[rtsan] Add pipe, mkfifo interceptors #116915
Merged
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
|
@llvm/pr-subscribers-compiler-rt-sanitizer Author: Chris Apple (cjappl) ChangesWhy we think this are unsafeAgain, these correspond directly to system calls on linux and OSX. They are two ways to do interprocess communication so it would make sense that they take some synchronization by the OS. Full diff: https://github.com/llvm/llvm-project/pull/116915.diff 2 Files Affected:
diff --git a/compiler-rt/lib/rtsan/rtsan_interceptors_posix.cpp b/compiler-rt/lib/rtsan/rtsan_interceptors_posix.cpp
index d18ebb57fc2f75..5ef52d72fceb31 100644
--- a/compiler-rt/lib/rtsan/rtsan_interceptors_posix.cpp
+++ b/compiler-rt/lib/rtsan/rtsan_interceptors_posix.cpp
@@ -736,6 +736,26 @@ INTERCEPTOR(int, kevent64, int kq, const struct kevent64_s *changelist,
#define RTSAN_MAYBE_INTERCEPT_KEVENT64
#endif // SANITIZER_INTERCEPT_KQUEUE
+INTERCEPTOR(int, pipe, int pipefd[2]) {
+ __rtsan_notify_intercepted_call("pipe");
+ return REAL(pipe)(pipefd);
+}
+
+INTERCEPTOR(int, mkfifo, const char *pathname, mode_t mode) {
+ __rtsan_notify_intercepted_call("mkfifo");
+ return REAL(mkfifo)(pathname, mode);
+}
+
+// see comment above about -Wunguarded-availability-new
+// and why we disable it here
+#pragma clang diagnostic push
+#pragma clang diagnostic ignored "-Wunguarded-availability-new"
+INTERCEPTOR(int, mkfifoat, int dirfd, const char *pathname, mode_t mode) {
+ __rtsan_notify_intercepted_call("mkfifoat");
+ return REAL(mkfifoat)(dirfd, pathname, mode);
+}
+#pragma clang diagnostic pop
+
// Preinit
void __rtsan::InitializeInterceptors() {
INTERCEPT_FUNCTION(calloc);
@@ -836,6 +856,10 @@ void __rtsan::InitializeInterceptors() {
RTSAN_MAYBE_INTERCEPT_KQUEUE;
RTSAN_MAYBE_INTERCEPT_KEVENT;
RTSAN_MAYBE_INTERCEPT_KEVENT64;
+
+ INTERCEPT_FUNCTION(pipe);
+ INTERCEPT_FUNCTION(mkfifo);
+ INTERCEPT_FUNCTION(mkfifoat);
}
#endif // SANITIZER_POSIX
diff --git a/compiler-rt/lib/rtsan/tests/rtsan_test_interceptors_posix.cpp b/compiler-rt/lib/rtsan/tests/rtsan_test_interceptors_posix.cpp
index ab02b44187d89e..72f6d819b216c0 100644
--- a/compiler-rt/lib/rtsan/tests/rtsan_test_interceptors_posix.cpp
+++ b/compiler-rt/lib/rtsan/tests/rtsan_test_interceptors_posix.cpp
@@ -965,4 +965,32 @@ TEST_F(KqueueTest, Kevent64DiesWhenRealtime) {
}
#endif // SANITIZER_INTERCEPT_KQUEUE
+TEST(TestRtsanInterceptors, MkfifoDiesWhenRealtime) {
+ auto Func = []() { mkfifo("/tmp/rtsan_test_fifo", 0); };
+ ExpectRealtimeDeath(Func, "mkfifo");
+ ExpectNonRealtimeSurvival(Func);
+}
+
+#if __has_builtin(__builtin_available) && SANITIZER_APPLE
+#define MKFIFOAT_AVAILABLE() (__builtin_available(macOS 10.13, *))
+#else
+// We are going to assume this is true until we hit systems where it isn't
+#define MKFIFOAT_AVAILABLE() (true)
+#endif
+
+TEST(TestRtsanInterceptors, MkfifoatDiesWhenRealtime) {
+ if (MKFIFOAT_AVAILABLE()) {
+ auto Func = []() { mkfifoat(0, "/tmp/rtsan_test_fifo", 0); };
+ ExpectRealtimeDeath(Func, "mkfifoat");
+ ExpectNonRealtimeSurvival(Func);
+ }
+}
+
+TEST(TestRtsanInterceptors, PipeDiesWhenRealtime) {
+ int fds[2];
+ auto Func = [&fds]() { pipe(fds); };
+ ExpectRealtimeDeath(Func, "pipe");
+ ExpectNonRealtimeSurvival(Func);
+}
+
#endif // SANITIZER_POSIX
|
davidtrevelyan
approved these changes
Nov 20, 2024
|
For anyone discovering this when their darwin builds behaved badly I am going to revert mkfifoat in just a second, I thought it was introduced in 10.13, but instead it was introduced in 13. I expect this to cause build failures, so I'm reverting it. That PR is here, being submitted when my local builds pass: |
cjappl
added a commit
that referenced
this pull request
Nov 20, 2024
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Why we think this are unsafe
Again, these correspond directly to system calls on linux and OSX. They are two ways to do interprocess communication so it would make sense that they take some synchronization by the OS.