2013-05-20 19:06:50 +08:00
|
|
|
//=-- lsan_common_linux.cc ------------------------------------------------===//
|
|
|
|
//
|
|
|
|
// The LLVM Compiler Infrastructure
|
|
|
|
//
|
|
|
|
// This file is distributed under the University of Illinois Open Source
|
|
|
|
// License. See LICENSE.TXT for details.
|
|
|
|
//
|
|
|
|
//===----------------------------------------------------------------------===//
|
|
|
|
//
|
|
|
|
// This file is a part of LeakSanitizer.
|
|
|
|
// Implementation of common leak checking functionality. Linux-specific code.
|
|
|
|
//
|
|
|
|
//===----------------------------------------------------------------------===//
|
|
|
|
|
|
|
|
#include "sanitizer_common/sanitizer_platform.h"
|
|
|
|
#include "lsan_common.h"
|
|
|
|
|
2013-05-21 22:12:11 +08:00
|
|
|
#if CAN_SANITIZE_LEAKS && SANITIZER_LINUX
|
2013-05-20 19:06:50 +08:00
|
|
|
#include <link.h>
|
|
|
|
|
|
|
|
#include "sanitizer_common/sanitizer_common.h"
|
2014-02-14 23:12:46 +08:00
|
|
|
#include "sanitizer_common/sanitizer_flags.h"
|
2017-11-07 05:27:06 +08:00
|
|
|
#include "sanitizer_common/sanitizer_getauxval.h"
|
2013-05-20 19:06:50 +08:00
|
|
|
#include "sanitizer_common/sanitizer_linux.h"
|
|
|
|
#include "sanitizer_common/sanitizer_stackdepot.h"
|
|
|
|
|
|
|
|
namespace __lsan {
|
|
|
|
|
|
|
|
static const char kLinkerName[] = "ld";
|
2016-02-23 02:52:51 +08:00
|
|
|
|
|
|
|
static char linker_placeholder[sizeof(LoadedModule)] ALIGNED(64);
|
2015-10-01 08:22:21 +08:00
|
|
|
static LoadedModule *linker = nullptr;
|
2013-05-20 19:06:50 +08:00
|
|
|
|
2017-11-07 05:27:06 +08:00
|
|
|
static bool IsLinker(const LoadedModule& module) {
|
|
|
|
#if SANITIZER_USE_GETAUXVAL
|
|
|
|
return module.base_address() == getauxval(AT_BASE);
|
|
|
|
#else
|
|
|
|
return LibraryNameIs(module.full_name(), kLinkerName);
|
|
|
|
#endif // SANITIZER_USE_GETAUXVAL
|
2013-05-20 19:06:50 +08:00
|
|
|
}
|
|
|
|
|
Use pthreads to manage thread-local storage on darwin for leak sanitizer
Summary:
__thread is supported on Darwin, but is implemented dynamically via
function calls to __tls_get_addr. This causes two issues when combined
with leak sanitizer, due to malloc() interception.
- The dynamic loader calls malloc during the process of loading
the sanitizer dylib, while swapping a placeholder tlv_boostrap
function for __tls_get_addr. This will cause tlv_bootstrap to
be called in DisabledInThisThread() via the asan allocator.
- The first time __tls_get_addr is called, it allocates memory
for the thread-local object, during which it calls malloc(). This
call will be intercepted, leading to an infinite loop in the asan
allocator, in which the allocator calls DisabledInThisThread,
which calls tls_get_addr, which calls into the allocator again.
Reviewers: kcc, glider, kubamracek
Subscribers: llvm-commits
Differential Revision: https://reviews.llvm.org/D29786
llvm-svn: 294994
2017-02-14 06:20:07 +08:00
|
|
|
__attribute__((tls_model("initial-exec")))
|
|
|
|
THREADLOCAL int disable_counter;
|
|
|
|
bool DisabledInThisThread() { return disable_counter > 0; }
|
|
|
|
void DisableInThisThread() { disable_counter++; }
|
|
|
|
void EnableInThisThread() {
|
|
|
|
if (disable_counter == 0) {
|
|
|
|
DisableCounterUnderflow();
|
|
|
|
}
|
|
|
|
disable_counter--;
|
|
|
|
}
|
|
|
|
|
2013-05-20 19:06:50 +08:00
|
|
|
void InitializePlatformSpecificModules() {
|
2016-02-23 02:52:51 +08:00
|
|
|
ListOfModules modules;
|
|
|
|
modules.init();
|
|
|
|
for (LoadedModule &module : modules) {
|
2017-11-07 05:27:06 +08:00
|
|
|
if (!IsLinker(module))
|
|
|
|
continue;
|
2016-02-23 02:52:51 +08:00
|
|
|
if (linker == nullptr) {
|
|
|
|
linker = reinterpret_cast<LoadedModule *>(linker_placeholder);
|
|
|
|
*linker = module;
|
|
|
|
module = LoadedModule();
|
|
|
|
} else {
|
|
|
|
VReport(1, "LeakSanitizer: Multiple modules match \"%s\". "
|
2017-11-07 05:27:06 +08:00
|
|
|
"TLS and other allocations originating from linker might be "
|
|
|
|
"falsely reported as leaks.\n", kLinkerName);
|
2016-02-23 02:52:51 +08:00
|
|
|
linker->clear();
|
|
|
|
linker = nullptr;
|
|
|
|
return;
|
|
|
|
}
|
2013-05-20 19:06:50 +08:00
|
|
|
}
|
2017-05-16 07:11:01 +08:00
|
|
|
if (linker == nullptr) {
|
2017-11-07 05:27:06 +08:00
|
|
|
VReport(1, "LeakSanitizer: Dynamic linker not found. TLS and other "
|
|
|
|
"allocations originating from linker might be falsely reported "
|
|
|
|
"as leaks.\n");
|
2017-05-16 07:11:01 +08:00
|
|
|
}
|
2013-05-20 19:06:50 +08:00
|
|
|
}
|
|
|
|
|
|
|
|
static int ProcessGlobalRegionsCallback(struct dl_phdr_info *info, size_t size,
|
|
|
|
void *data) {
|
2013-06-24 16:34:50 +08:00
|
|
|
Frontier *frontier = reinterpret_cast<Frontier *>(data);
|
2013-05-20 19:06:50 +08:00
|
|
|
for (uptr j = 0; j < info->dlpi_phnum; j++) {
|
|
|
|
const ElfW(Phdr) *phdr = &(info->dlpi_phdr[j]);
|
|
|
|
// We're looking for .data and .bss sections, which reside in writeable,
|
|
|
|
// loadable segments.
|
|
|
|
if (!(phdr->p_flags & PF_W) || (phdr->p_type != PT_LOAD) ||
|
|
|
|
(phdr->p_memsz == 0))
|
|
|
|
continue;
|
|
|
|
uptr begin = info->dlpi_addr + phdr->p_vaddr;
|
|
|
|
uptr end = begin + phdr->p_memsz;
|
2017-04-14 02:40:19 +08:00
|
|
|
ScanGlobalRange(begin, end, frontier);
|
2013-05-20 19:06:50 +08:00
|
|
|
}
|
|
|
|
return 0;
|
|
|
|
}
|
|
|
|
|
2013-06-24 16:34:50 +08:00
|
|
|
// Scans global variables for heap pointers.
|
2013-06-14 18:07:56 +08:00
|
|
|
void ProcessGlobalRegions(Frontier *frontier) {
|
2013-12-26 01:14:40 +08:00
|
|
|
if (!flags()->use_globals) return;
|
2013-05-20 19:06:50 +08:00
|
|
|
dl_iterate_phdr(ProcessGlobalRegionsCallback, frontier);
|
|
|
|
}
|
|
|
|
|
2017-04-19 22:00:35 +08:00
|
|
|
LoadedModule *GetLinker() { return linker; }
|
2013-05-20 19:06:50 +08:00
|
|
|
|
2017-04-19 22:00:35 +08:00
|
|
|
void ProcessPlatformSpecificAllocations(Frontier *frontier) {}
|
2013-05-20 19:06:50 +08:00
|
|
|
|
2015-02-26 22:01:08 +08:00
|
|
|
struct DoStopTheWorldParam {
|
|
|
|
StopTheWorldCallback callback;
|
|
|
|
void *argument;
|
|
|
|
};
|
|
|
|
|
Don't call exit() from atexit handlers on Darwin
Summary:
Calling exit() from an atexit handler is undefined behavior.
On Linux, it's unavoidable, since we cannot intercept exit (_exit isn't called
if a user program uses return instead of exit()), and I haven't
seen it cause issues regardless.
However, on Darwin, I have a fairly complex internal test that hangs roughly
once in every 300 runs after leak reporting finishes, which is resolved with
this patch, and is presumably due to the undefined behavior (since the Die() is
the only thing that happens after the end of leak reporting).
In addition, this is the way TSan works as well, where an atexit handler+Die()
is used on Linux, and an _exit() interceptor is used on Darwin. I'm not sure if it's
intentionally structured that way in TSan, since TSan sets up the atexit handler and the
_exit() interceptor on both platforms, but I have observed that on Darwin, only the
_exit() interceptor is used, and on Linux the atexit handler is used.
There is some additional related discussion here: https://reviews.llvm.org/D35085
Reviewers: alekseyshl, kubamracek
Subscribers: eugenis, vsk, llvm-commits
Differential Revision: https://reviews.llvm.org/D35513
llvm-svn: 308353
2017-07-19 04:18:32 +08:00
|
|
|
// While calling Die() here is undefined behavior and can potentially
|
|
|
|
// cause race conditions, it isn't possible to intercept exit on linux,
|
|
|
|
// so we have no choice but to call Die() from the atexit handler.
|
|
|
|
void HandleLeaks() {
|
|
|
|
if (common_flags()->exitcode) Die();
|
|
|
|
}
|
|
|
|
|
2015-02-26 22:25:25 +08:00
|
|
|
static int DoStopTheWorldCallback(struct dl_phdr_info *info, size_t size,
|
|
|
|
void *data) {
|
2015-02-26 22:01:08 +08:00
|
|
|
DoStopTheWorldParam *param = reinterpret_cast<DoStopTheWorldParam *>(data);
|
|
|
|
StopTheWorld(param->callback, param->argument);
|
|
|
|
return 1;
|
|
|
|
}
|
|
|
|
|
|
|
|
// LSan calls dl_iterate_phdr() from the tracer task. This may deadlock: if one
|
|
|
|
// of the threads is frozen while holding the libdl lock, the tracer will hang
|
|
|
|
// in dl_iterate_phdr() forever.
|
|
|
|
// Luckily, (a) the lock is reentrant and (b) libc can't distinguish between the
|
|
|
|
// tracer task and the thread that spawned it. Thus, if we run the tracer task
|
|
|
|
// while holding the libdl lock in the parent thread, we can safely reenter it
|
|
|
|
// in the tracer. The solution is to run stoptheworld from a dl_iterate_phdr()
|
|
|
|
// callback in the parent thread.
|
|
|
|
void DoStopTheWorld(StopTheWorldCallback callback, void *argument) {
|
|
|
|
DoStopTheWorldParam param = {callback, argument};
|
|
|
|
dl_iterate_phdr(DoStopTheWorldCallback, ¶m);
|
|
|
|
}
|
|
|
|
|
2015-10-01 08:22:21 +08:00
|
|
|
} // namespace __lsan
|
|
|
|
|
|
|
|
#endif // CAN_SANITIZE_LEAKS && SANITIZER_LINUX
|