Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[vm/ffi] MSAN failure on handles #42314

Closed
dcharkes opened this issue Jun 12, 2020 · 1 comment
Closed

[vm/ffi] MSAN failure on handles #42314

dcharkes opened this issue Jun 12, 2020 · 1 comment
Assignees
@dcharkes
Labels
area-vm Use area-vm for VM related issues, including code coverage, and the AOT and JIT backends. library-ffi

Comments

@dcharkes
Copy link
Contributor 

/=======================================================================\
| ffi_2/vmspecific_handle_test is new and failed (Crash, expected Pass) |
\=======================================================================/

--- Command "vm" (took 11.000154s):
DART_CONFIGURATION=ReleaseMSANX64 out/ReleaseMSANX64/dart --enable-testing-pragmas --ignore-unrecognized-flags --packages=/b/s/w/ir/cache/builder/sdk/.packages /b/s/w/ir/cache/builder/sdk/tests/ffi_2/vmspecific_handle_test.dart

exit code:
-6

stdout:
testHandle
passObjectToC(Instance of 'SomeClass')
result = Instance of 'SomeClass'
HandleReadFieldValue
testClosureCallback Pointer<NativeFunction<(Handle) => Void>>: address=0x7f84c24c2000
ClosureCallbackThroughHandle 0x7f84c24c2000 0x71e000003018
doClosureCallback
() => void
Closure: () => void from Function 'increaseCounter': static.
increaseCounter
ClosureCallbackThroughHandle 0x7f84c24c2000 0x71e00004f818
doClosureCallback
() => void
Closure: () => void from Function 'increaseCounter': static.
increaseCounter
testReturnHandleInCallback
ReturnHandleInCallback 0x7f84c24c200a
returnHandleCallback returning Instance of 'SomeClass'
HandleReadFieldValue
Dart_PropagateError(field_value)
testCallbackReturnException
ReturnHandleInCallback 0x7f84c24c2014
exceptionHandleCallback throwing (Exception: exceptionHandleCallback exception)
callback() returned an error, propagating error
caught (Exception: exceptionHandleCallback exception)
testDeepException
ReturnHandleInCallback 0x7f84c24c201e
callCAgainFromCallback
HandleReadFieldValue
Dart_PropagateError(field_value)
testDeepException2
ReturnHandleInCallback 0x7f84c24c2028
callCAgainFromCallback2
HandleReadFieldValue
Dart_PropagateError(field_value)
callback() returned an error, propagating error
testNull
ReturnHandleInCallback 0x7f84c24c2032
returnHandleCallback returning null
HandleRecursion 1
callback
recurseAbove0(0)
throwing

stderr:
==19168==WARNING: MemorySanitizer: use-of-uninitialized-value
    #0 0x561620b32968 in dart::Api::ClassId(_Dart_Handle*) ../../out/ReleaseMSANX64/../../runtime/vm/dart_api_impl.h:228:9
    #1 0x561620b32968 in dart::Api::IsError(_Dart_Handle*) ../../out/ReleaseMSANX64/../../runtime/vm/dart_api_impl.h:223:27
    #2 0x561620b32968 in Dart_IsError ../../out/ReleaseMSANX64/../../runtime/vm/dart_api_impl.cc:729:10
    #3 0x7f84b6d338ea in HandleRecursion ../../out/ReleaseMSANX64/../../runtime/bin/ffi_test/ffi_test_functions_vmspecific.cc:882:7

SUMMARY: MemorySanitizer: use-of-uninitialized-value ../../out/ReleaseMSANX64/../../runtime/vm/dart_api_impl.h:228:9 in dart::Api::ClassId(_Dart_Handle*)
Exiting

--- Re-run this test:
python tools/test.py -n dartk-msan-linux-release-x64 ffi_2/vmspecific_handle_test

https://logs.chromium.org/logs/dart/buildbucket/cr-buildbucket.appspot.com/8877698707636655312/+/steps/test_results/0/logs/new_test_failures__logs_/0

Cause: https://dart-review.googlesource.com/c/sdk/+/145591
@dcharkes dcharkes added area-vm Use area-vm for VM related issues, including code coverage, and the AOT and JIT backends. library-ffi labels Jun 12, 2020
@dcharkes dcharkes self-assigned this Jun 12, 2020
@dcharkes
Copy link
Contributor Author

This has to do with poisoning and unpoisoning of the stack when doing FFI calls in which parts of the memory of the stack is sometimes Dart stack and sometimes C stack (see this discussion). The cleanest solution would be to call the MSAN unpoison hooks from the FFI transition/pointer code when the VM is built with MSAN.

dart-bot pushed a commit that referenced this issue Jun 17, 2020
@dcharkes
[test/ffi] Disable handles test on msan
8e2fa30 
Properly running msan on this test would require us to emit
msan_unpoison and msan_poison calls in the ffi trampolines to mark
explicitly what we are doing with the stack during ffi calls.

Issue: #42314

Also, this CL unifies the two status files a bit more.

Change-Id: I3a234b9c6dc430883a2d224b9ed3d7d48f4f678a
Reviewed-on: https://dart-review.googlesource.com/c/sdk/+/151399
Reviewed-by: Tess Strickland <sstrickl@google.com>
Commit-Queue: Daco Harkes <dacoharkes@google.com>
copybara-service bot pushed a commit that referenced this issue Sep 23, 2022
@rmacnak-google
[vm, compiler] Inform MSan about parameters coming from FFI.
cba1a09 
 - Mark the outgoing arguments stack area as initialized.
 - Mark the trampoline's incoming parameter slots as initialized in case they are used as local handles.
 - Mark the outgoing register arguments as initialized.

TEST=msan
Bug: #42314
Bug: #49298
Bug: #49957
Change-Id: Ifa978e1b905a424ec9f64b89879cea6e82f70d12
Reviewed-on: https://dart-review.googlesource.com/c/sdk/+/259102
Reviewed-by: Daco Harkes <dacoharkes@google.com>
Commit-Queue: Ryan Macnak <rmacnak@google.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@dcharkes dcharkes

Labels
area-vm Use area-vm for VM related issues, including code coverage, and the AOT and JIT backends. library-ffi
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@dcharkes @rmacnak-google