tsan_rtl.h revision 21cc85db95b8fa85a9ff7a403c8a24e345d73baf
1//===-- tsan_rtl.h ----------------------------------------------*- C++ -*-===// 2// 3// The LLVM Compiler Infrastructure 4// 5// This file is distributed under the University of Illinois Open Source 6// License. See LICENSE.TXT for details. 7// 8//===----------------------------------------------------------------------===// 9// 10// This file is a part of ThreadSanitizer (TSan), a race detector. 11// 12// Main internal TSan header file. 13// 14// Ground rules: 15// - C++ run-time should not be used (static CTORs, RTTI, exceptions, static 16// function-scope locals) 17// - All functions/classes/etc reside in namespace __tsan, except for those 18// declared in tsan_interface.h. 19// - Platform-specific files should be used instead of ifdefs (*). 20// - No system headers included in header files (*). 21// - Platform specific headres included only into platform-specific files (*). 22// 23// (*) Except when inlining is critical for performance. 24//===----------------------------------------------------------------------===// 25 26#ifndef TSAN_RTL_H 27#define TSAN_RTL_H 28 29#include "sanitizer_common/sanitizer_common.h" 30#include "sanitizer_common/sanitizer_allocator.h" 31#include "tsan_clock.h" 32#include "tsan_defs.h" 33#include "tsan_flags.h" 34#include "tsan_sync.h" 35#include "tsan_trace.h" 36#include "tsan_vector.h" 37#include "tsan_report.h" 38#include "tsan_platform.h" 39#include "tsan_mutexset.h" 40 41#if SANITIZER_WORDSIZE != 64 42# error "ThreadSanitizer is supported only on 64-bit platforms" 43#endif 44 45namespace __tsan { 46 47// Descriptor of user's memory block. 48struct MBlock { 49 Mutex mtx; 50 uptr size; 51 u32 alloc_tid; 52 u32 alloc_stack_id; 53 SyncVar *head; 54 55 MBlock() 56 : mtx(MutexTypeMBlock, StatMtxMBlock) { 57 } 58}; 59 60#ifndef TSAN_GO 61#if defined(TSAN_COMPAT_SHADOW) && TSAN_COMPAT_SHADOW 62const uptr kAllocatorSpace = 0x7d0000000000ULL; 63#else 64const uptr kAllocatorSpace = 0x7d0000000000ULL; 65#endif 66const uptr kAllocatorSize = 0x10000000000ULL; // 1T. 67 68typedef SizeClassAllocator64<kAllocatorSpace, kAllocatorSize, sizeof(MBlock), 69 DefaultSizeClassMap> PrimaryAllocator; 70typedef SizeClassAllocatorLocalCache<PrimaryAllocator> AllocatorCache; 71typedef LargeMmapAllocator<> SecondaryAllocator; 72typedef CombinedAllocator<PrimaryAllocator, AllocatorCache, 73 SecondaryAllocator> Allocator; 74Allocator *allocator(); 75#endif 76 77void TsanCheckFailed(const char *file, int line, const char *cond, 78 u64 v1, u64 v2); 79 80// FastState (from most significant bit): 81// ignore : 1 82// tid : kTidBits 83// epoch : kClkBits 84// unused : - 85// history_size : 3 86class FastState { 87 public: 88 FastState(u64 tid, u64 epoch) { 89 x_ = tid << kTidShift; 90 x_ |= epoch << kClkShift; 91 DCHECK_EQ(tid, this->tid()); 92 DCHECK_EQ(epoch, this->epoch()); 93 DCHECK_EQ(GetIgnoreBit(), false); 94 } 95 96 explicit FastState(u64 x) 97 : x_(x) { 98 } 99 100 u64 raw() const { 101 return x_; 102 } 103 104 u64 tid() const { 105 u64 res = (x_ & ~kIgnoreBit) >> kTidShift; 106 return res; 107 } 108 109 u64 TidWithIgnore() const { 110 u64 res = x_ >> kTidShift; 111 return res; 112 } 113 114 u64 epoch() const { 115 u64 res = (x_ << (kTidBits + 1)) >> (64 - kClkBits); 116 return res; 117 } 118 119 void IncrementEpoch() { 120 u64 old_epoch = epoch(); 121 x_ += 1 << kClkShift; 122 DCHECK_EQ(old_epoch + 1, epoch()); 123 (void)old_epoch; 124 } 125 126 void SetIgnoreBit() { x_ |= kIgnoreBit; } 127 void ClearIgnoreBit() { x_ &= ~kIgnoreBit; } 128 bool GetIgnoreBit() const { return (s64)x_ < 0; } 129 130 void SetHistorySize(int hs) { 131 CHECK_GE(hs, 0); 132 CHECK_LE(hs, 7); 133 x_ = (x_ & ~7) | hs; 134 } 135 136 int GetHistorySize() const { 137 return (int)(x_ & 7); 138 } 139 140 void ClearHistorySize() { 141 x_ &= ~7; 142 } 143 144 u64 GetTracePos() const { 145 const int hs = GetHistorySize(); 146 // When hs == 0, the trace consists of 2 parts. 147 const u64 mask = (1ull << (kTracePartSizeBits + hs + 1)) - 1; 148 return epoch() & mask; 149 } 150 151 private: 152 friend class Shadow; 153 static const int kTidShift = 64 - kTidBits - 1; 154 static const int kClkShift = kTidShift - kClkBits; 155 static const u64 kIgnoreBit = 1ull << 63; 156 static const u64 kFreedBit = 1ull << 63; 157 u64 x_; 158}; 159 160// Shadow (from most significant bit): 161// freed : 1 162// tid : kTidBits 163// epoch : kClkBits 164// is_write : 1 165// size_log : 2 166// addr0 : 3 167class Shadow : public FastState { 168 public: 169 explicit Shadow(u64 x) 170 : FastState(x) { 171 } 172 173 explicit Shadow(const FastState &s) 174 : FastState(s.x_) { 175 ClearHistorySize(); 176 } 177 178 void SetAddr0AndSizeLog(u64 addr0, unsigned kAccessSizeLog) { 179 DCHECK_EQ(x_ & 31, 0); 180 DCHECK_LE(addr0, 7); 181 DCHECK_LE(kAccessSizeLog, 3); 182 x_ |= (kAccessSizeLog << 3) | addr0; 183 DCHECK_EQ(kAccessSizeLog, size_log()); 184 DCHECK_EQ(addr0, this->addr0()); 185 } 186 187 void SetWrite(unsigned kAccessIsWrite) { 188 DCHECK_EQ(x_ & 32, 0); 189 if (kAccessIsWrite) 190 x_ |= 32; 191 DCHECK_EQ(kAccessIsWrite, is_write()); 192 } 193 194 bool IsZero() const { return x_ == 0; } 195 196 static inline bool TidsAreEqual(const Shadow s1, const Shadow s2) { 197 u64 shifted_xor = (s1.x_ ^ s2.x_) >> kTidShift; 198 DCHECK_EQ(shifted_xor == 0, s1.TidWithIgnore() == s2.TidWithIgnore()); 199 return shifted_xor == 0; 200 } 201 202 static inline bool Addr0AndSizeAreEqual(const Shadow s1, const Shadow s2) { 203 u64 masked_xor = (s1.x_ ^ s2.x_) & 31; 204 return masked_xor == 0; 205 } 206 207 static inline bool TwoRangesIntersect(Shadow s1, Shadow s2, 208 unsigned kS2AccessSize) { 209 bool res = false; 210 u64 diff = s1.addr0() - s2.addr0(); 211 if ((s64)diff < 0) { // s1.addr0 < s2.addr0 // NOLINT 212 // if (s1.addr0() + size1) > s2.addr0()) return true; 213 if (s1.size() > -diff) res = true; 214 } else { 215 // if (s2.addr0() + kS2AccessSize > s1.addr0()) return true; 216 if (kS2AccessSize > diff) res = true; 217 } 218 DCHECK_EQ(res, TwoRangesIntersectSLOW(s1, s2)); 219 DCHECK_EQ(res, TwoRangesIntersectSLOW(s2, s1)); 220 return res; 221 } 222 223 // The idea behind the offset is as follows. 224 // Consider that we have 8 bool's contained within a single 8-byte block 225 // (mapped to a single shadow "cell"). Now consider that we write to the bools 226 // from a single thread (which we consider the common case). 227 // W/o offsetting each access will have to scan 4 shadow values at average 228 // to find the corresponding shadow value for the bool. 229 // With offsetting we start scanning shadow with the offset so that 230 // each access hits necessary shadow straight off (at least in an expected 231 // optimistic case). 232 // This logic works seamlessly for any layout of user data. For example, 233 // if user data is {int, short, char, char}, then accesses to the int are 234 // offsetted to 0, short - 4, 1st char - 6, 2nd char - 7. Hopefully, accesses 235 // from a single thread won't need to scan all 8 shadow values. 236 unsigned ComputeSearchOffset() { 237 return x_ & 7; 238 } 239 u64 addr0() const { return x_ & 7; } 240 u64 size() const { return 1ull << size_log(); } 241 bool is_write() const { return x_ & 32; } 242 243 // The idea behind the freed bit is as follows. 244 // When the memory is freed (or otherwise unaccessible) we write to the shadow 245 // values with tid/epoch related to the free and the freed bit set. 246 // During memory accesses processing the freed bit is considered 247 // as msb of tid. So any access races with shadow with freed bit set 248 // (it is as if write from a thread with which we never synchronized before). 249 // This allows us to detect accesses to freed memory w/o additional 250 // overheads in memory access processing and at the same time restore 251 // tid/epoch of free. 252 void MarkAsFreed() { 253 x_ |= kFreedBit; 254 } 255 256 bool GetFreedAndReset() { 257 bool res = x_ & kFreedBit; 258 x_ &= ~kFreedBit; 259 return res; 260 } 261 262 private: 263 u64 size_log() const { return (x_ >> 3) & 3; } 264 265 static bool TwoRangesIntersectSLOW(const Shadow s1, const Shadow s2) { 266 if (s1.addr0() == s2.addr0()) return true; 267 if (s1.addr0() < s2.addr0() && s1.addr0() + s1.size() > s2.addr0()) 268 return true; 269 if (s2.addr0() < s1.addr0() && s2.addr0() + s2.size() > s1.addr0()) 270 return true; 271 return false; 272 } 273}; 274 275struct SignalContext; 276 277// This struct is stored in TLS. 278struct ThreadState { 279 FastState fast_state; 280 // Synch epoch represents the threads's epoch before the last synchronization 281 // action. It allows to reduce number of shadow state updates. 282 // For example, fast_synch_epoch=100, last write to addr X was at epoch=150, 283 // if we are processing write to X from the same thread at epoch=200, 284 // we do nothing, because both writes happen in the same 'synch epoch'. 285 // That is, if another memory access does not race with the former write, 286 // it does not race with the latter as well. 287 // QUESTION: can we can squeeze this into ThreadState::Fast? 288 // E.g. ThreadState::Fast is a 44-bit, 32 are taken by synch_epoch and 12 are 289 // taken by epoch between synchs. 290 // This way we can save one load from tls. 291 u64 fast_synch_epoch; 292 // This is a slow path flag. On fast path, fast_state.GetIgnoreBit() is read. 293 // We do not distinguish beteween ignoring reads and writes 294 // for better performance. 295 int ignore_reads_and_writes; 296 uptr *shadow_stack_pos; 297 u64 *racy_shadow_addr; 298 u64 racy_state[2]; 299 Trace trace; 300#ifndef TSAN_GO 301 // C/C++ uses embed shadow stack of fixed size. 302 uptr shadow_stack[kShadowStackSize]; 303#else 304 // Go uses satellite shadow stack with dynamic size. 305 uptr *shadow_stack; 306 uptr *shadow_stack_end; 307#endif 308 MutexSet mset; 309 ThreadClock clock; 310#ifndef TSAN_GO 311 AllocatorCache alloc_cache; 312#endif 313 u64 stat[StatCnt]; 314 const int tid; 315 const int unique_id; 316 int in_rtl; 317 bool is_alive; 318 const uptr stk_addr; 319 const uptr stk_size; 320 const uptr tls_addr; 321 const uptr tls_size; 322 323 DeadlockDetector deadlock_detector; 324 325 bool in_signal_handler; 326 SignalContext *signal_ctx; 327 328#ifndef TSAN_GO 329 u32 last_sleep_stack_id; 330 ThreadClock last_sleep_clock; 331#endif 332 333 // Set in regions of runtime that must be signal-safe and fork-safe. 334 // If set, malloc must not be called. 335 int nomalloc; 336 337 explicit ThreadState(Context *ctx, int tid, int unique_id, u64 epoch, 338 uptr stk_addr, uptr stk_size, 339 uptr tls_addr, uptr tls_size); 340}; 341 342Context *CTX(); 343 344#ifndef TSAN_GO 345extern THREADLOCAL char cur_thread_placeholder[]; 346INLINE ThreadState *cur_thread() { 347 return reinterpret_cast<ThreadState *>(&cur_thread_placeholder); 348} 349#endif 350 351enum ThreadStatus { 352 ThreadStatusInvalid, // Non-existent thread, data is invalid. 353 ThreadStatusCreated, // Created but not yet running. 354 ThreadStatusRunning, // The thread is currently running. 355 ThreadStatusFinished, // Joinable thread is finished but not yet joined. 356 ThreadStatusDead // Joined, but some info (trace) is still alive. 357}; 358 359// An info about a thread that is hold for some time after its termination. 360struct ThreadDeadInfo { 361 Trace trace; 362}; 363 364struct ThreadContext { 365 const int tid; 366 int unique_id; // Non-rolling thread id. 367 uptr os_id; // pid 368 uptr user_id; // Some opaque user thread id (e.g. pthread_t). 369 ThreadState *thr; 370 ThreadStatus status; 371 bool detached; 372 int reuse_count; 373 SyncClock sync; 374 // Epoch at which the thread had started. 375 // If we see an event from the thread stamped by an older epoch, 376 // the event is from a dead thread that shared tid with this thread. 377 u64 epoch0; 378 u64 epoch1; 379 StackTrace creation_stack; 380 int creation_tid; 381 ThreadDeadInfo *dead_info; 382 ThreadContext *dead_next; // In dead thread list. 383 char *name; // As annotated by user. 384 385 explicit ThreadContext(int tid); 386}; 387 388struct RacyStacks { 389 MD5Hash hash[2]; 390 bool operator==(const RacyStacks &other) const { 391 if (hash[0] == other.hash[0] && hash[1] == other.hash[1]) 392 return true; 393 if (hash[0] == other.hash[1] && hash[1] == other.hash[0]) 394 return true; 395 return false; 396 } 397}; 398 399struct RacyAddress { 400 uptr addr_min; 401 uptr addr_max; 402}; 403 404struct FiredSuppression { 405 ReportType type; 406 uptr pc; 407}; 408 409struct Context { 410 Context(); 411 412 bool initialized; 413 414 SyncTab synctab; 415 416 Mutex report_mtx; 417 int nreported; 418 int nmissed_expected; 419 420 Mutex thread_mtx; 421 unsigned thread_seq; 422 unsigned unique_thread_seq; 423 int alive_threads; 424 int max_alive_threads; 425 ThreadContext *threads[kMaxTid]; 426 int dead_list_size; 427 ThreadContext* dead_list_head; 428 ThreadContext* dead_list_tail; 429 430 Vector<RacyStacks> racy_stacks; 431 Vector<RacyAddress> racy_addresses; 432 Vector<FiredSuppression> fired_suppressions; 433 434 Flags flags; 435 436 u64 stat[StatCnt]; 437 u64 int_alloc_cnt[MBlockTypeCount]; 438 u64 int_alloc_siz[MBlockTypeCount]; 439}; 440 441class ScopedInRtl { 442 public: 443 ScopedInRtl(); 444 ~ScopedInRtl(); 445 private: 446 ThreadState*thr_; 447 int in_rtl_; 448 int errno_; 449}; 450 451class ScopedReport { 452 public: 453 explicit ScopedReport(ReportType typ); 454 ~ScopedReport(); 455 456 void AddStack(const StackTrace *stack); 457 void AddMemoryAccess(uptr addr, Shadow s, const StackTrace *stack, 458 const MutexSet *mset); 459 void AddThread(const ThreadContext *tctx); 460 void AddMutex(const SyncVar *s); 461 void AddLocation(uptr addr, uptr size); 462 void AddSleep(u32 stack_id); 463 464 const ReportDesc *GetReport() const; 465 466 private: 467 Context *ctx_; 468 ReportDesc *rep_; 469 470 void AddMutex(u64 id); 471 472 ScopedReport(const ScopedReport&); 473 void operator = (const ScopedReport&); 474}; 475 476void RestoreStack(int tid, const u64 epoch, StackTrace *stk, MutexSet *mset); 477 478void StatAggregate(u64 *dst, u64 *src); 479void StatOutput(u64 *stat); 480void ALWAYS_INLINE INLINE StatInc(ThreadState *thr, StatType typ, u64 n = 1) { 481 if (kCollectStats) 482 thr->stat[typ] += n; 483} 484 485void MapShadow(uptr addr, uptr size); 486void MapThreadTrace(uptr addr, uptr size); 487void InitializeShadowMemory(); 488void InitializeInterceptors(); 489void InitializeDynamicAnnotations(); 490 491void ReportRace(ThreadState *thr); 492bool OutputReport(Context *ctx, 493 const ScopedReport &srep, 494 const ReportStack *suppress_stack = 0); 495bool IsFiredSuppression(Context *ctx, 496 const ScopedReport &srep, 497 const StackTrace &trace); 498bool IsExpectedReport(uptr addr, uptr size); 499 500#if defined(TSAN_DEBUG_OUTPUT) && TSAN_DEBUG_OUTPUT >= 1 501# define DPrintf Printf 502#else 503# define DPrintf(...) 504#endif 505 506#if defined(TSAN_DEBUG_OUTPUT) && TSAN_DEBUG_OUTPUT >= 2 507# define DPrintf2 Printf 508#else 509# define DPrintf2(...) 510#endif 511 512u32 CurrentStackId(ThreadState *thr, uptr pc); 513void PrintCurrentStack(ThreadState *thr, uptr pc); 514 515void Initialize(ThreadState *thr); 516int Finalize(ThreadState *thr); 517 518SyncVar* GetJavaSync(ThreadState *thr, uptr pc, uptr addr, 519 bool write_lock, bool create); 520SyncVar* GetAndRemoveJavaSync(ThreadState *thr, uptr pc, uptr addr); 521 522void MemoryAccess(ThreadState *thr, uptr pc, uptr addr, 523 int kAccessSizeLog, bool kAccessIsWrite); 524void MemoryAccessImpl(ThreadState *thr, uptr addr, 525 int kAccessSizeLog, bool kAccessIsWrite, 526 u64 *shadow_mem, Shadow cur); 527void MemoryRead1Byte(ThreadState *thr, uptr pc, uptr addr); 528void MemoryWrite1Byte(ThreadState *thr, uptr pc, uptr addr); 529void MemoryRead8Byte(ThreadState *thr, uptr pc, uptr addr); 530void MemoryWrite8Byte(ThreadState *thr, uptr pc, uptr addr); 531void MemoryAccessRange(ThreadState *thr, uptr pc, uptr addr, 532 uptr size, bool is_write); 533void MemoryResetRange(ThreadState *thr, uptr pc, uptr addr, uptr size); 534void MemoryRangeFreed(ThreadState *thr, uptr pc, uptr addr, uptr size); 535void MemoryRangeImitateWrite(ThreadState *thr, uptr pc, uptr addr, uptr size); 536void IgnoreCtl(ThreadState *thr, bool write, bool begin); 537 538void FuncEntry(ThreadState *thr, uptr pc); 539void FuncExit(ThreadState *thr); 540 541int ThreadCreate(ThreadState *thr, uptr pc, uptr uid, bool detached); 542void ThreadStart(ThreadState *thr, int tid, uptr os_id); 543void ThreadFinish(ThreadState *thr); 544int ThreadTid(ThreadState *thr, uptr pc, uptr uid); 545void ThreadJoin(ThreadState *thr, uptr pc, int tid); 546void ThreadDetach(ThreadState *thr, uptr pc, int tid); 547void ThreadFinalize(ThreadState *thr); 548void ThreadSetName(ThreadState *thr, const char *name); 549int ThreadCount(ThreadState *thr); 550void ProcessPendingSignals(ThreadState *thr); 551 552void MutexCreate(ThreadState *thr, uptr pc, uptr addr, 553 bool rw, bool recursive, bool linker_init); 554void MutexDestroy(ThreadState *thr, uptr pc, uptr addr); 555void MutexLock(ThreadState *thr, uptr pc, uptr addr); 556void MutexUnlock(ThreadState *thr, uptr pc, uptr addr); 557void MutexReadLock(ThreadState *thr, uptr pc, uptr addr); 558void MutexReadUnlock(ThreadState *thr, uptr pc, uptr addr); 559void MutexReadOrWriteUnlock(ThreadState *thr, uptr pc, uptr addr); 560 561void Acquire(ThreadState *thr, uptr pc, uptr addr); 562void AcquireGlobal(ThreadState *thr, uptr pc); 563void Release(ThreadState *thr, uptr pc, uptr addr); 564void ReleaseStore(ThreadState *thr, uptr pc, uptr addr); 565void AfterSleep(ThreadState *thr, uptr pc); 566 567// The hacky call uses custom calling convention and an assembly thunk. 568// It is considerably faster that a normal call for the caller 569// if it is not executed (it is intended for slow paths from hot functions). 570// The trick is that the call preserves all registers and the compiler 571// does not treat it as a call. 572// If it does not work for you, use normal call. 573#if TSAN_DEBUG == 0 574// The caller may not create the stack frame for itself at all, 575// so we create a reserve stack frame for it (1024b must be enough). 576#define HACKY_CALL(f) \ 577 __asm__ __volatile__("sub $1024, %%rsp;" \ 578 "/*.cfi_adjust_cfa_offset 1024;*/" \ 579 ".hidden " #f "_thunk;" \ 580 "call " #f "_thunk;" \ 581 "add $1024, %%rsp;" \ 582 "/*.cfi_adjust_cfa_offset -1024;*/" \ 583 ::: "memory", "cc"); 584#else 585#define HACKY_CALL(f) f() 586#endif 587 588void TraceSwitch(ThreadState *thr); 589uptr TraceTopPC(ThreadState *thr); 590uptr TraceSize(); 591uptr TraceParts(); 592 593extern "C" void __tsan_trace_switch(); 594void ALWAYS_INLINE INLINE TraceAddEvent(ThreadState *thr, FastState fs, 595 EventType typ, u64 addr) { 596 DCHECK_GE((int)typ, 0); 597 DCHECK_LE((int)typ, 7); 598 DCHECK_EQ(GetLsb(addr, 61), addr); 599 StatInc(thr, StatEvents); 600 u64 pos = fs.GetTracePos(); 601 if (UNLIKELY((pos % kTracePartSize) == 0)) { 602#ifndef TSAN_GO 603 HACKY_CALL(__tsan_trace_switch); 604#else 605 TraceSwitch(thr); 606#endif 607 } 608 Event *trace = (Event*)GetThreadTrace(fs.tid()); 609 Event *evp = &trace[pos]; 610 Event ev = (u64)addr | ((u64)typ << 61); 611 *evp = ev; 612} 613 614} // namespace __tsan 615 616#endif // TSAN_RTL_H 617