1 //===-- tsan_interceptors.cc ----------------------------------------------===// 2 // 3 // The LLVM Compiler Infrastructure 4 // 5 // This file is distributed under the University of Illinois Open Source 6 // License. See LICENSE.TXT for details. 7 // 8 //===----------------------------------------------------------------------===// 9 // 10 // This file is a part of ThreadSanitizer (TSan), a race detector. 11 // 12 // FIXME: move as many interceptors as possible into 13 // sanitizer_common/sanitizer_common_interceptors.inc 14 //===----------------------------------------------------------------------===// 15 16 #include "sanitizer_common/sanitizer_atomic.h" 17 #include "sanitizer_common/sanitizer_libc.h" 18 #include "sanitizer_common/sanitizer_linux.h" 19 #include "sanitizer_common/sanitizer_platform_limits_posix.h" 20 #include "sanitizer_common/sanitizer_placement_new.h" 21 #include "sanitizer_common/sanitizer_stacktrace.h" 22 #include "interception/interception.h" 23 #include "tsan_interface.h" 24 #include "tsan_platform.h" 25 #include "tsan_suppressions.h" 26 #include "tsan_rtl.h" 27 #include "tsan_mman.h" 28 #include "tsan_fd.h" 29 30 using namespace __tsan; // NOLINT 31 32 #if SANITIZER_FREEBSD 33 #define __errno_location __error 34 #define __libc_malloc __malloc 35 #define __libc_realloc __realloc 36 #define __libc_calloc __calloc 37 #define __libc_free __free 38 #define stdout __stdoutp 39 #define stderr __stderrp 40 #endif 41 42 #ifdef __mips__ 43 const int kSigCount = 129; 44 #else 45 const int kSigCount = 65; 46 #endif 47 48 struct my_siginfo_t { 49 // The size is determined by looking at sizeof of real siginfo_t on linux. 50 u64 opaque[128 / sizeof(u64)]; 51 }; 52 53 #ifdef __mips__ 54 struct ucontext_t { 55 u64 opaque[768 / sizeof(u64) + 1]; 56 }; 57 #else 58 struct ucontext_t { 59 // The size is determined by looking at sizeof of real ucontext_t on linux. 60 u64 opaque[936 / sizeof(u64) + 1]; 61 }; 62 #endif 63 64 extern "C" int pthread_attr_init(void *attr); 65 extern "C" int pthread_attr_destroy(void *attr); 66 DECLARE_REAL(int, pthread_attr_getdetachstate, void *, void *) 67 extern "C" int pthread_attr_setstacksize(void *attr, uptr stacksize); 68 extern "C" int pthread_key_create(unsigned *key, void (*destructor)(void* v)); 69 extern "C" int pthread_setspecific(unsigned key, const void *v); 70 DECLARE_REAL(int, pthread_mutexattr_gettype, void *, void *) 71 extern "C" int pthread_yield(); 72 extern "C" int pthread_sigmask(int how, const __sanitizer_sigset_t *set, 73 __sanitizer_sigset_t *oldset); 74 // REAL(sigfillset) defined in common interceptors. 75 DECLARE_REAL(int, sigfillset, __sanitizer_sigset_t *set) 76 DECLARE_REAL(int, fflush, __sanitizer_FILE *fp) 77 extern "C" void *pthread_self(); 78 extern "C" void _exit(int status); 79 extern "C" int *__errno_location(); 80 extern "C" int fileno_unlocked(void *stream); 81 extern "C" void *__libc_malloc(uptr size); 82 extern "C" void *__libc_calloc(uptr size, uptr n); 83 extern "C" void *__libc_realloc(void *ptr, uptr size); 84 extern "C" void __libc_free(void *ptr); 85 extern "C" int dirfd(void *dirp); 86 #if !SANITIZER_FREEBSD 87 extern "C" int mallopt(int param, int value); 88 #endif 89 extern __sanitizer_FILE *stdout, *stderr; 90 const int PTHREAD_MUTEX_RECURSIVE = 1; 91 const int PTHREAD_MUTEX_RECURSIVE_NP = 1; 92 const int EINVAL = 22; 93 const int EBUSY = 16; 94 const int EOWNERDEAD = 130; 95 const int EPOLL_CTL_ADD = 1; 96 const int SIGILL = 4; 97 const int SIGABRT = 6; 98 const int SIGFPE = 8; 99 const int SIGSEGV = 11; 100 const int SIGPIPE = 13; 101 const int SIGTERM = 15; 102 #ifdef __mips__ 103 const int SIGBUS = 10; 104 const int SIGSYS = 12; 105 #else 106 const int SIGBUS = 7; 107 const int SIGSYS = 31; 108 #endif 109 void *const MAP_FAILED = (void*)-1; 110 const int PTHREAD_BARRIER_SERIAL_THREAD = -1; 111 const int MAP_FIXED = 0x10; 112 typedef long long_t; // NOLINT 113 114 // From /usr/include/unistd.h 115 # define F_ULOCK 0 /* Unlock a previously locked region. */ 116 # define F_LOCK 1 /* Lock a region for exclusive use. */ 117 # define F_TLOCK 2 /* Test and lock a region for exclusive use. */ 118 # define F_TEST 3 /* Test a region for other processes locks. */ 119 120 #define errno (*__errno_location()) 121 122 typedef void (*sighandler_t)(int sig); 123 typedef void (*sigactionhandler_t)(int sig, my_siginfo_t *siginfo, void *uctx); 124 125 struct sigaction_t { 126 #ifdef __mips__ 127 u32 sa_flags; 128 #endif 129 union { 130 sighandler_t sa_handler; 131 sigactionhandler_t sa_sigaction; 132 }; 133 #if SANITIZER_FREEBSD 134 int sa_flags; 135 __sanitizer_sigset_t sa_mask; 136 #else 137 __sanitizer_sigset_t sa_mask; 138 #ifndef __mips__ 139 int sa_flags; 140 #endif 141 void (*sa_restorer)(); 142 #endif 143 }; 144 145 const sighandler_t SIG_DFL = (sighandler_t)0; 146 const sighandler_t SIG_IGN = (sighandler_t)1; 147 const sighandler_t SIG_ERR = (sighandler_t)-1; 148 #if SANITIZER_FREEBSD 149 const int SA_SIGINFO = 0x40; 150 const int SIG_SETMASK = 3; 151 #elif defined(__mips__) 152 const int SA_SIGINFO = 8; 153 const int SIG_SETMASK = 3; 154 #else 155 const int SA_SIGINFO = 4; 156 const int SIG_SETMASK = 2; 157 #endif 158 159 #define COMMON_INTERCEPTOR_NOTHING_IS_INITIALIZED \ 160 (!cur_thread()->is_inited) 161 162 namespace std { 163 struct nothrow_t {}; 164 } // namespace std 165 166 static sigaction_t sigactions[kSigCount]; 167 168 namespace __tsan { 169 struct SignalDesc { 170 bool armed; 171 bool sigaction; 172 my_siginfo_t siginfo; 173 ucontext_t ctx; 174 }; 175 176 struct ThreadSignalContext { 177 int int_signal_send; 178 atomic_uintptr_t in_blocking_func; 179 atomic_uintptr_t have_pending_signals; 180 SignalDesc pending_signals[kSigCount]; 181 }; 182 183 // The object is 64-byte aligned, because we want hot data to be located in 184 // a single cache line if possible (it's accessed in every interceptor). 185 static ALIGNED(64) char libignore_placeholder[sizeof(LibIgnore)]; 186 static LibIgnore *libignore() { 187 return reinterpret_cast<LibIgnore*>(&libignore_placeholder[0]); 188 } 189 190 void InitializeLibIgnore() { 191 const SuppressionContext &supp = *Suppressions(); 192 const uptr n = supp.SuppressionCount(); 193 for (uptr i = 0; i < n; i++) { 194 const Suppression *s = supp.SuppressionAt(i); 195 if (0 == internal_strcmp(s->type, kSuppressionLib)) 196 libignore()->AddIgnoredLibrary(s->templ); 197 } 198 libignore()->OnLibraryLoaded(0); 199 } 200 201 } // namespace __tsan 202 203 static ThreadSignalContext *SigCtx(ThreadState *thr) { 204 ThreadSignalContext *ctx = (ThreadSignalContext*)thr->signal_ctx; 205 if (ctx == 0 && !thr->is_dead) { 206 ctx = (ThreadSignalContext*)MmapOrDie(sizeof(*ctx), "ThreadSignalContext"); 207 MemoryResetRange(thr, (uptr)&SigCtx, (uptr)ctx, sizeof(*ctx)); 208 thr->signal_ctx = ctx; 209 } 210 return ctx; 211 } 212 213 static unsigned g_thread_finalize_key; 214 215 class ScopedInterceptor { 216 public: 217 ScopedInterceptor(ThreadState *thr, const char *fname, uptr pc); 218 ~ScopedInterceptor(); 219 private: 220 ThreadState *const thr_; 221 const uptr pc_; 222 bool in_ignored_lib_; 223 }; 224 225 ScopedInterceptor::ScopedInterceptor(ThreadState *thr, const char *fname, 226 uptr pc) 227 : thr_(thr) 228 , pc_(pc) 229 , in_ignored_lib_(false) { 230 if (!thr_->ignore_interceptors) { 231 Initialize(thr); 232 FuncEntry(thr, pc); 233 } 234 DPrintf("#%d: intercept %s()\n", thr_->tid, fname); 235 if (!thr_->in_ignored_lib && libignore()->IsIgnored(pc)) { 236 in_ignored_lib_ = true; 237 thr_->in_ignored_lib = true; 238 ThreadIgnoreBegin(thr_, pc_); 239 } 240 } 241 242 ScopedInterceptor::~ScopedInterceptor() { 243 if (in_ignored_lib_) { 244 thr_->in_ignored_lib = false; 245 ThreadIgnoreEnd(thr_, pc_); 246 } 247 if (!thr_->ignore_interceptors) { 248 ProcessPendingSignals(thr_); 249 FuncExit(thr_); 250 CheckNoLocks(thr_); 251 } 252 } 253 254 #define SCOPED_INTERCEPTOR_RAW(func, ...) \ 255 ThreadState *thr = cur_thread(); \ 256 const uptr caller_pc = GET_CALLER_PC(); \ 257 ScopedInterceptor si(thr, #func, caller_pc); \ 258 const uptr pc = StackTrace::GetCurrentPc(); \ 259 (void)pc; \ 260 /**/ 261 262 #define SCOPED_TSAN_INTERCEPTOR(func, ...) \ 263 SCOPED_INTERCEPTOR_RAW(func, __VA_ARGS__); \ 264 if (REAL(func) == 0) { \ 265 Report("FATAL: ThreadSanitizer: failed to intercept %s\n", #func); \ 266 Die(); \ 267 } \ 268 if (thr->ignore_interceptors || thr->in_ignored_lib) \ 269 return REAL(func)(__VA_ARGS__); \ 270 /**/ 271 272 #define TSAN_INTERCEPTOR(ret, func, ...) INTERCEPTOR(ret, func, __VA_ARGS__) 273 #define TSAN_INTERCEPT(func) INTERCEPT_FUNCTION(func) 274 #if SANITIZER_FREEBSD 275 # define TSAN_INTERCEPT_VER(func, ver) INTERCEPT_FUNCTION(func) 276 #else 277 # define TSAN_INTERCEPT_VER(func, ver) INTERCEPT_FUNCTION_VER(func, ver) 278 #endif 279 280 #define READ_STRING_OF_LEN(thr, pc, s, len, n) \ 281 MemoryAccessRange((thr), (pc), (uptr)(s), \ 282 common_flags()->strict_string_checks ? (len) + 1 : (n), false) 283 284 #define READ_STRING(thr, pc, s, n) \ 285 READ_STRING_OF_LEN((thr), (pc), (s), internal_strlen(s), (n)) 286 287 #define BLOCK_REAL(name) (BlockingCall(thr), REAL(name)) 288 289 struct BlockingCall { 290 explicit BlockingCall(ThreadState *thr) 291 : thr(thr) 292 , ctx(SigCtx(thr)) { 293 for (;;) { 294 atomic_store(&ctx->in_blocking_func, 1, memory_order_relaxed); 295 if (atomic_load(&ctx->have_pending_signals, memory_order_relaxed) == 0) 296 break; 297 atomic_store(&ctx->in_blocking_func, 0, memory_order_relaxed); 298 ProcessPendingSignals(thr); 299 } 300 // When we are in a "blocking call", we process signals asynchronously 301 // (right when they arrive). In this context we do not expect to be 302 // executing any user/runtime code. The known interceptor sequence when 303 // this is not true is: pthread_join -> munmap(stack). It's fine 304 // to ignore munmap in this case -- we handle stack shadow separately. 305 thr->ignore_interceptors++; 306 } 307 308 ~BlockingCall() { 309 thr->ignore_interceptors--; 310 atomic_store(&ctx->in_blocking_func, 0, memory_order_relaxed); 311 } 312 313 ThreadState *thr; 314 ThreadSignalContext *ctx; 315 }; 316 317 TSAN_INTERCEPTOR(unsigned, sleep, unsigned sec) { 318 SCOPED_TSAN_INTERCEPTOR(sleep, sec); 319 unsigned res = BLOCK_REAL(sleep)(sec); 320 AfterSleep(thr, pc); 321 return res; 322 } 323 324 TSAN_INTERCEPTOR(int, usleep, long_t usec) { 325 SCOPED_TSAN_INTERCEPTOR(usleep, usec); 326 int res = BLOCK_REAL(usleep)(usec); 327 AfterSleep(thr, pc); 328 return res; 329 } 330 331 TSAN_INTERCEPTOR(int, nanosleep, void *req, void *rem) { 332 SCOPED_TSAN_INTERCEPTOR(nanosleep, req, rem); 333 int res = BLOCK_REAL(nanosleep)(req, rem); 334 AfterSleep(thr, pc); 335 return res; 336 } 337 338 // The sole reason tsan wraps atexit callbacks is to establish synchronization 339 // between callback setup and callback execution. 340 struct AtExitCtx { 341 void (*f)(); 342 void *arg; 343 }; 344 345 static void at_exit_wrapper(void *arg) { 346 ThreadState *thr = cur_thread(); 347 uptr pc = 0; 348 Acquire(thr, pc, (uptr)arg); 349 AtExitCtx *ctx = (AtExitCtx*)arg; 350 ((void(*)(void *arg))ctx->f)(ctx->arg); 351 __libc_free(ctx); 352 } 353 354 static int setup_at_exit_wrapper(ThreadState *thr, uptr pc, void(*f)(), 355 void *arg, void *dso); 356 357 TSAN_INTERCEPTOR(int, atexit, void (*f)()) { 358 if (cur_thread()->in_symbolizer) 359 return 0; 360 // We want to setup the atexit callback even if we are in ignored lib 361 // or after fork. 362 SCOPED_INTERCEPTOR_RAW(atexit, f); 363 return setup_at_exit_wrapper(thr, pc, (void(*)())f, 0, 0); 364 } 365 366 TSAN_INTERCEPTOR(int, __cxa_atexit, void (*f)(void *a), void *arg, void *dso) { 367 if (cur_thread()->in_symbolizer) 368 return 0; 369 SCOPED_TSAN_INTERCEPTOR(__cxa_atexit, f, arg, dso); 370 return setup_at_exit_wrapper(thr, pc, (void(*)())f, arg, dso); 371 } 372 373 static int setup_at_exit_wrapper(ThreadState *thr, uptr pc, void(*f)(), 374 void *arg, void *dso) { 375 AtExitCtx *ctx = (AtExitCtx*)__libc_malloc(sizeof(AtExitCtx)); 376 ctx->f = f; 377 ctx->arg = arg; 378 Release(thr, pc, (uptr)ctx); 379 // Memory allocation in __cxa_atexit will race with free during exit, 380 // because we do not see synchronization around atexit callback list. 381 ThreadIgnoreBegin(thr, pc); 382 int res = REAL(__cxa_atexit)(at_exit_wrapper, ctx, dso); 383 ThreadIgnoreEnd(thr, pc); 384 return res; 385 } 386 387 static void on_exit_wrapper(int status, void *arg) { 388 ThreadState *thr = cur_thread(); 389 uptr pc = 0; 390 Acquire(thr, pc, (uptr)arg); 391 AtExitCtx *ctx = (AtExitCtx*)arg; 392 ((void(*)(int status, void *arg))ctx->f)(status, ctx->arg); 393 __libc_free(ctx); 394 } 395 396 TSAN_INTERCEPTOR(int, on_exit, void(*f)(int, void*), void *arg) { 397 if (cur_thread()->in_symbolizer) 398 return 0; 399 SCOPED_TSAN_INTERCEPTOR(on_exit, f, arg); 400 AtExitCtx *ctx = (AtExitCtx*)__libc_malloc(sizeof(AtExitCtx)); 401 ctx->f = (void(*)())f; 402 ctx->arg = arg; 403 Release(thr, pc, (uptr)ctx); 404 // Memory allocation in __cxa_atexit will race with free during exit, 405 // because we do not see synchronization around atexit callback list. 406 ThreadIgnoreBegin(thr, pc); 407 int res = REAL(on_exit)(on_exit_wrapper, ctx); 408 ThreadIgnoreEnd(thr, pc); 409 return res; 410 } 411 412 // Cleanup old bufs. 413 static void JmpBufGarbageCollect(ThreadState *thr, uptr sp) { 414 for (uptr i = 0; i < thr->jmp_bufs.Size(); i++) { 415 JmpBuf *buf = &thr->jmp_bufs[i]; 416 if (buf->sp <= sp) { 417 uptr sz = thr->jmp_bufs.Size(); 418 thr->jmp_bufs[i] = thr->jmp_bufs[sz - 1]; 419 thr->jmp_bufs.PopBack(); 420 i--; 421 } 422 } 423 } 424 425 static void SetJmp(ThreadState *thr, uptr sp, uptr mangled_sp) { 426 if (!thr->is_inited) // called from libc guts during bootstrap 427 return; 428 // Cleanup old bufs. 429 JmpBufGarbageCollect(thr, sp); 430 // Remember the buf. 431 JmpBuf *buf = thr->jmp_bufs.PushBack(); 432 buf->sp = sp; 433 buf->mangled_sp = mangled_sp; 434 buf->shadow_stack_pos = thr->shadow_stack_pos; 435 ThreadSignalContext *sctx = SigCtx(thr); 436 buf->int_signal_send = sctx ? sctx->int_signal_send : 0; 437 buf->in_blocking_func = sctx ? 438 atomic_load(&sctx->in_blocking_func, memory_order_relaxed) : 439 false; 440 buf->in_signal_handler = atomic_load(&thr->in_signal_handler, 441 memory_order_relaxed); 442 } 443 444 static void LongJmp(ThreadState *thr, uptr *env) { 445 #if SANITIZER_FREEBSD 446 uptr mangled_sp = env[2]; 447 #else 448 uptr mangled_sp = env[6]; 449 #endif // SANITIZER_FREEBSD 450 // Find the saved buf by mangled_sp. 451 for (uptr i = 0; i < thr->jmp_bufs.Size(); i++) { 452 JmpBuf *buf = &thr->jmp_bufs[i]; 453 if (buf->mangled_sp == mangled_sp) { 454 CHECK_GE(thr->shadow_stack_pos, buf->shadow_stack_pos); 455 // Unwind the stack. 456 while (thr->shadow_stack_pos > buf->shadow_stack_pos) 457 FuncExit(thr); 458 ThreadSignalContext *sctx = SigCtx(thr); 459 if (sctx) { 460 sctx->int_signal_send = buf->int_signal_send; 461 atomic_store(&sctx->in_blocking_func, buf->in_blocking_func, 462 memory_order_relaxed); 463 } 464 atomic_store(&thr->in_signal_handler, buf->in_signal_handler, 465 memory_order_relaxed); 466 JmpBufGarbageCollect(thr, buf->sp - 1); // do not collect buf->sp 467 return; 468 } 469 } 470 Printf("ThreadSanitizer: can't find longjmp buf\n"); 471 CHECK(0); 472 } 473 474 // FIXME: put everything below into a common extern "C" block? 475 extern "C" void __tsan_setjmp(uptr sp, uptr mangled_sp) { 476 SetJmp(cur_thread(), sp, mangled_sp); 477 } 478 479 // Not called. Merely to satisfy TSAN_INTERCEPT(). 480 extern "C" SANITIZER_INTERFACE_ATTRIBUTE 481 int __interceptor_setjmp(void *env); 482 extern "C" int __interceptor_setjmp(void *env) { 483 CHECK(0); 484 return 0; 485 } 486 487 // FIXME: any reason to have a separate declaration? 488 extern "C" SANITIZER_INTERFACE_ATTRIBUTE 489 int __interceptor__setjmp(void *env); 490 extern "C" int __interceptor__setjmp(void *env) { 491 CHECK(0); 492 return 0; 493 } 494 495 extern "C" SANITIZER_INTERFACE_ATTRIBUTE 496 int __interceptor_sigsetjmp(void *env); 497 extern "C" int __interceptor_sigsetjmp(void *env) { 498 CHECK(0); 499 return 0; 500 } 501 502 extern "C" SANITIZER_INTERFACE_ATTRIBUTE 503 int __interceptor___sigsetjmp(void *env); 504 extern "C" int __interceptor___sigsetjmp(void *env) { 505 CHECK(0); 506 return 0; 507 } 508 509 extern "C" int setjmp(void *env); 510 extern "C" int _setjmp(void *env); 511 extern "C" int sigsetjmp(void *env); 512 extern "C" int __sigsetjmp(void *env); 513 DEFINE_REAL(int, setjmp, void *env) 514 DEFINE_REAL(int, _setjmp, void *env) 515 DEFINE_REAL(int, sigsetjmp, void *env) 516 DEFINE_REAL(int, __sigsetjmp, void *env) 517 518 TSAN_INTERCEPTOR(void, longjmp, uptr *env, int val) { 519 { 520 SCOPED_TSAN_INTERCEPTOR(longjmp, env, val); 521 } 522 LongJmp(cur_thread(), env); 523 REAL(longjmp)(env, val); 524 } 525 526 TSAN_INTERCEPTOR(void, siglongjmp, uptr *env, int val) { 527 { 528 SCOPED_TSAN_INTERCEPTOR(siglongjmp, env, val); 529 } 530 LongJmp(cur_thread(), env); 531 REAL(siglongjmp)(env, val); 532 } 533 534 TSAN_INTERCEPTOR(void*, malloc, uptr size) { 535 if (cur_thread()->in_symbolizer) 536 return __libc_malloc(size); 537 void *p = 0; 538 { 539 SCOPED_INTERCEPTOR_RAW(malloc, size); 540 p = user_alloc(thr, pc, size); 541 } 542 invoke_malloc_hook(p, size); 543 return p; 544 } 545 546 TSAN_INTERCEPTOR(void*, __libc_memalign, uptr align, uptr sz) { 547 SCOPED_TSAN_INTERCEPTOR(__libc_memalign, align, sz); 548 return user_alloc(thr, pc, sz, align); 549 } 550 551 TSAN_INTERCEPTOR(void*, calloc, uptr size, uptr n) { 552 if (cur_thread()->in_symbolizer) 553 return __libc_calloc(size, n); 554 void *p = 0; 555 { 556 SCOPED_INTERCEPTOR_RAW(calloc, size, n); 557 p = user_calloc(thr, pc, size, n); 558 } 559 invoke_malloc_hook(p, n * size); 560 return p; 561 } 562 563 TSAN_INTERCEPTOR(void*, realloc, void *p, uptr size) { 564 if (cur_thread()->in_symbolizer) 565 return __libc_realloc(p, size); 566 if (p) 567 invoke_free_hook(p); 568 { 569 SCOPED_INTERCEPTOR_RAW(realloc, p, size); 570 p = user_realloc(thr, pc, p, size); 571 } 572 invoke_malloc_hook(p, size); 573 return p; 574 } 575 576 TSAN_INTERCEPTOR(void, free, void *p) { 577 if (p == 0) 578 return; 579 if (cur_thread()->in_symbolizer) 580 return __libc_free(p); 581 invoke_free_hook(p); 582 SCOPED_INTERCEPTOR_RAW(free, p); 583 user_free(thr, pc, p); 584 } 585 586 TSAN_INTERCEPTOR(void, cfree, void *p) { 587 if (p == 0) 588 return; 589 if (cur_thread()->in_symbolizer) 590 return __libc_free(p); 591 invoke_free_hook(p); 592 SCOPED_INTERCEPTOR_RAW(cfree, p); 593 user_free(thr, pc, p); 594 } 595 596 TSAN_INTERCEPTOR(uptr, malloc_usable_size, void *p) { 597 SCOPED_INTERCEPTOR_RAW(malloc_usable_size, p); 598 return user_alloc_usable_size(p); 599 } 600 601 #define OPERATOR_NEW_BODY(mangled_name) \ 602 if (cur_thread()->in_symbolizer) \ 603 return __libc_malloc(size); \ 604 void *p = 0; \ 605 { \ 606 SCOPED_INTERCEPTOR_RAW(mangled_name, size); \ 607 p = user_alloc(thr, pc, size); \ 608 } \ 609 invoke_malloc_hook(p, size); \ 610 return p; 611 612 SANITIZER_INTERFACE_ATTRIBUTE 613 void *operator new(__sanitizer::uptr size); 614 void *operator new(__sanitizer::uptr size) { 615 OPERATOR_NEW_BODY(_Znwm); 616 } 617 618 SANITIZER_INTERFACE_ATTRIBUTE 619 void *operator new[](__sanitizer::uptr size); 620 void *operator new[](__sanitizer::uptr size) { 621 OPERATOR_NEW_BODY(_Znam); 622 } 623 624 SANITIZER_INTERFACE_ATTRIBUTE 625 void *operator new(__sanitizer::uptr size, std::nothrow_t const&); 626 void *operator new(__sanitizer::uptr size, std::nothrow_t const&) { 627 OPERATOR_NEW_BODY(_ZnwmRKSt9nothrow_t); 628 } 629 630 SANITIZER_INTERFACE_ATTRIBUTE 631 void *operator new[](__sanitizer::uptr size, std::nothrow_t const&); 632 void *operator new[](__sanitizer::uptr size, std::nothrow_t const&) { 633 OPERATOR_NEW_BODY(_ZnamRKSt9nothrow_t); 634 } 635 636 #define OPERATOR_DELETE_BODY(mangled_name) \ 637 if (ptr == 0) return; \ 638 if (cur_thread()->in_symbolizer) \ 639 return __libc_free(ptr); \ 640 invoke_free_hook(ptr); \ 641 SCOPED_INTERCEPTOR_RAW(mangled_name, ptr); \ 642 user_free(thr, pc, ptr); 643 644 SANITIZER_INTERFACE_ATTRIBUTE 645 void operator delete(void *ptr) throw(); 646 void operator delete(void *ptr) throw() { 647 OPERATOR_DELETE_BODY(_ZdlPv); 648 } 649 650 SANITIZER_INTERFACE_ATTRIBUTE 651 void operator delete[](void *ptr) throw(); 652 void operator delete[](void *ptr) throw() { 653 OPERATOR_DELETE_BODY(_ZdaPv); 654 } 655 656 SANITIZER_INTERFACE_ATTRIBUTE 657 void operator delete(void *ptr, std::nothrow_t const&); 658 void operator delete(void *ptr, std::nothrow_t const&) { 659 OPERATOR_DELETE_BODY(_ZdlPvRKSt9nothrow_t); 660 } 661 662 SANITIZER_INTERFACE_ATTRIBUTE 663 void operator delete[](void *ptr, std::nothrow_t const&); 664 void operator delete[](void *ptr, std::nothrow_t const&) { 665 OPERATOR_DELETE_BODY(_ZdaPvRKSt9nothrow_t); 666 } 667 668 TSAN_INTERCEPTOR(uptr, strlen, const char *s) { 669 SCOPED_TSAN_INTERCEPTOR(strlen, s); 670 uptr len = internal_strlen(s); 671 MemoryAccessRange(thr, pc, (uptr)s, len + 1, false); 672 return len; 673 } 674 675 TSAN_INTERCEPTOR(void*, memset, void *dst, int v, uptr size) { 676 // On FreeBSD we get here from libthr internals on thread initialization. 677 if (!COMMON_INTERCEPTOR_NOTHING_IS_INITIALIZED) { 678 SCOPED_TSAN_INTERCEPTOR(memset, dst, v, size); 679 MemoryAccessRange(thr, pc, (uptr)dst, size, true); 680 } 681 return internal_memset(dst, v, size); 682 } 683 684 TSAN_INTERCEPTOR(void*, memcpy, void *dst, const void *src, uptr size) { 685 // On FreeBSD we get here from libthr internals on thread initialization. 686 if (!COMMON_INTERCEPTOR_NOTHING_IS_INITIALIZED) { 687 SCOPED_TSAN_INTERCEPTOR(memcpy, dst, src, size); 688 MemoryAccessRange(thr, pc, (uptr)dst, size, true); 689 MemoryAccessRange(thr, pc, (uptr)src, size, false); 690 } 691 return internal_memcpy(dst, src, size); 692 } 693 694 TSAN_INTERCEPTOR(int, memcmp, const void *s1, const void *s2, uptr n) { 695 SCOPED_TSAN_INTERCEPTOR(memcmp, s1, s2, n); 696 int res = 0; 697 uptr len = 0; 698 for (; len < n; len++) { 699 if ((res = ((const unsigned char *)s1)[len] - 700 ((const unsigned char *)s2)[len])) 701 break; 702 } 703 MemoryAccessRange(thr, pc, (uptr)s1, len < n ? len + 1 : n, false); 704 MemoryAccessRange(thr, pc, (uptr)s2, len < n ? len + 1 : n, false); 705 return res; 706 } 707 708 TSAN_INTERCEPTOR(void*, memmove, void *dst, void *src, uptr n) { 709 SCOPED_TSAN_INTERCEPTOR(memmove, dst, src, n); 710 MemoryAccessRange(thr, pc, (uptr)dst, n, true); 711 MemoryAccessRange(thr, pc, (uptr)src, n, false); 712 return REAL(memmove)(dst, src, n); 713 } 714 715 TSAN_INTERCEPTOR(char*, strchr, char *s, int c) { 716 SCOPED_TSAN_INTERCEPTOR(strchr, s, c); 717 char *res = REAL(strchr)(s, c); 718 uptr len = internal_strlen(s); 719 uptr n = res ? (char*)res - (char*)s + 1 : len + 1; 720 READ_STRING_OF_LEN(thr, pc, s, len, n); 721 return res; 722 } 723 724 TSAN_INTERCEPTOR(char*, strchrnul, char *s, int c) { 725 SCOPED_TSAN_INTERCEPTOR(strchrnul, s, c); 726 char *res = REAL(strchrnul)(s, c); 727 uptr len = (char*)res - (char*)s + 1; 728 READ_STRING(thr, pc, s, len); 729 return res; 730 } 731 732 TSAN_INTERCEPTOR(char*, strrchr, char *s, int c) { 733 SCOPED_TSAN_INTERCEPTOR(strrchr, s, c); 734 MemoryAccessRange(thr, pc, (uptr)s, internal_strlen(s) + 1, false); 735 return REAL(strrchr)(s, c); 736 } 737 738 TSAN_INTERCEPTOR(char*, strcpy, char *dst, const char *src) { // NOLINT 739 SCOPED_TSAN_INTERCEPTOR(strcpy, dst, src); // NOLINT 740 uptr srclen = internal_strlen(src); 741 MemoryAccessRange(thr, pc, (uptr)dst, srclen + 1, true); 742 MemoryAccessRange(thr, pc, (uptr)src, srclen + 1, false); 743 return REAL(strcpy)(dst, src); // NOLINT 744 } 745 746 TSAN_INTERCEPTOR(char*, strncpy, char *dst, char *src, uptr n) { 747 SCOPED_TSAN_INTERCEPTOR(strncpy, dst, src, n); 748 uptr srclen = internal_strnlen(src, n); 749 MemoryAccessRange(thr, pc, (uptr)dst, n, true); 750 MemoryAccessRange(thr, pc, (uptr)src, min(srclen + 1, n), false); 751 return REAL(strncpy)(dst, src, n); 752 } 753 754 TSAN_INTERCEPTOR(const char*, strstr, const char *s1, const char *s2) { 755 SCOPED_TSAN_INTERCEPTOR(strstr, s1, s2); 756 const char *res = REAL(strstr)(s1, s2); 757 uptr len1 = internal_strlen(s1); 758 uptr len2 = internal_strlen(s2); 759 MemoryAccessRange(thr, pc, (uptr)s1, len1 + 1, false); 760 MemoryAccessRange(thr, pc, (uptr)s2, len2 + 1, false); 761 return res; 762 } 763 764 TSAN_INTERCEPTOR(char*, strdup, const char *str) { 765 SCOPED_TSAN_INTERCEPTOR(strdup, str); 766 // strdup will call malloc, so no instrumentation is required here. 767 return REAL(strdup)(str); 768 } 769 770 static bool fix_mmap_addr(void **addr, long_t sz, int flags) { 771 if (*addr) { 772 if (!IsAppMem((uptr)*addr) || !IsAppMem((uptr)*addr + sz - 1)) { 773 if (flags & MAP_FIXED) { 774 errno = EINVAL; 775 return false; 776 } else { 777 *addr = 0; 778 } 779 } 780 } 781 return true; 782 } 783 784 TSAN_INTERCEPTOR(void*, mmap, void *addr, long_t sz, int prot, 785 int flags, int fd, unsigned off) { 786 SCOPED_TSAN_INTERCEPTOR(mmap, addr, sz, prot, flags, fd, off); 787 if (!fix_mmap_addr(&addr, sz, flags)) 788 return MAP_FAILED; 789 void *res = REAL(mmap)(addr, sz, prot, flags, fd, off); 790 if (res != MAP_FAILED) { 791 if (fd > 0) 792 FdAccess(thr, pc, fd); 793 MemoryRangeImitateWrite(thr, pc, (uptr)res, sz); 794 } 795 return res; 796 } 797 798 #if !SANITIZER_FREEBSD 799 TSAN_INTERCEPTOR(void*, mmap64, void *addr, long_t sz, int prot, 800 int flags, int fd, u64 off) { 801 SCOPED_TSAN_INTERCEPTOR(mmap64, addr, sz, prot, flags, fd, off); 802 if (!fix_mmap_addr(&addr, sz, flags)) 803 return MAP_FAILED; 804 void *res = REAL(mmap64)(addr, sz, prot, flags, fd, off); 805 if (res != MAP_FAILED) { 806 if (fd > 0) 807 FdAccess(thr, pc, fd); 808 MemoryRangeImitateWrite(thr, pc, (uptr)res, sz); 809 } 810 return res; 811 } 812 #define TSAN_MAYBE_INTERCEPT_MMAP64 TSAN_INTERCEPT(mmap64) 813 #else 814 #define TSAN_MAYBE_INTERCEPT_MMAP64 815 #endif 816 817 TSAN_INTERCEPTOR(int, munmap, void *addr, long_t sz) { 818 SCOPED_TSAN_INTERCEPTOR(munmap, addr, sz); 819 if (sz != 0) { 820 // If sz == 0, munmap will return EINVAL and don't unmap any memory. 821 DontNeedShadowFor((uptr)addr, sz); 822 ctx->metamap.ResetRange(thr, pc, (uptr)addr, (uptr)sz); 823 } 824 int res = REAL(munmap)(addr, sz); 825 return res; 826 } 827 828 #if !SANITIZER_FREEBSD 829 TSAN_INTERCEPTOR(void*, memalign, uptr align, uptr sz) { 830 SCOPED_INTERCEPTOR_RAW(memalign, align, sz); 831 return user_alloc(thr, pc, sz, align); 832 } 833 #define TSAN_MAYBE_INTERCEPT_MEMALIGN TSAN_INTERCEPT(memalign) 834 #else 835 #define TSAN_MAYBE_INTERCEPT_MEMALIGN 836 #endif 837 838 TSAN_INTERCEPTOR(void*, aligned_alloc, uptr align, uptr sz) { 839 SCOPED_INTERCEPTOR_RAW(memalign, align, sz); 840 return user_alloc(thr, pc, sz, align); 841 } 842 843 TSAN_INTERCEPTOR(void*, valloc, uptr sz) { 844 SCOPED_INTERCEPTOR_RAW(valloc, sz); 845 return user_alloc(thr, pc, sz, GetPageSizeCached()); 846 } 847 848 #if !SANITIZER_FREEBSD 849 TSAN_INTERCEPTOR(void*, pvalloc, uptr sz) { 850 SCOPED_INTERCEPTOR_RAW(pvalloc, sz); 851 sz = RoundUp(sz, GetPageSizeCached()); 852 return user_alloc(thr, pc, sz, GetPageSizeCached()); 853 } 854 #define TSAN_MAYBE_INTERCEPT_PVALLOC TSAN_INTERCEPT(pvalloc) 855 #else 856 #define TSAN_MAYBE_INTERCEPT_PVALLOC 857 #endif 858 859 TSAN_INTERCEPTOR(int, posix_memalign, void **memptr, uptr align, uptr sz) { 860 SCOPED_INTERCEPTOR_RAW(posix_memalign, memptr, align, sz); 861 *memptr = user_alloc(thr, pc, sz, align); 862 return 0; 863 } 864 865 // Used in thread-safe function static initialization. 866 extern "C" int INTERFACE_ATTRIBUTE __cxa_guard_acquire(atomic_uint32_t *g) { 867 SCOPED_INTERCEPTOR_RAW(__cxa_guard_acquire, g); 868 for (;;) { 869 u32 cmp = atomic_load(g, memory_order_acquire); 870 if (cmp == 0) { 871 if (atomic_compare_exchange_strong(g, &cmp, 1<<16, memory_order_relaxed)) 872 return 1; 873 } else if (cmp == 1) { 874 Acquire(thr, pc, (uptr)g); 875 return 0; 876 } else { 877 internal_sched_yield(); 878 } 879 } 880 } 881 882 extern "C" void INTERFACE_ATTRIBUTE __cxa_guard_release(atomic_uint32_t *g) { 883 SCOPED_INTERCEPTOR_RAW(__cxa_guard_release, g); 884 Release(thr, pc, (uptr)g); 885 atomic_store(g, 1, memory_order_release); 886 } 887 888 extern "C" void INTERFACE_ATTRIBUTE __cxa_guard_abort(atomic_uint32_t *g) { 889 SCOPED_INTERCEPTOR_RAW(__cxa_guard_abort, g); 890 atomic_store(g, 0, memory_order_relaxed); 891 } 892 893 static void thread_finalize(void *v) { 894 uptr iter = (uptr)v; 895 if (iter > 1) { 896 if (pthread_setspecific(g_thread_finalize_key, (void*)(iter - 1))) { 897 Printf("ThreadSanitizer: failed to set thread key\n"); 898 Die(); 899 } 900 return; 901 } 902 { 903 ThreadState *thr = cur_thread(); 904 ThreadFinish(thr); 905 ThreadSignalContext *sctx = thr->signal_ctx; 906 if (sctx) { 907 thr->signal_ctx = 0; 908 UnmapOrDie(sctx, sizeof(*sctx)); 909 } 910 } 911 } 912 913 914 struct ThreadParam { 915 void* (*callback)(void *arg); 916 void *param; 917 atomic_uintptr_t tid; 918 }; 919 920 extern "C" void *__tsan_thread_start_func(void *arg) { 921 ThreadParam *p = (ThreadParam*)arg; 922 void* (*callback)(void *arg) = p->callback; 923 void *param = p->param; 924 int tid = 0; 925 { 926 ThreadState *thr = cur_thread(); 927 // Thread-local state is not initialized yet. 928 ScopedIgnoreInterceptors ignore; 929 ThreadIgnoreBegin(thr, 0); 930 if (pthread_setspecific(g_thread_finalize_key, 931 (void *)kPthreadDestructorIterations)) { 932 Printf("ThreadSanitizer: failed to set thread key\n"); 933 Die(); 934 } 935 ThreadIgnoreEnd(thr, 0); 936 while ((tid = atomic_load(&p->tid, memory_order_acquire)) == 0) 937 pthread_yield(); 938 atomic_store(&p->tid, 0, memory_order_release); 939 ThreadStart(thr, tid, GetTid()); 940 } 941 void *res = callback(param); 942 // Prevent the callback from being tail called, 943 // it mixes up stack traces. 944 volatile int foo = 42; 945 foo++; 946 return res; 947 } 948 949 TSAN_INTERCEPTOR(int, pthread_create, 950 void *th, void *attr, void *(*callback)(void*), void * param) { 951 SCOPED_INTERCEPTOR_RAW(pthread_create, th, attr, callback, param); 952 if (ctx->after_multithreaded_fork) { 953 if (flags()->die_after_fork) { 954 Report("ThreadSanitizer: starting new threads after multi-threaded " 955 "fork is not supported. Dying (set die_after_fork=0 to override)\n"); 956 Die(); 957 } else { 958 VPrintf(1, "ThreadSanitizer: starting new threads after multi-threaded " 959 "fork is not supported (pid %d). Continuing because of " 960 "die_after_fork=0, but you are on your own\n", internal_getpid()); 961 } 962 } 963 __sanitizer_pthread_attr_t myattr; 964 if (attr == 0) { 965 pthread_attr_init(&myattr); 966 attr = &myattr; 967 } 968 int detached = 0; 969 REAL(pthread_attr_getdetachstate)(attr, &detached); 970 AdjustStackSize(attr); 971 972 ThreadParam p; 973 p.callback = callback; 974 p.param = param; 975 atomic_store(&p.tid, 0, memory_order_relaxed); 976 int res = -1; 977 { 978 // Otherwise we see false positives in pthread stack manipulation. 979 ScopedIgnoreInterceptors ignore; 980 ThreadIgnoreBegin(thr, pc); 981 res = REAL(pthread_create)(th, attr, __tsan_thread_start_func, &p); 982 ThreadIgnoreEnd(thr, pc); 983 } 984 if (res == 0) { 985 int tid = ThreadCreate(thr, pc, *(uptr*)th, detached); 986 CHECK_NE(tid, 0); 987 atomic_store(&p.tid, tid, memory_order_release); 988 while (atomic_load(&p.tid, memory_order_acquire) != 0) 989 pthread_yield(); 990 } 991 if (attr == &myattr) 992 pthread_attr_destroy(&myattr); 993 return res; 994 } 995 996 TSAN_INTERCEPTOR(int, pthread_join, void *th, void **ret) { 997 SCOPED_INTERCEPTOR_RAW(pthread_join, th, ret); 998 int tid = ThreadTid(thr, pc, (uptr)th); 999 ThreadIgnoreBegin(thr, pc); 1000 int res = BLOCK_REAL(pthread_join)(th, ret); 1001 ThreadIgnoreEnd(thr, pc); 1002 if (res == 0) { 1003 ThreadJoin(thr, pc, tid); 1004 } 1005 return res; 1006 } 1007 1008 DEFINE_REAL_PTHREAD_FUNCTIONS 1009 1010 TSAN_INTERCEPTOR(int, pthread_detach, void *th) { 1011 SCOPED_TSAN_INTERCEPTOR(pthread_detach, th); 1012 int tid = ThreadTid(thr, pc, (uptr)th); 1013 int res = REAL(pthread_detach)(th); 1014 if (res == 0) { 1015 ThreadDetach(thr, pc, tid); 1016 } 1017 return res; 1018 } 1019 1020 // Problem: 1021 // NPTL implementation of pthread_cond has 2 versions (2.2.5 and 2.3.2). 1022 // pthread_cond_t has different size in the different versions. 1023 // If call new REAL functions for old pthread_cond_t, they will corrupt memory 1024 // after pthread_cond_t (old cond is smaller). 1025 // If we call old REAL functions for new pthread_cond_t, we will lose some 1026 // functionality (e.g. old functions do not support waiting against 1027 // CLOCK_REALTIME). 1028 // Proper handling would require to have 2 versions of interceptors as well. 1029 // But this is messy, in particular requires linker scripts when sanitizer 1030 // runtime is linked into a shared library. 1031 // Instead we assume we don't have dynamic libraries built against old 1032 // pthread (2.2.5 is dated by 2002). And provide legacy_pthread_cond flag 1033 // that allows to work with old libraries (but this mode does not support 1034 // some features, e.g. pthread_condattr_getpshared). 1035 static void *init_cond(void *c, bool force = false) { 1036 // sizeof(pthread_cond_t) >= sizeof(uptr) in both versions. 1037 // So we allocate additional memory on the side large enough to hold 1038 // any pthread_cond_t object. Always call new REAL functions, but pass 1039 // the aux object to them. 1040 // Note: the code assumes that PTHREAD_COND_INITIALIZER initializes 1041 // first word of pthread_cond_t to zero. 1042 // It's all relevant only for linux. 1043 if (!common_flags()->legacy_pthread_cond) 1044 return c; 1045 atomic_uintptr_t *p = (atomic_uintptr_t*)c; 1046 uptr cond = atomic_load(p, memory_order_acquire); 1047 if (!force && cond != 0) 1048 return (void*)cond; 1049 void *newcond = WRAP(malloc)(pthread_cond_t_sz); 1050 internal_memset(newcond, 0, pthread_cond_t_sz); 1051 if (atomic_compare_exchange_strong(p, &cond, (uptr)newcond, 1052 memory_order_acq_rel)) 1053 return newcond; 1054 WRAP(free)(newcond); 1055 return (void*)cond; 1056 } 1057 1058 struct CondMutexUnlockCtx { 1059 ScopedInterceptor *si; 1060 ThreadState *thr; 1061 uptr pc; 1062 void *m; 1063 }; 1064 1065 static void cond_mutex_unlock(CondMutexUnlockCtx *arg) { 1066 // pthread_cond_wait interceptor has enabled async signal delivery 1067 // (see BlockingCall below). Disable async signals since we are running 1068 // tsan code. Also ScopedInterceptor and BlockingCall destructors won't run 1069 // since the thread is cancelled, so we have to manually execute them 1070 // (the thread still can run some user code due to pthread_cleanup_push). 1071 ThreadSignalContext *ctx = SigCtx(arg->thr); 1072 CHECK_EQ(atomic_load(&ctx->in_blocking_func, memory_order_relaxed), 1); 1073 atomic_store(&ctx->in_blocking_func, 0, memory_order_relaxed); 1074 MutexLock(arg->thr, arg->pc, (uptr)arg->m); 1075 // Undo BlockingCall ctor effects. 1076 arg->thr->ignore_interceptors--; 1077 arg->si->~ScopedInterceptor(); 1078 } 1079 1080 INTERCEPTOR(int, pthread_cond_init, void *c, void *a) { 1081 void *cond = init_cond(c, true); 1082 SCOPED_TSAN_INTERCEPTOR(pthread_cond_init, cond, a); 1083 MemoryAccessRange(thr, pc, (uptr)c, sizeof(uptr), true); 1084 return REAL(pthread_cond_init)(cond, a); 1085 } 1086 1087 INTERCEPTOR(int, pthread_cond_wait, void *c, void *m) { 1088 void *cond = init_cond(c); 1089 SCOPED_TSAN_INTERCEPTOR(pthread_cond_wait, cond, m); 1090 MutexUnlock(thr, pc, (uptr)m); 1091 MemoryAccessRange(thr, pc, (uptr)c, sizeof(uptr), false); 1092 CondMutexUnlockCtx arg = {&si, thr, pc, m}; 1093 int res = 0; 1094 // This ensures that we handle mutex lock even in case of pthread_cancel. 1095 // See test/tsan/cond_cancel.cc. 1096 { 1097 // Enable signal delivery while the thread is blocked. 1098 BlockingCall bc(thr); 1099 res = call_pthread_cancel_with_cleanup( 1100 (int(*)(void *c, void *m, void *abstime))REAL(pthread_cond_wait), 1101 cond, m, 0, (void(*)(void *arg))cond_mutex_unlock, &arg); 1102 } 1103 if (res == errno_EOWNERDEAD) 1104 MutexRepair(thr, pc, (uptr)m); 1105 MutexLock(thr, pc, (uptr)m); 1106 return res; 1107 } 1108 1109 INTERCEPTOR(int, pthread_cond_timedwait, void *c, void *m, void *abstime) { 1110 void *cond = init_cond(c); 1111 SCOPED_TSAN_INTERCEPTOR(pthread_cond_timedwait, cond, m, abstime); 1112 MutexUnlock(thr, pc, (uptr)m); 1113 MemoryAccessRange(thr, pc, (uptr)c, sizeof(uptr), false); 1114 CondMutexUnlockCtx arg = {&si, thr, pc, m}; 1115 int res = 0; 1116 // This ensures that we handle mutex lock even in case of pthread_cancel. 1117 // See test/tsan/cond_cancel.cc. 1118 { 1119 BlockingCall bc(thr); 1120 res = call_pthread_cancel_with_cleanup( 1121 REAL(pthread_cond_timedwait), cond, m, abstime, 1122 (void(*)(void *arg))cond_mutex_unlock, &arg); 1123 } 1124 if (res == errno_EOWNERDEAD) 1125 MutexRepair(thr, pc, (uptr)m); 1126 MutexLock(thr, pc, (uptr)m); 1127 return res; 1128 } 1129 1130 INTERCEPTOR(int, pthread_cond_signal, void *c) { 1131 void *cond = init_cond(c); 1132 SCOPED_TSAN_INTERCEPTOR(pthread_cond_signal, cond); 1133 MemoryAccessRange(thr, pc, (uptr)c, sizeof(uptr), false); 1134 return REAL(pthread_cond_signal)(cond); 1135 } 1136 1137 INTERCEPTOR(int, pthread_cond_broadcast, void *c) { 1138 void *cond = init_cond(c); 1139 SCOPED_TSAN_INTERCEPTOR(pthread_cond_broadcast, cond); 1140 MemoryAccessRange(thr, pc, (uptr)c, sizeof(uptr), false); 1141 return REAL(pthread_cond_broadcast)(cond); 1142 } 1143 1144 INTERCEPTOR(int, pthread_cond_destroy, void *c) { 1145 void *cond = init_cond(c); 1146 SCOPED_TSAN_INTERCEPTOR(pthread_cond_destroy, cond); 1147 MemoryAccessRange(thr, pc, (uptr)c, sizeof(uptr), true); 1148 int res = REAL(pthread_cond_destroy)(cond); 1149 if (common_flags()->legacy_pthread_cond) { 1150 // Free our aux cond and zero the pointer to not leave dangling pointers. 1151 WRAP(free)(cond); 1152 atomic_store((atomic_uintptr_t*)c, 0, memory_order_relaxed); 1153 } 1154 return res; 1155 } 1156 1157 TSAN_INTERCEPTOR(int, pthread_mutex_init, void *m, void *a) { 1158 SCOPED_TSAN_INTERCEPTOR(pthread_mutex_init, m, a); 1159 int res = REAL(pthread_mutex_init)(m, a); 1160 if (res == 0) { 1161 bool recursive = false; 1162 if (a) { 1163 int type = 0; 1164 if (REAL(pthread_mutexattr_gettype)(a, &type) == 0) 1165 recursive = (type == PTHREAD_MUTEX_RECURSIVE 1166 || type == PTHREAD_MUTEX_RECURSIVE_NP); 1167 } 1168 MutexCreate(thr, pc, (uptr)m, false, recursive, false); 1169 } 1170 return res; 1171 } 1172 1173 TSAN_INTERCEPTOR(int, pthread_mutex_destroy, void *m) { 1174 SCOPED_TSAN_INTERCEPTOR(pthread_mutex_destroy, m); 1175 int res = REAL(pthread_mutex_destroy)(m); 1176 if (res == 0 || res == EBUSY) { 1177 MutexDestroy(thr, pc, (uptr)m); 1178 } 1179 return res; 1180 } 1181 1182 TSAN_INTERCEPTOR(int, pthread_mutex_trylock, void *m) { 1183 SCOPED_TSAN_INTERCEPTOR(pthread_mutex_trylock, m); 1184 int res = REAL(pthread_mutex_trylock)(m); 1185 if (res == EOWNERDEAD) 1186 MutexRepair(thr, pc, (uptr)m); 1187 if (res == 0 || res == EOWNERDEAD) 1188 MutexLock(thr, pc, (uptr)m, /*rec=*/1, /*try_lock=*/true); 1189 return res; 1190 } 1191 1192 TSAN_INTERCEPTOR(int, pthread_mutex_timedlock, void *m, void *abstime) { 1193 SCOPED_TSAN_INTERCEPTOR(pthread_mutex_timedlock, m, abstime); 1194 int res = REAL(pthread_mutex_timedlock)(m, abstime); 1195 if (res == 0) { 1196 MutexLock(thr, pc, (uptr)m); 1197 } 1198 return res; 1199 } 1200 1201 TSAN_INTERCEPTOR(int, pthread_spin_init, void *m, int pshared) { 1202 SCOPED_TSAN_INTERCEPTOR(pthread_spin_init, m, pshared); 1203 int res = REAL(pthread_spin_init)(m, pshared); 1204 if (res == 0) { 1205 MutexCreate(thr, pc, (uptr)m, false, false, false); 1206 } 1207 return res; 1208 } 1209 1210 TSAN_INTERCEPTOR(int, pthread_spin_destroy, void *m) { 1211 SCOPED_TSAN_INTERCEPTOR(pthread_spin_destroy, m); 1212 int res = REAL(pthread_spin_destroy)(m); 1213 if (res == 0) { 1214 MutexDestroy(thr, pc, (uptr)m); 1215 } 1216 return res; 1217 } 1218 1219 TSAN_INTERCEPTOR(int, pthread_spin_lock, void *m) { 1220 SCOPED_TSAN_INTERCEPTOR(pthread_spin_lock, m); 1221 int res = REAL(pthread_spin_lock)(m); 1222 if (res == 0) { 1223 MutexLock(thr, pc, (uptr)m); 1224 } 1225 return res; 1226 } 1227 1228 TSAN_INTERCEPTOR(int, pthread_spin_trylock, void *m) { 1229 SCOPED_TSAN_INTERCEPTOR(pthread_spin_trylock, m); 1230 int res = REAL(pthread_spin_trylock)(m); 1231 if (res == 0) { 1232 MutexLock(thr, pc, (uptr)m, /*rec=*/1, /*try_lock=*/true); 1233 } 1234 return res; 1235 } 1236 1237 TSAN_INTERCEPTOR(int, pthread_spin_unlock, void *m) { 1238 SCOPED_TSAN_INTERCEPTOR(pthread_spin_unlock, m); 1239 MutexUnlock(thr, pc, (uptr)m); 1240 int res = REAL(pthread_spin_unlock)(m); 1241 return res; 1242 } 1243 1244 TSAN_INTERCEPTOR(int, pthread_rwlock_init, void *m, void *a) { 1245 SCOPED_TSAN_INTERCEPTOR(pthread_rwlock_init, m, a); 1246 int res = REAL(pthread_rwlock_init)(m, a); 1247 if (res == 0) { 1248 MutexCreate(thr, pc, (uptr)m, true, false, false); 1249 } 1250 return res; 1251 } 1252 1253 TSAN_INTERCEPTOR(int, pthread_rwlock_destroy, void *m) { 1254 SCOPED_TSAN_INTERCEPTOR(pthread_rwlock_destroy, m); 1255 int res = REAL(pthread_rwlock_destroy)(m); 1256 if (res == 0) { 1257 MutexDestroy(thr, pc, (uptr)m); 1258 } 1259 return res; 1260 } 1261 1262 TSAN_INTERCEPTOR(int, pthread_rwlock_rdlock, void *m) { 1263 SCOPED_TSAN_INTERCEPTOR(pthread_rwlock_rdlock, m); 1264 int res = REAL(pthread_rwlock_rdlock)(m); 1265 if (res == 0) { 1266 MutexReadLock(thr, pc, (uptr)m); 1267 } 1268 return res; 1269 } 1270 1271 TSAN_INTERCEPTOR(int, pthread_rwlock_tryrdlock, void *m) { 1272 SCOPED_TSAN_INTERCEPTOR(pthread_rwlock_tryrdlock, m); 1273 int res = REAL(pthread_rwlock_tryrdlock)(m); 1274 if (res == 0) { 1275 MutexReadLock(thr, pc, (uptr)m, /*try_lock=*/true); 1276 } 1277 return res; 1278 } 1279 1280 TSAN_INTERCEPTOR(int, pthread_rwlock_timedrdlock, void *m, void *abstime) { 1281 SCOPED_TSAN_INTERCEPTOR(pthread_rwlock_timedrdlock, m, abstime); 1282 int res = REAL(pthread_rwlock_timedrdlock)(m, abstime); 1283 if (res == 0) { 1284 MutexReadLock(thr, pc, (uptr)m); 1285 } 1286 return res; 1287 } 1288 1289 TSAN_INTERCEPTOR(int, pthread_rwlock_wrlock, void *m) { 1290 SCOPED_TSAN_INTERCEPTOR(pthread_rwlock_wrlock, m); 1291 int res = REAL(pthread_rwlock_wrlock)(m); 1292 if (res == 0) { 1293 MutexLock(thr, pc, (uptr)m); 1294 } 1295 return res; 1296 } 1297 1298 TSAN_INTERCEPTOR(int, pthread_rwlock_trywrlock, void *m) { 1299 SCOPED_TSAN_INTERCEPTOR(pthread_rwlock_trywrlock, m); 1300 int res = REAL(pthread_rwlock_trywrlock)(m); 1301 if (res == 0) { 1302 MutexLock(thr, pc, (uptr)m, /*rec=*/1, /*try_lock=*/true); 1303 } 1304 return res; 1305 } 1306 1307 TSAN_INTERCEPTOR(int, pthread_rwlock_timedwrlock, void *m, void *abstime) { 1308 SCOPED_TSAN_INTERCEPTOR(pthread_rwlock_timedwrlock, m, abstime); 1309 int res = REAL(pthread_rwlock_timedwrlock)(m, abstime); 1310 if (res == 0) { 1311 MutexLock(thr, pc, (uptr)m); 1312 } 1313 return res; 1314 } 1315 1316 TSAN_INTERCEPTOR(int, pthread_rwlock_unlock, void *m) { 1317 SCOPED_TSAN_INTERCEPTOR(pthread_rwlock_unlock, m); 1318 MutexReadOrWriteUnlock(thr, pc, (uptr)m); 1319 int res = REAL(pthread_rwlock_unlock)(m); 1320 return res; 1321 } 1322 1323 TSAN_INTERCEPTOR(int, pthread_barrier_init, void *b, void *a, unsigned count) { 1324 SCOPED_TSAN_INTERCEPTOR(pthread_barrier_init, b, a, count); 1325 MemoryWrite(thr, pc, (uptr)b, kSizeLog1); 1326 int res = REAL(pthread_barrier_init)(b, a, count); 1327 return res; 1328 } 1329 1330 TSAN_INTERCEPTOR(int, pthread_barrier_destroy, void *b) { 1331 SCOPED_TSAN_INTERCEPTOR(pthread_barrier_destroy, b); 1332 MemoryWrite(thr, pc, (uptr)b, kSizeLog1); 1333 int res = REAL(pthread_barrier_destroy)(b); 1334 return res; 1335 } 1336 1337 TSAN_INTERCEPTOR(int, pthread_barrier_wait, void *b) { 1338 SCOPED_TSAN_INTERCEPTOR(pthread_barrier_wait, b); 1339 Release(thr, pc, (uptr)b); 1340 MemoryRead(thr, pc, (uptr)b, kSizeLog1); 1341 int res = REAL(pthread_barrier_wait)(b); 1342 MemoryRead(thr, pc, (uptr)b, kSizeLog1); 1343 if (res == 0 || res == PTHREAD_BARRIER_SERIAL_THREAD) { 1344 Acquire(thr, pc, (uptr)b); 1345 } 1346 return res; 1347 } 1348 1349 TSAN_INTERCEPTOR(int, pthread_once, void *o, void (*f)()) { 1350 SCOPED_INTERCEPTOR_RAW(pthread_once, o, f); 1351 if (o == 0 || f == 0) 1352 return EINVAL; 1353 atomic_uint32_t *a = static_cast<atomic_uint32_t*>(o); 1354 u32 v = atomic_load(a, memory_order_acquire); 1355 if (v == 0 && atomic_compare_exchange_strong(a, &v, 1, 1356 memory_order_relaxed)) { 1357 (*f)(); 1358 if (!thr->in_ignored_lib) 1359 Release(thr, pc, (uptr)o); 1360 atomic_store(a, 2, memory_order_release); 1361 } else { 1362 while (v != 2) { 1363 pthread_yield(); 1364 v = atomic_load(a, memory_order_acquire); 1365 } 1366 if (!thr->in_ignored_lib) 1367 Acquire(thr, pc, (uptr)o); 1368 } 1369 return 0; 1370 } 1371 1372 TSAN_INTERCEPTOR(int, sem_init, void *s, int pshared, unsigned value) { 1373 SCOPED_TSAN_INTERCEPTOR(sem_init, s, pshared, value); 1374 int res = REAL(sem_init)(s, pshared, value); 1375 return res; 1376 } 1377 1378 TSAN_INTERCEPTOR(int, sem_destroy, void *s) { 1379 SCOPED_TSAN_INTERCEPTOR(sem_destroy, s); 1380 int res = REAL(sem_destroy)(s); 1381 return res; 1382 } 1383 1384 TSAN_INTERCEPTOR(int, sem_wait, void *s) { 1385 SCOPED_TSAN_INTERCEPTOR(sem_wait, s); 1386 int res = BLOCK_REAL(sem_wait)(s); 1387 if (res == 0) { 1388 Acquire(thr, pc, (uptr)s); 1389 } 1390 return res; 1391 } 1392 1393 TSAN_INTERCEPTOR(int, sem_trywait, void *s) { 1394 SCOPED_TSAN_INTERCEPTOR(sem_trywait, s); 1395 int res = BLOCK_REAL(sem_trywait)(s); 1396 if (res == 0) { 1397 Acquire(thr, pc, (uptr)s); 1398 } 1399 return res; 1400 } 1401 1402 TSAN_INTERCEPTOR(int, sem_timedwait, void *s, void *abstime) { 1403 SCOPED_TSAN_INTERCEPTOR(sem_timedwait, s, abstime); 1404 int res = BLOCK_REAL(sem_timedwait)(s, abstime); 1405 if (res == 0) { 1406 Acquire(thr, pc, (uptr)s); 1407 } 1408 return res; 1409 } 1410 1411 TSAN_INTERCEPTOR(int, sem_post, void *s) { 1412 SCOPED_TSAN_INTERCEPTOR(sem_post, s); 1413 Release(thr, pc, (uptr)s); 1414 int res = REAL(sem_post)(s); 1415 return res; 1416 } 1417 1418 TSAN_INTERCEPTOR(int, sem_getvalue, void *s, int *sval) { 1419 SCOPED_TSAN_INTERCEPTOR(sem_getvalue, s, sval); 1420 int res = REAL(sem_getvalue)(s, sval); 1421 if (res == 0) { 1422 Acquire(thr, pc, (uptr)s); 1423 } 1424 return res; 1425 } 1426 1427 #if !SANITIZER_FREEBSD 1428 TSAN_INTERCEPTOR(int, __xstat, int version, const char *path, void *buf) { 1429 SCOPED_TSAN_INTERCEPTOR(__xstat, version, path, buf); 1430 READ_STRING(thr, pc, path, 0); 1431 return REAL(__xstat)(version, path, buf); 1432 } 1433 #define TSAN_MAYBE_INTERCEPT___XSTAT TSAN_INTERCEPT(__xstat) 1434 #else 1435 #define TSAN_MAYBE_INTERCEPT___XSTAT 1436 #endif 1437 1438 TSAN_INTERCEPTOR(int, stat, const char *path, void *buf) { 1439 #if SANITIZER_FREEBSD 1440 SCOPED_TSAN_INTERCEPTOR(stat, path, buf); 1441 READ_STRING(thr, pc, path, 0); 1442 return REAL(stat)(path, buf); 1443 #else 1444 SCOPED_TSAN_INTERCEPTOR(__xstat, 0, path, buf); 1445 READ_STRING(thr, pc, path, 0); 1446 return REAL(__xstat)(0, path, buf); 1447 #endif 1448 } 1449 1450 #if !SANITIZER_FREEBSD 1451 TSAN_INTERCEPTOR(int, __xstat64, int version, const char *path, void *buf) { 1452 SCOPED_TSAN_INTERCEPTOR(__xstat64, version, path, buf); 1453 READ_STRING(thr, pc, path, 0); 1454 return REAL(__xstat64)(version, path, buf); 1455 } 1456 #define TSAN_MAYBE_INTERCEPT___XSTAT64 TSAN_INTERCEPT(__xstat64) 1457 #else 1458 #define TSAN_MAYBE_INTERCEPT___XSTAT64 1459 #endif 1460 1461 #if !SANITIZER_FREEBSD 1462 TSAN_INTERCEPTOR(int, stat64, const char *path, void *buf) { 1463 SCOPED_TSAN_INTERCEPTOR(__xstat64, 0, path, buf); 1464 READ_STRING(thr, pc, path, 0); 1465 return REAL(__xstat64)(0, path, buf); 1466 } 1467 #define TSAN_MAYBE_INTERCEPT_STAT64 TSAN_INTERCEPT(stat64) 1468 #else 1469 #define TSAN_MAYBE_INTERCEPT_STAT64 1470 #endif 1471 1472 #if !SANITIZER_FREEBSD 1473 TSAN_INTERCEPTOR(int, __lxstat, int version, const char *path, void *buf) { 1474 SCOPED_TSAN_INTERCEPTOR(__lxstat, version, path, buf); 1475 READ_STRING(thr, pc, path, 0); 1476 return REAL(__lxstat)(version, path, buf); 1477 } 1478 #define TSAN_MAYBE_INTERCEPT___LXSTAT TSAN_INTERCEPT(__lxstat) 1479 #else 1480 #define TSAN_MAYBE_INTERCEPT___LXSTAT 1481 #endif 1482 1483 TSAN_INTERCEPTOR(int, lstat, const char *path, void *buf) { 1484 #if SANITIZER_FREEBSD 1485 SCOPED_TSAN_INTERCEPTOR(lstat, path, buf); 1486 READ_STRING(thr, pc, path, 0); 1487 return REAL(lstat)(path, buf); 1488 #else 1489 SCOPED_TSAN_INTERCEPTOR(__lxstat, 0, path, buf); 1490 READ_STRING(thr, pc, path, 0); 1491 return REAL(__lxstat)(0, path, buf); 1492 #endif 1493 } 1494 1495 #if !SANITIZER_FREEBSD 1496 TSAN_INTERCEPTOR(int, __lxstat64, int version, const char *path, void *buf) { 1497 SCOPED_TSAN_INTERCEPTOR(__lxstat64, version, path, buf); 1498 READ_STRING(thr, pc, path, 0); 1499 return REAL(__lxstat64)(version, path, buf); 1500 } 1501 #define TSAN_MAYBE_INTERCEPT___LXSTAT64 TSAN_INTERCEPT(__lxstat64) 1502 #else 1503 #define TSAN_MAYBE_INTERCEPT___LXSTAT64 1504 #endif 1505 1506 #if !SANITIZER_FREEBSD 1507 TSAN_INTERCEPTOR(int, lstat64, const char *path, void *buf) { 1508 SCOPED_TSAN_INTERCEPTOR(__lxstat64, 0, path, buf); 1509 READ_STRING(thr, pc, path, 0); 1510 return REAL(__lxstat64)(0, path, buf); 1511 } 1512 #define TSAN_MAYBE_INTERCEPT_LSTAT64 TSAN_INTERCEPT(lstat64) 1513 #else 1514 #define TSAN_MAYBE_INTERCEPT_LSTAT64 1515 #endif 1516 1517 #if !SANITIZER_FREEBSD 1518 TSAN_INTERCEPTOR(int, __fxstat, int version, int fd, void *buf) { 1519 SCOPED_TSAN_INTERCEPTOR(__fxstat, version, fd, buf); 1520 if (fd > 0) 1521 FdAccess(thr, pc, fd); 1522 return REAL(__fxstat)(version, fd, buf); 1523 } 1524 #define TSAN_MAYBE_INTERCEPT___FXSTAT TSAN_INTERCEPT(__fxstat) 1525 #else 1526 #define TSAN_MAYBE_INTERCEPT___FXSTAT 1527 #endif 1528 1529 TSAN_INTERCEPTOR(int, fstat, int fd, void *buf) { 1530 #if SANITIZER_FREEBSD 1531 SCOPED_TSAN_INTERCEPTOR(fstat, fd, buf); 1532 if (fd > 0) 1533 FdAccess(thr, pc, fd); 1534 return REAL(fstat)(fd, buf); 1535 #else 1536 SCOPED_TSAN_INTERCEPTOR(__fxstat, 0, fd, buf); 1537 if (fd > 0) 1538 FdAccess(thr, pc, fd); 1539 return REAL(__fxstat)(0, fd, buf); 1540 #endif 1541 } 1542 1543 #if !SANITIZER_FREEBSD 1544 TSAN_INTERCEPTOR(int, __fxstat64, int version, int fd, void *buf) { 1545 SCOPED_TSAN_INTERCEPTOR(__fxstat64, version, fd, buf); 1546 if (fd > 0) 1547 FdAccess(thr, pc, fd); 1548 return REAL(__fxstat64)(version, fd, buf); 1549 } 1550 #define TSAN_MAYBE_INTERCEPT___FXSTAT64 TSAN_INTERCEPT(__fxstat64) 1551 #else 1552 #define TSAN_MAYBE_INTERCEPT___FXSTAT64 1553 #endif 1554 1555 #if !SANITIZER_FREEBSD 1556 TSAN_INTERCEPTOR(int, fstat64, int fd, void *buf) { 1557 SCOPED_TSAN_INTERCEPTOR(__fxstat64, 0, fd, buf); 1558 if (fd > 0) 1559 FdAccess(thr, pc, fd); 1560 return REAL(__fxstat64)(0, fd, buf); 1561 } 1562 #define TSAN_MAYBE_INTERCEPT_FSTAT64 TSAN_INTERCEPT(fstat64) 1563 #else 1564 #define TSAN_MAYBE_INTERCEPT_FSTAT64 1565 #endif 1566 1567 TSAN_INTERCEPTOR(int, open, const char *name, int flags, int mode) { 1568 SCOPED_TSAN_INTERCEPTOR(open, name, flags, mode); 1569 READ_STRING(thr, pc, name, 0); 1570 int fd = REAL(open)(name, flags, mode); 1571 if (fd >= 0) 1572 FdFileCreate(thr, pc, fd); 1573 return fd; 1574 } 1575 1576 #if !SANITIZER_FREEBSD 1577 TSAN_INTERCEPTOR(int, open64, const char *name, int flags, int mode) { 1578 SCOPED_TSAN_INTERCEPTOR(open64, name, flags, mode); 1579 READ_STRING(thr, pc, name, 0); 1580 int fd = REAL(open64)(name, flags, mode); 1581 if (fd >= 0) 1582 FdFileCreate(thr, pc, fd); 1583 return fd; 1584 } 1585 #define TSAN_MAYBE_INTERCEPT_OPEN64 TSAN_INTERCEPT(open64) 1586 #else 1587 #define TSAN_MAYBE_INTERCEPT_OPEN64 1588 #endif 1589 1590 TSAN_INTERCEPTOR(int, creat, const char *name, int mode) { 1591 SCOPED_TSAN_INTERCEPTOR(creat, name, mode); 1592 READ_STRING(thr, pc, name, 0); 1593 int fd = REAL(creat)(name, mode); 1594 if (fd >= 0) 1595 FdFileCreate(thr, pc, fd); 1596 return fd; 1597 } 1598 1599 #if !SANITIZER_FREEBSD 1600 TSAN_INTERCEPTOR(int, creat64, const char *name, int mode) { 1601 SCOPED_TSAN_INTERCEPTOR(creat64, name, mode); 1602 READ_STRING(thr, pc, name, 0); 1603 int fd = REAL(creat64)(name, mode); 1604 if (fd >= 0) 1605 FdFileCreate(thr, pc, fd); 1606 return fd; 1607 } 1608 #define TSAN_MAYBE_INTERCEPT_CREAT64 TSAN_INTERCEPT(creat64) 1609 #else 1610 #define TSAN_MAYBE_INTERCEPT_CREAT64 1611 #endif 1612 1613 TSAN_INTERCEPTOR(int, dup, int oldfd) { 1614 SCOPED_TSAN_INTERCEPTOR(dup, oldfd); 1615 int newfd = REAL(dup)(oldfd); 1616 if (oldfd >= 0 && newfd >= 0 && newfd != oldfd) 1617 FdDup(thr, pc, oldfd, newfd); 1618 return newfd; 1619 } 1620 1621 TSAN_INTERCEPTOR(int, dup2, int oldfd, int newfd) { 1622 SCOPED_TSAN_INTERCEPTOR(dup2, oldfd, newfd); 1623 int newfd2 = REAL(dup2)(oldfd, newfd); 1624 if (oldfd >= 0 && newfd2 >= 0 && newfd2 != oldfd) 1625 FdDup(thr, pc, oldfd, newfd2); 1626 return newfd2; 1627 } 1628 1629 TSAN_INTERCEPTOR(int, dup3, int oldfd, int newfd, int flags) { 1630 SCOPED_TSAN_INTERCEPTOR(dup3, oldfd, newfd, flags); 1631 int newfd2 = REAL(dup3)(oldfd, newfd, flags); 1632 if (oldfd >= 0 && newfd2 >= 0 && newfd2 != oldfd) 1633 FdDup(thr, pc, oldfd, newfd2); 1634 return newfd2; 1635 } 1636 1637 #if !SANITIZER_FREEBSD 1638 TSAN_INTERCEPTOR(int, eventfd, unsigned initval, int flags) { 1639 SCOPED_TSAN_INTERCEPTOR(eventfd, initval, flags); 1640 int fd = REAL(eventfd)(initval, flags); 1641 if (fd >= 0) 1642 FdEventCreate(thr, pc, fd); 1643 return fd; 1644 } 1645 #define TSAN_MAYBE_INTERCEPT_EVENTFD TSAN_INTERCEPT(eventfd) 1646 #else 1647 #define TSAN_MAYBE_INTERCEPT_EVENTFD 1648 #endif 1649 1650 #if !SANITIZER_FREEBSD 1651 TSAN_INTERCEPTOR(int, signalfd, int fd, void *mask, int flags) { 1652 SCOPED_TSAN_INTERCEPTOR(signalfd, fd, mask, flags); 1653 if (fd >= 0) 1654 FdClose(thr, pc, fd); 1655 fd = REAL(signalfd)(fd, mask, flags); 1656 if (fd >= 0) 1657 FdSignalCreate(thr, pc, fd); 1658 return fd; 1659 } 1660 #define TSAN_MAYBE_INTERCEPT_SIGNALFD TSAN_INTERCEPT(signalfd) 1661 #else 1662 #define TSAN_MAYBE_INTERCEPT_SIGNALFD 1663 #endif 1664 1665 #if !SANITIZER_FREEBSD 1666 TSAN_INTERCEPTOR(int, inotify_init, int fake) { 1667 SCOPED_TSAN_INTERCEPTOR(inotify_init, fake); 1668 int fd = REAL(inotify_init)(fake); 1669 if (fd >= 0) 1670 FdInotifyCreate(thr, pc, fd); 1671 return fd; 1672 } 1673 #define TSAN_MAYBE_INTERCEPT_INOTIFY_INIT TSAN_INTERCEPT(inotify_init) 1674 #else 1675 #define TSAN_MAYBE_INTERCEPT_INOTIFY_INIT 1676 #endif 1677 1678 #if !SANITIZER_FREEBSD 1679 TSAN_INTERCEPTOR(int, inotify_init1, int flags) { 1680 SCOPED_TSAN_INTERCEPTOR(inotify_init1, flags); 1681 int fd = REAL(inotify_init1)(flags); 1682 if (fd >= 0) 1683 FdInotifyCreate(thr, pc, fd); 1684 return fd; 1685 } 1686 #define TSAN_MAYBE_INTERCEPT_INOTIFY_INIT1 TSAN_INTERCEPT(inotify_init1) 1687 #else 1688 #define TSAN_MAYBE_INTERCEPT_INOTIFY_INIT1 1689 #endif 1690 1691 TSAN_INTERCEPTOR(int, socket, int domain, int type, int protocol) { 1692 SCOPED_TSAN_INTERCEPTOR(socket, domain, type, protocol); 1693 int fd = REAL(socket)(domain, type, protocol); 1694 if (fd >= 0) 1695 FdSocketCreate(thr, pc, fd); 1696 return fd; 1697 } 1698 1699 TSAN_INTERCEPTOR(int, socketpair, int domain, int type, int protocol, int *fd) { 1700 SCOPED_TSAN_INTERCEPTOR(socketpair, domain, type, protocol, fd); 1701 int res = REAL(socketpair)(domain, type, protocol, fd); 1702 if (res == 0 && fd[0] >= 0 && fd[1] >= 0) 1703 FdPipeCreate(thr, pc, fd[0], fd[1]); 1704 return res; 1705 } 1706 1707 TSAN_INTERCEPTOR(int, connect, int fd, void *addr, unsigned addrlen) { 1708 SCOPED_TSAN_INTERCEPTOR(connect, fd, addr, addrlen); 1709 FdSocketConnecting(thr, pc, fd); 1710 int res = REAL(connect)(fd, addr, addrlen); 1711 if (res == 0 && fd >= 0) 1712 FdSocketConnect(thr, pc, fd); 1713 return res; 1714 } 1715 1716 TSAN_INTERCEPTOR(int, bind, int fd, void *addr, unsigned addrlen) { 1717 SCOPED_TSAN_INTERCEPTOR(bind, fd, addr, addrlen); 1718 int res = REAL(bind)(fd, addr, addrlen); 1719 if (fd > 0 && res == 0) 1720 FdAccess(thr, pc, fd); 1721 return res; 1722 } 1723 1724 TSAN_INTERCEPTOR(int, listen, int fd, int backlog) { 1725 SCOPED_TSAN_INTERCEPTOR(listen, fd, backlog); 1726 int res = REAL(listen)(fd, backlog); 1727 if (fd > 0 && res == 0) 1728 FdAccess(thr, pc, fd); 1729 return res; 1730 } 1731 1732 #if !SANITIZER_FREEBSD 1733 TSAN_INTERCEPTOR(int, epoll_create, int size) { 1734 SCOPED_TSAN_INTERCEPTOR(epoll_create, size); 1735 int fd = REAL(epoll_create)(size); 1736 if (fd >= 0) 1737 FdPollCreate(thr, pc, fd); 1738 return fd; 1739 } 1740 #define TSAN_MAYBE_INTERCEPT_EPOLL_CREATE TSAN_INTERCEPT(epoll_create) 1741 #else 1742 #define TSAN_MAYBE_INTERCEPT_EPOLL_CREATE 1743 #endif 1744 1745 #if !SANITIZER_FREEBSD 1746 TSAN_INTERCEPTOR(int, epoll_create1, int flags) { 1747 SCOPED_TSAN_INTERCEPTOR(epoll_create1, flags); 1748 int fd = REAL(epoll_create1)(flags); 1749 if (fd >= 0) 1750 FdPollCreate(thr, pc, fd); 1751 return fd; 1752 } 1753 #define TSAN_MAYBE_INTERCEPT_EPOLL_CREATE1 TSAN_INTERCEPT(epoll_create1) 1754 #else 1755 #define TSAN_MAYBE_INTERCEPT_EPOLL_CREATE1 1756 #endif 1757 1758 TSAN_INTERCEPTOR(int, close, int fd) { 1759 SCOPED_TSAN_INTERCEPTOR(close, fd); 1760 if (fd >= 0) 1761 FdClose(thr, pc, fd); 1762 return REAL(close)(fd); 1763 } 1764 1765 #if !SANITIZER_FREEBSD 1766 TSAN_INTERCEPTOR(int, __close, int fd) { 1767 SCOPED_TSAN_INTERCEPTOR(__close, fd); 1768 if (fd >= 0) 1769 FdClose(thr, pc, fd); 1770 return REAL(__close)(fd); 1771 } 1772 #define TSAN_MAYBE_INTERCEPT___CLOSE TSAN_INTERCEPT(__close) 1773 #else 1774 #define TSAN_MAYBE_INTERCEPT___CLOSE 1775 #endif 1776 1777 // glibc guts 1778 #if !SANITIZER_FREEBSD 1779 TSAN_INTERCEPTOR(void, __res_iclose, void *state, bool free_addr) { 1780 SCOPED_TSAN_INTERCEPTOR(__res_iclose, state, free_addr); 1781 int fds[64]; 1782 int cnt = ExtractResolvFDs(state, fds, ARRAY_SIZE(fds)); 1783 for (int i = 0; i < cnt; i++) { 1784 if (fds[i] > 0) 1785 FdClose(thr, pc, fds[i]); 1786 } 1787 REAL(__res_iclose)(state, free_addr); 1788 } 1789 #define TSAN_MAYBE_INTERCEPT___RES_ICLOSE TSAN_INTERCEPT(__res_iclose) 1790 #else 1791 #define TSAN_MAYBE_INTERCEPT___RES_ICLOSE 1792 #endif 1793 1794 TSAN_INTERCEPTOR(int, pipe, int *pipefd) { 1795 SCOPED_TSAN_INTERCEPTOR(pipe, pipefd); 1796 int res = REAL(pipe)(pipefd); 1797 if (res == 0 && pipefd[0] >= 0 && pipefd[1] >= 0) 1798 FdPipeCreate(thr, pc, pipefd[0], pipefd[1]); 1799 return res; 1800 } 1801 1802 TSAN_INTERCEPTOR(int, pipe2, int *pipefd, int flags) { 1803 SCOPED_TSAN_INTERCEPTOR(pipe2, pipefd, flags); 1804 int res = REAL(pipe2)(pipefd, flags); 1805 if (res == 0 && pipefd[0] >= 0 && pipefd[1] >= 0) 1806 FdPipeCreate(thr, pc, pipefd[0], pipefd[1]); 1807 return res; 1808 } 1809 1810 TSAN_INTERCEPTOR(long_t, send, int fd, void *buf, long_t len, int flags) { 1811 SCOPED_TSAN_INTERCEPTOR(send, fd, buf, len, flags); 1812 if (fd >= 0) { 1813 FdAccess(thr, pc, fd); 1814 FdRelease(thr, pc, fd); 1815 } 1816 int res = REAL(send)(fd, buf, len, flags); 1817 return res; 1818 } 1819 1820 TSAN_INTERCEPTOR(long_t, sendmsg, int fd, void *msg, int flags) { 1821 SCOPED_TSAN_INTERCEPTOR(sendmsg, fd, msg, flags); 1822 if (fd >= 0) { 1823 FdAccess(thr, pc, fd); 1824 FdRelease(thr, pc, fd); 1825 } 1826 int res = REAL(sendmsg)(fd, msg, flags); 1827 return res; 1828 } 1829 1830 TSAN_INTERCEPTOR(long_t, recv, int fd, void *buf, long_t len, int flags) { 1831 SCOPED_TSAN_INTERCEPTOR(recv, fd, buf, len, flags); 1832 if (fd >= 0) 1833 FdAccess(thr, pc, fd); 1834 int res = REAL(recv)(fd, buf, len, flags); 1835 if (res >= 0 && fd >= 0) { 1836 FdAcquire(thr, pc, fd); 1837 } 1838 return res; 1839 } 1840 1841 TSAN_INTERCEPTOR(int, unlink, char *path) { 1842 SCOPED_TSAN_INTERCEPTOR(unlink, path); 1843 Release(thr, pc, File2addr(path)); 1844 int res = REAL(unlink)(path); 1845 return res; 1846 } 1847 1848 TSAN_INTERCEPTOR(void*, tmpfile, int fake) { 1849 SCOPED_TSAN_INTERCEPTOR(tmpfile, fake); 1850 void *res = REAL(tmpfile)(fake); 1851 if (res) { 1852 int fd = fileno_unlocked(res); 1853 if (fd >= 0) 1854 FdFileCreate(thr, pc, fd); 1855 } 1856 return res; 1857 } 1858 1859 #if !SANITIZER_FREEBSD 1860 TSAN_INTERCEPTOR(void*, tmpfile64, int fake) { 1861 SCOPED_TSAN_INTERCEPTOR(tmpfile64, fake); 1862 void *res = REAL(tmpfile64)(fake); 1863 if (res) { 1864 int fd = fileno_unlocked(res); 1865 if (fd >= 0) 1866 FdFileCreate(thr, pc, fd); 1867 } 1868 return res; 1869 } 1870 #define TSAN_MAYBE_INTERCEPT_TMPFILE64 TSAN_INTERCEPT(tmpfile64) 1871 #else 1872 #define TSAN_MAYBE_INTERCEPT_TMPFILE64 1873 #endif 1874 1875 TSAN_INTERCEPTOR(uptr, fread, void *ptr, uptr size, uptr nmemb, void *f) { 1876 // libc file streams can call user-supplied functions, see fopencookie. 1877 { 1878 SCOPED_TSAN_INTERCEPTOR(fread, ptr, size, nmemb, f); 1879 MemoryAccessRange(thr, pc, (uptr)ptr, size * nmemb, true); 1880 } 1881 return REAL(fread)(ptr, size, nmemb, f); 1882 } 1883 1884 TSAN_INTERCEPTOR(uptr, fwrite, const void *p, uptr size, uptr nmemb, void *f) { 1885 // libc file streams can call user-supplied functions, see fopencookie. 1886 { 1887 SCOPED_TSAN_INTERCEPTOR(fwrite, p, size, nmemb, f); 1888 MemoryAccessRange(thr, pc, (uptr)p, size * nmemb, false); 1889 } 1890 return REAL(fwrite)(p, size, nmemb, f); 1891 } 1892 1893 static void FlushStreams() { 1894 // Flushing all the streams here may freeze the process if a child thread is 1895 // performing file stream operations at the same time. 1896 REAL(fflush)(stdout); 1897 REAL(fflush)(stderr); 1898 } 1899 1900 TSAN_INTERCEPTOR(void, abort, int fake) { 1901 SCOPED_TSAN_INTERCEPTOR(abort, fake); 1902 FlushStreams(); 1903 REAL(abort)(fake); 1904 } 1905 1906 TSAN_INTERCEPTOR(int, puts, const char *s) { 1907 SCOPED_TSAN_INTERCEPTOR(puts, s); 1908 MemoryAccessRange(thr, pc, (uptr)s, internal_strlen(s), false); 1909 return REAL(puts)(s); 1910 } 1911 1912 TSAN_INTERCEPTOR(int, rmdir, char *path) { 1913 SCOPED_TSAN_INTERCEPTOR(rmdir, path); 1914 Release(thr, pc, Dir2addr(path)); 1915 int res = REAL(rmdir)(path); 1916 return res; 1917 } 1918 1919 TSAN_INTERCEPTOR(int, closedir, void *dirp) { 1920 SCOPED_TSAN_INTERCEPTOR(closedir, dirp); 1921 int fd = dirfd(dirp); 1922 FdClose(thr, pc, fd); 1923 return REAL(closedir)(dirp); 1924 } 1925 1926 #if !SANITIZER_FREEBSD 1927 TSAN_INTERCEPTOR(int, epoll_ctl, int epfd, int op, int fd, void *ev) { 1928 SCOPED_TSAN_INTERCEPTOR(epoll_ctl, epfd, op, fd, ev); 1929 if (epfd >= 0) 1930 FdAccess(thr, pc, epfd); 1931 if (epfd >= 0 && fd >= 0) 1932 FdAccess(thr, pc, fd); 1933 if (op == EPOLL_CTL_ADD && epfd >= 0) 1934 FdRelease(thr, pc, epfd); 1935 int res = REAL(epoll_ctl)(epfd, op, fd, ev); 1936 return res; 1937 } 1938 #define TSAN_MAYBE_INTERCEPT_EPOLL_CTL TSAN_INTERCEPT(epoll_ctl) 1939 #else 1940 #define TSAN_MAYBE_INTERCEPT_EPOLL_CTL 1941 #endif 1942 1943 #if !SANITIZER_FREEBSD 1944 TSAN_INTERCEPTOR(int, epoll_wait, int epfd, void *ev, int cnt, int timeout) { 1945 SCOPED_TSAN_INTERCEPTOR(epoll_wait, epfd, ev, cnt, timeout); 1946 if (epfd >= 0) 1947 FdAccess(thr, pc, epfd); 1948 int res = BLOCK_REAL(epoll_wait)(epfd, ev, cnt, timeout); 1949 if (res > 0 && epfd >= 0) 1950 FdAcquire(thr, pc, epfd); 1951 return res; 1952 } 1953 #define TSAN_MAYBE_INTERCEPT_EPOLL_WAIT TSAN_INTERCEPT(epoll_wait) 1954 #else 1955 #define TSAN_MAYBE_INTERCEPT_EPOLL_WAIT 1956 #endif 1957 1958 namespace __tsan { 1959 1960 static void CallUserSignalHandler(ThreadState *thr, bool sync, bool acquire, 1961 bool sigact, int sig, my_siginfo_t *info, void *uctx) { 1962 if (acquire) 1963 Acquire(thr, 0, (uptr)&sigactions[sig]); 1964 // Ensure that the handler does not spoil errno. 1965 const int saved_errno = errno; 1966 errno = 99; 1967 // This code races with sigaction. Be careful to not read sa_sigaction twice. 1968 // Also need to remember pc for reporting before the call, 1969 // because the handler can reset it. 1970 volatile uptr pc = sigact ? 1971 (uptr)sigactions[sig].sa_sigaction : 1972 (uptr)sigactions[sig].sa_handler; 1973 if (pc != (uptr)SIG_DFL && pc != (uptr)SIG_IGN) { 1974 if (sigact) 1975 ((sigactionhandler_t)pc)(sig, info, uctx); 1976 else 1977 ((sighandler_t)pc)(sig); 1978 } 1979 // We do not detect errno spoiling for SIGTERM, 1980 // because some SIGTERM handlers do spoil errno but reraise SIGTERM, 1981 // tsan reports false positive in such case. 1982 // It's difficult to properly detect this situation (reraise), 1983 // because in async signal processing case (when handler is called directly 1984 // from rtl_generic_sighandler) we have not yet received the reraised 1985 // signal; and it looks too fragile to intercept all ways to reraise a signal. 1986 if (flags()->report_bugs && !sync && sig != SIGTERM && errno != 99) { 1987 VarSizeStackTrace stack; 1988 // StackTrace::GetNestInstructionPc(pc) is used because return address is 1989 // expected, OutputReport() will undo this. 1990 ObtainCurrentStack(thr, StackTrace::GetNextInstructionPc(pc), &stack); 1991 ThreadRegistryLock l(ctx->thread_registry); 1992 ScopedReport rep(ReportTypeErrnoInSignal); 1993 if (!IsFiredSuppression(ctx, rep, stack)) { 1994 rep.AddStack(stack, true); 1995 OutputReport(thr, rep); 1996 } 1997 } 1998 errno = saved_errno; 1999 } 2000 2001 void ProcessPendingSignals(ThreadState *thr) { 2002 ThreadSignalContext *sctx = SigCtx(thr); 2003 if (sctx == 0 || 2004 atomic_load(&sctx->have_pending_signals, memory_order_relaxed) == 0) 2005 return; 2006 atomic_store(&sctx->have_pending_signals, 0, memory_order_relaxed); 2007 atomic_fetch_add(&thr->in_signal_handler, 1, memory_order_relaxed); 2008 // These are too big for stack. 2009 static THREADLOCAL __sanitizer_sigset_t emptyset, oldset; 2010 CHECK_EQ(0, REAL(sigfillset)(&emptyset)); 2011 CHECK_EQ(0, pthread_sigmask(SIG_SETMASK, &emptyset, &oldset)); 2012 for (int sig = 0; sig < kSigCount; sig++) { 2013 SignalDesc *signal = &sctx->pending_signals[sig]; 2014 if (signal->armed) { 2015 signal->armed = false; 2016 CallUserSignalHandler(thr, false, true, signal->sigaction, sig, 2017 &signal->siginfo, &signal->ctx); 2018 } 2019 } 2020 CHECK_EQ(0, pthread_sigmask(SIG_SETMASK, &oldset, 0)); 2021 atomic_fetch_add(&thr->in_signal_handler, -1, memory_order_relaxed); 2022 } 2023 2024 } // namespace __tsan 2025 2026 static bool is_sync_signal(ThreadSignalContext *sctx, int sig) { 2027 return sig == SIGSEGV || sig == SIGBUS || sig == SIGILL || 2028 sig == SIGABRT || sig == SIGFPE || sig == SIGPIPE || sig == SIGSYS || 2029 // If we are sending signal to ourselves, we must process it now. 2030 (sctx && sig == sctx->int_signal_send); 2031 } 2032 2033 void ALWAYS_INLINE rtl_generic_sighandler(bool sigact, int sig, 2034 my_siginfo_t *info, void *ctx) { 2035 ThreadState *thr = cur_thread(); 2036 ThreadSignalContext *sctx = SigCtx(thr); 2037 if (sig < 0 || sig >= kSigCount) { 2038 VPrintf(1, "ThreadSanitizer: ignoring signal %d\n", sig); 2039 return; 2040 } 2041 // Don't mess with synchronous signals. 2042 const bool sync = is_sync_signal(sctx, sig); 2043 if (sync || 2044 // If we are in blocking function, we can safely process it now 2045 // (but check if we are in a recursive interceptor, 2046 // i.e. pthread_join()->munmap()). 2047 (sctx && atomic_load(&sctx->in_blocking_func, memory_order_relaxed))) { 2048 atomic_fetch_add(&thr->in_signal_handler, 1, memory_order_relaxed); 2049 if (sctx && atomic_load(&sctx->in_blocking_func, memory_order_relaxed)) { 2050 // We ignore interceptors in blocking functions, 2051 // temporary enbled them again while we are calling user function. 2052 int const i = thr->ignore_interceptors; 2053 thr->ignore_interceptors = 0; 2054 atomic_store(&sctx->in_blocking_func, 0, memory_order_relaxed); 2055 CallUserSignalHandler(thr, sync, true, sigact, sig, info, ctx); 2056 thr->ignore_interceptors = i; 2057 atomic_store(&sctx->in_blocking_func, 1, memory_order_relaxed); 2058 } else { 2059 // Be very conservative with when we do acquire in this case. 2060 // It's unsafe to do acquire in async handlers, because ThreadState 2061 // can be in inconsistent state. 2062 // SIGSYS looks relatively safe -- it's synchronous and can actually 2063 // need some global state. 2064 bool acq = (sig == SIGSYS); 2065 CallUserSignalHandler(thr, sync, acq, sigact, sig, info, ctx); 2066 } 2067 atomic_fetch_add(&thr->in_signal_handler, -1, memory_order_relaxed); 2068 return; 2069 } 2070 2071 if (sctx == 0) 2072 return; 2073 SignalDesc *signal = &sctx->pending_signals[sig]; 2074 if (signal->armed == false) { 2075 signal->armed = true; 2076 signal->sigaction = sigact; 2077 if (info) 2078 internal_memcpy(&signal->siginfo, info, sizeof(*info)); 2079 if (ctx) 2080 internal_memcpy(&signal->ctx, ctx, sizeof(signal->ctx)); 2081 atomic_store(&sctx->have_pending_signals, 1, memory_order_relaxed); 2082 } 2083 } 2084 2085 static void rtl_sighandler(int sig) { 2086 rtl_generic_sighandler(false, sig, 0, 0); 2087 } 2088 2089 static void rtl_sigaction(int sig, my_siginfo_t *info, void *ctx) { 2090 rtl_generic_sighandler(true, sig, info, ctx); 2091 } 2092 2093 TSAN_INTERCEPTOR(int, sigaction, int sig, sigaction_t *act, sigaction_t *old) { 2094 SCOPED_TSAN_INTERCEPTOR(sigaction, sig, act, old); 2095 if (old) 2096 internal_memcpy(old, &sigactions[sig], sizeof(*old)); 2097 if (act == 0) 2098 return 0; 2099 // Copy act into sigactions[sig]. 2100 // Can't use struct copy, because compiler can emit call to memcpy. 2101 // Can't use internal_memcpy, because it copies byte-by-byte, 2102 // and signal handler reads the sa_handler concurrently. It it can read 2103 // some bytes from old value and some bytes from new value. 2104 // Use volatile to prevent insertion of memcpy. 2105 sigactions[sig].sa_handler = *(volatile sighandler_t*)&act->sa_handler; 2106 sigactions[sig].sa_flags = *(volatile int*)&act->sa_flags; 2107 internal_memcpy(&sigactions[sig].sa_mask, &act->sa_mask, 2108 sizeof(sigactions[sig].sa_mask)); 2109 #if !SANITIZER_FREEBSD 2110 sigactions[sig].sa_restorer = act->sa_restorer; 2111 #endif 2112 sigaction_t newact; 2113 internal_memcpy(&newact, act, sizeof(newact)); 2114 REAL(sigfillset)(&newact.sa_mask); 2115 if (act->sa_handler != SIG_IGN && act->sa_handler != SIG_DFL) { 2116 if (newact.sa_flags & SA_SIGINFO) 2117 newact.sa_sigaction = rtl_sigaction; 2118 else 2119 newact.sa_handler = rtl_sighandler; 2120 } 2121 ReleaseStore(thr, pc, (uptr)&sigactions[sig]); 2122 int res = REAL(sigaction)(sig, &newact, 0); 2123 return res; 2124 } 2125 2126 TSAN_INTERCEPTOR(sighandler_t, signal, int sig, sighandler_t h) { 2127 sigaction_t act; 2128 act.sa_handler = h; 2129 REAL(memset)(&act.sa_mask, -1, sizeof(act.sa_mask)); 2130 act.sa_flags = 0; 2131 sigaction_t old; 2132 int res = sigaction(sig, &act, &old); 2133 if (res) 2134 return SIG_ERR; 2135 return old.sa_handler; 2136 } 2137 2138 TSAN_INTERCEPTOR(int, sigsuspend, const __sanitizer_sigset_t *mask) { 2139 SCOPED_TSAN_INTERCEPTOR(sigsuspend, mask); 2140 return REAL(sigsuspend)(mask); 2141 } 2142 2143 TSAN_INTERCEPTOR(int, raise, int sig) { 2144 SCOPED_TSAN_INTERCEPTOR(raise, sig); 2145 ThreadSignalContext *sctx = SigCtx(thr); 2146 CHECK_NE(sctx, 0); 2147 int prev = sctx->int_signal_send; 2148 sctx->int_signal_send = sig; 2149 int res = REAL(raise)(sig); 2150 CHECK_EQ(sctx->int_signal_send, sig); 2151 sctx->int_signal_send = prev; 2152 return res; 2153 } 2154 2155 TSAN_INTERCEPTOR(int, kill, int pid, int sig) { 2156 SCOPED_TSAN_INTERCEPTOR(kill, pid, sig); 2157 ThreadSignalContext *sctx = SigCtx(thr); 2158 CHECK_NE(sctx, 0); 2159 int prev = sctx->int_signal_send; 2160 if (pid == (int)internal_getpid()) { 2161 sctx->int_signal_send = sig; 2162 } 2163 int res = REAL(kill)(pid, sig); 2164 if (pid == (int)internal_getpid()) { 2165 CHECK_EQ(sctx->int_signal_send, sig); 2166 sctx->int_signal_send = prev; 2167 } 2168 return res; 2169 } 2170 2171 TSAN_INTERCEPTOR(int, pthread_kill, void *tid, int sig) { 2172 SCOPED_TSAN_INTERCEPTOR(pthread_kill, tid, sig); 2173 ThreadSignalContext *sctx = SigCtx(thr); 2174 CHECK_NE(sctx, 0); 2175 int prev = sctx->int_signal_send; 2176 if (tid == pthread_self()) { 2177 sctx->int_signal_send = sig; 2178 } 2179 int res = REAL(pthread_kill)(tid, sig); 2180 if (tid == pthread_self()) { 2181 CHECK_EQ(sctx->int_signal_send, sig); 2182 sctx->int_signal_send = prev; 2183 } 2184 return res; 2185 } 2186 2187 TSAN_INTERCEPTOR(int, gettimeofday, void *tv, void *tz) { 2188 SCOPED_TSAN_INTERCEPTOR(gettimeofday, tv, tz); 2189 // It's intercepted merely to process pending signals. 2190 return REAL(gettimeofday)(tv, tz); 2191 } 2192 2193 TSAN_INTERCEPTOR(int, getaddrinfo, void *node, void *service, 2194 void *hints, void *rv) { 2195 SCOPED_TSAN_INTERCEPTOR(getaddrinfo, node, service, hints, rv); 2196 // We miss atomic synchronization in getaddrinfo, 2197 // and can report false race between malloc and free 2198 // inside of getaddrinfo. So ignore memory accesses. 2199 ThreadIgnoreBegin(thr, pc); 2200 int res = REAL(getaddrinfo)(node, service, hints, rv); 2201 ThreadIgnoreEnd(thr, pc); 2202 return res; 2203 } 2204 2205 TSAN_INTERCEPTOR(int, fork, int fake) { 2206 if (cur_thread()->in_symbolizer) 2207 return REAL(fork)(fake); 2208 SCOPED_INTERCEPTOR_RAW(fork, fake); 2209 ForkBefore(thr, pc); 2210 int pid = REAL(fork)(fake); 2211 if (pid == 0) { 2212 // child 2213 ForkChildAfter(thr, pc); 2214 FdOnFork(thr, pc); 2215 } else if (pid > 0) { 2216 // parent 2217 ForkParentAfter(thr, pc); 2218 } else { 2219 // error 2220 ForkParentAfter(thr, pc); 2221 } 2222 return pid; 2223 } 2224 2225 TSAN_INTERCEPTOR(int, vfork, int fake) { 2226 // Some programs (e.g. openjdk) call close for all file descriptors 2227 // in the child process. Under tsan it leads to false positives, because 2228 // address space is shared, so the parent process also thinks that 2229 // the descriptors are closed (while they are actually not). 2230 // This leads to false positives due to missed synchronization. 2231 // Strictly saying this is undefined behavior, because vfork child is not 2232 // allowed to call any functions other than exec/exit. But this is what 2233 // openjdk does, so we want to handle it. 2234 // We could disable interceptors in the child process. But it's not possible 2235 // to simply intercept and wrap vfork, because vfork child is not allowed 2236 // to return from the function that calls vfork, and that's exactly what 2237 // we would do. So this would require some assembly trickery as well. 2238 // Instead we simply turn vfork into fork. 2239 return WRAP(fork)(fake); 2240 } 2241 2242 static int OnExit(ThreadState *thr) { 2243 int status = Finalize(thr); 2244 FlushStreams(); 2245 return status; 2246 } 2247 2248 struct TsanInterceptorContext { 2249 ThreadState *thr; 2250 const uptr caller_pc; 2251 const uptr pc; 2252 }; 2253 2254 static void HandleRecvmsg(ThreadState *thr, uptr pc, 2255 __sanitizer_msghdr *msg) { 2256 int fds[64]; 2257 int cnt = ExtractRecvmsgFDs(msg, fds, ARRAY_SIZE(fds)); 2258 for (int i = 0; i < cnt; i++) 2259 FdEventCreate(thr, pc, fds[i]); 2260 } 2261 2262 #include "sanitizer_common/sanitizer_platform_interceptors.h" 2263 // Causes interceptor recursion (getaddrinfo() and fopen()) 2264 #undef SANITIZER_INTERCEPT_GETADDRINFO 2265 // There interceptors do not seem to be strictly necessary for tsan. 2266 // But we see cases where the interceptors consume 70% of execution time. 2267 // Memory blocks passed to fgetgrent_r are "written to" by tsan several times. 2268 // First, there is some recursion (getgrnam_r calls fgetgrent_r), and each 2269 // function "writes to" the buffer. Then, the same memory is "written to" 2270 // twice, first as buf and then as pwbufp (both of them refer to the same 2271 // addresses). 2272 #undef SANITIZER_INTERCEPT_GETPWENT 2273 #undef SANITIZER_INTERCEPT_GETPWENT_R 2274 #undef SANITIZER_INTERCEPT_FGETPWENT 2275 #undef SANITIZER_INTERCEPT_GETPWNAM_AND_FRIENDS 2276 #undef SANITIZER_INTERCEPT_GETPWNAM_R_AND_FRIENDS 2277 // __tls_get_addr can be called with mis-aligned stack due to: 2278 // https://gcc.gnu.org/bugzilla/show_bug.cgi?id=58066 2279 // There are two potential issues: 2280 // 1. Sanitizer code contains a MOVDQA spill (it does not seem to be the case 2281 // right now). or 2. ProcessPendingSignal calls user handler which contains 2282 // MOVDQA spill (this happens right now). 2283 // Since the interceptor only initializes memory for msan, the simplest solution 2284 // is to disable the interceptor in tsan (other sanitizers do not call 2285 // signal handlers from COMMON_INTERCEPTOR_ENTER). 2286 #undef SANITIZER_INTERCEPT_TLS_GET_ADDR 2287 2288 #define COMMON_INTERCEPT_FUNCTION(name) INTERCEPT_FUNCTION(name) 2289 2290 #define COMMON_INTERCEPTOR_WRITE_RANGE(ctx, ptr, size) \ 2291 MemoryAccessRange(((TsanInterceptorContext *)ctx)->thr, \ 2292 ((TsanInterceptorContext *)ctx)->pc, (uptr)ptr, size, \ 2293 true) 2294 2295 #define COMMON_INTERCEPTOR_READ_RANGE(ctx, ptr, size) \ 2296 MemoryAccessRange(((TsanInterceptorContext *) ctx)->thr, \ 2297 ((TsanInterceptorContext *) ctx)->pc, (uptr) ptr, size, \ 2298 false) 2299 2300 #define COMMON_INTERCEPTOR_ENTER(ctx, func, ...) \ 2301 SCOPED_TSAN_INTERCEPTOR(func, __VA_ARGS__); \ 2302 TsanInterceptorContext _ctx = {thr, caller_pc, pc}; \ 2303 ctx = (void *)&_ctx; \ 2304 (void) ctx; 2305 2306 #define COMMON_INTERCEPTOR_ENTER_NOIGNORE(ctx, func, ...) \ 2307 SCOPED_INTERCEPTOR_RAW(func, __VA_ARGS__); \ 2308 TsanInterceptorContext _ctx = {thr, caller_pc, pc}; \ 2309 ctx = (void *)&_ctx; \ 2310 (void) ctx; 2311 2312 #define COMMON_INTERCEPTOR_FILE_OPEN(ctx, file, path) \ 2313 Acquire(thr, pc, File2addr(path)); \ 2314 if (file) { \ 2315 int fd = fileno_unlocked(file); \ 2316 if (fd >= 0) FdFileCreate(thr, pc, fd); \ 2317 } 2318 2319 #define COMMON_INTERCEPTOR_FILE_CLOSE(ctx, file) \ 2320 if (file) { \ 2321 int fd = fileno_unlocked(file); \ 2322 if (fd >= 0) FdClose(thr, pc, fd); \ 2323 } 2324 2325 #define COMMON_INTERCEPTOR_LIBRARY_LOADED(filename, handle) \ 2326 libignore()->OnLibraryLoaded(filename) 2327 2328 #define COMMON_INTERCEPTOR_LIBRARY_UNLOADED() \ 2329 libignore()->OnLibraryUnloaded() 2330 2331 #define COMMON_INTERCEPTOR_DIR_ACQUIRE(ctx, path) \ 2332 Acquire(((TsanInterceptorContext *) ctx)->thr, pc, Dir2addr(path)) 2333 2334 #define COMMON_INTERCEPTOR_FD_ACQUIRE(ctx, fd) \ 2335 FdAcquire(((TsanInterceptorContext *) ctx)->thr, pc, fd) 2336 2337 #define COMMON_INTERCEPTOR_FD_RELEASE(ctx, fd) \ 2338 FdRelease(((TsanInterceptorContext *) ctx)->thr, pc, fd) 2339 2340 #define COMMON_INTERCEPTOR_FD_ACCESS(ctx, fd) \ 2341 FdAccess(((TsanInterceptorContext *) ctx)->thr, pc, fd) 2342 2343 #define COMMON_INTERCEPTOR_FD_SOCKET_ACCEPT(ctx, fd, newfd) \ 2344 FdSocketAccept(((TsanInterceptorContext *) ctx)->thr, pc, fd, newfd) 2345 2346 #define COMMON_INTERCEPTOR_SET_THREAD_NAME(ctx, name) \ 2347 ThreadSetName(((TsanInterceptorContext *) ctx)->thr, name) 2348 2349 #define COMMON_INTERCEPTOR_SET_PTHREAD_NAME(ctx, thread, name) \ 2350 __tsan::ctx->thread_registry->SetThreadNameByUserId(thread, name) 2351 2352 #define COMMON_INTERCEPTOR_BLOCK_REAL(name) BLOCK_REAL(name) 2353 2354 #define COMMON_INTERCEPTOR_ON_EXIT(ctx) \ 2355 OnExit(((TsanInterceptorContext *) ctx)->thr) 2356 2357 #define COMMON_INTERCEPTOR_MUTEX_LOCK(ctx, m) \ 2358 MutexLock(((TsanInterceptorContext *)ctx)->thr, \ 2359 ((TsanInterceptorContext *)ctx)->pc, (uptr)m) 2360 2361 #define COMMON_INTERCEPTOR_MUTEX_UNLOCK(ctx, m) \ 2362 MutexUnlock(((TsanInterceptorContext *)ctx)->thr, \ 2363 ((TsanInterceptorContext *)ctx)->pc, (uptr)m) 2364 2365 #define COMMON_INTERCEPTOR_MUTEX_REPAIR(ctx, m) \ 2366 MutexRepair(((TsanInterceptorContext *)ctx)->thr, \ 2367 ((TsanInterceptorContext *)ctx)->pc, (uptr)m) 2368 2369 #define COMMON_INTERCEPTOR_HANDLE_RECVMSG(ctx, msg) \ 2370 HandleRecvmsg(((TsanInterceptorContext *)ctx)->thr, \ 2371 ((TsanInterceptorContext *)ctx)->pc, msg) 2372 2373 #include "sanitizer_common/sanitizer_common_interceptors.inc" 2374 2375 #define TSAN_SYSCALL() \ 2376 ThreadState *thr = cur_thread(); \ 2377 if (thr->ignore_interceptors) \ 2378 return; \ 2379 ScopedSyscall scoped_syscall(thr) \ 2380 /**/ 2381 2382 struct ScopedSyscall { 2383 ThreadState *thr; 2384 2385 explicit ScopedSyscall(ThreadState *thr) 2386 : thr(thr) { 2387 Initialize(thr); 2388 } 2389 2390 ~ScopedSyscall() { 2391 ProcessPendingSignals(thr); 2392 } 2393 }; 2394 2395 static void syscall_access_range(uptr pc, uptr p, uptr s, bool write) { 2396 TSAN_SYSCALL(); 2397 MemoryAccessRange(thr, pc, p, s, write); 2398 } 2399 2400 static void syscall_acquire(uptr pc, uptr addr) { 2401 TSAN_SYSCALL(); 2402 Acquire(thr, pc, addr); 2403 DPrintf("syscall_acquire(%p)\n", addr); 2404 } 2405 2406 static void syscall_release(uptr pc, uptr addr) { 2407 TSAN_SYSCALL(); 2408 DPrintf("syscall_release(%p)\n", addr); 2409 Release(thr, pc, addr); 2410 } 2411 2412 static void syscall_fd_close(uptr pc, int fd) { 2413 TSAN_SYSCALL(); 2414 FdClose(thr, pc, fd); 2415 } 2416 2417 static USED void syscall_fd_acquire(uptr pc, int fd) { 2418 TSAN_SYSCALL(); 2419 FdAcquire(thr, pc, fd); 2420 DPrintf("syscall_fd_acquire(%p)\n", fd); 2421 } 2422 2423 static USED void syscall_fd_release(uptr pc, int fd) { 2424 TSAN_SYSCALL(); 2425 DPrintf("syscall_fd_release(%p)\n", fd); 2426 FdRelease(thr, pc, fd); 2427 } 2428 2429 static void syscall_pre_fork(uptr pc) { 2430 TSAN_SYSCALL(); 2431 ForkBefore(thr, pc); 2432 } 2433 2434 static void syscall_post_fork(uptr pc, int pid) { 2435 TSAN_SYSCALL(); 2436 if (pid == 0) { 2437 // child 2438 ForkChildAfter(thr, pc); 2439 FdOnFork(thr, pc); 2440 } else if (pid > 0) { 2441 // parent 2442 ForkParentAfter(thr, pc); 2443 } else { 2444 // error 2445 ForkParentAfter(thr, pc); 2446 } 2447 } 2448 2449 #define COMMON_SYSCALL_PRE_READ_RANGE(p, s) \ 2450 syscall_access_range(GET_CALLER_PC(), (uptr)(p), (uptr)(s), false) 2451 2452 #define COMMON_SYSCALL_PRE_WRITE_RANGE(p, s) \ 2453 syscall_access_range(GET_CALLER_PC(), (uptr)(p), (uptr)(s), true) 2454 2455 #define COMMON_SYSCALL_POST_READ_RANGE(p, s) \ 2456 do { \ 2457 (void)(p); \ 2458 (void)(s); \ 2459 } while (false) 2460 2461 #define COMMON_SYSCALL_POST_WRITE_RANGE(p, s) \ 2462 do { \ 2463 (void)(p); \ 2464 (void)(s); \ 2465 } while (false) 2466 2467 #define COMMON_SYSCALL_ACQUIRE(addr) \ 2468 syscall_acquire(GET_CALLER_PC(), (uptr)(addr)) 2469 2470 #define COMMON_SYSCALL_RELEASE(addr) \ 2471 syscall_release(GET_CALLER_PC(), (uptr)(addr)) 2472 2473 #define COMMON_SYSCALL_FD_CLOSE(fd) syscall_fd_close(GET_CALLER_PC(), fd) 2474 2475 #define COMMON_SYSCALL_FD_ACQUIRE(fd) syscall_fd_acquire(GET_CALLER_PC(), fd) 2476 2477 #define COMMON_SYSCALL_FD_RELEASE(fd) syscall_fd_release(GET_CALLER_PC(), fd) 2478 2479 #define COMMON_SYSCALL_PRE_FORK() \ 2480 syscall_pre_fork(GET_CALLER_PC()) 2481 2482 #define COMMON_SYSCALL_POST_FORK(res) \ 2483 syscall_post_fork(GET_CALLER_PC(), res) 2484 2485 #include "sanitizer_common/sanitizer_common_syscalls.inc" 2486 2487 namespace __tsan { 2488 2489 static void finalize(void *arg) { 2490 ThreadState *thr = cur_thread(); 2491 int status = Finalize(thr); 2492 // Make sure the output is not lost. 2493 FlushStreams(); 2494 if (status) 2495 REAL(_exit)(status); 2496 } 2497 2498 static void unreachable() { 2499 Report("FATAL: ThreadSanitizer: unreachable called\n"); 2500 Die(); 2501 } 2502 2503 void InitializeInterceptors() { 2504 // We need to setup it early, because functions like dlsym() can call it. 2505 REAL(memset) = internal_memset; 2506 REAL(memcpy) = internal_memcpy; 2507 REAL(memcmp) = internal_memcmp; 2508 2509 // Instruct libc malloc to consume less memory. 2510 #if !SANITIZER_FREEBSD 2511 mallopt(1, 0); // M_MXFAST 2512 mallopt(-3, 32*1024); // M_MMAP_THRESHOLD 2513 #endif 2514 2515 InitializeCommonInterceptors(); 2516 2517 // We can not use TSAN_INTERCEPT to get setjmp addr, 2518 // because it does &setjmp and setjmp is not present in some versions of libc. 2519 using __interception::GetRealFunctionAddress; 2520 GetRealFunctionAddress("setjmp", (uptr*)&REAL(setjmp), 0, 0); 2521 GetRealFunctionAddress("_setjmp", (uptr*)&REAL(_setjmp), 0, 0); 2522 GetRealFunctionAddress("sigsetjmp", (uptr*)&REAL(sigsetjmp), 0, 0); 2523 GetRealFunctionAddress("__sigsetjmp", (uptr*)&REAL(__sigsetjmp), 0, 0); 2524 2525 TSAN_INTERCEPT(longjmp); 2526 TSAN_INTERCEPT(siglongjmp); 2527 2528 TSAN_INTERCEPT(malloc); 2529 TSAN_INTERCEPT(__libc_memalign); 2530 TSAN_INTERCEPT(calloc); 2531 TSAN_INTERCEPT(realloc); 2532 TSAN_INTERCEPT(free); 2533 TSAN_INTERCEPT(cfree); 2534 TSAN_INTERCEPT(mmap); 2535 TSAN_MAYBE_INTERCEPT_MMAP64; 2536 TSAN_INTERCEPT(munmap); 2537 TSAN_MAYBE_INTERCEPT_MEMALIGN; 2538 TSAN_INTERCEPT(valloc); 2539 TSAN_MAYBE_INTERCEPT_PVALLOC; 2540 TSAN_INTERCEPT(posix_memalign); 2541 2542 TSAN_INTERCEPT(strlen); 2543 TSAN_INTERCEPT(memset); 2544 TSAN_INTERCEPT(memcpy); 2545 TSAN_INTERCEPT(memmove); 2546 TSAN_INTERCEPT(memcmp); 2547 TSAN_INTERCEPT(strchr); 2548 TSAN_INTERCEPT(strchrnul); 2549 TSAN_INTERCEPT(strrchr); 2550 TSAN_INTERCEPT(strcpy); // NOLINT 2551 TSAN_INTERCEPT(strncpy); 2552 TSAN_INTERCEPT(strstr); 2553 TSAN_INTERCEPT(strdup); 2554 2555 TSAN_INTERCEPT(pthread_create); 2556 TSAN_INTERCEPT(pthread_join); 2557 TSAN_INTERCEPT(pthread_detach); 2558 2559 TSAN_INTERCEPT_VER(pthread_cond_init, "GLIBC_2.3.2"); 2560 TSAN_INTERCEPT_VER(pthread_cond_signal, "GLIBC_2.3.2"); 2561 TSAN_INTERCEPT_VER(pthread_cond_broadcast, "GLIBC_2.3.2"); 2562 TSAN_INTERCEPT_VER(pthread_cond_wait, "GLIBC_2.3.2"); 2563 TSAN_INTERCEPT_VER(pthread_cond_timedwait, "GLIBC_2.3.2"); 2564 TSAN_INTERCEPT_VER(pthread_cond_destroy, "GLIBC_2.3.2"); 2565 2566 TSAN_INTERCEPT(pthread_mutex_init); 2567 TSAN_INTERCEPT(pthread_mutex_destroy); 2568 TSAN_INTERCEPT(pthread_mutex_trylock); 2569 TSAN_INTERCEPT(pthread_mutex_timedlock); 2570 2571 TSAN_INTERCEPT(pthread_spin_init); 2572 TSAN_INTERCEPT(pthread_spin_destroy); 2573 TSAN_INTERCEPT(pthread_spin_lock); 2574 TSAN_INTERCEPT(pthread_spin_trylock); 2575 TSAN_INTERCEPT(pthread_spin_unlock); 2576 2577 TSAN_INTERCEPT(pthread_rwlock_init); 2578 TSAN_INTERCEPT(pthread_rwlock_destroy); 2579 TSAN_INTERCEPT(pthread_rwlock_rdlock); 2580 TSAN_INTERCEPT(pthread_rwlock_tryrdlock); 2581 TSAN_INTERCEPT(pthread_rwlock_timedrdlock); 2582 TSAN_INTERCEPT(pthread_rwlock_wrlock); 2583 TSAN_INTERCEPT(pthread_rwlock_trywrlock); 2584 TSAN_INTERCEPT(pthread_rwlock_timedwrlock); 2585 TSAN_INTERCEPT(pthread_rwlock_unlock); 2586 2587 TSAN_INTERCEPT(pthread_barrier_init); 2588 TSAN_INTERCEPT(pthread_barrier_destroy); 2589 TSAN_INTERCEPT(pthread_barrier_wait); 2590 2591 TSAN_INTERCEPT(pthread_once); 2592 2593 TSAN_INTERCEPT(sem_init); 2594 TSAN_INTERCEPT(sem_destroy); 2595 TSAN_INTERCEPT(sem_wait); 2596 TSAN_INTERCEPT(sem_trywait); 2597 TSAN_INTERCEPT(sem_timedwait); 2598 TSAN_INTERCEPT(sem_post); 2599 TSAN_INTERCEPT(sem_getvalue); 2600 2601 TSAN_INTERCEPT(stat); 2602 TSAN_MAYBE_INTERCEPT___XSTAT; 2603 TSAN_MAYBE_INTERCEPT_STAT64; 2604 TSAN_MAYBE_INTERCEPT___XSTAT64; 2605 TSAN_INTERCEPT(lstat); 2606 TSAN_MAYBE_INTERCEPT___LXSTAT; 2607 TSAN_MAYBE_INTERCEPT_LSTAT64; 2608 TSAN_MAYBE_INTERCEPT___LXSTAT64; 2609 TSAN_INTERCEPT(fstat); 2610 TSAN_MAYBE_INTERCEPT___FXSTAT; 2611 TSAN_MAYBE_INTERCEPT_FSTAT64; 2612 TSAN_MAYBE_INTERCEPT___FXSTAT64; 2613 TSAN_INTERCEPT(open); 2614 TSAN_MAYBE_INTERCEPT_OPEN64; 2615 TSAN_INTERCEPT(creat); 2616 TSAN_MAYBE_INTERCEPT_CREAT64; 2617 TSAN_INTERCEPT(dup); 2618 TSAN_INTERCEPT(dup2); 2619 TSAN_INTERCEPT(dup3); 2620 TSAN_MAYBE_INTERCEPT_EVENTFD; 2621 TSAN_MAYBE_INTERCEPT_SIGNALFD; 2622 TSAN_MAYBE_INTERCEPT_INOTIFY_INIT; 2623 TSAN_MAYBE_INTERCEPT_INOTIFY_INIT1; 2624 TSAN_INTERCEPT(socket); 2625 TSAN_INTERCEPT(socketpair); 2626 TSAN_INTERCEPT(connect); 2627 TSAN_INTERCEPT(bind); 2628 TSAN_INTERCEPT(listen); 2629 TSAN_MAYBE_INTERCEPT_EPOLL_CREATE; 2630 TSAN_MAYBE_INTERCEPT_EPOLL_CREATE1; 2631 TSAN_INTERCEPT(close); 2632 TSAN_MAYBE_INTERCEPT___CLOSE; 2633 TSAN_MAYBE_INTERCEPT___RES_ICLOSE; 2634 TSAN_INTERCEPT(pipe); 2635 TSAN_INTERCEPT(pipe2); 2636 2637 TSAN_INTERCEPT(send); 2638 TSAN_INTERCEPT(sendmsg); 2639 TSAN_INTERCEPT(recv); 2640 2641 TSAN_INTERCEPT(unlink); 2642 TSAN_INTERCEPT(tmpfile); 2643 TSAN_MAYBE_INTERCEPT_TMPFILE64; 2644 TSAN_INTERCEPT(fread); 2645 TSAN_INTERCEPT(fwrite); 2646 TSAN_INTERCEPT(abort); 2647 TSAN_INTERCEPT(puts); 2648 TSAN_INTERCEPT(rmdir); 2649 TSAN_INTERCEPT(closedir); 2650 2651 TSAN_MAYBE_INTERCEPT_EPOLL_CTL; 2652 TSAN_MAYBE_INTERCEPT_EPOLL_WAIT; 2653 2654 TSAN_INTERCEPT(sigaction); 2655 TSAN_INTERCEPT(signal); 2656 TSAN_INTERCEPT(sigsuspend); 2657 TSAN_INTERCEPT(raise); 2658 TSAN_INTERCEPT(kill); 2659 TSAN_INTERCEPT(pthread_kill); 2660 TSAN_INTERCEPT(sleep); 2661 TSAN_INTERCEPT(usleep); 2662 TSAN_INTERCEPT(nanosleep); 2663 TSAN_INTERCEPT(gettimeofday); 2664 TSAN_INTERCEPT(getaddrinfo); 2665 2666 TSAN_INTERCEPT(fork); 2667 TSAN_INTERCEPT(vfork); 2668 TSAN_INTERCEPT(on_exit); 2669 TSAN_INTERCEPT(__cxa_atexit); 2670 TSAN_INTERCEPT(_exit); 2671 2672 // Need to setup it, because interceptors check that the function is resolved. 2673 // But atexit is emitted directly into the module, so can't be resolved. 2674 REAL(atexit) = (int(*)(void(*)()))unreachable; 2675 if (REAL(__cxa_atexit)(&finalize, 0, 0)) { 2676 Printf("ThreadSanitizer: failed to setup atexit callback\n"); 2677 Die(); 2678 } 2679 2680 if (pthread_key_create(&g_thread_finalize_key, &thread_finalize)) { 2681 Printf("ThreadSanitizer: failed to create thread key\n"); 2682 Die(); 2683 } 2684 2685 FdInit(); 2686 } 2687 2688 } // namespace __tsan 2689