From 7e88686e5750a415060253b5c19d856a15ddf358 Mon Sep 17 00:00:00 2001 From: Thurston Dang Date: Thu, 21 Nov 2024 00:16:09 +0000 Subject: [PATCH 1/4] [sanitizer_common] Intercept timespec_get except for hwasan Intercept timespec_get for all sanitizers except for hwasan --- .../lib/hwasan/hwasan_platform_interceptors.h | 3 +++ .../sanitizer_common_interceptors.inc | 19 +++++++++++++++++++ .../sanitizer_platform_interceptors.h | 3 +-- 3 files changed, 23 insertions(+), 2 deletions(-) diff --git a/compiler-rt/lib/hwasan/hwasan_platform_interceptors.h b/compiler-rt/lib/hwasan/hwasan_platform_interceptors.h index e8011014c2331..8a653d83dec65 100644 --- a/compiler-rt/lib/hwasan/hwasan_platform_interceptors.h +++ b/compiler-rt/lib/hwasan/hwasan_platform_interceptors.h @@ -209,6 +209,9 @@ #undef SANITIZER_INTERCEPT_TIME #define SANITIZER_INTERCEPT_TIME 0 +#undef SANITIZER_INTERCEPT_TIMESPEC_GET +#define SANITIZER_INTERCEPT_TIMESPEC_GET 0 + #undef SANITIZER_INTERCEPT_GLOB #define SANITIZER_INTERCEPT_GLOB 0 diff --git a/compiler-rt/lib/sanitizer_common/sanitizer_common_interceptors.inc b/compiler-rt/lib/sanitizer_common/sanitizer_common_interceptors.inc index 99fa737adfaf2..07b65a1f0c15e 100644 --- a/compiler-rt/lib/sanitizer_common/sanitizer_common_interceptors.inc +++ b/compiler-rt/lib/sanitizer_common/sanitizer_common_interceptors.inc @@ -2389,6 +2389,24 @@ INTERCEPTOR(int, setitimer, int which, const void *new_value, void *old_value) { #define INIT_GETITIMER #endif +#if SANITIZER_INTERCEPT_TIMESPEC_GET +INTERCEPTOR(int, timespec_get, struct __sanitizer_timespec *ts, int base) { + void *ctx; + COMMON_INTERCEPTOR_ENTER(ctx, timespec_get, ts, base); + // FIXME: under ASan the call below may write to freed memory and corrupt + // its metadata. See + // https://github.com/google/sanitizers/issues/321. + int res = REAL(timespec_get)(ts, base); + if (res) { + COMMON_INTERCEPTOR_WRITE_RANGE(ctx, ts, sizeof(struct __sanitizer_timespec)); + } + return res; +} +#define INIT_TIMESPEC_GET COMMON_INTERCEPT_FUNCTION(timespec_get); +#else +#define INIT_TIMESPEC_GET +#endif + #if SANITIZER_INTERCEPT_GLOB static void unpoison_glob_t(void *ctx, __sanitizer_glob_t *pglob) { COMMON_INTERCEPTOR_WRITE_RANGE(ctx, pglob, sizeof(*pglob)); @@ -10324,6 +10342,7 @@ static void InitializeCommonInterceptors() { INIT_TIMER_CREATE; INIT_GETITIMER; INIT_TIME; + INIT_TIMESPEC_GET; INIT_GLOB; INIT_GLOB64; INIT___B64_TO; diff --git a/compiler-rt/lib/sanitizer_common/sanitizer_platform_interceptors.h b/compiler-rt/lib/sanitizer_common/sanitizer_platform_interceptors.h index 1f78b1af8e2c6..36f18acc15fe1 100644 --- a/compiler-rt/lib/sanitizer_common/sanitizer_platform_interceptors.h +++ b/compiler-rt/lib/sanitizer_common/sanitizer_platform_interceptors.h @@ -210,8 +210,6 @@ SANITIZER_WEAK_IMPORT void *aligned_alloc(__sanitizer::usize __alignment, #define SANITIZER_INTERCEPT_PREAD64 (SI_GLIBC || SI_SOLARIS32) #define SANITIZER_INTERCEPT_PWRITE64 (SI_GLIBC || SI_SOLARIS32) -#define SANITIZER_INTERCEPT_LSEEK64 (SI_GLIBC || SI_SOLARIS32) - #define SANITIZER_INTERCEPT_READV SI_POSIX #define SANITIZER_INTERCEPT_WRITEV SI_POSIX @@ -263,6 +261,7 @@ SANITIZER_WEAK_IMPORT void *aligned_alloc(__sanitizer::usize __alignment, #define SANITIZER_INTERCEPT_TIMER_CREATE SI_GLIBC #define SANITIZER_INTERCEPT_GETITIMER SI_POSIX #define SANITIZER_INTERCEPT_TIME SI_POSIX +#define SANITIZER_INTERCEPT_TIMESPEC_GET SI_LINUX #define SANITIZER_INTERCEPT_GLOB (SI_GLIBC || SI_SOLARIS) #define SANITIZER_INTERCEPT_GLOB64 SI_GLIBC #define SANITIZER_INTERCEPT___B64_TO SI_LINUX_NOT_ANDROID From 22ea0936155f5312b9eeb500bf6da4f169d4d3d2 Mon Sep 17 00:00:00 2001 From: Thurston Dang Date: Thu, 21 Nov 2024 00:24:25 +0000 Subject: [PATCH 2/4] clang-format --- .../lib/sanitizer_common/sanitizer_common_interceptors.inc | 7 ++++--- 1 file changed, 4 insertions(+), 3 deletions(-) diff --git a/compiler-rt/lib/sanitizer_common/sanitizer_common_interceptors.inc b/compiler-rt/lib/sanitizer_common/sanitizer_common_interceptors.inc index 07b65a1f0c15e..c0fd55b3b3d6d 100644 --- a/compiler-rt/lib/sanitizer_common/sanitizer_common_interceptors.inc +++ b/compiler-rt/lib/sanitizer_common/sanitizer_common_interceptors.inc @@ -2398,13 +2398,14 @@ INTERCEPTOR(int, timespec_get, struct __sanitizer_timespec *ts, int base) { // https://github.com/google/sanitizers/issues/321. int res = REAL(timespec_get)(ts, base); if (res) { - COMMON_INTERCEPTOR_WRITE_RANGE(ctx, ts, sizeof(struct __sanitizer_timespec)); + COMMON_INTERCEPTOR_WRITE_RANGE(ctx, ts, + sizeof(struct __sanitizer_timespec)); } return res; } -#define INIT_TIMESPEC_GET COMMON_INTERCEPT_FUNCTION(timespec_get); +# define INIT_TIMESPEC_GET COMMON_INTERCEPT_FUNCTION(timespec_get); #else -#define INIT_TIMESPEC_GET +# define INIT_TIMESPEC_GET #endif #if SANITIZER_INTERCEPT_GLOB From 6865d0a769ca4e03960d02b6e7da56507bec7ebd Mon Sep 17 00:00:00 2001 From: Thurston Dang Date: Thu, 21 Nov 2024 00:26:03 +0000 Subject: [PATCH 3/4] Rebase --- .../lib/sanitizer_common/sanitizer_platform_interceptors.h | 2 ++ 1 file changed, 2 insertions(+) diff --git a/compiler-rt/lib/sanitizer_common/sanitizer_platform_interceptors.h b/compiler-rt/lib/sanitizer_common/sanitizer_platform_interceptors.h index 36f18acc15fe1..190cad7cf7c3f 100644 --- a/compiler-rt/lib/sanitizer_common/sanitizer_platform_interceptors.h +++ b/compiler-rt/lib/sanitizer_common/sanitizer_platform_interceptors.h @@ -210,6 +210,8 @@ SANITIZER_WEAK_IMPORT void *aligned_alloc(__sanitizer::usize __alignment, #define SANITIZER_INTERCEPT_PREAD64 (SI_GLIBC || SI_SOLARIS32) #define SANITIZER_INTERCEPT_PWRITE64 (SI_GLIBC || SI_SOLARIS32) +#define SANITIZER_INTERCEPT_LSEEK64 (SI_GLIBC || SI_SOLARIS32) + #define SANITIZER_INTERCEPT_READV SI_POSIX #define SANITIZER_INTERCEPT_WRITEV SI_POSIX From 97834fa4cff19b9a220c4c80416ca801eb8eb3ae Mon Sep 17 00:00:00 2001 From: Thurston Dang Date: Thu, 21 Nov 2024 18:16:16 +0000 Subject: [PATCH 4/4] Improve diagnostics if parameter is freed pointer --- .../sanitizer_common/sanitizer_common_interceptors.inc | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/compiler-rt/lib/sanitizer_common/sanitizer_common_interceptors.inc b/compiler-rt/lib/sanitizer_common/sanitizer_common_interceptors.inc index c0fd55b3b3d6d..ba3693dbd11f6 100644 --- a/compiler-rt/lib/sanitizer_common/sanitizer_common_interceptors.inc +++ b/compiler-rt/lib/sanitizer_common/sanitizer_common_interceptors.inc @@ -2393,13 +2393,13 @@ INTERCEPTOR(int, setitimer, int which, const void *new_value, void *old_value) { INTERCEPTOR(int, timespec_get, struct __sanitizer_timespec *ts, int base) { void *ctx; COMMON_INTERCEPTOR_ENTER(ctx, timespec_get, ts, base); - // FIXME: under ASan the call below may write to freed memory and corrupt - // its metadata. See - // https://github.com/google/sanitizers/issues/321. - int res = REAL(timespec_get)(ts, base); + // We don't yet know if ts is addressable, so we use our own scratch buffer + struct __sanitizer_timespec ts_local; + int res = REAL(timespec_get)(&ts_local, base); if (res) { COMMON_INTERCEPTOR_WRITE_RANGE(ctx, ts, sizeof(struct __sanitizer_timespec)); + internal_memcpy(ts, &ts_local, sizeof(struct __sanitizer_timespec)); } return res; }