review.tizen.org Git - platform/upstream/llvm.git/commit

Fix qsort() interceptor for FreeBSD

When the FreeBSD qsort() implementation recurses, it does so using an
interposable function call, so we end up calling the interceptor again
and set the saved comparator to wrapped_qsort_compar. This results in an
infinite loop and a eventually a stack overflow since wrapped_qsort_compar
ends up calling itself. This means that ASAN is completely broken on
FreeBSD for programs that call qsort(). I found this while running
check-all on a FreeBSD system a ASAN-instrumented LLVM.

Fix this by checking whether we are recursing inside qsort before writing
to qsort_compar. The same bug exists in the qsort_r interceptor, so use the
same approach there. I did not test the latter since the qsort_r function
signature does not match and therefore it's not intercepted on FreeBSD/macOS.

Fixes https://llvm.org/PR46832

Reviewed By: eugenis

Differential Revision: https://reviews.llvm.org/D84509

author	Alex Richardson <Alexander.Richardson@cl.cam.ac.uk>
	Thu, 6 Aug 2020 07:53:04 +0000 (08:53 +0100)
committer	Alex Richardson <Alexander.Richardson@cl.cam.ac.uk>
	Thu, 6 Aug 2020 08:15:56 +0000 (09:15 +0100)
commit	8803ebcf3b562172687321318c423f39f22b2e5b
tree	1f5cbd86b37ce285ead9b78a9a74a5ae4b7c1fca	tree \| snapshot
parent	e150d2cab8688a2b3b7d395bfbbc152b08df9033	commit \| diff

compiler-rt/lib/sanitizer_common/sanitizer_common_interceptors.inc		diff \| blob \| history
compiler-rt/test/sanitizer_common/TestCases/Posix/recursion-in-qsort.cpp	[new file with mode: 0644]	blob