The branch, master has been updated
via 3916f98 uwrap: Fix syscall() with jemalloc to prevent a deadlock
via 895197e gitlab-ci: Disable ASLR for TSAN
via a9b1ca6 gitlab-ci: Adapt config to gitlab changes
from c8bf3ae tests: Fix fake socket_wrapper_syscall_valid()
https://git.samba.org/?p=uid_wrapper.git;a=shortlog;h=master
- Log -----------------------------------------------------------------
commit 3916f985e716c865269c1f0a437efdc1aa5cdc87
Author: Andreas Schneider <a...@samba.org>
Date: Wed Jun 12 11:19:58 2024 +0200
uwrap: Fix syscall() with jemalloc to prevent a deadlock
This is a workaround to prevent a deadlock in jemalloc calling
malloc_init() twice. The first allocation call will trigger a
malloc_init() of jemalloc. The functions calls syscall(SYS_open, ...)
so it goes to socket or uid wrapper. In this code path we need to avoid
any allocation calls. This will prevent the deadlock.
Pair-Programmed-With: Stefan Metzmacher <me...@samba.org>
Signed-off-by: Stefan Metzmacher <me...@samba.org>
Signed-off-by: Andreas Schneider <a...@samba.org>
commit 895197ece51df1b24ee163aaece1ed2f18812f79
Author: Andreas Schneider <a...@samba.org>
Date: Wed Jun 12 11:22:41 2024 +0200
gitlab-ci: Disable ASLR for TSAN
This works around a TSAN issue with newer Linux Kernels (6.x).
See https://github.com/google/sanitizers/issues/1716
Signed-off-by: Andreas Schneider <a...@samba.org>
Reviewed-by: Stefan Metzmacher <me...@samba.org>
commit a9b1ca679a17d9d2d819f8099d7f51a63b2f1dfe
Author: Andreas Schneider <a...@samba.org>
Date: Wed Jun 12 11:21:12 2024 +0200
gitlab-ci: Adapt config to gitlab changes
Signed-off-by: Andreas Schneider <a...@samba.org>
Reviewed-by: Stefan Metzmacher <me...@samba.org>
-----------------------------------------------------------------------
Summary of changes:
.gitlab-ci.yml | 27 ++++-----------------------
src/uid_wrapper.c | 45 ++++++++++++++++++++++++++++++++++++++++++++-
2 files changed, 48 insertions(+), 24 deletions(-)
Changeset truncated at 500 lines:
diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml
index 1a4a3b0..3a84a8e 100644
--- a/.gitlab-ci.yml
+++ b/.gitlab-ci.yml
@@ -22,8 +22,6 @@ centos7/x86_64:
-DPICKY_DEVELOPER=ON
-DUNIT_TESTING=ON .. &&
make -j$(nproc) && ctest --output-on-failure
- tags:
- - shared
except:
- tags
artifacts:
@@ -42,8 +40,6 @@ fedora/x86_64:
-DPICKY_DEVELOPER=ON
-DUNIT_TESTING=ON .. &&
make -j$(nproc) && ctest --output-on-failure && make install
- tags:
- - shared
except:
- tags
artifacts:
@@ -61,8 +57,6 @@ fedora/address-sanitizer:
-DPICKY_DEVELOPER=ON
-DUNIT_TESTING=ON .. &&
make -j$(nproc) && ctest --output-on-failure
- tags:
- - shared
except:
- tags
artifacts:
@@ -79,8 +73,6 @@ fedora/undefined-sanitizer:
-DCMAKE_BUILD_TYPE=UndefinedSanitizer
-DUNIT_TESTING=ON ..
&& make -j$(nproc) && ctest --output-on-failure
- tags:
- - shared
except:
- tags
artifacts:
@@ -93,13 +85,14 @@ fedora/thread-sanitizer:
stage: analysis
image: $CI_REGISTRY/$BUILD_IMAGES_PROJECT:$TUMBLEWEED_BUILD
script:
+ # Workaround for TSAN with ASLR on newer kernel
+ # https://github.com/google/sanitizers/issues/1716
- mkdir -p obj && cd obj && cmake
-DCMAKE_BUILD_TYPE=ThreadSanitizer
-DPICKY_DEVELOPER=ON
-DUNIT_TESTING=ON .. &&
- make -j$(nproc) && ctest --output-on-failure
- tags:
- - shared
+ make -j$(nproc) &&
+ setarch --addr-no-randomize -- ctest --output-on-failure
except:
- tags
artifacts:
@@ -132,8 +125,6 @@ fedora/csbuild:
--git-commit-range $CI_COMMIT_RANGE
--color
--print-current --print-fixed
- tags:
- - shared
except:
- tags
artifacts:
@@ -174,8 +165,6 @@ tumbleweed/x86_64/gcc:
-DPICKY_DEVELOPER=ON
-DUNIT_TESTING=ON .. &&
make -j$(nproc) && ctest --output-on-failure
- tags:
- - shared
except:
- tags
artifacts:
@@ -194,8 +183,6 @@ tumbleweed/x86_64/gcc7:
-DPICKY_DEVELOPER=ON
-DUNIT_TESTING=ON .. &&
make -j$(nproc) && ctest --output-on-failure
- tags:
- - shared
except:
- tags
artifacts:
@@ -214,8 +201,6 @@ tumbleweed/x86_64/clang:
-DPICKY_DEVELOPER=ON
-DUNIT_TESTING=ON .. &&
make -j$(nproc) && ctest --output-on-failure
- tags:
- - shared
except:
- tags
artifacts:
@@ -236,8 +221,6 @@ tumbleweed/static-analysis:
-DPICKY_DEVELOPER=ON
-DUNIT_TESTING=ON .. &&
scan-build --status-bugs -o scan make -j$(nproc)
- tags:
- - shared
except:
- tags
artifacts:
@@ -255,8 +238,6 @@ ubuntu/x86_64:
-DPICKY_DEVELOPER=ON
-DUNIT_TESTING=ON .. &&
make -j$(nproc) && ctest --output-on-failure
- tags:
- - shared
except:
- tags
artifacts:
diff --git a/src/uid_wrapper.c b/src/uid_wrapper.c
index 5b6a82b..4a174e1 100644
--- a/src/uid_wrapper.c
+++ b/src/uid_wrapper.c
@@ -656,6 +656,9 @@ static void *_uwrap_bind_symbol(enum uwrap_lib lib, const
char *fn_name)
dlsym(RTLD_DEFAULT, #sym_name); \
}
+/* JEMALLOC: This tells uid_wrapper if it should handle syscall() */
+static bool uwrap_handle_syscall;
+
/* DO NOT call this function during library initialization! */
static void __uwrap_bind_symbol_all_once(void)
{
@@ -699,6 +702,8 @@ static void __uwrap_bind_symbol_all_once(void)
#endif
uwrap_bind_symbol_libpthread(pthread_create);
uwrap_bind_symbol_libpthread(pthread_exit);
+
+ uwrap_handle_syscall = true;
}
static void uwrap_bind_symbol_all(void)
@@ -863,7 +868,27 @@ static long int libc_vsyscall(long int sysno, va_list va)
long int rc;
int i;
- uwrap_bind_symbol_all();
+ /*
+ * JEMALLOC:
+ *
+ * This is a workaround to prevent a deadlock in jemalloc calling
+ * malloc_init() twice. The first allocation call will trigger a
+ * malloc_init() of jemalloc. The functions calls syscall(SYS_open, ...)
+ * so it goes to socket or uid wrapper. In this code path we need to
+ * avoid any allocation calls. This will prevent the deadlock.
+ *
+ * We also need to avoid dlopen() as that would trigger the recursion
+ * into malloc_init(), so we use dlsym(RTLD_NEXT), until we reached
+ * swrap_constructor() or any real socket call at that time
+ * swrap_bind_symbol_all() will replace the function pointer again after
+ * dlopen of libc.
+ */
+ if (uwrap_handle_syscall) {
+ uwrap_bind_symbol_all();
+ } else if (uwrap.libc.symbols._libc_syscall.obj == NULL) {
+ uwrap.libc.symbols._libc_syscall.obj = dlsym(RTLD_NEXT,
+ "syscall");
+ }
for (i = 0; i < 8; i++) {
args[i] = va_arg(va, long int);
@@ -2708,6 +2733,21 @@ long int syscall (long int sysno, ...)
va_start(va, sysno);
+ /*
+ * JEMALLOC:
+ *
+ * This is a workaround to prevent a deadlock in jemalloc calling
+ * malloc_init() twice. The first allocation call will trigger a
+ * malloc_init() of jemalloc. The functions calls syscall(SYS_open, ...)
+ * so it goes to socket or uid wrapper. In this code path we need to
+ * avoid any allocation calls. This will prevent the deadlock.
+ */
+ if (!uwrap_handle_syscall) {
+ rc = libc_vsyscall(sysno, va);
+ va_end(va);
+ return rc;
+ }
+
/*
* We need to check for uwrap related syscall numbers before calling
* uid_wrapper_enabled() otherwise we'd deadlock during the freebsd libc
@@ -2821,6 +2861,9 @@ void uwrap_constructor(void)
* for main process.
*/
uwrap_init();
+
+ /* Let socket_wrapper handle syscall() */
+ uwrap_handle_syscall = true;
}
/****************************
--
UID Wrapper Repository
