reduce reproducer size

Author: wangbj

Makefile

@@ -1,6 +1,6 @@
-CC	 = gcc
+CC	 = clang
 
-CFLAGS	 = -g -O2 -Wall -fPIC -D_GNU_SOURCE=1
+CFLAGS	 = -g -O1 -Wall -fPIC -D_GNU_SOURCE=1 -fstack-protector-strong
 
 all: libpreload.so libdlns.so run app app-standalone
 
@@ -11,7 +11,7 @@ libdlns.so: dlns.c
 	$(CC) -o $@ $< $(CFLAGS) -shared -ldl -lpthread -Wl,-soname=dlns,-as-needed
 
 run: run.c
-	$(CC) -o $@ $^ $(CFLAGS) 
+	$(CC) -o $@ $^ $(CFLAGS)
 
 app: app.c
 	$(CC) -o $@ $^ $(CFLAGS) -DWITH_DLNS -pthread

app.c

@@ -1,213 +1,34 @@
 #include <sys/types.h>
-#include <sys/stat.h>
-#include <fcntl.h>
 #include <unistd.h>
 #include <stdlib.h>
 #include <string.h>
 #include <stdio.h>
-#include <errno.h>
 #include <pthread.h>
-#include <elf.h>
 #include <assert.h>
+#include <signal.h>
+#include <time.h>
 
-typedef int (*getpid_pfn)(void);
-struct thread_params {
-  long thread_id;
-  getpid_pfn getpid;
-};
-
-#ifdef WITH_DLNS
-static int ended_with(const char* s, const char* pattern) {
-  int n = strlen(pattern);
-  int m = strlen(s);
-
-  if (n > m) return 0;
-
-  int j = m - 1;
-  int k = n - 1;
-
-  while (k >= 0) {
-    if(pattern[k--] != s[j--]) {
-      return 0;
-    }
-  }
-  return 1;
-}
-
-static unsigned long resolve(int fd, unsigned long dlstart, const char* sym_name) {
-  unsigned long off = 0;
-
-  Elf64_Ehdr ehdr;
-  Elf64_Phdr phdr;
-  Elf64_Phdr* dynamic = NULL;
-
-  assert(pread(fd, &ehdr, sizeof(ehdr), off) == sizeof(ehdr));
-
-  off += ehdr.e_phoff;
-  for (int i = 0; i < ehdr.e_phnum; i++) {
-    assert(pread(fd, &phdr, sizeof(phdr), off) == sizeof(phdr));
-    off += sizeof(phdr);
-    if (phdr.p_type == PT_DYNAMIC) {
-      dynamic = &phdr;
-      break;
-    }
-  }
-
-  if (!dynamic) {
-    fprintf(stderr, "found no dynamic segment");
-    return -1;
-  }
-
-  unsigned long dyn[64] = {0,};
-  unsigned long* ptr = (unsigned long*)(dynamic->p_vaddr + dlstart);
-
-  while(*ptr) {
-    if (ptr[0] < 64)
-      dyn[ptr[0]] = ptr[1];
-    ptr += 2;
-  }
-
-  const char* strtab = (const char*)dyn[DT_STRTAB];
-  if (!strtab) {
-    fprintf(stderr, "found no strtab");
-    return -1;
-  }
-
-  Elf64_Sym* symtab = (Elf64_Sym*)dyn[DT_SYMTAB];
-  if (!symtab) {
-    fprintf(stderr, "found no symtab");
-    return -1;
-  }
-
-  unsigned long symtab_nb = 1 + dynamic->p_memsz / sizeof(void*);
-
-  for (int i = 0; i < symtab_nb; i++) {
-    const char* name = (const char*)&strtab[symtab[i].st_name];
-    if (!strcmp(name, sym_name)) {
-      return symtab[i].st_value + dlstart;
-    }
-  }
-
-  return -1;
-}
-
-unsigned long symbol_resolve(const char* dso, const char* sym) {
-  int fd;
-  char* buffer;
-
-  unsigned long sym_addr = -1;
-
-  fd = open("/proc/self/maps", O_RDONLY);
-  assert(fd >= 0);
-
-  buffer = calloc(1, 8192);
-  assert(buffer);
-
-  ssize_t n = read(fd, buffer, 8192);
-  assert(n > 0);
-
-  char* next = buffer;
-  char* dso_fullname = NULL;
-  int found_dlns_dso = 0;
-  unsigned long dlstart, dlend;
-
-  while(1) {
-    char* curr = strsep(&next, "\n");
-    if (!curr) break;
-
-    char* words = curr;
-    char* endptr = NULL;
-    dlstart = strtoul(curr, &endptr, 16);
-    dlend   = strtoul(1 + endptr, &words, 16);
-    words += 1;
-    while(1) {
-      while(words && (words[0] == ' ' || words[0] == '\t'))
-	++words;
-      char* wp = strsep(&words, " \t");
-      if (!wp) break;
-      if (ended_with(wp, dso)) {
-	dso_fullname = wp;
-	found_dlns_dso = 1;
-	goto found;
-      }
-    }
-  }
-
- found:
-  close(fd);
-  
-  if (found_dlns_dso) {
-    printf("found %s loaded at %lx-%lx\n", dso_fullname, dlstart, dlend);
-    fd = open(dso_fullname, O_RDONLY);
-    assert(fd >= 0);
-    sym_addr = resolve(fd, dlstart, sym);
-  }
-  return sym_addr;
+static void handle_sigalrm(int sig) {
 }
 
-static getpid_pfn resolved_local_getpid = (getpid_pfn)-1;
-static pthread_once_t resolve_getpid_once = PTHREAD_ONCE_INIT;
-static void resolve_local_getpid(void) {
-  resolved_local_getpid = (getpid_pfn)symbol_resolve("libdlns.so", "local_getpid");
-}
-static int local_getpid_real(void) {
-  pthread_once(&resolve_getpid_once, resolve_local_getpid);
-  if (resolved_local_getpid != (getpid_pfn)-1) {
-    return resolved_local_getpid();
-  }
-  return 0;
-}
-
-#else
-extern int local_getpid(void);
-static int local_getpid_real(void) {
-  return local_getpid();
-}
-#endif
-
-void* threadfn(void* param) {
-
-  struct thread_params* tp = (struct thread_params*)param;
-
-  pthread_key_t pkey;
-  unsigned long *data = malloc(sizeof(unsigned long));
-  assert(data);
-
-  *data = 0x1234;
-
-  pthread_key_create(&pkey, free);
-  pthread_setspecific(pkey, data);
-  
-  fprintf(stderr, "#%lu local_getpid addr = %p\n", tp->thread_id, tp->getpid);
-
-  if (tp->getpid != (getpid_pfn)-1UL) {
-    printf("#%lu local_getpid: %u\n", tp->thread_id, tp->getpid());
-    printf("#%lu local_getpid: %u\n", tp->thread_id, tp->getpid());
-  }
-
-  printf("#%lu my own tls: %lx\n", tp->thread_id, *(unsigned long*)pthread_getspecific(pkey));
-
-  return 0;
+void* thread_fn(void* param) {
+  signal(SIGALRM, handle_sigalrm);
+  printf("pause = %d\n", pause());
+  return NULL;
 }
 
 int main(int argc, char* argv[]) {
-  pthread_t threads[4];
+  pthread_t thread;
+
+  pthread_create(&thread, NULL, thread_fn, NULL);
 
-  getpid_pfn getpid = (getpid_pfn)local_getpid_real;
-  struct thread_params params[] = {
-    {0, getpid},
-    {1, getpid},
-    {2, getpid},
-    {3, getpid},
-  };
-  
-  for (int i = 0; i < 4; i++) {
-    assert(pthread_create(&threads[i], NULL, threadfn, &params[i]) == 0);
-  }
+  struct timespec ts = {1, 0};
+  // NB: this could be racy because no guarantee
+  // `thread' called pause already
+  nanosleep(&ts, NULL);
+  pthread_kill(thread, SIGALRM);
 
-  for (int i = 0; i < 4; i++) {
-    pthread_join(threads[i], NULL);
-  }
+  pthread_join(thread, NULL);
 
   return 0;
 }

dlns.c

@@ -11,36 +11,33 @@
 #include <elf.h>
 #include <assert.h>
 
-static pthread_key_t local_pkey = -1;
+pthread_key_t local_pkey;
 
-static int gettid(void) {
-  return syscall(SYS_gettid);
-}
-
-static void pkey_destroy(void* p)
-{
-  fprintf(stderr, "%u called %s\n", gettid(), __func__);
+static __attribute__((noinline)) void pkey_destroy(void* p) {
+  fprintf(stderr, "called %s\n", __func__);
   free(p);
 }
 
-int local_getpid(void) {
+int pause(void) {
+  fprintf(stderr, "called pause from dlns\n");
+
+  unsigned long* p = calloc(2, sizeof(long));
+
+  printf("calloc symbol resolved to %p\n", calloc);
+  printf("call calloc returned %p\n", p);
 
-  if (pthread_getspecific(local_pkey) == NULL) {
-    unsigned long* data = malloc(sizeof(unsigned long));
-    assert(data);
-    pthread_setspecific(local_pkey, data);
-    *data = gettid();
-  }
+  p[0] = 0x1234;
+  p[1] = 0x5678;
 
-  unsigned long* cached = pthread_getspecific(local_pkey);
-  assert(cached);
-  return *cached;
+  printf("free resolved to %p\n", free);
+
+  pthread_key_create(&local_pkey, pkey_destroy);
+  pthread_setspecific(local_pkey, p);
+
+  return syscall(SYS_pause);
 }
 
 __attribute__((constructor)) int dlns_init(void) {
   fprintf(stderr, "dlns_init\n");
-
-  assert(pthread_key_create(&local_pkey, pkey_destroy) == 0);  
-
   return 0;
 }

preload.c

@@ -1,12 +1,16 @@
 /**
  * a mini-loader to load dso into new linker namespace
  */
-
+#include <sys/types.h>
+#include <sys/sysinfo.h>
+#include <sys/mman.h>
 #include <link.h>
 #include <stdlib.h>
 #include <dlfcn.h>
 #include <stdio.h>
 #include <assert.h>
+#include <errno.h>
+#include <string.h>
 
 static void dump_link_map(struct link_map* map) {
   struct link_map* curr = map;
@@ -18,6 +22,21 @@ static void dump_link_map(struct link_map* map) {
   }
 }
 
+static void* dlns_handle;
+
+typedef int (*pause_pfn)(void);
+
+// exposed LD_PRELOAD
+int pause(void) {
+  fprintf(stderr, "called pause.\n");
+
+  // call pause from new the lmid
+  pause_pfn dlns_pause = dlsym(dlns_handle, "pause");
+  assert(dlns_pause);
+
+  return dlns_pause();
+}
+
 __attribute__((constructor)) int dl_start(void)
 {
   char* dso = secure_getenv("DLNS");
@@ -27,13 +46,15 @@ __attribute__((constructor)) int dl_start(void)
   }
 
   fprintf(stderr, "open %s\n", dso);
-  void* link_map = dlmopen(LM_ID_NEWLM, dso, RTLD_NOW | RTLD_LOCAL);
+  void* link_map = dlmopen(LM_ID_NEWLM, dso, RTLD_LAZY | RTLD_LOCAL);
   if (!link_map) {
     fprintf(stderr, "dlmopen %s failed: %s\n", dso, dlerror());
     return -1;
   }
 
   dump_link_map(link_map);
 
+  dlns_handle = (void*)link_map;
+
   return 0;
 }