1d89ec533Spatrick #include "dfsan_thread.h"
2d89ec533Spatrick
3d89ec533Spatrick #include <pthread.h>
4d89ec533Spatrick
5d89ec533Spatrick #include "dfsan.h"
6d89ec533Spatrick #include "sanitizer_common/sanitizer_tls_get_addr.h"
7d89ec533Spatrick
8d89ec533Spatrick namespace __dfsan {
9d89ec533Spatrick
Create(thread_callback_t start_routine,void * arg,bool track_origins)10*810390e3Srobert DFsanThread *DFsanThread::Create(thread_callback_t start_routine, void *arg,
11d89ec533Spatrick bool track_origins) {
12d89ec533Spatrick uptr PageSize = GetPageSizeCached();
13d89ec533Spatrick uptr size = RoundUpTo(sizeof(DFsanThread), PageSize);
14d89ec533Spatrick DFsanThread *thread = (DFsanThread *)MmapOrDie(size, __func__);
15d89ec533Spatrick thread->start_routine_ = start_routine;
16d89ec533Spatrick thread->arg_ = arg;
17d89ec533Spatrick thread->track_origins_ = track_origins;
18d89ec533Spatrick thread->destructor_iterations_ = GetPthreadDestructorIterations();
19d89ec533Spatrick
20d89ec533Spatrick return thread;
21d89ec533Spatrick }
22d89ec533Spatrick
SetThreadStackAndTls()23d89ec533Spatrick void DFsanThread::SetThreadStackAndTls() {
24d89ec533Spatrick uptr tls_size = 0;
25d89ec533Spatrick uptr stack_size = 0;
26d89ec533Spatrick GetThreadStackAndTls(IsMainThread(), &stack_.bottom, &stack_size, &tls_begin_,
27d89ec533Spatrick &tls_size);
28d89ec533Spatrick stack_.top = stack_.bottom + stack_size;
29d89ec533Spatrick tls_end_ = tls_begin_ + tls_size;
30d89ec533Spatrick
31d89ec533Spatrick int local;
32d89ec533Spatrick CHECK(AddrIsInStack((uptr)&local));
33d89ec533Spatrick }
34d89ec533Spatrick
ClearShadowForThreadStackAndTLS()35d89ec533Spatrick void DFsanThread::ClearShadowForThreadStackAndTLS() {
36d89ec533Spatrick dfsan_set_label(0, (void *)stack_.bottom, stack_.top - stack_.bottom);
37d89ec533Spatrick if (tls_begin_ != tls_end_)
38d89ec533Spatrick dfsan_set_label(0, (void *)tls_begin_, tls_end_ - tls_begin_);
39d89ec533Spatrick DTLS *dtls = DTLS_Get();
40d89ec533Spatrick CHECK_NE(dtls, 0);
41d89ec533Spatrick ForEachDVT(dtls, [](const DTLS::DTV &dtv, int id) {
42d89ec533Spatrick dfsan_set_label(0, (void *)(dtv.beg), dtv.size);
43d89ec533Spatrick });
44d89ec533Spatrick }
45d89ec533Spatrick
Init()46d89ec533Spatrick void DFsanThread::Init() {
47d89ec533Spatrick SetThreadStackAndTls();
48d89ec533Spatrick ClearShadowForThreadStackAndTLS();
49d89ec533Spatrick }
50d89ec533Spatrick
TSDDtor(void * tsd)51d89ec533Spatrick void DFsanThread::TSDDtor(void *tsd) {
52d89ec533Spatrick DFsanThread *t = (DFsanThread *)tsd;
53d89ec533Spatrick t->Destroy();
54d89ec533Spatrick }
55d89ec533Spatrick
Destroy()56d89ec533Spatrick void DFsanThread::Destroy() {
57d89ec533Spatrick malloc_storage().CommitBack();
58d89ec533Spatrick // We also clear the shadow on thread destruction because
59d89ec533Spatrick // some code may still be executing in later TSD destructors
60d89ec533Spatrick // and we don't want it to have any poisoned stack.
61d89ec533Spatrick ClearShadowForThreadStackAndTLS();
62d89ec533Spatrick uptr size = RoundUpTo(sizeof(DFsanThread), GetPageSizeCached());
63d89ec533Spatrick UnmapOrDie(this, size);
64d89ec533Spatrick DTLS_Destroy();
65d89ec533Spatrick }
66d89ec533Spatrick
ThreadStart()67d89ec533Spatrick thread_return_t DFsanThread::ThreadStart() {
68d89ec533Spatrick if (!start_routine_) {
69d89ec533Spatrick // start_routine_ == 0 if we're on the main thread or on one of the
70d89ec533Spatrick // OS X libdispatch worker threads. But nobody is supposed to call
71d89ec533Spatrick // ThreadStart() for the worker threads.
72d89ec533Spatrick return 0;
73d89ec533Spatrick }
74d89ec533Spatrick
75*810390e3Srobert // The only argument is void* arg.
76*810390e3Srobert //
77*810390e3Srobert // We have never supported propagating the pointer arg as tainted,
78*810390e3Srobert // __dfsw_pthread_create/__dfso_pthread_create ignore the taint label.
79*810390e3Srobert // Note that the bytes pointed-to (probably the much more common case)
80*810390e3Srobert // can still have taint labels attached to them.
81*810390e3Srobert dfsan_clear_thread_local_state();
82d89ec533Spatrick
83*810390e3Srobert return start_routine_(arg_);
84d89ec533Spatrick }
85d89ec533Spatrick
GetStackBounds() const86d89ec533Spatrick DFsanThread::StackBounds DFsanThread::GetStackBounds() const {
87d89ec533Spatrick return {stack_.bottom, stack_.top};
88d89ec533Spatrick }
89d89ec533Spatrick
stack_top()90d89ec533Spatrick uptr DFsanThread::stack_top() { return GetStackBounds().top; }
91d89ec533Spatrick
stack_bottom()92d89ec533Spatrick uptr DFsanThread::stack_bottom() { return GetStackBounds().bottom; }
93d89ec533Spatrick
AddrIsInStack(uptr addr)94d89ec533Spatrick bool DFsanThread::AddrIsInStack(uptr addr) {
95d89ec533Spatrick const auto bounds = GetStackBounds();
96d89ec533Spatrick return addr >= bounds.bottom && addr < bounds.top;
97d89ec533Spatrick }
98d89ec533Spatrick
99d89ec533Spatrick static pthread_key_t tsd_key;
100d89ec533Spatrick static bool tsd_key_inited = false;
101d89ec533Spatrick
DFsanTSDInit(void (* destructor)(void * tsd))102d89ec533Spatrick void DFsanTSDInit(void (*destructor)(void *tsd)) {
103d89ec533Spatrick CHECK(!tsd_key_inited);
104d89ec533Spatrick tsd_key_inited = true;
105d89ec533Spatrick CHECK_EQ(0, pthread_key_create(&tsd_key, destructor));
106d89ec533Spatrick }
107d89ec533Spatrick
108d89ec533Spatrick static THREADLOCAL DFsanThread *dfsan_current_thread;
109d89ec533Spatrick
GetCurrentThread()110d89ec533Spatrick DFsanThread *GetCurrentThread() { return dfsan_current_thread; }
111d89ec533Spatrick
SetCurrentThread(DFsanThread * t)112d89ec533Spatrick void SetCurrentThread(DFsanThread *t) {
113d89ec533Spatrick // Make sure we do not reset the current DFsanThread.
114d89ec533Spatrick CHECK_EQ(0, dfsan_current_thread);
115d89ec533Spatrick dfsan_current_thread = t;
116d89ec533Spatrick // Make sure that DFsanTSDDtor gets called at the end.
117d89ec533Spatrick CHECK(tsd_key_inited);
118d89ec533Spatrick pthread_setspecific(tsd_key, t);
119d89ec533Spatrick }
120d89ec533Spatrick
DFsanTSDDtor(void * tsd)121d89ec533Spatrick void DFsanTSDDtor(void *tsd) {
122d89ec533Spatrick DFsanThread *t = (DFsanThread *)tsd;
123d89ec533Spatrick if (t->destructor_iterations_ > 1) {
124d89ec533Spatrick t->destructor_iterations_--;
125d89ec533Spatrick CHECK_EQ(0, pthread_setspecific(tsd_key, tsd));
126d89ec533Spatrick return;
127d89ec533Spatrick }
128d89ec533Spatrick dfsan_current_thread = nullptr;
129d89ec533Spatrick // Make sure that signal handler can not see a stale current thread pointer.
130d89ec533Spatrick atomic_signal_fence(memory_order_seq_cst);
131d89ec533Spatrick DFsanThread::TSDDtor(tsd);
132d89ec533Spatrick }
133d89ec533Spatrick
134d89ec533Spatrick } // namespace __dfsan
135