xref: /freebsd/contrib/llvm-project/compiler-rt/lib/tsan/rtl/tsan_rtl.cpp (revision 35c0a8c449fd2b7f75029ebed5e10852240f0865)
1 //===-- tsan_rtl.cpp ------------------------------------------------------===//
2 //
3 // Part of the LLVM Project, under the Apache License v2.0 with LLVM Exceptions.
4 // See https://llvm.org/LICENSE.txt for license information.
5 // SPDX-License-Identifier: Apache-2.0 WITH LLVM-exception
6 //
7 //===----------------------------------------------------------------------===//
8 //
9 // This file is a part of ThreadSanitizer (TSan), a race detector.
10 //
11 // Main file (entry points) for the TSan run-time.
12 //===----------------------------------------------------------------------===//
13 
14 #include "tsan_rtl.h"
15 
16 #include "sanitizer_common/sanitizer_atomic.h"
17 #include "sanitizer_common/sanitizer_common.h"
18 #include "sanitizer_common/sanitizer_file.h"
19 #include "sanitizer_common/sanitizer_interface_internal.h"
20 #include "sanitizer_common/sanitizer_libc.h"
21 #include "sanitizer_common/sanitizer_placement_new.h"
22 #include "sanitizer_common/sanitizer_stackdepot.h"
23 #include "sanitizer_common/sanitizer_symbolizer.h"
24 #include "tsan_defs.h"
25 #include "tsan_interface.h"
26 #include "tsan_mman.h"
27 #include "tsan_platform.h"
28 #include "tsan_suppressions.h"
29 #include "tsan_symbolize.h"
30 #include "ubsan/ubsan_init.h"
31 
32 volatile int __tsan_resumed = 0;
33 
34 extern "C" void __tsan_resume() {
35   __tsan_resumed = 1;
36 }
37 
38 #if SANITIZER_APPLE
39 SANITIZER_WEAK_DEFAULT_IMPL
40 void __tsan_test_only_on_fork() {}
41 #endif
42 
43 namespace __tsan {
44 
45 #if !SANITIZER_GO
46 void (*on_initialize)(void);
47 int (*on_finalize)(int);
48 #endif
49 
50 #if !SANITIZER_GO && !SANITIZER_APPLE
51 alignas(SANITIZER_CACHE_LINE_SIZE) THREADLOCAL __attribute__((tls_model(
52     "initial-exec"))) char cur_thread_placeholder[sizeof(ThreadState)];
53 #endif
54 alignas(SANITIZER_CACHE_LINE_SIZE) static char ctx_placeholder[sizeof(Context)];
55 Context *ctx;
56 
57 // Can be overriden by a front-end.
58 #ifdef TSAN_EXTERNAL_HOOKS
59 bool OnFinalize(bool failed);
60 void OnInitialize();
61 #else
62 SANITIZER_WEAK_CXX_DEFAULT_IMPL
63 bool OnFinalize(bool failed) {
64 #  if !SANITIZER_GO
65   if (on_finalize)
66     return on_finalize(failed);
67 #  endif
68   return failed;
69 }
70 
71 SANITIZER_WEAK_CXX_DEFAULT_IMPL
72 void OnInitialize() {
73 #  if !SANITIZER_GO
74   if (on_initialize)
75     on_initialize();
76 #  endif
77 }
78 #endif
79 
80 static TracePart* TracePartAlloc(ThreadState* thr) {
81   TracePart* part = nullptr;
82   {
83     Lock lock(&ctx->slot_mtx);
84     uptr max_parts = Trace::kMinParts + flags()->history_size;
85     Trace* trace = &thr->tctx->trace;
86     if (trace->parts_allocated == max_parts ||
87         ctx->trace_part_finished_excess) {
88       part = ctx->trace_part_recycle.PopFront();
89       DPrintf("#%d: TracePartAlloc: part=%p\n", thr->tid, part);
90       if (part && part->trace) {
91         Trace* trace1 = part->trace;
92         Lock trace_lock(&trace1->mtx);
93         part->trace = nullptr;
94         TracePart* part1 = trace1->parts.PopFront();
95         CHECK_EQ(part, part1);
96         if (trace1->parts_allocated > trace1->parts.Size()) {
97           ctx->trace_part_finished_excess +=
98               trace1->parts_allocated - trace1->parts.Size();
99           trace1->parts_allocated = trace1->parts.Size();
100         }
101       }
102     }
103     if (trace->parts_allocated < max_parts) {
104       trace->parts_allocated++;
105       if (ctx->trace_part_finished_excess)
106         ctx->trace_part_finished_excess--;
107     }
108     if (!part)
109       ctx->trace_part_total_allocated++;
110     else if (ctx->trace_part_recycle_finished)
111       ctx->trace_part_recycle_finished--;
112   }
113   if (!part)
114     part = new (MmapOrDie(sizeof(*part), "TracePart")) TracePart();
115   return part;
116 }
117 
118 static void TracePartFree(TracePart* part) SANITIZER_REQUIRES(ctx->slot_mtx) {
119   DCHECK(part->trace);
120   part->trace = nullptr;
121   ctx->trace_part_recycle.PushFront(part);
122 }
123 
124 void TraceResetForTesting() {
125   Lock lock(&ctx->slot_mtx);
126   while (auto* part = ctx->trace_part_recycle.PopFront()) {
127     if (auto trace = part->trace)
128       CHECK_EQ(trace->parts.PopFront(), part);
129     UnmapOrDie(part, sizeof(*part));
130   }
131   ctx->trace_part_total_allocated = 0;
132   ctx->trace_part_recycle_finished = 0;
133   ctx->trace_part_finished_excess = 0;
134 }
135 
136 static void DoResetImpl(uptr epoch) {
137   ThreadRegistryLock lock0(&ctx->thread_registry);
138   Lock lock1(&ctx->slot_mtx);
139   CHECK_EQ(ctx->global_epoch, epoch);
140   ctx->global_epoch++;
141   CHECK(!ctx->resetting);
142   ctx->resetting = true;
143   for (u32 i = ctx->thread_registry.NumThreadsLocked(); i--;) {
144     ThreadContext* tctx = (ThreadContext*)ctx->thread_registry.GetThreadLocked(
145         static_cast<Tid>(i));
146     // Potentially we could purge all ThreadStatusDead threads from the
147     // registry. Since we reset all shadow, they can't race with anything
148     // anymore. However, their tid's can still be stored in some aux places
149     // (e.g. tid of thread that created something).
150     auto trace = &tctx->trace;
151     Lock lock(&trace->mtx);
152     bool attached = tctx->thr && tctx->thr->slot;
153     auto parts = &trace->parts;
154     bool local = false;
155     while (!parts->Empty()) {
156       auto part = parts->Front();
157       local = local || part == trace->local_head;
158       if (local)
159         CHECK(!ctx->trace_part_recycle.Queued(part));
160       else
161         ctx->trace_part_recycle.Remove(part);
162       if (attached && parts->Size() == 1) {
163         // The thread is running and this is the last/current part.
164         // Set the trace position to the end of the current part
165         // to force the thread to call SwitchTracePart and re-attach
166         // to a new slot and allocate a new trace part.
167         // Note: the thread is concurrently modifying the position as well,
168         // so this is only best-effort. The thread can only modify position
169         // within this part, because switching parts is protected by
170         // slot/trace mutexes that we hold here.
171         atomic_store_relaxed(
172             &tctx->thr->trace_pos,
173             reinterpret_cast<uptr>(&part->events[TracePart::kSize]));
174         break;
175       }
176       parts->Remove(part);
177       TracePartFree(part);
178     }
179     CHECK_LE(parts->Size(), 1);
180     trace->local_head = parts->Front();
181     if (tctx->thr && !tctx->thr->slot) {
182       atomic_store_relaxed(&tctx->thr->trace_pos, 0);
183       tctx->thr->trace_prev_pc = 0;
184     }
185     if (trace->parts_allocated > trace->parts.Size()) {
186       ctx->trace_part_finished_excess +=
187           trace->parts_allocated - trace->parts.Size();
188       trace->parts_allocated = trace->parts.Size();
189     }
190   }
191   while (ctx->slot_queue.PopFront()) {
192   }
193   for (auto& slot : ctx->slots) {
194     slot.SetEpoch(kEpochZero);
195     slot.journal.Reset();
196     slot.thr = nullptr;
197     ctx->slot_queue.PushBack(&slot);
198   }
199 
200   DPrintf("Resetting shadow...\n");
201   auto shadow_begin = ShadowBeg();
202   auto shadow_end = ShadowEnd();
203 #if SANITIZER_GO
204   CHECK_NE(0, ctx->mapped_shadow_begin);
205   shadow_begin = ctx->mapped_shadow_begin;
206   shadow_end = ctx->mapped_shadow_end;
207   VPrintf(2, "shadow_begin-shadow_end: (0x%zx-0x%zx)\n",
208           shadow_begin, shadow_end);
209 #endif
210 
211 #if SANITIZER_WINDOWS
212   auto resetFailed =
213       !ZeroMmapFixedRegion(shadow_begin, shadow_end - shadow_begin);
214 #else
215   auto resetFailed =
216       !MmapFixedSuperNoReserve(shadow_begin, shadow_end-shadow_begin, "shadow");
217 #  if !SANITIZER_GO
218   DontDumpShadow(shadow_begin, shadow_end - shadow_begin);
219 #  endif
220 #endif
221   if (resetFailed) {
222     Printf("failed to reset shadow memory\n");
223     Die();
224   }
225   DPrintf("Resetting meta shadow...\n");
226   ctx->metamap.ResetClocks();
227   StoreShadow(&ctx->last_spurious_race, Shadow::kEmpty);
228   ctx->resetting = false;
229 }
230 
231 // Clang does not understand locking all slots in the loop:
232 // error: expecting mutex 'slot.mtx' to be held at start of each loop
233 void DoReset(ThreadState* thr, uptr epoch) SANITIZER_NO_THREAD_SAFETY_ANALYSIS {
234   for (auto& slot : ctx->slots) {
235     slot.mtx.Lock();
236     if (UNLIKELY(epoch == 0))
237       epoch = ctx->global_epoch;
238     if (UNLIKELY(epoch != ctx->global_epoch)) {
239       // Epoch can't change once we've locked the first slot.
240       CHECK_EQ(slot.sid, 0);
241       slot.mtx.Unlock();
242       return;
243     }
244   }
245   DPrintf("#%d: DoReset epoch=%lu\n", thr ? thr->tid : -1, epoch);
246   DoResetImpl(epoch);
247   for (auto& slot : ctx->slots) slot.mtx.Unlock();
248 }
249 
250 void FlushShadowMemory() { DoReset(nullptr, 0); }
251 
252 static TidSlot* FindSlotAndLock(ThreadState* thr)
253     SANITIZER_ACQUIRE(thr->slot->mtx) SANITIZER_NO_THREAD_SAFETY_ANALYSIS {
254   CHECK(!thr->slot);
255   TidSlot* slot = nullptr;
256   for (;;) {
257     uptr epoch;
258     {
259       Lock lock(&ctx->slot_mtx);
260       epoch = ctx->global_epoch;
261       if (slot) {
262         // This is an exhausted slot from the previous iteration.
263         if (ctx->slot_queue.Queued(slot))
264           ctx->slot_queue.Remove(slot);
265         thr->slot_locked = false;
266         slot->mtx.Unlock();
267       }
268       for (;;) {
269         slot = ctx->slot_queue.PopFront();
270         if (!slot)
271           break;
272         if (slot->epoch() != kEpochLast) {
273           ctx->slot_queue.PushBack(slot);
274           break;
275         }
276       }
277     }
278     if (!slot) {
279       DoReset(thr, epoch);
280       continue;
281     }
282     slot->mtx.Lock();
283     CHECK(!thr->slot_locked);
284     thr->slot_locked = true;
285     if (slot->thr) {
286       DPrintf("#%d: preempting sid=%d tid=%d\n", thr->tid, (u32)slot->sid,
287               slot->thr->tid);
288       slot->SetEpoch(slot->thr->fast_state.epoch());
289       slot->thr = nullptr;
290     }
291     if (slot->epoch() != kEpochLast)
292       return slot;
293   }
294 }
295 
296 void SlotAttachAndLock(ThreadState* thr) {
297   TidSlot* slot = FindSlotAndLock(thr);
298   DPrintf("#%d: SlotAttach: slot=%u\n", thr->tid, static_cast<int>(slot->sid));
299   CHECK(!slot->thr);
300   CHECK(!thr->slot);
301   slot->thr = thr;
302   thr->slot = slot;
303   Epoch epoch = EpochInc(slot->epoch());
304   CHECK(!EpochOverflow(epoch));
305   slot->SetEpoch(epoch);
306   thr->fast_state.SetSid(slot->sid);
307   thr->fast_state.SetEpoch(epoch);
308   if (thr->slot_epoch != ctx->global_epoch) {
309     thr->slot_epoch = ctx->global_epoch;
310     thr->clock.Reset();
311 #if !SANITIZER_GO
312     thr->last_sleep_stack_id = kInvalidStackID;
313     thr->last_sleep_clock.Reset();
314 #endif
315   }
316   thr->clock.Set(slot->sid, epoch);
317   slot->journal.PushBack({thr->tid, epoch});
318 }
319 
320 static void SlotDetachImpl(ThreadState* thr, bool exiting) {
321   TidSlot* slot = thr->slot;
322   thr->slot = nullptr;
323   if (thr != slot->thr) {
324     slot = nullptr;  // we don't own the slot anymore
325     if (thr->slot_epoch != ctx->global_epoch) {
326       TracePart* part = nullptr;
327       auto* trace = &thr->tctx->trace;
328       {
329         Lock l(&trace->mtx);
330         auto* parts = &trace->parts;
331         // The trace can be completely empty in an unlikely event
332         // the thread is preempted right after it acquired the slot
333         // in ThreadStart and did not trace any events yet.
334         CHECK_LE(parts->Size(), 1);
335         part = parts->PopFront();
336         thr->tctx->trace.local_head = nullptr;
337         atomic_store_relaxed(&thr->trace_pos, 0);
338         thr->trace_prev_pc = 0;
339       }
340       if (part) {
341         Lock l(&ctx->slot_mtx);
342         TracePartFree(part);
343       }
344     }
345     return;
346   }
347   CHECK(exiting || thr->fast_state.epoch() == kEpochLast);
348   slot->SetEpoch(thr->fast_state.epoch());
349   slot->thr = nullptr;
350 }
351 
352 void SlotDetach(ThreadState* thr) {
353   Lock lock(&thr->slot->mtx);
354   SlotDetachImpl(thr, true);
355 }
356 
357 void SlotLock(ThreadState* thr) SANITIZER_NO_THREAD_SAFETY_ANALYSIS {
358   DCHECK(!thr->slot_locked);
359 #if SANITIZER_DEBUG
360   // Check these mutexes are not locked.
361   // We can call DoReset from SlotAttachAndLock, which will lock
362   // these mutexes, but it happens only every once in a while.
363   { ThreadRegistryLock lock(&ctx->thread_registry); }
364   { Lock lock(&ctx->slot_mtx); }
365 #endif
366   TidSlot* slot = thr->slot;
367   slot->mtx.Lock();
368   thr->slot_locked = true;
369   if (LIKELY(thr == slot->thr && thr->fast_state.epoch() != kEpochLast))
370     return;
371   SlotDetachImpl(thr, false);
372   thr->slot_locked = false;
373   slot->mtx.Unlock();
374   SlotAttachAndLock(thr);
375 }
376 
377 void SlotUnlock(ThreadState* thr) {
378   DCHECK(thr->slot_locked);
379   thr->slot_locked = false;
380   thr->slot->mtx.Unlock();
381 }
382 
383 Context::Context()
384     : initialized(),
385       report_mtx(MutexTypeReport),
386       nreported(),
387       thread_registry([](Tid tid) -> ThreadContextBase* {
388         return new (Alloc(sizeof(ThreadContext))) ThreadContext(tid);
389       }),
390       racy_mtx(MutexTypeRacy),
391       racy_stacks(),
392       fired_suppressions_mtx(MutexTypeFired),
393       slot_mtx(MutexTypeSlots),
394       resetting() {
395   fired_suppressions.reserve(8);
396   for (uptr i = 0; i < ARRAY_SIZE(slots); i++) {
397     TidSlot* slot = &slots[i];
398     slot->sid = static_cast<Sid>(i);
399     slot_queue.PushBack(slot);
400   }
401   global_epoch = 1;
402 }
403 
404 TidSlot::TidSlot() : mtx(MutexTypeSlot) {}
405 
406 // The objects are allocated in TLS, so one may rely on zero-initialization.
407 ThreadState::ThreadState(Tid tid)
408     // Do not touch these, rely on zero initialization,
409     // they may be accessed before the ctor.
410     // ignore_reads_and_writes()
411     // ignore_interceptors()
412     : tid(tid) {
413   CHECK_EQ(reinterpret_cast<uptr>(this) % SANITIZER_CACHE_LINE_SIZE, 0);
414 #if !SANITIZER_GO
415   // C/C++ uses fixed size shadow stack.
416   const int kInitStackSize = kShadowStackSize;
417   shadow_stack = static_cast<uptr*>(
418       MmapNoReserveOrDie(kInitStackSize * sizeof(uptr), "shadow stack"));
419   SetShadowRegionHugePageMode(reinterpret_cast<uptr>(shadow_stack),
420                               kInitStackSize * sizeof(uptr));
421 #else
422   // Go uses malloc-allocated shadow stack with dynamic size.
423   const int kInitStackSize = 8;
424   shadow_stack = static_cast<uptr*>(Alloc(kInitStackSize * sizeof(uptr)));
425 #endif
426   shadow_stack_pos = shadow_stack;
427   shadow_stack_end = shadow_stack + kInitStackSize;
428 }
429 
430 #if !SANITIZER_GO
431 void MemoryProfiler(u64 uptime) {
432   if (ctx->memprof_fd == kInvalidFd)
433     return;
434   InternalMmapVector<char> buf(4096);
435   WriteMemoryProfile(buf.data(), buf.size(), uptime);
436   WriteToFile(ctx->memprof_fd, buf.data(), internal_strlen(buf.data()));
437 }
438 
439 static bool InitializeMemoryProfiler() {
440   ctx->memprof_fd = kInvalidFd;
441   const char *fname = flags()->profile_memory;
442   if (!fname || !fname[0])
443     return false;
444   if (internal_strcmp(fname, "stdout") == 0) {
445     ctx->memprof_fd = 1;
446   } else if (internal_strcmp(fname, "stderr") == 0) {
447     ctx->memprof_fd = 2;
448   } else {
449     InternalScopedString filename;
450     filename.AppendF("%s.%d", fname, (int)internal_getpid());
451     ctx->memprof_fd = OpenFile(filename.data(), WrOnly);
452     if (ctx->memprof_fd == kInvalidFd) {
453       Printf("ThreadSanitizer: failed to open memory profile file '%s'\n",
454              filename.data());
455       return false;
456     }
457   }
458   MemoryProfiler(0);
459   return true;
460 }
461 
462 static void *BackgroundThread(void *arg) {
463   // This is a non-initialized non-user thread, nothing to see here.
464   // We don't use ScopedIgnoreInterceptors, because we want ignores to be
465   // enabled even when the thread function exits (e.g. during pthread thread
466   // shutdown code).
467   cur_thread_init()->ignore_interceptors++;
468   const u64 kMs2Ns = 1000 * 1000;
469   const u64 start = NanoTime();
470 
471   u64 last_flush = start;
472   uptr last_rss = 0;
473   while (!atomic_load_relaxed(&ctx->stop_background_thread)) {
474     SleepForMillis(100);
475     u64 now = NanoTime();
476 
477     // Flush memory if requested.
478     if (flags()->flush_memory_ms > 0) {
479       if (last_flush + flags()->flush_memory_ms * kMs2Ns < now) {
480         VReport(1, "ThreadSanitizer: periodic memory flush\n");
481         FlushShadowMemory();
482         now = last_flush = NanoTime();
483       }
484     }
485     if (flags()->memory_limit_mb > 0) {
486       uptr rss = GetRSS();
487       uptr limit = uptr(flags()->memory_limit_mb) << 20;
488       VReport(1,
489               "ThreadSanitizer: memory flush check"
490               " RSS=%llu LAST=%llu LIMIT=%llu\n",
491               (u64)rss >> 20, (u64)last_rss >> 20, (u64)limit >> 20);
492       if (2 * rss > limit + last_rss) {
493         VReport(1, "ThreadSanitizer: flushing memory due to RSS\n");
494         FlushShadowMemory();
495         rss = GetRSS();
496         now = NanoTime();
497         VReport(1, "ThreadSanitizer: memory flushed RSS=%llu\n",
498                 (u64)rss >> 20);
499       }
500       last_rss = rss;
501     }
502 
503     MemoryProfiler(now - start);
504 
505     // Flush symbolizer cache if requested.
506     if (flags()->flush_symbolizer_ms > 0) {
507       u64 last = atomic_load(&ctx->last_symbolize_time_ns,
508                              memory_order_relaxed);
509       if (last != 0 && last + flags()->flush_symbolizer_ms * kMs2Ns < now) {
510         Lock l(&ctx->report_mtx);
511         ScopedErrorReportLock l2;
512         SymbolizeFlush();
513         atomic_store(&ctx->last_symbolize_time_ns, 0, memory_order_relaxed);
514       }
515     }
516   }
517   return nullptr;
518 }
519 
520 static void StartBackgroundThread() {
521   ctx->background_thread = internal_start_thread(&BackgroundThread, 0);
522 }
523 
524 #ifndef __mips__
525 static void StopBackgroundThread() {
526   atomic_store(&ctx->stop_background_thread, 1, memory_order_relaxed);
527   internal_join_thread(ctx->background_thread);
528   ctx->background_thread = 0;
529 }
530 #endif
531 #endif
532 
533 void DontNeedShadowFor(uptr addr, uptr size) {
534   ReleaseMemoryPagesToOS(reinterpret_cast<uptr>(MemToShadow(addr)),
535                          reinterpret_cast<uptr>(MemToShadow(addr + size)));
536 }
537 
538 #if !SANITIZER_GO
539 // We call UnmapShadow before the actual munmap, at that point we don't yet
540 // know if the provided address/size are sane. We can't call UnmapShadow
541 // after the actual munmap becuase at that point the memory range can
542 // already be reused for something else, so we can't rely on the munmap
543 // return value to understand is the values are sane.
544 // While calling munmap with insane values (non-canonical address, negative
545 // size, etc) is an error, the kernel won't crash. We must also try to not
546 // crash as the failure mode is very confusing (paging fault inside of the
547 // runtime on some derived shadow address).
548 static bool IsValidMmapRange(uptr addr, uptr size) {
549   if (size == 0)
550     return true;
551   if (static_cast<sptr>(size) < 0)
552     return false;
553   if (!IsAppMem(addr) || !IsAppMem(addr + size - 1))
554     return false;
555   // Check that if the start of the region belongs to one of app ranges,
556   // end of the region belongs to the same region.
557   const uptr ranges[][2] = {
558       {LoAppMemBeg(), LoAppMemEnd()},
559       {MidAppMemBeg(), MidAppMemEnd()},
560       {HiAppMemBeg(), HiAppMemEnd()},
561   };
562   for (auto range : ranges) {
563     if (addr >= range[0] && addr < range[1])
564       return addr + size <= range[1];
565   }
566   return false;
567 }
568 
569 void UnmapShadow(ThreadState *thr, uptr addr, uptr size) {
570   if (size == 0 || !IsValidMmapRange(addr, size))
571     return;
572   DontNeedShadowFor(addr, size);
573   ScopedGlobalProcessor sgp;
574   SlotLocker locker(thr, true);
575   ctx->metamap.ResetRange(thr->proc(), addr, size, true);
576 }
577 #endif
578 
579 void MapShadow(uptr addr, uptr size) {
580   // Ensure thead registry lock held, so as to synchronize
581   // with DoReset, which also access the mapped_shadow_* ctxt fields.
582   ThreadRegistryLock lock0(&ctx->thread_registry);
583   static bool data_mapped = false;
584 
585 #if !SANITIZER_GO
586   // Global data is not 64K aligned, but there are no adjacent mappings,
587   // so we can get away with unaligned mapping.
588   // CHECK_EQ(addr, addr & ~((64 << 10) - 1));  // windows wants 64K alignment
589   const uptr kPageSize = GetPageSizeCached();
590   uptr shadow_begin = RoundDownTo((uptr)MemToShadow(addr), kPageSize);
591   uptr shadow_end = RoundUpTo((uptr)MemToShadow(addr + size), kPageSize);
592   if (!MmapFixedNoReserve(shadow_begin, shadow_end - shadow_begin, "shadow"))
593     Die();
594 #else
595   uptr shadow_begin = RoundDownTo((uptr)MemToShadow(addr), (64 << 10));
596   uptr shadow_end = RoundUpTo((uptr)MemToShadow(addr + size), (64 << 10));
597   VPrintf(2, "MapShadow for (0x%zx-0x%zx), begin/end: (0x%zx-0x%zx)\n",
598           addr, addr + size, shadow_begin, shadow_end);
599 
600   if (!data_mapped) {
601     // First call maps data+bss.
602     if (!MmapFixedSuperNoReserve(shadow_begin, shadow_end - shadow_begin, "shadow"))
603       Die();
604   } else {
605     VPrintf(2, "ctx->mapped_shadow_{begin,end} = (0x%zx-0x%zx)\n",
606             ctx->mapped_shadow_begin, ctx->mapped_shadow_end);
607     // Second and subsequent calls map heap.
608     if (shadow_end <= ctx->mapped_shadow_end)
609       return;
610     if (!ctx->mapped_shadow_begin || ctx->mapped_shadow_begin > shadow_begin)
611        ctx->mapped_shadow_begin = shadow_begin;
612     if (shadow_begin < ctx->mapped_shadow_end)
613       shadow_begin = ctx->mapped_shadow_end;
614     VPrintf(2, "MapShadow begin/end = (0x%zx-0x%zx)\n",
615             shadow_begin, shadow_end);
616     if (!MmapFixedSuperNoReserve(shadow_begin, shadow_end - shadow_begin,
617                                  "shadow"))
618       Die();
619     ctx->mapped_shadow_end = shadow_end;
620   }
621 #endif
622 
623   // Meta shadow is 2:1, so tread carefully.
624   static uptr mapped_meta_end = 0;
625   uptr meta_begin = (uptr)MemToMeta(addr);
626   uptr meta_end = (uptr)MemToMeta(addr + size);
627   meta_begin = RoundDownTo(meta_begin, 64 << 10);
628   meta_end = RoundUpTo(meta_end, 64 << 10);
629   if (!data_mapped) {
630     // First call maps data+bss.
631     data_mapped = true;
632     if (!MmapFixedSuperNoReserve(meta_begin, meta_end - meta_begin,
633                                  "meta shadow"))
634       Die();
635   } else {
636     // Mapping continuous heap.
637     // Windows wants 64K alignment.
638     meta_begin = RoundDownTo(meta_begin, 64 << 10);
639     meta_end = RoundUpTo(meta_end, 64 << 10);
640     CHECK_GT(meta_end, mapped_meta_end);
641     if (meta_begin < mapped_meta_end)
642       meta_begin = mapped_meta_end;
643     if (!MmapFixedSuperNoReserve(meta_begin, meta_end - meta_begin,
644                                  "meta shadow"))
645       Die();
646     mapped_meta_end = meta_end;
647   }
648   VPrintf(2, "mapped meta shadow for (0x%zx-0x%zx) at (0x%zx-0x%zx)\n", addr,
649           addr + size, meta_begin, meta_end);
650 }
651 
652 #if !SANITIZER_GO
653 static void OnStackUnwind(const SignalContext &sig, const void *,
654                           BufferedStackTrace *stack) {
655   stack->Unwind(StackTrace::GetNextInstructionPc(sig.pc), sig.bp, sig.context,
656                 common_flags()->fast_unwind_on_fatal);
657 }
658 
659 static void TsanOnDeadlySignal(int signo, void *siginfo, void *context) {
660   HandleDeadlySignal(siginfo, context, GetTid(), &OnStackUnwind, nullptr);
661 }
662 #endif
663 
664 void CheckUnwind() {
665   // There is high probability that interceptors will check-fail as well,
666   // on the other hand there is no sense in processing interceptors
667   // since we are going to die soon.
668   ScopedIgnoreInterceptors ignore;
669 #if !SANITIZER_GO
670   ThreadState* thr = cur_thread();
671   thr->nomalloc = false;
672   thr->ignore_sync++;
673   thr->ignore_reads_and_writes++;
674   atomic_store_relaxed(&thr->in_signal_handler, 0);
675 #endif
676   PrintCurrentStackSlow(StackTrace::GetCurrentPc());
677 }
678 
679 bool is_initialized;
680 
681 void Initialize(ThreadState *thr) {
682   // Thread safe because done before all threads exist.
683   if (is_initialized)
684     return;
685   is_initialized = true;
686   // We are not ready to handle interceptors yet.
687   ScopedIgnoreInterceptors ignore;
688   SanitizerToolName = "ThreadSanitizer";
689   // Install tool-specific callbacks in sanitizer_common.
690   SetCheckUnwindCallback(CheckUnwind);
691 
692   ctx = new(ctx_placeholder) Context;
693   const char *env_name = SANITIZER_GO ? "GORACE" : "TSAN_OPTIONS";
694   const char *options = GetEnv(env_name);
695   CacheBinaryName();
696   CheckASLR();
697   InitializeFlags(&ctx->flags, options, env_name);
698   AvoidCVE_2016_2143();
699   __sanitizer::InitializePlatformEarly();
700   __tsan::InitializePlatformEarly();
701 
702 #if !SANITIZER_GO
703   InitializeAllocator();
704   ReplaceSystemMalloc();
705 #endif
706   if (common_flags()->detect_deadlocks)
707     ctx->dd = DDetector::Create(flags());
708   Processor *proc = ProcCreate();
709   ProcWire(proc, thr);
710   InitializeInterceptors();
711   InitializePlatform();
712   InitializeDynamicAnnotations();
713 #if !SANITIZER_GO
714   InitializeShadowMemory();
715   InitializeAllocatorLate();
716   InstallDeadlySignalHandlers(TsanOnDeadlySignal);
717 #endif
718   // Setup correct file descriptor for error reports.
719   __sanitizer_set_report_path(common_flags()->log_path);
720   InitializeSuppressions();
721 #if !SANITIZER_GO
722   InitializeLibIgnore();
723   Symbolizer::GetOrInit()->AddHooks(EnterSymbolizer, ExitSymbolizer);
724 #endif
725 
726   VPrintf(1, "***** Running under ThreadSanitizer v3 (pid %d) *****\n",
727           (int)internal_getpid());
728 
729   // Initialize thread 0.
730   Tid tid = ThreadCreate(nullptr, 0, 0, true);
731   CHECK_EQ(tid, kMainTid);
732   ThreadStart(thr, tid, GetTid(), ThreadType::Regular);
733 #if TSAN_CONTAINS_UBSAN
734   __ubsan::InitAsPlugin();
735 #endif
736 
737 #if !SANITIZER_GO
738   Symbolizer::LateInitialize();
739   if (InitializeMemoryProfiler() || flags()->force_background_thread)
740     MaybeSpawnBackgroundThread();
741 #endif
742   ctx->initialized = true;
743 
744   if (flags()->stop_on_start) {
745     Printf("ThreadSanitizer is suspended at startup (pid %d)."
746            " Call __tsan_resume().\n",
747            (int)internal_getpid());
748     while (__tsan_resumed == 0) {}
749   }
750 
751   OnInitialize();
752 }
753 
754 void MaybeSpawnBackgroundThread() {
755   // On MIPS, TSan initialization is run before
756   // __pthread_initialize_minimal_internal() is finished, so we can not spawn
757   // new threads.
758 #if !SANITIZER_GO && !defined(__mips__)
759   static atomic_uint32_t bg_thread = {};
760   if (atomic_load(&bg_thread, memory_order_relaxed) == 0 &&
761       atomic_exchange(&bg_thread, 1, memory_order_relaxed) == 0) {
762     StartBackgroundThread();
763     SetSandboxingCallback(StopBackgroundThread);
764   }
765 #endif
766 }
767 
768 int Finalize(ThreadState *thr) {
769   bool failed = false;
770 
771 #if !SANITIZER_GO
772   if (common_flags()->print_module_map == 1)
773     DumpProcessMap();
774 #endif
775 
776   if (flags()->atexit_sleep_ms > 0 && ThreadCount(thr) > 1)
777     internal_usleep(u64(flags()->atexit_sleep_ms) * 1000);
778 
779   {
780     // Wait for pending reports.
781     ScopedErrorReportLock lock;
782   }
783 
784 #if !SANITIZER_GO
785   if (Verbosity()) AllocatorPrintStats();
786 #endif
787 
788   ThreadFinalize(thr);
789 
790   if (ctx->nreported) {
791     failed = true;
792 #if !SANITIZER_GO
793     Printf("ThreadSanitizer: reported %d warnings\n", ctx->nreported);
794 #else
795     Printf("Found %d data race(s)\n", ctx->nreported);
796 #endif
797   }
798 
799   if (common_flags()->print_suppressions)
800     PrintMatchedSuppressions();
801 
802   failed = OnFinalize(failed);
803 
804   return failed ? common_flags()->exitcode : 0;
805 }
806 
807 #if !SANITIZER_GO
808 void ForkBefore(ThreadState* thr, uptr pc) SANITIZER_NO_THREAD_SAFETY_ANALYSIS {
809   GlobalProcessorLock();
810   // Detaching from the slot makes OnUserFree skip writing to the shadow.
811   // The slot will be locked so any attempts to use it will deadlock anyway.
812   SlotDetach(thr);
813   for (auto& slot : ctx->slots) slot.mtx.Lock();
814   ctx->thread_registry.Lock();
815   ctx->slot_mtx.Lock();
816   ScopedErrorReportLock::Lock();
817   AllocatorLockBeforeFork();
818   // Suppress all reports in the pthread_atfork callbacks.
819   // Reports will deadlock on the report_mtx.
820   // We could ignore sync operations as well,
821   // but so far it's unclear if it will do more good or harm.
822   // Unnecessarily ignoring things can lead to false positives later.
823   thr->suppress_reports++;
824   // On OS X, REAL(fork) can call intercepted functions (OSSpinLockLock), and
825   // we'll assert in CheckNoLocks() unless we ignore interceptors.
826   // On OS X libSystem_atfork_prepare/parent/child callbacks are called
827   // after/before our callbacks and they call free.
828   thr->ignore_interceptors++;
829   // Disables memory write in OnUserAlloc/Free.
830   thr->ignore_reads_and_writes++;
831 
832 #  if SANITIZER_APPLE
833   __tsan_test_only_on_fork();
834 #  endif
835 }
836 
837 static void ForkAfter(ThreadState* thr,
838                       bool child) SANITIZER_NO_THREAD_SAFETY_ANALYSIS {
839   thr->suppress_reports--;  // Enabled in ForkBefore.
840   thr->ignore_interceptors--;
841   thr->ignore_reads_and_writes--;
842   AllocatorUnlockAfterFork(child);
843   ScopedErrorReportLock::Unlock();
844   ctx->slot_mtx.Unlock();
845   ctx->thread_registry.Unlock();
846   for (auto& slot : ctx->slots) slot.mtx.Unlock();
847   SlotAttachAndLock(thr);
848   SlotUnlock(thr);
849   GlobalProcessorUnlock();
850 }
851 
852 void ForkParentAfter(ThreadState* thr, uptr pc) { ForkAfter(thr, false); }
853 
854 void ForkChildAfter(ThreadState* thr, uptr pc, bool start_thread) {
855   ForkAfter(thr, true);
856   u32 nthread = ctx->thread_registry.OnFork(thr->tid);
857   VPrintf(1,
858           "ThreadSanitizer: forked new process with pid %d,"
859           " parent had %d threads\n",
860           (int)internal_getpid(), (int)nthread);
861   if (nthread == 1) {
862     if (start_thread)
863       StartBackgroundThread();
864   } else {
865     // We've just forked a multi-threaded process. We cannot reasonably function
866     // after that (some mutexes may be locked before fork). So just enable
867     // ignores for everything in the hope that we will exec soon.
868     ctx->after_multithreaded_fork = true;
869     thr->ignore_interceptors++;
870     thr->suppress_reports++;
871     ThreadIgnoreBegin(thr, pc);
872     ThreadIgnoreSyncBegin(thr, pc);
873   }
874 }
875 #endif
876 
877 #if SANITIZER_GO
878 NOINLINE
879 void GrowShadowStack(ThreadState *thr) {
880   const int sz = thr->shadow_stack_end - thr->shadow_stack;
881   const int newsz = 2 * sz;
882   auto *newstack = (uptr *)Alloc(newsz * sizeof(uptr));
883   internal_memcpy(newstack, thr->shadow_stack, sz * sizeof(uptr));
884   Free(thr->shadow_stack);
885   thr->shadow_stack = newstack;
886   thr->shadow_stack_pos = newstack + sz;
887   thr->shadow_stack_end = newstack + newsz;
888 }
889 #endif
890 
891 StackID CurrentStackId(ThreadState *thr, uptr pc) {
892 #if !SANITIZER_GO
893   if (!thr->is_inited)  // May happen during bootstrap.
894     return kInvalidStackID;
895 #endif
896   if (pc != 0) {
897 #if !SANITIZER_GO
898     DCHECK_LT(thr->shadow_stack_pos, thr->shadow_stack_end);
899 #else
900     if (thr->shadow_stack_pos == thr->shadow_stack_end)
901       GrowShadowStack(thr);
902 #endif
903     thr->shadow_stack_pos[0] = pc;
904     thr->shadow_stack_pos++;
905   }
906   StackID id = StackDepotPut(
907       StackTrace(thr->shadow_stack, thr->shadow_stack_pos - thr->shadow_stack));
908   if (pc != 0)
909     thr->shadow_stack_pos--;
910   return id;
911 }
912 
913 static bool TraceSkipGap(ThreadState* thr) {
914   Trace *trace = &thr->tctx->trace;
915   Event *pos = reinterpret_cast<Event *>(atomic_load_relaxed(&thr->trace_pos));
916   DCHECK_EQ(reinterpret_cast<uptr>(pos + 1) & TracePart::kAlignment, 0);
917   auto *part = trace->parts.Back();
918   DPrintf("#%d: TraceSwitchPart enter trace=%p parts=%p-%p pos=%p\n", thr->tid,
919           trace, trace->parts.Front(), part, pos);
920   if (!part)
921     return false;
922   // We can get here when we still have space in the current trace part.
923   // The fast-path check in TraceAcquire has false positives in the middle of
924   // the part. Check if we are indeed at the end of the current part or not,
925   // and fill any gaps with NopEvent's.
926   Event* end = &part->events[TracePart::kSize];
927   DCHECK_GE(pos, &part->events[0]);
928   DCHECK_LE(pos, end);
929   if (pos + 1 < end) {
930     if ((reinterpret_cast<uptr>(pos) & TracePart::kAlignment) ==
931         TracePart::kAlignment)
932       *pos++ = NopEvent;
933     *pos++ = NopEvent;
934     DCHECK_LE(pos + 2, end);
935     atomic_store_relaxed(&thr->trace_pos, reinterpret_cast<uptr>(pos));
936     return true;
937   }
938   // We are indeed at the end.
939   for (; pos < end; pos++) *pos = NopEvent;
940   return false;
941 }
942 
943 NOINLINE
944 void TraceSwitchPart(ThreadState* thr) {
945   if (TraceSkipGap(thr))
946     return;
947 #if !SANITIZER_GO
948   if (ctx->after_multithreaded_fork) {
949     // We just need to survive till exec.
950     TracePart* part = thr->tctx->trace.parts.Back();
951     if (part) {
952       atomic_store_relaxed(&thr->trace_pos,
953                            reinterpret_cast<uptr>(&part->events[0]));
954       return;
955     }
956   }
957 #endif
958   TraceSwitchPartImpl(thr);
959 }
960 
961 void TraceSwitchPartImpl(ThreadState* thr) {
962   SlotLocker locker(thr, true);
963   Trace* trace = &thr->tctx->trace;
964   TracePart* part = TracePartAlloc(thr);
965   part->trace = trace;
966   thr->trace_prev_pc = 0;
967   TracePart* recycle = nullptr;
968   // Keep roughly half of parts local to the thread
969   // (not queued into the recycle queue).
970   uptr local_parts = (Trace::kMinParts + flags()->history_size + 1) / 2;
971   {
972     Lock lock(&trace->mtx);
973     if (trace->parts.Empty())
974       trace->local_head = part;
975     if (trace->parts.Size() >= local_parts) {
976       recycle = trace->local_head;
977       trace->local_head = trace->parts.Next(recycle);
978     }
979     trace->parts.PushBack(part);
980     atomic_store_relaxed(&thr->trace_pos,
981                          reinterpret_cast<uptr>(&part->events[0]));
982   }
983   // Make this part self-sufficient by restoring the current stack
984   // and mutex set in the beginning of the trace.
985   TraceTime(thr);
986   {
987     // Pathologically large stacks may not fit into the part.
988     // In these cases we log only fixed number of top frames.
989     const uptr kMaxFrames = 1000;
990     // Check that kMaxFrames won't consume the whole part.
991     static_assert(kMaxFrames < TracePart::kSize / 2, "kMaxFrames is too big");
992     uptr* pos = Max(&thr->shadow_stack[0], thr->shadow_stack_pos - kMaxFrames);
993     for (; pos < thr->shadow_stack_pos; pos++) {
994       if (TryTraceFunc(thr, *pos))
995         continue;
996       CHECK(TraceSkipGap(thr));
997       CHECK(TryTraceFunc(thr, *pos));
998     }
999   }
1000   for (uptr i = 0; i < thr->mset.Size(); i++) {
1001     MutexSet::Desc d = thr->mset.Get(i);
1002     for (uptr i = 0; i < d.count; i++)
1003       TraceMutexLock(thr, d.write ? EventType::kLock : EventType::kRLock, 0,
1004                      d.addr, d.stack_id);
1005   }
1006   // Callers of TraceSwitchPart expect that TraceAcquire will always succeed
1007   // after the call. It's possible that TryTraceFunc/TraceMutexLock above
1008   // filled the trace part exactly up to the TracePart::kAlignment gap
1009   // and the next TraceAcquire won't succeed. Skip the gap to avoid that.
1010   EventFunc *ev;
1011   if (!TraceAcquire(thr, &ev)) {
1012     CHECK(TraceSkipGap(thr));
1013     CHECK(TraceAcquire(thr, &ev));
1014   }
1015   {
1016     Lock lock(&ctx->slot_mtx);
1017     // There is a small chance that the slot may be not queued at this point.
1018     // This can happen if the slot has kEpochLast epoch and another thread
1019     // in FindSlotAndLock discovered that it's exhausted and removed it from
1020     // the slot queue. kEpochLast can happen in 2 cases: (1) if TraceSwitchPart
1021     // was called with the slot locked and epoch already at kEpochLast,
1022     // or (2) if we've acquired a new slot in SlotLock in the beginning
1023     // of the function and the slot was at kEpochLast - 1, so after increment
1024     // in SlotAttachAndLock it become kEpochLast.
1025     if (ctx->slot_queue.Queued(thr->slot)) {
1026       ctx->slot_queue.Remove(thr->slot);
1027       ctx->slot_queue.PushBack(thr->slot);
1028     }
1029     if (recycle)
1030       ctx->trace_part_recycle.PushBack(recycle);
1031   }
1032   DPrintf("#%d: TraceSwitchPart exit parts=%p-%p pos=0x%zx\n", thr->tid,
1033           trace->parts.Front(), trace->parts.Back(),
1034           atomic_load_relaxed(&thr->trace_pos));
1035 }
1036 
1037 void ThreadIgnoreBegin(ThreadState* thr, uptr pc) {
1038   DPrintf("#%d: ThreadIgnoreBegin\n", thr->tid);
1039   thr->ignore_reads_and_writes++;
1040   CHECK_GT(thr->ignore_reads_and_writes, 0);
1041   thr->fast_state.SetIgnoreBit();
1042 #if !SANITIZER_GO
1043   if (pc && !ctx->after_multithreaded_fork)
1044     thr->mop_ignore_set.Add(CurrentStackId(thr, pc));
1045 #endif
1046 }
1047 
1048 void ThreadIgnoreEnd(ThreadState *thr) {
1049   DPrintf("#%d: ThreadIgnoreEnd\n", thr->tid);
1050   CHECK_GT(thr->ignore_reads_and_writes, 0);
1051   thr->ignore_reads_and_writes--;
1052   if (thr->ignore_reads_and_writes == 0) {
1053     thr->fast_state.ClearIgnoreBit();
1054 #if !SANITIZER_GO
1055     thr->mop_ignore_set.Reset();
1056 #endif
1057   }
1058 }
1059 
1060 #if !SANITIZER_GO
1061 extern "C" SANITIZER_INTERFACE_ATTRIBUTE
1062 uptr __tsan_testonly_shadow_stack_current_size() {
1063   ThreadState *thr = cur_thread();
1064   return thr->shadow_stack_pos - thr->shadow_stack;
1065 }
1066 #endif
1067 
1068 void ThreadIgnoreSyncBegin(ThreadState *thr, uptr pc) {
1069   DPrintf("#%d: ThreadIgnoreSyncBegin\n", thr->tid);
1070   thr->ignore_sync++;
1071   CHECK_GT(thr->ignore_sync, 0);
1072 #if !SANITIZER_GO
1073   if (pc && !ctx->after_multithreaded_fork)
1074     thr->sync_ignore_set.Add(CurrentStackId(thr, pc));
1075 #endif
1076 }
1077 
1078 void ThreadIgnoreSyncEnd(ThreadState *thr) {
1079   DPrintf("#%d: ThreadIgnoreSyncEnd\n", thr->tid);
1080   CHECK_GT(thr->ignore_sync, 0);
1081   thr->ignore_sync--;
1082 #if !SANITIZER_GO
1083   if (thr->ignore_sync == 0)
1084     thr->sync_ignore_set.Reset();
1085 #endif
1086 }
1087 
1088 bool MD5Hash::operator==(const MD5Hash &other) const {
1089   return hash[0] == other.hash[0] && hash[1] == other.hash[1];
1090 }
1091 
1092 #if SANITIZER_DEBUG
1093 void build_consistency_debug() {}
1094 #else
1095 void build_consistency_release() {}
1096 #endif
1097 }  // namespace __tsan
1098 
1099 #if SANITIZER_CHECK_DEADLOCKS
1100 namespace __sanitizer {
1101 using namespace __tsan;
1102 MutexMeta mutex_meta[] = {
1103     {MutexInvalid, "Invalid", {}},
1104     {MutexThreadRegistry,
1105      "ThreadRegistry",
1106      {MutexTypeSlots, MutexTypeTrace, MutexTypeReport}},
1107     {MutexTypeReport, "Report", {MutexTypeTrace}},
1108     {MutexTypeSyncVar, "SyncVar", {MutexTypeReport, MutexTypeTrace}},
1109     {MutexTypeAnnotations, "Annotations", {}},
1110     {MutexTypeAtExit, "AtExit", {}},
1111     {MutexTypeFired, "Fired", {MutexLeaf}},
1112     {MutexTypeRacy, "Racy", {MutexLeaf}},
1113     {MutexTypeGlobalProc, "GlobalProc", {MutexTypeSlot, MutexTypeSlots}},
1114     {MutexTypeInternalAlloc, "InternalAlloc", {MutexLeaf}},
1115     {MutexTypeTrace, "Trace", {}},
1116     {MutexTypeSlot,
1117      "Slot",
1118      {MutexMulti, MutexTypeTrace, MutexTypeSyncVar, MutexThreadRegistry,
1119       MutexTypeSlots}},
1120     {MutexTypeSlots, "Slots", {MutexTypeTrace, MutexTypeReport}},
1121     {},
1122 };
1123 
1124 void PrintMutexPC(uptr pc) { StackTrace(&pc, 1).Print(); }
1125 
1126 }  // namespace __sanitizer
1127 #endif
1128