 0;
} }
void ForEachRegisteredThreadContextCb(ThreadContextBase *tctx, void *arg) { void ForEachRegisteredThreadContextCb(ThreadContextBase *tctx, void *arg) {
// This function can be used to treat memory reachable from `tctx` as live. // The code here looks for created but not yet started threads and treats the
// This is useful for threads that have been created but not yet started. // thread's `arg` pointer as reachable if it is a heap object. This is
// necessary to prevent leak false positives if nothing else holds a live
// reference to the heap object. This can happen because the ASan
// `pthread_create()` interceptor doesn't wait for the child thread to
// start before exiting.
__asan::AsanThreadContext *atctx =
reinterpret_cast<__asan::AsanThreadContext *>(tctx);
__asan::AsanThread *asanThread = atctx->thread;
// The AsanThread will non null if `AsanThreadContext::OnFinished()`
// hasn't been called.
if (!asanThread)
return;
vitalybukaUnsubmitted
Done
ReplyInline Actions

if we at asan_thread.cpp:260 arg is still invisible to lsan, and we can report false leak. So ThreadStatusRunning should be covered as well.

vitalybuka: if we at asan_thread.cpp:260 arg is still invisible to lsan, and we can report false leak. So…
delcypherAuthorUnsubmitted
Done
ReplyInline Actions

Good catch.

delcypher: Good catch.
// We only need to deal with threads that have been created but not
// yet started.
if (atctx->status != ThreadStatusCreated)
return;
// This is currently a no-op because the ASan `pthread_create()` interceptor void *threadArg = asanThread->get_arg();
// blocks until the child thread starts which keeps the thread's `arg` pointer if (!threadArg)
// live. return;
uptr chunk = PointsIntoChunk(threadArg);
if (!chunk)
return;
// Add chunk to frontier and mark it as reachable.
delcypherAuthorUnsubmitted
Done
ReplyInline Actions

Hmm. It just occurred to me we aren't checking m.allocated() is true before changing the tag and adding it to the frontier. This could lead to bad behaviour if the chunk gets freed at some point (e.g. the created thread frees it). Adding a freed chunk to the frontier could be especially bad because later on when doing the flood fill in LSan we'll scan the freed memory for pointers.

I'll add a check here to prevent this.

delcypher: Hmm. It just occurred to me we aren't checking `m.allocated()` is true before changing the tag…
Frontier *frontier = reinterpret_cast<Frontier *>(arg);
frontier->push_back(chunk);
LsanMetadata m(chunk);
m.set_tag(kReachable);
// __lsan::flags() has to be guarded by this macro because it uses data that
// is not defined when !CAN_SANITIZE_LEAKS.
#if CAN_SANITIZE_LEAKS
if (flags()->log_pointers)
Report(
"Treating arg pointer of created but not started thread T%d as live: "
"%p\n",
vitalybukaUnsubmitted
Done
ReplyInline Actions

I would prefer we keep this logic in lsan

vitalybuka: I would prefer we keep this logic in lsan
delcypherAuthorUnsubmitted
Done
ReplyInline Actions

Yep. Your suggestion in https://reviews.llvm.org/D95183 should resolve this. One downside though is when producing log output is that we won't be able to print the thread ID. That's a pretty small downside so I'm okay with that.

delcypher: Yep. Your suggestion in https://reviews.llvm.org/D95183 should resolve this. One downside…
atctx->tid, threadArg);
#endif
} }
uptr GetUserBegin(uptr chunk) { uptr GetUserBegin(uptr chunk) {
__asan::AsanChunk *m = __asan::instance.GetAsanChunkByAddrFastLocked(chunk); __asan::AsanChunk *m = __asan::instance.GetAsanChunkByAddrFastLocked(chunk);
return m ? m->Beg() : 0; return m ? m->Beg() : 0;
} }
LsanMetadata::LsanMetadata(uptr chunk) { LsanMetadata::LsanMetadata(uptr chunk) {
▲ Show 20 LinesShow All 53 Lines▼ Show 20 Lines
} // namespace __lsan } // namespace __lsan
// ---------------------- Interface ---------------- {{{1 // ---------------------- Interface ---------------- {{{1
using namespace __asan; using namespace __asan;
// ASan allocator doesn't reserve extra bytes, so normally we would // ASan allocator doesn't reserve extra bytes, so normally we would
// just return "size". We don't want to expose our redzone sizes, etc here. // just return "size". We don't want to expose our redzone sizes, etc here.
uptr __sanitizer_get_estimated_allocated_size(uptr size) { uptr __sanitizer_get_estimated_allocated_size(uptr size) {
return size; return size;
vitalybukaUnsubmitted
Done
ReplyInline Actions

historically sanitizers use snake case for local variable, from Google coding style

vitalybuka: historically sanitizers use snake case for local variable, from Google coding style
delcypherAuthorUnsubmitted
Done
ReplyInline Actions

Okay. I'll change the style.

delcypher: Okay. I'll change the style.
} }
int __sanitizer_get_ownership(const void *p) { int __sanitizer_get_ownership(const void *p) {
uptr ptr = reinterpret_cast<uptr>(p); uptr ptr = reinterpret_cast<uptr>(p);
return instance.AllocationSize(ptr) > 0; return instance.AllocationSize(ptr) > 0;
} }
vitalybukaUnsubmitted
Done
ReplyInline Actions
if (atctx->status != ThreadStatusCreated && atctx->status != ThreadStatusRunning)
  return;
vitalybuka: if (atctx->status != ThreadStatusCreated && atctx->status != ThreadStatusRunning) return;
delcypherAuthorUnsubmitted
Done
ReplyInline Actions

Sure. I'll rewrite it that way.

delcypher: Sure. I'll rewrite it that way.
uptr __sanitizer_get_allocated_size(const void *p) { uptr __sanitizer_get_allocated_size(const void *p) {
if (!p) return 0; if (!p) return 0;
uptr ptr = reinterpret_cast<uptr>(p); uptr ptr = reinterpret_cast<uptr>(p);
uptr allocated_size = instance.AllocationSize(ptr); uptr allocated_size = instance.AllocationSize(ptr);
// Die if p is not malloced or if it is already freed. // Die if p is not malloced or if it is already freed.
if (allocated_size == 0) { if (allocated_size == 0) {
GET_STACK_TRACE_FATAL_HERE; GET_STACK_TRACE_FATAL_HERE;
ReportSanitizerGetAllocatedSizeNotOwned(ptr, &stack); ReportSanitizerGetAllocatedSizeNotOwned(ptr, &stack);
Show All 26 Lines

compiler-rt/lib/asan/asan_interceptors.cpp

Show First 20 LinesShow All 183 Lines▼ Show 20 Lines
#define COMMON_SYSCALL_POST_WRITE_RANGE(p, s) \ #define COMMON_SYSCALL_POST_WRITE_RANGE(p, s) \
do { \ do { \
(void)(p); \ (void)(p); \
(void)(s); \ (void)(s); \
} while (false) } while (false)
#include "sanitizer_common/sanitizer_common_syscalls.inc" #include "sanitizer_common/sanitizer_common_syscalls.inc"
#include "sanitizer_common/sanitizer_syscalls_netbsd.inc" #include "sanitizer_common/sanitizer_syscalls_netbsd.inc"
struct ThreadStartParam {
atomic_uintptr_t t;
atomic_uintptr_t is_registered;
};
#if ASAN_INTERCEPT_PTHREAD_CREATE #if ASAN_INTERCEPT_PTHREAD_CREATE
static thread_return_t THREAD_CALLING_CONV asan_thread_start(void *arg) { static thread_return_t THREAD_CALLING_CONV asan_thread_start(void *arg) {
ThreadStartParam *param = reinterpret_cast<ThreadStartParam *>(arg); AsanThread *t = (AsanThread *)arg;
AsanThread *t = nullptr;
while ((t = reinterpret_cast<AsanThread *>(
atomic_load(&param->t, memory_order_acquire))) == nullptr)
internal_sched_yield();
SetCurrentThread(t); SetCurrentThread(t);
return t->ThreadStart(GetTid(), &param->is_registered); return t->ThreadStart(GetTid());
} }
INTERCEPTOR(int, pthread_create, void *thread, INTERCEPTOR(int, pthread_create, void *thread,
void *attr, void *(*start_routine)(void*), void *arg) { void *attr, void *(*start_routine)(void*), void *arg) {
EnsureMainThreadIDIsCorrect(); EnsureMainThreadIDIsCorrect();
// Strict init-order checking is thread-hostile. // Strict init-order checking is thread-hostile.
if (flags()->strict_init_order) if (flags()->strict_init_order)
StopInitOrderChecking(); StopInitOrderChecking();
GET_STACK_TRACE_THREAD; GET_STACK_TRACE_THREAD;
int detached = 0; int detached = 0;
if (attr) if (attr)
REAL(pthread_attr_getdetachstate)(attr, &detached); REAL(pthread_attr_getdetachstate)(attr, &detached);
ThreadStartParam param;
atomic_store(&param.t, 0, memory_order_relaxed); u32 current_tid = GetCurrentTidOrInvalid();
atomic_store(&param.is_registered, 0, memory_order_relaxed); AsanThread *t =
AsanThread::Create(start_routine, arg, current_tid, &stack, detached);
int result; int result;
{ {
// Ignore all allocations made by pthread_create: thread stack/TLS may be // Ignore all allocations made by pthread_create: thread stack/TLS may be
// stored by pthread for future reuse even after thread destruction, and // stored by pthread for future reuse even after thread destruction, and
// the linked list it's stored in doesn't even hold valid pointers to the // the linked list it's stored in doesn't even hold valid pointers to the
// objects, the latter are calculated by obscure pointer arithmetic. // objects, the latter are calculated by obscure pointer arithmetic.
#if CAN_SANITIZE_LEAKS #if CAN_SANITIZE_LEAKS
__lsan::ScopedInterceptorDisabler disabler; __lsan::ScopedInterceptorDisabler disabler;
#endif #endif
result = REAL(pthread_create)(thread, attr, asan_thread_start, &param); result = REAL(pthread_create)(thread, attr, asan_thread_start, t);
}
if (result == 0) {
u32 current_tid = GetCurrentTidOrInvalid();
AsanThread *t =
AsanThread::Create(start_routine, arg, current_tid, &stack, detached);
atomic_store(&param.t, reinterpret_cast<uptr>(t), memory_order_release);
// Wait until the AsanThread object is initialized and the ThreadRegistry
// entry is in "started" state. One reason for this is that after this
// interceptor exits, the child thread's stack may be the only thing holding
// the |arg| pointer. This may cause LSan to report a leak if leak checking
// happens at a point when the interceptor has already exited, but the stack
// range for the child thread is not yet known.
while (atomic_load(&param.is_registered, memory_order_acquire) == 0)
internal_sched_yield();
} }
vitalybukaUnsubmitted
Done
ReplyInline Actions

if (result != 0) {

// destroy t;

}

vitalybuka: if (result != 0) { // destroy t; }
delcypherAuthorUnsubmitted
Done
ReplyInline Actions

Good catch. Isn't this a separate bug though? It looks like the old code didn't handle this either. I'm happy to fix it but I think it should be in a separate patch.

delcypher: Good catch. Isn't this a separate bug though? It looks like the old code didn't handle this…
delcypherAuthorUnsubmitted
Done
ReplyInline Actions

Wait.. no the bug isn't the old code because I've reserved the creation order so I've introduced a new bug. I'll fix this in this patch.

delcypher: Wait.. no the bug isn't the old code because I've reserved the creation order so I've…
return result; return result;
} }
delcypherAuthorUnsubmitted
Done
ReplyInline Actions

@vitalybuka Is AsanThread::Destroy() safe to call from this thread and in this context where the corresponding thread was never started.? I wasn't really sure.

I see that calling this will call DTLS_Destroy() and I'm not sure if that needs to be called from a different thread (i.e. called from the thread before its destroyed). It looks like this function is a no-op on macOS which is where I'm testing.

delcypher: @vitalybuka **Is `AsanThread::Destroy()` safe to call from this thread and in this context…
vitalybukaUnsubmitted
Done
ReplyInline Actions

I think DTLS_Destroy should be fine here. I assume this thread will never showup in suspended_threads so lsan will not try to scan it.

As I understand Ctx is not leaked but pushed into quarantine by ThreadRegistry::FinishThread

vitalybuka: I think DTLS_Destroy should be fine here. I assume this thread will never showup in…
delcypherAuthorUnsubmitted
Done
ReplyInline Actions

Sorry "leaks" is a poor choice of words. What I meant is we've wasted an AsanThreadContext because created it but then never used it. Because in ASan we never re-use AsanThreadContexts its wasted.

I'll update the comment.

delcypher: Sorry "leaks" is a poor choice of words. What I meant is we've wasted an AsanThreadContext…
INTERCEPTOR(int, pthread_join, void *t, void **arg) { INTERCEPTOR(int, pthread_join, void *t, void **arg) {
return real_pthread_join(t, arg); return real_pthread_join(t, arg);
} }
DEFINE_REAL_PTHREAD_FUNCTIONS DEFINE_REAL_PTHREAD_FUNCTIONS
#endif // ASAN_INTERCEPT_PTHREAD_CREATE #endif // ASAN_INTERCEPT_PTHREAD_CREATE
▲ Show 20 LinesShow All 467 LinesShow Last 20 Lines

compiler-rt/lib/asan/asan_thread.h

Show First 20 LinesShow All 63 Lines▼ Show 20 Lines public:
static AsanThread *Create(thread_callback_t start_routine, void *arg, static AsanThread *Create(thread_callback_t start_routine, void *arg,
u32 parent_tid, StackTrace *stack, bool detached); u32 parent_tid, StackTrace *stack, bool detached);
static void TSDDtor(void *tsd); static void TSDDtor(void *tsd);
void Destroy(); void Destroy();
struct InitOptions; struct InitOptions;
void Init(const InitOptions *options = nullptr); void Init(const InitOptions *options = nullptr);
thread_return_t ThreadStart(tid_t os_id, thread_return_t ThreadStart(tid_t os_id);
atomic_uintptr_t *signal_thread_is_registered);
uptr stack_top(); uptr stack_top();
uptr stack_bottom(); uptr stack_bottom();
uptr stack_size(); uptr stack_size();
uptr tls_begin() { return tls_begin_; } uptr tls_begin() { return tls_begin_; }
uptr tls_end() { return tls_end_; } uptr tls_end() { return tls_end_; }
DTLS *dtls() { return dtls_; } DTLS *dtls() { return dtls_; }
u32 tid() { return context_->tid; } u32 tid() { return context_->tid; }
▲ Show 20 LinesShow All 45 Lines▼ Show 20 Lines public:
bool isUnwinding() const { return unwinding_; } bool isUnwinding() const { return unwinding_; }
void setUnwinding(bool b) { unwinding_ = b; } void setUnwinding(bool b) { unwinding_ = b; }
AsanThreadLocalMallocStorage &malloc_storage() { return malloc_storage_; } AsanThreadLocalMallocStorage &malloc_storage() { return malloc_storage_; }
AsanStats &stats() { return stats_; } AsanStats &stats() { return stats_; }
void *extra_spill_area() { return &extra_spill_area_; } void *extra_spill_area() { return &extra_spill_area_; }
void *get_arg() { return arg_; }
private: private:
// NOTE: There is no AsanThread constructor. It is allocated // NOTE: There is no AsanThread constructor. It is allocated
// via mmap() and *must* be valid in zero-initialized state. // via mmap() and *must* be valid in zero-initialized state.
void SetThreadStackAndTls(const InitOptions *options); void SetThreadStackAndTls(const InitOptions *options);
void ClearShadowForThreadStackAndTLS(); void ClearShadowForThreadStackAndTLS();
FakeStack *AsyncSignalSafeLazyInitFakeStack(); FakeStack *AsyncSignalSafeLazyInitFakeStack();
▲ Show 20 LinesShow All 47 LinesShow Last 20 Lines

compiler-rt/lib/asan/asan_thread.cpp

Show First 20 LinesShow All 247 Lines▼ Show 20 Lines VReport(1, "T%d: stack [%p,%p) size 0x%zx; local=%p\n", tid(),
&local); &local);
} }
// Fuchsia and RTEMS don't use ThreadStart. // Fuchsia and RTEMS don't use ThreadStart.
// asan_fuchsia.c/asan_rtems.c define CreateMainThread and // asan_fuchsia.c/asan_rtems.c define CreateMainThread and
// SetThreadStackAndTls. // SetThreadStackAndTls.
#if !SANITIZER_FUCHSIA && !SANITIZER_RTEMS #if !SANITIZER_FUCHSIA && !SANITIZER_RTEMS
thread_return_t AsanThread::ThreadStart( thread_return_t AsanThread::ThreadStart(tid_t os_id) {
tid_t os_id, atomic_uintptr_t *signal_thread_is_registered) {
Init(); Init();
asanThreadRegistry().StartThread(tid(), os_id, ThreadType::Regular, nullptr); asanThreadRegistry().StartThread(tid(), os_id, ThreadType::Regular, nullptr);
if (signal_thread_is_registered)
atomic_store(signal_thread_is_registered, 1, memory_order_release);
if (common_flags()->use_sigaltstack) SetAlternateSignalStack(); if (common_flags()->use_sigaltstack) SetAlternateSignalStack();
if (!start_routine_) { if (!start_routine_) {
// start_routine_ == 0 if we're on the main thread or on one of the // start_routine_ == 0 if we're on the main thread or on one of the
// OS X libdispatch worker threads. But nobody is supposed to call // OS X libdispatch worker threads. But nobody is supposed to call
// ThreadStart() for the worker threads. // ThreadStart() for the worker threads.
CHECK_EQ(tid(), 0); CHECK_EQ(tid(), 0);
Show All 13 Linesthread_return_t AsanThread::ThreadStart(tid_t os_id) {
return res; return res;
} }
AsanThread *CreateMainThread() { AsanThread *CreateMainThread() {
AsanThread *main_thread = AsanThread::Create( AsanThread *main_thread = AsanThread::Create(
/* start_routine */ nullptr, /* arg */ nullptr, /* parent_tid */ 0, /* start_routine */ nullptr, /* arg */ nullptr, /* parent_tid */ 0,
/* stack */ nullptr, /* detached */ true); /* stack */ nullptr, /* detached */ true);
SetCurrentThread(main_thread); SetCurrentThread(main_thread);
main_thread->ThreadStart(internal_getpid(), main_thread->ThreadStart(internal_getpid());
/* signal_thread_is_registered */ nullptr);
return main_thread; return main_thread;
} }
// This implementation doesn't use the argument, which is just passed down // This implementation doesn't use the argument, which is just passed down
// from the caller of Init (which see, above). It's only there to support // from the caller of Init (which see, above). It's only there to support
// OS-specific implementations that need more information passed through. // OS-specific implementations that need more information passed through.
void AsanThread::SetThreadStackAndTls(const InitOptions *options) { void AsanThread::SetThreadStackAndTls(const InitOptions *options) {
DCHECK_EQ(options, nullptr); DCHECK_EQ(options, nullptr);
▲ Show 20 LinesShow All 251 LinesShow Last 20 Lines