| blob | 5f02e5b28020c2435bdd9c082de947deb07420dc |
2 /*--------------------------------------------------------------------*/
3 /*--- pthread intercepts for thread checking. ---*/
4 /*--- hg_intercepts.c ---*/
5 /*--------------------------------------------------------------------*/
7 /*
8 This file is part of Helgrind, a Valgrind tool for detecting errors
9 in threaded programs.
11 Copyright (C) 2007-2013 OpenWorks LLP
12 info@open-works.co.uk
14 This program is free software; you can redistribute it and/or
15 modify it under the terms of the GNU General Public License as
16 published by the Free Software Foundation; either version 2 of the
17 License, or (at your option) any later version.
19 This program is distributed in the hope that it will be useful, but
20 WITHOUT ANY WARRANTY; without even the implied warranty of
21 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
22 General Public License for more details.
24 You should have received a copy of the GNU General Public License
25 along with this program; if not, write to the Free Software
26 Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA
27 02111-1307, USA.
29 The GNU General Public License is contained in the file COPYING.
31 Neither the names of the U.S. Department of Energy nor the
32 University of California nor the names of its contributors may be
33 used to endorse or promote products derived from this software
34 without prior written permission.
35 */
37 /* RUNS ON SIMULATED CPU
38 Interceptors for pthread_* functions, so that tc_main can see
39 significant thread events.
41 Important: when adding a function wrapper to this file, remember to
42 add a test case to tc20_verifywrap.c. A common cause of failure is
43 for wrappers to not engage on different distros, and
44 tc20_verifywrap essentially checks that each wrapper is really
45 doing something.
46 */
48 // DDD: for Darwin, need to have non-"@*"-suffixed versions for all pthread
49 // functions that currently have them.
50 // Note also, in the comments and code below, all Darwin symbols start
51 // with a leading underscore, which is not shown either in the comments
52 // nor in the redirect specs.
61 #define TRACE_PTH_FNS 0
62 #define TRACE_QT4_FNS 0
65 /*----------------------------------------------------------------*/
66 /*--- ---*/
67 /*----------------------------------------------------------------*/
69 #define PTH_FUNC(ret_ty, f, args...) \
70 ret_ty I_WRAP_SONAME_FNNAME_ZZ(VG_Z_LIBPTHREAD_SONAME,f)(args); \
71 ret_ty I_WRAP_SONAME_FNNAME_ZZ(VG_Z_LIBPTHREAD_SONAME,f)(args)
73 // Do a client request. These are macros rather than a functions so
74 // as to avoid having an extra frame in stack traces.
76 // NB: these duplicate definitions in helgrind.h. But here, we
77 // can have better typing (Word etc) and assertions, whereas
78 // in helgrind.h we can't. Obviously it's important the two
79 // sets of definitions are kept in sync.
81 // nuke the previous definitions
82 #undef DO_CREQ_v_W
83 #undef DO_CREQ_v_WW
84 #undef DO_CREQ_W_WW
85 #undef DO_CREQ_v_WWW
87 #define DO_CREQ_v_W(_creqF, _ty1F,_arg1F) \
88 do { \
89 Word _arg1; \
90 assert(sizeof(_ty1F) == sizeof(Word)); \
91 _arg1 = (Word)(_arg1F); \
92 VALGRIND_DO_CLIENT_REQUEST_STMT((_creqF), \
93 _arg1, 0,0,0,0); \
94 } while (0)
96 #define DO_CREQ_v_WW(_creqF, _ty1F,_arg1F, _ty2F,_arg2F) \
97 do { \
98 Word _arg1, _arg2; \
99 assert(sizeof(_ty1F) == sizeof(Word)); \
100 assert(sizeof(_ty2F) == sizeof(Word)); \
101 _arg1 = (Word)(_arg1F); \
102 _arg2 = (Word)(_arg2F); \
103 VALGRIND_DO_CLIENT_REQUEST_STMT((_creqF), \
104 _arg1,_arg2,0,0,0); \
105 } while (0)
107 #define DO_CREQ_W_WW(_resF, _creqF, _ty1F,_arg1F, \
108 _ty2F,_arg2F) \
109 do { \
110 Word _res, _arg1, _arg2; \
111 assert(sizeof(_ty1F) == sizeof(Word)); \
112 assert(sizeof(_ty2F) == sizeof(Word)); \
113 _arg1 = (Word)(_arg1F); \
114 _arg2 = (Word)(_arg2F); \
115 _res = VALGRIND_DO_CLIENT_REQUEST_EXPR(2, \
116 (_creqF), \
117 _arg1,_arg2,0,0,0); \
118 _resF = _res; \
119 } while (0)
121 #define DO_CREQ_v_WWW(_creqF, _ty1F,_arg1F, \
122 _ty2F,_arg2F, _ty3F, _arg3F) \
123 do { \
124 Word _arg1, _arg2, _arg3; \
125 assert(sizeof(_ty1F) == sizeof(Word)); \
126 assert(sizeof(_ty2F) == sizeof(Word)); \
127 assert(sizeof(_ty3F) == sizeof(Word)); \
128 _arg1 = (Word)(_arg1F); \
129 _arg2 = (Word)(_arg2F); \
130 _arg3 = (Word)(_arg3F); \
131 VALGRIND_DO_CLIENT_REQUEST_STMT((_creqF), \
132 _arg1,_arg2,_arg3,0,0); \
133 } while (0)
136 #define DO_PthAPIerror(_fnnameF, _errF) \
137 do { \
138 char* _fnname = (char*)(_fnnameF); \
139 long _err = (long)(int)(_errF); \
140 const char* _errstr = lame_strerror(_err); \
141 DO_CREQ_v_WWW(_VG_USERREQ__HG_PTH_API_ERROR, \
142 char*,_fnname, \
143 long,_err, char*,_errstr); \
144 } while (0)
147 /* Needed for older glibcs (2.3 and older, at least) who don't
148 otherwise "know" about pthread_rwlock_anything or about
149 PTHREAD_MUTEX_RECURSIVE (amongst things). */
150 #define _GNU_SOURCE 1
152 #include <stdio.h>
153 #include <assert.h>
154 #include <errno.h>
155 #include <pthread.h>
157 /* A standalone memcmp. */
160 {
167 }
169 }
171 /* A lame version of strerror which doesn't use the real libc
172 strerror_r, since using the latter just generates endless more
173 threading errors (glibc goes off and does tons of crap w.r.t.
174 locales etc) */
176 {
200 }
201 }
204 /*----------------------------------------------------------------*/
205 /*--- pthread_create, pthread_join, pthread_exit ---*/
206 /*----------------------------------------------------------------*/
209 {
214 /* Tell the tool what my pthread_t is. */
216 /* allow the parent to proceed. We can't let it proceed until
217 we're ready because (1) we need to make sure it doesn't exit and
218 hence deallocate xargs[] while we still need it, and (2) we
219 don't want either parent nor child to proceed until the tool has
220 been notified of the child's pthread_t.
222 Note that parent and child access args[] without a lock,
223 effectively using args[2] as a spinlock in order to get the
224 parent to wait until the child passes this point. The parent
225 disables checking on xargs[] before creating the child and
226 re-enables it once the child goes past this point, so the user
227 never sees the race. The previous approach (suppressing the
228 resulting error) was flawed, because it could leave shadow
229 memory for args[] in a state in which subsequent use of it by
230 the parent would report further races. */
232 /* Now we can no longer safely use xargs[]. */
234 }
236 //-----------------------------------------------------------
237 // glibc: pthread_create@GLIBC_2.0
238 // glibc: pthread_create@@GLIBC_2.1
239 // glibc: pthread_create@@GLIBC_2.2.5
240 // darwin: pthread_create
241 // darwin: pthread_create_suspended_np (trapped)
242 //
243 /* ensure this has its own frame, so as to make it more distinguishable
244 in suppressions */
248 {
250 OrigFn fn;
256 }
260 /* Disable checking on the spinlock and the two words used to
261 convey args to the child. Basically we need to make it appear
262 as if the child never accessed this area, since merely
263 suppressing the resulting races does not address the issue that
264 that piece of the parent's stack winds up in the "wrong" state
265 and therefore may give rise to mysterious races when the parent
266 comes to re-use this piece of stack in some other frame. */
272 /* we have to wait for the child to notify the tool of its
273 pthread_t before continuing */
275 /* Do nothing. We need to spin until the child writes to
276 xargs[2]. However, that can lead to starvation in the
277 child and very long delays (eg, tc19_shadowmem on
278 ppc64-linux Fedora Core 6). So yield the cpu if we can,
279 to let the child run at the earliest available
280 opportunity. */
282 }
285 }
287 /* Reenable checking on the area previously used to communicate
288 with the child. */
293 }
295 }
296 #if defined(VGO_linux)
301 }
302 #elif defined(VGO_darwin)
307 }
311 // trap anything else
313 }
314 #else
316 #endif
319 //-----------------------------------------------------------
320 // glibc: pthread_join
321 // darwin: pthread_join
322 // darwin: pthread_join$NOCANCEL$UNIX2003
323 // darwin pthread_join$UNIX2003
326 {
328 OrigFn fn;
332 }
336 /* At least with NPTL as the thread library, this is safe because
337 it is guaranteed (by NPTL) that the joiner will completely gone
338 before pthread_join (the original) returns. See email below.*/
343 }
347 }
349 }
350 #if defined(VGO_linux)
354 }
355 #elif defined(VGO_darwin)
359 }
360 #else
362 #endif
365 /* Behaviour of pthread_join on NPTL:
367 Me:
368 I have a question re the NPTL pthread_join implementation.
370 Suppose I am the thread 'stayer'.
372 If I call pthread_join(quitter), is it guaranteed that the
373 thread 'quitter' has really exited before pthread_join returns?
375 IOW, is it guaranteed that 'quitter' will not execute any further
376 instructions after pthread_join returns?
378 I believe this is true based on the following analysis of
379 glibc-2.5 sources. However am not 100% sure and would appreciate
380 confirmation.
382 'quitter' will be running start_thread() in nptl/pthread_create.c
384 The last action of start_thread() is to exit via
385 __exit_thread_inline(0), which simply does sys_exit
386 (nptl/pthread_create.c:403)
388 'stayer' meanwhile is waiting for lll_wait_tid (pd->tid)
389 (call at nptl/pthread_join.c:89)
391 As per comment at nptl/sysdeps/unix/sysv/linux/i386/lowlevellock.h:536,
392 lll_wait_tid will not return until kernel notifies via futex
393 wakeup that 'quitter' has terminated.
395 Hence pthread_join cannot return until 'quitter' really has
396 completely disappeared.
398 Drepper:
399 > As per comment at nptl/sysdeps/unix/sysv/linux/i386/lowlevellock.h:536,
400 > lll_wait_tid will not return until kernel notifies via futex
401 > wakeup that 'quitter' has terminated.
402 That's the key. The kernel resets the TID field after the thread is
403 done. No way the joiner can return before the thread is gone.
404 */
407 /*----------------------------------------------------------------*/
408 /*--- pthread_mutex_t functions ---*/
409 /*----------------------------------------------------------------*/
411 /* Handled: pthread_mutex_init pthread_mutex_destroy
412 pthread_mutex_lock
413 pthread_mutex_trylock pthread_mutex_timedlock
414 pthread_mutex_unlock
415 */
417 //-----------------------------------------------------------
418 // glibc: pthread_mutex_init
419 // darwin: pthread_mutex_init
423 {
426 OrigFn fn;
430 }
438 }
447 }
451 }
453 }
456 //-----------------------------------------------------------
457 // glibc: pthread_mutex_destroy
458 // darwin: pthread_mutex_destroy
461 {
464 OrigFn fn;
469 }
476 }
485 }
489 }
491 }
494 //-----------------------------------------------------------
495 // glibc: pthread_mutex_lock
496 // darwin: pthread_mutex_lock
499 {
501 OrigFn fn;
505 }
512 /* There's a hole here: libpthread now knows the lock is locked,
513 but the tool doesn't, so some other thread could run and detect
514 that the lock has been acquired by someone (this thread). Does
515 this matter? Not sure, but I don't think so. */
522 }
526 }
528 }
531 //-----------------------------------------------------------
532 // glibc: pthread_mutex_trylock
533 // darwin: pthread_mutex_trylock
534 //
535 // pthread_mutex_trylock. The handling needed here is very similar
536 // to that for pthread_mutex_lock, except that we need to tell
537 // the pre-lock creq that this is a trylock-style operation, and
538 // therefore not to complain if the lock is nonrecursive and
539 // already locked by this thread -- because then it'll just fail
540 // immediately with EBUSY.
543 {
545 OrigFn fn;
549 }
556 /* There's a hole here: libpthread now knows the lock is locked,
557 but the tool doesn't, so some other thread could run and detect
558 that the lock has been acquired by someone (this thread). Does
559 this matter? Not sure, but I don't think so. */
567 }
571 }
573 }
576 //-----------------------------------------------------------
577 // glibc: pthread_mutex_timedlock
578 // darwin: (doesn't appear to exist)
579 //
580 // pthread_mutex_timedlock. Identical logic to pthread_mutex_trylock.
584 {
586 OrigFn fn;
591 }
598 /* There's a hole here: libpthread now knows the lock is locked,
599 but the tool doesn't, so some other thread could run and detect
600 that the lock has been acquired by someone (this thread). Does
601 this matter? Not sure, but I don't think so. */
609 }
613 }
615 }
618 //-----------------------------------------------------------
619 // glibc: pthread_mutex_unlock
620 // darwin: pthread_mutex_unlock
623 {
625 OrigFn fn;
630 }
642 }
646 }
648 }
651 /*----------------------------------------------------------------*/
652 /*--- pthread_cond_t functions ---*/
653 /*----------------------------------------------------------------*/
655 /* Handled: pthread_cond_wait pthread_cond_timedwait
656 pthread_cond_signal pthread_cond_broadcast
657 pthread_cond_init
658 pthread_cond_destroy
659 */
661 //-----------------------------------------------------------
662 // glibc: pthread_cond_wait@GLIBC_2.2.5
663 // glibc: pthread_cond_wait@@GLIBC_2.3.2
664 // darwin: pthread_cond_wait
665 // darwin: pthread_cond_wait$NOCANCEL$UNIX2003
666 // darwin: pthread_cond_wait$UNIX2003
667 //
671 {
673 OrigFn fn;
681 }
683 /* Tell the tool a cond-wait is about to happen, so it can check
684 for bogus argument values. In return it tells us whether it
685 thinks the mutex is valid or not. */
687 _VG_USERREQ__HG_PTHREAD_COND_WAIT_PRE,
691 /* Tell the tool we're about to drop the mutex. This reflects the
692 fact that in a cond_wait, we show up holding the mutex, and the
693 call atomically drops the mutex and waits for the cv to be
694 signalled. */
698 }
702 /* these conditionals look stupid, but compare w/ same logic for
703 pthread_cond_timedwait below */
705 /* and now we have the mutex again */
708 }
713 }
717 }
721 }
724 }
725 #if defined(VGO_linux)
729 }
730 #elif defined(VGO_darwin)
734 }
735 #else
737 #endif
740 //-----------------------------------------------------------
741 // glibc: pthread_cond_timedwait@@GLIBC_2.3.2
742 // glibc: pthread_cond_timedwait@GLIBC_2.2.5
743 // glibc: pthread_cond_timedwait@GLIBC_2.0
744 // darwin: pthread_cond_timedwait
745 // darwin: pthread_cond_timedwait$NOCANCEL$UNIX2003
746 // darwin: pthread_cond_timedwait$UNIX2003
747 // darwin: pthread_cond_timedwait_relative_np (trapped)
748 //
753 {
755 OrigFn fn;
757 Bool abstime_is_valid;
764 }
766 /* Tell the tool a cond-wait is about to happen, so it can check
767 for bogus argument values. In return it tells us whether it
768 thinks the mutex is valid or not. */
770 _VG_USERREQ__HG_PTHREAD_COND_WAIT_PRE,
776 /* Tell the tool we're about to drop the mutex. This reflects the
777 fact that in a cond_wait, we show up holding the mutex, and the
778 call atomically drops the mutex and waits for the cv to be
779 signalled. */
783 }
789 "invalid abstime did not cause"
791 }
794 /* and now we have the mutex again */
797 }
803 }
807 }
811 }
814 }
815 #if defined(VGO_linux)
820 }
821 #elif defined(VGO_darwin)
826 }
831 }
836 }
837 #else
839 #endif
842 //-----------------------------------------------------------
843 // glibc: pthread_cond_signal@GLIBC_2.0
844 // glibc: pthread_cond_signal@GLIBC_2.2.5
845 // glibc: pthread_cond_signal@@GLIBC_2.3.2
846 // darwin: pthread_cond_signal
847 // darwin: pthread_cond_signal_thread_np (don't intercept this)
848 //
851 {
853 OrigFn fn;
859 }
868 }
872 }
875 }
876 #if defined(VGO_linux)
880 }
881 #elif defined(VGO_darwin)
885 }
886 #else
888 #endif
891 //-----------------------------------------------------------
892 // glibc: pthread_cond_broadcast@GLIBC_2.0
893 // glibc: pthread_cond_broadcast@GLIBC_2.2.5
894 // glibc: pthread_cond_broadcast@@GLIBC_2.3.2
895 // darwin: pthread_cond_broadcast
896 //
897 // Note, this is pretty much identical, from a dependency-graph
898 // point of view, with cond_signal, so the code is duplicated.
899 // Maybe it should be commoned up.
900 //
903 {
905 OrigFn fn;
911 }
920 }
924 }
927 }
928 #if defined(VGO_linux)
932 }
933 #elif defined(VGO_darwin)
937 }
938 #else
940 #endif
942 // glibc: pthread_cond_init@GLIBC_2.0
943 // glibc: pthread_cond_init@GLIBC_2.2.5
944 // glibc: pthread_cond_init@@GLIBC_2.3.2
945 // darwin: pthread_cond_init
946 // Easy way out: Handling of attr could have been messier.
947 // It turns out that pthread_cond_init under linux ignores
948 // all information in cond_attr, so do we.
949 // FIXME: MacOS X?
952 {
954 OrigFn fn;
960 }
969 }
973 }
976 }
977 #if defined(VGO_linux)
981 }
982 #elif defined(VGO_darwin)
986 }
987 #else
989 #endif
992 //-----------------------------------------------------------
993 // glibc: pthread_cond_destroy@@GLIBC_2.3.2
994 // glibc: pthread_cond_destroy@GLIBC_2.2.5
995 // glibc: pthread_cond_destroy@GLIBC_2.0
996 // darwin: pthread_cond_destroy
997 //
1000 {
1003 OrigFn fn;
1010 }
1017 }
1026 }
1030 }
1033 }
1034 #if defined(VGO_linux)
1038 }
1039 #elif defined(VGO_darwin)
1043 }
1044 #else
1046 #endif
1049 /*----------------------------------------------------------------*/
1050 /*--- pthread_barrier_t functions ---*/
1051 /*----------------------------------------------------------------*/
1053 #if defined(HAVE_PTHREAD_BARRIER_INIT)
1055 /* Handled: pthread_barrier_init
1056 pthread_barrier_wait
1057 pthread_barrier_destroy
1059 Unhandled: pthread_barrierattr_destroy
1060 pthread_barrierattr_getpshared
1061 pthread_barrierattr_init
1062 pthread_barrierattr_setpshared
1063 -- are these important?
1064 */
1066 //-----------------------------------------------------------
1067 // glibc: pthread_barrier_init
1068 // darwin: (doesn't appear to exist)
1072 {
1074 OrigFn fn;
1081 }
1092 }
1096 }
1099 }
1102 //-----------------------------------------------------------
1103 // glibc: pthread_barrier_wait
1104 // darwin: (doesn't appear to exist)
1107 {
1109 OrigFn fn;
1115 }
1117 /* That this works correctly, and doesn't screw up when a thread
1118 leaving the barrier races round to the front and re-enters while
1119 other threads are still leaving it, is quite subtle. See
1120 comments in the handler for PTHREAD_BARRIER_WAIT_PRE in
1121 hg_main.c. */
1129 }
1133 }
1136 }
1139 //-----------------------------------------------------------
1140 // glibc: pthread_barrier_destroy
1141 // darwin: (doesn't appear to exist)
1144 {
1146 OrigFn fn;
1152 }
1161 }
1165 }
1168 }
1173 /*----------------------------------------------------------------*/
1174 /*--- pthread_spinlock_t functions ---*/
1175 /*----------------------------------------------------------------*/
1177 #if defined(HAVE_PTHREAD_SPIN_LOCK) \
1178 && !defined(DISABLE_PTHREAD_SPINLOCK_INTERCEPT)
1180 /* Handled: pthread_spin_init pthread_spin_destroy
1181 pthread_spin_lock pthread_spin_trylock
1182 pthread_spin_unlock
1184 Unhandled:
1185 */
1187 /* This is a nasty kludge, in that glibc "knows" that initialising a
1188 spin lock unlocks it, and pthread_spin_{init,unlock} are names for
1189 the same function. Hence we have to have a wrapper which does both
1190 things, without knowing which the user intended to happen. */
1192 //-----------------------------------------------------------
1193 // glibc: pthread_spin_init
1194 // glibc: pthread_spin_unlock
1195 // darwin: (doesn't appear to exist)
1200 OrigFn fn;
1204 }
1216 }
1220 }
1222 }
1223 #if defined(VGO_linux)
1227 }
1230 /* this is never actually called */
1232 }
1233 #elif defined(VGO_darwin)
1234 #else
1236 #endif
1239 //-----------------------------------------------------------
1240 // glibc: pthread_spin_destroy
1241 // darwin: (doesn't appear to exist)
1242 #if defined(VGO_linux)
1246 {
1248 OrigFn fn;
1253 }
1262 }
1266 }
1268 }
1270 #elif defined(VGO_darwin)
1271 #else
1273 #endif
1276 //-----------------------------------------------------------
1277 // glibc: pthread_spin_lock
1278 // darwin: (doesn't appear to exist)
1279 #if defined(VGO_linux)
1283 {
1285 OrigFn fn;
1290 }
1297 /* There's a hole here: libpthread now knows the lock is locked,
1298 but the tool doesn't, so some other thread could run and detect
1299 that the lock has been acquired by someone (this thread). Does
1300 this matter? Not sure, but I don't think so. */
1307 }
1311 }
1313 }
1315 #elif defined(VGO_darwin)
1316 #else
1318 #endif
1321 //-----------------------------------------------------------
1322 // glibc: pthread_spin_trylock
1323 // darwin: (doesn't appear to exist)
1324 #if defined(VGO_linux)
1328 {
1330 OrigFn fn;
1335 }
1342 /* There's a hole here: libpthread now knows the lock is locked,
1343 but the tool doesn't, so some other thread could run and detect
1344 that the lock has been acquired by someone (this thread). Does
1345 this matter? Not sure, but I don't think so. */
1353 }
1357 }
1359 }
1361 #elif defined(VGO_darwin)
1362 #else
1364 #endif
1369 /*----------------------------------------------------------------*/
1370 /*--- pthread_rwlock_t functions ---*/
1371 /*----------------------------------------------------------------*/
1373 /* Android's pthread.h doesn't say anything about rwlocks, hence these
1374 functions have to be conditionally compiled. */
1375 #if defined(HAVE_PTHREAD_RWLOCK_T)
1377 /* Handled: pthread_rwlock_init pthread_rwlock_destroy
1378 pthread_rwlock_rdlock
1379 pthread_rwlock_wrlock
1380 pthread_rwlock_unlock
1382 Unhandled: pthread_rwlock_timedrdlock
1383 pthread_rwlock_tryrdlock
1385 pthread_rwlock_timedwrlock
1386 pthread_rwlock_trywrlock
1387 */
1389 //-----------------------------------------------------------
1390 // glibc: pthread_rwlock_init
1391 // darwin: pthread_rwlock_init
1392 // darwin: pthread_rwlock_init$UNIX2003
1396 {
1398 OrigFn fn;
1402 }
1411 }
1415 }
1417 }
1418 #if defined(VGO_linux)
1423 }
1424 #elif defined(VGO_darwin)
1429 }
1430 #else
1432 #endif
1435 //-----------------------------------------------------------
1436 // glibc: pthread_rwlock_destroy
1437 // darwin: pthread_rwlock_destroy
1438 // darwin: pthread_rwlock_destroy$UNIX2003
1439 //
1442 {
1444 OrigFn fn;
1448 }
1457 }
1461 }
1463 }
1464 #if defined(VGO_linux)
1468 }
1469 #elif defined(VGO_darwin)
1473 }
1474 #else
1476 #endif
1479 //-----------------------------------------------------------
1480 // glibc: pthread_rwlock_wrlock
1481 // darwin: pthread_rwlock_wrlock
1482 // darwin: pthread_rwlock_wrlock$UNIX2003
1483 //
1486 {
1488 OrigFn fn;
1492 }
1505 }
1509 }
1511 }
1512 #if defined(VGO_linux)
1516 }
1517 #elif defined(VGO_darwin)
1521 }
1522 #else
1524 #endif
1527 //-----------------------------------------------------------
1528 // glibc: pthread_rwlock_rdlock
1529 // darwin: pthread_rwlock_rdlock
1530 // darwin: pthread_rwlock_rdlock$UNIX2003
1531 //
1534 {
1536 OrigFn fn;
1540 }
1553 }
1557 }
1559 }
1560 #if defined(VGO_linux)
1564 }
1565 #elif defined(VGO_darwin)
1569 }
1570 #else
1572 #endif
1575 //-----------------------------------------------------------
1576 // glibc: pthread_rwlock_trywrlock
1577 // darwin: pthread_rwlock_trywrlock
1578 // darwin: pthread_rwlock_trywrlock$UNIX2003
1579 //
1582 {
1584 OrigFn fn;
1588 }
1596 /* There's a hole here: libpthread now knows the lock is locked,
1597 but the tool doesn't, so some other thread could run and detect
1598 that the lock has been acquired by someone (this thread). Does
1599 this matter? Not sure, but I don't think so. */
1607 }
1611 }
1613 }
1614 #if defined(VGO_linux)
1618 }
1619 #elif defined(VGO_darwin)
1623 }
1624 #else
1626 #endif
1629 //-----------------------------------------------------------
1630 // glibc: pthread_rwlock_tryrdlock
1631 // darwin: pthread_rwlock_trywrlock
1632 // darwin: pthread_rwlock_trywrlock$UNIX2003
1633 //
1636 {
1638 OrigFn fn;
1642 }
1650 /* There's a hole here: libpthread now knows the lock is locked,
1651 but the tool doesn't, so some other thread could run and detect
1652 that the lock has been acquired by someone (this thread). Does
1653 this matter? Not sure, but I don't think so. */
1661 }
1665 }
1667 }
1668 #if defined(VGO_linux)
1672 }
1673 #elif defined(VGO_darwin)
1677 }
1678 #else
1680 #endif
1683 //-----------------------------------------------------------
1684 // glibc: pthread_rwlock_unlock
1685 // darwin: pthread_rwlock_unlock
1686 // darwin: pthread_rwlock_unlock$UNIX2003
1689 {
1691 OrigFn fn;
1695 }
1707 }
1711 }
1713 }
1714 #if defined(VGO_linux)
1718 }
1719 #elif defined(VGO_darwin)
1723 }
1724 #else
1726 #endif
1731 /*----------------------------------------------------------------*/
1732 /*--- POSIX semaphores ---*/
1733 /*----------------------------------------------------------------*/
1735 #include <semaphore.h>
1738 #define TRACE_SEM_FNS 0
1740 /* Handled:
1741 int sem_init(sem_t *sem, int pshared, unsigned value);
1742 int sem_destroy(sem_t *sem);
1743 int sem_wait(sem_t *sem);
1744 int sem_post(sem_t *sem);
1745 sem_t* sem_open(const char *name, int oflag,
1746 ... [mode_t mode, unsigned value]);
1747 [complete with its idiotic semantics]
1748 int sem_close(sem_t* sem);
1750 Unhandled:
1751 int sem_trywait(sem_t *sem);
1752 int sem_timedwait(sem_t *restrict sem,
1753 const struct timespec *restrict abs_timeout);
1754 */
1756 //-----------------------------------------------------------
1757 // glibc: sem_init@@GLIBC_2.2.5
1758 // glibc: sem_init@@GLIBC_2.1
1759 // glibc: sem_init@GLIBC_2.0
1760 // darwin: sem_init
1761 //
1764 {
1765 OrigFn fn;
1772 }
1781 }
1786 }
1789 }
1790 #if defined(VGO_linux)
1794 }
1795 #elif defined(VGO_darwin)
1799 }
1800 #else
1802 #endif
1805 //-----------------------------------------------------------
1806 // glibc: sem_destroy@GLIBC_2.0
1807 // glibc: sem_destroy@@GLIBC_2.1
1808 // glibc: sem_destroy@@GLIBC_2.2.5
1809 // darwin: sem_destroy
1812 {
1813 OrigFn fn;
1820 }
1828 }
1833 }
1836 }
1837 #if defined(VGO_linux)
1841 }
1842 #elif defined(VGO_darwin)
1846 }
1847 #else
1849 #endif
1852 //-----------------------------------------------------------
1853 // glibc: sem_wait
1854 // glibc: sem_wait@GLIBC_2.0
1855 // glibc: sem_wait@@GLIBC_2.1
1856 // darwin: sem_wait
1857 // darwin: sem_wait$NOCANCEL$UNIX2003
1858 // darwin: sem_wait$UNIX2003
1859 //
1860 /* wait: decrement semaphore - acquire lockage */
1863 {
1864 OrigFn fn;
1871 }
1879 }
1884 }
1887 }
1888 #if defined(VGO_linux)
1891 }
1894 }
1895 #elif defined(VGO_darwin)
1898 }
1901 }
1902 #else
1904 #endif
1907 //-----------------------------------------------------------
1908 // glibc: sem_post
1909 // glibc: sem_post@GLIBC_2.0
1910 // glibc: sem_post@@GLIBC_2.1
1911 // darwin: sem_post
1912 //
1913 /* post: increment semaphore - release lockage */
1916 {
1917 OrigFn fn;
1925 }
1933 }
1938 }
1941 }
1942 #if defined(VGO_linux)
1945 }
1948 }
1949 #elif defined(VGO_darwin)
1952 }
1953 #else
1955 #endif
1958 //-----------------------------------------------------------
1959 // glibc: sem_open
1960 // darwin: sem_open
1961 //
1965 {
1966 /* A copy of sem_init_WRK (more or less). Is this correct? */
1967 OrigFn fn;
1975 }
1982 }
1985 }
1990 }
1993 }
1996 //-----------------------------------------------------------
1997 // glibc: sem_close
1998 // darwin: sem_close
2000 {
2001 OrigFn fn;
2008 }
2016 }
2021 }
2024 }
2027 /*----------------------------------------------------------------*/
2028 /*--- Qt 4 threading functions (w/ GNU name mangling) ---*/
2029 /*----------------------------------------------------------------*/
2031 /* Handled:
2032 QMutex::lock()
2033 QMutex::unlock()
2034 QMutex::tryLock()
2035 QMutex::tryLock(int)
2037 QMutex::QMutex(QMutex::RecursionMode) _ZN6QMutexC1ENS_13RecursionModeE
2038 QMutex::QMutex(QMutex::RecursionMode) _ZN6QMutexC2ENS_13RecursionModeE
2039 QMutex::~QMutex() _ZN6QMutexD1Ev
2040 QMutex::~QMutex() _ZN6QMutexD2Ev
2042 Unhandled:
2043 QReadWriteLock::lockForRead()
2044 QReadWriteLock::lockForWrite()
2045 QReadWriteLock::unlock()
2046 QReadWriteLock::tryLockForRead(int)
2047 QReadWriteLock::tryLockForRead()
2048 QReadWriteLock::tryLockForWrite(int)
2049 QReadWriteLock::tryLockForWrite()
2051 QWaitCondition::wait(QMutex*, unsigned long)
2052 QWaitCondition::wakeAll()
2053 QWaitCondition::wakeOne()
2055 QSemaphore::*
2056 */
2057 /* More comments, 19 Nov 08, based on assessment of qt-4.5.0TP1,
2058 at least on Unix:
2060 It's apparently only necessary to intercept QMutex, since that is
2061 not implemented using pthread_mutex_t; instead Qt4 has its own
2062 implementation based on atomics (to check the non-contended case)
2063 and pthread_cond_wait (to wait in the contended case).
2065 QReadWriteLock is built on top of QMutex, counters, and a wait
2066 queue. So we don't need to handle it specially once QMutex
2067 handling is correct -- presumably the dependencies through QMutex
2068 are sufficient to avoid any false race reports. On the other hand,
2069 it is an open question whether too many dependencies are observed
2070 -- in which case we may miss races (false negatives). I suspect
2071 this is likely to be the case, unfortunately.
2073 QWaitCondition is built on pthread_cond_t, pthread_mutex_t, QMutex
2074 and QReadWriteLock. Same compositional-correctness justificiation
2075 and limitations as fro QReadWriteLock.
2077 Ditto QSemaphore (from cursory examination).
2079 Does it matter that only QMutex is handled directly? Open
2080 question. From testing with drd/tests/qt4_* and with KDE4 apps, it
2081 appears that no false errors are reported; however it is not clear
2082 if this is causing false negatives.
2084 Another problem with Qt4 is thread exiting. Threads are created
2085 with pthread_create (fine); but they detach and simply exit when
2086 done. There is no use of pthread_join, and the provided
2087 wait-for-a-thread-to-exit mechanism (QThread::wait, I believe)
2088 relies on a system of mutexes and flags. I suspect this also
2089 causes too many dependencies to appear. Consequently H sometimes
2090 fails to detect races at exit in some very short-lived racy
2091 programs, because it appears that a thread can exit _and_ have an
2092 observed dependency edge back to the main thread (presumably)
2093 before the main thread reaps the child (that is, calls
2094 QThread::wait).
2096 This theory is supported by the observation that if all threads are
2097 made to wait at a pthread_barrier_t immediately before they exit,
2098 then H's detection of races in such programs becomes reliable;
2099 without the barrier, it is varies from run to run, depending
2100 (according to investigation) on whether aforementioned
2101 exit-before-reaping behaviour happens or not.
2103 Finally, why is it necessary to intercept the QMutex constructors
2104 and destructors? The constructors are intercepted only as a matter
2105 of convenience, so H can print accurate "first observed at"
2106 clauses. However, it is actually necessary to intercept the
2107 destructors (as it is with pthread_mutex_destroy) in order that
2108 locks get removed from LAOG when they are destroyed.
2109 */
2111 // soname is libQtCore.so.4 ; match against libQtCore.so*
2112 #define QT4_FUNC(ret_ty, f, args...) \
2113 ret_ty I_WRAP_SONAME_FNNAME_ZU(libQtCoreZdsoZa,f)(args); \
2114 ret_ty I_WRAP_SONAME_FNNAME_ZU(libQtCoreZdsoZa,f)(args)
2116 // soname is libQt5Core.so.4 ; match against libQt5Core.so*
2117 #define QT5_FUNC(ret_ty, f, args...) \
2118 ret_ty I_WRAP_SONAME_FNNAME_ZU(libQt5CoreZdsoZa,f)(args); \
2119 ret_ty I_WRAP_SONAME_FNNAME_ZU(libQt5CoreZdsoZa,f)(args)
2121 //-----------------------------------------------------------
2122 // QMutex::lock()
2125 {
2126 OrigFn fn;
2130 }
2142 }
2143 }
2147 }
2150 }
2152 //-----------------------------------------------------------
2153 // QMutex::unlock()
2156 {
2157 OrigFn fn;
2162 }
2174 }
2175 }
2179 }
2182 }
2184 //-----------------------------------------------------------
2185 // bool QMutex::tryLock()
2186 // using 'long' to mimic C++ 'bool'
2189 {
2190 OrigFn fn;
2195 }
2202 // assumes that only the low 8 bits of the 'bool' are significant
2206 }
2210 }
2213 }
2217 }
2220 }
2222 //-----------------------------------------------------------
2223 // bool QMutex::tryLock(int)
2224 // using 'long' to mimic C++ 'bool'
2227 {
2228 OrigFn fn;
2234 }
2241 // assumes that only the low 8 bits of the 'bool' are significant
2245 }
2249 }
2252 }
2256 }
2259 }
2261 //-----------------------------------------------------------
2262 // It's not really very clear what the args are here. But from
2263 // a bit of dataflow analysis of the generated machine code of
2264 // the original function, it appears this takes two args, and
2265 // returns nothing. Nevertheless preserve return value just in
2266 // case. A bit of debug printing indicates that the first arg
2267 // is that of the mutex and the second is either zero or one,
2268 // probably being the recursion mode, therefore.
2269 // QMutex::QMutex(QMutex::RecursionMode) ("C1ENS" variant)
2272 {
2273 OrigFn fn;
2277 // fprintf(stderr, "QMutex constructor 1: %p <- %p %p\n", ret, arg1, arg2);
2281 }
2285 }
2288 }
2290 //-----------------------------------------------------------
2291 // QMutex::~QMutex() ("D1Ev" variant)
2294 {
2295 OrigFn fn;
2302 }
2306 }
2309 }
2311 //-----------------------------------------------------------
2312 // QMutex::QMutex(QMutex::RecursionMode) ("C2ENS" variant)
2316 {
2318 /*NOTREACHED*/
2319 /* Android's gcc behaves like it doesn't know that assert(0)
2320 never returns. Hence: */
2322 }
2325 {
2327 /*NOTREACHED*/
2329 }
2331 //-----------------------------------------------------------
2332 // QMutex::~QMutex() ("D2Ev" variant)
2334 {
2336 /* Android's gcc behaves like it doesn't know that assert(0)
2337 never returns. Hence: */
2339 }
2342 {
2344 /*NOTREACHED*/
2346 }
2348 // QReadWriteLock is not intercepted directly. See comments
2349 // above.
2351 //// QReadWriteLock::lockForRead()
2352 //// _ZN14QReadWriteLock11lockForReadEv == QReadWriteLock::lockForRead()
2353 //QT4_FUNC(void, ZuZZN14QReadWriteLock11lockForReadEv,
2354 // // _ZN14QReadWriteLock11lockForReadEv
2355 // void* self)
2356 //{
2357 // OrigFn fn;
2358 // VALGRIND_GET_ORIG_FN(fn);
2359 // if (TRACE_QT4_FNS) {
2360 // fprintf(stderr, "<< QReadWriteLock::lockForRead %p", self);
2361 // fflush(stderr);
2362 // }
2363 //
2364 // DO_CREQ_v_WWW(_VG_USERREQ__HG_PTHREAD_RWLOCK_LOCK_PRE,
2365 // void*,self,
2366 // long,0/*!isW*/, long,0/*!isTryLock*/);
2367 //
2368 // CALL_FN_v_W(fn, self);
2369 //
2370 // DO_CREQ_v_WW(_VG_USERREQ__HG_PTHREAD_RWLOCK_LOCK_POST,
2371 // void*,self, long,0/*!isW*/);
2372 //
2373 // if (TRACE_QT4_FNS) {
2374 // fprintf(stderr, " :: Q::lockForRead :: done >>\n");
2375 // }
2376 //}
2377 //
2378 //// QReadWriteLock::lockForWrite()
2379 //// _ZN14QReadWriteLock12lockForWriteEv == QReadWriteLock::lockForWrite()
2380 //QT4_FUNC(void, ZuZZN14QReadWriteLock12lockForWriteEv,
2381 // // _ZN14QReadWriteLock12lockForWriteEv
2382 // void* self)
2383 //{
2384 // OrigFn fn;
2385 // VALGRIND_GET_ORIG_FN(fn);
2386 // if (TRACE_QT4_FNS) {
2387 // fprintf(stderr, "<< QReadWriteLock::lockForWrite %p", self);
2388 // fflush(stderr);
2389 // }
2390 //
2391 // DO_CREQ_v_WWW(_VG_USERREQ__HG_PTHREAD_RWLOCK_LOCK_PRE,
2392 // void*,self,
2393 // long,1/*isW*/, long,0/*!isTryLock*/);
2394 //
2395 // CALL_FN_v_W(fn, self);
2396 //
2397 // DO_CREQ_v_WW(_VG_USERREQ__HG_PTHREAD_RWLOCK_LOCK_POST,
2398 // void*,self, long,1/*isW*/);
2399 //
2400 // if (TRACE_QT4_FNS) {
2401 // fprintf(stderr, " :: Q::lockForWrite :: done >>\n");
2402 // }
2403 //}
2404 //
2405 //// QReadWriteLock::unlock()
2406 //// _ZN14QReadWriteLock6unlockEv == QReadWriteLock::unlock()
2407 //QT4_FUNC(void, ZuZZN14QReadWriteLock6unlockEv,
2408 // // _ZN14QReadWriteLock6unlockEv
2409 // void* self)
2410 //{
2411 // OrigFn fn;
2412 // VALGRIND_GET_ORIG_FN(fn);
2413 // if (TRACE_QT4_FNS) {
2414 // fprintf(stderr, "<< QReadWriteLock::unlock %p", self);
2415 // fflush(stderr);
2416 // }
2417 //
2418 // DO_CREQ_v_W(_VG_USERREQ__HG_PTHREAD_RWLOCK_UNLOCK_PRE,
2419 // void*,self);
2420 //
2421 // CALL_FN_v_W(fn, self);
2422 //
2423 // DO_CREQ_v_W(_VG_USERREQ__HG_PTHREAD_RWLOCK_UNLOCK_POST,
2424 // void*,self);
2425 //
2426 // if (TRACE_QT4_FNS) {
2427 // fprintf(stderr, " :: Q::unlock :: done >>\n");
2428 // }
2429 //}
2432 /*----------------------------------------------------------------*/
2433 /*--- Replacements for basic string functions, that don't ---*/
2434 /*--- overrun the input arrays. ---*/
2435 /*----------------------------------------------------------------*/
2439 /*--------------------------------------------------------------------*/
2440 /*--- end hg_intercepts.c ---*/
2441 /*--------------------------------------------------------------------*/