| blob | f109bf3e1f081d552f6e2ea263eaf3e19f3682ba |
2 /*--------------------------------------------------------------------*/
3 /*--- pthread intercepts for thread checking. ---*/
4 /*--- hg_intercepts.c ---*/
5 /*--------------------------------------------------------------------*/
7 /*
8 This file is part of Helgrind, a Valgrind tool for detecting errors
9 in threaded programs.
11 Copyright (C) 2007-2013 OpenWorks LLP
12 info@open-works.co.uk
14 This program is free software; you can redistribute it and/or
15 modify it under the terms of the GNU General Public License as
16 published by the Free Software Foundation; either version 2 of the
17 License, or (at your option) any later version.
19 This program is distributed in the hope that it will be useful, but
20 WITHOUT ANY WARRANTY; without even the implied warranty of
21 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
22 General Public License for more details.
24 You should have received a copy of the GNU General Public License
25 along with this program; if not, write to the Free Software
26 Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA
27 02111-1307, USA.
29 The GNU General Public License is contained in the file COPYING.
31 Neither the names of the U.S. Department of Energy nor the
32 University of California nor the names of its contributors may be
33 used to endorse or promote products derived from this software
34 without prior written permission.
35 */
37 /* RUNS ON SIMULATED CPU
38 Interceptors for pthread_* functions, so that tc_main can see
39 significant thread events.
41 Important: when adding a function wrapper to this file, remember to
42 add a test case to tc20_verifywrap.c. A common cause of failure is
43 for wrappers to not engage on different distros, and
44 tc20_verifywrap essentially checks that each wrapper is really
45 doing something.
46 */
48 // DDD: for Darwin, need to have non-"@*"-suffixed versions for all pthread
49 // functions that currently have them.
50 // Note also, in the comments and code below, all Darwin symbols start
51 // with a leading underscore, which is not shown either in the comments
52 // nor in the redirect specs.
61 #define TRACE_PTH_FNS 0
62 #define TRACE_QT4_FNS 0
63 #define TRACE_GNAT_FNS 0
66 /*----------------------------------------------------------------*/
67 /*--- ---*/
68 /*----------------------------------------------------------------*/
70 #define PTH_FUNC(ret_ty, f, args...) \
71 ret_ty I_WRAP_SONAME_FNNAME_ZZ(VG_Z_LIBPTHREAD_SONAME,f)(args); \
72 ret_ty I_WRAP_SONAME_FNNAME_ZZ(VG_Z_LIBPTHREAD_SONAME,f)(args)
74 // Do a client request. These are macros rather than a functions so
75 // as to avoid having an extra frame in stack traces.
77 // NB: these duplicate definitions in helgrind.h. But here, we
78 // can have better typing (Word etc) and assertions, whereas
79 // in helgrind.h we can't. Obviously it's important the two
80 // sets of definitions are kept in sync.
82 // nuke the previous definitions
83 #undef DO_CREQ_v_W
84 #undef DO_CREQ_v_WW
85 #undef DO_CREQ_W_WW
86 #undef DO_CREQ_v_WWW
88 #define DO_CREQ_v_W(_creqF, _ty1F,_arg1F) \
89 do { \
90 Word _arg1; \
91 assert(sizeof(_ty1F) == sizeof(Word)); \
92 _arg1 = (Word)(_arg1F); \
93 VALGRIND_DO_CLIENT_REQUEST_STMT((_creqF), \
94 _arg1, 0,0,0,0); \
95 } while (0)
97 #define DO_CREQ_v_WW(_creqF, _ty1F,_arg1F, _ty2F,_arg2F) \
98 do { \
99 Word _arg1, _arg2; \
100 assert(sizeof(_ty1F) == sizeof(Word)); \
101 assert(sizeof(_ty2F) == sizeof(Word)); \
102 _arg1 = (Word)(_arg1F); \
103 _arg2 = (Word)(_arg2F); \
104 VALGRIND_DO_CLIENT_REQUEST_STMT((_creqF), \
105 _arg1,_arg2,0,0,0); \
106 } while (0)
108 #define DO_CREQ_W_WW(_resF, _creqF, _ty1F,_arg1F, \
109 _ty2F,_arg2F) \
110 do { \
111 Word _res, _arg1, _arg2; \
112 assert(sizeof(_ty1F) == sizeof(Word)); \
113 assert(sizeof(_ty2F) == sizeof(Word)); \
114 _arg1 = (Word)(_arg1F); \
115 _arg2 = (Word)(_arg2F); \
116 _res = VALGRIND_DO_CLIENT_REQUEST_EXPR(2, \
117 (_creqF), \
118 _arg1,_arg2,0,0,0); \
119 _resF = _res; \
120 } while (0)
122 #define DO_CREQ_v_WWW(_creqF, _ty1F,_arg1F, \
123 _ty2F,_arg2F, _ty3F, _arg3F) \
124 do { \
125 Word _arg1, _arg2, _arg3; \
126 assert(sizeof(_ty1F) == sizeof(Word)); \
127 assert(sizeof(_ty2F) == sizeof(Word)); \
128 assert(sizeof(_ty3F) == sizeof(Word)); \
129 _arg1 = (Word)(_arg1F); \
130 _arg2 = (Word)(_arg2F); \
131 _arg3 = (Word)(_arg3F); \
132 VALGRIND_DO_CLIENT_REQUEST_STMT((_creqF), \
133 _arg1,_arg2,_arg3,0,0); \
134 } while (0)
137 #define DO_PthAPIerror(_fnnameF, _errF) \
138 do { \
139 const char* _fnname = (_fnnameF); \
140 long _err = (long)(int)(_errF); \
141 const char* _errstr = lame_strerror(_err); \
142 DO_CREQ_v_WWW(_VG_USERREQ__HG_PTH_API_ERROR, \
143 char*,_fnname, \
144 long,_err, char*,_errstr); \
145 } while (0)
148 /* Needed for older glibcs (2.3 and older, at least) who don't
149 otherwise "know" about pthread_rwlock_anything or about
150 PTHREAD_MUTEX_RECURSIVE (amongst things). */
151 #define _GNU_SOURCE 1
153 #include <stdio.h>
154 #include <assert.h>
155 #include <errno.h>
156 #include <pthread.h>
158 /* A standalone memcmp. */
161 {
168 }
170 }
172 /* A lame version of strerror which doesn't use the real libc
173 strerror_r, since using the latter just generates endless more
174 threading errors (glibc goes off and does tons of crap w.r.t.
175 locales etc) */
177 {
201 }
202 }
205 /*----------------------------------------------------------------*/
206 /*--- pthread_create, pthread_join, pthread_exit ---*/
207 /*----------------------------------------------------------------*/
210 {
215 /* Tell the tool what my pthread_t is. */
217 /* allow the parent to proceed. We can't let it proceed until
218 we're ready because (1) we need to make sure it doesn't exit and
219 hence deallocate xargs[] while we still need it, and (2) we
220 don't want either parent nor child to proceed until the tool has
221 been notified of the child's pthread_t.
223 Note that parent and child access args[] without a lock,
224 effectively using args[2] as a spinlock in order to get the
225 parent to wait until the child passes this point. The parent
226 disables checking on xargs[] before creating the child and
227 re-enables it once the child goes past this point, so the user
228 never sees the race. The previous approach (suppressing the
229 resulting error) was flawed, because it could leave shadow
230 memory for args[] in a state in which subsequent use of it by
231 the parent would report further races. */
233 /* Now we can no longer safely use xargs[]. */
235 }
237 //-----------------------------------------------------------
238 // glibc: pthread_create@GLIBC_2.0
239 // glibc: pthread_create@@GLIBC_2.1
240 // glibc: pthread_create@@GLIBC_2.2.5
241 // darwin: pthread_create
242 // darwin: pthread_create_suspended_np (trapped)
243 //
244 /* ensure this has its own frame, so as to make it more distinguishable
245 in suppressions */
249 {
251 OrigFn fn;
257 }
261 /* Disable checking on the spinlock and the two words used to
262 convey args to the child. Basically we need to make it appear
263 as if the child never accessed this area, since merely
264 suppressing the resulting races does not address the issue that
265 that piece of the parent's stack winds up in the "wrong" state
266 and therefore may give rise to mysterious races when the parent
267 comes to re-use this piece of stack in some other frame. */
273 /* we have to wait for the child to notify the tool of its
274 pthread_t before continuing */
276 /* Do nothing. We need to spin until the child writes to
277 xargs[2]. However, that can lead to starvation in the
278 child and very long delays (eg, tc19_shadowmem on
279 ppc64-linux Fedora Core 6). So yield the cpu if we can,
280 to let the child run at the earliest available
281 opportunity. */
283 }
286 }
288 /* Reenable checking on the area previously used to communicate
289 with the child. */
294 }
296 }
297 #if defined(VGO_linux)
302 }
303 #elif defined(VGO_darwin)
308 }
312 // trap anything else
314 }
315 #else
317 #endif
320 //-----------------------------------------------------------
321 // glibc: pthread_join
322 // darwin: pthread_join
323 // darwin: pthread_join$NOCANCEL$UNIX2003
324 // darwin pthread_join$UNIX2003
327 {
329 OrigFn fn;
333 }
337 /* At least with NPTL as the thread library, this is safe because
338 it is guaranteed (by NPTL) that the joiner will completely gone
339 before pthread_join (the original) returns. See email below.*/
344 }
348 }
350 }
351 #if defined(VGO_linux)
355 }
356 #elif defined(VGO_darwin)
360 }
361 #else
363 #endif
366 /* Behaviour of pthread_join on NPTL:
368 Me:
369 I have a question re the NPTL pthread_join implementation.
371 Suppose I am the thread 'stayer'.
373 If I call pthread_join(quitter), is it guaranteed that the
374 thread 'quitter' has really exited before pthread_join returns?
376 IOW, is it guaranteed that 'quitter' will not execute any further
377 instructions after pthread_join returns?
379 I believe this is true based on the following analysis of
380 glibc-2.5 sources. However am not 100% sure and would appreciate
381 confirmation.
383 'quitter' will be running start_thread() in nptl/pthread_create.c
385 The last action of start_thread() is to exit via
386 __exit_thread_inline(0), which simply does sys_exit
387 (nptl/pthread_create.c:403)
389 'stayer' meanwhile is waiting for lll_wait_tid (pd->tid)
390 (call at nptl/pthread_join.c:89)
392 As per comment at nptl/sysdeps/unix/sysv/linux/i386/lowlevellock.h:536,
393 lll_wait_tid will not return until kernel notifies via futex
394 wakeup that 'quitter' has terminated.
396 Hence pthread_join cannot return until 'quitter' really has
397 completely disappeared.
399 Drepper:
400 > As per comment at nptl/sysdeps/unix/sysv/linux/i386/lowlevellock.h:536,
401 > lll_wait_tid will not return until kernel notifies via futex
402 > wakeup that 'quitter' has terminated.
403 That's the key. The kernel resets the TID field after the thread is
404 done. No way the joiner can return before the thread is gone.
405 */
407 //-----------------------------------------------------------
408 // Ada gcc gnat runtime:
409 // The gnat gcc Ada runtime does not use pthread_join. Instead, it uses
410 // a combination of other pthread primitives to ensure a child thread
411 // is gone. This combination is somewhat functionally equivalent to a
412 // pthread_join.
413 // We wrap two hook procedures called by the gnat gcc Ada runtime
414 // that allows helgrind to understand the semantic of Ada task dependencies
415 // and termination.
417 // System.Tasking.Debug.Master_Hook is called by a task Dependent to
418 // indicate that its master is identified by master+master_level.
419 void I_WRAP_SONAME_FNNAME_ZU
421 system__tasking__debug__master_hook)
423 void I_WRAP_SONAME_FNNAME_ZU
425 system__tasking__debug__master_hook)
427 {
428 OrigFn fn;
434 }
436 // We call the wrapped function, even if it is a null body.
445 }
446 }
448 // System.Tasking.Debug.Master_Completed_Hook is called by a task to
449 // indicate that it has completed a master.
450 // This indicates that all its Dependent tasks (that identified themselves
451 // with the Master_Hook call) are terminated. Helgrind can consider
452 // at this point that the equivalent of a 'pthread_join' has been done
453 // between self_id and all dependent tasks at master_level.
454 void I_WRAP_SONAME_FNNAME_ZU
456 system__tasking__debug__master_completed_hook)
458 void I_WRAP_SONAME_FNNAME_ZU
460 system__tasking__debug__master_completed_hook)
462 {
463 OrigFn fn;
469 }
471 // We call the wrapped function, even if it is a null body.
479 }
480 }
482 /*----------------------------------------------------------------*/
483 /*--- pthread_mutex_t functions ---*/
484 /*----------------------------------------------------------------*/
486 /* Handled: pthread_mutex_init pthread_mutex_destroy
487 pthread_mutex_lock
488 pthread_mutex_trylock pthread_mutex_timedlock
489 pthread_mutex_unlock
490 */
492 //-----------------------------------------------------------
493 // glibc: pthread_mutex_init
494 // darwin: pthread_mutex_init
498 {
501 OrigFn fn;
505 }
513 }
522 }
526 }
528 }
531 //-----------------------------------------------------------
532 // glibc: pthread_mutex_destroy
533 // darwin: pthread_mutex_destroy
536 {
539 OrigFn fn;
544 }
551 }
560 }
564 }
566 }
569 //-----------------------------------------------------------
570 // glibc: pthread_mutex_lock
571 // darwin: pthread_mutex_lock
574 {
576 OrigFn fn;
580 }
587 /* There's a hole here: libpthread now knows the lock is locked,
588 but the tool doesn't, so some other thread could run and detect
589 that the lock has been acquired by someone (this thread). Does
590 this matter? Not sure, but I don't think so. */
597 }
601 }
603 }
606 //-----------------------------------------------------------
607 // glibc: pthread_mutex_trylock
608 // darwin: pthread_mutex_trylock
609 //
610 // pthread_mutex_trylock. The handling needed here is very similar
611 // to that for pthread_mutex_lock, except that we need to tell
612 // the pre-lock creq that this is a trylock-style operation, and
613 // therefore not to complain if the lock is nonrecursive and
614 // already locked by this thread -- because then it'll just fail
615 // immediately with EBUSY.
618 {
620 OrigFn fn;
624 }
631 /* There's a hole here: libpthread now knows the lock is locked,
632 but the tool doesn't, so some other thread could run and detect
633 that the lock has been acquired by someone (this thread). Does
634 this matter? Not sure, but I don't think so. */
642 }
646 }
648 }
651 //-----------------------------------------------------------
652 // glibc: pthread_mutex_timedlock
653 // darwin: (doesn't appear to exist)
654 //
655 // pthread_mutex_timedlock. Identical logic to pthread_mutex_trylock.
659 {
661 OrigFn fn;
666 }
673 /* There's a hole here: libpthread now knows the lock is locked,
674 but the tool doesn't, so some other thread could run and detect
675 that the lock has been acquired by someone (this thread). Does
676 this matter? Not sure, but I don't think so. */
684 }
688 }
690 }
693 //-----------------------------------------------------------
694 // glibc: pthread_mutex_unlock
695 // darwin: pthread_mutex_unlock
698 {
700 OrigFn fn;
705 }
717 }
721 }
723 }
726 /*----------------------------------------------------------------*/
727 /*--- pthread_cond_t functions ---*/
728 /*----------------------------------------------------------------*/
730 /* Handled: pthread_cond_wait pthread_cond_timedwait
731 pthread_cond_signal pthread_cond_broadcast
732 pthread_cond_init
733 pthread_cond_destroy
734 */
736 //-----------------------------------------------------------
737 // glibc: pthread_cond_wait@GLIBC_2.2.5
738 // glibc: pthread_cond_wait@@GLIBC_2.3.2
739 // darwin: pthread_cond_wait
740 // darwin: pthread_cond_wait$NOCANCEL$UNIX2003
741 // darwin: pthread_cond_wait$UNIX2003
742 //
746 {
748 OrigFn fn;
756 }
758 /* Tell the tool a cond-wait is about to happen, so it can check
759 for bogus argument values. In return it tells us whether it
760 thinks the mutex is valid or not. */
762 _VG_USERREQ__HG_PTHREAD_COND_WAIT_PRE,
766 /* Tell the tool we're about to drop the mutex. This reflects the
767 fact that in a cond_wait, we show up holding the mutex, and the
768 call atomically drops the mutex and waits for the cv to be
769 signalled. */
773 }
777 /* these conditionals look stupid, but compare w/ same logic for
778 pthread_cond_timedwait below */
780 /* and now we have the mutex again */
783 }
788 }
792 }
796 }
799 }
800 #if defined(VGO_linux)
804 }
805 #elif defined(VGO_darwin)
809 }
810 #else
812 #endif
815 //-----------------------------------------------------------
816 // glibc: pthread_cond_timedwait@@GLIBC_2.3.2
817 // glibc: pthread_cond_timedwait@GLIBC_2.2.5
818 // glibc: pthread_cond_timedwait@GLIBC_2.0
819 // darwin: pthread_cond_timedwait
820 // darwin: pthread_cond_timedwait$NOCANCEL$UNIX2003
821 // darwin: pthread_cond_timedwait$UNIX2003
822 // darwin: pthread_cond_timedwait_relative_np (trapped)
823 //
828 {
830 OrigFn fn;
832 Bool abstime_is_valid;
839 }
841 /* Tell the tool a cond-wait is about to happen, so it can check
842 for bogus argument values. In return it tells us whether it
843 thinks the mutex is valid or not. */
845 _VG_USERREQ__HG_PTHREAD_COND_WAIT_PRE,
851 /* Tell the tool we're about to drop the mutex. This reflects the
852 fact that in a cond_wait, we show up holding the mutex, and the
853 call atomically drops the mutex and waits for the cv to be
854 signalled. */
858 }
864 "invalid abstime did not cause"
866 }
869 /* and now we have the mutex again */
872 }
878 }
882 }
886 }
889 }
890 #if defined(VGO_linux)
895 }
896 #elif defined(VGO_darwin)
901 }
906 }
911 }
912 #else
914 #endif
917 //-----------------------------------------------------------
918 // glibc: pthread_cond_signal@GLIBC_2.0
919 // glibc: pthread_cond_signal@GLIBC_2.2.5
920 // glibc: pthread_cond_signal@@GLIBC_2.3.2
921 // darwin: pthread_cond_signal
922 // darwin: pthread_cond_signal_thread_np (don't intercept this)
923 //
926 {
928 OrigFn fn;
934 }
943 }
947 }
950 }
951 #if defined(VGO_linux)
955 }
956 #elif defined(VGO_darwin)
960 }
961 #else
963 #endif
966 //-----------------------------------------------------------
967 // glibc: pthread_cond_broadcast@GLIBC_2.0
968 // glibc: pthread_cond_broadcast@GLIBC_2.2.5
969 // glibc: pthread_cond_broadcast@@GLIBC_2.3.2
970 // darwin: pthread_cond_broadcast
971 //
972 // Note, this is pretty much identical, from a dependency-graph
973 // point of view, with cond_signal, so the code is duplicated.
974 // Maybe it should be commoned up.
975 //
978 {
980 OrigFn fn;
986 }
995 }
999 }
1002 }
1003 #if defined(VGO_linux)
1007 }
1008 #elif defined(VGO_darwin)
1012 }
1013 #else
1015 #endif
1017 // glibc: pthread_cond_init@GLIBC_2.0
1018 // glibc: pthread_cond_init@GLIBC_2.2.5
1019 // glibc: pthread_cond_init@@GLIBC_2.3.2
1020 // darwin: pthread_cond_init
1021 // Easy way out: Handling of attr could have been messier.
1022 // It turns out that pthread_cond_init under linux ignores
1023 // all information in cond_attr, so do we.
1024 // FIXME: MacOS X?
1027 {
1029 OrigFn fn;
1035 }
1044 }
1048 }
1051 }
1052 #if defined(VGO_linux)
1056 }
1057 #elif defined(VGO_darwin)
1061 }
1062 #else
1064 #endif
1067 //-----------------------------------------------------------
1068 // glibc: pthread_cond_destroy@@GLIBC_2.3.2
1069 // glibc: pthread_cond_destroy@GLIBC_2.2.5
1070 // glibc: pthread_cond_destroy@GLIBC_2.0
1071 // darwin: pthread_cond_destroy
1072 //
1075 {
1078 OrigFn fn;
1085 }
1092 }
1101 }
1105 }
1108 }
1109 #if defined(VGO_linux)
1113 }
1114 #elif defined(VGO_darwin)
1118 }
1119 #else
1121 #endif
1124 /*----------------------------------------------------------------*/
1125 /*--- pthread_barrier_t functions ---*/
1126 /*----------------------------------------------------------------*/
1128 #if defined(HAVE_PTHREAD_BARRIER_INIT)
1130 /* Handled: pthread_barrier_init
1131 pthread_barrier_wait
1132 pthread_barrier_destroy
1134 Unhandled: pthread_barrierattr_destroy
1135 pthread_barrierattr_getpshared
1136 pthread_barrierattr_init
1137 pthread_barrierattr_setpshared
1138 -- are these important?
1139 */
1141 //-----------------------------------------------------------
1142 // glibc: pthread_barrier_init
1143 // darwin: (doesn't appear to exist)
1147 {
1149 OrigFn fn;
1156 }
1167 }
1171 }
1174 }
1177 //-----------------------------------------------------------
1178 // glibc: pthread_barrier_wait
1179 // darwin: (doesn't appear to exist)
1182 {
1184 OrigFn fn;
1190 }
1192 /* That this works correctly, and doesn't screw up when a thread
1193 leaving the barrier races round to the front and re-enters while
1194 other threads are still leaving it, is quite subtle. See
1195 comments in the handler for PTHREAD_BARRIER_WAIT_PRE in
1196 hg_main.c. */
1204 }
1208 }
1211 }
1214 //-----------------------------------------------------------
1215 // glibc: pthread_barrier_destroy
1216 // darwin: (doesn't appear to exist)
1219 {
1221 OrigFn fn;
1227 }
1236 }
1240 }
1243 }
1248 /*----------------------------------------------------------------*/
1249 /*--- pthread_spinlock_t functions ---*/
1250 /*----------------------------------------------------------------*/
1252 #if defined(HAVE_PTHREAD_SPIN_LOCK) \
1253 && !defined(DISABLE_PTHREAD_SPINLOCK_INTERCEPT)
1255 /* Handled: pthread_spin_init pthread_spin_destroy
1256 pthread_spin_lock pthread_spin_trylock
1257 pthread_spin_unlock
1259 Unhandled:
1260 */
1262 /* This is a nasty kludge, in that glibc "knows" that initialising a
1263 spin lock unlocks it, and pthread_spin_{init,unlock} are names for
1264 the same function. Hence we have to have a wrapper which does both
1265 things, without knowing which the user intended to happen. */
1267 //-----------------------------------------------------------
1268 // glibc: pthread_spin_init
1269 // glibc: pthread_spin_unlock
1270 // darwin: (doesn't appear to exist)
1275 OrigFn fn;
1279 }
1291 }
1295 }
1297 }
1298 #if defined(VGO_linux)
1302 }
1305 /* this is never actually called */
1307 }
1308 #elif defined(VGO_darwin)
1309 #else
1311 #endif
1314 //-----------------------------------------------------------
1315 // glibc: pthread_spin_destroy
1316 // darwin: (doesn't appear to exist)
1317 #if defined(VGO_linux)
1321 {
1323 OrigFn fn;
1328 }
1337 }
1341 }
1343 }
1345 #elif defined(VGO_darwin)
1346 #else
1348 #endif
1351 //-----------------------------------------------------------
1352 // glibc: pthread_spin_lock
1353 // darwin: (doesn't appear to exist)
1354 #if defined(VGO_linux)
1358 {
1360 OrigFn fn;
1365 }
1372 /* There's a hole here: libpthread now knows the lock is locked,
1373 but the tool doesn't, so some other thread could run and detect
1374 that the lock has been acquired by someone (this thread). Does
1375 this matter? Not sure, but I don't think so. */
1382 }
1386 }
1388 }
1390 #elif defined(VGO_darwin)
1391 #else
1393 #endif
1396 //-----------------------------------------------------------
1397 // glibc: pthread_spin_trylock
1398 // darwin: (doesn't appear to exist)
1399 #if defined(VGO_linux)
1403 {
1405 OrigFn fn;
1410 }
1417 /* There's a hole here: libpthread now knows the lock is locked,
1418 but the tool doesn't, so some other thread could run and detect
1419 that the lock has been acquired by someone (this thread). Does
1420 this matter? Not sure, but I don't think so. */
1428 }
1432 }
1434 }
1436 #elif defined(VGO_darwin)
1437 #else
1439 #endif
1444 /*----------------------------------------------------------------*/
1445 /*--- pthread_rwlock_t functions ---*/
1446 /*----------------------------------------------------------------*/
1448 /* Android's pthread.h doesn't say anything about rwlocks, hence these
1449 functions have to be conditionally compiled. */
1450 #if defined(HAVE_PTHREAD_RWLOCK_T)
1452 /* Handled: pthread_rwlock_init pthread_rwlock_destroy
1453 pthread_rwlock_rdlock
1454 pthread_rwlock_wrlock
1455 pthread_rwlock_unlock
1457 Unhandled: pthread_rwlock_timedrdlock
1458 pthread_rwlock_tryrdlock
1460 pthread_rwlock_timedwrlock
1461 pthread_rwlock_trywrlock
1462 */
1464 //-----------------------------------------------------------
1465 // glibc: pthread_rwlock_init
1466 // darwin: pthread_rwlock_init
1467 // darwin: pthread_rwlock_init$UNIX2003
1471 {
1473 OrigFn fn;
1477 }
1486 }
1490 }
1492 }
1493 #if defined(VGO_linux)
1498 }
1499 #elif defined(VGO_darwin)
1504 }
1505 #else
1507 #endif
1510 //-----------------------------------------------------------
1511 // glibc: pthread_rwlock_destroy
1512 // darwin: pthread_rwlock_destroy
1513 // darwin: pthread_rwlock_destroy$UNIX2003
1514 //
1517 {
1519 OrigFn fn;
1523 }
1532 }
1536 }
1538 }
1539 #if defined(VGO_linux)
1543 }
1544 #elif defined(VGO_darwin)
1548 }
1549 #else
1551 #endif
1554 //-----------------------------------------------------------
1555 // glibc: pthread_rwlock_wrlock
1556 // darwin: pthread_rwlock_wrlock
1557 // darwin: pthread_rwlock_wrlock$UNIX2003
1558 //
1561 {
1563 OrigFn fn;
1567 }
1580 }
1584 }
1586 }
1587 #if defined(VGO_linux)
1591 }
1592 #elif defined(VGO_darwin)
1596 }
1597 #else
1599 #endif
1602 //-----------------------------------------------------------
1603 // glibc: pthread_rwlock_rdlock
1604 // darwin: pthread_rwlock_rdlock
1605 // darwin: pthread_rwlock_rdlock$UNIX2003
1606 //
1609 {
1611 OrigFn fn;
1615 }
1628 }
1632 }
1634 }
1635 #if defined(VGO_linux)
1639 }
1640 #elif defined(VGO_darwin)
1644 }
1645 #else
1647 #endif
1650 //-----------------------------------------------------------
1651 // glibc: pthread_rwlock_trywrlock
1652 // darwin: pthread_rwlock_trywrlock
1653 // darwin: pthread_rwlock_trywrlock$UNIX2003
1654 //
1657 {
1659 OrigFn fn;
1663 }
1671 /* There's a hole here: libpthread now knows the lock is locked,
1672 but the tool doesn't, so some other thread could run and detect
1673 that the lock has been acquired by someone (this thread). Does
1674 this matter? Not sure, but I don't think so. */
1682 }
1686 }
1688 }
1689 #if defined(VGO_linux)
1693 }
1694 #elif defined(VGO_darwin)
1698 }
1699 #else
1701 #endif
1704 //-----------------------------------------------------------
1705 // glibc: pthread_rwlock_tryrdlock
1706 // darwin: pthread_rwlock_trywrlock
1707 // darwin: pthread_rwlock_trywrlock$UNIX2003
1708 //
1711 {
1713 OrigFn fn;
1717 }
1725 /* There's a hole here: libpthread now knows the lock is locked,
1726 but the tool doesn't, so some other thread could run and detect
1727 that the lock has been acquired by someone (this thread). Does
1728 this matter? Not sure, but I don't think so. */
1736 }
1740 }
1742 }
1743 #if defined(VGO_linux)
1747 }
1748 #elif defined(VGO_darwin)
1752 }
1753 #else
1755 #endif
1758 //-----------------------------------------------------------
1759 // glibc: pthread_rwlock_unlock
1760 // darwin: pthread_rwlock_unlock
1761 // darwin: pthread_rwlock_unlock$UNIX2003
1764 {
1766 OrigFn fn;
1770 }
1782 }
1786 }
1788 }
1789 #if defined(VGO_linux)
1793 }
1794 #elif defined(VGO_darwin)
1798 }
1799 #else
1801 #endif
1806 /*----------------------------------------------------------------*/
1807 /*--- POSIX semaphores ---*/
1808 /*----------------------------------------------------------------*/
1810 #include <semaphore.h>
1813 #define TRACE_SEM_FNS 0
1815 /* Handled:
1816 int sem_init(sem_t *sem, int pshared, unsigned value);
1817 int sem_destroy(sem_t *sem);
1818 int sem_wait(sem_t *sem);
1819 int sem_post(sem_t *sem);
1820 sem_t* sem_open(const char *name, int oflag,
1821 ... [mode_t mode, unsigned value]);
1822 [complete with its idiotic semantics]
1823 int sem_close(sem_t* sem);
1825 Unhandled:
1826 int sem_trywait(sem_t *sem);
1827 int sem_timedwait(sem_t *restrict sem,
1828 const struct timespec *restrict abs_timeout);
1829 */
1831 //-----------------------------------------------------------
1832 // glibc: sem_init@@GLIBC_2.2.5
1833 // glibc: sem_init@@GLIBC_2.1
1834 // glibc: sem_init@GLIBC_2.0
1835 // darwin: sem_init
1836 //
1839 {
1840 OrigFn fn;
1847 }
1856 }
1861 }
1864 }
1865 #if defined(VGO_linux)
1869 }
1870 #elif defined(VGO_darwin)
1874 }
1875 #else
1877 #endif
1880 //-----------------------------------------------------------
1881 // glibc: sem_destroy@GLIBC_2.0
1882 // glibc: sem_destroy@@GLIBC_2.1
1883 // glibc: sem_destroy@@GLIBC_2.2.5
1884 // darwin: sem_destroy
1887 {
1888 OrigFn fn;
1895 }
1903 }
1908 }
1911 }
1912 #if defined(VGO_linux)
1916 }
1917 #elif defined(VGO_darwin)
1921 }
1922 #else
1924 #endif
1927 //-----------------------------------------------------------
1928 // glibc: sem_wait
1929 // glibc: sem_wait@GLIBC_2.0
1930 // glibc: sem_wait@@GLIBC_2.1
1931 // darwin: sem_wait
1932 // darwin: sem_wait$NOCANCEL$UNIX2003
1933 // darwin: sem_wait$UNIX2003
1934 //
1935 /* wait: decrement semaphore - acquire lockage */
1938 {
1939 OrigFn fn;
1946 }
1954 }
1959 }
1962 }
1963 #if defined(VGO_linux)
1966 }
1969 }
1970 #elif defined(VGO_darwin)
1973 }
1976 }
1977 #else
1979 #endif
1982 //-----------------------------------------------------------
1983 // glibc: sem_post
1984 // glibc: sem_post@GLIBC_2.0
1985 // glibc: sem_post@@GLIBC_2.1
1986 // darwin: sem_post
1987 //
1988 /* post: increment semaphore - release lockage */
1991 {
1992 OrigFn fn;
2000 }
2008 }
2013 }
2016 }
2017 #if defined(VGO_linux)
2020 }
2023 }
2024 #elif defined(VGO_darwin)
2027 }
2028 #else
2030 #endif
2033 //-----------------------------------------------------------
2034 // glibc: sem_open
2035 // darwin: sem_open
2036 //
2040 {
2041 /* A copy of sem_init_WRK (more or less). Is this correct? */
2042 OrigFn fn;
2050 }
2057 }
2060 }
2065 }
2068 }
2071 //-----------------------------------------------------------
2072 // glibc: sem_close
2073 // darwin: sem_close
2075 {
2076 OrigFn fn;
2083 }
2091 }
2096 }
2099 }
2102 /*----------------------------------------------------------------*/
2103 /*--- Qt 4 threading functions (w/ GNU name mangling) ---*/
2104 /*----------------------------------------------------------------*/
2106 /* Handled:
2107 QMutex::lock()
2108 QMutex::unlock()
2109 QMutex::tryLock()
2110 QMutex::tryLock(int)
2112 QMutex::QMutex(QMutex::RecursionMode) _ZN6QMutexC1ENS_13RecursionModeE
2113 QMutex::QMutex(QMutex::RecursionMode) _ZN6QMutexC2ENS_13RecursionModeE
2114 QMutex::~QMutex() _ZN6QMutexD1Ev
2115 QMutex::~QMutex() _ZN6QMutexD2Ev
2117 Unhandled:
2118 QReadWriteLock::lockForRead()
2119 QReadWriteLock::lockForWrite()
2120 QReadWriteLock::unlock()
2121 QReadWriteLock::tryLockForRead(int)
2122 QReadWriteLock::tryLockForRead()
2123 QReadWriteLock::tryLockForWrite(int)
2124 QReadWriteLock::tryLockForWrite()
2126 QWaitCondition::wait(QMutex*, unsigned long)
2127 QWaitCondition::wakeAll()
2128 QWaitCondition::wakeOne()
2130 QSemaphore::*
2131 */
2132 /* More comments, 19 Nov 08, based on assessment of qt-4.5.0TP1,
2133 at least on Unix:
2135 It's apparently only necessary to intercept QMutex, since that is
2136 not implemented using pthread_mutex_t; instead Qt4 has its own
2137 implementation based on atomics (to check the non-contended case)
2138 and pthread_cond_wait (to wait in the contended case).
2140 QReadWriteLock is built on top of QMutex, counters, and a wait
2141 queue. So we don't need to handle it specially once QMutex
2142 handling is correct -- presumably the dependencies through QMutex
2143 are sufficient to avoid any false race reports. On the other hand,
2144 it is an open question whether too many dependencies are observed
2145 -- in which case we may miss races (false negatives). I suspect
2146 this is likely to be the case, unfortunately.
2148 QWaitCondition is built on pthread_cond_t, pthread_mutex_t, QMutex
2149 and QReadWriteLock. Same compositional-correctness justificiation
2150 and limitations as fro QReadWriteLock.
2152 Ditto QSemaphore (from cursory examination).
2154 Does it matter that only QMutex is handled directly? Open
2155 question. From testing with drd/tests/qt4_* and with KDE4 apps, it
2156 appears that no false errors are reported; however it is not clear
2157 if this is causing false negatives.
2159 Another problem with Qt4 is thread exiting. Threads are created
2160 with pthread_create (fine); but they detach and simply exit when
2161 done. There is no use of pthread_join, and the provided
2162 wait-for-a-thread-to-exit mechanism (QThread::wait, I believe)
2163 relies on a system of mutexes and flags. I suspect this also
2164 causes too many dependencies to appear. Consequently H sometimes
2165 fails to detect races at exit in some very short-lived racy
2166 programs, because it appears that a thread can exit _and_ have an
2167 observed dependency edge back to the main thread (presumably)
2168 before the main thread reaps the child (that is, calls
2169 QThread::wait).
2171 This theory is supported by the observation that if all threads are
2172 made to wait at a pthread_barrier_t immediately before they exit,
2173 then H's detection of races in such programs becomes reliable;
2174 without the barrier, it is varies from run to run, depending
2175 (according to investigation) on whether aforementioned
2176 exit-before-reaping behaviour happens or not.
2178 Finally, why is it necessary to intercept the QMutex constructors
2179 and destructors? The constructors are intercepted only as a matter
2180 of convenience, so H can print accurate "first observed at"
2181 clauses. However, it is actually necessary to intercept the
2182 destructors (as it is with pthread_mutex_destroy) in order that
2183 locks get removed from LAOG when they are destroyed.
2184 */
2186 // soname is libQtCore.so.4 ; match against libQtCore.so*
2187 #define QT4_FUNC(ret_ty, f, args...) \
2188 ret_ty I_WRAP_SONAME_FNNAME_ZU(libQtCoreZdsoZa,f)(args); \
2189 ret_ty I_WRAP_SONAME_FNNAME_ZU(libQtCoreZdsoZa,f)(args)
2191 // soname is libQt5Core.so.4 ; match against libQt5Core.so*
2192 #define QT5_FUNC(ret_ty, f, args...) \
2193 ret_ty I_WRAP_SONAME_FNNAME_ZU(libQt5CoreZdsoZa,f)(args); \
2194 ret_ty I_WRAP_SONAME_FNNAME_ZU(libQt5CoreZdsoZa,f)(args)
2196 //-----------------------------------------------------------
2197 // QMutex::lock()
2200 {
2201 OrigFn fn;
2205 }
2217 }
2218 }
2222 }
2225 }
2227 //-----------------------------------------------------------
2228 // QMutex::unlock()
2231 {
2232 OrigFn fn;
2237 }
2249 }
2250 }
2254 }
2257 }
2259 //-----------------------------------------------------------
2260 // bool QMutex::tryLock()
2261 // using 'long' to mimic C++ 'bool'
2264 {
2265 OrigFn fn;
2270 }
2277 // assumes that only the low 8 bits of the 'bool' are significant
2281 }
2285 }
2288 }
2292 }
2295 }
2297 //-----------------------------------------------------------
2298 // bool QMutex::tryLock(int)
2299 // using 'long' to mimic C++ 'bool'
2302 {
2303 OrigFn fn;
2309 }
2316 // assumes that only the low 8 bits of the 'bool' are significant
2320 }
2324 }
2327 }
2331 }
2334 }
2336 //-----------------------------------------------------------
2337 // It's not really very clear what the args are here. But from
2338 // a bit of dataflow analysis of the generated machine code of
2339 // the original function, it appears this takes two args, and
2340 // returns nothing. Nevertheless preserve return value just in
2341 // case. A bit of debug printing indicates that the first arg
2342 // is that of the mutex and the second is either zero or one,
2343 // probably being the recursion mode, therefore.
2344 // QMutex::QMutex(QMutex::RecursionMode) ("C1ENS" variant)
2347 {
2348 OrigFn fn;
2352 // fprintf(stderr, "QMutex constructor 1: %p <- %p %p\n", ret, arg1, arg2);
2356 }
2360 }
2363 }
2365 //-----------------------------------------------------------
2366 // QMutex::~QMutex() ("D1Ev" variant)
2369 {
2370 OrigFn fn;
2377 }
2381 }
2384 }
2386 //-----------------------------------------------------------
2387 // QMutex::QMutex(QMutex::RecursionMode) ("C2ENS" variant)
2391 {
2393 /*NOTREACHED*/
2394 /* Android's gcc behaves like it doesn't know that assert(0)
2395 never returns. Hence: */
2397 }
2400 {
2402 /*NOTREACHED*/
2404 }
2406 //-----------------------------------------------------------
2407 // QMutex::~QMutex() ("D2Ev" variant)
2409 {
2411 /* Android's gcc behaves like it doesn't know that assert(0)
2412 never returns. Hence: */
2414 }
2417 {
2419 /*NOTREACHED*/
2421 }
2423 // QReadWriteLock is not intercepted directly. See comments
2424 // above.
2426 //// QReadWriteLock::lockForRead()
2427 //// _ZN14QReadWriteLock11lockForReadEv == QReadWriteLock::lockForRead()
2428 //QT4_FUNC(void, ZuZZN14QReadWriteLock11lockForReadEv,
2429 // // _ZN14QReadWriteLock11lockForReadEv
2430 // void* self)
2431 //{
2432 // OrigFn fn;
2433 // VALGRIND_GET_ORIG_FN(fn);
2434 // if (TRACE_QT4_FNS) {
2435 // fprintf(stderr, "<< QReadWriteLock::lockForRead %p", self);
2436 // fflush(stderr);
2437 // }
2438 //
2439 // DO_CREQ_v_WWW(_VG_USERREQ__HG_PTHREAD_RWLOCK_LOCK_PRE,
2440 // void*,self,
2441 // long,0/*!isW*/, long,0/*!isTryLock*/);
2442 //
2443 // CALL_FN_v_W(fn, self);
2444 //
2445 // DO_CREQ_v_WW(_VG_USERREQ__HG_PTHREAD_RWLOCK_LOCK_POST,
2446 // void*,self, long,0/*!isW*/);
2447 //
2448 // if (TRACE_QT4_FNS) {
2449 // fprintf(stderr, " :: Q::lockForRead :: done >>\n");
2450 // }
2451 //}
2452 //
2453 //// QReadWriteLock::lockForWrite()
2454 //// _ZN14QReadWriteLock12lockForWriteEv == QReadWriteLock::lockForWrite()
2455 //QT4_FUNC(void, ZuZZN14QReadWriteLock12lockForWriteEv,
2456 // // _ZN14QReadWriteLock12lockForWriteEv
2457 // void* self)
2458 //{
2459 // OrigFn fn;
2460 // VALGRIND_GET_ORIG_FN(fn);
2461 // if (TRACE_QT4_FNS) {
2462 // fprintf(stderr, "<< QReadWriteLock::lockForWrite %p", self);
2463 // fflush(stderr);
2464 // }
2465 //
2466 // DO_CREQ_v_WWW(_VG_USERREQ__HG_PTHREAD_RWLOCK_LOCK_PRE,
2467 // void*,self,
2468 // long,1/*isW*/, long,0/*!isTryLock*/);
2469 //
2470 // CALL_FN_v_W(fn, self);
2471 //
2472 // DO_CREQ_v_WW(_VG_USERREQ__HG_PTHREAD_RWLOCK_LOCK_POST,
2473 // void*,self, long,1/*isW*/);
2474 //
2475 // if (TRACE_QT4_FNS) {
2476 // fprintf(stderr, " :: Q::lockForWrite :: done >>\n");
2477 // }
2478 //}
2479 //
2480 //// QReadWriteLock::unlock()
2481 //// _ZN14QReadWriteLock6unlockEv == QReadWriteLock::unlock()
2482 //QT4_FUNC(void, ZuZZN14QReadWriteLock6unlockEv,
2483 // // _ZN14QReadWriteLock6unlockEv
2484 // void* self)
2485 //{
2486 // OrigFn fn;
2487 // VALGRIND_GET_ORIG_FN(fn);
2488 // if (TRACE_QT4_FNS) {
2489 // fprintf(stderr, "<< QReadWriteLock::unlock %p", self);
2490 // fflush(stderr);
2491 // }
2492 //
2493 // DO_CREQ_v_W(_VG_USERREQ__HG_PTHREAD_RWLOCK_UNLOCK_PRE,
2494 // void*,self);
2495 //
2496 // CALL_FN_v_W(fn, self);
2497 //
2498 // DO_CREQ_v_W(_VG_USERREQ__HG_PTHREAD_RWLOCK_UNLOCK_POST,
2499 // void*,self);
2500 //
2501 // if (TRACE_QT4_FNS) {
2502 // fprintf(stderr, " :: Q::unlock :: done >>\n");
2503 // }
2504 //}
2507 /*----------------------------------------------------------------*/
2508 /*--- Replacements for basic string functions, that don't ---*/
2509 /*--- overrun the input arrays. ---*/
2510 /*----------------------------------------------------------------*/
2514 /*--------------------------------------------------------------------*/
2515 /*--- end hg_intercepts.c ---*/
2516 /*--------------------------------------------------------------------*/