[msan] Don't unpoison phdrs on dlopen(NULL, 0)

Summary: dlopen(NULL, ...) is intended to give you back a handle to the executable for use with dlsym. Casting it to link_map and using it with ForEachMappedRegion results in a crash. We also shouldn't unpoison the globals of a DSO that is already in memory. This ensures that we don't do it for the executable, but in general, MSan may have false negatives if the DSO is already loaded. Reviewers: eugenis Subscribers: llvm-commits Differential Revision: http://reviews.llvm.org/D14795 llvm-svn: 253530
2025-01-25 02:28:18 +00:00 · 2015-11-19 00:55:45 +00:00 · 2015-11-19 00:55:45 +00:00 · 4029426b17
commit 4029426b17
parent 3afb80e375
2 changed files with 22 additions and 4 deletions
--- a/compiler-rt/lib/msan/msan_interceptors.cc
+++ b/compiler-rt/lib/msan/msan_interceptors.cc
@ -1434,10 +1434,11 @@ int OnExit() {
  } while (false)  // FIXME
 #define COMMON_INTERCEPTOR_BLOCK_REAL(name) REAL(name)
 #define COMMON_INTERCEPTOR_ON_EXIT(ctx) OnExit()
-#define COMMON_INTERCEPTOR_LIBRARY_LOADED(filename, handle)  \
-  do {                                                       \
-    link_map *map = GET_LINK_MAP_BY_DLOPEN_HANDLE((handle)); \
-    if (map) ForEachMappedRegion(map, __msan_unpoison);      \
+#define COMMON_INTERCEPTOR_LIBRARY_LOADED(filename, handle)                    \
+  do {                                                                         \
+    link_map *map = GET_LINK_MAP_BY_DLOPEN_HANDLE((handle));                   \
+    if (filename && map)                                                       \
+      ForEachMappedRegion(map, __msan_unpoison);                               \
  } while (false)

 #define COMMON_INTERCEPTOR_GET_TLS_RANGE(begin, end)                           \
--- a/compiler-rt/test/msan/dlopen_executable.cc
+++ b/compiler-rt/test/msan/dlopen_executable.cc
@ -0,0 +1,17 @@
+// RUN: %clangxx_msan -O0 %s -o %t && not %run %t 2>&1 | FileCheck %s
+
+#include <assert.h>
+#include <dlfcn.h>
+#include <stdlib.h>
+
+static int my_global;
+
+int main(void) {
+  int *uninit = (int*)malloc(sizeof(int));
+  my_global = *uninit;
+  void *p = dlopen(0, RTLD_NOW);
+  assert(p && "failed to get handle to executable");
+  return my_global;
+  // CHECK: MemorySanitizer: use-of-uninitialized-value
+  // CHECK: #0 {{.*}} in main{{.*}}dlopen_executable.cc:[[@LINE-2]]
+}