tsan_platform_linux.cpp source code [compiler-rt/lib/tsan/rtl/tsan_platform_linux.cpp]

1	//===-- tsan_platform_linux.cpp -------------------------------------------===//
2	//
3	// Part of the LLVM Project, under the Apache License v2.0 with LLVM Exceptions.
4	// See https://llvm.org/LICENSE.txt for license information.
5	// SPDX-License-Identifier: Apache-2.0 WITH LLVM-exception
6	//
7	//===----------------------------------------------------------------------===//
8	//
9	// This file is a part of ThreadSanitizer (TSan), a race detector.
10	//
11	// Linux- and BSD-specific code.
12	//===----------------------------------------------------------------------===//
13
14	#include "sanitizer_common/sanitizer_platform.h"
15	#if SANITIZER_LINUX \|\| SANITIZER_FREEBSD \|\| SANITIZER_NETBSD
16
17	#include "sanitizer_common/sanitizer_common.h"
18	#include "sanitizer_common/sanitizer_libc.h"
19	#include "sanitizer_common/sanitizer_linux.h"
20	#include "sanitizer_common/sanitizer_platform_limits_netbsd.h"
21	#include "sanitizer_common/sanitizer_platform_limits_posix.h"
22	#include "sanitizer_common/sanitizer_posix.h"
23	#include "sanitizer_common/sanitizer_procmaps.h"
24	#include "sanitizer_common/sanitizer_stackdepot.h"
25	#include "sanitizer_common/sanitizer_stoptheworld.h"
26	#include "tsan_flags.h"
27	#include "tsan_platform.h"
28	#include "tsan_rtl.h"
29
30	#include <fcntl.h>
31	#include <pthread.h>
32	#include <signal.h>
33	#include <stdio.h>
34	#include <stdlib.h>
35	#include <string.h>
36	#include <stdarg.h>
37	#include <sys/mman.h>
38	#if SANITIZER_LINUX
39	#include <sys/personality.h>
40	#include <setjmp.h>
41	#endif
42	#include <sys/syscall.h>
43	#include <sys/socket.h>
44	#include <sys/time.h>
45	#include <sys/types.h>
46	#include <sys/resource.h>
47	#include <sys/stat.h>
48	#include <unistd.h>
49	#include <sched.h>
50	#include <dlfcn.h>
51	#if SANITIZER_LINUX
52	#define __need_res_state
53	#include <resolv.h>
54	#endif
55
56	#ifdef sa_handler
57	# undef sa_handler
58	#endif
59
60	#ifdef sa_sigaction
61	# undef sa_sigaction
62	#endif
63
64	#if SANITIZER_FREEBSD
65	extern "C" void *__libc_stack_end;
66	void *__libc_stack_end = `0`;
67	#endif
68
69	#if SANITIZER_LINUX && (defined(__aarch64__) \|\| defined(__loongarch_lp64)) && \
70	!SANITIZER_GO
71	# define INIT_LONGJMP_XOR_KEY 1
72	#else
73	# define INIT_LONGJMP_XOR_KEY 0
74	#endif
75
76	#if INIT_LONGJMP_XOR_KEY
77	#include "interception/interception.h"
78	// Must be declared outside of other namespaces.
79	DECLARE_REAL(int, _setjmp, void *env)
80	#endif
81
82	namespace __tsan {
83
84	#if INIT_LONGJMP_XOR_KEY
85	static void InitializeLongjmpXorKey();
86	static uptr longjmp_xor_key;
87	#endif
88
89	// Runtime detected VMA size.
90	uptr vmaSize;
91
92	enum {
93	MemTotal,
94	MemShadow,
95	MemMeta,
96	MemFile,
97	MemMmap,
98	MemHeap,
99	MemOther,
100	MemCount,
101	};
102
103	void FillProfileCallback(uptr p, uptr rss, bool file, uptr *mem) {
104	mem[MemTotal] += rss;
105	if (p >= ShadowBeg() && p < ShadowEnd())
106	mem[MemShadow] += rss;
107	else if (p >= MetaShadowBeg() && p < MetaShadowEnd())
108	mem[MemMeta] += rss;
109	else if ((p >= LoAppMemBeg() && p < LoAppMemEnd()) \|\|
110	(p >= MidAppMemBeg() && p < MidAppMemEnd()) \|\|
111	(p >= HiAppMemBeg() && p < HiAppMemEnd()))
112	mem[file ? MemFile : MemMmap] += rss;
113	else if (p >= HeapMemBeg() && p < HeapMemEnd())
114	mem[MemHeap] += rss;
115	else
116	mem[MemOther] += rss;
117	}
118
119	void WriteMemoryProfile(char *buf, uptr buf_size, u64 uptime_ns) {
120	uptr mem[MemCount];
121	internal_memset(s: mem, c: `0`, n: sizeof(mem));
122	GetMemoryProfile(cb: FillProfileCallback, stats: mem);
123	auto meta = ctx->metamap.GetMemoryStats();
124	StackDepotStats stacks = StackDepotGetStats();
125	uptr nthread, nlive;
126	ctx->thread_registry.GetNumberOfThreads(total: &nthread, running: &nlive);
127	uptr trace_mem;
128	{
129	Lock l(&ctx->slot_mtx);
130	trace_mem = ctx->trace_part_total_allocated * sizeof(TracePart);
131	}
132	uptr internal_stats[AllocatorStatCount];
133	internal_allocator()->GetStats(s: internal_stats);
134	// All these are allocated from the common mmap region.
135	mem[MemMmap] -= meta.mem_block + meta.sync_obj + trace_mem +
136	stacks.allocated + internal_stats[AllocatorStatMapped];
137	if (s64(mem[MemMmap]) < `0`)
138	mem[MemMmap] = `0`;
139	internal_snprintf(
140	buffer: buf, length: buf_size,
141	format: "==%zu== %llus [%zu]: RSS %zd MB: shadow:%zd meta:%zd file:%zd"
142	" mmap:%zd heap:%zd other:%zd intalloc:%zd memblocks:%zd syncobj:%zu"
143	" trace:%zu stacks=%zd threads=%zu/%zu\n",
144	internal_getpid(), uptime_ns / (`1000` * `1000` * `1000`), ctx->global_epoch,
145	mem[MemTotal] >> `20`, mem[MemShadow] >> `20`, mem[MemMeta] >> `20`,
146	mem[MemFile] >> `20`, mem[MemMmap] >> `20`, mem[MemHeap] >> `20`,
147	mem[MemOther] >> `20`, internal_stats[AllocatorStatMapped] >> `20`,
148	meta.mem_block >> `20`, meta.sync_obj >> `20`, trace_mem >> `20`,
149	stacks.allocated >> `20`, nlive, nthread);
150	}
151
152	#if !SANITIZER_GO
153	// Mark shadow for .rodata sections with the special Shadow::kRodata marker.
154	// Accesses to .rodata can't race, so this saves time, memory and trace space.
155	static NOINLINE void MapRodata(char* buffer, uptr size) {
156	// First create temp file.
157	const char *tmpdir = GetEnv(name: "TMPDIR");
158	if (tmpdir == `0`)
159	tmpdir = GetEnv(name: "TEST_TMPDIR");
160	#ifdef P_tmpdir
161	if (tmpdir == `0`)
162	tmpdir = P_tmpdir;
163	#endif
164	if (tmpdir == `0`)
165	return;
166	internal_snprintf(buffer, length: size, format: "%s/tsan.rodata.%d",
167	tmpdir, (int)internal_getpid());
168	uptr openrv = internal_open(filename: buffer, O_RDWR \| O_CREAT \| O_EXCL, mode: `0600`);
169	if (internal_iserror(retval: openrv))
170	return;
171	internal_unlink(path: buffer); // Unlink it now, so that we can reuse the buffer.
172	fd_t fd = openrv;
173	// Fill the file with Shadow::kRodata.
174	const uptr kMarkerSize = `512` * `1024` / sizeof(RawShadow);
175	InternalMmapVector<RawShadow> marker(kMarkerSize);
176	// volatile to prevent insertion of memset
177	for (volatile RawShadow *p = marker.data(); p < marker.data() + kMarkerSize;
178	p++)
179	*p = Shadow::kRodata;
180	internal_write(fd, buf: marker.data(), count: marker.size() * sizeof(RawShadow));
181	// Map the file into memory.
182	uptr page = internal_mmap(addr: `0`, length: GetPageSizeCached(), PROT_READ \| PROT_WRITE,
183	MAP_PRIVATE \| MAP_ANONYMOUS, fd, offset: `0`);
184	if (internal_iserror(retval: page)) {
185	internal_close(fd);
186	return;
187	}
188	// Map the file into shadow of .rodata sections.
189	MemoryMappingLayout proc_maps(/cache_enabled/true);
190	// Reusing the buffer 'buffer'.
191	MemoryMappedSegment segment(buffer, size);
192	while (proc_maps.Next(segment: &segment)) {
193	if (segment.filename[`0`] != `0` && segment.filename[`0`] != `'['` &&
194	segment.IsReadable() && segment.IsExecutable() &&
195	!segment.IsWritable() && IsAppMem(mem: segment.start)) {
196	// Assume it's .rodata
197	char shadow_start = (char* *)MemToShadow(x: segment.start);
198	char shadow_end = (char* *)MemToShadow(x: segment.end);
199	for (char *p = shadow_start; p < shadow_end;
200	p += marker.size() * sizeof(RawShadow)) {
201	internal_mmap(
202	addr: p, length: Min<uptr>(a: marker.size() * sizeof(RawShadow), b: shadow_end - p),
203	PROT_READ, MAP_PRIVATE \| MAP_FIXED, fd, offset: `0`);
204	}
205	}
206	}
207	internal_close(fd);
208	}
209
210	void InitializeShadowMemoryPlatform() {
211	char buffer[`256`]; // Keep in a different frame.
212	MapRodata(buffer, size: sizeof(buffer));
213	}
214
215	#endif // #if !SANITIZER_GO
216
217	# if !SANITIZER_GO
218	static void ReExecIfNeeded(bool ignore_heap) {
219	// Go maps shadow memory lazily and works fine with limited address space.
220	// Unlimited stack is not a problem as well, because the executable
221	// is not compiled with -pie.
222	bool reexec = false;
223	// TSan doesn't play well with unlimited stack size (as stack
224	// overlaps with shadow memory). If we detect unlimited stack size,
225	// we re-exec the program with limited stack size as a best effort.
226	if (StackSizeIsUnlimited()) {
227	const uptr kMaxStackSize = `32` * `1024` * `1024`;
228	VReport(`1`,
229	"Program is run with unlimited stack size, which wouldn't "
230	"work with ThreadSanitizer.\n"
231	"Re-execing with stack size limited to %zd bytes.\n",
232	kMaxStackSize);
233	SetStackSizeLimitInBytes(kMaxStackSize);
234	reexec = true;
235	}
236
237	if (!AddressSpaceIsUnlimited()) {
238	Report(
239	format: "WARNING: Program is run with limited virtual address space,"
240	" which wouldn't work with ThreadSanitizer.\n");
241	Report(format: "Re-execing with unlimited virtual address space.\n");
242	SetAddressSpaceUnlimited();
243	reexec = true;
244	}
245
246	# if SANITIZER_LINUX
247	# if SANITIZER_ANDROID && (defined(__aarch64__) \|\| defined(__x86_64__))
248	// ASLR personality check.
249	int old_personality = personality(`0xffffffff`);
250	bool aslr_on =
251	(old_personality != -`1`) && ((old_personality & ADDR_NO_RANDOMIZE) == `0`);
252
253	// After patch "arm64: mm: support ARCH_MMAP_RND_BITS." is introduced in
254	// linux kernel, the random gap between stack and mapped area is increased
255	// from 128M to 36G on 39-bit aarch64. As it is almost impossible to cover
256	// this big range, we should disable randomized virtual space on aarch64.
257	if (aslr_on) {
258	VReport(`1`,
259	"WARNING: Program is run with randomized virtual address "
260	"space, which wouldn't work with ThreadSanitizer on Android.\n"
261	"Re-execing with fixed virtual address space.\n");
262
263	if (personality(old_personality \| ADDR_NO_RANDOMIZE) == -`1`) {
264	Printf(
265	"FATAL: ThreadSanitizer: unable to disable ASLR (perhaps "
266	"sandboxing is enabled?).\n");
267	Printf("FATAL: Please rerun without sandboxing and/or ASLR.\n");
268	Die();
269	}
270
271	reexec = true;
272	}
273	# endif
274
275	if (reexec) {
276	// Don't check the address space since we're going to re-exec anyway.
277	} else if (!CheckAndProtect(protect: false, ignore_heap, print_warnings: false)) {
278	// ASLR personality check.
279	// N.B. 'personality' is sometimes forbidden by sandboxes, so we only call
280	// this as a last resort (when the memory mapping is incompatible and TSan
281	// would fail anyway).
282	int old_personality = personality(persona: `0xffffffff`);
283	bool aslr_on =
284	(old_personality != -`1`) && ((old_personality & ADDR_NO_RANDOMIZE) == `0`);
285
286	if (aslr_on) {
287	// Disable ASLR if the memory layout was incompatible.
288	// Alternatively, we could just keep re-execing until we get lucky
289	// with a compatible randomized layout, but the risk is that if it's
290	// not an ASLR-related issue, we will be stuck in an infinite loop of
291	// re-execing (unless we change ReExec to pass a parameter of the
292	// number of retries allowed.)
293	VReport(`1`,
294	"WARNING: ThreadSanitizer: memory layout is incompatible, "
295	"possibly due to high-entropy ASLR.\n"
296	"Re-execing with fixed virtual address space.\n"
297	"N.B. reducing ASLR entropy is preferable.\n");
298
299	if (personality(persona: old_personality \| ADDR_NO_RANDOMIZE) == -`1`) {
300	Printf(
301	format: "FATAL: ThreadSanitizer: encountered an incompatible memory "
302	"layout but was unable to disable ASLR (perhaps sandboxing is "
303	"enabled?).\n");
304	Printf(
305	format: "FATAL: Please rerun with lower ASLR entropy, ASLR disabled, "
306	"and/or sandboxing disabled.\n");
307	Die();
308	}
309
310	reexec = true;
311	} else {
312	Printf(
313	format: "FATAL: ThreadSanitizer: memory layout is incompatible, "
314	"even though ASLR is disabled.\n"
315	"Please file a bug.\n");
316	DumpProcessMap();
317	Die();
318	}
319	}
320	# endif // SANITIZER_LINUX
321
322	if (reexec)
323	ReExec();
324	}
325	# endif
326
327	void InitializePlatformEarly() {
328	vmaSize =
329	(MostSignificantSetBitIndex(GET_CURRENT_FRAME()) + `1`);
330	#if defined(__aarch64__)
331	# if !SANITIZER_GO
332	if (vmaSize != `39` && vmaSize != `42` && vmaSize != `48`) {
333	Printf("FATAL: ThreadSanitizer: unsupported VMA range\n");
334	Printf("FATAL: Found %zd - Supported 39, 42 and 48\n", vmaSize);
335	Die();
336	}
337	#else
338	if (vmaSize != `48`) {
339	Printf("FATAL: ThreadSanitizer: unsupported VMA range\n");
340	Printf("FATAL: Found %zd - Supported 48\n", vmaSize);
341	Die();
342	}
343	#endif
344	#elif SANITIZER_LOONGARCH64
345	# if !SANITIZER_GO
346	if (vmaSize != `47`) {
347	Printf("FATAL: ThreadSanitizer: unsupported VMA range\n");
348	Printf("FATAL: Found %zd - Supported 47\n", vmaSize);
349	Die();
350	}
351	# else
352	if (vmaSize != `47`) {
353	Printf("FATAL: ThreadSanitizer: unsupported VMA range\n");
354	Printf("FATAL: Found %zd - Supported 47\n", vmaSize);
355	Die();
356	}
357	# endif
358	#elif defined(__powerpc64__)
359	# if !SANITIZER_GO
360	if (vmaSize != `44` && vmaSize != `46` && vmaSize != `47`) {
361	Printf("FATAL: ThreadSanitizer: unsupported VMA range\n");
362	Printf("FATAL: Found %zd - Supported 44, 46, and 47\n", vmaSize);
363	Die();
364	}
365	# else
366	if (vmaSize != `46` && vmaSize != `47`) {
367	Printf("FATAL: ThreadSanitizer: unsupported VMA range\n");
368	Printf("FATAL: Found %zd - Supported 46, and 47\n", vmaSize);
369	Die();
370	}
371	# endif
372	#elif defined(__mips64)
373	# if !SANITIZER_GO
374	if (vmaSize != `40`) {
375	Printf("FATAL: ThreadSanitizer: unsupported VMA range\n");
376	Printf("FATAL: Found %zd - Supported 40\n", vmaSize);
377	Die();
378	}
379	# else
380	if (vmaSize != `47`) {
381	Printf("FATAL: ThreadSanitizer: unsupported VMA range\n");
382	Printf("FATAL: Found %zd - Supported 47\n", vmaSize);
383	Die();
384	}
385	# endif
386	# elif SANITIZER_RISCV64
387	// the bottom half of vma is allocated for userspace
388	vmaSize = vmaSize + `1`;
389	# if !SANITIZER_GO
390	if (vmaSize != `39` && vmaSize != `48`) {
391	Printf("FATAL: ThreadSanitizer: unsupported VMA range\n");
392	Printf("FATAL: Found %zd - Supported 39 and 48\n", vmaSize);
393	Die();
394	}
395	# else
396	if (vmaSize != `48`) {
397	Printf("FATAL: ThreadSanitizer: unsupported VMA range\n");
398	Printf("FATAL: Found %zd - Supported 48\n", vmaSize);
399	Die();
400	}
401	# endif
402	# endif
403
404	# if !SANITIZER_GO
405	// Heap has not been allocated yet
406	ReExecIfNeeded(ignore_heap: false);
407	# endif
408	}
409
410	void InitializePlatform() {
411	DisableCoreDumperIfNecessary();
412
413	// Go maps shadow memory lazily and works fine with limited address space.
414	// Unlimited stack is not a problem as well, because the executable
415	// is not compiled with -pie.
416	#if !SANITIZER_GO
417	{
418	# if SANITIZER_LINUX && (defined(__aarch64__) \|\| defined(__loongarch_lp64))
419	// Initialize the xor key used in {sig}{set,long}jump.
420	InitializeLongjmpXorKey();
421	# endif
422	}
423
424	// We called ReExecIfNeeded() in InitializePlatformEarly(), but there are
425	// intervening allocations that result in an edge case:
426	// 1) InitializePlatformEarly(): memory layout is compatible
427	// 2) Intervening allocations happen
428	// 3) InitializePlatform(): memory layout is incompatible and fails
429	// CheckAndProtect()
430	# if !SANITIZER_GO
431	// Heap has already been allocated
432	ReExecIfNeeded(ignore_heap: true);
433	# endif
434
435	// Earlier initialization steps already re-exec'ed until we got a compatible
436	// memory layout, so we don't expect any more issues here.
437	if (!CheckAndProtect(protect: true, ignore_heap: true, print_warnings: true)) {
438	Printf(
439	format: "FATAL: ThreadSanitizer: unexpectedly found incompatible memory "
440	"layout.\n");
441	Printf(format: "FATAL: Please file a bug.\n");
442	DumpProcessMap();
443	Die();
444	}
445
446	#endif // !SANITIZER_GO
447	}
448
449	#if !SANITIZER_GO
450	// Extract file descriptors passed to glibc internal __res_iclose function.
451	// This is required to properly "close" the fds, because we do not see internal
452	// closes within glibc. The code is a pure hack.
453	int ExtractResolvFDs(void state, int* fds, int* nfd) {
454	#if SANITIZER_LINUX && !SANITIZER_ANDROID
455	int cnt = `0`;
456	struct __res_state statp = (struct* __res_state*)state;
457	for (int i = `0`; i < MAXNS && cnt < nfd; i++) {
458	if (statp->_u._ext.nsaddrs[i] && statp->_u._ext.nssocks[i] != -`1`)
459	fds[cnt++] = statp->_u._ext.nssocks[i];
460	}
461	return cnt;
462	#else
463	return `0`;
464	#endif
465	}
466
467	// Extract file descriptors passed via UNIX domain sockets.
468	// This is required to properly handle "open" of these fds.
469	// see 'man recvmsg' and 'man 3 cmsg'.
470	int ExtractRecvmsgFDs(void msgp, int* fds, int* nfd) {
471	int res = `0`;
472	msghdr msg = (msghdr)msgp;
473	struct cmsghdr *cmsg = CMSG_FIRSTHDR(msg);
474	for (; cmsg; cmsg = CMSG_NXTHDR(msg, cmsg)) {
475	if (cmsg->cmsg_level != SOL_SOCKET \|\| cmsg->cmsg_type != SCM_RIGHTS)
476	continue;
477	int n = (cmsg->cmsg_len - CMSG_LEN(`0`)) / sizeof(fds[`0`]);
478	for (int i = `0`; i < n; i++) {
479	fds[res++] = ((int*)CMSG_DATA(cmsg))[i];
480	if (res == nfd)
481	return res;
482	}
483	}
484	return res;
485	}
486
487	// Reverse operation of libc stack pointer mangling
488	static uptr UnmangleLongJmpSp(uptr mangled_sp) {
489	#if defined(__x86_64__)
490	# if SANITIZER_LINUX
491	// Reverse of:
492	// xor %fs:0x30, %rsi
493	// rol $0x11, %rsi
494	uptr sp;
495	asm("ror $0x11, %0 \n"
496	"xor %%fs:0x30, %0 \n"
497	: "=r" (sp)
498	: "0" (mangled_sp));
499	return sp;
500	# else
501	return mangled_sp;
502	# endif
503	#elif defined(__aarch64__)
504	# if SANITIZER_LINUX
505	return mangled_sp ^ longjmp_xor_key;
506	# else
507	return mangled_sp;
508	# endif
509	#elif defined(__loongarch_lp64)
510	return mangled_sp ^ longjmp_xor_key;
511	#elif defined(__powerpc64__)
512	// Reverse of:
513	// ld r4, -28696(r13)
514	// xor r4, r3, r4
515	uptr xor_key;
516	asm("ld %0, -28696(%%r13)" : "=r" (xor_key));
517	return mangled_sp ^ xor_key;
518	#elif defined(__mips__)
519	return mangled_sp;
520	# elif SANITIZER_RISCV64
521	return mangled_sp;
522	# elif defined(__s390x__)
523	// tcbhead_t.stack_guard
524	uptr xor_key = ((uptr *)__builtin_thread_pointer())[`5`];
525	return mangled_sp ^ xor_key;
526	# else
527	# error "Unknown platform"
528	# endif
529	}
530
531	#if SANITIZER_NETBSD
532	# ifdef __x86_64__
533	# define LONG_JMP_SP_ENV_SLOT 6
534	# else
535	# error unsupported
536	# endif
537	#elif defined(__powerpc__)
538	# define LONG_JMP_SP_ENV_SLOT 0
539	#elif SANITIZER_FREEBSD
540	# ifdef __aarch64__
541	# define LONG_JMP_SP_ENV_SLOT 1
542	# else
543	# define LONG_JMP_SP_ENV_SLOT 2
544	# endif
545	#elif SANITIZER_LINUX
546	# ifdef __aarch64__
547	# define LONG_JMP_SP_ENV_SLOT 13
548	# elif defined(__loongarch__)
549	# define LONG_JMP_SP_ENV_SLOT 1
550	# elif defined(__mips64)
551	# define LONG_JMP_SP_ENV_SLOT 1
552	# elif SANITIZER_RISCV64
553	# define LONG_JMP_SP_ENV_SLOT 13
554	# elif defined(__s390x__)
555	# define LONG_JMP_SP_ENV_SLOT 9
556	# else
557	# define LONG_JMP_SP_ENV_SLOT 6
558	# endif
559	#endif
560
561	uptr ExtractLongJmpSp(uptr *env) {
562	uptr mangled_sp = env[LONG_JMP_SP_ENV_SLOT];
563	return UnmangleLongJmpSp(mangled_sp);
564	}
565
566	#if INIT_LONGJMP_XOR_KEY
567	// GLIBC mangles the function pointers in jmp_buf (used in {set,long}jmp*
568	// functions) by XORing them with a random key. For AArch64 it is a global
569	// variable rather than a TCB one (as for x86_64/powerpc). We obtain the key by
570	// issuing a setjmp and XORing the SP pointer values to derive the key.
571	static void InitializeLongjmpXorKey() {
572	// 1. Call REAL(setjmp), which stores the mangled SP in env.
573	jmp_buf env;
574	REAL(_setjmp)(env);
575
576	// 2. Retrieve vanilla/mangled SP.
577	uptr sp;
578	#ifdef __loongarch__
579	asm("move %0, $sp" : "=r" (sp));
580	#else
581	asm("mov %0, sp" : "=r" (sp));
582	#endif
583	uptr mangled_sp = ((uptr *)&env)[LONG_JMP_SP_ENV_SLOT];
584
585	// 3. xor SPs to obtain key.
586	longjmp_xor_key = mangled_sp ^ sp;
587	}
588	#endif
589
590	extern "C" void __tsan_tls_initialization() {}
591
592	void ImitateTlsWrite(ThreadState *thr, uptr tls_addr, uptr tls_size) {
593	// Check that the thr object is in tls;
594	const uptr thr_beg = (uptr)thr;
595	const uptr thr_end = (uptr)thr + sizeof(*thr);
596	CHECK_GE(thr_beg, tls_addr);
597	CHECK_LE(thr_beg, tls_addr + tls_size);
598	CHECK_GE(thr_end, tls_addr);
599	CHECK_LE(thr_end, tls_addr + tls_size);
600	// Since the thr object is huge, skip it.
601	const uptr pc = StackTrace::GetNextInstructionPc(
602	pc: reinterpret_cast<uptr>(__tsan_tls_initialization));
603	MemoryRangeImitateWrite(thr, pc, addr: tls_addr, size: thr_beg - tls_addr);
604	MemoryRangeImitateWrite(thr, pc, addr: thr_end, size: tls_addr + tls_size - thr_end);
605	}
606
607	// Note: this function runs with async signals enabled,
608	// so it must not touch any tsan state.
609	int call_pthread_cancel_with_cleanup(int (fn)(void* *arg),
610	void (cleanup)(void* arg), void* *arg) {
611	// pthread_cleanup_push/pop are hardcore macros mess.
612	// We can't intercept nor call them w/o including pthread.h.
613	int res;
614	pthread_cleanup_push(cleanup, arg);
615	res = fn(arg);
616	pthread_cleanup_pop(`0`);
617	return res;
618	}
619	#endif // !SANITIZER_GO
620
621	#if !SANITIZER_GO
622	void ReplaceSystemMalloc() { }
623	#endif
624
625	#if !SANITIZER_GO
626	#if SANITIZER_ANDROID
627	// On Android, one thread can call intercepted functions after
628	// DestroyThreadState(), so add a fake thread state for "dead" threads.
629	static ThreadState dead_thread_state = nullptr*;
630
631	ThreadState *cur_thread() {
632	ThreadState* thr = reinterpret_cast<ThreadState>(get_android_tls_ptr());
633	if (thr == nullptr) {
634	__sanitizer_sigset_t emptyset;
635	internal_sigfillset(&emptyset);
636	__sanitizer_sigset_t oldset;
637	CHECK_EQ(`0`, internal_sigprocmask(SIG_SETMASK, &emptyset, &oldset));
638	thr = reinterpret_cast<ThreadState>(get_android_tls_ptr());
639	if (thr == nullptr) {
640	thr = reinterpret_cast<ThreadState>(MmapOrDie(sizeof*(ThreadState),
641	"ThreadState"));
642	get_android_tls_ptr() = reinterpret_cast*<uptr>(thr);
643	if (dead_thread_state == nullptr) {
644	dead_thread_state = reinterpret_cast<ThreadState*>(
645	MmapOrDie(sizeof(ThreadState), "ThreadState"));
646	dead_thread_state->fast_state.SetIgnoreBit();
647	dead_thread_state->ignore_interceptors = `1`;
648	dead_thread_state->is_dead = true;
649	*const_cast<u32*>(&dead_thread_state->tid) = -`1`;
650	CHECK_EQ(`0`, internal_mprotect(dead_thread_state, sizeof(ThreadState),
651	PROT_READ));
652	}
653	}
654	CHECK_EQ(`0`, internal_sigprocmask(SIG_SETMASK, &oldset, nullptr));
655	}
656	return thr;
657	}
658
659	void set_cur_thread(ThreadState *thr) {
660	get_android_tls_ptr() = reinterpret_cast*<uptr>(thr);
661	}
662
663	void cur_thread_finalize() {
664	__sanitizer_sigset_t emptyset;
665	internal_sigfillset(&emptyset);
666	__sanitizer_sigset_t oldset;
667	CHECK_EQ(`0`, internal_sigprocmask(SIG_SETMASK, &emptyset, &oldset));
668	ThreadState* thr = reinterpret_cast<ThreadState>(get_android_tls_ptr());
669	if (thr != dead_thread_state) {
670	get_android_tls_ptr() = reinterpret_cast*<uptr>(dead_thread_state);
671	UnmapOrDie(thr, sizeof(ThreadState));
672	}
673	CHECK_EQ(`0`, internal_sigprocmask(SIG_SETMASK, &oldset, nullptr));
674	}
675	#endif // SANITIZER_ANDROID
676	#endif // if !SANITIZER_GO
677
678	} // namespace __tsan
679
680	#endif // SANITIZER_LINUX \|\| SANITIZER_FREEBSD \|\| SANITIZER_NETBSD
681

Provided by KDAB

Update your C++ knowledge – Modern C++11/14/17 Training

Find out more

Definitions

source code of compiler-rt/lib/tsan/rtl/tsan_platform_linux.cpp