From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mail-wm1-x333.google.com (mail-wm1-x333.google.com [IPv6:2a00:1450:4864:20::333]) by sourceware.org (Postfix) with ESMTPS id E0E6E3858D20 for ; Tue, 9 Apr 2024 17:50:51 +0000 (GMT) DMARC-Filter: OpenDMARC Filter v1.4.2 sourceware.org E0E6E3858D20 Authentication-Results: sourceware.org; dmarc=pass (p=reject dis=none) header.from=google.com Authentication-Results: sourceware.org; spf=pass smtp.mailfrom=google.com ARC-Filter: OpenARC Filter v1.0.0 sourceware.org E0E6E3858D20 Authentication-Results: server2.sourceware.org; arc=none smtp.remote-ip=2a00:1450:4864:20::333 ARC-Seal: i=1; a=rsa-sha256; d=sourceware.org; s=key; t=1712685057; cv=none; b=t+o60OFTVN6x+pFmCWN24iCzPxmrlnjwbLdqJyTwf01xYz5J8F17+spJjQGZqHwKapGsJzztvFnW9kWHzPXn0sC7BsxYy5+mtwStUvuRdvGQUOhGhd9oOmC7McsYdAs53TLVVubAj9A9jVDYXEbBr3KzUh2K9otgqImZGD1JnR4= ARC-Message-Signature: i=1; a=rsa-sha256; d=sourceware.org; s=key; t=1712685057; c=relaxed/simple; bh=MjfzqK01KszsWrWd1T0AxpYzxfNT8thF2SOzc2ipW/I=; h=DKIM-Signature:MIME-Version:From:Date:Message-ID:Subject:To; b=JLO4BnkMOYYHroJgKMxKHDxCoLH5IvWTbFEqfRD1r8AebiP+eT8fjI3V3J0Loqc6HUPAIpnu8i7fWEmFz7vNFFHERwBqjmITfcQoT4otksaDeNcbXs659DxD9+Xnr95PAz08UFA/6EKvKce0zELJoajB2Guh4MwO8Ti8RDgbQCw= ARC-Authentication-Results: i=1; server2.sourceware.org Received: by mail-wm1-x333.google.com with SMTP id 5b1f17b1804b1-4154d38ce9dso9275e9.0 for ; Tue, 09 Apr 2024 10:50:51 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20230601; t=1712685050; x=1713289850; darn=sourceware.org; h=content-transfer-encoding:cc:to:subject:message-id:date:from :in-reply-to:references:mime-version:from:to:cc:subject:date :message-id:reply-to; bh=s/EQKBuTrIKCGtK2nXErzMjIKGkRF1FuceY92OZQF0o=; b=17qOa3+LNg7aNnxaEipzwgA2+0jscCvuAWBW4MVwlRPu452xgHCAxGCsSmn2e94I0S khynDcU/mWNkitXkBMnesMpU+ZGOzGZLG14Rg3CUo/avhXlH8IerLv917W6Bh5Fb9Dwp v+Ftemgj1/ASkJDP2BGmaUQwlbesBirG0ZLsMjExU6tVvcc2DGbA53lxrPDX+k/1DmFE fBDDuJqKqn5iRYdlkx1DhOYEXL25AC5vAGQbrZhSh8F+jeJ2cM6e2TGWaOJLBCS+9KCF XQlSnBXADfokgK5pbHARYB0SRMHuivsIqlFwQJPfDPtK9NFzJW2i3dYgEgivqCz9fSQ+ Y+tg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1712685050; x=1713289850; h=content-transfer-encoding:cc:to:subject:message-id:date:from :in-reply-to:references:mime-version:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=s/EQKBuTrIKCGtK2nXErzMjIKGkRF1FuceY92OZQF0o=; b=rbeNUQ2abZySG0XU2NfbVH3vA8zYtUAC/j+kDeUeuA1gNUexSK0YOEQdIFuJCwChiy ngIle8rPpD6MmgNzhhqyqqNFi6c/CxyPyitfbV0f5jzEBFFI3kv5UOcGi6wORB4hAtRf Tiv8tvhRd3hcXj8ad1IxLkJuojl4JknSzCCtnpIV6ecX8//dzpEnSEGbCzBDBEhgNNhi 6Nsmq0doUjEbrh2XIz50e5sUB0JGsxX/x0mOpr8j2B261/9VRpejP3xD5QmbTGU7Vfzz Jhln2/XAV1v0Gi9SY8fX3mkeYou23ESJwywUMo6vKRHEaDH2Lw5jl+xN2+lk4RG9dMhn SeBA== X-Forwarded-Encrypted: i=1; AJvYcCX7szWwpU1Nakd/g6tt3htOdxFVxhtLUSU4oxawyjKppy5+hrjA8no8to6vKCBfgdD/KflHU1bS3Hlu6yZFMynqJwkNVgfENIZC X-Gm-Message-State: AOJu0YxNUpYGO8CWFsw47ZNezEVj6RkKxaSrT6EBgY7hfOaldXZIbFzb htCjcGEEMohcUUWNjeQJvo3jscIi4uYY5QhISZ4DMGp92I8Scv/xugJO4Pb2CYdUacUecxwNp6o Ym/yOxAZd9iQ98u1YQvTGanfxSYJRx9eB2KK5 X-Google-Smtp-Source: AGHT+IH2R+VIL9tSJstcXybHE/JdkKrKXoVBxL6mDsLiMM2UjqgTm3RaQbU1fbdKYlGcwivkcJ1uqGQE8h/m6ZWCXdk= X-Received: by 2002:a05:600c:a004:b0:416:bc07:a3c9 with SMTP id jg4-20020a05600ca00400b00416bc07a3c9mr6564wmb.6.1712685050273; Tue, 09 Apr 2024 10:50:50 -0700 (PDT) MIME-Version: 1.0 References: <20240405123550.1748641-1-adhemerval.zanella@linaro.org> In-Reply-To: From: Fangrui Song Date: Tue, 9 Apr 2024 10:50:38 -0700 Message-ID: Subject: Re: [PATCH] aarch64: Remove ld.so __tls_get_addr plt usage To: Adhemerval Zanella Netto Cc: Szabolcs Nagy , =?UTF-8?Q?Cristian_Rodr=C3=ADguez?= , "H.J. Lu" , Florian Weimer , libc-alpha@sourceware.org, Vitaly Buka , Fangrui Song , Evgenii Stepanov , Kostya Serebryany , Dmitry Vyukov Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable X-Spam-Status: No, score=-17.5 required=5.0 tests=BAYES_00,BODY_8BITS,DKIMWL_WL_MED,DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,ENV_AND_HDR_SPF_MATCH,KAM_INFOUSMEBIZ,RCVD_IN_DNSWL_NONE,SPF_HELO_NONE,SPF_PASS,TXREP,USER_IN_DEF_DKIM_WL,USER_IN_DEF_SPF_WL autolearn=no autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on server2.sourceware.org List-Id: On Tue, Apr 9, 2024 at 7:03=E2=80=AFAM Adhemerval Zanella Netto wrote: > > > > On 09/04/24 05:30, Szabolcs Nagy wrote: > > The 04/08/2024 13:57, Adhemerval Zanella Netto wrote: > >> On 08/04/24 04:26, Szabolcs Nagy wrote: > >>> The 04/07/2024 16:29, Cristian Rodr=C3=ADguez wrote: > >>>> On Fri, Apr 5, 2024 at 11:59=E2=80=AFAM Szabolcs Nagy wrote: > >>>>> The 04/05/2024 09:35, Adhemerval Zanella wrote: > >>>>>> Use the hidden alias instead. > >>>>>> > >>>>>> Checked on aarch64-linux-gnu. > >>>>> > >>>>> does this change behaviour in case __tls_get_addr is interposed? > >>>> > >>>> Wut ? is that really supported.. I mean.. isn't that symbol prefix > >>>> reserved for the implementation and any assumption about it is eithe= r > >>>> ID or UB? > >>> > >>> a behaviour can change even if it's not supported. > >>> i did not try to imply that it should be supported. > >>> > >>> i know sanitizers interpose __tls_get_addr, because > >>> https://sourceware.org/bugzilla/show_bug.cgi?id=3D16291 > >>> i don't know if that hack works at all now for tlsdesc > >>> (where the ld.so calls __tls_get_addr, not user code) > >>> > >>> my question was if we investigated this issue since it > >>> is useful to document then in the commit msg (or news > >>> entry if this affects users) > >> > >> This change 'breaks' the sanitizer trick to get the dynamic TLS, with > >> this patch I now see: > >> > >> MemorySanitizer-AARCH64 :: dtls_test.c > >> SanitizerCommon-asan-aarch64-Linux :: Linux/resize_tls_dynamic.cpp > >> SanitizerCommon-msan-aarch64-Linux :: Linux/resize_tls_dynamic.cpp > >> SanitizerCommon-tsan-aarch64-Linux :: Linux/resize_tls_dynamic.cpp > >> > >> And it does not fail on x86 only because it uses -mtls=3Dgnu as defaul= t > >> (the same tests fail on x86 with -mtls=3Dgnu2). > >> > >> Now that GCC and distributions are aiming to use GNU2/DESC as the > >> default TLS, this hack will also break on x86. So the question is > >> whether we revert 050f7298e1ecc39887c329037575ccd972071255 and > >> document that __tls_get_addr should be interposable, or move with this > >> change and try to come up with a possible solution for BZ#16291. > >> > >> I bringing this because we will have another two ABIs with tlsdesc > >> support (loongarch and riscv). Last time I analyzed the __tls_get_addr interceptor in sanitizers, I have made quite some notes at https://maskray.me/blog/2021-02-14-all-about-thread-local-storage#why-does-= compiler-rt-need-to-know-tls-blocks Yes, an interceptor is needed. > msan needs to do more than asan: the __tls_get_addr interceptor (DTLS_on_= tls_get_addr) detects new dynamic TLS blocks and unpoisons the shadow. ld.s= o calls a non-interposable memset to clear the blocks. Otherwise, if a dyna= mic TLS block reuses a previous allocation with poison, there may be false = positives. One way to semi reliably trigger this is (test/msan/dtls_test.cp= p https://github.com/google/sanitizers/issues/547): in a thread, write an uninitialized (poisoned) value to a dynamic TLS block destroy the thread create a new thread try making the new thread reuse the poisoned dynamic TLS block. Note: aarch64 uses TLSDESC by default and there is no interposable symbol. --- Current TLSDESC implementations not providing an interposable symbol is indeed an issue, but I haven't carefully analyzed it on an aarch64 machine. > > adding some sanitizer committers to cc. > > > > tl;dr: in the next glibc release tlsdesc will not call > > __tls_get_addr in an interposable way in the dynamic tls > > allocation case, unless somebody screems that this is needed. > > (affects targets that may default to tlsdesc, but note that > > the dynamic case only triggers with tlsdesc when a lot of > > dlopened tls is used, otherwise static tls area is used) > > Just a note that this already true for x86 with -mtls=3Dgnu2 since > 2.21. And now that distro are aiming to make it default, this issues > will happen more often. Yes. > > i think it is also possible that we will use custom malloc > > in ld.so which may be just as big change for the sanitizers. > > (this can make tls access signal safe) > > > > i'm not against the change, but if we plan to add several > > interposable hooks as in > > https://sourceware.org/glibc/wiki/ThreadPropertiesAPI > > then we might as well keep __tls_get_addr PLT for now. > > > > I don't have a strong opinion, but what I really want is to have > consistency over the architectures. Meaning that if we want to keep > the __tls_get_addr PLT for sanitizer/runtime hooks, it would be good > to revert the x86 change. > > It also means to document it properly somewhere and make the new > RISC-V and loongarch follow the same guidelines. > > I will take a look again on the ThreadPropertiesAPI, since it is has > been more and more a demanding issue. Thanks! --=20 =E5=AE=8B=E6=96=B9=E7=9D=BF